-/* $OpenBSD: aes_core.c,v 1.13 2015/11/05 21:59:13 miod Exp $ */
+/* $OpenBSD: aes_core.c,v 1.14 2022/11/26 16:08:50 tb Exp $ */
/**
* rijndael-alg-fst.c
*
#include <stdlib.h>
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include "aes_local.h"
#ifndef AES_ASM
/*
-/* $OpenBSD: aes_ecb.c,v 1.6 2015/02/10 09:46:30 miod Exp $ */
+/* $OpenBSD: aes_ecb.c,v 1.7 2022/11/26 16:08:50 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
#endif
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include "aes_local.h"
void
AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
-/* $OpenBSD: aes_ige.c,v 1.8 2022/01/22 00:43:41 inoguchi Exp $ */
+/* $OpenBSD: aes_ige.c,v 1.9 2022/11/26 16:08:50 tb Exp $ */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
#include <openssl/aes.h>
#include <openssl/crypto.h>
-#include "aes_locl.h"
+#include "aes_local.h"
#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
typedef struct {
--- /dev/null
+/* $OpenBSD: aes_local.h,v 1.1 2022/11/26 16:08:50 tb Exp $ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_AES_LOCL_H
+#define HEADER_AES_LOCL_H
+
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_NO_AES
+#error AES is disabled.
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+__BEGIN_HIDDEN_DECLS
+
+#define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]))
+#define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
+
+typedef unsigned int u32;
+typedef unsigned short u16;
+typedef unsigned char u8;
+
+#define MAXKC (256/32)
+#define MAXKB (256/8)
+#define MAXNR 14
+
+/* This controls loop-unrolling in aes_core.c */
+#undef FULL_UNROLL
+
+__END_HIDDEN_DECLS
+
+#endif /* !HEADER_AES_LOCL_H */
+++ /dev/null
-/* $OpenBSD: aes_locl.h,v 1.11 2016/12/21 15:49:29 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_AES_LOCL_H
-#define HEADER_AES_LOCL_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_AES
-#error AES is disabled.
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-__BEGIN_HIDDEN_DECLS
-
-#define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3]))
-#define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); }
-
-typedef unsigned int u32;
-typedef unsigned short u16;
-typedef unsigned char u8;
-
-#define MAXKC (256/32)
-#define MAXKB (256/8)
-#define MAXNR 14
-
-/* This controls loop-unrolling in aes_core.c */
-#undef FULL_UNROLL
-
-__END_HIDDEN_DECLS
-
-#endif /* !HEADER_AES_LOCL_H */
-/* $OpenBSD: aes_misc.c,v 1.10 2014/07/09 11:10:50 bcook Exp $ */
+/* $OpenBSD: aes_misc.c,v 1.11 2022/11/26 16:08:50 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include "aes_local.h"
const char *
AES_options(void)
-/* $OpenBSD: aes_x86core.c,v 1.9 2018/04/03 21:59:37 tb Exp $ */
+/* $OpenBSD: aes_x86core.c,v 1.10 2022/11/26 16:08:50 tb Exp $ */
/**
* rijndael-alg-fst.c
*
#include <stdlib.h>
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include "aes_local.h"
/*
* These two parameters control which table, 256-byte or 2KB, is
-/* $OpenBSD: a_enum.c,v 1.27 2022/09/03 18:45:51 jsing Exp $ */
+/* $OpenBSD: a_enum.c,v 1.28 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/buffer.h>
#include <openssl/err.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#include "bytestring.h"
/*
-/* $OpenBSD: a_mbstr.c,v 1.24 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: a_mbstr.c,v 1.25 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/asn1.h>
#include <openssl/err.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
static int traverse_string(const unsigned char *p, int len, int inform,
int (*rfunc)(unsigned long value, void *in), void *arg);
-/* $OpenBSD: a_object.c,v 1.48 2022/05/13 16:32:10 tb Exp $ */
+/* $OpenBSD: a_object.c,v 1.49 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/buffer.h>
#include <openssl/objects.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
const ASN1_ITEM ASN1_OBJECT_it = {
.itype = ASN1_ITYPE_PRIMITIVE,
-/* $OpenBSD: a_pkey.c,v 1.3 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: a_pkey.c,v 1.4 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/engine.h>
#endif
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
EVP_PKEY *
d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length)
-/* $OpenBSD: a_pubkey.c,v 1.3 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: a_pubkey.c,v 1.4 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
EVP_PKEY *
d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, long length)
-/* $OpenBSD: a_strex.c,v 1.31 2021/12/25 12:11:57 jsing Exp $ */
+/* $OpenBSD: a_strex.c,v 1.32 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <openssl/crypto.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#include "charmap.h"
-/* $OpenBSD: a_string.c,v 1.11 2022/05/20 08:04:21 tb Exp $ */
+/* $OpenBSD: a_string.c,v 1.12 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/asn1.h>
#include <openssl/err.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
ASN1_STRING *
ASN1_STRING_new(void)
-/* $OpenBSD: a_time.c,v 1.35 2022/11/08 12:56:00 beck Exp $ */
+/* $OpenBSD: a_time.c,v 1.36 2022/11/26 16:08:50 tb Exp $ */
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
*
#include <openssl/asn1t.h>
#include <openssl/err.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
const ASN1_ITEM ASN1_TIME_it = {
.itype = ASN1_ITYPE_MSTRING,
-/* $OpenBSD: a_time_tm.c,v 1.26 2022/11/22 21:23:16 tb Exp $ */
+/* $OpenBSD: a_time_tm.c,v 1.27 2022/11/26 16:08:50 tb Exp $ */
/*
* Copyright (c) 2015 Bob Beck <beck@openbsd.org>
*
#include <openssl/err.h>
#include "bytestring.h"
-#include "asn1_locl.h"
+#include "asn1_local.h"
#define RFC5280 0
#define GENTIME_LENGTH 15
-/* $OpenBSD: a_utf8.c,v 1.8 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: a_utf8.c,v 1.9 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/asn1.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
/* UTF8 utilities */
-/* $OpenBSD: ameth_lib.c,v 1.29 2022/11/10 16:37:51 jsing Exp $ */
+/* $OpenBSD: ameth_lib.c,v 1.30 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/engine.h>
#endif
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
-/* $OpenBSD: asn1_gen.c,v 1.19 2022/05/24 19:56:13 tb Exp $ */
+/* $OpenBSD: asn1_gen.c,v 1.20 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2002.
*/
#include <openssl/err.h>
#include <openssl/x509v3.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#define ASN1_GEN_FLAG 0x10000
#define ASN1_GEN_FLAG_IMP (ASN1_GEN_FLAG|1)
-/* $OpenBSD: asn1_item.c,v 1.5 2022/05/24 20:20:19 tb Exp $ */
+/* $OpenBSD: asn1_item.c,v 1.6 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
/*
* ASN1_ITEM version of dup: this follows the model above except we don't need
--- /dev/null
+/* $OpenBSD: asn1_local.h,v 1.1 2022/11/26 16:08:50 tb Exp $ */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "bytestring.h"
+
+__BEGIN_HIDDEN_DECLS
+
+/* Internal ASN1 structures and functions: not for application use */
+
+ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t);
+void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
+
+/* These are used internally in the ASN1_OBJECT to keep track of
+ * whether the names and data need to be free()ed */
+#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */
+#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */
+#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */
+#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */
+struct asn1_object_st {
+ const char *sn, *ln;
+ int nid;
+ int length;
+ const unsigned char *data; /* data remains const after init */
+ int flags; /* Should we free this one */
+} /* ASN1_OBJECT */;
+
+/* ASN1 print context structure */
+
+struct asn1_pctx_st {
+ unsigned long flags;
+ unsigned long nm_flags;
+ unsigned long cert_flags;
+ unsigned long oid_flags;
+ unsigned long str_flags;
+} /* ASN1_PCTX */;
+
+/* ASN1 public key method structure */
+
+struct evp_pkey_asn1_method_st {
+ int pkey_id;
+ int pkey_base_id;
+ unsigned long pkey_flags;
+
+ char *pem_str;
+ char *info;
+
+ int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub);
+ int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk);
+ int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *pctx);
+
+ int (*priv_decode)(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
+ int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+ int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *pctx);
+
+ int (*pkey_size)(const EVP_PKEY *pk);
+ int (*pkey_bits)(const EVP_PKEY *pk);
+ int (*pkey_security_bits)(const EVP_PKEY *pk);
+
+ int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder,
+ int derlen);
+ int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder);
+ int (*param_missing)(const EVP_PKEY *pk);
+ int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from);
+ int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
+ int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
+ ASN1_PCTX *pctx);
+ int (*sig_print)(BIO *out, const X509_ALGOR *sigalg,
+ const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx);
+
+ void (*pkey_free)(EVP_PKEY *pkey);
+ int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2);
+
+ /* Legacy functions for old PEM */
+
+ int (*old_priv_decode)(EVP_PKEY *pkey, const unsigned char **pder,
+ int derlen);
+ int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder);
+ /* Custom ASN1 signature verification */
+ int (*item_verify)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+ X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+ int (*item_sign)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+ X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig);
+
+ int (*pkey_check)(const EVP_PKEY *pk);
+ int (*pkey_public_check)(const EVP_PKEY *pk);
+ int (*pkey_param_check)(const EVP_PKEY *pk);
+
+ int (*set_priv_key)(EVP_PKEY *pk, const unsigned char *private_key,
+ size_t len);
+ int (*set_pub_key)(EVP_PKEY *pk, const unsigned char *public_key,
+ size_t len);
+ int (*get_priv_key)(const EVP_PKEY *pk, unsigned char *out_private_key,
+ size_t *out_len);
+ int (*get_pub_key)(const EVP_PKEY *pk, unsigned char *out_public_key,
+ size_t *out_len);
+} /* EVP_PKEY_ASN1_METHOD */;
+
+/* Method to handle CRL access.
+ * In general a CRL could be very large (several Mb) and can consume large
+ * amounts of resources if stored in memory by multiple processes.
+ * This method allows general CRL operations to be redirected to more
+ * efficient callbacks: for example a CRL entry database.
+ */
+
+#define X509_CRL_METHOD_DYNAMIC 1
+
+struct x509_crl_method_st {
+ int flags;
+ int (*crl_init)(X509_CRL *crl);
+ int (*crl_free)(X509_CRL *crl);
+ int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
+ ASN1_INTEGER *ser, X509_NAME *issuer);
+ int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk);
+};
+
+int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
+int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
+
+ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+
+const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr);
+
+int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
+
+void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
+void asn1_enc_cleanup(ASN1_VALUE **pval, const ASN1_ITEM *it);
+int asn1_enc_save(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it);
+int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+int i2d_ASN1_BOOLEAN(int a, unsigned char **pp);
+int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length);
+
+/*
+ * Unicode codepoint constants
+ */
+#define UNICODE_MAX 0x10FFFF
+#define UNICODE_SURROGATE_MIN 0x00D800
+#define UNICODE_SURROGATE_MAX 0x00DFFF
+
+#define UNICODE_IS_SURROGATE(x) \
+ ((x) >= UNICODE_SURROGATE_MIN && (x) <= UNICODE_SURROGATE_MAX)
+
+int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
+int UTF8_putc(unsigned char *str, int len, unsigned long value);
+
+int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
+
+int asn1_get_identifier_cbs(CBS *cbs, int der_mode, uint8_t *out_class,
+ int *out_constructed, uint32_t *out_tag_number);
+int asn1_get_length_cbs(CBS *cbs, int der_mode, int *out_indefinite,
+ size_t *out_length);
+int asn1_get_object_cbs(CBS *cbs, int der_mode, uint8_t *out_class,
+ int *out_constructed, uint32_t *out_tag_number, int *out_indefinite,
+ size_t *out_length);
+int asn1_get_primitive(CBS *cbs, int der_mode, uint32_t *out_tag_number,
+ CBS *out_content);
+
+int asn1_must_be_constructed(int tag);
+int asn1_must_be_primitive(int tag);
+int asn1_tag2charwidth(int tag);
+
+int asn1_abs_set_unused_bits(ASN1_BIT_STRING *abs, uint8_t unused_bits);
+int c2i_ASN1_BIT_STRING_cbs(ASN1_BIT_STRING **out_abs, CBS *cbs);
+
+int c2i_ASN1_ENUMERATED_cbs(ASN1_ENUMERATED **out_aenum, CBS *cbs);
+
+int asn1_aint_get_uint64(CBS *cbs, uint64_t *out_val);
+int asn1_aint_set_uint64(uint64_t val, uint8_t **out_data, int *out_len);
+int asn1_aint_get_int64(CBS *cbs, int negative, int64_t *out_val);
+int c2i_ASN1_INTEGER_cbs(ASN1_INTEGER **out_aint, CBS *cbs);
+
+int c2i_ASN1_OBJECT_cbs(ASN1_OBJECT **out_aobj, CBS *content);
+int i2t_ASN1_OBJECT_internal(const ASN1_OBJECT *aobj, char *buf, int buf_len,
+ int no_name);
+ASN1_OBJECT *t2i_ASN1_OBJECT_internal(const char *oid);
+
+int asn1_time_parse_cbs(const CBS *cbs, int is_gentime, struct tm *out_tm);
+
+ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
+ long length);
+int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp);
+ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
+ const unsigned char **pp, long length);
+int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp);
+ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
+ long length);
+int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
+int OPENSSL_gmtime_diff(int *pday, int *psec, const struct tm *from,
+ const struct tm *to);
+int asn1_time_time_t_to_tm(const time_t *time, struct tm *out_tm);
+int asn1_time_tm_to_time_t(const struct tm *tm, time_t *out);
+
+__END_HIDDEN_DECLS
+++ /dev/null
-/* $OpenBSD: asn1_locl.h,v 1.41 2022/11/10 14:46:44 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "bytestring.h"
-
-__BEGIN_HIDDEN_DECLS
-
-/* Internal ASN1 structures and functions: not for application use */
-
-ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t);
-void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
-
-/* These are used internally in the ASN1_OBJECT to keep track of
- * whether the names and data need to be free()ed */
-#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */
-#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */
-#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */
-#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */
-struct asn1_object_st {
- const char *sn, *ln;
- int nid;
- int length;
- const unsigned char *data; /* data remains const after init */
- int flags; /* Should we free this one */
-} /* ASN1_OBJECT */;
-
-/* ASN1 print context structure */
-
-struct asn1_pctx_st {
- unsigned long flags;
- unsigned long nm_flags;
- unsigned long cert_flags;
- unsigned long oid_flags;
- unsigned long str_flags;
-} /* ASN1_PCTX */;
-
-/* ASN1 public key method structure */
-
-struct evp_pkey_asn1_method_st {
- int pkey_id;
- int pkey_base_id;
- unsigned long pkey_flags;
-
- char *pem_str;
- char *info;
-
- int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub);
- int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk);
- int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
- int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx);
-
- int (*priv_decode)(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
- int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
- int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx);
-
- int (*pkey_size)(const EVP_PKEY *pk);
- int (*pkey_bits)(const EVP_PKEY *pk);
- int (*pkey_security_bits)(const EVP_PKEY *pk);
-
- int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder,
- int derlen);
- int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder);
- int (*param_missing)(const EVP_PKEY *pk);
- int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from);
- int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
- int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx);
- int (*sig_print)(BIO *out, const X509_ALGOR *sigalg,
- const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx);
-
- void (*pkey_free)(EVP_PKEY *pkey);
- int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2);
-
- /* Legacy functions for old PEM */
-
- int (*old_priv_decode)(EVP_PKEY *pkey, const unsigned char **pder,
- int derlen);
- int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder);
- /* Custom ASN1 signature verification */
- int (*item_verify)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
- X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
- int (*item_sign)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
- X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig);
-
- int (*pkey_check)(const EVP_PKEY *pk);
- int (*pkey_public_check)(const EVP_PKEY *pk);
- int (*pkey_param_check)(const EVP_PKEY *pk);
-
- int (*set_priv_key)(EVP_PKEY *pk, const unsigned char *private_key,
- size_t len);
- int (*set_pub_key)(EVP_PKEY *pk, const unsigned char *public_key,
- size_t len);
- int (*get_priv_key)(const EVP_PKEY *pk, unsigned char *out_private_key,
- size_t *out_len);
- int (*get_pub_key)(const EVP_PKEY *pk, unsigned char *out_public_key,
- size_t *out_len);
-} /* EVP_PKEY_ASN1_METHOD */;
-
-/* Method to handle CRL access.
- * In general a CRL could be very large (several Mb) and can consume large
- * amounts of resources if stored in memory by multiple processes.
- * This method allows general CRL operations to be redirected to more
- * efficient callbacks: for example a CRL entry database.
- */
-
-#define X509_CRL_METHOD_DYNAMIC 1
-
-struct x509_crl_method_st {
- int flags;
- int (*crl_init)(X509_CRL *crl);
- int (*crl_free)(X509_CRL *crl);
- int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
- ASN1_INTEGER *ser, X509_NAME *issuer);
- int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk);
-};
-
-int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
-
-ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-
-const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr);
-
-int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
-
-void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
-void asn1_enc_cleanup(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_enc_save(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it);
-int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-int i2d_ASN1_BOOLEAN(int a, unsigned char **pp);
-int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length);
-
-/*
- * Unicode codepoint constants
- */
-#define UNICODE_MAX 0x10FFFF
-#define UNICODE_SURROGATE_MIN 0x00D800
-#define UNICODE_SURROGATE_MAX 0x00DFFF
-
-#define UNICODE_IS_SURROGATE(x) \
- ((x) >= UNICODE_SURROGATE_MIN && (x) <= UNICODE_SURROGATE_MAX)
-
-int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
-int UTF8_putc(unsigned char *str, int len, unsigned long value);
-
-int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
-
-int asn1_get_identifier_cbs(CBS *cbs, int der_mode, uint8_t *out_class,
- int *out_constructed, uint32_t *out_tag_number);
-int asn1_get_length_cbs(CBS *cbs, int der_mode, int *out_indefinite,
- size_t *out_length);
-int asn1_get_object_cbs(CBS *cbs, int der_mode, uint8_t *out_class,
- int *out_constructed, uint32_t *out_tag_number, int *out_indefinite,
- size_t *out_length);
-int asn1_get_primitive(CBS *cbs, int der_mode, uint32_t *out_tag_number,
- CBS *out_content);
-
-int asn1_must_be_constructed(int tag);
-int asn1_must_be_primitive(int tag);
-int asn1_tag2charwidth(int tag);
-
-int asn1_abs_set_unused_bits(ASN1_BIT_STRING *abs, uint8_t unused_bits);
-int c2i_ASN1_BIT_STRING_cbs(ASN1_BIT_STRING **out_abs, CBS *cbs);
-
-int c2i_ASN1_ENUMERATED_cbs(ASN1_ENUMERATED **out_aenum, CBS *cbs);
-
-int asn1_aint_get_uint64(CBS *cbs, uint64_t *out_val);
-int asn1_aint_set_uint64(uint64_t val, uint8_t **out_data, int *out_len);
-int asn1_aint_get_int64(CBS *cbs, int negative, int64_t *out_val);
-int c2i_ASN1_INTEGER_cbs(ASN1_INTEGER **out_aint, CBS *cbs);
-
-int c2i_ASN1_OBJECT_cbs(ASN1_OBJECT **out_aobj, CBS *content);
-int i2t_ASN1_OBJECT_internal(const ASN1_OBJECT *aobj, char *buf, int buf_len,
- int no_name);
-ASN1_OBJECT *t2i_ASN1_OBJECT_internal(const char *oid);
-
-int asn1_time_parse_cbs(const CBS *cbs, int is_gentime, struct tm *out_tm);
-
-ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
- long length);
-int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp);
-ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
- const unsigned char **pp, long length);
-int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp);
-ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
- long length);
-int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
-int OPENSSL_gmtime_diff(int *pday, int *psec, const struct tm *from,
- const struct tm *to);
-int asn1_time_time_t_to_tm(const time_t *time, struct tm *out_tm);
-int asn1_time_tm_to_time_t(const struct tm *tm, time_t *out);
-
-__END_HIDDEN_DECLS
-/* $OpenBSD: asn1_old.c,v 1.2 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: asn1_old.c,v 1.3 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/buffer.h>
#include <openssl/err.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#ifndef NO_OLD_ASN1
-/* $OpenBSD: asn1_old_lib.c,v 1.4 2022/05/05 19:18:56 jsing Exp $ */
+/* $OpenBSD: asn1_old_lib.c,v 1.5 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/asn1.h>
#include <openssl/err.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
static void asn1_put_length(unsigned char **pp, int length);
-/* $OpenBSD: asn_mime.c,v 1.29 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: asn_mime.c,v 1.30 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
#include <openssl/err.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
/* Generalised MIME like utilities for streaming ASN1. Although many
* have a PKCS7/CMS like flavour others are more general purpose.
-/* $OpenBSD: asn_moid.c,v 1.14 2022/01/07 11:13:54 tb Exp $ */
+/* $OpenBSD: asn_moid.c,v 1.15 2022/11/26 16:08:50 tb Exp $ */
/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
* project 2001.
*/
#include <openssl/crypto.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
/* Simple ASN1 OID module: add all objects in a given section */
-/* $OpenBSD: p5_pbev2.c,v 1.27 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: p5_pbev2.c,v 1.28 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999-2004.
*/
#include <openssl/err.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* PKCS#5 v2.0 password based encryption structures */
-/* $OpenBSD: p8_pkey.c,v 1.20 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: p8_pkey.c,v 1.21 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/asn1t.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
/* Minor tweak to operation: zero private key data */
static int
-/* $OpenBSD: t_crl.c,v 1.20 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: t_crl.c,v 1.21 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
int
X509_CRL_print_fp(FILE *fp, X509_CRL *x)
-/* $OpenBSD: t_pkey.c,v 1.18 2022/11/10 13:09:34 jsing Exp $ */
+/* $OpenBSD: t_pkey.c,v 1.19 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/buffer.h>
#include <openssl/objects.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
int
ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
-/* $OpenBSD: t_req.c,v 1.23 2022/08/30 08:45:06 tb Exp $ */
+/* $OpenBSD: t_req.c,v 1.24 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "x509_lcl.h"
+#include "x509_local.h"
int
X509_REQ_print_fp(FILE *fp, X509_REQ *x)
-/* $OpenBSD: t_spki.c,v 1.13 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: t_spki.c,v 1.14 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/rsa.h>
#endif
-#include "x509_lcl.h"
+#include "x509_local.h"
/* Print out an SPKI */
-/* $OpenBSD: t_x509.c,v 1.40 2022/08/11 10:36:32 tb Exp $ */
+/* $OpenBSD: t_x509.c,v 1.41 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "asn1_locl.h"
-#include "x509_lcl.h"
+#include "asn1_local.h"
+#include "x509_local.h"
int
X509_print_fp(FILE *fp, X509 *x)
-/* $OpenBSD: t_x509a.c,v 1.10 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: t_x509a.c,v 1.11 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/evp.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
/* X509_CERT_AUX and string set routines */
-/* $OpenBSD: tasn_dec.c,v 1.83 2022/09/03 19:15:23 jsing Exp $ */
+/* $OpenBSD: tasn_dec.c,v 1.84 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <openssl/err.h>
#include <openssl/objects.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#include "bytestring.h"
/*
-/* $OpenBSD: tasn_enc.c,v 1.26 2022/10/17 18:03:15 jsing Exp $ */
+/* $OpenBSD: tasn_enc.c,v 1.27 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <openssl/err.h>
#include <openssl/objects.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
-/* $OpenBSD: tasn_fre.c,v 1.20 2022/05/12 19:55:58 jsing Exp $ */
+/* $OpenBSD: tasn_fre.c,v 1.21 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <openssl/asn1t.h>
#include <openssl/objects.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
static void asn1_item_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-/* $OpenBSD: tasn_new.c,v 1.22 2022/05/10 05:19:22 jsing Exp $ */
+/* $OpenBSD: tasn_new.c,v 1.23 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <openssl/asn1t.h>
#include <string.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
static int asn1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
-/* $OpenBSD: tasn_prn.c,v 1.22 2021/12/03 17:10:49 jsing Exp $ */
+/* $OpenBSD: tasn_prn.c,v 1.23 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <openssl/objects.h>
#include <openssl/x509v3.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
/* Print routines.
*/
-/* $OpenBSD: x_attrib.c,v 1.17 2022/05/09 19:19:33 jsing Exp $ */
+/* $OpenBSD: x_attrib.c,v 1.18 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
/*
* XXX - remove X509_ATTRIBUTE_SET_it with next major bump.
-/* $OpenBSD: x_bignum.c,v 1.12 2022/07/30 13:42:25 jsing Exp $ */
+/* $OpenBSD: x_bignum.c,v 1.13 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <openssl/asn1t.h>
#include <openssl/bn.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#include "bytestring.h"
/*
-/* $OpenBSD: x_crl.c,v 1.37 2022/02/24 22:05:06 beck Exp $ */
+/* $OpenBSD: x_crl.c,v 1.38 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "asn1_locl.h"
-#include "x509_lcl.h"
+#include "asn1_local.h"
+#include "x509_local.h"
static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
const X509_REVOKED * const *b);
-/* $OpenBSD: x_exten.c,v 1.17 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: x_exten.c,v 1.18 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
static const ASN1_TEMPLATE X509_EXTENSION_seq_tt[] = {
{
-/* $OpenBSD: x_long.c,v 1.18 2022/07/02 18:14:35 jsing Exp $ */
+/* $OpenBSD: x_long.c,v 1.19 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <openssl/bn.h>
#include <openssl/err.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
/*
* Custom primitive type for long handling. This converts between an
-/* $OpenBSD: x_name.c,v 1.37 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: x_name.c,v 1.38 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
-#include "x509_lcl.h"
+#include "asn1_local.h"
+#include "x509_local.h"
typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
-/* $OpenBSD: x_pubkey.c,v 1.32 2022/05/24 19:59:14 tb Exp $ */
+/* $OpenBSD: x_pubkey.c,v 1.33 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "asn1_locl.h"
-#include "evp_locl.h"
-#include "x509_lcl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
+#include "x509_local.h"
/* Minor tweak to operation: free up EVP_PKEY */
static int
-/* $OpenBSD: x_req.c,v 1.18 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: x_req.c,v 1.19 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/asn1t.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
/* X509_REQ_INFO is handled in an unusual way to get round
* invalid encodings. Some broken certificate requests don't
-/* $OpenBSD: x_sig.c,v 1.13 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: x_sig.c,v 1.14 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/asn1t.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
static const ASN1_TEMPLATE X509_SIG_seq_tt[] = {
{
-/* $OpenBSD: x_x509.c,v 1.30 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: x_x509.c,v 1.31 2022/11/26 16:08:50 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
static const ASN1_AUX X509_CINF_aux = {
.flags = ASN1_AFLG_ENCODING,
-/* $OpenBSD: x_x509a.c,v 1.18 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: x_x509a.c,v 1.19 2022/11/26 16:08:50 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/evp.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
/* X509_CERT_AUX routines. These are used to encode additional
* user modifiable data about a certificate. This data is
-/* $OpenBSD: bf_cbc.c,v 1.7 2022/11/11 12:18:25 jsing Exp $ */
+/* $OpenBSD: bf_cbc.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/blowfish.h>
-#include "bf_locl.h"
+#include "bf_local.h"
void
BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-/* $OpenBSD: bf_cfb64.c,v 1.7 2022/11/11 12:18:25 jsing Exp $ */
+/* $OpenBSD: bf_cfb64.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/blowfish.h>
-#include "bf_locl.h"
+#include "bf_local.h"
/*
* The input and output encrypted as though 64bit cfb mode is being
-/* $OpenBSD: bf_ecb.c,v 1.8 2022/11/11 12:18:25 jsing Exp $ */
+/* $OpenBSD: bf_ecb.c,v 1.9 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/blowfish.h>
#include <openssl/opensslv.h>
-#include "bf_locl.h"
+#include "bf_local.h"
/*
* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
-/* $OpenBSD: bf_enc.c,v 1.8 2022/11/11 12:18:25 jsing Exp $ */
+/* $OpenBSD: bf_enc.c,v 1.9 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/blowfish.h>
-#include "bf_locl.h"
+#include "bf_local.h"
/*
* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
--- /dev/null
+/* $OpenBSD: bf_local.h,v 1.1 2022/11/26 16:08:51 tb Exp $ */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BF_LOCL_H
+#define HEADER_BF_LOCL_H
+#include <openssl/opensslconf.h> /* BF_PTR, BF_PTR2 */
+
+#undef c2l
+#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c)))) ; \
+ case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+ case 4: l1 =((unsigned long)(*(--(c)))) ; \
+ case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ } \
+ }
+
+#undef n2l
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* This is actually a big endian algorithm, the most significant byte
+ * is used to lookup array 0 */
+
+#if defined(BF_PTR2)
+
+/*
+ * This is basically a special Intel version. Point is that Intel
+ * doesn't have many registers, but offers a reach choice of addressing
+ * modes. So we spare some registers by directly traversing BF_KEY
+ * structure and hiring the most decorated addressing mode. The code
+ * generated by EGCS is *perfectly* competitive with assembler
+ * implementation!
+ */
+#define BF_ENC(LL,R,KEY,Pi) (\
+ LL^=KEY[Pi], \
+ t= KEY[BF_ROUNDS+2 + 0 + ((R>>24)&0xFF)], \
+ t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \
+ t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \
+ t+= KEY[BF_ROUNDS+2 + 768 + ((R )&0xFF)], \
+ LL^=t \
+ )
+
+#elif defined(BF_PTR)
+
+#ifndef BF_LONG_LOG2
+#define BF_LONG_LOG2 2 /* default to BF_LONG being 32 bits */
+#endif
+#define BF_M (0xFF<<BF_LONG_LOG2)
+#define BF_0 (24-BF_LONG_LOG2)
+#define BF_1 (16-BF_LONG_LOG2)
+#define BF_2 ( 8-BF_LONG_LOG2)
+#define BF_3 BF_LONG_LOG2 /* left shift */
+
+/*
+ * This is normally very good on RISC platforms where normally you
+ * have to explicitly "multiply" array index by sizeof(BF_LONG)
+ * in order to calculate the effective address. This implementation
+ * excuses CPU from this extra work. Power[PC] uses should have most
+ * fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely
+ * rlwinm. So let'em double-check if their compiler does it.
+ */
+
+#define BF_ENC(LL,R,S,P) ( \
+ LL^=P, \
+ LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \
+ *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
+ *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
+ *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M))) \
+ )
+#else
+
+/*
+ * This is a *generic* version. Seem to perform best on platforms that
+ * offer explicit support for extraction of 8-bit nibbles preferably
+ * complemented with "multiplying" of array index by sizeof(BF_LONG).
+ * For the moment of this writing the list comprises Alpha CPU featuring
+ * extbl and s[48]addq instructions.
+ */
+
+#define BF_ENC(LL,R,S,P) ( \
+ LL^=P, \
+ LL^=((( S[ ((int)(R>>24)&0xff)] + \
+ S[0x0100+((int)(R>>16)&0xff)])^ \
+ S[0x0200+((int)(R>> 8)&0xff)])+ \
+ S[0x0300+((int)(R )&0xff)])&0xffffffffL \
+ )
+#endif
+
+#endif
+++ /dev/null
-/* $OpenBSD: bf_locl.h,v 1.4 2022/11/11 12:08:29 jsing Exp $ */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BF_LOCL_H
-#define HEADER_BF_LOCL_H
-#include <openssl/opensslconf.h> /* BF_PTR, BF_PTR2 */
-
-#undef c2l
-#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
- case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
- case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
- case 5: l2|=((unsigned long)(*(--(c)))); \
- case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
- case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
- case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
- case 1: l1|=((unsigned long)(*(--(c)))); \
- } \
- }
-
-#undef l2c
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c)))) ; \
- case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
- case 6: l2|=((unsigned long)(*(--(c))))<<16; \
- case 5: l2|=((unsigned long)(*(--(c))))<<24; \
- case 4: l1 =((unsigned long)(*(--(c)))) ; \
- case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
- case 2: l1|=((unsigned long)(*(--(c))))<<16; \
- case 1: l1|=((unsigned long)(*(--(c))))<<24; \
- } \
- }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
- } \
- }
-
-#undef n2l
-#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-/* This is actually a big endian algorithm, the most significant byte
- * is used to lookup array 0 */
-
-#if defined(BF_PTR2)
-
-/*
- * This is basically a special Intel version. Point is that Intel
- * doesn't have many registers, but offers a reach choice of addressing
- * modes. So we spare some registers by directly traversing BF_KEY
- * structure and hiring the most decorated addressing mode. The code
- * generated by EGCS is *perfectly* competitive with assembler
- * implementation!
- */
-#define BF_ENC(LL,R,KEY,Pi) (\
- LL^=KEY[Pi], \
- t= KEY[BF_ROUNDS+2 + 0 + ((R>>24)&0xFF)], \
- t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \
- t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \
- t+= KEY[BF_ROUNDS+2 + 768 + ((R )&0xFF)], \
- LL^=t \
- )
-
-#elif defined(BF_PTR)
-
-#ifndef BF_LONG_LOG2
-#define BF_LONG_LOG2 2 /* default to BF_LONG being 32 bits */
-#endif
-#define BF_M (0xFF<<BF_LONG_LOG2)
-#define BF_0 (24-BF_LONG_LOG2)
-#define BF_1 (16-BF_LONG_LOG2)
-#define BF_2 ( 8-BF_LONG_LOG2)
-#define BF_3 BF_LONG_LOG2 /* left shift */
-
-/*
- * This is normally very good on RISC platforms where normally you
- * have to explicitly "multiply" array index by sizeof(BF_LONG)
- * in order to calculate the effective address. This implementation
- * excuses CPU from this extra work. Power[PC] uses should have most
- * fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely
- * rlwinm. So let'em double-check if their compiler does it.
- */
-
-#define BF_ENC(LL,R,S,P) ( \
- LL^=P, \
- LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \
- *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
- *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
- *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M))) \
- )
-#else
-
-/*
- * This is a *generic* version. Seem to perform best on platforms that
- * offer explicit support for extraction of 8-bit nibbles preferably
- * complemented with "multiplying" of array index by sizeof(BF_LONG).
- * For the moment of this writing the list comprises Alpha CPU featuring
- * extbl and s[48]addq instructions.
- */
-
-#define BF_ENC(LL,R,S,P) ( \
- LL^=P, \
- LL^=((( S[ ((int)(R>>24)&0xff)] + \
- S[0x0100+((int)(R>>16)&0xff)])^ \
- S[0x0200+((int)(R>> 8)&0xff)])+ \
- S[0x0300+((int)(R )&0xff)])&0xffffffffL \
- )
-#endif
-
-#endif
-/* $OpenBSD: bf_ofb64.c,v 1.7 2022/11/11 12:18:25 jsing Exp $ */
+/* $OpenBSD: bf_ofb64.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/blowfish.h>
-#include "bf_locl.h"
+#include "bf_local.h"
/*
* The input and output encrypted as though 64bit ofb mode is being
-/* $OpenBSD: bf_skey.c,v 1.16 2022/11/11 12:23:49 jsing Exp $ */
+/* $OpenBSD: bf_skey.c,v 1.17 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/crypto.h>
#include <openssl/blowfish.h>
-#include "bf_locl.h"
+#include "bf_local.h"
static const BF_KEY bf_init = {
.P = {
-/* $OpenBSD: x86_64-gcc.c,v 1.6 2015/09/12 09:04:12 miod Exp $ */
-#include "../bn_lcl.h"
+/* $OpenBSD: x86_64-gcc.c,v 1.7 2022/11/26 16:08:51 tb Exp $ */
+#include "../bn_local.h"
/*
* x86_64 BIGNUM accelerator version 0.1, December 2002.
*
-/* $OpenBSD: bn_add.c,v 1.15 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_add.c,v 1.16 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
int
BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-/* $OpenBSD: bn_asm.c,v 1.15 2017/05/02 03:59:44 deraadt Exp $ */
+/* $OpenBSD: bn_asm.c,v 1.16 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/opensslconf.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#if defined(BN_LLONG) || defined(BN_UMULT_HIGH)
-/* $OpenBSD: bn_blind.c,v 1.18 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_blind.c,v 1.19 2022/11/26 16:08:51 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#define BN_BLINDING_COUNTER 32
-/* $OpenBSD: bn_bpsw.c,v 1.7 2022/08/31 21:34:14 tb Exp $ */
+/* $OpenBSD: bn_bpsw.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/*
* Copyright (c) 2022 Martin Grenouilloux <martin.grenouilloux@lse.epita.fr>
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
#include <openssl/bn.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#include "bn_prime.h"
/*
-/* $OpenBSD: bn_ctx.c,v 1.17 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_ctx.c,v 1.18 2022/11/26 16:08:51 tb Exp $ */
/* Written by Ulf Moeller for the OpenSSL project. */
/* ====================================================================
* Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
/* TODO list
*
-/* $OpenBSD: bn_depr.c,v 1.7 2014/10/18 17:20:40 jsing Exp $ */
+/* $OpenBSD: bn_depr.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
#include <openssl/opensslconf.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#ifndef OPENSSL_NO_DEPRECATED
BIGNUM *
-/* $OpenBSD: bn_div.c,v 1.27 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_div.c,v 1.28 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/bn.h>
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) \
&& !defined(BN_DIV3W)
-/* $OpenBSD: bn_exp.c,v 1.34 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_exp.c,v 1.35 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
-#include "constant_time_locl.h"
+#include "bn_local.h"
+#include "constant_time.h"
/* maximum precomputation table size for *variable* sliding windows */
#define TABLE_SIZE 32
-/* $OpenBSD: bn_exp2.c,v 1.14 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_exp2.c,v 1.15 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#define TABLE_SIZE 32
-/* $OpenBSD: bn_gcd.c,v 1.17 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_gcd.c,v 1.18 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
static BIGNUM *BN_gcd_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n,
-/* $OpenBSD: bn_gf2m.c,v 1.27 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_gf2m.c,v 1.28 2022/11/26 16:08:51 tb Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#ifndef OPENSSL_NO_EC2M
-/* $OpenBSD: bn_isqrt.c,v 1.3 2022/10/11 13:52:23 tb Exp $ */
+/* $OpenBSD: bn_isqrt.c,v 1.4 2022/11/26 16:08:51 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
*
#include <openssl/bn.h>
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#define CTASSERT(x) extern char _ctassert[(x) ? 1 : -1 ] \
__attribute__((__unused__))
-/* $OpenBSD: bn_kron.c,v 1.11 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_kron.c,v 1.12 2022/11/26 16:08:51 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
*
*
*/
-#include "bn_lcl.h"
+#include "bn_local.h"
/*
* Kronecker symbol, implemented according to Henri Cohen, "A Course in
-/* $OpenBSD: bn_lib.c,v 1.62 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_lib.c,v 1.63 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
BIGNUM *
BN_new(void)
--- /dev/null
+/* $OpenBSD: bn_local.h,v 1.1 2022/11/26 16:08:51 tb Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_BN_LCL_H
+#define HEADER_BN_LCL_H
+
+#include <openssl/opensslconf.h>
+
+#include <openssl/bn.h>
+
+__BEGIN_HIDDEN_DECLS
+
+struct bignum_st {
+ BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
+ int top; /* Index of last used d +1. */
+ /* The next are internal book keeping for bn_expand. */
+ int dmax; /* Size of the d array. */
+ int neg; /* one if the number is negative */
+ int flags;
+};
+
+/* Used for montgomery multiplication */
+struct bn_mont_ctx_st {
+ int ri; /* number of bits in R */
+ BIGNUM RR; /* used to convert to montgomery form */
+ BIGNUM N; /* The modulus */
+ BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1
+ * (Ni is only stored for bignum algorithm) */
+ BN_ULONG n0[2];/* least significant word(s) of Ni;
+ (type changed with 0.9.9, was "BN_ULONG n0;" before) */
+ int flags;
+};
+
+/* Used for reciprocal division/mod functions
+ * It cannot be shared between threads
+ */
+struct bn_recp_ctx_st {
+ BIGNUM N; /* the divisor */
+ BIGNUM Nr; /* the reciprocal */
+ int num_bits;
+ int shift;
+ int flags;
+};
+
+/* Used for slow "generation" functions. */
+struct bn_gencb_st {
+ unsigned int ver; /* To handle binary (in)compatibility */
+ void *arg; /* callback-specific data */
+ union {
+ /* if(ver==1) - handles old style callbacks */
+ void (*cb_1)(int, int, void *);
+ /* if(ver==2) - new callback style */
+ int (*cb_2)(int, int, BN_GENCB *);
+ } cb;
+};
+
+/*
+ * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
+ *
+ *
+ * For window size 'w' (w >= 2) and a random 'b' bits exponent,
+ * the number of multiplications is a constant plus on average
+ *
+ * 2^(w-1) + (b-w)/(w+1);
+ *
+ * here 2^(w-1) is for precomputing the table (we actually need
+ * entries only for windows that have the lowest bit set), and
+ * (b-w)/(w+1) is an approximation for the expected number of
+ * w-bit windows, not counting the first one.
+ *
+ * Thus we should use
+ *
+ * w >= 6 if b > 671
+ * w = 5 if 671 > b > 239
+ * w = 4 if 239 > b > 79
+ * w = 3 if 79 > b > 23
+ * w <= 2 if 23 > b
+ *
+ * (with draws in between). Very small exponents are often selected
+ * with low Hamming weight, so we use w = 1 for b <= 23.
+ */
+#define BN_window_bits_for_exponent_size(b) \
+ ((b) > 671 ? 6 : \
+ (b) > 239 ? 5 : \
+ (b) > 79 ? 4 : \
+ (b) > 23 ? 3 : 1)
+
+
+/* BN_mod_exp_mont_consttime is based on the assumption that the
+ * L1 data cache line width of the target processor is at least
+ * the following value.
+ */
+#define MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH ( 64 )
+#define MOD_EXP_CTIME_MIN_CACHE_LINE_MASK (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - 1)
+
+/* Window sizes optimized for fixed window size modular exponentiation
+ * algorithm (BN_mod_exp_mont_consttime).
+ *
+ * To achieve the security goals of BN_mode_exp_mont_consttime, the
+ * maximum size of the window must not exceed
+ * log_2(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH).
+ *
+ * Window size thresholds are defined for cache line sizes of 32 and 64,
+ * cache line sizes where log_2(32)=5 and log_2(64)=6 respectively. A
+ * window size of 7 should only be used on processors that have a 128
+ * byte or greater cache line size.
+ */
+#if MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 64
+
+# define BN_window_bits_for_ctime_exponent_size(b) \
+ ((b) > 937 ? 6 : \
+ (b) > 306 ? 5 : \
+ (b) > 89 ? 4 : \
+ (b) > 22 ? 3 : 1)
+# define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE (6)
+
+#elif MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 32
+
+# define BN_window_bits_for_ctime_exponent_size(b) \
+ ((b) > 306 ? 5 : \
+ (b) > 89 ? 4 : \
+ (b) > 22 ? 3 : 1)
+# define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE (5)
+
+#endif
+
+
+/* Pentium pro 16,16,16,32,64 */
+/* Alpha 16,16,16,16.64 */
+#define BN_MULL_SIZE_NORMAL (16) /* 32 */
+#define BN_MUL_RECURSIVE_SIZE_NORMAL (16) /* 32 less than */
+#define BN_SQR_RECURSIVE_SIZE_NORMAL (16) /* 32 */
+#define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL (32) /* 32 */
+#define BN_MONT_CTX_SET_SIZE_WORD (64) /* 32 */
+
+#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+/*
+ * BN_UMULT_HIGH section.
+ *
+ * No, I'm not trying to overwhelm you when stating that the
+ * product of N-bit numbers is 2*N bits wide:-) No, I don't expect
+ * you to be impressed when I say that if the compiler doesn't
+ * support 2*N integer type, then you have to replace every N*N
+ * multiplication with 4 (N/2)*(N/2) accompanied by some shifts
+ * and additions which unavoidably results in severe performance
+ * penalties. Of course provided that the hardware is capable of
+ * producing 2*N result... That's when you normally start
+ * considering assembler implementation. However! It should be
+ * pointed out that some CPUs (most notably Alpha, PowerPC and
+ * upcoming IA-64 family:-) provide *separate* instruction
+ * calculating the upper half of the product placing the result
+ * into a general purpose register. Now *if* the compiler supports
+ * inline assembler, then it's not impossible to implement the
+ * "bignum" routines (and have the compiler optimize 'em)
+ * exhibiting "native" performance in C. That's what BN_UMULT_HIGH
+ * macro is about:-)
+ *
+ * <appro@fy.chalmers.se>
+ */
+# if defined(__alpha)
+# if defined(__GNUC__) && __GNUC__>=2
+# define BN_UMULT_HIGH(a,b) ({ \
+ BN_ULONG ret; \
+ asm ("umulh %1,%2,%0" \
+ : "=r"(ret) \
+ : "r"(a), "r"(b)); \
+ ret; })
+# endif /* compiler */
+# elif defined(_ARCH_PPC) && defined(_LP64)
+# if defined(__GNUC__) && __GNUC__>=2
+# define BN_UMULT_HIGH(a,b) ({ \
+ BN_ULONG ret; \
+ asm ("mulhdu %0,%1,%2" \
+ : "=r"(ret) \
+ : "r"(a), "r"(b)); \
+ ret; })
+# endif /* compiler */
+# elif defined(__x86_64) || defined(__x86_64__)
+# if defined(__GNUC__) && __GNUC__>=2
+# define BN_UMULT_HIGH(a,b) ({ \
+ BN_ULONG ret,discard; \
+ asm ("mulq %3" \
+ : "=a"(discard),"=d"(ret) \
+ : "a"(a), "g"(b) \
+ : "cc"); \
+ ret; })
+# define BN_UMULT_LOHI(low,high,a,b) \
+ asm ("mulq %3" \
+ : "=a"(low),"=d"(high) \
+ : "a"(a),"g"(b) \
+ : "cc");
+# endif
+# elif defined(__mips) && defined(_LP64)
+# if defined(__GNUC__) && __GNUC__>=2
+# if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4) /* "h" constraint is no more since 4.4 */
+# define BN_UMULT_HIGH(a,b) (((__uint128_t)(a)*(b))>>64)
+# define BN_UMULT_LOHI(low,high,a,b) ({ \
+ __uint128_t ret=(__uint128_t)(a)*(b); \
+ (high)=ret>>64; (low)=ret; })
+# else
+# define BN_UMULT_HIGH(a,b) ({ \
+ BN_ULONG ret; \
+ asm ("dmultu %1,%2" \
+ : "=h"(ret) \
+ : "r"(a), "r"(b) : "l"); \
+ ret; })
+# define BN_UMULT_LOHI(low,high,a,b)\
+ asm ("dmultu %2,%3" \
+ : "=l"(low),"=h"(high) \
+ : "r"(a), "r"(b));
+# endif
+# endif
+# endif /* cpu */
+#endif /* OPENSSL_NO_ASM */
+
+/*************************************************************
+ * Using the long long type
+ */
+#define Lw(t) (((BN_ULONG)(t))&BN_MASK2)
+#define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
+
+#ifdef BN_LLONG
+#define mul_add(r,a,w,c) { \
+ BN_ULLONG t; \
+ t=(BN_ULLONG)w * (a) + (r) + (c); \
+ (r)= Lw(t); \
+ (c)= Hw(t); \
+ }
+
+#define mul(r,a,w,c) { \
+ BN_ULLONG t; \
+ t=(BN_ULLONG)w * (a) + (c); \
+ (r)= Lw(t); \
+ (c)= Hw(t); \
+ }
+
+#define sqr(r0,r1,a) { \
+ BN_ULLONG t; \
+ t=(BN_ULLONG)(a)*(a); \
+ (r0)=Lw(t); \
+ (r1)=Hw(t); \
+ }
+
+#elif defined(BN_UMULT_LOHI)
+#define mul_add(r,a,w,c) { \
+ BN_ULONG high,low,ret,tmp=(a); \
+ ret = (r); \
+ BN_UMULT_LOHI(low,high,w,tmp); \
+ ret += (c); \
+ (c) = (ret<(c))?1:0; \
+ (c) += high; \
+ ret += low; \
+ (c) += (ret<low)?1:0; \
+ (r) = ret; \
+ }
+
+#define mul(r,a,w,c) { \
+ BN_ULONG high,low,ret,ta=(a); \
+ BN_UMULT_LOHI(low,high,w,ta); \
+ ret = low + (c); \
+ (c) = high; \
+ (c) += (ret<low)?1:0; \
+ (r) = ret; \
+ }
+
+#define sqr(r0,r1,a) { \
+ BN_ULONG tmp=(a); \
+ BN_UMULT_LOHI(r0,r1,tmp,tmp); \
+ }
+
+#elif defined(BN_UMULT_HIGH)
+#define mul_add(r,a,w,c) { \
+ BN_ULONG high,low,ret,tmp=(a); \
+ ret = (r); \
+ high= BN_UMULT_HIGH(w,tmp); \
+ ret += (c); \
+ low = (w) * tmp; \
+ (c) = (ret<(c))?1:0; \
+ (c) += high; \
+ ret += low; \
+ (c) += (ret<low)?1:0; \
+ (r) = ret; \
+ }
+
+#define mul(r,a,w,c) { \
+ BN_ULONG high,low,ret,ta=(a); \
+ low = (w) * ta; \
+ high= BN_UMULT_HIGH(w,ta); \
+ ret = low + (c); \
+ (c) = high; \
+ (c) += (ret<low)?1:0; \
+ (r) = ret; \
+ }
+
+#define sqr(r0,r1,a) { \
+ BN_ULONG tmp=(a); \
+ (r0) = tmp * tmp; \
+ (r1) = BN_UMULT_HIGH(tmp,tmp); \
+ }
+
+#else
+/*************************************************************
+ * No long long type
+ */
+
+#define LBITS(a) ((a)&BN_MASK2l)
+#define HBITS(a) (((a)>>BN_BITS4)&BN_MASK2l)
+#define L2HBITS(a) (((a)<<BN_BITS4)&BN_MASK2)
+
+#define mul64(l,h,bl,bh) \
+ { \
+ BN_ULONG m,m1,lt,ht; \
+ \
+ lt=l; \
+ ht=h; \
+ m =(bh)*(lt); \
+ lt=(bl)*(lt); \
+ m1=(bl)*(ht); \
+ ht =(bh)*(ht); \
+ m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS((BN_ULONG)1); \
+ ht+=HBITS(m); \
+ m1=L2HBITS(m); \
+ lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \
+ (l)=lt; \
+ (h)=ht; \
+ }
+
+#define sqr64(lo,ho,in) \
+ { \
+ BN_ULONG l,h,m; \
+ \
+ h=(in); \
+ l=LBITS(h); \
+ h=HBITS(h); \
+ m =(l)*(h); \
+ l*=l; \
+ h*=h; \
+ h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
+ m =(m&BN_MASK2l)<<(BN_BITS4+1); \
+ l=(l+m)&BN_MASK2; if (l < m) h++; \
+ (lo)=l; \
+ (ho)=h; \
+ }
+
+#define mul_add(r,a,bl,bh,c) { \
+ BN_ULONG l,h; \
+ \
+ h= (a); \
+ l=LBITS(h); \
+ h=HBITS(h); \
+ mul64(l,h,(bl),(bh)); \
+ \
+ /* non-multiply part */ \
+ l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
+ (c)=(r); \
+ l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
+ (c)=h&BN_MASK2; \
+ (r)=l; \
+ }
+
+#define mul(r,a,bl,bh,c) { \
+ BN_ULONG l,h; \
+ \
+ h= (a); \
+ l=LBITS(h); \
+ h=HBITS(h); \
+ mul64(l,h,(bl),(bh)); \
+ \
+ /* non-multiply part */ \
+ l+=(c); if ((l&BN_MASK2) < (c)) h++; \
+ (c)=h&BN_MASK2; \
+ (r)=l&BN_MASK2; \
+ }
+#endif /* !BN_LLONG */
+
+/* The least significant word of a BIGNUM. */
+#define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0])
+
+void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb);
+void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
+void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
+void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp);
+void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a);
+void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a);
+int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n);
+int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b,
+ int cl, int dl);
+void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
+ int dna, int dnb, BN_ULONG *t);
+void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
+ int n, int tna, int tnb, BN_ULONG *t);
+void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t);
+void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n);
+void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
+ BN_ULONG *t);
+void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
+ BN_ULONG *t);
+BN_ULONG bn_add_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
+ int cl, int dl);
+BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
+ int cl, int dl);
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num);
+
+int bn_expand(BIGNUM *a, int bits);
+int bn_wexpand(BIGNUM *a, int words);
+
+#define bn_correct_top(a) \
+ { \
+ BN_ULONG *ftl; \
+ int tmp_top = (a)->top; \
+ if (tmp_top > 0) \
+ { \
+ for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
+ if (*(ftl--)) break; \
+ (a)->top = tmp_top; \
+ } \
+ }
+
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
+void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
+BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, int num);
+BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, int num);
+
+int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int bn_rand_interval(BIGNUM *rnd, const BIGNUM *lower_inc, const BIGNUM *upper_exc);
+
+/* Explicitly const time / non-const time versions for internal use */
+int BN_mod_exp_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_mont_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_mont_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_div_nonct(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
+ BN_CTX *ctx);
+int BN_div_ct(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
+ BN_CTX *ctx);
+#define BN_mod_ct(rem,m,d,ctx) BN_div_ct(NULL,(rem),(m),(d),(ctx))
+#define BN_mod_nonct(rem,m,d,ctx) BN_div_nonct(NULL,(rem),(m),(d),(ctx))
+BIGNUM *BN_mod_inverse_ct(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n,
+ BN_CTX *ctx);
+BIGNUM *BN_mod_inverse_nonct(BIGNUM *ret, const BIGNUM *a, const BIGNUM *n,
+ BN_CTX *ctx);
+int BN_gcd_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+int BN_gcd_nonct(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+
+int BN_swap_ct(BN_ULONG swap, BIGNUM *a, BIGNUM *b, size_t nwords);
+
+int bn_isqrt(BIGNUM *out_sqrt, int *out_perfect, const BIGNUM *n, BN_CTX *ctx);
+int bn_is_perfect_square(int *out_perfect, const BIGNUM *n, BN_CTX *ctx);
+
+int bn_is_prime_bpsw(int *is_prime, const BIGNUM *n, BN_CTX *in_ctx);
+
+__END_HIDDEN_DECLS
+#endif
-/* $OpenBSD: bn_mod.c,v 1.13 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_mod.c,v 1.14 2022/11/26 16:08:51 tb Exp $ */
/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
* for the OpenSSL project. */
/* ====================================================================
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
int
BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
-/* $OpenBSD: bn_mont.c,v 1.31 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_mont.c,v 1.32 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <stdio.h>
#include <stdint.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#define MONT_WORD /* use the faster word-based algorithm */
-/* $OpenBSD: bn_mpi.c,v 1.10 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_mpi.c,v 1.11 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
int
BN_bn2mpi(const BIGNUM *a, unsigned char *d)
-/* $OpenBSD: bn_mul.c,v 1.22 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_mul.c,v 1.23 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/opensslconf.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#if defined(OPENSSL_NO_ASM) || !defined(OPENSSL_BN_ASM_PART_WORDS)
/* Here follows specialised variants of bn_add_words() and
-/* $OpenBSD: bn_nist.c,v 1.22 2022/07/31 14:38:38 jsing Exp $ */
+/* $OpenBSD: bn_nist.c,v 1.23 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project
*/
#include <stdint.h>
#include <string.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#define CTASSERT(x) extern char _ctassert[(x) ? 1 : -1 ] \
__attribute__((__unused__))
-/* $OpenBSD: bn_prime.c,v 1.27 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_prime.c,v 1.28 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
/* NB: these functions have been "upgraded", the deprecated versions (which are
* compatibility wrappers using these functions) are in bn_depr.c.
-/* $OpenBSD: bn_print.c,v 1.36 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_print.c,v 1.37 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/buffer.h>
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
static const char Hex[]="0123456789ABCDEF";
-/* $OpenBSD: bn_rand.c,v 1.26 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_rand.c,v 1.27 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
static int
bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
-/* $OpenBSD: bn_recp.c,v 1.16 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_recp.c,v 1.17 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
void
BN_RECP_CTX_init(BN_RECP_CTX *recp)
-/* $OpenBSD: bn_shift.c,v 1.16 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_shift.c,v 1.17 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
int
BN_lshift1(BIGNUM *r, const BIGNUM *a)
-/* $OpenBSD: bn_sqr.c,v 1.15 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_sqr.c,v 1.16 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <stdio.h>
#include <string.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
/* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */
int
-/* $OpenBSD: bn_sqrt.c,v 1.13 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_sqrt.c,v 1.14 2022/11/26 16:08:51 tb Exp $ */
/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
* and Bodo Moeller for the OpenSSL project. */
/* ====================================================================
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
/*
* Returns 'ret' such that ret^2 == a (mod p), if it exists, using the
-/* $OpenBSD: bn_word.c,v 1.15 2022/11/26 13:56:33 jsing Exp $ */
+/* $OpenBSD: bn_word.c,v 1.16 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <stdio.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
BN_ULONG
BN_mod_word(const BIGNUM *a, BN_ULONG w)
-/* $OpenBSD: bn_x931p.c,v 1.13 2022/01/20 10:56:22 inoguchi Exp $ */
+/* $OpenBSD: bn_x931p.c,v 1.14 2022/11/26 16:08:51 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2005.
*/
#include <stdio.h>
#include <openssl/bn.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
/* X9.31 routines for prime derivation */
-/* $OpenBSD: camellia.c,v 1.11 2016/09/04 14:31:29 jsing Exp $ */
+/* $OpenBSD: camellia.c,v 1.12 2022/11/26 16:08:51 tb Exp $ */
/* ====================================================================
* Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
* ALL RIGHTS RESERVED.
#include <openssl/camellia.h>
#include <openssl/opensslconf.h>
-#include "cmll_locl.h"
+#include "cmll_local.h"
/* 32-bit rotations */
#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-/* $OpenBSD: cmll_ecb.c,v 1.4 2014/11/13 20:01:58 miod Exp $ */
+/* $OpenBSD: cmll_ecb.c,v 1.5 2022/11/26 16:08:51 tb Exp $ */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
*/
#include <openssl/camellia.h>
-#include "cmll_locl.h"
+#include "cmll_local.h"
void
Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
--- /dev/null
+/* $OpenBSD: cmll_local.h,v 1.1 2022/11/26 16:08:51 tb Exp $ */
+/* ====================================================================
+ * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
+ * ALL RIGHTS RESERVED.
+ *
+ * Intellectual Property information for Camellia:
+ * http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
+ *
+ * News Release for Announcement of Camellia open source:
+ * http://www.ntt.co.jp/news/news06e/0604/060413a.html
+ *
+ * The Camellia Code included herein is developed by
+ * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
+ * to the OpenSSL project.
+ *
+ * The Camellia Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CAMELLIA_LOCL_H
+#define HEADER_CAMELLIA_LOCL_H
+
+__BEGIN_HIDDEN_DECLS
+
+typedef unsigned int u32;
+typedef unsigned char u8;
+
+int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey,
+ KEY_TABLE_TYPE keyTable);
+void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
+void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
+ const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
+void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
+ const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
+void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[],
+ const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
+
+__END_HIDDEN_DECLS
+
+#endif /* #ifndef HEADER_CAMELLIA_LOCL_H */
+++ /dev/null
-/* $OpenBSD: cmll_locl.h,v 1.6 2016/12/21 15:49:29 jsing Exp $ */
-/* ====================================================================
- * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
- * ALL RIGHTS RESERVED.
- *
- * Intellectual Property information for Camellia:
- * http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
- *
- * News Release for Announcement of Camellia open source:
- * http://www.ntt.co.jp/news/news06e/0604/060413a.html
- *
- * The Camellia Code included herein is developed by
- * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
- * to the OpenSSL project.
- *
- * The Camellia Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CAMELLIA_LOCL_H
-#define HEADER_CAMELLIA_LOCL_H
-
-__BEGIN_HIDDEN_DECLS
-
-typedef unsigned int u32;
-typedef unsigned char u8;
-
-int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey,
- KEY_TABLE_TYPE keyTable);
-void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
- const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
-void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
- const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
-void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
- const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
-void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[],
- const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
-
-__END_HIDDEN_DECLS
-
-#endif /* #ifndef HEADER_CAMELLIA_LOCL_H */
-/* $OpenBSD: cmll_misc.c,v 1.6 2014/11/13 20:01:58 miod Exp $ */
+/* $OpenBSD: cmll_misc.c,v 1.7 2022/11/26 16:08:51 tb Exp $ */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
#include <openssl/camellia.h>
-#include "cmll_locl.h"
+#include "cmll_local.h"
int
Camellia_set_key(const unsigned char *userKey, const int bits,
-/* $OpenBSD: c_cfb64.c,v 1.5 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: c_cfb64.c,v 1.6 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/cast.h>
-#include "cast_lcl.h"
+#include "cast_local.h"
/* The input and output encrypted as though 64bit cfb mode is being
* used. The extra state information to record how much of the
-/* $OpenBSD: c_ecb.c,v 1.7 2014/07/09 11:10:50 bcook Exp $ */
+/* $OpenBSD: c_ecb.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/cast.h>
-#include "cast_lcl.h"
+#include "cast_local.h"
#include <openssl/opensslv.h>
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
-/* $OpenBSD: c_enc.c,v 1.7 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: c_enc.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/cast.h>
-#include "cast_lcl.h"
+#include "cast_local.h"
#ifndef OPENBSD_CAST_ASM
void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key)
-/* $OpenBSD: c_ofb64.c,v 1.5 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: c_ofb64.c,v 1.6 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/cast.h>
-#include "cast_lcl.h"
+#include "cast_local.h"
/* The input and output encrypted as though 64bit ofb mode is being
* used. The extra state information to record how much of the
-/* $OpenBSD: c_skey.c,v 1.11 2014/06/12 15:49:28 deraadt Exp $ */
+/* $OpenBSD: c_skey.c,v 1.12 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/crypto.h>
#include <openssl/cast.h>
-#include "cast_lcl.h"
+#include "cast_local.h"
#include "cast_s.h"
#define CAST_exp(l,A,a,n) \
+++ /dev/null
-/* $OpenBSD: cast_lcl.h,v 1.12 2020/01/26 11:49:21 inoguchi Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#undef c2l
-#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
- case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
- case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
- case 5: l2|=((unsigned long)(*(--(c)))); \
- case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
- case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
- case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
- case 1: l1|=((unsigned long)(*(--(c)))); \
- } \
- }
-
-#undef l2c
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c)))) ; \
- case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
- case 6: l2|=((unsigned long)(*(--(c))))<<16; \
- case 5: l2|=((unsigned long)(*(--(c))))<<24; \
- case 4: l1 =((unsigned long)(*(--(c)))) ; \
- case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
- case 2: l1|=((unsigned long)(*(--(c))))<<16; \
- case 1: l1|=((unsigned long)(*(--(c))))<<24; \
- } \
- }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
- } \
- }
-
-#undef n2l
-#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-/* only invoked with 0 <= n <= 31 */
-#define ROTL(a,n) ((((a)<<(n))&0xffffffffL)|((a)>>((32-(n))&31)))
-
-#define C_M 0x3fc
-#define C_0 22L
-#define C_1 14L
-#define C_2 6L
-#define C_3 2L /* left shift */
-
-/* The rotate has an extra 16 added to it to help the x86 asm */
-#if defined(CAST_PTR)
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
- { \
- int i; \
- t=(key[n*2] OP1 R)&0xffffffffL; \
- i=key[n*2+1]; \
- t=ROTL(t,i); \
- L^= (((((*(CAST_LONG *)((unsigned char *) \
- CAST_S_table0+((t>>C_2)&C_M)) OP2 \
- *(CAST_LONG *)((unsigned char *) \
- CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
- *(CAST_LONG *)((unsigned char *) \
- CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
- *(CAST_LONG *)((unsigned char *) \
- CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
- }
-#elif defined(CAST_PTR2)
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
- { \
- int i; \
- CAST_LONG u,v,w; \
- w=(key[n*2] OP1 R)&0xffffffffL; \
- i=key[n*2+1]; \
- w=ROTL(w,i); \
- u=w>>C_2; \
- v=w<<C_3; \
- u&=C_M; \
- v&=C_M; \
- t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
- u=w>>C_0; \
- t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
- v=w>>C_1; \
- u&=C_M; \
- v&=C_M; \
- t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
- t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
- L^=(t&0xffffffff); \
- }
-#else
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
- { \
- CAST_LONG a,b,c,d; \
- t=(key[n*2] OP1 R)&0xffffffff; \
- t=ROTL(t,(key[n*2+1])); \
- a=CAST_S_table0[(t>> 8)&0xff]; \
- b=CAST_S_table1[(t )&0xff]; \
- c=CAST_S_table2[(t>>24)&0xff]; \
- d=CAST_S_table3[(t>>16)&0xff]; \
- L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
- }
-#endif
-
-extern const CAST_LONG CAST_S_table0[256];
-extern const CAST_LONG CAST_S_table1[256];
-extern const CAST_LONG CAST_S_table2[256];
-extern const CAST_LONG CAST_S_table3[256];
-extern const CAST_LONG CAST_S_table4[256];
-extern const CAST_LONG CAST_S_table5[256];
-extern const CAST_LONG CAST_S_table6[256];
-extern const CAST_LONG CAST_S_table7[256];
--- /dev/null
+/* $OpenBSD: cast_local.h,v 1.1 2022/11/26 16:08:51 tb Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef c2l
+#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c)))) ; \
+ case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+ case 4: l1 =((unsigned long)(*(--(c)))) ; \
+ case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ } \
+ }
+
+#undef n2l
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* only invoked with 0 <= n <= 31 */
+#define ROTL(a,n) ((((a)<<(n))&0xffffffffL)|((a)>>((32-(n))&31)))
+
+#define C_M 0x3fc
+#define C_0 22L
+#define C_1 14L
+#define C_2 6L
+#define C_3 2L /* left shift */
+
+/* The rotate has an extra 16 added to it to help the x86 asm */
+#if defined(CAST_PTR)
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+ { \
+ int i; \
+ t=(key[n*2] OP1 R)&0xffffffffL; \
+ i=key[n*2+1]; \
+ t=ROTL(t,i); \
+ L^= (((((*(CAST_LONG *)((unsigned char *) \
+ CAST_S_table0+((t>>C_2)&C_M)) OP2 \
+ *(CAST_LONG *)((unsigned char *) \
+ CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
+ *(CAST_LONG *)((unsigned char *) \
+ CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
+ *(CAST_LONG *)((unsigned char *) \
+ CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
+ }
+#elif defined(CAST_PTR2)
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+ { \
+ int i; \
+ CAST_LONG u,v,w; \
+ w=(key[n*2] OP1 R)&0xffffffffL; \
+ i=key[n*2+1]; \
+ w=ROTL(w,i); \
+ u=w>>C_2; \
+ v=w<<C_3; \
+ u&=C_M; \
+ v&=C_M; \
+ t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
+ u=w>>C_0; \
+ t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
+ v=w>>C_1; \
+ u&=C_M; \
+ v&=C_M; \
+ t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
+ t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
+ L^=(t&0xffffffff); \
+ }
+#else
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+ { \
+ CAST_LONG a,b,c,d; \
+ t=(key[n*2] OP1 R)&0xffffffff; \
+ t=ROTL(t,(key[n*2+1])); \
+ a=CAST_S_table0[(t>> 8)&0xff]; \
+ b=CAST_S_table1[(t )&0xff]; \
+ c=CAST_S_table2[(t>>24)&0xff]; \
+ d=CAST_S_table3[(t>>16)&0xff]; \
+ L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
+ }
+#endif
+
+extern const CAST_LONG CAST_S_table0[256];
+extern const CAST_LONG CAST_S_table1[256];
+extern const CAST_LONG CAST_S_table2[256];
+extern const CAST_LONG CAST_S_table3[256];
+extern const CAST_LONG CAST_S_table4[256];
+extern const CAST_LONG CAST_S_table5[256];
+extern const CAST_LONG CAST_S_table6[256];
+extern const CAST_LONG CAST_S_table7[256];
-/* $OpenBSD: cm_ameth.c,v 1.9 2022/11/18 14:45:10 tb Exp $ */
+/* $OpenBSD: cm_ameth.c,v 1.10 2022/11/26 16:08:51 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2010.
*/
#include <openssl/cmac.h>
#include <openssl/evp.h>
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
/* CMAC "ASN1" method. This is just here to indicate the
* maximum CMAC output length and to free up a CMAC
-/* $OpenBSD: cm_pmeth.c,v 1.9 2022/11/18 14:45:10 tb Exp $ */
+/* $OpenBSD: cm_pmeth.c,v 1.10 2022/11/26 16:08:51 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2010.
*/
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* The context structure and "key" is simply a CMAC_CTX */
-/* $OpenBSD: cmac.c,v 1.11 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: cmac.c,v 1.12 2022/11/26 16:08:51 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
#include <openssl/cmac.h>
-#include "evp_locl.h"
+#include "evp_local.h"
struct CMAC_CTX_st {
/* Cipher context to use */
-/* $OpenBSD: cms_asn1.c,v 1.19 2022/01/14 08:16:13 tb Exp $ */
+/* $OpenBSD: cms_asn1.c,v 1.20 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/pem.h>
#include <openssl/x509v3.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
static const ASN1_TEMPLATE CMS_IssuerAndSerialNumber_seq_tt[] = {
-/* $OpenBSD: cms_att.c,v 1.9 2019/08/10 18:15:52 jsing Exp $ */
+/* $OpenBSD: cms_att.c,v 1.10 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
/* CMS SignedData Attribute utilities */
-/* $OpenBSD: cms_cd.c,v 1.15 2019/08/11 11:04:18 jsing Exp $ */
+/* $OpenBSD: cms_cd.c,v 1.16 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/cms.h>
#include <openssl/bio.h>
#include <openssl/comp.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
#ifdef ZLIB
-/* $OpenBSD: cms_dd.c,v 1.14 2019/08/11 11:04:18 jsing Exp $ */
+/* $OpenBSD: cms_dd.c,v 1.15 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
/* CMS DigestedData Utilities */
-/* $OpenBSD: cms_enc.c,v 1.21 2022/01/20 10:58:35 inoguchi Exp $ */
+/* $OpenBSD: cms_enc.c,v 1.22 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/rand.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
/* CMS EncryptedData Utilities */
-/* $OpenBSD: cms_env.c,v 1.24 2021/09/08 14:33:02 tb Exp $ */
+/* $OpenBSD: cms_env.c,v 1.25 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/aes.h>
-#include "cms_lcl.h"
-#include "asn1/asn1_locl.h"
-#include "evp/evp_locl.h"
+#include "cms_local.h"
+#include "asn1/asn1_local.h"
+#include "evp/evp_local.h"
/* CMS EnvelopedData Utilities */
-/* $OpenBSD: cms_ess.c,v 1.21 2019/08/11 14:19:09 jsing Exp $ */
+/* $OpenBSD: cms_ess.c,v 1.22 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
CMS_ReceiptRequest *
-/* $OpenBSD: cms_io.c,v 1.11 2019/08/11 10:38:27 jsing Exp $ */
+/* $OpenBSD: cms_io.c,v 1.12 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
int
CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms)
-/* $OpenBSD: cms_kari.c,v 1.13 2019/08/11 14:27:01 jsing Exp $ */
+/* $OpenBSD: cms_kari.c,v 1.14 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/aes.h>
-#include "cms_lcl.h"
-#include "asn1/asn1_locl.h"
+#include "cms_local.h"
+#include "asn1/asn1_local.h"
/* Key Agreement Recipient Info (KARI) routines */
+++ /dev/null
-/* $OpenBSD: cms_lcl.h,v 1.12 2019/10/04 18:03:56 tb Exp $ */
-/*
- * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CMS_LCL_H
-#define HEADER_CMS_LCL_H
-
-#include <openssl/x509.h>
-
-/*
- * Cryptographic message syntax (CMS) structures: taken from RFC3852
- */
-
-/* Forward references */
-
-typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber;
-typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo;
-typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier;
-typedef struct CMS_SignedData_st CMS_SignedData;
-typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat;
-typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo;
-typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo;
-typedef struct CMS_EnvelopedData_st CMS_EnvelopedData;
-typedef struct CMS_DigestedData_st CMS_DigestedData;
-typedef struct CMS_EncryptedData_st CMS_EncryptedData;
-typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData;
-typedef struct CMS_CompressedData_st CMS_CompressedData;
-typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat;
-typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo;
-typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey;
-typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
-typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
-typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
-typedef struct CMS_KeyAgreeRecipientIdentifier_st
- CMS_KeyAgreeRecipientIdentifier;
-typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
-typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
-typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
-typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
-typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;
-
-struct CMS_ContentInfo_st {
- ASN1_OBJECT *contentType;
- union {
- ASN1_OCTET_STRING *data;
- CMS_SignedData *signedData;
- CMS_EnvelopedData *envelopedData;
- CMS_DigestedData *digestedData;
- CMS_EncryptedData *encryptedData;
- CMS_AuthenticatedData *authenticatedData;
- CMS_CompressedData *compressedData;
- ASN1_TYPE *other;
- /* Other types ... */
- void *otherData;
- } d;
-};
-
-DECLARE_STACK_OF(CMS_CertificateChoices)
-
-struct CMS_SignedData_st {
- long version;
- STACK_OF(X509_ALGOR) *digestAlgorithms;
- CMS_EncapsulatedContentInfo *encapContentInfo;
- STACK_OF(CMS_CertificateChoices) *certificates;
- STACK_OF(CMS_RevocationInfoChoice) *crls;
- STACK_OF(CMS_SignerInfo) *signerInfos;
-};
-
-struct CMS_EncapsulatedContentInfo_st {
- ASN1_OBJECT *eContentType;
- ASN1_OCTET_STRING *eContent;
- /* Set to 1 if incomplete structure only part set up */
- int partial;
-};
-
-struct CMS_SignerInfo_st {
- long version;
- CMS_SignerIdentifier *sid;
- X509_ALGOR *digestAlgorithm;
- STACK_OF(X509_ATTRIBUTE) *signedAttrs;
- X509_ALGOR *signatureAlgorithm;
- ASN1_OCTET_STRING *signature;
- STACK_OF(X509_ATTRIBUTE) *unsignedAttrs;
- /* Signing certificate and key */
- X509 *signer;
- EVP_PKEY *pkey;
- /* Digest and public key context for alternative parameters */
- EVP_MD_CTX *mctx;
- EVP_PKEY_CTX *pctx;
-};
-
-struct CMS_SignerIdentifier_st {
- int type;
- union {
- CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
- ASN1_OCTET_STRING *subjectKeyIdentifier;
- } d;
-};
-
-struct CMS_EnvelopedData_st {
- long version;
- CMS_OriginatorInfo *originatorInfo;
- STACK_OF(CMS_RecipientInfo) *recipientInfos;
- CMS_EncryptedContentInfo *encryptedContentInfo;
- STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
-};
-
-struct CMS_OriginatorInfo_st {
- STACK_OF(CMS_CertificateChoices) *certificates;
- STACK_OF(CMS_RevocationInfoChoice) *crls;
-};
-
-struct CMS_EncryptedContentInfo_st {
- ASN1_OBJECT *contentType;
- X509_ALGOR *contentEncryptionAlgorithm;
- ASN1_OCTET_STRING *encryptedContent;
- /* Content encryption algorithm and key */
- const EVP_CIPHER *cipher;
- unsigned char *key;
- size_t keylen;
- /* Set to 1 if we are debugging decrypt and don't fake keys for MMA */
- int debug;
- /* Set to 1 if we have no cert and need exta safety measures for MMA */
- int havenocert;
-};
-
-struct CMS_RecipientInfo_st {
- int type;
- union {
- CMS_KeyTransRecipientInfo *ktri;
- CMS_KeyAgreeRecipientInfo *kari;
- CMS_KEKRecipientInfo *kekri;
- CMS_PasswordRecipientInfo *pwri;
- CMS_OtherRecipientInfo *ori;
- } d;
-};
-
-typedef CMS_SignerIdentifier CMS_RecipientIdentifier;
-
-struct CMS_KeyTransRecipientInfo_st {
- long version;
- CMS_RecipientIdentifier *rid;
- X509_ALGOR *keyEncryptionAlgorithm;
- ASN1_OCTET_STRING *encryptedKey;
- /* Recipient Key and cert */
- X509 *recip;
- EVP_PKEY *pkey;
- /* Public key context for this operation */
- EVP_PKEY_CTX *pctx;
-};
-
-struct CMS_KeyAgreeRecipientInfo_st {
- long version;
- CMS_OriginatorIdentifierOrKey *originator;
- ASN1_OCTET_STRING *ukm;
- X509_ALGOR *keyEncryptionAlgorithm;
- STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys;
- /* Public key context associated with current operation */
- EVP_PKEY_CTX *pctx;
- /* Cipher context for CEK wrapping */
- EVP_CIPHER_CTX *ctx;
-};
-
-struct CMS_OriginatorIdentifierOrKey_st {
- int type;
- union {
- CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
- ASN1_OCTET_STRING *subjectKeyIdentifier;
- CMS_OriginatorPublicKey *originatorKey;
- } d;
-};
-
-struct CMS_OriginatorPublicKey_st {
- X509_ALGOR *algorithm;
- ASN1_BIT_STRING *publicKey;
-};
-
-struct CMS_RecipientEncryptedKey_st {
- CMS_KeyAgreeRecipientIdentifier *rid;
- ASN1_OCTET_STRING *encryptedKey;
- /* Public key associated with this recipient */
- EVP_PKEY *pkey;
-};
-
-struct CMS_KeyAgreeRecipientIdentifier_st {
- int type;
- union {
- CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
- CMS_RecipientKeyIdentifier *rKeyId;
- } d;
-};
-
-struct CMS_RecipientKeyIdentifier_st {
- ASN1_OCTET_STRING *subjectKeyIdentifier;
- ASN1_GENERALIZEDTIME *date;
- CMS_OtherKeyAttribute *other;
-};
-
-struct CMS_KEKRecipientInfo_st {
- long version;
- CMS_KEKIdentifier *kekid;
- X509_ALGOR *keyEncryptionAlgorithm;
- ASN1_OCTET_STRING *encryptedKey;
- /* Extra info: symmetric key to use */
- unsigned char *key;
- size_t keylen;
-};
-
-struct CMS_KEKIdentifier_st {
- ASN1_OCTET_STRING *keyIdentifier;
- ASN1_GENERALIZEDTIME *date;
- CMS_OtherKeyAttribute *other;
-};
-
-struct CMS_PasswordRecipientInfo_st {
- long version;
- X509_ALGOR *keyDerivationAlgorithm;
- X509_ALGOR *keyEncryptionAlgorithm;
- ASN1_OCTET_STRING *encryptedKey;
- /* Extra info: password to use */
- unsigned char *pass;
- size_t passlen;
-};
-
-struct CMS_OtherRecipientInfo_st {
- ASN1_OBJECT *oriType;
- ASN1_TYPE *oriValue;
-};
-
-struct CMS_DigestedData_st {
- long version;
- X509_ALGOR *digestAlgorithm;
- CMS_EncapsulatedContentInfo *encapContentInfo;
- ASN1_OCTET_STRING *digest;
-};
-
-struct CMS_EncryptedData_st {
- long version;
- CMS_EncryptedContentInfo *encryptedContentInfo;
- STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
-};
-
-struct CMS_AuthenticatedData_st {
- long version;
- CMS_OriginatorInfo *originatorInfo;
- STACK_OF(CMS_RecipientInfo) *recipientInfos;
- X509_ALGOR *macAlgorithm;
- X509_ALGOR *digestAlgorithm;
- CMS_EncapsulatedContentInfo *encapContentInfo;
- STACK_OF(X509_ATTRIBUTE) *authAttrs;
- ASN1_OCTET_STRING *mac;
- STACK_OF(X509_ATTRIBUTE) *unauthAttrs;
-};
-
-struct CMS_CompressedData_st {
- long version;
- X509_ALGOR *compressionAlgorithm;
- STACK_OF(CMS_RecipientInfo) *recipientInfos;
- CMS_EncapsulatedContentInfo *encapContentInfo;
-};
-
-struct CMS_RevocationInfoChoice_st {
- int type;
- union {
- X509_CRL *crl;
- CMS_OtherRevocationInfoFormat *other;
- } d;
-};
-
-#define CMS_REVCHOICE_CRL 0
-#define CMS_REVCHOICE_OTHER 1
-
-struct CMS_OtherRevocationInfoFormat_st {
- ASN1_OBJECT *otherRevInfoFormat;
- ASN1_TYPE *otherRevInfo;
-};
-
-struct CMS_CertificateChoices {
- int type;
- union {
- X509 *certificate;
- ASN1_STRING *extendedCertificate; /* Obsolete */
- ASN1_STRING *v1AttrCert; /* Left encoded for now */
- ASN1_STRING *v2AttrCert; /* Left encoded for now */
- CMS_OtherCertificateFormat *other;
- } d;
-};
-
-#define CMS_CERTCHOICE_CERT 0
-#define CMS_CERTCHOICE_EXCERT 1
-#define CMS_CERTCHOICE_V1ACERT 2
-#define CMS_CERTCHOICE_V2ACERT 3
-#define CMS_CERTCHOICE_OTHER 4
-
-struct CMS_OtherCertificateFormat_st {
- ASN1_OBJECT *otherCertFormat;
- ASN1_TYPE *otherCert;
-};
-
-/*
- * This is also defined in pkcs7.h but we duplicate it to allow the CMS code
- * to be independent of PKCS#7
- */
-
-struct CMS_IssuerAndSerialNumber_st {
- X509_NAME *issuer;
- ASN1_INTEGER *serialNumber;
-};
-
-struct CMS_OtherKeyAttribute_st {
- ASN1_OBJECT *keyAttrId;
- ASN1_TYPE *keyAttr;
-};
-
-/* ESS structures */
-
-#ifdef HEADER_X509V3_H
-
-struct CMS_ReceiptRequest_st {
- ASN1_OCTET_STRING *signedContentIdentifier;
- CMS_ReceiptsFrom *receiptsFrom;
- STACK_OF(GENERAL_NAMES) *receiptsTo;
-};
-
-struct CMS_ReceiptsFrom_st {
- int type;
- union {
- long allOrFirstTier;
- STACK_OF(GENERAL_NAMES) *receiptList;
- } d;
-};
-#endif
-
-struct CMS_Receipt_st {
- long version;
- ASN1_OBJECT *contentType;
- ASN1_OCTET_STRING *signedContentIdentifier;
- ASN1_OCTET_STRING *originatorSignatureValue;
-};
-
-CMS_ContentInfo *CMS_ContentInfo_new(void);
-void CMS_ContentInfo_free(CMS_ContentInfo *a);
-CMS_ContentInfo *d2i_CMS_ContentInfo(CMS_ContentInfo **a, const unsigned char **in, long len);
-int i2d_CMS_ContentInfo(CMS_ContentInfo *a, unsigned char **out);
-extern const ASN1_ITEM CMS_ContentInfo_it;
-extern const ASN1_ITEM CMS_SignerInfo_it;
-extern const ASN1_ITEM CMS_IssuerAndSerialNumber_it;
-extern const ASN1_ITEM CMS_Attributes_Sign_it;
-extern const ASN1_ITEM CMS_Attributes_Verify_it;
-extern const ASN1_ITEM CMS_RecipientInfo_it;
-extern const ASN1_ITEM CMS_PasswordRecipientInfo_it;
-CMS_IssuerAndSerialNumber *CMS_IssuerAndSerialNumber_new(void);
-void CMS_IssuerAndSerialNumber_free(CMS_IssuerAndSerialNumber *a);
-
-#define CMS_SIGNERINFO_ISSUER_SERIAL 0
-#define CMS_SIGNERINFO_KEYIDENTIFIER 1
-
-#define CMS_RECIPINFO_ISSUER_SERIAL 0
-#define CMS_RECIPINFO_KEYIDENTIFIER 1
-
-#define CMS_REK_ISSUER_SERIAL 0
-#define CMS_REK_KEYIDENTIFIER 1
-
-#define CMS_OIK_ISSUER_SERIAL 0
-#define CMS_OIK_KEYIDENTIFIER 1
-#define CMS_OIK_PUBKEY 2
-
-BIO *cms_content_bio(CMS_ContentInfo *cms);
-
-CMS_ContentInfo *cms_Data_create(void);
-
-CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md);
-BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms);
-int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify);
-
-BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms);
-int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
-int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type);
-int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
- ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
-int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
-
-CMS_ContentInfo *cms_CompressedData_create(int comp_nid);
-BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms);
-
-BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm);
-int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
- X509_ALGOR *mdalg);
-
-int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert);
-int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert);
-int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert);
-int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
-
-BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec);
-BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms);
-int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
- const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen);
-
-int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
-int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
-ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
-
-BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
-CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
-int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd);
-int cms_pkey_get_ri_type(EVP_PKEY *pk);
-/* KARI routines */
-int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
- EVP_PKEY *pk, unsigned int flags);
-int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
-
-/* PWRI routines */
-int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
- int en_de);
-
-extern const ASN1_ITEM CMS_CertificateChoices_it;
-extern const ASN1_ITEM CMS_DigestedData_it;
-extern const ASN1_ITEM CMS_EncryptedData_it;
-extern const ASN1_ITEM CMS_EnvelopedData_it;
-extern const ASN1_ITEM CMS_KEKRecipientInfo_it;
-extern const ASN1_ITEM CMS_KeyAgreeRecipientInfo_it;
-extern const ASN1_ITEM CMS_KeyTransRecipientInfo_it;
-extern const ASN1_ITEM CMS_OriginatorPublicKey_it;
-extern const ASN1_ITEM CMS_OtherKeyAttribute_it;
-extern const ASN1_ITEM CMS_Receipt_it;
-extern const ASN1_ITEM CMS_ReceiptRequest_it;
-extern const ASN1_ITEM CMS_RecipientEncryptedKey_it;
-extern const ASN1_ITEM CMS_RecipientKeyIdentifier_it;
-extern const ASN1_ITEM CMS_RevocationInfoChoice_it;
-extern const ASN1_ITEM CMS_SignedData_it;
-extern const ASN1_ITEM CMS_CompressedData_it;
-
-#endif
-/* $OpenBSD: cms_lib.c,v 1.15 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: cms_lib.c,v 1.16 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/asn1.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
-#include "x509_lcl.h"
+#include "cms_local.h"
+#include "x509_local.h"
CMS_ContentInfo *
d2i_CMS_ContentInfo(CMS_ContentInfo **a, const unsigned char **in, long len)
--- /dev/null
+/* $OpenBSD: cms_local.h,v 1.1 2022/11/26 16:08:51 tb Exp $ */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CMS_LCL_H
+#define HEADER_CMS_LCL_H
+
+#include <openssl/x509.h>
+
+/*
+ * Cryptographic message syntax (CMS) structures: taken from RFC3852
+ */
+
+/* Forward references */
+
+typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber;
+typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo;
+typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier;
+typedef struct CMS_SignedData_st CMS_SignedData;
+typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat;
+typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo;
+typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo;
+typedef struct CMS_EnvelopedData_st CMS_EnvelopedData;
+typedef struct CMS_DigestedData_st CMS_DigestedData;
+typedef struct CMS_EncryptedData_st CMS_EncryptedData;
+typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData;
+typedef struct CMS_CompressedData_st CMS_CompressedData;
+typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat;
+typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo;
+typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey;
+typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
+typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
+typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
+typedef struct CMS_KeyAgreeRecipientIdentifier_st
+ CMS_KeyAgreeRecipientIdentifier;
+typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
+typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
+typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
+typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
+typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;
+
+struct CMS_ContentInfo_st {
+ ASN1_OBJECT *contentType;
+ union {
+ ASN1_OCTET_STRING *data;
+ CMS_SignedData *signedData;
+ CMS_EnvelopedData *envelopedData;
+ CMS_DigestedData *digestedData;
+ CMS_EncryptedData *encryptedData;
+ CMS_AuthenticatedData *authenticatedData;
+ CMS_CompressedData *compressedData;
+ ASN1_TYPE *other;
+ /* Other types ... */
+ void *otherData;
+ } d;
+};
+
+DECLARE_STACK_OF(CMS_CertificateChoices)
+
+struct CMS_SignedData_st {
+ long version;
+ STACK_OF(X509_ALGOR) *digestAlgorithms;
+ CMS_EncapsulatedContentInfo *encapContentInfo;
+ STACK_OF(CMS_CertificateChoices) *certificates;
+ STACK_OF(CMS_RevocationInfoChoice) *crls;
+ STACK_OF(CMS_SignerInfo) *signerInfos;
+};
+
+struct CMS_EncapsulatedContentInfo_st {
+ ASN1_OBJECT *eContentType;
+ ASN1_OCTET_STRING *eContent;
+ /* Set to 1 if incomplete structure only part set up */
+ int partial;
+};
+
+struct CMS_SignerInfo_st {
+ long version;
+ CMS_SignerIdentifier *sid;
+ X509_ALGOR *digestAlgorithm;
+ STACK_OF(X509_ATTRIBUTE) *signedAttrs;
+ X509_ALGOR *signatureAlgorithm;
+ ASN1_OCTET_STRING *signature;
+ STACK_OF(X509_ATTRIBUTE) *unsignedAttrs;
+ /* Signing certificate and key */
+ X509 *signer;
+ EVP_PKEY *pkey;
+ /* Digest and public key context for alternative parameters */
+ EVP_MD_CTX *mctx;
+ EVP_PKEY_CTX *pctx;
+};
+
+struct CMS_SignerIdentifier_st {
+ int type;
+ union {
+ CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
+ ASN1_OCTET_STRING *subjectKeyIdentifier;
+ } d;
+};
+
+struct CMS_EnvelopedData_st {
+ long version;
+ CMS_OriginatorInfo *originatorInfo;
+ STACK_OF(CMS_RecipientInfo) *recipientInfos;
+ CMS_EncryptedContentInfo *encryptedContentInfo;
+ STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
+};
+
+struct CMS_OriginatorInfo_st {
+ STACK_OF(CMS_CertificateChoices) *certificates;
+ STACK_OF(CMS_RevocationInfoChoice) *crls;
+};
+
+struct CMS_EncryptedContentInfo_st {
+ ASN1_OBJECT *contentType;
+ X509_ALGOR *contentEncryptionAlgorithm;
+ ASN1_OCTET_STRING *encryptedContent;
+ /* Content encryption algorithm and key */
+ const EVP_CIPHER *cipher;
+ unsigned char *key;
+ size_t keylen;
+ /* Set to 1 if we are debugging decrypt and don't fake keys for MMA */
+ int debug;
+ /* Set to 1 if we have no cert and need exta safety measures for MMA */
+ int havenocert;
+};
+
+struct CMS_RecipientInfo_st {
+ int type;
+ union {
+ CMS_KeyTransRecipientInfo *ktri;
+ CMS_KeyAgreeRecipientInfo *kari;
+ CMS_KEKRecipientInfo *kekri;
+ CMS_PasswordRecipientInfo *pwri;
+ CMS_OtherRecipientInfo *ori;
+ } d;
+};
+
+typedef CMS_SignerIdentifier CMS_RecipientIdentifier;
+
+struct CMS_KeyTransRecipientInfo_st {
+ long version;
+ CMS_RecipientIdentifier *rid;
+ X509_ALGOR *keyEncryptionAlgorithm;
+ ASN1_OCTET_STRING *encryptedKey;
+ /* Recipient Key and cert */
+ X509 *recip;
+ EVP_PKEY *pkey;
+ /* Public key context for this operation */
+ EVP_PKEY_CTX *pctx;
+};
+
+struct CMS_KeyAgreeRecipientInfo_st {
+ long version;
+ CMS_OriginatorIdentifierOrKey *originator;
+ ASN1_OCTET_STRING *ukm;
+ X509_ALGOR *keyEncryptionAlgorithm;
+ STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys;
+ /* Public key context associated with current operation */
+ EVP_PKEY_CTX *pctx;
+ /* Cipher context for CEK wrapping */
+ EVP_CIPHER_CTX *ctx;
+};
+
+struct CMS_OriginatorIdentifierOrKey_st {
+ int type;
+ union {
+ CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
+ ASN1_OCTET_STRING *subjectKeyIdentifier;
+ CMS_OriginatorPublicKey *originatorKey;
+ } d;
+};
+
+struct CMS_OriginatorPublicKey_st {
+ X509_ALGOR *algorithm;
+ ASN1_BIT_STRING *publicKey;
+};
+
+struct CMS_RecipientEncryptedKey_st {
+ CMS_KeyAgreeRecipientIdentifier *rid;
+ ASN1_OCTET_STRING *encryptedKey;
+ /* Public key associated with this recipient */
+ EVP_PKEY *pkey;
+};
+
+struct CMS_KeyAgreeRecipientIdentifier_st {
+ int type;
+ union {
+ CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
+ CMS_RecipientKeyIdentifier *rKeyId;
+ } d;
+};
+
+struct CMS_RecipientKeyIdentifier_st {
+ ASN1_OCTET_STRING *subjectKeyIdentifier;
+ ASN1_GENERALIZEDTIME *date;
+ CMS_OtherKeyAttribute *other;
+};
+
+struct CMS_KEKRecipientInfo_st {
+ long version;
+ CMS_KEKIdentifier *kekid;
+ X509_ALGOR *keyEncryptionAlgorithm;
+ ASN1_OCTET_STRING *encryptedKey;
+ /* Extra info: symmetric key to use */
+ unsigned char *key;
+ size_t keylen;
+};
+
+struct CMS_KEKIdentifier_st {
+ ASN1_OCTET_STRING *keyIdentifier;
+ ASN1_GENERALIZEDTIME *date;
+ CMS_OtherKeyAttribute *other;
+};
+
+struct CMS_PasswordRecipientInfo_st {
+ long version;
+ X509_ALGOR *keyDerivationAlgorithm;
+ X509_ALGOR *keyEncryptionAlgorithm;
+ ASN1_OCTET_STRING *encryptedKey;
+ /* Extra info: password to use */
+ unsigned char *pass;
+ size_t passlen;
+};
+
+struct CMS_OtherRecipientInfo_st {
+ ASN1_OBJECT *oriType;
+ ASN1_TYPE *oriValue;
+};
+
+struct CMS_DigestedData_st {
+ long version;
+ X509_ALGOR *digestAlgorithm;
+ CMS_EncapsulatedContentInfo *encapContentInfo;
+ ASN1_OCTET_STRING *digest;
+};
+
+struct CMS_EncryptedData_st {
+ long version;
+ CMS_EncryptedContentInfo *encryptedContentInfo;
+ STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
+};
+
+struct CMS_AuthenticatedData_st {
+ long version;
+ CMS_OriginatorInfo *originatorInfo;
+ STACK_OF(CMS_RecipientInfo) *recipientInfos;
+ X509_ALGOR *macAlgorithm;
+ X509_ALGOR *digestAlgorithm;
+ CMS_EncapsulatedContentInfo *encapContentInfo;
+ STACK_OF(X509_ATTRIBUTE) *authAttrs;
+ ASN1_OCTET_STRING *mac;
+ STACK_OF(X509_ATTRIBUTE) *unauthAttrs;
+};
+
+struct CMS_CompressedData_st {
+ long version;
+ X509_ALGOR *compressionAlgorithm;
+ STACK_OF(CMS_RecipientInfo) *recipientInfos;
+ CMS_EncapsulatedContentInfo *encapContentInfo;
+};
+
+struct CMS_RevocationInfoChoice_st {
+ int type;
+ union {
+ X509_CRL *crl;
+ CMS_OtherRevocationInfoFormat *other;
+ } d;
+};
+
+#define CMS_REVCHOICE_CRL 0
+#define CMS_REVCHOICE_OTHER 1
+
+struct CMS_OtherRevocationInfoFormat_st {
+ ASN1_OBJECT *otherRevInfoFormat;
+ ASN1_TYPE *otherRevInfo;
+};
+
+struct CMS_CertificateChoices {
+ int type;
+ union {
+ X509 *certificate;
+ ASN1_STRING *extendedCertificate; /* Obsolete */
+ ASN1_STRING *v1AttrCert; /* Left encoded for now */
+ ASN1_STRING *v2AttrCert; /* Left encoded for now */
+ CMS_OtherCertificateFormat *other;
+ } d;
+};
+
+#define CMS_CERTCHOICE_CERT 0
+#define CMS_CERTCHOICE_EXCERT 1
+#define CMS_CERTCHOICE_V1ACERT 2
+#define CMS_CERTCHOICE_V2ACERT 3
+#define CMS_CERTCHOICE_OTHER 4
+
+struct CMS_OtherCertificateFormat_st {
+ ASN1_OBJECT *otherCertFormat;
+ ASN1_TYPE *otherCert;
+};
+
+/*
+ * This is also defined in pkcs7.h but we duplicate it to allow the CMS code
+ * to be independent of PKCS#7
+ */
+
+struct CMS_IssuerAndSerialNumber_st {
+ X509_NAME *issuer;
+ ASN1_INTEGER *serialNumber;
+};
+
+struct CMS_OtherKeyAttribute_st {
+ ASN1_OBJECT *keyAttrId;
+ ASN1_TYPE *keyAttr;
+};
+
+/* ESS structures */
+
+#ifdef HEADER_X509V3_H
+
+struct CMS_ReceiptRequest_st {
+ ASN1_OCTET_STRING *signedContentIdentifier;
+ CMS_ReceiptsFrom *receiptsFrom;
+ STACK_OF(GENERAL_NAMES) *receiptsTo;
+};
+
+struct CMS_ReceiptsFrom_st {
+ int type;
+ union {
+ long allOrFirstTier;
+ STACK_OF(GENERAL_NAMES) *receiptList;
+ } d;
+};
+#endif
+
+struct CMS_Receipt_st {
+ long version;
+ ASN1_OBJECT *contentType;
+ ASN1_OCTET_STRING *signedContentIdentifier;
+ ASN1_OCTET_STRING *originatorSignatureValue;
+};
+
+CMS_ContentInfo *CMS_ContentInfo_new(void);
+void CMS_ContentInfo_free(CMS_ContentInfo *a);
+CMS_ContentInfo *d2i_CMS_ContentInfo(CMS_ContentInfo **a, const unsigned char **in, long len);
+int i2d_CMS_ContentInfo(CMS_ContentInfo *a, unsigned char **out);
+extern const ASN1_ITEM CMS_ContentInfo_it;
+extern const ASN1_ITEM CMS_SignerInfo_it;
+extern const ASN1_ITEM CMS_IssuerAndSerialNumber_it;
+extern const ASN1_ITEM CMS_Attributes_Sign_it;
+extern const ASN1_ITEM CMS_Attributes_Verify_it;
+extern const ASN1_ITEM CMS_RecipientInfo_it;
+extern const ASN1_ITEM CMS_PasswordRecipientInfo_it;
+CMS_IssuerAndSerialNumber *CMS_IssuerAndSerialNumber_new(void);
+void CMS_IssuerAndSerialNumber_free(CMS_IssuerAndSerialNumber *a);
+
+#define CMS_SIGNERINFO_ISSUER_SERIAL 0
+#define CMS_SIGNERINFO_KEYIDENTIFIER 1
+
+#define CMS_RECIPINFO_ISSUER_SERIAL 0
+#define CMS_RECIPINFO_KEYIDENTIFIER 1
+
+#define CMS_REK_ISSUER_SERIAL 0
+#define CMS_REK_KEYIDENTIFIER 1
+
+#define CMS_OIK_ISSUER_SERIAL 0
+#define CMS_OIK_KEYIDENTIFIER 1
+#define CMS_OIK_PUBKEY 2
+
+BIO *cms_content_bio(CMS_ContentInfo *cms);
+
+CMS_ContentInfo *cms_Data_create(void);
+
+CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md);
+BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms);
+int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify);
+
+BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms);
+int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
+int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type);
+int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
+ ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
+int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
+
+CMS_ContentInfo *cms_CompressedData_create(int comp_nid);
+BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms);
+
+BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm);
+int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
+ X509_ALGOR *mdalg);
+
+int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert);
+int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert);
+int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert);
+int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
+
+BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec);
+BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms);
+int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
+ const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen);
+
+int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
+int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
+ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
+
+BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
+CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
+int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd);
+int cms_pkey_get_ri_type(EVP_PKEY *pk);
+/* KARI routines */
+int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
+ EVP_PKEY *pk, unsigned int flags);
+int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+
+/* PWRI routines */
+int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+ int en_de);
+
+extern const ASN1_ITEM CMS_CertificateChoices_it;
+extern const ASN1_ITEM CMS_DigestedData_it;
+extern const ASN1_ITEM CMS_EncryptedData_it;
+extern const ASN1_ITEM CMS_EnvelopedData_it;
+extern const ASN1_ITEM CMS_KEKRecipientInfo_it;
+extern const ASN1_ITEM CMS_KeyAgreeRecipientInfo_it;
+extern const ASN1_ITEM CMS_KeyTransRecipientInfo_it;
+extern const ASN1_ITEM CMS_OriginatorPublicKey_it;
+extern const ASN1_ITEM CMS_OtherKeyAttribute_it;
+extern const ASN1_ITEM CMS_Receipt_it;
+extern const ASN1_ITEM CMS_ReceiptRequest_it;
+extern const ASN1_ITEM CMS_RecipientEncryptedKey_it;
+extern const ASN1_ITEM CMS_RecipientKeyIdentifier_it;
+extern const ASN1_ITEM CMS_RevocationInfoChoice_it;
+extern const ASN1_ITEM CMS_SignedData_it;
+extern const ASN1_ITEM CMS_CompressedData_it;
+
+#endif
-/* $OpenBSD: cms_pwri.c,v 1.27 2022/01/19 13:47:44 inoguchi Exp $ */
+/* $OpenBSD: cms_pwri.c,v 1.28 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/cms.h>
#include <openssl/rand.h>
#include <openssl/aes.h>
-#include "cms_lcl.h"
-#include "asn1/asn1_locl.h"
+#include "cms_local.h"
+#include "asn1/asn1_local.h"
int
CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, unsigned char *pass,
-/* $OpenBSD: cms_sd.c,v 1.24 2022/08/28 18:27:47 tb Exp $ */
+/* $OpenBSD: cms_sd.c,v 1.25 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
-#include "asn1/asn1_locl.h"
-#include "evp/evp_locl.h"
+#include "cms_local.h"
+#include "asn1/asn1_local.h"
+#include "evp/evp_local.h"
/* CMS SignedData Utilities */
-/* $OpenBSD: cms_smime.c,v 1.24 2019/10/04 18:03:56 tb Exp $ */
+/* $OpenBSD: cms_smime.c,v 1.25 2022/11/26 16:08:51 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
-#include "asn1/asn1_locl.h"
+#include "cms_local.h"
+#include "asn1/asn1_local.h"
static BIO *
cms_get_text_bio(BIO *out, unsigned int flags)
--- /dev/null
+/* crypto/constant_time_locl.h */
+/*-
+ * Utilities for constant-time cryptography.
+ *
+ * Author: Emilia Kasper (emilia@openssl.org)
+ * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
+ * (Google).
+ * ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CONSTANT_TIME_LOCL_H
+# define HEADER_CONSTANT_TIME_LOCL_H
+
+__BEGIN_HIDDEN_DECLS
+
+/*-
+ * The boolean methods return a bitmask of all ones (0xff...f) for true
+ * and 0 for false. This is useful for choosing a value based on the result
+ * of a conditional in constant time. For example,
+ *
+ * if (a < b) {
+ * c = a;
+ * } else {
+ * c = b;
+ * }
+ *
+ * can be written as
+ *
+ * unsigned int lt = constant_time_lt(a, b);
+ * c = constant_time_select(lt, a, b);
+ */
+
+/*
+ * Returns the given value with the MSB copied to all the other
+ * bits. Uses the fact that arithmetic shift shifts-in the sign bit.
+ * However, this is not ensured by the C standard so you may need to
+ * replace this with something else on odd CPUs.
+ */
+static inline unsigned int constant_time_msb(unsigned int a);
+
+/*
+ * Returns 0xff..f if a < b and 0 otherwise.
+ */
+static inline unsigned int constant_time_lt(unsigned int a, unsigned int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_lt_8(unsigned int a,
+ unsigned int b);
+
+/*
+ * Returns 0xff..f if a >= b and 0 otherwise.
+ */
+static inline unsigned int constant_time_ge(unsigned int a, unsigned int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_ge_8(unsigned int a,
+ unsigned int b);
+
+/*
+ * Returns 0xff..f if a == 0 and 0 otherwise.
+ */
+static inline unsigned int constant_time_is_zero(unsigned int a);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_is_zero_8(unsigned int a);
+
+/*
+ * Returns 0xff..f if a == b and 0 otherwise.
+ */
+static inline unsigned int constant_time_eq(unsigned int a, unsigned int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_eq_8(unsigned int a,
+ unsigned int b);
+/* Signed integers. */
+static inline unsigned int constant_time_eq_int(int a, int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_eq_int_8(int a, int b);
+
+/*-
+ * Returns (mask & a) | (~mask & b).
+ *
+ * When |mask| is all 1s or all 0s (as returned by the methods above),
+ * the select methods return either |a| (if |mask| is nonzero) or |b|
+ * (if |mask| is zero).
+ */
+static inline unsigned int constant_time_select(unsigned int mask,
+ unsigned int a,
+ unsigned int b);
+/* Convenience method for unsigned chars. */
+static inline unsigned char constant_time_select_8(unsigned char mask,
+ unsigned char a,
+ unsigned char b);
+/* Convenience method for signed integers. */
+static inline int constant_time_select_int(unsigned int mask, int a, int b);
+
+static inline unsigned int constant_time_msb(unsigned int a)
+{
+ return 0 - (a >> (sizeof(a) * 8 - 1));
+}
+
+static inline unsigned int constant_time_lt(unsigned int a, unsigned int b)
+{
+ return constant_time_msb(a ^ ((a ^ b) | ((a - b) ^ b)));
+}
+
+static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b)
+{
+ return (unsigned char)(constant_time_lt(a, b));
+}
+
+static inline unsigned int constant_time_ge(unsigned int a, unsigned int b)
+{
+ return ~constant_time_lt(a, b);
+}
+
+static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b)
+{
+ return (unsigned char)(constant_time_ge(a, b));
+}
+
+static inline unsigned int constant_time_is_zero(unsigned int a)
+{
+ return constant_time_msb(~a & (a - 1));
+}
+
+static inline unsigned char constant_time_is_zero_8(unsigned int a)
+{
+ return (unsigned char)(constant_time_is_zero(a));
+}
+
+static inline unsigned int constant_time_eq(unsigned int a, unsigned int b)
+{
+ return constant_time_is_zero(a ^ b);
+}
+
+static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b)
+{
+ return (unsigned char)(constant_time_eq(a, b));
+}
+
+static inline unsigned int constant_time_eq_int(int a, int b)
+{
+ return constant_time_eq((unsigned)(a), (unsigned)(b));
+}
+
+static inline unsigned char constant_time_eq_int_8(int a, int b)
+{
+ return constant_time_eq_8((unsigned)(a), (unsigned)(b));
+}
+
+static inline unsigned int constant_time_select(unsigned int mask,
+ unsigned int a,
+ unsigned int b)
+{
+ return (mask & a) | (~mask & b);
+}
+
+static inline unsigned char constant_time_select_8(unsigned char mask,
+ unsigned char a,
+ unsigned char b)
+{
+ return (unsigned char)(constant_time_select(mask, a, b));
+}
+
+static inline int constant_time_select_int(unsigned int mask, int a, int b)
+{
+ return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b)));
+}
+
+void err_clear_last_constant_time(int clear);
+
+__END_HIDDEN_DECLS
+
+#endif /* HEADER_CONSTANT_TIME_LOCL_H */
+++ /dev/null
-/* crypto/constant_time_locl.h */
-/*-
- * Utilities for constant-time cryptography.
- *
- * Author: Emilia Kasper (emilia@openssl.org)
- * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
- * (Google).
- * ====================================================================
- * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CONSTANT_TIME_LOCL_H
-# define HEADER_CONSTANT_TIME_LOCL_H
-
-__BEGIN_HIDDEN_DECLS
-
-/*-
- * The boolean methods return a bitmask of all ones (0xff...f) for true
- * and 0 for false. This is useful for choosing a value based on the result
- * of a conditional in constant time. For example,
- *
- * if (a < b) {
- * c = a;
- * } else {
- * c = b;
- * }
- *
- * can be written as
- *
- * unsigned int lt = constant_time_lt(a, b);
- * c = constant_time_select(lt, a, b);
- */
-
-/*
- * Returns the given value with the MSB copied to all the other
- * bits. Uses the fact that arithmetic shift shifts-in the sign bit.
- * However, this is not ensured by the C standard so you may need to
- * replace this with something else on odd CPUs.
- */
-static inline unsigned int constant_time_msb(unsigned int a);
-
-/*
- * Returns 0xff..f if a < b and 0 otherwise.
- */
-static inline unsigned int constant_time_lt(unsigned int a, unsigned int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_lt_8(unsigned int a,
- unsigned int b);
-
-/*
- * Returns 0xff..f if a >= b and 0 otherwise.
- */
-static inline unsigned int constant_time_ge(unsigned int a, unsigned int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_ge_8(unsigned int a,
- unsigned int b);
-
-/*
- * Returns 0xff..f if a == 0 and 0 otherwise.
- */
-static inline unsigned int constant_time_is_zero(unsigned int a);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_is_zero_8(unsigned int a);
-
-/*
- * Returns 0xff..f if a == b and 0 otherwise.
- */
-static inline unsigned int constant_time_eq(unsigned int a, unsigned int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_eq_8(unsigned int a,
- unsigned int b);
-/* Signed integers. */
-static inline unsigned int constant_time_eq_int(int a, int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_eq_int_8(int a, int b);
-
-/*-
- * Returns (mask & a) | (~mask & b).
- *
- * When |mask| is all 1s or all 0s (as returned by the methods above),
- * the select methods return either |a| (if |mask| is nonzero) or |b|
- * (if |mask| is zero).
- */
-static inline unsigned int constant_time_select(unsigned int mask,
- unsigned int a,
- unsigned int b);
-/* Convenience method for unsigned chars. */
-static inline unsigned char constant_time_select_8(unsigned char mask,
- unsigned char a,
- unsigned char b);
-/* Convenience method for signed integers. */
-static inline int constant_time_select_int(unsigned int mask, int a, int b);
-
-static inline unsigned int constant_time_msb(unsigned int a)
-{
- return 0 - (a >> (sizeof(a) * 8 - 1));
-}
-
-static inline unsigned int constant_time_lt(unsigned int a, unsigned int b)
-{
- return constant_time_msb(a ^ ((a ^ b) | ((a - b) ^ b)));
-}
-
-static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b)
-{
- return (unsigned char)(constant_time_lt(a, b));
-}
-
-static inline unsigned int constant_time_ge(unsigned int a, unsigned int b)
-{
- return ~constant_time_lt(a, b);
-}
-
-static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b)
-{
- return (unsigned char)(constant_time_ge(a, b));
-}
-
-static inline unsigned int constant_time_is_zero(unsigned int a)
-{
- return constant_time_msb(~a & (a - 1));
-}
-
-static inline unsigned char constant_time_is_zero_8(unsigned int a)
-{
- return (unsigned char)(constant_time_is_zero(a));
-}
-
-static inline unsigned int constant_time_eq(unsigned int a, unsigned int b)
-{
- return constant_time_is_zero(a ^ b);
-}
-
-static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b)
-{
- return (unsigned char)(constant_time_eq(a, b));
-}
-
-static inline unsigned int constant_time_eq_int(int a, int b)
-{
- return constant_time_eq((unsigned)(a), (unsigned)(b));
-}
-
-static inline unsigned char constant_time_eq_int_8(int a, int b)
-{
- return constant_time_eq_8((unsigned)(a), (unsigned)(b));
-}
-
-static inline unsigned int constant_time_select(unsigned int mask,
- unsigned int a,
- unsigned int b)
-{
- return (mask & a) | (~mask & b);
-}
-
-static inline unsigned char constant_time_select_8(unsigned char mask,
- unsigned char a,
- unsigned char b)
-{
- return (unsigned char)(constant_time_select(mask, a, b));
-}
-
-static inline int constant_time_select_int(unsigned int mask, int a, int b)
-{
- return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b)));
-}
-
-void err_clear_last_constant_time(int clear);
-
-__END_HIDDEN_DECLS
-
-#endif /* HEADER_CONSTANT_TIME_LOCL_H */
-/* $OpenBSD: cbc_cksm.c,v 1.7 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: cbc_cksm.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
long length, DES_key_schedule *schedule,
-/* $OpenBSD: cfb64ede.c,v 1.9 2015/02/07 13:19:15 doug Exp $ */
+/* $OpenBSD: cfb64ede.c,v 1.10 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
/* The input and output encrypted as though 64bit cfb mode is being
* used. The extra state information to record how much of the
-/* $OpenBSD: cfb64enc.c,v 1.6 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: cfb64enc.c,v 1.7 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
/* The input and output encrypted as though 64bit cfb mode is being
* used. The extra state information to record how much of the
-/* $OpenBSD: cfb_enc.c,v 1.14 2021/11/09 18:40:21 bcook Exp $ */
+/* $OpenBSD: cfb_enc.c,v 1.15 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
#include <endian.h>
/* The input and output are loaded in multiples of 8 bits.
-/* $OpenBSD: des_enc.c,v 1.12 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: des_enc.c,v 1.13 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
#include "spr.h"
#ifndef OPENBSD_DES_ASM
--- /dev/null
+/* $OpenBSD: des_local.h,v 1.1 2022/11/26 16:08:51 tb Exp $ */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_DES_LOCL_H
+#define HEADER_DES_LOCL_H
+
+#include <math.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <openssl/opensslconf.h>
+
+#include <openssl/des.h>
+
+__BEGIN_HIDDEN_DECLS
+
+#define ITERATIONS 16
+#define HALF_ITERATIONS 8
+
+/* used in des_read and des_write */
+#define MAXWRITE (1024*16)
+#define BSIZE (MAXWRITE+4)
+
+#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
+ l|=((DES_LONG)(*((c)++)))<< 8L, \
+ l|=((DES_LONG)(*((c)++)))<<16L, \
+ l|=((DES_LONG)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
+ case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
+ case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
+ case 5: l2|=((DES_LONG)(*(--(c)))); \
+ case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
+ case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
+ case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
+ case 1: l1|=((DES_LONG)(*(--(c)))); \
+ } \
+ }
+
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* replacements for htonl and ntohl since I have no idea what to do
+ * when faced with machines with 8 byte longs. */
+#define HDRSIZE 4
+
+#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
+ l|=((DES_LONG)(*((c)++)))<<16L, \
+ l|=((DES_LONG)(*((c)++)))<< 8L, \
+ l|=((DES_LONG)(*((c)++))))
+
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+static inline uint32_t ROTATE(uint32_t a, uint32_t n)
+{
+ return (a>>n)+(a<<(32-n));
+}
+
+/* Don't worry about the LOAD_DATA() stuff, that is used by
+ * fcrypt() to add it's little bit to the front */
+
+#ifdef DES_FCRYPT
+
+#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
+ { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
+
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+ t=R^(R>>16L); \
+ u=t&E0; t&=E1; \
+ tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
+ tmp=(t<<16); t^=R^s[S+1]; t^=tmp
+#else
+#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+ u=R^s[S ]; \
+ t=R^s[S+1]
+#endif
+
+/* The changes to this macro may help or hinder, depending on the
+ * compiler and the architecture. gcc2 always seems to do well :-).
+ * Inspired by Dana How <how@isl.stanford.edu>
+ * DO NOT use the alternative version on machines with 8 byte longs.
+ * It does not seem to work on the Alpha, even when DES_LONG is 4
+ * bytes, probably an issue of accessing non-word aligned objects :-( */
+#ifdef DES_PTR
+
+/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
+ * is no reason to not xor all the sub items together. This potentially
+ * saves a register since things can be xored directly into L */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) { \
+ unsigned int u1,u2,u3; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0xfc; \
+ u2&=0xfc; \
+ t=ROTATE(t,4); \
+ u>>=16L; \
+ LL^= *(const DES_LONG *)(des_SP +u1); \
+ LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
+ u3=(int)(u>>8L); \
+ u1=(int)u&0xfc; \
+ u3&=0xfc; \
+ LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
+ LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
+ u2=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u2&=0xfc; \
+ t>>=16L; \
+ LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
+ LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
+ u3=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u3&=0xfc; \
+ LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
+ LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) { \
+ unsigned int u1,u2,s1,s2; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0xfc; \
+ u2&=0xfc; \
+ t=ROTATE(t,4); \
+ LL^= *(const DES_LONG *)(des_SP +u1); \
+ LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
+ s1=(int)(u>>16L); \
+ s2=(int)(u>>24L); \
+ s1&=0xfc; \
+ s2&=0xfc; \
+ LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
+ LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
+ u2=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u2&=0xfc; \
+ LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
+ LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
+ s1=(int)(t>>16L); \
+ s2=(int)(t>>24L); \
+ s1&=0xfc; \
+ s2&=0xfc; \
+ LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
+ LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
+#endif
+#else
+#define D_ENCRYPT(LL,R,S) { \
+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+ t=ROTATE(t,4); \
+ LL^= \
+ *(const DES_LONG *)(des_SP +((u )&0xfc))^ \
+ *(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
+ *(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
+ *(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
+ *(const DES_LONG *)(des_SP+0x100+((t )&0xfc))^ \
+ *(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
+ *(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
+ *(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
+#endif
+
+#else /* original version */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) {\
+ unsigned int u1,u2,u3; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u>>=2L; \
+ t=ROTATE(t,6); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u2&=0x3f; \
+ u>>=16L; \
+ LL^=DES_SPtrans[0][u1]; \
+ LL^=DES_SPtrans[2][u2]; \
+ u3=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u3&=0x3f; \
+ LL^=DES_SPtrans[4][u1]; \
+ LL^=DES_SPtrans[6][u3]; \
+ u2=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u2&=0x3f; \
+ t>>=16L; \
+ LL^=DES_SPtrans[1][u1]; \
+ LL^=DES_SPtrans[3][u2]; \
+ u3=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u3&=0x3f; \
+ LL^=DES_SPtrans[5][u1]; \
+ LL^=DES_SPtrans[7][u3]; }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) {\
+ unsigned int u1,u2,s1,s2; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u>>=2L; \
+ t=ROTATE(t,6); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u2&=0x3f; \
+ LL^=DES_SPtrans[0][u1]; \
+ LL^=DES_SPtrans[2][u2]; \
+ s1=(int)u>>16L; \
+ s2=(int)u>>24L; \
+ s1&=0x3f; \
+ s2&=0x3f; \
+ LL^=DES_SPtrans[4][s1]; \
+ LL^=DES_SPtrans[6][s2]; \
+ u2=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u2&=0x3f; \
+ LL^=DES_SPtrans[1][u1]; \
+ LL^=DES_SPtrans[3][u2]; \
+ s1=(int)t>>16; \
+ s2=(int)t>>24L; \
+ s1&=0x3f; \
+ s2&=0x3f; \
+ LL^=DES_SPtrans[5][s1]; \
+ LL^=DES_SPtrans[7][s2]; }
+#endif
+
+#else
+
+#define D_ENCRYPT(LL,R,S) {\
+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+ t=ROTATE(t,4); \
+ LL^=\
+ DES_SPtrans[0][(u>> 2L)&0x3f]^ \
+ DES_SPtrans[2][(u>>10L)&0x3f]^ \
+ DES_SPtrans[4][(u>>18L)&0x3f]^ \
+ DES_SPtrans[6][(u>>26L)&0x3f]^ \
+ DES_SPtrans[1][(t>> 2L)&0x3f]^ \
+ DES_SPtrans[3][(t>>10L)&0x3f]^ \
+ DES_SPtrans[5][(t>>18L)&0x3f]^ \
+ DES_SPtrans[7][(t>>26L)&0x3f]; }
+#endif
+#endif
+
+ /* IP and FP
+ * The problem is more of a geometric problem that random bit fiddling.
+ 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
+ 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
+ 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
+ 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
+
+ 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
+ 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
+ 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
+ 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
+
+ The output has been subject to swaps of the form
+ 0 1 -> 3 1 but the odd and even bits have been put into
+ 2 3 2 0
+ different words. The main trick is to remember that
+ t=((l>>size)^r)&(mask);
+ r^=t;
+ l^=(t<<size);
+ can be used to swap and move bits between words.
+
+ So l = 0 1 2 3 r = 16 17 18 19
+ 4 5 6 7 20 21 22 23
+ 8 9 10 11 24 25 26 27
+ 12 13 14 15 28 29 30 31
+ becomes (for size == 2 and mask == 0x3333)
+ t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
+ 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
+ 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
+ 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
+
+ Thanks for hints from Richard Outerbridge - he told me IP&FP
+ could be done in 15 xor, 10 shifts and 5 ands.
+ When I finally started to think of the problem in 2D
+ I first got ~42 operations without xors. When I remembered
+ how to use xors :-) I got it to its final state.
+ */
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ (b)^=(t),\
+ (a)^=((t)<<(n)))
+
+#define IP(l,r) \
+ { \
+ DES_LONG tt; \
+ PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
+ PERM_OP(l,r,tt,16,0x0000ffffL); \
+ PERM_OP(r,l,tt, 2,0x33333333L); \
+ PERM_OP(l,r,tt, 8,0x00ff00ffL); \
+ PERM_OP(r,l,tt, 1,0x55555555L); \
+ }
+
+#define FP(l,r) \
+ { \
+ DES_LONG tt; \
+ PERM_OP(l,r,tt, 1,0x55555555L); \
+ PERM_OP(r,l,tt, 8,0x00ff00ffL); \
+ PERM_OP(l,r,tt, 2,0x33333333L); \
+ PERM_OP(r,l,tt,16,0x0000ffffL); \
+ PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
+ }
+
+extern const DES_LONG DES_SPtrans[8][64];
+
+void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
+ DES_LONG Eswap0, DES_LONG Eswap1);
+
+#ifdef OPENSSL_SMALL_FOOTPRINT
+#undef DES_UNROLL
+#endif
+
+__END_HIDDEN_DECLS
+
+#endif
+++ /dev/null
-/* $OpenBSD: des_locl.h,v 1.19 2016/12/21 15:49:29 jsing Exp $ */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DES_LOCL_H
-#define HEADER_DES_LOCL_H
-
-#include <math.h>
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/des.h>
-
-__BEGIN_HIDDEN_DECLS
-
-#define ITERATIONS 16
-#define HALF_ITERATIONS 8
-
-/* used in des_read and des_write */
-#define MAXWRITE (1024*16)
-#define BSIZE (MAXWRITE+4)
-
-#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
- l|=((DES_LONG)(*((c)++)))<< 8L, \
- l|=((DES_LONG)(*((c)++)))<<16L, \
- l|=((DES_LONG)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#define c2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
- case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
- case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
- case 5: l2|=((DES_LONG)(*(--(c)))); \
- case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
- case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
- case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
- case 1: l1|=((DES_LONG)(*(--(c)))); \
- } \
- }
-
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* replacements for htonl and ntohl since I have no idea what to do
- * when faced with machines with 8 byte longs. */
-#define HDRSIZE 4
-
-#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
- l|=((DES_LONG)(*((c)++)))<<16L, \
- l|=((DES_LONG)(*((c)++)))<< 8L, \
- l|=((DES_LONG)(*((c)++))))
-
-#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-static inline uint32_t ROTATE(uint32_t a, uint32_t n)
-{
- return (a>>n)+(a<<(32-n));
-}
-
-/* Don't worry about the LOAD_DATA() stuff, that is used by
- * fcrypt() to add it's little bit to the front */
-
-#ifdef DES_FCRYPT
-
-#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
- { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
-
-#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
- t=R^(R>>16L); \
- u=t&E0; t&=E1; \
- tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
- tmp=(t<<16); t^=R^s[S+1]; t^=tmp
-#else
-#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
-#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
- u=R^s[S ]; \
- t=R^s[S+1]
-#endif
-
-/* The changes to this macro may help or hinder, depending on the
- * compiler and the architecture. gcc2 always seems to do well :-).
- * Inspired by Dana How <how@isl.stanford.edu>
- * DO NOT use the alternative version on machines with 8 byte longs.
- * It does not seem to work on the Alpha, even when DES_LONG is 4
- * bytes, probably an issue of accessing non-word aligned objects :-( */
-#ifdef DES_PTR
-
-/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
- * is no reason to not xor all the sub items together. This potentially
- * saves a register since things can be xored directly into L */
-
-#if defined(DES_RISC1) || defined(DES_RISC2)
-#ifdef DES_RISC1
-#define D_ENCRYPT(LL,R,S) { \
- unsigned int u1,u2,u3; \
- LOAD_DATA(R,S,u,t,E0,E1,u1); \
- u2=(int)u>>8L; \
- u1=(int)u&0xfc; \
- u2&=0xfc; \
- t=ROTATE(t,4); \
- u>>=16L; \
- LL^= *(const DES_LONG *)(des_SP +u1); \
- LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
- u3=(int)(u>>8L); \
- u1=(int)u&0xfc; \
- u3&=0xfc; \
- LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
- LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
- u2=(int)t>>8L; \
- u1=(int)t&0xfc; \
- u2&=0xfc; \
- t>>=16L; \
- LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
- LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
- u3=(int)t>>8L; \
- u1=(int)t&0xfc; \
- u3&=0xfc; \
- LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
- LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
-#endif
-#ifdef DES_RISC2
-#define D_ENCRYPT(LL,R,S) { \
- unsigned int u1,u2,s1,s2; \
- LOAD_DATA(R,S,u,t,E0,E1,u1); \
- u2=(int)u>>8L; \
- u1=(int)u&0xfc; \
- u2&=0xfc; \
- t=ROTATE(t,4); \
- LL^= *(const DES_LONG *)(des_SP +u1); \
- LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
- s1=(int)(u>>16L); \
- s2=(int)(u>>24L); \
- s1&=0xfc; \
- s2&=0xfc; \
- LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
- LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
- u2=(int)t>>8L; \
- u1=(int)t&0xfc; \
- u2&=0xfc; \
- LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
- LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
- s1=(int)(t>>16L); \
- s2=(int)(t>>24L); \
- s1&=0xfc; \
- s2&=0xfc; \
- LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
- LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
-#endif
-#else
-#define D_ENCRYPT(LL,R,S) { \
- LOAD_DATA_tmp(R,S,u,t,E0,E1); \
- t=ROTATE(t,4); \
- LL^= \
- *(const DES_LONG *)(des_SP +((u )&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x100+((t )&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
- *(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
-#endif
-
-#else /* original version */
-
-#if defined(DES_RISC1) || defined(DES_RISC2)
-#ifdef DES_RISC1
-#define D_ENCRYPT(LL,R,S) {\
- unsigned int u1,u2,u3; \
- LOAD_DATA(R,S,u,t,E0,E1,u1); \
- u>>=2L; \
- t=ROTATE(t,6); \
- u2=(int)u>>8L; \
- u1=(int)u&0x3f; \
- u2&=0x3f; \
- u>>=16L; \
- LL^=DES_SPtrans[0][u1]; \
- LL^=DES_SPtrans[2][u2]; \
- u3=(int)u>>8L; \
- u1=(int)u&0x3f; \
- u3&=0x3f; \
- LL^=DES_SPtrans[4][u1]; \
- LL^=DES_SPtrans[6][u3]; \
- u2=(int)t>>8L; \
- u1=(int)t&0x3f; \
- u2&=0x3f; \
- t>>=16L; \
- LL^=DES_SPtrans[1][u1]; \
- LL^=DES_SPtrans[3][u2]; \
- u3=(int)t>>8L; \
- u1=(int)t&0x3f; \
- u3&=0x3f; \
- LL^=DES_SPtrans[5][u1]; \
- LL^=DES_SPtrans[7][u3]; }
-#endif
-#ifdef DES_RISC2
-#define D_ENCRYPT(LL,R,S) {\
- unsigned int u1,u2,s1,s2; \
- LOAD_DATA(R,S,u,t,E0,E1,u1); \
- u>>=2L; \
- t=ROTATE(t,6); \
- u2=(int)u>>8L; \
- u1=(int)u&0x3f; \
- u2&=0x3f; \
- LL^=DES_SPtrans[0][u1]; \
- LL^=DES_SPtrans[2][u2]; \
- s1=(int)u>>16L; \
- s2=(int)u>>24L; \
- s1&=0x3f; \
- s2&=0x3f; \
- LL^=DES_SPtrans[4][s1]; \
- LL^=DES_SPtrans[6][s2]; \
- u2=(int)t>>8L; \
- u1=(int)t&0x3f; \
- u2&=0x3f; \
- LL^=DES_SPtrans[1][u1]; \
- LL^=DES_SPtrans[3][u2]; \
- s1=(int)t>>16; \
- s2=(int)t>>24L; \
- s1&=0x3f; \
- s2&=0x3f; \
- LL^=DES_SPtrans[5][s1]; \
- LL^=DES_SPtrans[7][s2]; }
-#endif
-
-#else
-
-#define D_ENCRYPT(LL,R,S) {\
- LOAD_DATA_tmp(R,S,u,t,E0,E1); \
- t=ROTATE(t,4); \
- LL^=\
- DES_SPtrans[0][(u>> 2L)&0x3f]^ \
- DES_SPtrans[2][(u>>10L)&0x3f]^ \
- DES_SPtrans[4][(u>>18L)&0x3f]^ \
- DES_SPtrans[6][(u>>26L)&0x3f]^ \
- DES_SPtrans[1][(t>> 2L)&0x3f]^ \
- DES_SPtrans[3][(t>>10L)&0x3f]^ \
- DES_SPtrans[5][(t>>18L)&0x3f]^ \
- DES_SPtrans[7][(t>>26L)&0x3f]; }
-#endif
-#endif
-
- /* IP and FP
- * The problem is more of a geometric problem that random bit fiddling.
- 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
- 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
- 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
- 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
-
- 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
- 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
- 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
- 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
-
- The output has been subject to swaps of the form
- 0 1 -> 3 1 but the odd and even bits have been put into
- 2 3 2 0
- different words. The main trick is to remember that
- t=((l>>size)^r)&(mask);
- r^=t;
- l^=(t<<size);
- can be used to swap and move bits between words.
-
- So l = 0 1 2 3 r = 16 17 18 19
- 4 5 6 7 20 21 22 23
- 8 9 10 11 24 25 26 27
- 12 13 14 15 28 29 30 31
- becomes (for size == 2 and mask == 0x3333)
- t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
- 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
- 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
- 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
-
- Thanks for hints from Richard Outerbridge - he told me IP&FP
- could be done in 15 xor, 10 shifts and 5 ands.
- When I finally started to think of the problem in 2D
- I first got ~42 operations without xors. When I remembered
- how to use xors :-) I got it to its final state.
- */
-#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
- (b)^=(t),\
- (a)^=((t)<<(n)))
-
-#define IP(l,r) \
- { \
- DES_LONG tt; \
- PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
- PERM_OP(l,r,tt,16,0x0000ffffL); \
- PERM_OP(r,l,tt, 2,0x33333333L); \
- PERM_OP(l,r,tt, 8,0x00ff00ffL); \
- PERM_OP(r,l,tt, 1,0x55555555L); \
- }
-
-#define FP(l,r) \
- { \
- DES_LONG tt; \
- PERM_OP(l,r,tt, 1,0x55555555L); \
- PERM_OP(r,l,tt, 8,0x00ff00ffL); \
- PERM_OP(l,r,tt, 2,0x33333333L); \
- PERM_OP(r,l,tt,16,0x0000ffffL); \
- PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
- }
-
-extern const DES_LONG DES_SPtrans[8][64];
-
-void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
- DES_LONG Eswap0, DES_LONG Eswap1);
-
-#ifdef OPENSSL_SMALL_FOOTPRINT
-#undef DES_UNROLL
-#endif
-
-__END_HIDDEN_DECLS
-
-#endif
-/* $OpenBSD: ecb3_enc.c,v 1.7 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: ecb3_enc.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
DES_key_schedule *ks1, DES_key_schedule *ks2,
-/* $OpenBSD: ecb_enc.c,v 1.16 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: ecb_enc.c,v 1.17 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
#include <openssl/opensslv.h>
#include <openssl/bio.h>
-/* $OpenBSD: ede_cbcm_enc.c,v 1.6 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: ede_cbcm_enc.c,v 1.7 2022/11/26 16:08:51 tb Exp $ */
/* Written by Ben Laurie <ben@algroup.co.uk> for the OpenSSL
* project 13 Feb 1999.
*/
#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_DESCBCM is defined */
#ifndef OPENSSL_NO_DESCBCM
-#include "des_locl.h"
+#include "des_local.h"
void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
-/* $OpenBSD: enc_read.c,v 1.15 2015/02/12 03:54:07 jsing Exp $ */
+/* $OpenBSD: enc_read.c,v 1.16 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/opensslconf.h>
-#include "des_locl.h"
+#include "des_local.h"
/* This has some uglies in it but it works - even over sockets. */
/*extern int errno;*/
-/* $OpenBSD: enc_writ.c,v 1.14 2015/02/12 03:54:07 jsing Exp $ */
+/* $OpenBSD: enc_writ.c,v 1.15 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/opensslconf.h>
-#include "des_locl.h"
+#include "des_local.h"
/*
* WARNINGS:
-/* $OpenBSD: fcrypt.c,v 1.12 2016/12/26 21:30:10 jca Exp $ */
+/* $OpenBSD: fcrypt.c,v 1.13 2022/11/26 16:08:51 tb Exp $ */
#include <stdio.h>
* defined 24.
*/
-#include "des_locl.h"
+#include "des_local.h"
/* Added more values to handle illegal salt values the way normal
* crypt() implementations do. The patch was sent by
-/* $OpenBSD: fcrypt_b.c,v 1.9 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: fcrypt_b.c,v 1.10 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#define DES_FCRYPT
-#include "des_locl.h"
+#include "des_local.h"
#undef DES_FCRYPT
#ifndef OPENBSD_DES_ASM
-/* $OpenBSD: ncbc_enc.c,v 1.7 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: ncbc_enc.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/*
* #included by:
* cbc_enc.c (DES_cbc_encrypt)
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
#ifdef CBC_ENC_C__DONT_UPDATE_IV
void DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-/* $OpenBSD: ofb64ede.c,v 1.6 2015/02/07 13:19:15 doug Exp $ */
+/* $OpenBSD: ofb64ede.c,v 1.7 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
/* The input and output encrypted as though 64bit ofb mode is being
* used. The extra state information to record how much of the
-/* $OpenBSD: ofb64enc.c,v 1.6 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: ofb64enc.c,v 1.7 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
/* The input and output encrypted as though 64bit ofb mode is being
* used. The extra state information to record how much of the
-/* $OpenBSD: ofb_enc.c,v 1.6 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: ofb_enc.c,v 1.7 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
/* The input and output are loaded in multiples of 8 bits.
* What this means is that if you hame numbits=12 and length=2
-/* $OpenBSD: pcbc_enc.c,v 1.6 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: pcbc_enc.c,v 1.7 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
long length, DES_key_schedule *schedule,
-/* $OpenBSD: qud_cksm.c,v 1.7 2014/06/12 15:49:28 deraadt Exp $ */
+/* $OpenBSD: qud_cksm.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This module in only based on the code in this paper and is
* almost definitely not the same as the MIT implementation.
*/
-#include "des_locl.h"
+#include "des_local.h"
/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
#define Q_B0(a) (((DES_LONG)(a)))
-/* $OpenBSD: set_key.c,v 1.20 2017/02/09 03:43:05 dtucker Exp $ */
+/* $OpenBSD: set_key.c,v 1.21 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* 1.0 First working version
*/
#include <openssl/crypto.h>
-#include "des_locl.h"
+#include "des_local.h"
int DES_check_key = 0; /* defaults to false */
-/* $OpenBSD: str2key.c,v 1.10 2015/09/10 15:56:25 jsing Exp $ */
+/* $OpenBSD: str2key.c,v 1.11 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/crypto.h>
-#include "des_locl.h"
+#include "des_local.h"
void DES_string_to_key(const char *str, DES_cblock *key)
{
-/* $OpenBSD: xcbc_enc.c,v 1.9 2015/02/07 13:19:15 doug Exp $ */
+/* $OpenBSD: xcbc_enc.c,v 1.10 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "des_locl.h"
+#include "des_local.h"
/* RSA's DESX */
-/* $OpenBSD: dh_ameth.c,v 1.24 2022/06/27 12:36:05 tb Exp $ */
+/* $OpenBSD: dh_ameth.c,v 1.25 2022/11/26 16:08:51 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/err.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#include "dh_local.h"
-#include "evp_locl.h"
+#include "evp_local.h"
static void
int_dh_free(EVP_PKEY *pkey)
-/* $OpenBSD: dh_check.c,v 1.25 2022/07/13 18:38:20 tb Exp $ */
+/* $OpenBSD: dh_check.c,v 1.26 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/dh.h>
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#include "dh_local.h"
#define DH_NUMBER_ITERATIONS_FOR_PRIME 64
-/* $OpenBSD: dh_depr.c,v 1.7 2021/12/04 16:08:32 tb Exp $ */
+/* $OpenBSD: dh_depr.c,v 1.8 2022/11/26 16:08:51 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
#include <openssl/bn.h>
#include <openssl/dh.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#ifndef OPENSSL_NO_DEPRECATED
DH *
-/* $OpenBSD: dh_key.c,v 1.37 2022/01/07 09:27:13 tb Exp $ */
+/* $OpenBSD: dh_key.c,v 1.38 2022/11/26 16:08:51 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/dh.h>
#include <openssl/err.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#include "dh_local.h"
static int generate_key(DH *dh);
-/* $OpenBSD: dh_pmeth.c,v 1.12 2022/01/07 09:27:13 tb Exp $ */
+/* $OpenBSD: dh_pmeth.c,v 1.13 2022/11/26 16:08:51 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/evp.h>
#include <openssl/x509.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#include "dh_local.h"
-#include "evp_locl.h"
+#include "evp_local.h"
/* DH pkey context structure */
-/* $OpenBSD: dsa_ameth.c,v 1.37 2022/06/27 12:36:05 tb Exp $ */
+/* $OpenBSD: dsa_ameth.c,v 1.38 2022/11/26 16:08:52 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/err.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
-#include "bn_lcl.h"
-#include "dsa_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "bn_local.h"
+#include "dsa_local.h"
+#include "evp_local.h"
static int
dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
-/* $OpenBSD: dsa_asn1.c,v 1.27 2022/11/19 11:48:24 tb Exp $ */
+/* $OpenBSD: dsa_asn1.c,v 1.28 2022/11/26 16:08:52 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <openssl/dsa.h>
#include <openssl/err.h>
-#include "dsa_locl.h"
+#include "dsa_local.h"
/* Override the default new methods */
static int
-/* $OpenBSD: dsa_depr.c,v 1.9 2022/11/19 06:33:00 tb Exp $ */
+/* $OpenBSD: dsa_depr.c,v 1.10 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
#include <openssl/evp.h>
#include <openssl/sha.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#ifndef OPENSSL_NO_DEPRECATED
DSA *
-/* $OpenBSD: dsa_gen.c,v 1.25 2022/11/19 06:33:00 tb Exp $ */
+/* $OpenBSD: dsa_gen.c,v 1.26 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include <openssl/sha.h>
-#include "bn_lcl.h"
-#include "dsa_locl.h"
+#include "bn_local.h"
+#include "dsa_local.h"
int
DSA_generate_parameters_ex(DSA *ret, int bits, const unsigned char *seed_in,
-/* $OpenBSD: dsa_key.c,v 1.31 2022/11/19 06:33:00 tb Exp $ */
+/* $OpenBSD: dsa_key.c,v 1.32 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/bn.h>
#include <openssl/dsa.h>
-#include "bn_lcl.h"
-#include "dsa_locl.h"
+#include "bn_local.h"
+#include "dsa_local.h"
static int dsa_builtin_keygen(DSA *dsa);
-/* $OpenBSD: dsa_lib.c,v 1.38 2022/11/19 06:33:00 tb Exp $ */
+/* $OpenBSD: dsa_lib.c,v 1.39 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#endif
#include "dh_local.h"
-#include "dsa_locl.h"
+#include "dsa_local.h"
static const DSA_METHOD *default_DSA_method = NULL;
--- /dev/null
+/* $OpenBSD: dsa_local.h,v 1.1 2022/11/26 16:08:52 tb Exp $ */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/dsa.h>
+
+__BEGIN_HIDDEN_DECLS
+
+struct DSA_SIG_st {
+ BIGNUM *r;
+ BIGNUM *s;
+} /* DSA_SIG */;
+
+struct dsa_method {
+ char *name;
+ DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
+ int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp);
+ int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
+ DSA_SIG *sig, DSA *dsa);
+ int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
+ BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *in_mont);
+ int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */
+ int (*init)(DSA *dsa);
+ int (*finish)(DSA *dsa);
+ int flags;
+ char *app_data;
+ /* If this is non-NULL, it is used to generate DSA parameters */
+ int (*dsa_paramgen)(DSA *dsa, int bits, const unsigned char *seed,
+ int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+ /* If this is non-NULL, it is used to generate DSA keys */
+ int (*dsa_keygen)(DSA *dsa);
+} /* DSA_METHOD */;
+
+struct dsa_st {
+ /* This first variable is used to pick up errors where
+ * a DSA is passed instead of of a EVP_PKEY */
+ int pad;
+ long version;
+ BIGNUM *p;
+ BIGNUM *q; /* == 20 */
+ BIGNUM *g;
+
+ BIGNUM *pub_key; /* y public key */
+ BIGNUM *priv_key; /* x private key */
+
+ BIGNUM *kinv; /* Signing pre-calc */
+ BIGNUM *r; /* Signing pre-calc */
+
+ int flags;
+ /* Normally used to cache montgomery values */
+ BN_MONT_CTX *method_mont_p;
+ int references;
+ CRYPTO_EX_DATA ex_data;
+ const DSA_METHOD *meth;
+ /* functional reference if 'meth' is ENGINE-provided */
+ ENGINE *engine;
+} /* DSA */;
+
+int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
+ const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
+ unsigned char *seed_out,
+ int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+
+__END_HIDDEN_DECLS
+++ /dev/null
-/* $OpenBSD: dsa_locl.h,v 1.6 2022/07/04 12:22:32 tb Exp $ */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/dsa.h>
-
-__BEGIN_HIDDEN_DECLS
-
-struct DSA_SIG_st {
- BIGNUM *r;
- BIGNUM *s;
-} /* DSA_SIG */;
-
-struct dsa_method {
- char *name;
- DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
- int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
- BIGNUM **rp);
- int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
- int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
- BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont);
- int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */
- int (*init)(DSA *dsa);
- int (*finish)(DSA *dsa);
- int flags;
- char *app_data;
- /* If this is non-NULL, it is used to generate DSA parameters */
- int (*dsa_paramgen)(DSA *dsa, int bits, const unsigned char *seed,
- int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
- /* If this is non-NULL, it is used to generate DSA keys */
- int (*dsa_keygen)(DSA *dsa);
-} /* DSA_METHOD */;
-
-struct dsa_st {
- /* This first variable is used to pick up errors where
- * a DSA is passed instead of of a EVP_PKEY */
- int pad;
- long version;
- BIGNUM *p;
- BIGNUM *q; /* == 20 */
- BIGNUM *g;
-
- BIGNUM *pub_key; /* y public key */
- BIGNUM *priv_key; /* x private key */
-
- BIGNUM *kinv; /* Signing pre-calc */
- BIGNUM *r; /* Signing pre-calc */
-
- int flags;
- /* Normally used to cache montgomery values */
- BN_MONT_CTX *method_mont_p;
- int references;
- CRYPTO_EX_DATA ex_data;
- const DSA_METHOD *meth;
- /* functional reference if 'meth' is ENGINE-provided */
- ENGINE *engine;
-} /* DSA */;
-
-int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
- const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
- unsigned char *seed_out,
- int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
-
-__END_HIDDEN_DECLS
-/* $OpenBSD: dsa_meth.c,v 1.5 2022/07/11 05:33:14 bcook Exp $ */
+/* $OpenBSD: dsa_meth.c,v 1.6 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
*
#include <openssl/dsa.h>
#include <openssl/err.h>
-#include "dsa_locl.h"
+#include "dsa_local.h"
DSA_METHOD *
DSA_meth_new(const char *name, int flags)
-/* $OpenBSD: dsa_ossl.c,v 1.45 2022/11/19 06:33:00 tb Exp $ */
+/* $OpenBSD: dsa_ossl.c,v 1.46 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
#include <openssl/sha.h>
-#include "bn_lcl.h"
-#include "dsa_locl.h"
+#include "bn_local.h"
+#include "dsa_local.h"
static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-/* $OpenBSD: dsa_pmeth.c,v 1.15 2022/11/19 11:53:38 tb Exp $ */
+/* $OpenBSD: dsa_pmeth.c,v 1.16 2022/11/26 16:08:52 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/evp.h>
#include <openssl/x509.h>
-#include "bn_lcl.h"
-#include "dsa_locl.h"
-#include "evp_locl.h"
+#include "bn_local.h"
+#include "dsa_local.h"
+#include "evp_local.h"
/* DSA pkey context structure */
-/* $OpenBSD: dsa_sign.c,v 1.22 2022/11/19 06:33:00 tb Exp $ */
+/* $OpenBSD: dsa_sign.c,v 1.23 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/bn.h>
#include <openssl/dsa.h>
-#include "dsa_locl.h"
+#include "dsa_local.h"
DSA_SIG *
DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-/* $OpenBSD: dsa_vrf.c,v 1.18 2022/11/19 06:33:00 tb Exp $ */
+/* $OpenBSD: dsa_vrf.c,v 1.19 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/dsa.h>
-#include "dsa_locl.h"
+#include "dsa_local.h"
int
DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa)
-/* $OpenBSD: ec2_mult.c,v 1.14 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ec2_mult.c,v 1.15 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
#include <openssl/err.h>
-#include "bn_lcl.h"
-#include "ec_lcl.h"
+#include "bn_local.h"
+#include "ec_local.h"
#ifndef OPENSSL_NO_EC2M
-/* $OpenBSD: ec2_oct.c,v 1.18 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ec2_oct.c,v 1.19 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#ifndef OPENSSL_NO_EC2M
-/* $OpenBSD: ec2_smpl.c,v 1.27 2022/11/24 01:30:01 jsing Exp $ */
+/* $OpenBSD: ec2_smpl.c,v 1.28 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#ifndef OPENSSL_NO_EC2M
-/* $OpenBSD: ec_ameth.c,v 1.35 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ec_ameth.c,v 1.36 2022/11/26 16:08:52 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/err.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
-#include "ec_lcl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "ec_local.h"
+#include "evp_local.h"
#ifndef OPENSSL_NO_CMS
static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
-/* $OpenBSD: ec_asn1.c,v 1.39 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ec_asn1.c,v 1.40 2022/11/26 16:08:52 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project.
*/
#include <openssl/asn1t.h>
#include <openssl/objects.h>
-#include "asn1_locl.h"
-#include "ec_lcl.h"
+#include "asn1_local.h"
+#include "ec_local.h"
int
EC_GROUP_get_basis_type(const EC_GROUP *group)
-/* $OpenBSD: ec_check.c,v 1.11 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ec_check.c,v 1.12 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
*
*/
-#include "ec_lcl.h"
+#include "ec_local.h"
#include <openssl/err.h>
int
-/* $OpenBSD: ec_curve.c,v 1.24 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ec_curve.c,v 1.25 2022/11/26 16:08:52 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project.
*/
#include <openssl/err.h>
#include <openssl/objects.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
typedef struct {
int field_type, /* either NID_X9_62_prime_field or
-/* $OpenBSD: ec_cvt.c,v 1.7 2021/04/20 17:04:13 tb Exp $ */
+/* $OpenBSD: ec_cvt.c,v 1.8 2022/11/26 16:08:52 tb Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
#include <openssl/opensslconf.h>
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
EC_GROUP *
EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b,
-/* $OpenBSD: ec_key.c,v 1.28 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ec_key.c,v 1.29 2022/11/26 16:08:52 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project.
*/
#endif
#include <openssl/err.h>
-#include "bn_lcl.h"
-#include "ec_lcl.h"
+#include "bn_local.h"
+#include "ec_local.h"
EC_KEY *
EC_KEY_new(void)
-/* $OpenBSD: ec_kmeth.c,v 1.6 2021/12/04 16:08:32 tb Exp $ */
+/* $OpenBSD: ec_kmeth.c,v 1.7 2022/11/26 16:08:52 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
#endif
#include <openssl/err.h>
-#include "bn_lcl.h"
-#include "ec_lcl.h"
-#include "ecs_locl.h"
+#include "bn_local.h"
+#include "ec_local.h"
+#include "ecs_local.h"
static const EC_KEY_METHOD openssl_ec_key_method = {
.name = "OpenSSL EC_KEY method",
+++ /dev/null
-/* $OpenBSD: ec_lcl.h,v 1.23 2022/11/24 16:29:09 tb Exp $ */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#include <stdlib.h>
-
-#include <openssl/bn.h>
-#include <openssl/ec.h>
-#include <openssl/ecdsa.h>
-#include <openssl/objects.h>
-
-#include "bn_lcl.h"
-
-__BEGIN_HIDDEN_DECLS
-
-#if defined(__SUNPRO_C)
-# if __SUNPRO_C >= 0x520
-# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
-# endif
-#endif
-
-/* Use default functions for poin2oct, oct2point and compressed coordinates */
-#define EC_FLAGS_DEFAULT_OCT 0x1
-
-struct ec_method_st {
-
- /*
- * Methods and members exposed directly by the public API.
- */
-
- int flags;
-
- int field_type;
-
- int (*group_init)(EC_GROUP *);
- void (*group_finish)(EC_GROUP *);
- void (*group_clear_finish)(EC_GROUP *);
- int (*group_copy)(EC_GROUP *, const EC_GROUP *);
-
- int (*group_set_curve)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
- const BIGNUM *b, BN_CTX *);
- int (*group_get_curve)(const EC_GROUP *, BIGNUM *p, BIGNUM *a,
- BIGNUM *b, BN_CTX *);
-
- int (*group_get_degree)(const EC_GROUP *);
- int (*group_order_bits)(const EC_GROUP *);
- int (*group_check_discriminant)(const EC_GROUP *, BN_CTX *);
-
- int (*point_init)(EC_POINT *);
- void (*point_finish)(EC_POINT *);
- void (*point_clear_finish)(EC_POINT *);
- int (*point_copy)(EC_POINT *, const EC_POINT *);
-
- int (*point_set_to_infinity)(const EC_GROUP *, EC_POINT *);
- int (*point_set_Jprojective_coordinates)(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
- int (*point_get_Jprojective_coordinates)(const EC_GROUP *,
- const EC_POINT *, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
- int (*point_set_affine_coordinates)(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, const BIGNUM *y, BN_CTX *);
- int (*point_get_affine_coordinates)(const EC_GROUP *, const EC_POINT *,
- BIGNUM *x, BIGNUM *y, BN_CTX *);
- int (*point_set_compressed_coordinates)(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, int y_bit, BN_CTX *);
-
- size_t (*point2oct)(const EC_GROUP *, const EC_POINT *,
- point_conversion_form_t form, unsigned char *buf, size_t len,
- BN_CTX *);
- int (*oct2point)(const EC_GROUP *, EC_POINT *, const unsigned char *buf,
- size_t len, BN_CTX *);
-
- int (*add)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
- const EC_POINT *b, BN_CTX *);
- int (*dbl)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
- int (*invert)(const EC_GROUP *, EC_POINT *, BN_CTX *);
-
- int (*is_at_infinity)(const EC_GROUP *, const EC_POINT *);
- int (*is_on_curve)(const EC_GROUP *, const EC_POINT *, BN_CTX *);
- int (*point_cmp)(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b,
- BN_CTX *);
-
- int (*make_affine)(const EC_GROUP *, EC_POINT *, BN_CTX *);
- int (*points_make_affine)(const EC_GROUP *, size_t num, EC_POINT *[],
- BN_CTX *);
-
- int (*mul_generator_ct)(const EC_GROUP *, EC_POINT *r,
- const BIGNUM *scalar, BN_CTX *);
- int (*mul_single_ct)(const EC_GROUP *group, EC_POINT *r,
- const BIGNUM *scalar, const EC_POINT *point, BN_CTX *);
- int (*mul_double_nonct)(const EC_GROUP *group, EC_POINT *r,
- const BIGNUM *g_scalar, const BIGNUM *p_scalar,
- const EC_POINT *point, BN_CTX *);
- int (*precompute_mult)(EC_GROUP *group, BN_CTX *);
- int (*have_precompute_mult)(const EC_GROUP *group);
-
- /*
- * Internal methods.
- */
-
- /*
- * These can be used by 'add' and 'dbl' so that the same implementations
- * of point operations can be used with different optimized versions of
- * expensive field operations.
- */
- int (*field_mul)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *b, BN_CTX *);
- int (*field_sqr)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
- BN_CTX *);
- int (*field_div)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *b, BN_CTX *);
-
- /* Encode to and decode from other forms (e.g. Montgomery). */
- int (*field_encode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
- BN_CTX *);
- int (*field_decode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
- BN_CTX *);
-
- int (*field_set_to_one)(const EC_GROUP *, BIGNUM *r, BN_CTX *);
- int (*blind_coordinates)(const EC_GROUP *group, EC_POINT *p,
- BN_CTX *ctx);
-} /* EC_METHOD */;
-
-typedef struct ec_extra_data_st {
- struct ec_extra_data_st *next;
- void *data;
- void *(*dup_func)(void *);
- void (*free_func)(void *);
- void (*clear_free_func)(void *);
-} EC_EXTRA_DATA; /* used in EC_GROUP */
-
-struct ec_group_st {
- /*
- * Methods and members exposed via the public API.
- */
-
- const EC_METHOD *meth;
-
- EC_POINT *generator; /* Optional */
- BIGNUM order;
- BIGNUM cofactor;
-
- int curve_name; /* Optional NID for named curve. */
-
- /* ASN.1 encoding controls. */
- int asn1_flag;
- point_conversion_form_t asn1_form;
-
- /* Optional seed for parameters (appears in ASN.1). */
- unsigned char *seed;
- size_t seed_len;
-
- /*
- * Internal methods and members. Handled by the method functions, even
- * if they appear to be generic.
- */
-
- EC_EXTRA_DATA *extra_data;
-
- /*
- * Field specification. For GF(p) this is the modulus; for GF(2^m),
- * this is the irreducible polynomial defining the field.
- */
- BIGNUM field;
-
- /*
- * Field specification for GF(2^m). The irreducible polynomial is
- * f(t) = t^poly[0] + t^poly[1] + ... + t^poly[k],
- * where
- * m = poly[0] > poly[1] > ... > poly[k] = 0,
- * and the array is terminated with poly[k+1] = -1. All elliptic curve
- * irreducibles have at most 5 non-zero terms.
- */
- int poly[6];
-
- /*
- * Curve coefficients. In characteristic > 3, the curve is defined by a
- * Weierstrass equation of the form
- * y^2 = x^3 + a*x + b.
- * For characteristic 2, the curve is defined by an equation of the form
- * y^2 + x*y = x^3 + a*x^2 + b.
- */
- BIGNUM a, b;
-
- /* Enables optimized point arithmetics for special case. */
- int a_is_minus3;
-
- void *field_data1;
- void *field_data2;
- int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *,
- BN_CTX *);
-} /* EC_GROUP */;
-
-struct ec_key_st {
- const EC_KEY_METHOD *meth;
- ENGINE *engine;
-
- int version;
-
- EC_GROUP *group;
-
- EC_POINT *pub_key;
- BIGNUM *priv_key;
-
- unsigned int enc_flag;
- point_conversion_form_t conv_form;
-
- int references;
- int flags;
-
- EC_EXTRA_DATA *method_data;
- CRYPTO_EX_DATA ex_data;
-} /* EC_KEY */;
-
-/* Basically a 'mixin' for extra data, but available for EC_GROUPs/EC_KEYs only
- * (with visibility limited to 'package' level for now).
- * We use the function pointers as index for retrieval; this obviates
- * global ex_data-style index tables.
- */
-int EC_EX_DATA_set_data(EC_EXTRA_DATA **, void *data,
- void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *,
- void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void EC_EX_DATA_free_data(EC_EXTRA_DATA **,
- void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **,
- void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **);
-void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **);
-
-int ec_group_simple_order_bits(const EC_GROUP *group);
-
-struct ec_point_st {
- const EC_METHOD *meth;
-
- /*
- * All members except 'meth' are handled by the method functions,
- * even if they appear generic.
- */
-
- /*
- * Jacobian projective coordinates: (X, Y, Z) represents (X/Z^2, Y/Z^3)
- * if Z != 0
- */
- BIGNUM X;
- BIGNUM Y;
- BIGNUM Z;
- int Z_is_one; /* enable optimized point arithmetics for special case */
-} /* EC_POINT */;
-
-/* method functions in ec_mult.c
- * (ec_lib.c uses these as defaults if group->method->mul is 0) */
-int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
- size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *);
-int ec_wNAF_have_precompute_mult(const EC_GROUP *group);
-
-
-/* method functions in ecp_smpl.c */
-int ec_GFp_simple_group_init(EC_GROUP *);
-void ec_GFp_simple_group_finish(EC_GROUP *);
-void ec_GFp_simple_group_clear_finish(EC_GROUP *);
-int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GFp_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_group_get_degree(const EC_GROUP *);
-int ec_GFp_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
-int ec_GFp_simple_point_init(EC_POINT *);
-void ec_GFp_simple_point_finish(EC_POINT *);
-void ec_GFp_simple_point_clear_finish(EC_POINT *);
-int ec_GFp_simple_point_copy(EC_POINT *, const EC_POINT *);
-int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
-int ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
-int ec_GFp_simple_get_Jprojective_coordinates(const EC_GROUP *,
- const EC_POINT *, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
-int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *, const EC_POINT *,
- BIGNUM *x, BIGNUM *y, BN_CTX *);
-int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, int y_bit, BN_CTX *);
-size_t ec_GFp_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
- unsigned char *buf, size_t len, BN_CTX *);
-int ec_GFp_simple_oct2point(const EC_GROUP *, EC_POINT *,
- const unsigned char *buf, size_t len, BN_CTX *);
-int ec_GFp_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int ec_GFp_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-int ec_GFp_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GFp_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
-int ec_GFp_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-int ec_GFp_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int ec_GFp_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GFp_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
-int ec_GFp_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GFp_simple_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx);
-int ec_GFp_simple_mul_generator_ct(const EC_GROUP *, EC_POINT *r, const BIGNUM *scalar, BN_CTX *);
-int ec_GFp_simple_mul_single_ct(const EC_GROUP *, EC_POINT *r, const BIGNUM *scalar,
- const EC_POINT *point, BN_CTX *);
-int ec_GFp_simple_mul_double_nonct(const EC_GROUP *, EC_POINT *r, const BIGNUM *g_scalar,
- const BIGNUM *p_scalar, const EC_POINT *point, BN_CTX *);
-
-
-/* method functions in ecp_mont.c */
-int ec_GFp_mont_group_init(EC_GROUP *);
-int ec_GFp_mont_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-void ec_GFp_mont_group_finish(EC_GROUP *);
-void ec_GFp_mont_group_clear_finish(EC_GROUP *);
-int ec_GFp_mont_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GFp_mont_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_mont_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GFp_mont_field_encode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GFp_mont_field_decode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GFp_mont_field_set_to_one(const EC_GROUP *, BIGNUM *r, BN_CTX *);
-
-int ec_point_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx);
-
-/* method functions in ecp_nist.c */
-int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src);
-int ec_GFp_nist_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_nist_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_nist_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-
-
-/* method functions in ec2_smpl.c */
-int ec_GF2m_simple_group_init(EC_GROUP *);
-void ec_GF2m_simple_group_finish(EC_GROUP *);
-void ec_GF2m_simple_group_clear_finish(EC_GROUP *);
-int ec_GF2m_simple_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GF2m_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GF2m_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-int ec_GF2m_simple_group_get_degree(const EC_GROUP *);
-int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
-int ec_GF2m_simple_point_init(EC_POINT *);
-void ec_GF2m_simple_point_finish(EC_POINT *);
-void ec_GF2m_simple_point_clear_finish(EC_POINT *);
-int ec_GF2m_simple_point_copy(EC_POINT *, const EC_POINT *);
-int ec_GF2m_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
-int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *, const EC_POINT *,
- BIGNUM *x, BIGNUM *y, BN_CTX *);
-int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
- const BIGNUM *x, int y_bit, BN_CTX *);
-size_t ec_GF2m_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
- unsigned char *buf, size_t len, BN_CTX *);
-int ec_GF2m_simple_oct2point(const EC_GROUP *, EC_POINT *,
- const unsigned char *buf, size_t len, BN_CTX *);
-int ec_GF2m_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int ec_GF2m_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-int ec_GF2m_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GF2m_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
-int ec_GF2m_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-int ec_GF2m_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int ec_GF2m_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GF2m_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
-int ec_GF2m_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GF2m_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GF2m_simple_field_div(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-
-
-/* method functions in ec2_mult.c */
-int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
- size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
-
-/* method functions in ec2_mult.c */
-int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
- size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
-
-#ifndef OPENSSL_EC_NISTP_64_GCC_128
-/* method functions in ecp_nistp224.c */
-int ec_GFp_nistp224_group_init(EC_GROUP *group);
-int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
-int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
-int ec_GFp_nistp224_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
-int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GFp_nistp224_have_precompute_mult(const EC_GROUP *group);
-
-/* method functions in ecp_nistp256.c */
-int ec_GFp_nistp256_group_init(EC_GROUP *group);
-int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
-int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
-int ec_GFp_nistp256_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
-int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GFp_nistp256_have_precompute_mult(const EC_GROUP *group);
-
-#ifdef ECP_NISTZ256_ASM
-const EC_METHOD *EC_GFp_nistz256_method(void);
-#endif
-
-/* EC_METHOD definitions */
-
-struct ec_key_method_st {
- const char *name;
- int32_t flags;
- int (*init)(EC_KEY *key);
- void (*finish)(EC_KEY *key);
- int (*copy)(EC_KEY *dest, const EC_KEY *src);
- int (*set_group)(EC_KEY *key, const EC_GROUP *grp);
- int (*set_private)(EC_KEY *key, const BIGNUM *priv_key);
- int (*set_public)(EC_KEY *key, const EC_POINT *pub_key);
- int (*keygen)(EC_KEY *key);
- int (*compute_key)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
- void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
- int (*sign)(int type, const unsigned char *dgst, int dlen, unsigned char
- *sig, unsigned int *siglen, const BIGNUM *kinv,
- const BIGNUM *r, EC_KEY *eckey);
- int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
- BIGNUM **rp);
- ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, int dgst_len,
- const BIGNUM *in_kinv, const BIGNUM *in_r,
- EC_KEY *eckey);
- int (*verify)(int type, const unsigned char *dgst, int dgst_len,
- const unsigned char *sigbuf, int sig_len, EC_KEY *eckey);
- int (*verify_sig)(const unsigned char *dgst, int dgst_len,
- const ECDSA_SIG *sig, EC_KEY *eckey);
-} /* EC_KEY_METHOD */;
-
-#define EC_KEY_METHOD_DYNAMIC 1
-
-int ossl_ec_key_gen(EC_KEY *eckey);
-int ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
- void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
-int ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
- const unsigned char *sigbuf, int sig_len, EC_KEY *eckey);
-int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
- const ECDSA_SIG *sig, EC_KEY *eckey);
-
-/* method functions in ecp_nistp521.c */
-int ec_GFp_nistp521_group_init(EC_GROUP *group);
-int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
-int ec_GFp_nistp521_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
-int ec_GFp_nistp521_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
-int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GFp_nistp521_have_precompute_mult(const EC_GROUP *group);
-
-/* utility functions in ecp_nistputil.c */
-void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
- size_t felem_size, void *tmp_felems,
- void (*felem_one)(void *out),
- int (*felem_is_zero)(const void *in),
- void (*felem_assign)(void *out, const void *in),
- void (*felem_square)(void *out, const void *in),
- void (*felem_mul)(void *out, const void *in1, const void *in2),
- void (*felem_inv)(void *out, const void *in),
- void (*felem_contract)(void *out, const void *in));
-void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign, unsigned char *digit, unsigned char in);
-
-#endif
-
-__END_HIDDEN_DECLS
-/* $OpenBSD: ec_lib.c,v 1.46 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.47 2022/11/26 16:08:52 tb Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
#include <openssl/err.h>
#include <openssl/opensslv.h>
-#include "bn_lcl.h"
-#include "ec_lcl.h"
+#include "bn_local.h"
+#include "ec_local.h"
/* functions for EC_GROUP objects */
--- /dev/null
+/* $OpenBSD: ec_local.h,v 1.1 2022/11/26 16:08:52 tb Exp $ */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#include <stdlib.h>
+
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/ecdsa.h>
+#include <openssl/objects.h>
+
+#include "bn_local.h"
+
+__BEGIN_HIDDEN_DECLS
+
+#if defined(__SUNPRO_C)
+# if __SUNPRO_C >= 0x520
+# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+# endif
+#endif
+
+/* Use default functions for poin2oct, oct2point and compressed coordinates */
+#define EC_FLAGS_DEFAULT_OCT 0x1
+
+struct ec_method_st {
+
+ /*
+ * Methods and members exposed directly by the public API.
+ */
+
+ int flags;
+
+ int field_type;
+
+ int (*group_init)(EC_GROUP *);
+ void (*group_finish)(EC_GROUP *);
+ void (*group_clear_finish)(EC_GROUP *);
+ int (*group_copy)(EC_GROUP *, const EC_GROUP *);
+
+ int (*group_set_curve)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *);
+ int (*group_get_curve)(const EC_GROUP *, BIGNUM *p, BIGNUM *a,
+ BIGNUM *b, BN_CTX *);
+
+ int (*group_get_degree)(const EC_GROUP *);
+ int (*group_order_bits)(const EC_GROUP *);
+ int (*group_check_discriminant)(const EC_GROUP *, BN_CTX *);
+
+ int (*point_init)(EC_POINT *);
+ void (*point_finish)(EC_POINT *);
+ void (*point_clear_finish)(EC_POINT *);
+ int (*point_copy)(EC_POINT *, const EC_POINT *);
+
+ int (*point_set_to_infinity)(const EC_GROUP *, EC_POINT *);
+ int (*point_set_Jprojective_coordinates)(const EC_GROUP *, EC_POINT *,
+ const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
+ int (*point_get_Jprojective_coordinates)(const EC_GROUP *,
+ const EC_POINT *, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
+ int (*point_set_affine_coordinates)(const EC_GROUP *, EC_POINT *,
+ const BIGNUM *x, const BIGNUM *y, BN_CTX *);
+ int (*point_get_affine_coordinates)(const EC_GROUP *, const EC_POINT *,
+ BIGNUM *x, BIGNUM *y, BN_CTX *);
+ int (*point_set_compressed_coordinates)(const EC_GROUP *, EC_POINT *,
+ const BIGNUM *x, int y_bit, BN_CTX *);
+
+ size_t (*point2oct)(const EC_GROUP *, const EC_POINT *,
+ point_conversion_form_t form, unsigned char *buf, size_t len,
+ BN_CTX *);
+ int (*oct2point)(const EC_GROUP *, EC_POINT *, const unsigned char *buf,
+ size_t len, BN_CTX *);
+
+ int (*add)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
+ const EC_POINT *b, BN_CTX *);
+ int (*dbl)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
+ int (*invert)(const EC_GROUP *, EC_POINT *, BN_CTX *);
+
+ int (*is_at_infinity)(const EC_GROUP *, const EC_POINT *);
+ int (*is_on_curve)(const EC_GROUP *, const EC_POINT *, BN_CTX *);
+ int (*point_cmp)(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b,
+ BN_CTX *);
+
+ int (*make_affine)(const EC_GROUP *, EC_POINT *, BN_CTX *);
+ int (*points_make_affine)(const EC_GROUP *, size_t num, EC_POINT *[],
+ BN_CTX *);
+
+ int (*mul_generator_ct)(const EC_GROUP *, EC_POINT *r,
+ const BIGNUM *scalar, BN_CTX *);
+ int (*mul_single_ct)(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *scalar, const EC_POINT *point, BN_CTX *);
+ int (*mul_double_nonct)(const EC_GROUP *group, EC_POINT *r,
+ const BIGNUM *g_scalar, const BIGNUM *p_scalar,
+ const EC_POINT *point, BN_CTX *);
+ int (*precompute_mult)(EC_GROUP *group, BN_CTX *);
+ int (*have_precompute_mult)(const EC_GROUP *group);
+
+ /*
+ * Internal methods.
+ */
+
+ /*
+ * These can be used by 'add' and 'dbl' so that the same implementations
+ * of point operations can be used with different optimized versions of
+ * expensive field operations.
+ */
+ int (*field_mul)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *);
+ int (*field_sqr)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+ BN_CTX *);
+ int (*field_div)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *);
+
+ /* Encode to and decode from other forms (e.g. Montgomery). */
+ int (*field_encode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+ BN_CTX *);
+ int (*field_decode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+ BN_CTX *);
+
+ int (*field_set_to_one)(const EC_GROUP *, BIGNUM *r, BN_CTX *);
+ int (*blind_coordinates)(const EC_GROUP *group, EC_POINT *p,
+ BN_CTX *ctx);
+} /* EC_METHOD */;
+
+typedef struct ec_extra_data_st {
+ struct ec_extra_data_st *next;
+ void *data;
+ void *(*dup_func)(void *);
+ void (*free_func)(void *);
+ void (*clear_free_func)(void *);
+} EC_EXTRA_DATA; /* used in EC_GROUP */
+
+struct ec_group_st {
+ /*
+ * Methods and members exposed via the public API.
+ */
+
+ const EC_METHOD *meth;
+
+ EC_POINT *generator; /* Optional */
+ BIGNUM order;
+ BIGNUM cofactor;
+
+ int curve_name; /* Optional NID for named curve. */
+
+ /* ASN.1 encoding controls. */
+ int asn1_flag;
+ point_conversion_form_t asn1_form;
+
+ /* Optional seed for parameters (appears in ASN.1). */
+ unsigned char *seed;
+ size_t seed_len;
+
+ /*
+ * Internal methods and members. Handled by the method functions, even
+ * if they appear to be generic.
+ */
+
+ EC_EXTRA_DATA *extra_data;
+
+ /*
+ * Field specification. For GF(p) this is the modulus; for GF(2^m),
+ * this is the irreducible polynomial defining the field.
+ */
+ BIGNUM field;
+
+ /*
+ * Field specification for GF(2^m). The irreducible polynomial is
+ * f(t) = t^poly[0] + t^poly[1] + ... + t^poly[k],
+ * where
+ * m = poly[0] > poly[1] > ... > poly[k] = 0,
+ * and the array is terminated with poly[k+1] = -1. All elliptic curve
+ * irreducibles have at most 5 non-zero terms.
+ */
+ int poly[6];
+
+ /*
+ * Curve coefficients. In characteristic > 3, the curve is defined by a
+ * Weierstrass equation of the form
+ * y^2 = x^3 + a*x + b.
+ * For characteristic 2, the curve is defined by an equation of the form
+ * y^2 + x*y = x^3 + a*x^2 + b.
+ */
+ BIGNUM a, b;
+
+ /* Enables optimized point arithmetics for special case. */
+ int a_is_minus3;
+
+ void *field_data1;
+ void *field_data2;
+ int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *,
+ BN_CTX *);
+} /* EC_GROUP */;
+
+struct ec_key_st {
+ const EC_KEY_METHOD *meth;
+ ENGINE *engine;
+
+ int version;
+
+ EC_GROUP *group;
+
+ EC_POINT *pub_key;
+ BIGNUM *priv_key;
+
+ unsigned int enc_flag;
+ point_conversion_form_t conv_form;
+
+ int references;
+ int flags;
+
+ EC_EXTRA_DATA *method_data;
+ CRYPTO_EX_DATA ex_data;
+} /* EC_KEY */;
+
+/* Basically a 'mixin' for extra data, but available for EC_GROUPs/EC_KEYs only
+ * (with visibility limited to 'package' level for now).
+ * We use the function pointers as index for retrieval; this obviates
+ * global ex_data-style index tables.
+ */
+int EC_EX_DATA_set_data(EC_EXTRA_DATA **, void *data,
+ void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *,
+ void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+void EC_EX_DATA_free_data(EC_EXTRA_DATA **,
+ void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **,
+ void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **);
+void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **);
+
+int ec_group_simple_order_bits(const EC_GROUP *group);
+
+struct ec_point_st {
+ const EC_METHOD *meth;
+
+ /*
+ * All members except 'meth' are handled by the method functions,
+ * even if they appear generic.
+ */
+
+ /*
+ * Jacobian projective coordinates: (X, Y, Z) represents (X/Z^2, Y/Z^3)
+ * if Z != 0
+ */
+ BIGNUM X;
+ BIGNUM Y;
+ BIGNUM Z;
+ int Z_is_one; /* enable optimized point arithmetics for special case */
+} /* EC_POINT */;
+
+/* method functions in ec_mult.c
+ * (ec_lib.c uses these as defaults if group->method->mul is 0) */
+int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
+ size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
+int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *);
+int ec_wNAF_have_precompute_mult(const EC_GROUP *group);
+
+
+/* method functions in ecp_smpl.c */
+int ec_GFp_simple_group_init(EC_GROUP *);
+void ec_GFp_simple_group_finish(EC_GROUP *);
+void ec_GFp_simple_group_clear_finish(EC_GROUP *);
+int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *);
+int ec_GFp_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
+int ec_GFp_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
+int ec_GFp_simple_group_get_degree(const EC_GROUP *);
+int ec_GFp_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
+int ec_GFp_simple_point_init(EC_POINT *);
+void ec_GFp_simple_point_finish(EC_POINT *);
+void ec_GFp_simple_point_clear_finish(EC_POINT *);
+int ec_GFp_simple_point_copy(EC_POINT *, const EC_POINT *);
+int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
+int ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *, EC_POINT *,
+ const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
+int ec_GFp_simple_get_Jprojective_coordinates(const EC_GROUP *,
+ const EC_POINT *, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
+int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *,
+ const BIGNUM *x, const BIGNUM *y, BN_CTX *);
+int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *, const EC_POINT *,
+ BIGNUM *x, BIGNUM *y, BN_CTX *);
+int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
+ const BIGNUM *x, int y_bit, BN_CTX *);
+size_t ec_GFp_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
+ unsigned char *buf, size_t len, BN_CTX *);
+int ec_GFp_simple_oct2point(const EC_GROUP *, EC_POINT *,
+ const unsigned char *buf, size_t len, BN_CTX *);
+int ec_GFp_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
+int ec_GFp_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
+int ec_GFp_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
+int ec_GFp_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
+int ec_GFp_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
+int ec_GFp_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
+int ec_GFp_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
+int ec_GFp_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
+int ec_GFp_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
+int ec_GFp_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
+int ec_GFp_simple_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx);
+int ec_GFp_simple_mul_generator_ct(const EC_GROUP *, EC_POINT *r, const BIGNUM *scalar, BN_CTX *);
+int ec_GFp_simple_mul_single_ct(const EC_GROUP *, EC_POINT *r, const BIGNUM *scalar,
+ const EC_POINT *point, BN_CTX *);
+int ec_GFp_simple_mul_double_nonct(const EC_GROUP *, EC_POINT *r, const BIGNUM *g_scalar,
+ const BIGNUM *p_scalar, const EC_POINT *point, BN_CTX *);
+
+
+/* method functions in ecp_mont.c */
+int ec_GFp_mont_group_init(EC_GROUP *);
+int ec_GFp_mont_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
+void ec_GFp_mont_group_finish(EC_GROUP *);
+void ec_GFp_mont_group_clear_finish(EC_GROUP *);
+int ec_GFp_mont_group_copy(EC_GROUP *, const EC_GROUP *);
+int ec_GFp_mont_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
+int ec_GFp_mont_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
+int ec_GFp_mont_field_encode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
+int ec_GFp_mont_field_decode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
+int ec_GFp_mont_field_set_to_one(const EC_GROUP *, BIGNUM *r, BN_CTX *);
+
+int ec_point_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx);
+
+/* method functions in ecp_nist.c */
+int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src);
+int ec_GFp_nist_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
+int ec_GFp_nist_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
+int ec_GFp_nist_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
+
+
+/* method functions in ec2_smpl.c */
+int ec_GF2m_simple_group_init(EC_GROUP *);
+void ec_GF2m_simple_group_finish(EC_GROUP *);
+void ec_GF2m_simple_group_clear_finish(EC_GROUP *);
+int ec_GF2m_simple_group_copy(EC_GROUP *, const EC_GROUP *);
+int ec_GF2m_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
+int ec_GF2m_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
+int ec_GF2m_simple_group_get_degree(const EC_GROUP *);
+int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
+int ec_GF2m_simple_point_init(EC_POINT *);
+void ec_GF2m_simple_point_finish(EC_POINT *);
+void ec_GF2m_simple_point_clear_finish(EC_POINT *);
+int ec_GF2m_simple_point_copy(EC_POINT *, const EC_POINT *);
+int ec_GF2m_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
+int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *,
+ const BIGNUM *x, const BIGNUM *y, BN_CTX *);
+int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *, const EC_POINT *,
+ BIGNUM *x, BIGNUM *y, BN_CTX *);
+int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
+ const BIGNUM *x, int y_bit, BN_CTX *);
+size_t ec_GF2m_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
+ unsigned char *buf, size_t len, BN_CTX *);
+int ec_GF2m_simple_oct2point(const EC_GROUP *, EC_POINT *,
+ const unsigned char *buf, size_t len, BN_CTX *);
+int ec_GF2m_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
+int ec_GF2m_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
+int ec_GF2m_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
+int ec_GF2m_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
+int ec_GF2m_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
+int ec_GF2m_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
+int ec_GF2m_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
+int ec_GF2m_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
+int ec_GF2m_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
+int ec_GF2m_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
+int ec_GF2m_simple_field_div(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
+
+
+/* method functions in ec2_mult.c */
+int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
+ size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
+int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
+
+/* method functions in ec2_mult.c */
+int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
+ size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
+int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
+
+#ifndef OPENSSL_EC_NISTP_64_GCC_128
+/* method functions in ecp_nistp224.c */
+int ec_GFp_nistp224_group_init(EC_GROUP *group);
+int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
+int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+int ec_GFp_nistp224_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
+int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp224_have_precompute_mult(const EC_GROUP *group);
+
+/* method functions in ecp_nistp256.c */
+int ec_GFp_nistp256_group_init(EC_GROUP *group);
+int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
+int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+int ec_GFp_nistp256_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
+int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp256_have_precompute_mult(const EC_GROUP *group);
+
+#ifdef ECP_NISTZ256_ASM
+const EC_METHOD *EC_GFp_nistz256_method(void);
+#endif
+
+/* EC_METHOD definitions */
+
+struct ec_key_method_st {
+ const char *name;
+ int32_t flags;
+ int (*init)(EC_KEY *key);
+ void (*finish)(EC_KEY *key);
+ int (*copy)(EC_KEY *dest, const EC_KEY *src);
+ int (*set_group)(EC_KEY *key, const EC_GROUP *grp);
+ int (*set_private)(EC_KEY *key, const BIGNUM *priv_key);
+ int (*set_public)(EC_KEY *key, const EC_POINT *pub_key);
+ int (*keygen)(EC_KEY *key);
+ int (*compute_key)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
+ void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
+ int (*sign)(int type, const unsigned char *dgst, int dlen, unsigned char
+ *sig, unsigned int *siglen, const BIGNUM *kinv,
+ const BIGNUM *r, EC_KEY *eckey);
+ int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp);
+ ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, int dgst_len,
+ const BIGNUM *in_kinv, const BIGNUM *in_r,
+ EC_KEY *eckey);
+ int (*verify)(int type, const unsigned char *dgst, int dgst_len,
+ const unsigned char *sigbuf, int sig_len, EC_KEY *eckey);
+ int (*verify_sig)(const unsigned char *dgst, int dgst_len,
+ const ECDSA_SIG *sig, EC_KEY *eckey);
+} /* EC_KEY_METHOD */;
+
+#define EC_KEY_METHOD_DYNAMIC 1
+
+int ossl_ec_key_gen(EC_KEY *eckey);
+int ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
+ void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
+int ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
+ const unsigned char *sigbuf, int sig_len, EC_KEY *eckey);
+int ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
+ const ECDSA_SIG *sig, EC_KEY *eckey);
+
+/* method functions in ecp_nistp521.c */
+int ec_GFp_nistp521_group_init(EC_GROUP *group);
+int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
+int ec_GFp_nistp521_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+int ec_GFp_nistp521_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
+int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp521_have_precompute_mult(const EC_GROUP *group);
+
+/* utility functions in ecp_nistputil.c */
+void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
+ size_t felem_size, void *tmp_felems,
+ void (*felem_one)(void *out),
+ int (*felem_is_zero)(const void *in),
+ void (*felem_assign)(void *out, const void *in),
+ void (*felem_square)(void *out, const void *in),
+ void (*felem_mul)(void *out, const void *in1, const void *in2),
+ void (*felem_inv)(void *out, const void *in),
+ void (*felem_contract)(void *out, const void *in));
+void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign, unsigned char *digit, unsigned char in);
+
+#endif
+
+__END_HIDDEN_DECLS
-/* $OpenBSD: ec_mult.c,v 1.26 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ec_mult.c,v 1.27 2022/11/26 16:08:52 tb Exp $ */
/*
* Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
*/
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
/*
-/* $OpenBSD: ec_oct.c,v 1.8 2021/04/20 17:34:33 tb Exp $ */
+/* $OpenBSD: ec_oct.c,v 1.9 2022/11/26 16:08:52 tb Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
#include <openssl/err.h>
#include <openssl/opensslv.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
int
EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point,
-/* $OpenBSD: ec_pmeth.c,v 1.15 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ec_pmeth.c,v 1.16 2022/11/26 16:08:52 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/evp.h>
#include <openssl/x509.h>
-#include "bn_lcl.h"
-#include "ec_lcl.h"
-#include "ech_locl.h"
-#include "evp_locl.h"
+#include "bn_local.h"
+#include "ec_local.h"
+#include "ech_local.h"
+#include "evp_local.h"
/* EC pkey context structure */
-/* $OpenBSD: ec_print.c,v 1.8 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ec_print.c,v 1.9 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
*/
#include <openssl/crypto.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
BIGNUM *
EC_POINT_point2bn(const EC_GROUP *group, const EC_POINT *point,
-/* $OpenBSD: ecp_mont.c,v 1.21 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ecp_mont.c,v 1.22 2022/11/26 16:08:52 tb Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
const EC_METHOD *
-/* $OpenBSD: ecp_nist.c,v 1.20 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ecp_nist.c,v 1.21 2022/11/26 16:08:52 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project.
*/
#include <openssl/err.h>
#include <openssl/objects.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
const EC_METHOD *
EC_GFp_nist_method(void)
-/* $OpenBSD: ecp_nistp224.c,v 1.28 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ecp_nistp224.c,v 1.29 2022/11/26 16:08:52 tb Exp $ */
/*
* Written by Emilia Kasper (Google) for the OpenSSL project.
*/
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
/* even with gcc, the typedef won't work for 32-bit platforms */
-/* $OpenBSD: ecp_nistp256.c,v 1.27 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ecp_nistp256.c,v 1.28 2022/11/26 16:08:52 tb Exp $ */
/*
* Written by Adam Langley (Google) for the OpenSSL project
*/
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
/* even with gcc, the typedef won't work for 32-bit platforms */
-/* $OpenBSD: ecp_nistp521.c,v 1.28 2022/11/19 07:29:29 tb Exp $ */
+/* $OpenBSD: ecp_nistp521.c,v 1.29 2022/11/26 16:08:52 tb Exp $ */
/*
* Written by Adam Langley (Google) for the OpenSSL project
*/
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
/* even with gcc, the typedef won't work for 32-bit platforms */
-/* $OpenBSD: ecp_nistputil.c,v 1.7 2022/11/19 07:00:57 tb Exp $ */
+/* $OpenBSD: ecp_nistputil.c,v 1.8 2022/11/26 16:08:52 tb Exp $ */
/*
* Written by Bodo Moeller for the OpenSSL project.
*/
* Common utility functions for ecp_nistp224.c, ecp_nistp256.c, ecp_nistp521.c.
*/
-#include "ec_lcl.h"
+#include "ec_local.h"
/* Convert an array of points into affine coordinates.
* (If the point at infinity is found (Z = 0), it remains unchanged.)
-/* $OpenBSD: ecp_nistz256.c,v 1.13 2022/11/24 01:30:01 jsing Exp $ */
+/* $OpenBSD: ecp_nistz256.c,v 1.14 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (c) 2014, Intel Corporation.
*
* Permission to use, copy, modify, and/or distribute this software for any
#include <openssl/ec.h>
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#if BN_BITS2 != 64
#define TOBN(hi,lo) lo,hi
-/* $OpenBSD: ecp_oct.c,v 1.18 2022/11/24 16:35:32 tb Exp $ */
+/* $OpenBSD: ecp_oct.c,v 1.19 2022/11/26 16:08:52 tb Exp $ */
/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
* for the OpenSSL project.
* Includes code written by Bodo Moeller for the OpenSSL project.
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
int
ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group,
-/* $OpenBSD: ecp_smpl.c,v 1.37 2022/11/24 01:30:01 jsing Exp $ */
+/* $OpenBSD: ecp_smpl.c,v 1.38 2022/11/26 16:08:52 tb Exp $ */
/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
* for the OpenSSL project.
* Includes code written by Bodo Moeller for the OpenSSL project.
#include <openssl/err.h>
-#include "bn_lcl.h"
-#include "ec_lcl.h"
+#include "bn_local.h"
+#include "ec_local.h"
const EC_METHOD *
EC_GFp_simple_method(void)
-/* $OpenBSD: ecx_methods.c,v 1.3 2022/11/23 07:37:06 tb Exp $ */
+/* $OpenBSD: ecx_methods.c,v 1.4 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
*
#include <openssl/evp.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#include "bytestring.h"
#include "curve25519_internal.h"
-#include "evp_locl.h"
+#include "evp_local.h"
/*
* EVP PKEY and PKEY ASN.1 methods Ed25519 and X25519.
#include <openssl/ec.h>
#include <openssl/evp.h>
-#include "ech_locl.h"
+#include "ech_local.h"
/*
* Key derivation function from X9.63/SECG.
-/* $OpenBSD: ech_key.c,v 1.13 2022/06/30 11:14:47 tb Exp $ */
+/* $OpenBSD: ech_key.c,v 1.14 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
#include <openssl/objects.h>
#include <openssl/sha.h>
-#include "bn_lcl.h"
-#include "ech_locl.h"
-#include "ec_lcl.h"
+#include "bn_local.h"
+#include "ech_local.h"
+#include "ec_local.h"
static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
EC_KEY *ecdh,
-/* $OpenBSD: ech_lib.c,v 1.14 2018/04/14 07:09:21 tb Exp $ */
+/* $OpenBSD: ech_lib.c,v 1.15 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
#include <openssl/opensslconf.h>
-#include "ech_locl.h"
+#include "ech_local.h"
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
--- /dev/null
+/* $OpenBSD: ech_local.h,v 1.1 2022/11/26 16:08:52 tb Exp $ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_ECH_LOCL_H
+#define HEADER_ECH_LOCL_H
+
+#include <openssl/ecdh.h>
+
+__BEGIN_HIDDEN_DECLS
+
+struct ecdh_method {
+ const char *name;
+ int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
+ void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
+ int flags;
+ char *app_data;
+};
+
+/* If this flag is set the ECDH method is FIPS compliant and can be used
+ * in FIPS mode. This is set in the validated module method. If an
+ * application sets this flag in its own methods it is its responsibility
+ * to ensure the result is compliant.
+ */
+
+#define ECDH_FLAG_FIPS_METHOD 0x1
+
+typedef struct ecdh_data_st {
+ /* EC_KEY_METH_DATA part */
+ int (*init)(EC_KEY *);
+ /* method specific part */
+ ENGINE *engine;
+ int flags;
+ const ECDH_METHOD *meth;
+ CRYPTO_EX_DATA ex_data;
+} ECDH_DATA;
+
+ECDH_DATA *ecdh_check(EC_KEY *);
+
+/*
+ * ECDH Key Derivation Function as defined in ANSI X9.63.
+ */
+int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z,
+ size_t Zlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md);
+
+__END_HIDDEN_DECLS
+
+#endif /* HEADER_ECH_LOCL_H */
+++ /dev/null
-/* $OpenBSD: ech_locl.h,v 1.6 2019/09/05 16:12:36 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ECH_LOCL_H
-#define HEADER_ECH_LOCL_H
-
-#include <openssl/ecdh.h>
-
-__BEGIN_HIDDEN_DECLS
-
-struct ecdh_method {
- const char *name;
- int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
- void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
- int flags;
- char *app_data;
-};
-
-/* If this flag is set the ECDH method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its responsibility
- * to ensure the result is compliant.
- */
-
-#define ECDH_FLAG_FIPS_METHOD 0x1
-
-typedef struct ecdh_data_st {
- /* EC_KEY_METH_DATA part */
- int (*init)(EC_KEY *);
- /* method specific part */
- ENGINE *engine;
- int flags;
- const ECDH_METHOD *meth;
- CRYPTO_EX_DATA ex_data;
-} ECDH_DATA;
-
-ECDH_DATA *ecdh_check(EC_KEY *);
-
-/*
- * ECDH Key Derivation Function as defined in ANSI X9.63.
- */
-int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z,
- size_t Zlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md);
-
-__END_HIDDEN_DECLS
-
-#endif /* HEADER_ECH_LOCL_H */
-/* $OpenBSD: ecs_asn1.c,v 1.11 2022/09/03 16:01:23 jsing Exp $ */
+/* $OpenBSD: ecs_asn1.c,v 1.12 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
*
*
*/
-#include "ecs_locl.h"
+#include "ecs_local.h"
#include <openssl/err.h>
#include <openssl/asn1t.h>
-/* $OpenBSD: ecs_lib.c,v 1.14 2022/08/31 13:01:01 tb Exp $ */
+/* $OpenBSD: ecs_lib.c,v 1.15 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
*
#include <openssl/opensslconf.h>
-#include "ecs_locl.h"
+#include "ecs_local.h"
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
--- /dev/null
+/* $OpenBSD: ecs_local.h,v 1.1 2022/11/26 16:08:52 tb Exp $ */
+/*
+ * Written by Nils Larsch for the OpenSSL project
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_ECS_LOCL_H
+#define HEADER_ECS_LOCL_H
+
+#include <openssl/ecdsa.h>
+
+__BEGIN_HIDDEN_DECLS
+
+typedef struct ecdsa_data_st {
+ /* EC_KEY_METH_DATA part */
+ int (*init)(EC_KEY *);
+ /* method (ECDSA) specific part */
+ ENGINE *engine;
+ int flags;
+ const ECDSA_METHOD *meth;
+ CRYPTO_EX_DATA ex_data;
+} ECDSA_DATA;
+
+struct ECDSA_SIG_st {
+ BIGNUM *r;
+ BIGNUM *s;
+};
+
+/** ecdsa_check
+ * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
+ * and if not it removes the old meth_data and creates a ECDSA_DATA structure.
+ * \param eckey pointer to a EC_KEY object
+ * \return pointer to a ECDSA_DATA structure
+ */
+ECDSA_DATA *ecdsa_check(EC_KEY *eckey);
+
+int ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp);
+int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen,
+ unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
+ const BIGNUM *r, EC_KEY *eckey);
+ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
+ const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey);
+
+__END_HIDDEN_DECLS
+
+#endif /* HEADER_ECS_LOCL_H */
+++ /dev/null
-/* $OpenBSD: ecs_locl.h,v 1.7 2022/01/14 08:31:03 tb Exp $ */
-/*
- * Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ECS_LOCL_H
-#define HEADER_ECS_LOCL_H
-
-#include <openssl/ecdsa.h>
-
-__BEGIN_HIDDEN_DECLS
-
-typedef struct ecdsa_data_st {
- /* EC_KEY_METH_DATA part */
- int (*init)(EC_KEY *);
- /* method (ECDSA) specific part */
- ENGINE *engine;
- int flags;
- const ECDSA_METHOD *meth;
- CRYPTO_EX_DATA ex_data;
-} ECDSA_DATA;
-
-struct ECDSA_SIG_st {
- BIGNUM *r;
- BIGNUM *s;
-};
-
-/** ecdsa_check
- * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
- * and if not it removes the old meth_data and creates a ECDSA_DATA structure.
- * \param eckey pointer to a EC_KEY object
- * \return pointer to a ECDSA_DATA structure
- */
-ECDSA_DATA *ecdsa_check(EC_KEY *eckey);
-
-int ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
- BIGNUM **rp);
-int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen,
- unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
- const BIGNUM *r, EC_KEY *eckey);
-ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
- const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey);
-
-__END_HIDDEN_DECLS
-
-#endif /* HEADER_ECS_LOCL_H */
-/* $OpenBSD: ecs_ossl.c,v 1.25 2022/06/30 11:14:47 tb Exp $ */
+/* $OpenBSD: ecs_ossl.c,v 1.26 2022/11/26 16:08:52 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project
*/
#include <openssl/err.h>
#include <openssl/objects.h>
-#include "bn_lcl.h"
-#include "ecs_locl.h"
+#include "bn_local.h"
+#include "ecs_local.h"
static int ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len,
BIGNUM *order, BIGNUM *ret);
-/* $OpenBSD: ecs_sign.c,v 1.9 2022/01/27 20:30:29 tb Exp $ */
+/* $OpenBSD: ecs_sign.c,v 1.10 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
#include <openssl/err.h>
#include <openssl/evp.h>
-#include "bn_lcl.h"
-#include "ecs_locl.h"
-#include "ec_lcl.h"
+#include "bn_local.h"
+#include "ecs_local.h"
+#include "ec_local.h"
ECDSA_SIG *
ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
-/* $OpenBSD: ecs_vrf.c,v 1.9 2022/01/27 20:30:29 tb Exp $ */
+/* $OpenBSD: ecs_vrf.c,v 1.10 2022/11/26 16:08:52 tb Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project
*/
#include <openssl/err.h>
#include <openssl/evp.h>
-#include "bn_lcl.h"
-#include "ecs_locl.h"
-#include "ec_lcl.h"
+#include "bn_local.h"
+#include "ecs_local.h"
+#include "ec_local.h"
/* returns
* 1: correct signature
-/* $OpenBSD: eng_openssl.c,v 1.15 2022/01/09 23:55:31 tb Exp $ */
+/* $OpenBSD: eng_openssl.c,v 1.16 2022/11/26 16:08:52 tb Exp $ */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
*/
#include <openssl/rsa.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
/* This testing gunk is implemented (and explained) lower down. It also assumes
* the application explicitly calls "ENGINE_load_openssl()" because this is no
-/* $OpenBSD: tb_asnmth.c,v 1.6 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: tb_asnmth.c,v 1.7 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
#include <openssl/err.h>
#include "eng_int.h"
-#include "asn1_locl.h"
+#include "asn1_local.h"
#include <openssl/evp.h>
/* If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the
-/* $OpenBSD: bio_b64.c,v 1.25 2022/01/14 08:40:57 tb Exp $ */
+/* $OpenBSD: bio_b64.c,v 1.26 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include "bio_local.h"
-#include "evp_locl.h"
+#include "evp_local.h"
static int b64_write(BIO *h, const char *buf, int num);
static int b64_read(BIO *h, char *buf, int size);
-/* $OpenBSD: bio_enc.c,v 1.26 2022/01/14 08:40:57 tb Exp $ */
+/* $OpenBSD: bio_enc.c,v 1.27 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include "bio_local.h"
-#include "evp_locl.h"
+#include "evp_local.h"
static int enc_write(BIO *h, const char *buf, int num);
static int enc_read(BIO *h, char *buf, int size);
-/* $OpenBSD: bio_md.c,v 1.18 2022/01/14 08:40:57 tb Exp $ */
+/* $OpenBSD: bio_md.c,v 1.19 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include "bio_local.h"
-#include "evp_locl.h"
+#include "evp_local.h"
/* BIO_put and BIO_get both add to the digest,
* BIO_gets returns the digest */
-/* $OpenBSD: digest.c,v 1.34 2022/01/10 10:51:31 tb Exp $ */
+/* $OpenBSD: digest.c,v 1.35 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/engine.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
int
EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
-/* $OpenBSD: e_aes.c,v 1.49 2022/09/13 04:59:18 jsing Exp $ */
+/* $OpenBSD: e_aes.c,v 1.50 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
*
#include <openssl/err.h>
#include <openssl/evp.h>
-#include "evp_locl.h"
-#include "modes_lcl.h"
+#include "evp_local.h"
+#include "modes_local.h"
typedef struct {
AES_KEY ks;
-/* $OpenBSD: e_aes_cbc_hmac_sha1.c,v 1.16 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: e_aes_cbc_hmac_sha1.c,v 1.17 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
*
#include <openssl/aes.h>
#include <openssl/sha.h>
-#include "constant_time_locl.h"
-#include "evp_locl.h"
+#include "constant_time.h"
+#include "evp_local.h"
#define TLS1_1_VERSION 0x0302
-/* $OpenBSD: e_bf.c,v 1.14 2022/09/15 07:04:19 jsing Exp $ */
+/* $OpenBSD: e_bf.c,v 1.15 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
typedef struct {
BF_KEY ks;
-/* $OpenBSD: e_camellia.c,v 1.15 2022/09/10 17:39:47 jsing Exp $ */
+/* $OpenBSD: e_camellia.c,v 1.16 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
#include <openssl/err.h>
#include <openssl/camellia.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* Camellia subkey Structure */
typedef struct {
-/* $OpenBSD: e_cast.c,v 1.13 2022/09/15 07:04:19 jsing Exp $ */
+/* $OpenBSD: e_cast.c,v 1.14 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
typedef struct {
CAST_KEY ks;
-/* $OpenBSD: e_chacha.c,v 1.9 2022/07/30 17:11:38 jsing Exp $ */
+/* $OpenBSD: e_chacha.c,v 1.10 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
*
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int
chacha_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-/* $OpenBSD: e_chacha20poly1305.c,v 1.26 2022/09/13 04:59:18 jsing Exp $ */
+/* $OpenBSD: e_chacha20poly1305.c,v 1.27 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
#include <openssl/poly1305.h>
#include "bytestring.h"
-#include "evp_locl.h"
+#include "evp_local.h"
#define POLY1305_TAG_LEN 16
-/* $OpenBSD: e_des.c,v 1.19 2022/09/15 07:04:19 jsing Exp $ */
+/* $OpenBSD: e_des.c,v 1.20 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/des.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int
des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-/* $OpenBSD: e_des3.c,v 1.25 2022/09/15 07:04:19 jsing Exp $ */
+/* $OpenBSD: e_des3.c,v 1.26 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
typedef struct {
DES_key_schedule ks1;/* key schedule */
-/* $OpenBSD: e_gost2814789.c,v 1.10 2022/09/10 17:39:47 jsing Exp $ */
+/* $OpenBSD: e_gost2814789.c,v 1.11 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/err.h>
#include <openssl/gost.h>
-#include "evp_locl.h"
+#include "evp_local.h"
typedef struct {
GOST2814789_KEY ks;
-/* $OpenBSD: e_idea.c,v 1.17 2022/09/15 07:04:19 jsing Exp $ */
+/* $OpenBSD: e_idea.c,v 1.18 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/idea.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special
* case
-/* $OpenBSD: e_null.c,v 1.15 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: e_null.c,v 1.16 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
-/* $OpenBSD: e_rc2.c,v 1.19 2022/09/15 07:04:19 jsing Exp $ */
+/* $OpenBSD: e_rc2.c,v 1.20 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/rc2.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
-/* $OpenBSD: e_rc4.c,v 1.14 2014/07/11 08:44:48 jsing Exp $ */
+/* $OpenBSD: e_rc4.c,v 1.15 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/rc4.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* FIXME: surely this is available elsewhere? */
#define EVP_RC4_KEY_SIZE 16
-/* $OpenBSD: e_rc4_hmac_md5.c,v 1.9 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: e_rc4_hmac_md5.c,v 1.10 2022/11/26 16:08:52 tb Exp $ */
/* ====================================================================
* Copyright (c) 2011 The OpenSSL Project. All rights reserved.
*
#include <openssl/rc4.h>
#include <openssl/md5.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* FIXME: surely this is available elsewhere? */
#define EVP_RC4_KEY_SIZE 16
-/* $OpenBSD: e_sm4.c,v 1.6 2022/09/10 17:39:47 jsing Exp $ */
+/* $OpenBSD: e_sm4.c,v 1.7 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2017, 2019 Ribose Inc
*
#include <openssl/modes.h>
#include <openssl/sm4.h>
-#include "evp_locl.h"
+#include "evp_local.h"
typedef struct {
SM4_KEY ks;
-/* $OpenBSD: e_xcbc_d.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */
+/* $OpenBSD: e_xcbc_d.c,v 1.13 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
-/* $OpenBSD: encode.c,v 1.29 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: encode.c,v 1.30 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static unsigned char conv_ascii2bin(unsigned char a);
#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
-/* $OpenBSD: evp_aead.c,v 1.7 2022/01/07 21:58:17 tb Exp $ */
+/* $OpenBSD: evp_aead.c,v 1.8 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2014, Google Inc.
*
#include <openssl/evp.h>
#include <openssl/err.h>
-#include "evp_locl.h"
+#include "evp_local.h"
size_t
EVP_AEAD_key_length(const EVP_AEAD *aead)
-/* $OpenBSD: evp_enc.c,v 1.47 2022/09/13 04:59:18 jsing Exp $ */
+/* $OpenBSD: evp_enc.c,v 1.48 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/engine.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
int
EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-/* $OpenBSD: evp_key.c,v 1.27 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: evp_key.c,v 1.28 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/ui.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* should be init to zeros. */
static char prompt_string[80];
-/* $OpenBSD: evp_lib.c,v 1.24 2022/01/10 13:42:28 tb Exp $ */
+/* $OpenBSD: evp_lib.c,v 1.25 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
int
EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
--- /dev/null
+/* $OpenBSD: evp_local.h,v 1.1 2022/11/26 16:08:52 tb Exp $ */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_EVP_LOCL_H
+#define HEADER_EVP_LOCL_H
+
+__BEGIN_HIDDEN_DECLS
+
+/*
+ * Don't free md_ctx->pctx in EVP_MD_CTX_cleanup(). Needed for ownership
+ * handling in EVP_MD_CTX_set_pkey_ctx().
+ */
+#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
+
+typedef int evp_sign_method(int type, const unsigned char *m,
+ unsigned int m_length, unsigned char *sigret, unsigned int *siglen,
+ void *key);
+typedef int evp_verify_method(int type, const unsigned char *m,
+ unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen,
+ void *key);
+
+struct ecx_key_st {
+ int nid;
+ int key_len;
+ uint8_t *priv_key;
+ size_t priv_key_len;
+ uint8_t *pub_key;
+ size_t pub_key_len;
+};
+
+/* Type needs to be a bit field
+ * Sub-type needs to be for variations on the method, as in, can it do
+ * arbitrary encryption.... */
+struct evp_pkey_st {
+ int type;
+ int save_type;
+ int references;
+ const EVP_PKEY_ASN1_METHOD *ameth;
+ ENGINE *engine;
+ union {
+ void *ptr;
+#ifndef OPENSSL_NO_RSA
+ struct rsa_st *rsa; /* RSA */
+#endif
+#ifndef OPENSSL_NO_DSA
+ struct dsa_st *dsa; /* DSA */
+#endif
+#ifndef OPENSSL_NO_DH
+ struct dh_st *dh; /* DH */
+#endif
+#ifndef OPENSSL_NO_EC
+ struct ec_key_st *ec; /* ECC */
+ struct ecx_key_st *ecx; /* ECX */
+#endif
+#ifndef OPENSSL_NO_GOST
+ struct gost_key_st *gost; /* GOST */
+#endif
+ } pkey;
+ int save_parameters;
+ STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
+} /* EVP_PKEY */;
+
+struct env_md_st {
+ int type;
+ int pkey_type;
+ int md_size;
+ unsigned long flags;
+ int (*init)(EVP_MD_CTX *ctx);
+ int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
+ int (*final)(EVP_MD_CTX *ctx, unsigned char *md);
+ int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from);
+ int (*cleanup)(EVP_MD_CTX *ctx);
+
+ int block_size;
+ int ctx_size; /* how big does the ctx->md_data need to be */
+ /* control function */
+ int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
+} /* EVP_MD */;
+
+struct env_md_ctx_st {
+ const EVP_MD *digest;
+ ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
+ unsigned long flags;
+ void *md_data;
+ /* Public key context for sign/verify */
+ EVP_PKEY_CTX *pctx;
+ /* Update function: usually copied from EVP_MD */
+ int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
+} /* EVP_MD_CTX */;
+
+struct evp_cipher_st {
+ int nid;
+ int block_size;
+ int key_len; /* Default value for variable length ciphers */
+ int iv_len;
+ unsigned long flags; /* Various flags */
+ int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+ const unsigned char *iv, int enc); /* init key */
+ int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t inl);/* encrypt/decrypt data */
+ void (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
+ int ctx_size; /* how big ctx->cipher_data needs to be */
+ int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
+ int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
+ int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
+ void *app_data; /* Application data */
+} /* EVP_CIPHER */;
+
+struct evp_cipher_ctx_st {
+ const EVP_CIPHER *cipher;
+ ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */
+ int encrypt; /* encrypt or decrypt */
+ int buf_len; /* number we have left */
+
+ unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
+ unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
+ unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
+ int num; /* used by cfb/ofb/ctr mode */
+
+ void *app_data; /* application stuff */
+ int key_len; /* May change for variable length cipher */
+ unsigned long flags; /* Various flags */
+ void *cipher_data; /* per EVP data */
+ int final_used;
+ int block_mask;
+ unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */
+} /* EVP_CIPHER_CTX */;
+
+struct evp_Encode_Ctx_st {
+
+ int num; /* number saved in a partial encode/decode */
+ int length; /* The length is either the output line length
+ * (in input bytes) or the shortest input line
+ * length that is ok. Once decoding begins,
+ * the length is adjusted up each time a longer
+ * line is decoded */
+ unsigned char enc_data[80]; /* data to encode */
+ int line_num; /* number read on current line */
+ int expect_nl;
+} /* EVP_ENCODE_CTX */;
+
+#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
+
+struct evp_pkey_ctx_st {
+ /* Method associated with this operation */
+ const EVP_PKEY_METHOD *pmeth;
+ /* Engine that implements this method or NULL if builtin */
+ ENGINE *engine;
+ /* Key: may be NULL */
+ EVP_PKEY *pkey;
+ /* Peer key for key agreement, may be NULL */
+ EVP_PKEY *peerkey;
+ /* Actual operation */
+ int operation;
+ /* Algorithm specific data */
+ void *data;
+ /* Application specific data */
+ void *app_data;
+ /* Keygen callback */
+ EVP_PKEY_gen_cb *pkey_gencb;
+ /* implementation specific keygen data */
+ int *keygen_info;
+ int keygen_info_count;
+} /* EVP_PKEY_CTX */;
+
+#define EVP_PKEY_FLAG_DYNAMIC 1
+
+struct evp_pkey_method_st {
+ int pkey_id;
+ int flags;
+
+ int (*init)(EVP_PKEY_CTX *ctx);
+ int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+ void (*cleanup)(EVP_PKEY_CTX *ctx);
+
+ int (*paramgen_init)(EVP_PKEY_CTX *ctx);
+ int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+
+ int (*keygen_init)(EVP_PKEY_CTX *ctx);
+ int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+
+ int (*sign_init)(EVP_PKEY_CTX *ctx);
+ int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen);
+
+ int (*verify_init)(EVP_PKEY_CTX *ctx);
+ int (*verify)(EVP_PKEY_CTX *ctx,
+ const unsigned char *sig, size_t siglen,
+ const unsigned char *tbs, size_t tbslen);
+
+ int (*verify_recover_init)(EVP_PKEY_CTX *ctx);
+ int (*verify_recover)(EVP_PKEY_CTX *ctx,
+ unsigned char *rout, size_t *routlen,
+ const unsigned char *sig, size_t siglen);
+
+ int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+ EVP_MD_CTX *mctx);
+
+ int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+ int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,
+ int siglen, EVP_MD_CTX *mctx);
+
+ int (*encrypt_init)(EVP_PKEY_CTX *ctx);
+ int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+
+ int (*decrypt_init)(EVP_PKEY_CTX *ctx);
+ int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+ const unsigned char *in, size_t inlen);
+
+ int (*derive_init)(EVP_PKEY_CTX *ctx);
+ int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+
+ int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+ int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value);
+
+ int (*digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen);
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs, size_t tbslen);
+
+ int (*check)(EVP_PKEY *pkey);
+ int (*public_check)(EVP_PKEY *pkey);
+ int (*param_check)(EVP_PKEY *pkey);
+} /* EVP_PKEY_METHOD */;
+
+void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
+
+int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+ ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de);
+
+/* EVP_AEAD represents a specific AEAD algorithm. */
+struct evp_aead_st {
+ unsigned char key_len;
+ unsigned char nonce_len;
+ unsigned char overhead;
+ unsigned char max_tag_len;
+
+ int (*init)(struct evp_aead_ctx_st*, const unsigned char *key,
+ size_t key_len, size_t tag_len);
+ void (*cleanup)(struct evp_aead_ctx_st*);
+
+ int (*seal)(const struct evp_aead_ctx_st *ctx, unsigned char *out,
+ size_t *out_len, size_t max_out_len, const unsigned char *nonce,
+ size_t nonce_len, const unsigned char *in, size_t in_len,
+ const unsigned char *ad, size_t ad_len);
+
+ int (*open)(const struct evp_aead_ctx_st *ctx, unsigned char *out,
+ size_t *out_len, size_t max_out_len, const unsigned char *nonce,
+ size_t nonce_len, const unsigned char *in, size_t in_len,
+ const unsigned char *ad, size_t ad_len);
+};
+
+/* An EVP_AEAD_CTX represents an AEAD algorithm configured with a specific key
+ * and message-independent IV. */
+struct evp_aead_ctx_st {
+ const EVP_AEAD *aead;
+ /* aead_state is an opaque pointer to the AEAD specific state. */
+ void *aead_state;
+};
+
+int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str);
+int EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hex);
+int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md_name);
+
+__END_HIDDEN_DECLS
+
+#endif /* !HEADER_EVP_LOCL_H */
+++ /dev/null
-/* $OpenBSD: evp_locl.h,v 1.31 2022/11/18 14:45:10 tb Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_EVP_LOCL_H
-#define HEADER_EVP_LOCL_H
-
-__BEGIN_HIDDEN_DECLS
-
-/*
- * Don't free md_ctx->pctx in EVP_MD_CTX_cleanup(). Needed for ownership
- * handling in EVP_MD_CTX_set_pkey_ctx().
- */
-#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
-
-typedef int evp_sign_method(int type, const unsigned char *m,
- unsigned int m_length, unsigned char *sigret, unsigned int *siglen,
- void *key);
-typedef int evp_verify_method(int type, const unsigned char *m,
- unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen,
- void *key);
-
-struct ecx_key_st {
- int nid;
- int key_len;
- uint8_t *priv_key;
- size_t priv_key_len;
- uint8_t *pub_key;
- size_t pub_key_len;
-};
-
-/* Type needs to be a bit field
- * Sub-type needs to be for variations on the method, as in, can it do
- * arbitrary encryption.... */
-struct evp_pkey_st {
- int type;
- int save_type;
- int references;
- const EVP_PKEY_ASN1_METHOD *ameth;
- ENGINE *engine;
- union {
- void *ptr;
-#ifndef OPENSSL_NO_RSA
- struct rsa_st *rsa; /* RSA */
-#endif
-#ifndef OPENSSL_NO_DSA
- struct dsa_st *dsa; /* DSA */
-#endif
-#ifndef OPENSSL_NO_DH
- struct dh_st *dh; /* DH */
-#endif
-#ifndef OPENSSL_NO_EC
- struct ec_key_st *ec; /* ECC */
- struct ecx_key_st *ecx; /* ECX */
-#endif
-#ifndef OPENSSL_NO_GOST
- struct gost_key_st *gost; /* GOST */
-#endif
- } pkey;
- int save_parameters;
- STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-} /* EVP_PKEY */;
-
-struct env_md_st {
- int type;
- int pkey_type;
- int md_size;
- unsigned long flags;
- int (*init)(EVP_MD_CTX *ctx);
- int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
- int (*final)(EVP_MD_CTX *ctx, unsigned char *md);
- int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from);
- int (*cleanup)(EVP_MD_CTX *ctx);
-
- int block_size;
- int ctx_size; /* how big does the ctx->md_data need to be */
- /* control function */
- int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
-} /* EVP_MD */;
-
-struct env_md_ctx_st {
- const EVP_MD *digest;
- ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
- unsigned long flags;
- void *md_data;
- /* Public key context for sign/verify */
- EVP_PKEY_CTX *pctx;
- /* Update function: usually copied from EVP_MD */
- int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
-} /* EVP_MD_CTX */;
-
-struct evp_cipher_st {
- int nid;
- int block_size;
- int key_len; /* Default value for variable length ciphers */
- int iv_len;
- unsigned long flags; /* Various flags */
- int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc); /* init key */
- int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl);/* encrypt/decrypt data */
- void (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
- int ctx_size; /* how big ctx->cipher_data needs to be */
- int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
- int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
- int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
- void *app_data; /* Application data */
-} /* EVP_CIPHER */;
-
-struct evp_cipher_ctx_st {
- const EVP_CIPHER *cipher;
- ENGINE *engine; /* functional reference if 'cipher' is ENGINE-provided */
- int encrypt; /* encrypt or decrypt */
- int buf_len; /* number we have left */
-
- unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
- unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
- unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
- int num; /* used by cfb/ofb/ctr mode */
-
- void *app_data; /* application stuff */
- int key_len; /* May change for variable length cipher */
- unsigned long flags; /* Various flags */
- void *cipher_data; /* per EVP data */
- int final_used;
- int block_mask;
- unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */
-} /* EVP_CIPHER_CTX */;
-
-struct evp_Encode_Ctx_st {
-
- int num; /* number saved in a partial encode/decode */
- int length; /* The length is either the output line length
- * (in input bytes) or the shortest input line
- * length that is ok. Once decoding begins,
- * the length is adjusted up each time a longer
- * line is decoded */
- unsigned char enc_data[80]; /* data to encode */
- int line_num; /* number read on current line */
- int expect_nl;
-} /* EVP_ENCODE_CTX */;
-
-#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
-
-struct evp_pkey_ctx_st {
- /* Method associated with this operation */
- const EVP_PKEY_METHOD *pmeth;
- /* Engine that implements this method or NULL if builtin */
- ENGINE *engine;
- /* Key: may be NULL */
- EVP_PKEY *pkey;
- /* Peer key for key agreement, may be NULL */
- EVP_PKEY *peerkey;
- /* Actual operation */
- int operation;
- /* Algorithm specific data */
- void *data;
- /* Application specific data */
- void *app_data;
- /* Keygen callback */
- EVP_PKEY_gen_cb *pkey_gencb;
- /* implementation specific keygen data */
- int *keygen_info;
- int keygen_info_count;
-} /* EVP_PKEY_CTX */;
-
-#define EVP_PKEY_FLAG_DYNAMIC 1
-
-struct evp_pkey_method_st {
- int pkey_id;
- int flags;
-
- int (*init)(EVP_PKEY_CTX *ctx);
- int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
- void (*cleanup)(EVP_PKEY_CTX *ctx);
-
- int (*paramgen_init)(EVP_PKEY_CTX *ctx);
- int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
-
- int (*keygen_init)(EVP_PKEY_CTX *ctx);
- int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
-
- int (*sign_init)(EVP_PKEY_CTX *ctx);
- int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen);
-
- int (*verify_init)(EVP_PKEY_CTX *ctx);
- int (*verify)(EVP_PKEY_CTX *ctx,
- const unsigned char *sig, size_t siglen,
- const unsigned char *tbs, size_t tbslen);
-
- int (*verify_recover_init)(EVP_PKEY_CTX *ctx);
- int (*verify_recover)(EVP_PKEY_CTX *ctx,
- unsigned char *rout, size_t *routlen,
- const unsigned char *sig, size_t siglen);
-
- int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
- int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
- EVP_MD_CTX *mctx);
-
- int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
- int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,
- int siglen, EVP_MD_CTX *mctx);
-
- int (*encrypt_init)(EVP_PKEY_CTX *ctx);
- int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen);
-
- int (*decrypt_init)(EVP_PKEY_CTX *ctx);
- int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen);
-
- int (*derive_init)(EVP_PKEY_CTX *ctx);
- int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
-
- int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
- int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value);
-
- int (*digestsign)(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen);
- int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs, size_t tbslen);
-
- int (*check)(EVP_PKEY *pkey);
- int (*public_check)(EVP_PKEY *pkey);
- int (*param_check)(EVP_PKEY *pkey);
-} /* EVP_PKEY_METHOD */;
-
-void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
-
-int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
- ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de);
-
-/* EVP_AEAD represents a specific AEAD algorithm. */
-struct evp_aead_st {
- unsigned char key_len;
- unsigned char nonce_len;
- unsigned char overhead;
- unsigned char max_tag_len;
-
- int (*init)(struct evp_aead_ctx_st*, const unsigned char *key,
- size_t key_len, size_t tag_len);
- void (*cleanup)(struct evp_aead_ctx_st*);
-
- int (*seal)(const struct evp_aead_ctx_st *ctx, unsigned char *out,
- size_t *out_len, size_t max_out_len, const unsigned char *nonce,
- size_t nonce_len, const unsigned char *in, size_t in_len,
- const unsigned char *ad, size_t ad_len);
-
- int (*open)(const struct evp_aead_ctx_st *ctx, unsigned char *out,
- size_t *out_len, size_t max_out_len, const unsigned char *nonce,
- size_t nonce_len, const unsigned char *in, size_t in_len,
- const unsigned char *ad, size_t ad_len);
-};
-
-/* An EVP_AEAD_CTX represents an AEAD algorithm configured with a specific key
- * and message-independent IV. */
-struct evp_aead_ctx_st {
- const EVP_AEAD *aead;
- /* aead_state is an opaque pointer to the AEAD specific state. */
- void *aead_state;
-};
-
-int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str);
-int EVP_PKEY_CTX_hex2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *hex);
-int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md_name);
-
-__END_HIDDEN_DECLS
-
-#endif /* !HEADER_EVP_LOCL_H */
-/* $OpenBSD: evp_pbe.c,v 1.26 2020/06/05 17:30:41 jsing Exp $ */
+/* $OpenBSD: evp_pbe.c,v 1.27 2022/11/26 16:08:52 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/pkcs12.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* Password based encryption (PBE) functions */
-/* $OpenBSD: evp_pkey.c,v 1.24 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: evp_pkey.c,v 1.25 2022/11/26 16:08:52 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/err.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
/* Extract a private key from a PKCS8 structure */
-/* $OpenBSD: m_gost2814789.c,v 1.3 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: m_gost2814789.c,v 1.4 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/gost.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int
gost2814789_init(EVP_MD_CTX *ctx)
-/* $OpenBSD: m_gostr341194.c,v 1.4 2022/01/14 08:38:05 tb Exp $ */
+/* $OpenBSD: m_gostr341194.c,v 1.5 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/gost.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int
gostr341194_init(EVP_MD_CTX *ctx)
-/* $OpenBSD: m_md4.c,v 1.18 2022/01/14 08:38:05 tb Exp $ */
+/* $OpenBSD: m_md4.c,v 1.19 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
static int
init(EVP_MD_CTX *ctx)
-/* $OpenBSD: m_md5.c,v 1.17 2022/01/14 08:38:06 tb Exp $ */
+/* $OpenBSD: m_md5.c,v 1.18 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
static int
init(EVP_MD_CTX *ctx)
-/* $OpenBSD: m_md5_sha1.c,v 1.4 2022/01/14 08:38:06 tb Exp $ */
+/* $OpenBSD: m_md5_sha1.c,v 1.5 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
*
#include <openssl/rsa.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
struct md5_sha1_ctx {
MD5_CTX md5;
-/* $OpenBSD: m_null.c,v 1.11 2022/01/14 08:38:06 tb Exp $ */
+/* $OpenBSD: m_null.c,v 1.12 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int
init(EVP_MD_CTX *ctx)
-/* $OpenBSD: m_ripemd.c,v 1.14 2022/01/14 08:38:06 tb Exp $ */
+/* $OpenBSD: m_ripemd.c,v 1.15 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
static int
init(EVP_MD_CTX *ctx)
-/* $OpenBSD: m_sha1.c,v 1.19 2022/01/14 08:38:06 tb Exp $ */
+/* $OpenBSD: m_sha1.c,v 1.20 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
static int
init(EVP_MD_CTX *ctx)
-/* $OpenBSD: m_sigver.c,v 1.10 2022/11/10 15:17:30 jsing Exp $ */
+/* $OpenBSD: m_sigver.c,v 1.11 2022/11/26 16:08:52 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int
update_oneshot_only(EVP_MD_CTX *ctx, const void *data, size_t datalen)
-/* $OpenBSD: m_sm3.c,v 1.3 2022/01/14 08:38:06 tb Exp $ */
+/* $OpenBSD: m_sm3.c,v 1.4 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2018, Ribose Inc
*
#include <openssl/rsa.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
static int
sm3_init(EVP_MD_CTX *ctx)
-/* $OpenBSD: m_streebog.c,v 1.4 2022/01/14 08:38:06 tb Exp $ */
+/* $OpenBSD: m_streebog.c,v 1.5 2022/11/26 16:08:52 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/gost.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int
streebog_init256(EVP_MD_CTX *ctx)
-/* $OpenBSD: m_wp.c,v 1.10 2022/01/14 08:38:06 tb Exp $ */
+/* $OpenBSD: m_wp.c,v 1.11 2022/11/26 16:08:52 tb Exp $ */
#include <stdio.h>
#include <openssl/x509.h>
#include <openssl/whrlpool.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int
init(EVP_MD_CTX *ctx)
-/* $OpenBSD: names.c,v 1.15 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: names.c,v 1.16 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
int
EVP_add_cipher(const EVP_CIPHER *c)
-/* $OpenBSD: p5_crpt.c,v 1.20 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: p5_crpt.c,v 1.21 2022/11/26 16:08:52 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/evp.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* Doesn't do anything now: Builtin PBE algorithms in static table.
*/
-/* $OpenBSD: p5_crpt2.c,v 1.24 2021/12/12 21:27:37 tb Exp $ */
+/* $OpenBSD: p5_crpt2.c,v 1.25 2022/11/26 16:08:52 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/hmac.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
#include "hmac_local.h"
/* This is an implementation of PKCS#5 v2.0 password based encryption key
-/* $OpenBSD: p_dec.c,v 1.12 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: p_dec.c,v 1.13 2022/11/26 16:08:52 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
int
EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
-/* $OpenBSD: p_enc.c,v 1.12 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: p_enc.c,v 1.13 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
int
EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len,
-/* $OpenBSD: p_lib.c,v 1.31 2022/11/18 14:45:10 tb Exp $ */
+/* $OpenBSD: p_lib.c,v 1.32 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/engine.h>
#endif
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
static void EVP_PKEY_free_it(EVP_PKEY *x);
-/* $OpenBSD: p_open.c,v 1.20 2021/12/12 21:30:13 tb Exp $ */
+/* $OpenBSD: p_open.c,v 1.21 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
int
EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-/* $OpenBSD: p_sign.c,v 1.16 2022/01/14 08:38:06 tb Exp $ */
+/* $OpenBSD: p_sign.c,v 1.17 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
int
EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
-/* $OpenBSD: p_verify.c,v 1.15 2022/01/14 08:38:06 tb Exp $ */
+/* $OpenBSD: p_verify.c,v 1.16 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
int
EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
-/* $OpenBSD: pmeth_fn.c,v 1.6 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: pmeth_fn.c,v 1.7 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "evp_locl.h"
+#include "evp_local.h"
#define M_check_autoarg(ctx, arg, arglen, err) \
if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
-/* $OpenBSD: pmeth_gn.c,v 1.10 2022/01/10 12:10:26 tb Exp $ */
+/* $OpenBSD: pmeth_gn.c,v 1.11 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "asn1_locl.h"
-#include "bn_lcl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "bn_local.h"
+#include "evp_local.h"
int
EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
-/* $OpenBSD: pmeth_lib.c,v 1.25 2022/11/10 16:37:52 jsing Exp $ */
+/* $OpenBSD: pmeth_lib.c,v 1.26 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/engine.h>
#endif
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
DECLARE_STACK_OF(EVP_PKEY_METHOD)
STACK_OF(EVP_PKEY_METHOD) *pkey_app_methods = NULL;
-/* $OpenBSD: gost2814789.c,v 1.7 2021/11/09 18:40:21 bcook Exp $ */
+/* $OpenBSD: gost2814789.c,v 1.8 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/objects.h>
#include <openssl/gost.h>
-#include "gost_locl.h"
+#include "gost_local.h"
static inline unsigned int
f(const GOST2814789_KEY *c, unsigned int x)
-/* $OpenBSD: gost89_keywrap.c,v 1.3 2014/11/09 19:28:44 miod Exp $ */
+/* $OpenBSD: gost89_keywrap.c,v 1.4 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/gost.h>
-#include "gost_locl.h"
+#include "gost_local.h"
static void
key_diversify_crypto_pro(GOST2814789_KEY *ctx, const unsigned char *inputKey,
-/* $OpenBSD: gost89_params.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
+/* $OpenBSD: gost89_params.c,v 1.3 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/objects.h>
#include <openssl/gost.h>
-#include "gost_locl.h"
+#include "gost_local.h"
/* Substitution blocks from test examples for GOST R 34.11-94*/
static const gost_subst_block GostR3411_94_TestParamSet = {
-/* $OpenBSD: gost89imit_ameth.c,v 1.3 2021/12/12 21:30:14 tb Exp $ */
+/* $OpenBSD: gost89imit_ameth.c,v 1.4 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#ifndef OPENSSL_NO_GOST
#include <openssl/evp.h>
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
static void
mackey_free_gost(EVP_PKEY *pk)
-/* $OpenBSD: gost89imit_pmeth.c,v 1.4 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: gost89imit_pmeth.c,v 1.5 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/gost.h>
#include <openssl/x509v3.h> /* For string_to_hex */
-#include "evp_locl.h"
-#include "gost_locl.h"
+#include "evp_local.h"
+#include "gost_local.h"
struct gost_mac_pmeth_data {
EVP_MD *md;
#include <openssl/x509.h>
#include <openssl/gost.h>
-#include "gost_locl.h"
+#include "gost_local.h"
#include "gost_asn1.h"
static const ASN1_TEMPLATE GOST_KEY_TRANSPORT_seq_tt[] = {
--- /dev/null
+/* $OpenBSD: gost_local.h,v 1.1 2022/11/26 16:08:53 tb Exp $ */
+/*
+ * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
+ * Copyright (c) 2005-2006 Cryptocom LTD
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_GOST_LOCL_H
+#define HEADER_GOST_LOCL_H
+
+#include <openssl/ec.h>
+#include <openssl/ecdsa.h>
+
+__BEGIN_HIDDEN_DECLS
+
+/* Internal representation of GOST substitution blocks */
+typedef struct {
+ unsigned char k8[16];
+ unsigned char k7[16];
+ unsigned char k6[16];
+ unsigned char k5[16];
+ unsigned char k4[16];
+ unsigned char k3[16];
+ unsigned char k2[16];
+ unsigned char k1[16];
+} gost_subst_block;
+
+#if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+# define c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4)
+# define l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4)
+#else
+#define c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<<24))
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff))
+#endif
+
+extern void Gost2814789_encrypt(const unsigned char *in, unsigned char *out,
+ const GOST2814789_KEY *key);
+extern void Gost2814789_decrypt(const unsigned char *in, unsigned char *out,
+ const GOST2814789_KEY *key);
+extern void Gost2814789_cryptopro_key_mesh(GOST2814789_KEY *key);
+
+/* GOST 28147-89 key wrapping */
+extern int gost_key_unwrap_crypto_pro(int nid,
+ const unsigned char *keyExchangeKey, const unsigned char *wrappedKey,
+ unsigned char *sessionKey);
+extern int gost_key_wrap_crypto_pro(int nid,
+ const unsigned char *keyExchangeKey, const unsigned char *ukm,
+ const unsigned char *sessionKey, unsigned char *wrappedKey);
+/* Pkey part */
+extern int gost2001_compute_public(GOST_KEY *ec);
+extern ECDSA_SIG *gost2001_do_sign(BIGNUM *md, GOST_KEY *eckey);
+extern int gost2001_do_verify(BIGNUM *md, ECDSA_SIG *sig, GOST_KEY *ec);
+extern int gost2001_keygen(GOST_KEY *ec);
+extern int VKO_compute_key(BIGNUM *X, BIGNUM *Y, const GOST_KEY *pkey,
+ GOST_KEY *priv_key, const BIGNUM *ukm);
+extern BIGNUM *GOST_le2bn(const unsigned char *buf, size_t len, BIGNUM *bn);
+extern int GOST_bn2le(BIGNUM *bn, unsigned char *buf, int len);
+
+/* GOST R 34.10 parameters */
+extern int GostR3410_get_md_digest(int nid);
+extern int GostR3410_get_pk_digest(int nid);
+extern int GostR3410_256_param_id(const char *value);
+extern int GostR3410_512_param_id(const char *value);
+
+__END_HIDDEN_DECLS
+
+#endif
+++ /dev/null
-/* $OpenBSD: gost_locl.h,v 1.4 2016/12/21 15:49:29 jsing Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_GOST_LOCL_H
-#define HEADER_GOST_LOCL_H
-
-#include <openssl/ec.h>
-#include <openssl/ecdsa.h>
-
-__BEGIN_HIDDEN_DECLS
-
-/* Internal representation of GOST substitution blocks */
-typedef struct {
- unsigned char k8[16];
- unsigned char k7[16];
- unsigned char k6[16];
- unsigned char k5[16];
- unsigned char k4[16];
- unsigned char k3[16];
- unsigned char k2[16];
- unsigned char k1[16];
-} gost_subst_block;
-
-#if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-# define c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4)
-# define l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4)
-#else
-#define c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
- l|=(((unsigned long)(*((c)++)))<< 8), \
- l|=(((unsigned long)(*((c)++)))<<16), \
- l|=(((unsigned long)(*((c)++)))<<24))
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24)&0xff))
-#endif
-
-extern void Gost2814789_encrypt(const unsigned char *in, unsigned char *out,
- const GOST2814789_KEY *key);
-extern void Gost2814789_decrypt(const unsigned char *in, unsigned char *out,
- const GOST2814789_KEY *key);
-extern void Gost2814789_cryptopro_key_mesh(GOST2814789_KEY *key);
-
-/* GOST 28147-89 key wrapping */
-extern int gost_key_unwrap_crypto_pro(int nid,
- const unsigned char *keyExchangeKey, const unsigned char *wrappedKey,
- unsigned char *sessionKey);
-extern int gost_key_wrap_crypto_pro(int nid,
- const unsigned char *keyExchangeKey, const unsigned char *ukm,
- const unsigned char *sessionKey, unsigned char *wrappedKey);
-/* Pkey part */
-extern int gost2001_compute_public(GOST_KEY *ec);
-extern ECDSA_SIG *gost2001_do_sign(BIGNUM *md, GOST_KEY *eckey);
-extern int gost2001_do_verify(BIGNUM *md, ECDSA_SIG *sig, GOST_KEY *ec);
-extern int gost2001_keygen(GOST_KEY *ec);
-extern int VKO_compute_key(BIGNUM *X, BIGNUM *Y, const GOST_KEY *pkey,
- GOST_KEY *priv_key, const BIGNUM *ukm);
-extern BIGNUM *GOST_le2bn(const unsigned char *buf, size_t len, BIGNUM *bn);
-extern int GOST_bn2le(BIGNUM *bn, unsigned char *buf, int len);
-
-/* GOST R 34.10 parameters */
-extern int GostR3410_get_md_digest(int nid);
-extern int GostR3410_get_pk_digest(int nid);
-extern int GostR3410_256_param_id(const char *value);
-extern int GostR3410_512_param_id(const char *value);
-
-__END_HIDDEN_DECLS
-
-#endif
-/* $OpenBSD: gostr341001.c,v 1.9 2022/01/07 09:40:03 tb Exp $ */
+/* $OpenBSD: gostr341001.c,v 1.10 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/err.h>
#include <openssl/gost.h>
-#include "bn_lcl.h"
-#include "ecs_locl.h"
-#include "gost_locl.h"
+#include "bn_local.h"
+#include "ecs_local.h"
+#include "gost_local.h"
/* Convert little-endian byte array into bignum */
BIGNUM *
-/* $OpenBSD: gostr341001_ameth.c,v 1.19 2021/12/26 15:38:49 tb Exp $ */
+/* $OpenBSD: gostr341001_ameth.c,v 1.20 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/gost.h>
-#include "asn1_locl.h"
-#include "evp_locl.h"
-#include "gost_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
+#include "gost_local.h"
#include "gost_asn1.h"
static void
-/* $OpenBSD: gostr341001_key.c,v 1.9 2021/04/20 17:16:38 tb Exp $ */
+/* $OpenBSD: gostr341001_key.c,v 1.10 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/err.h>
#include <openssl/gost.h>
#include <openssl/objects.h>
-#include "gost_locl.h"
+#include "gost_local.h"
struct gost_key_st {
EC_GROUP *group;
-/* $OpenBSD: gostr341001_params.c,v 1.4 2020/06/05 17:12:09 jsing Exp $ */
+/* $OpenBSD: gostr341001_params.c,v 1.5 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/objects.h>
#include <openssl/gost.h>
-#include "gost_locl.h"
+#include "gost_local.h"
int
GostR3410_get_md_digest(int nid)
-/* $OpenBSD: gostr341001_pmeth.c,v 1.16 2022/03/30 07:17:48 tb Exp $ */
+/* $OpenBSD: gostr341001_pmeth.c,v 1.17 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/ecdsa.h>
#include <openssl/x509.h>
-#include "ecs_locl.h"
-#include "evp_locl.h"
-#include "gost_locl.h"
+#include "ecs_local.h"
+#include "evp_local.h"
+#include "gost_local.h"
#include "gost_asn1.h"
static ECDSA_SIG *
-/* $OpenBSD: gostr341194.c,v 1.5 2015/09/10 15:56:25 jsing Exp $ */
+/* $OpenBSD: gostr341194.c,v 1.6 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/objects.h>
#include <openssl/gost.h>
-#include "gost_locl.h"
+#include "gost_local.h"
/* Following functions are various bit meshing routines used in
* GOST R 34.11-94 algorithms */
-/* $OpenBSD: streebog.c,v 1.7 2021/11/09 18:40:21 bcook Exp $ */
+/* $OpenBSD: streebog.c,v 1.8 2022/11/26 16:08:53 tb Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
#include <openssl/objects.h>
#include <openssl/gost.h>
-#include "gost_locl.h"
+#include "gost_local.h"
static const STREEBOG_LONG64 A_PI_table[8][256] = {
{ /* 0 */
-/* $OpenBSD: hkdf.c,v 1.7 2021/12/12 21:30:14 tb Exp $ */
+/* $OpenBSD: hkdf.c,v 1.8 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (c) 2014, Google Inc.
*
* Permission to use, copy, modify, and/or distribute this software for any
#include <openssl/err.h>
#include <openssl/hmac.h>
-#include "evp_locl.h"
+#include "evp_local.h"
#include "hmac_local.h"
/* https://tools.ietf.org/html/rfc5869#section-2 */
-/* $OpenBSD: hm_ameth.c,v 1.18 2022/11/19 04:36:52 tb Exp $ */
+/* $OpenBSD: hm_ameth.c,v 1.19 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2007.
*/
#include <openssl/evp.h>
#include <openssl/hmac.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#include "bytestring.h"
-#include "evp_locl.h"
+#include "evp_local.h"
#include "hmac_local.h"
static int
-/* $OpenBSD: hm_pmeth.c,v 1.14 2022/11/18 14:45:10 tb Exp $ */
+/* $OpenBSD: hm_pmeth.c,v 1.15 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2007.
*/
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "evp_locl.h"
+#include "evp_local.h"
#include "hmac_local.h"
/* HMAC pkey context structure */
-/* $OpenBSD: hmac.c,v 1.29 2022/11/11 11:25:18 beck Exp $ */
+/* $OpenBSD: hmac.c,v 1.30 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
#include <openssl/hmac.h>
-#include "evp_locl.h"
+#include "evp_local.h"
#include "hmac_local.h"
int
-/* $OpenBSD: hmac_local.h,v 1.3 2022/01/14 08:06:03 tb Exp $ */
+/* $OpenBSD: hmac_local.h,v 1.4 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
-#include "evp_locl.h"
+#include "evp_local.h"
__BEGIN_HIDDEN_DECLS
-/* $OpenBSD: i_cbc.c,v 1.3 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: i_cbc.c,v 1.4 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/idea.h>
-#include "idea_lcl.h"
+#include "idea_local.h"
void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int encrypt)
-/* $OpenBSD: i_cfb64.c,v 1.3 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: i_cfb64.c,v 1.4 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/idea.h>
-#include "idea_lcl.h"
+#include "idea_local.h"
/* The input and output encrypted as though 64bit cfb mode is being
* used. The extra state information to record how much of the
-/* $OpenBSD: i_ecb.c,v 1.3 2014/07/09 11:10:51 bcook Exp $ */
+/* $OpenBSD: i_ecb.c,v 1.4 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/idea.h>
-#include "idea_lcl.h"
+#include "idea_local.h"
#include <openssl/opensslv.h>
const char *idea_options(void)
-/* $OpenBSD: i_ofb64.c,v 1.3 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: i_ofb64.c,v 1.4 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/idea.h>
-#include "idea_lcl.h"
+#include "idea_local.h"
/* The input and output encrypted as though 64bit ofb mode is being
* used. The extra state information to record how much of the
-/* $OpenBSD: i_skey.c,v 1.4 2014/10/28 07:35:58 jsg Exp $ */
+/* $OpenBSD: i_skey.c,v 1.5 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/crypto.h>
#include <openssl/idea.h>
-#include "idea_lcl.h"
+#include "idea_local.h"
static IDEA_INT inverse(unsigned int xin);
void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
+++ /dev/null
-/* $OpenBSD: idea_lcl.h,v 1.3 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* The new form of this macro (check if the a*b == 0) was suggested by
- * Colin Plumb <colin@nyx10.cs.du.edu> */
-/* Removal of the inner if from from Wei Dai 24/4/96 */
-#define idea_mul(r,a,b,ul) \
-ul=(unsigned long)a*b; \
-if (ul != 0) \
- { \
- r=(ul&0xffff)-(ul>>16); \
- r-=((r)>>16); \
- } \
-else \
- r=(-(int)a-b+1); /* assuming a or b is 0 and in range */
-
-/* 7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com>
- * for pointing out that I was assuming little endian
- * byte order for all quantities what idea
- * actually used bigendian. No where in the spec does it mention
- * this, it is all in terms of 16 bit numbers and even the example
- * does not use byte streams for the input example :-(.
- * If you byte swap each pair of input, keys and iv, the functions
- * would produce the output as the old version :-(.
- */
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c)))) ; \
- case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
- case 6: l2|=((unsigned long)(*(--(c))))<<16; \
- case 5: l2|=((unsigned long)(*(--(c))))<<24; \
- case 4: l1 =((unsigned long)(*(--(c)))) ; \
- case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
- case 2: l1|=((unsigned long)(*(--(c))))<<16; \
- case 1: l1|=((unsigned long)(*(--(c))))<<24; \
- } \
- }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
- } \
- }
-
-#undef n2l
-#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-#undef s2n
-#define s2n(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
-
-#undef n2s
-#define n2s(c,l) (l =((IDEA_INT)(*((c)++)))<< 8L, \
- l|=((IDEA_INT)(*((c)++))) )
-
-#define E_IDEA(num) \
- x1&=0xffff; \
- idea_mul(x1,x1,*p,ul); p++; \
- x2+= *(p++); \
- x3+= *(p++); \
- x4&=0xffff; \
- idea_mul(x4,x4,*p,ul); p++; \
- t0=(x1^x3)&0xffff; \
- idea_mul(t0,t0,*p,ul); p++; \
- t1=(t0+(x2^x4))&0xffff; \
- idea_mul(t1,t1,*p,ul); p++; \
- t0+=t1; \
- x1^=t1; \
- x4^=t0; \
- ul=x2^t0; /* do the swap to x3 */ \
- x2=x3^t1; \
- x3=ul;
-
--- /dev/null
+/* $OpenBSD: idea_local.h,v 1.1 2022/11/26 16:08:53 tb Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* The new form of this macro (check if the a*b == 0) was suggested by
+ * Colin Plumb <colin@nyx10.cs.du.edu> */
+/* Removal of the inner if from from Wei Dai 24/4/96 */
+#define idea_mul(r,a,b,ul) \
+ul=(unsigned long)a*b; \
+if (ul != 0) \
+ { \
+ r=(ul&0xffff)-(ul>>16); \
+ r-=((r)>>16); \
+ } \
+else \
+ r=(-(int)a-b+1); /* assuming a or b is 0 and in range */
+
+/* 7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com>
+ * for pointing out that I was assuming little endian
+ * byte order for all quantities what idea
+ * actually used bigendian. No where in the spec does it mention
+ * this, it is all in terms of 16 bit numbers and even the example
+ * does not use byte streams for the input example :-(.
+ * If you byte swap each pair of input, keys and iv, the functions
+ * would produce the output as the old version :-(.
+ */
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c)))) ; \
+ case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+ case 4: l1 =((unsigned long)(*(--(c)))) ; \
+ case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ } \
+ }
+
+#undef n2l
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+#undef s2n
+#define s2n(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
+
+#undef n2s
+#define n2s(c,l) (l =((IDEA_INT)(*((c)++)))<< 8L, \
+ l|=((IDEA_INT)(*((c)++))) )
+
+#define E_IDEA(num) \
+ x1&=0xffff; \
+ idea_mul(x1,x1,*p,ul); p++; \
+ x2+= *(p++); \
+ x3+= *(p++); \
+ x4&=0xffff; \
+ idea_mul(x4,x4,*p,ul); p++; \
+ t0=(x1^x3)&0xffff; \
+ idea_mul(t0,t0,*p,ul); p++; \
+ t1=(t0+(x2^x4))&0xffff; \
+ idea_mul(t1,t1,*p,ul); p++; \
+ t0+=t1; \
+ x1^=t1; \
+ x4^=t0; \
+ ul=x2^t0; /* do the swap to x3 */ \
+ x2=x3^t1; \
+ x3=ul;
+
-/* $OpenBSD: hkdf_evp.c,v 1.18 2022/05/05 19:48:06 tb Exp $ */
+/* $OpenBSD: hkdf_evp.c,v 1.19 2022/11/26 16:08:53 tb Exp $ */
/* ====================================================================
* Copyright (c) 2016-2018 The OpenSSL Project. All rights reserved.
*
#include <openssl/hkdf.h>
#include <openssl/kdf.h>
-#include "evp_locl.h"
+#include "evp_local.h"
#define HKDF_MAXBUF 1024
-/* $OpenBSD: md4_dgst.c,v 1.16 2015/09/14 01:45:03 doug Exp $ */
+/* $OpenBSD: md4_dgst.c,v 1.17 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <stdio.h>
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
-#include "md4_locl.h"
+#include "md4_local.h"
/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
*/
--- /dev/null
+/* $OpenBSD: md4_local.h,v 1.1 2022/11/26 16:08:53 tb Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/opensslconf.h>
+#include <openssl/md4.h>
+
+__BEGIN_HIDDEN_DECLS
+
+void md4_block_data_order (MD4_CTX *c, const void *p,size_t num);
+
+__END_HIDDEN_DECLS
+
+#define DATA_ORDER_IS_LITTLE_ENDIAN
+
+#define HASH_LONG MD4_LONG
+#define HASH_CTX MD4_CTX
+#define HASH_CBLOCK MD4_CBLOCK
+#define HASH_UPDATE MD4_Update
+#define HASH_TRANSFORM MD4_Transform
+#define HASH_FINAL MD4_Final
+#define HASH_MAKE_STRING(c,s) do { \
+ unsigned long ll; \
+ ll=(c)->A; HOST_l2c(ll,(s)); \
+ ll=(c)->B; HOST_l2c(ll,(s)); \
+ ll=(c)->C; HOST_l2c(ll,(s)); \
+ ll=(c)->D; HOST_l2c(ll,(s)); \
+ } while (0)
+#define HASH_BLOCK_DATA_ORDER md4_block_data_order
+
+#include "md32_common.h"
+
+/*
+#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
+#define G(x,y,z) (((x) & (y)) | ((x) & ((z))) | ((y) & ((z))))
+*/
+
+/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
+ * simplified to the code below. Wei attributes these optimizations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
+#define G(b,c,d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
+#define H(b,c,d) ((b) ^ (c) ^ (d))
+
+#define R0(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+F((b),(c),(d))); \
+ a=ROTATE(a,s); };
+
+#define R1(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+G((b),(c),(d))); \
+ a=ROTATE(a,s); };\
+
+#define R2(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+H((b),(c),(d))); \
+ a=ROTATE(a,s); };
+++ /dev/null
-/* $OpenBSD: md4_locl.h,v 1.10 2016/12/21 15:49:29 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/md4.h>
-
-__BEGIN_HIDDEN_DECLS
-
-void md4_block_data_order (MD4_CTX *c, const void *p,size_t num);
-
-__END_HIDDEN_DECLS
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG MD4_LONG
-#define HASH_CTX MD4_CTX
-#define HASH_CBLOCK MD4_CBLOCK
-#define HASH_UPDATE MD4_Update
-#define HASH_TRANSFORM MD4_Transform
-#define HASH_FINAL MD4_Final
-#define HASH_MAKE_STRING(c,s) do { \
- unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
- } while (0)
-#define HASH_BLOCK_DATA_ORDER md4_block_data_order
-
-#include "md32_common.h"
-
-/*
-#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
-#define G(x,y,z) (((x) & (y)) | ((x) & ((z))) | ((y) & ((z))))
-*/
-
-/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
- * simplified to the code below. Wei attributes these optimizations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- */
-#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
-#define G(b,c,d) (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
-#define H(b,c,d) ((b) ^ (c) ^ (d))
-
-#define R0(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+F((b),(c),(d))); \
- a=ROTATE(a,s); };
-
-#define R1(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+G((b),(c),(d))); \
- a=ROTATE(a,s); };\
-
-#define R2(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+H((b),(c),(d))); \
- a=ROTATE(a,s); };
-/* $OpenBSD: md5_dgst.c,v 1.14 2014/10/28 07:35:59 jsg Exp $ */
+/* $OpenBSD: md5_dgst.c,v 1.15 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <stdio.h>
-#include "md5_locl.h"
+#include "md5_local.h"
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
--- /dev/null
+/* $OpenBSD: md5_local.h,v 1.1 2022/11/26 16:08:53 tb Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/opensslconf.h>
+
+#include <openssl/md5.h>
+
+#ifdef MD5_ASM
+# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || \
+ defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
+# define md5_block_data_order md5_block_asm_data_order
+# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
+# define md5_block_data_order md5_block_asm_data_order
+# endif
+#endif
+
+__BEGIN_HIDDEN_DECLS
+
+void md5_block_data_order (MD5_CTX *c, const void *p,size_t num);
+
+__END_HIDDEN_DECLS
+
+#define DATA_ORDER_IS_LITTLE_ENDIAN
+
+#define HASH_LONG MD5_LONG
+#define HASH_CTX MD5_CTX
+#define HASH_CBLOCK MD5_CBLOCK
+#define HASH_UPDATE MD5_Update
+#define HASH_TRANSFORM MD5_Transform
+#define HASH_FINAL MD5_Final
+#define HASH_MAKE_STRING(c,s) do { \
+ unsigned long ll; \
+ ll=(c)->A; HOST_l2c(ll,(s)); \
+ ll=(c)->B; HOST_l2c(ll,(s)); \
+ ll=(c)->C; HOST_l2c(ll,(s)); \
+ ll=(c)->D; HOST_l2c(ll,(s)); \
+ } while (0)
+#define HASH_BLOCK_DATA_ORDER md5_block_data_order
+
+#include "md32_common.h"
+
+/*
+#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
+#define G(x,y,z) (((x) & (z)) | ((y) & (~(z))))
+*/
+
+/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
+ * simplified to the code below. Wei attributes these optimizations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
+#define G(b,c,d) ((((b) ^ (c)) & (d)) ^ (c))
+#define H(b,c,d) ((b) ^ (c) ^ (d))
+#define I(b,c,d) (((~(d)) | (b)) ^ (c))
+
+#define R0(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+F((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };\
+
+#define R1(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+G((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };
+
+#define R2(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+H((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };
+
+#define R3(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+I((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };
+++ /dev/null
-/* $OpenBSD: md5_locl.h,v 1.14 2016/12/21 15:49:29 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/md5.h>
-
-#ifdef MD5_ASM
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || \
- defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
-# define md5_block_data_order md5_block_asm_data_order
-# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
-# define md5_block_data_order md5_block_asm_data_order
-# endif
-#endif
-
-__BEGIN_HIDDEN_DECLS
-
-void md5_block_data_order (MD5_CTX *c, const void *p,size_t num);
-
-__END_HIDDEN_DECLS
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG MD5_LONG
-#define HASH_CTX MD5_CTX
-#define HASH_CBLOCK MD5_CBLOCK
-#define HASH_UPDATE MD5_Update
-#define HASH_TRANSFORM MD5_Transform
-#define HASH_FINAL MD5_Final
-#define HASH_MAKE_STRING(c,s) do { \
- unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
- } while (0)
-#define HASH_BLOCK_DATA_ORDER md5_block_data_order
-
-#include "md32_common.h"
-
-/*
-#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
-#define G(x,y,z) (((x) & (z)) | ((y) & (~(z))))
-*/
-
-/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
- * simplified to the code below. Wei attributes these optimizations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- */
-#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
-#define G(b,c,d) ((((b) ^ (c)) & (d)) ^ (c))
-#define H(b,c,d) ((b) ^ (c) ^ (d))
-#define I(b,c,d) (((~(d)) | (b)) ^ (c))
-
-#define R0(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+F((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };\
-
-#define R1(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+G((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };
-
-#define R2(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+H((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };
-
-#define R3(a,b,c,d,k,s,t) { \
- a+=((k)+(t)+I((b),(c),(d))); \
- a=ROTATE(a,s); \
- a+=b; };
-/* $OpenBSD: cbc128.c,v 1.5 2022/01/22 00:45:17 inoguchi Exp $ */
+/* $OpenBSD: cbc128.c,v 1.6 2022/11/26 16:08:53 tb Exp $ */
/* ====================================================================
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
*
*/
#include <openssl/crypto.h>
-#include "modes_lcl.h"
+#include "modes_local.h"
#include <string.h>
#ifndef MODES_DEBUG
-/* $OpenBSD: ccm128.c,v 1.5 2019/05/08 14:18:25 tb Exp $ */
+/* $OpenBSD: ccm128.c,v 1.6 2022/11/26 16:08:53 tb Exp $ */
/* ====================================================================
* Copyright (c) 2011 The OpenSSL Project. All rights reserved.
*
*/
#include <openssl/crypto.h>
-#include "modes_lcl.h"
+#include "modes_local.h"
#include <string.h>
#ifndef MODES_DEBUG
-/* $OpenBSD: cfb128.c,v 1.4 2015/02/10 09:46:30 miod Exp $ */
+/* $OpenBSD: cfb128.c,v 1.5 2022/11/26 16:08:53 tb Exp $ */
/* ====================================================================
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
*
*/
#include <openssl/crypto.h>
-#include "modes_lcl.h"
+#include "modes_local.h"
#include <string.h>
#ifndef MODES_DEBUG
-/* $OpenBSD: ctr128.c,v 1.7 2017/08/13 17:46:24 bcook Exp $ */
+/* $OpenBSD: ctr128.c,v 1.8 2022/11/26 16:08:53 tb Exp $ */
/* ====================================================================
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
*
*/
#include <openssl/crypto.h>
-#include "modes_lcl.h"
+#include "modes_local.h"
#include <string.h>
#ifndef MODES_DEBUG
-/* $OpenBSD: cts128.c,v 1.5 2015/07/19 18:27:26 miod Exp $ */
+/* $OpenBSD: cts128.c,v 1.6 2022/11/26 16:08:53 tb Exp $ */
/* ====================================================================
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
*
*/
#include <openssl/crypto.h>
-#include "modes_lcl.h"
+#include "modes_local.h"
#include <string.h>
#ifndef MODES_DEBUG
-/* $OpenBSD: gcm128.c,v 1.22 2018/01/24 23:03:37 kettenis Exp $ */
+/* $OpenBSD: gcm128.c,v 1.23 2022/11/26 16:08:53 tb Exp $ */
/* ====================================================================
* Copyright (c) 2010 The OpenSSL Project. All rights reserved.
*
#define OPENSSL_FIPSAPI
#include <openssl/crypto.h>
-#include "modes_lcl.h"
+#include "modes_local.h"
#include <string.h>
#ifndef MODES_DEBUG
+++ /dev/null
-/* $OpenBSD: modes_lcl.h,v 1.11 2021/11/09 18:40:21 bcook Exp $ */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use is governed by OpenSSL license.
- * ====================================================================
- */
-
-#include <endian.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/modes.h>
-
-__BEGIN_HIDDEN_DECLS
-
-#if defined(_LP64)
-typedef long i64;
-typedef unsigned long u64;
-#define U64(C) C##UL
-#else
-typedef long long i64;
-typedef unsigned long long u64;
-#define U64(C) C##ULL
-#endif
-
-typedef unsigned int u32;
-typedef unsigned char u8;
-
-#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-#if defined(__GNUC__) && __GNUC__>=2
-# if defined(__x86_64) || defined(__x86_64__)
-# define BSWAP8(x) ({ u64 ret=(x); \
- asm ("bswapq %0" \
- : "+r"(ret)); ret; })
-# define BSWAP4(x) ({ u32 ret=(x); \
- asm ("bswapl %0" \
- : "+r"(ret)); ret; })
-# elif (defined(__i386) || defined(__i386__))
-# define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x); \
- asm ("bswapl %0; bswapl %1" \
- : "+r"(hi),"+r"(lo)); \
- (u64)hi<<32|lo; })
-# define BSWAP4(x) ({ u32 ret=(x); \
- asm ("bswapl %0" \
- : "+r"(ret)); ret; })
-# elif (defined(__arm__) || defined(__arm)) && !defined(__STRICT_ALIGNMENT)
-# define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x); \
- asm ("rev %0,%0; rev %1,%1" \
- : "+r"(hi),"+r"(lo)); \
- (u64)hi<<32|lo; })
-# define BSWAP4(x) ({ u32 ret; \
- asm ("rev %0,%1" \
- : "=r"(ret) : "r"((u32)(x))); \
- ret; })
-# endif
-#endif
-#endif
-
-#if defined(BSWAP4) && !defined(__STRICT_ALIGNMENT)
-#define GETU32(p) BSWAP4(*(const u32 *)(p))
-#define PUTU32(p,v) *(u32 *)(p) = BSWAP4(v)
-#else
-#define GETU32(p) ((u32)(p)[0]<<24|(u32)(p)[1]<<16|(u32)(p)[2]<<8|(u32)(p)[3])
-#define PUTU32(p,v) ((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v))
-#endif
-
-/* GCM definitions */
-
-typedef struct { u64 hi,lo; } u128;
-
-#ifdef TABLE_BITS
-#undef TABLE_BITS
-#endif
-/*
- * Even though permitted values for TABLE_BITS are 8, 4 and 1, it should
- * never be set to 8 [or 1]. For further information see gcm128.c.
- */
-#define TABLE_BITS 4
-
-struct gcm128_context {
- /* Following 6 names follow names in GCM specification */
- union { u64 u[2]; u32 d[4]; u8 c[16]; size_t t[16/sizeof(size_t)]; }
- Yi,EKi,EK0,len,Xi,H;
- /* Relative position of Xi, H and pre-computed Htable is used
- * in some assembler modules, i.e. don't change the order! */
-#if TABLE_BITS==8
- u128 Htable[256];
-#else
- u128 Htable[16];
- void (*gmult)(u64 Xi[2],const u128 Htable[16]);
- void (*ghash)(u64 Xi[2],const u128 Htable[16],const u8 *inp,size_t len);
-#endif
- unsigned int mres, ares;
- block128_f block;
- void *key;
-};
-
-struct xts128_context {
- void *key1, *key2;
- block128_f block1,block2;
-};
-
-struct ccm128_context {
- union { u64 u[2]; u8 c[16]; } nonce, cmac;
- u64 blocks;
- block128_f block;
- void *key;
-};
-
-__END_HIDDEN_DECLS
--- /dev/null
+/* $OpenBSD: modes_local.h,v 1.1 2022/11/26 16:08:53 tb Exp $ */
+/* ====================================================================
+ * Copyright (c) 2010 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use is governed by OpenSSL license.
+ * ====================================================================
+ */
+
+#include <endian.h>
+
+#include <openssl/opensslconf.h>
+
+#include <openssl/modes.h>
+
+__BEGIN_HIDDEN_DECLS
+
+#if defined(_LP64)
+typedef long i64;
+typedef unsigned long u64;
+#define U64(C) C##UL
+#else
+typedef long long i64;
+typedef unsigned long long u64;
+#define U64(C) C##ULL
+#endif
+
+typedef unsigned int u32;
+typedef unsigned char u8;
+
+#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+#if defined(__GNUC__) && __GNUC__>=2
+# if defined(__x86_64) || defined(__x86_64__)
+# define BSWAP8(x) ({ u64 ret=(x); \
+ asm ("bswapq %0" \
+ : "+r"(ret)); ret; })
+# define BSWAP4(x) ({ u32 ret=(x); \
+ asm ("bswapl %0" \
+ : "+r"(ret)); ret; })
+# elif (defined(__i386) || defined(__i386__))
+# define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x); \
+ asm ("bswapl %0; bswapl %1" \
+ : "+r"(hi),"+r"(lo)); \
+ (u64)hi<<32|lo; })
+# define BSWAP4(x) ({ u32 ret=(x); \
+ asm ("bswapl %0" \
+ : "+r"(ret)); ret; })
+# elif (defined(__arm__) || defined(__arm)) && !defined(__STRICT_ALIGNMENT)
+# define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x); \
+ asm ("rev %0,%0; rev %1,%1" \
+ : "+r"(hi),"+r"(lo)); \
+ (u64)hi<<32|lo; })
+# define BSWAP4(x) ({ u32 ret; \
+ asm ("rev %0,%1" \
+ : "=r"(ret) : "r"((u32)(x))); \
+ ret; })
+# endif
+#endif
+#endif
+
+#if defined(BSWAP4) && !defined(__STRICT_ALIGNMENT)
+#define GETU32(p) BSWAP4(*(const u32 *)(p))
+#define PUTU32(p,v) *(u32 *)(p) = BSWAP4(v)
+#else
+#define GETU32(p) ((u32)(p)[0]<<24|(u32)(p)[1]<<16|(u32)(p)[2]<<8|(u32)(p)[3])
+#define PUTU32(p,v) ((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v))
+#endif
+
+/* GCM definitions */
+
+typedef struct { u64 hi,lo; } u128;
+
+#ifdef TABLE_BITS
+#undef TABLE_BITS
+#endif
+/*
+ * Even though permitted values for TABLE_BITS are 8, 4 and 1, it should
+ * never be set to 8 [or 1]. For further information see gcm128.c.
+ */
+#define TABLE_BITS 4
+
+struct gcm128_context {
+ /* Following 6 names follow names in GCM specification */
+ union { u64 u[2]; u32 d[4]; u8 c[16]; size_t t[16/sizeof(size_t)]; }
+ Yi,EKi,EK0,len,Xi,H;
+ /* Relative position of Xi, H and pre-computed Htable is used
+ * in some assembler modules, i.e. don't change the order! */
+#if TABLE_BITS==8
+ u128 Htable[256];
+#else
+ u128 Htable[16];
+ void (*gmult)(u64 Xi[2],const u128 Htable[16]);
+ void (*ghash)(u64 Xi[2],const u128 Htable[16],const u8 *inp,size_t len);
+#endif
+ unsigned int mres, ares;
+ block128_f block;
+ void *key;
+};
+
+struct xts128_context {
+ void *key1, *key2;
+ block128_f block1,block2;
+};
+
+struct ccm128_context {
+ union { u64 u[2]; u8 c[16]; } nonce, cmac;
+ u64 blocks;
+ block128_f block;
+ void *key;
+};
+
+__END_HIDDEN_DECLS
-/* $OpenBSD: ofb128.c,v 1.4 2015/02/10 09:46:30 miod Exp $ */
+/* $OpenBSD: ofb128.c,v 1.5 2022/11/26 16:08:53 tb Exp $ */
/* ====================================================================
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
*
*/
#include <openssl/crypto.h>
-#include "modes_lcl.h"
+#include "modes_local.h"
#include <string.h>
#ifndef MODES_DEBUG
-/* $OpenBSD: xts128.c,v 1.8 2021/11/09 18:40:21 bcook Exp $ */
+/* $OpenBSD: xts128.c,v 1.9 2022/11/26 16:08:53 tb Exp $ */
/* ====================================================================
* Copyright (c) 2011 The OpenSSL Project. All rights reserved.
*
*/
#include <openssl/crypto.h>
-#include "modes_lcl.h"
+#include "modes_local.h"
#include <endian.h>
#include <string.h>
-/* $OpenBSD: obj_dat.c,v 1.49 2022/03/19 17:49:32 jsing Exp $ */
+/* $OpenBSD: obj_dat.c,v 1.50 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/lhash.h>
#include <openssl/objects.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
/* obj_dat.h is generated from objects.h by obj_dat.pl */
#include "obj_dat.h"
-/* $OpenBSD: obj_lib.c,v 1.16 2022/01/07 11:13:54 tb Exp $ */
+/* $OpenBSD: obj_lib.c,v 1.17 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/lhash.h>
#include <openssl/objects.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
ASN1_OBJECT *
OBJ_dup(const ASN1_OBJECT *o)
-/* $OpenBSD: ocsp_ext.c,v 1.20 2022/01/07 09:45:52 tb Exp $ */
+/* $OpenBSD: ocsp_ext.c,v 1.21 2022/11/26 16:08:53 tb Exp $ */
/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
* project. */
#include <openssl/x509v3.h>
#include "ocsp_local.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
/* Standard wrapper functions for extensions */
-/* $OpenBSD: ocsp_vfy.c,v 1.21 2022/01/22 00:33:02 inoguchi Exp $ */
+/* $OpenBSD: ocsp_vfy.c,v 1.22 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <string.h>
#include "ocsp_local.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs,
STACK_OF(X509) *certs, X509_STORE *st, unsigned long flags);
-/* $OpenBSD: pem_info.c,v 1.25 2021/12/12 21:30:14 tb Exp $ */
+/* $OpenBSD: pem_info.c,v 1.26 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "evp_locl.h"
+#include "evp_local.h"
STACK_OF(X509_INFO) *
PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb,
-/* $OpenBSD: pem_lib.c,v 1.51 2022/07/31 09:48:27 tb Exp $ */
+/* $OpenBSD: pem_lib.c,v 1.52 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/engine.h>
#endif
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
#define MIN_LENGTH 4
-/* $OpenBSD: pem_pkey.c,v 1.25 2021/12/24 12:59:18 tb Exp $ */
+/* $OpenBSD: pem_pkey.c,v 1.26 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/engine.h>
#endif
-#include "asn1_locl.h"
-#include "evp_locl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
int pem_check_suffix(const char *pem_str, const char *suffix);
-/* $OpenBSD: pvkfmt.c,v 1.25 2022/01/07 09:55:31 tb Exp $ */
+/* $OpenBSD: pvkfmt.c,v 1.26 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2005.
*/
#include <openssl/dsa.h>
#include <openssl/rsa.h>
-#include "bn_lcl.h"
-#include "dsa_locl.h"
-#include "evp_locl.h"
-#include "rsa_locl.h"
+#include "bn_local.h"
+#include "dsa_local.h"
+#include "evp_local.h"
+#include "rsa_local.h"
/* Utility function: read a DWORD (4 byte unsigned integer) in little endian
* format
-/* $OpenBSD: p12_attr.c,v 1.18 2022/11/12 13:03:28 beck Exp $ */
+/* $OpenBSD: p12_attr.c,v 1.19 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/pkcs12.h>
#include "pkcs12_local.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
/* Add a local keyid to a safebag */
-/* $OpenBSD: p12_decr.c,v 1.22 2022/11/12 13:03:28 beck Exp $ */
+/* $OpenBSD: p12_decr.c,v 1.23 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/err.h>
#include <openssl/pkcs12.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* Encrypt/Decrypt a buffer based on password and algor, result in a
* malloc'ed buffer
-/* $OpenBSD: p12_key.c,v 1.32 2022/11/12 13:03:28 beck Exp $ */
+/* $OpenBSD: p12_key.c,v 1.33 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/err.h>
#include <openssl/pkcs12.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* PKCS12 compatible key/IV generation */
#ifndef min
-/* $OpenBSD: p12_mutl.c,v 1.33 2022/11/12 13:03:28 beck Exp $ */
+/* $OpenBSD: p12_mutl.c,v 1.34 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/hmac.h>
#include <openssl/pkcs12.h>
-#include "evp_locl.h"
+#include "evp_local.h"
#include "hmac_local.h"
#include "pkcs12_local.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
int
PKCS12_mac_present(const PKCS12 *p12)
-/* $OpenBSD: p12_npas.c,v 1.16 2022/11/12 13:03:28 beck Exp $ */
+/* $OpenBSD: p12_npas.c,v 1.17 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/pkcs12.h>
#include "pkcs12_local.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
/* PKCS#12 password change routine */
-/* $OpenBSD: p12_p8d.c,v 1.9 2022/11/12 13:03:28 beck Exp $ */
+/* $OpenBSD: p12_p8d.c,v 1.10 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2001.
*/
#include <openssl/pkcs12.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
PKCS8_PRIV_KEY_INFO *
PKCS8_decrypt(const X509_SIG *p8, const char *pass, int passlen)
-/* $OpenBSD: p12_p8e.c,v 1.10 2022/11/12 13:03:28 beck Exp $ */
+/* $OpenBSD: p12_p8e.c,v 1.11 2022/11/26 16:08:53 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2001.
*/
#include <openssl/err.h>
#include <openssl/pkcs12.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
X509_SIG *
PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass,
-/* $OpenBSD: p12_sbag.c,v 1.6 2022/11/12 13:03:28 beck Exp $ */
+/* $OpenBSD: p12_sbag.c,v 1.7 2022/11/26 16:08:53 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 1999-2018.
#include <openssl/pkcs12.h>
#include "pkcs12_local.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
const ASN1_TYPE *
PKCS12_SAFEBAG_get0_attr(const PKCS12_SAFEBAG *bag, int attr_nid)
-/* $OpenBSD: pk7_doit.c,v 1.48 2022/11/12 12:11:14 beck Exp $ */
+/* $OpenBSD: pk7_doit.c,v 1.49 2022/11/26 16:08:53 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "evp_locl.h"
-#include "x509_lcl.h"
+#include "evp_local.h"
+#include "x509_local.h"
static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
void *value);
-/* $OpenBSD: pk7_lib.c,v 1.24 2022/11/12 12:11:14 beck Exp $ */
+/* $OpenBSD: pk7_lib.c,v 1.25 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
-#include "evp_locl.h"
-#include "x509_lcl.h"
+#include "asn1_local.h"
+#include "evp_local.h"
+#include "x509_local.h"
long
PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
-/* $OpenBSD: pk7_smime.c,v 1.24 2022/11/12 12:11:14 beck Exp $ */
+/* $OpenBSD: pk7_smime.c,v 1.25 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-/* $OpenBSD: rc2_cbc.c,v 1.5 2014/10/28 07:35:59 jsg Exp $ */
+/* $OpenBSD: rc2_cbc.c,v 1.6 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/rc2.h>
-#include "rc2_locl.h"
+#include "rc2_local.h"
void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
RC2_KEY *ks, unsigned char *iv, int encrypt)
-/* $OpenBSD: rc2_ecb.c,v 1.6 2014/07/09 11:10:51 bcook Exp $ */
+/* $OpenBSD: rc2_ecb.c,v 1.7 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/rc2.h>
-#include "rc2_locl.h"
+#include "rc2_local.h"
#include <openssl/opensslv.h>
/* RC2 as implemented frm a posting from
--- /dev/null
+/* $OpenBSD: rc2_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef c2l
+#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c)))) ; \
+ case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+ case 4: l1 =((unsigned long)(*(--(c)))) ; \
+ case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ } \
+ }
+
+#undef n2l
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+#define C_RC2(n) \
+ t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \
+ x0=(t<<1)|(t>>15); \
+ t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \
+ x1=(t<<2)|(t>>14); \
+ t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \
+ x2=(t<<3)|(t>>13); \
+ t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \
+ x3=(t<<5)|(t>>11);
+
+++ /dev/null
-/* $OpenBSD: rc2_locl.h,v 1.2 2014/06/12 15:49:30 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#undef c2l
-#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
- case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
- case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
- case 5: l2|=((unsigned long)(*(--(c)))); \
- case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
- case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
- case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
- case 1: l1|=((unsigned long)(*(--(c)))); \
- } \
- }
-
-#undef l2c
-#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
- } \
- }
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n) { \
- c+=n; \
- l1=l2=0; \
- switch (n) { \
- case 8: l2 =((unsigned long)(*(--(c)))) ; \
- case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
- case 6: l2|=((unsigned long)(*(--(c))))<<16; \
- case 5: l2|=((unsigned long)(*(--(c))))<<24; \
- case 4: l1 =((unsigned long)(*(--(c)))) ; \
- case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
- case 2: l1|=((unsigned long)(*(--(c))))<<16; \
- case 1: l1|=((unsigned long)(*(--(c))))<<24; \
- } \
- }
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n) { \
- c+=n; \
- switch (n) { \
- case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
- case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
- case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
- case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
- case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
- case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
- case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
- case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
- } \
- }
-
-#undef n2l
-#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
- l|=((unsigned long)(*((c)++)))<<16L, \
- l|=((unsigned long)(*((c)++)))<< 8L, \
- l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff))
-
-#define C_RC2(n) \
- t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \
- x0=(t<<1)|(t>>15); \
- t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \
- x1=(t<<2)|(t>>14); \
- t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \
- x2=(t<<3)|(t>>13); \
- t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \
- x3=(t<<5)|(t>>11);
-
-/* $OpenBSD: rc2_skey.c,v 1.12 2014/06/12 15:49:30 deraadt Exp $ */
+/* $OpenBSD: rc2_skey.c,v 1.13 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/crypto.h>
#include <openssl/rc2.h>
-#include "rc2_locl.h"
+#include "rc2_local.h"
static const unsigned char key_table[256]={
0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79,
-/* $OpenBSD: rc2cfb64.c,v 1.5 2014/10/28 07:35:59 jsg Exp $ */
+/* $OpenBSD: rc2cfb64.c,v 1.6 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/rc2.h>
-#include "rc2_locl.h"
+#include "rc2_local.h"
/* The input and output encrypted as though 64bit cfb mode is being
* used. The extra state information to record how much of the
-/* $OpenBSD: rc2ofb64.c,v 1.5 2014/10/28 07:35:59 jsg Exp $ */
+/* $OpenBSD: rc2ofb64.c,v 1.6 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/rc2.h>
-#include "rc2_locl.h"
+#include "rc2_local.h"
/* The input and output encrypted as though 64bit ofb mode is being
* used. The extra state information to record how much of the
-/* $OpenBSD: rc4_enc.c,v 1.17 2021/11/09 18:40:21 bcook Exp $ */
+/* $OpenBSD: rc4_enc.c,v 1.18 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <endian.h>
#include <openssl/rc4.h>
-#include "rc4_locl.h"
+#include "rc4_local.h"
/* RC4 as implemented from a posting from
* Newsgroups: sci.crypt
--- /dev/null
+/* $OpenBSD: rc4_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
+
+#ifndef HEADER_RC4_LOCL_H
+#define HEADER_RC4_LOCL_H
+#endif
+++ /dev/null
-/* $OpenBSD: rc4_locl.h,v 1.4 2014/07/11 08:44:49 jsing Exp $ */
-
-#ifndef HEADER_RC4_LOCL_H
-#define HEADER_RC4_LOCL_H
-#endif
-/* $OpenBSD: rc4_skey.c,v 1.14 2015/10/20 15:50:13 jsing Exp $ */
+/* $OpenBSD: rc4_skey.c,v 1.15 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <openssl/rc4.h>
-#include "rc4_locl.h"
+#include "rc4_local.h"
#include <openssl/opensslv.h>
const char *
-/* $OpenBSD: rmd_dgst.c,v 1.17 2014/10/28 07:35:59 jsg Exp $ */
+/* $OpenBSD: rmd_dgst.c,v 1.18 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <stdio.h>
-#include "rmd_locl.h"
+#include "rmd_local.h"
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
--- /dev/null
+/* $OpenBSD: rmd_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/opensslconf.h>
+#include <openssl/ripemd.h>
+
+/*
+ * DO EXAMINE COMMENTS IN crypto/md5/md5_locl.h & crypto/md5/md5_dgst.c
+ * FOR EXPLANATIONS ON FOLLOWING "CODE."
+ * <appro@fy.chalmers.se>
+ */
+#ifdef RMD160_ASM
+# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
+# define ripemd160_block_data_order ripemd160_block_asm_data_order
+# endif
+#endif
+
+__BEGIN_HIDDEN_DECLS
+
+void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,size_t num);
+
+__END_HIDDEN_DECLS
+
+#define DATA_ORDER_IS_LITTLE_ENDIAN
+
+#define HASH_LONG RIPEMD160_LONG
+#define HASH_CTX RIPEMD160_CTX
+#define HASH_CBLOCK RIPEMD160_CBLOCK
+#define HASH_UPDATE RIPEMD160_Update
+#define HASH_TRANSFORM RIPEMD160_Transform
+#define HASH_FINAL RIPEMD160_Final
+#define HASH_MAKE_STRING(c,s) do { \
+ unsigned long ll; \
+ ll=(c)->A; HOST_l2c(ll,(s)); \
+ ll=(c)->B; HOST_l2c(ll,(s)); \
+ ll=(c)->C; HOST_l2c(ll,(s)); \
+ ll=(c)->D; HOST_l2c(ll,(s)); \
+ ll=(c)->E; HOST_l2c(ll,(s)); \
+ } while (0)
+#define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order
+
+#include "md32_common.h"
+
+#if 0
+#define F1(x,y,z) ((x)^(y)^(z))
+#define F2(x,y,z) (((x)&(y))|((~x)&z))
+#define F3(x,y,z) (((x)|(~y))^(z))
+#define F4(x,y,z) (((x)&(z))|((y)&(~(z))))
+#define F5(x,y,z) ((x)^((y)|(~(z))))
+#else
+/*
+ * Transformed F2 and F4 are courtesy of Wei Dai <weidai@eskimo.com>
+ */
+#define F1(x,y,z) ((x) ^ (y) ^ (z))
+#define F2(x,y,z) ((((y) ^ (z)) & (x)) ^ (z))
+#define F3(x,y,z) (((~(y)) | (x)) ^ (z))
+#define F4(x,y,z) ((((x) ^ (y)) & (z)) ^ (y))
+#define F5(x,y,z) (((~(z)) | (y)) ^ (x))
+#endif
+
+#define RIPEMD160_A 0x67452301L
+#define RIPEMD160_B 0xEFCDAB89L
+#define RIPEMD160_C 0x98BADCFEL
+#define RIPEMD160_D 0x10325476L
+#define RIPEMD160_E 0xC3D2E1F0L
+
+#include "rmdconst.h"
+
+#define RIP1(a,b,c,d,e,w,s) { \
+ a+=F1(b,c,d)+X(w); \
+ a=ROTATE(a,s)+e; \
+ c=ROTATE(c,10); }
+
+#define RIP2(a,b,c,d,e,w,s,K) { \
+ a+=F2(b,c,d)+X(w)+K; \
+ a=ROTATE(a,s)+e; \
+ c=ROTATE(c,10); }
+
+#define RIP3(a,b,c,d,e,w,s,K) { \
+ a+=F3(b,c,d)+X(w)+K; \
+ a=ROTATE(a,s)+e; \
+ c=ROTATE(c,10); }
+
+#define RIP4(a,b,c,d,e,w,s,K) { \
+ a+=F4(b,c,d)+X(w)+K; \
+ a=ROTATE(a,s)+e; \
+ c=ROTATE(c,10); }
+
+#define RIP5(a,b,c,d,e,w,s,K) { \
+ a+=F5(b,c,d)+X(w)+K; \
+ a=ROTATE(a,s)+e; \
+ c=ROTATE(c,10); }
+++ /dev/null
-/* $OpenBSD: rmd_locl.h,v 1.13 2016/12/21 15:49:29 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/ripemd.h>
-
-/*
- * DO EXAMINE COMMENTS IN crypto/md5/md5_locl.h & crypto/md5/md5_dgst.c
- * FOR EXPLANATIONS ON FOLLOWING "CODE."
- * <appro@fy.chalmers.se>
- */
-#ifdef RMD160_ASM
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-# define ripemd160_block_data_order ripemd160_block_asm_data_order
-# endif
-#endif
-
-__BEGIN_HIDDEN_DECLS
-
-void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,size_t num);
-
-__END_HIDDEN_DECLS
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG RIPEMD160_LONG
-#define HASH_CTX RIPEMD160_CTX
-#define HASH_CBLOCK RIPEMD160_CBLOCK
-#define HASH_UPDATE RIPEMD160_Update
-#define HASH_TRANSFORM RIPEMD160_Transform
-#define HASH_FINAL RIPEMD160_Final
-#define HASH_MAKE_STRING(c,s) do { \
- unsigned long ll; \
- ll=(c)->A; HOST_l2c(ll,(s)); \
- ll=(c)->B; HOST_l2c(ll,(s)); \
- ll=(c)->C; HOST_l2c(ll,(s)); \
- ll=(c)->D; HOST_l2c(ll,(s)); \
- ll=(c)->E; HOST_l2c(ll,(s)); \
- } while (0)
-#define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order
-
-#include "md32_common.h"
-
-#if 0
-#define F1(x,y,z) ((x)^(y)^(z))
-#define F2(x,y,z) (((x)&(y))|((~x)&z))
-#define F3(x,y,z) (((x)|(~y))^(z))
-#define F4(x,y,z) (((x)&(z))|((y)&(~(z))))
-#define F5(x,y,z) ((x)^((y)|(~(z))))
-#else
-/*
- * Transformed F2 and F4 are courtesy of Wei Dai <weidai@eskimo.com>
- */
-#define F1(x,y,z) ((x) ^ (y) ^ (z))
-#define F2(x,y,z) ((((y) ^ (z)) & (x)) ^ (z))
-#define F3(x,y,z) (((~(y)) | (x)) ^ (z))
-#define F4(x,y,z) ((((x) ^ (y)) & (z)) ^ (y))
-#define F5(x,y,z) (((~(z)) | (y)) ^ (x))
-#endif
-
-#define RIPEMD160_A 0x67452301L
-#define RIPEMD160_B 0xEFCDAB89L
-#define RIPEMD160_C 0x98BADCFEL
-#define RIPEMD160_D 0x10325476L
-#define RIPEMD160_E 0xC3D2E1F0L
-
-#include "rmdconst.h"
-
-#define RIP1(a,b,c,d,e,w,s) { \
- a+=F1(b,c,d)+X(w); \
- a=ROTATE(a,s)+e; \
- c=ROTATE(c,10); }
-
-#define RIP2(a,b,c,d,e,w,s,K) { \
- a+=F2(b,c,d)+X(w)+K; \
- a=ROTATE(a,s)+e; \
- c=ROTATE(c,10); }
-
-#define RIP3(a,b,c,d,e,w,s,K) { \
- a+=F3(b,c,d)+X(w)+K; \
- a=ROTATE(a,s)+e; \
- c=ROTATE(c,10); }
-
-#define RIP4(a,b,c,d,e,w,s,K) { \
- a+=F4(b,c,d)+X(w)+K; \
- a=ROTATE(a,s)+e; \
- c=ROTATE(c,10); }
-
-#define RIP5(a,b,c,d,e,w,s,K) { \
- a+=F5(b,c,d)+X(w)+K; \
- a=ROTATE(a,s)+e; \
- c=ROTATE(c,10); }
-/* $OpenBSD: rsa_ameth.c,v 1.26 2022/06/27 12:36:06 tb Exp $ */
+/* $OpenBSD: rsa_ameth.c,v 1.27 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/err.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#include "cryptlib.h"
-#include "evp_locl.h"
-#include "rsa_locl.h"
+#include "evp_local.h"
+#include "rsa_local.h"
#ifndef OPENSSL_NO_CMS
static int rsa_cms_sign(CMS_SignerInfo *si);
-/* $OpenBSD: rsa_asn1.c,v 1.15 2019/10/25 14:40:18 jsing Exp $ */
+/* $OpenBSD: rsa_asn1.c,v 1.16 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
#include <openssl/rsa.h>
#include <openssl/x509.h>
-#include "rsa_locl.h"
+#include "rsa_local.h"
/* Override the default free and new methods */
static int
-/* $OpenBSD: rsa_chk.c,v 1.16 2022/01/20 11:08:12 inoguchi Exp $ */
+/* $OpenBSD: rsa_chk.c,v 1.17 2022/11/26 16:08:54 tb Exp $ */
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
*
#include <openssl/err.h>
#include <openssl/rsa.h>
-#include "bn_lcl.h"
-#include "rsa_locl.h"
+#include "bn_local.h"
+#include "rsa_local.h"
int
RSA_check_key(const RSA *key)
-/* $OpenBSD: rsa_crpt.c,v 1.20 2022/01/07 09:55:32 tb Exp $ */
+/* $OpenBSD: rsa_crpt.c,v 1.21 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/lhash.h>
#include <openssl/rsa.h>
-#include "bn_lcl.h"
-#include "rsa_locl.h"
+#include "bn_local.h"
+#include "rsa_local.h"
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
-/* $OpenBSD: rsa_depr.c,v 1.9 2021/12/04 16:08:32 tb Exp $ */
+/* $OpenBSD: rsa_depr.c,v 1.10 2022/11/26 16:08:54 tb Exp $ */
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
*
#include <openssl/bn.h>
#include <openssl/rsa.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#ifndef OPENSSL_NO_DEPRECATED
-/* $OpenBSD: rsa_eay.c,v 1.54 2022/01/20 11:10:11 inoguchi Exp $ */
+/* $OpenBSD: rsa_eay.c,v 1.55 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
#include <openssl/rsa.h>
-#include "bn_lcl.h"
-#include "rsa_locl.h"
+#include "bn_local.h"
+#include "rsa_local.h"
static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
-/* $OpenBSD: rsa_gen.c,v 1.25 2022/01/20 11:11:17 inoguchi Exp $ */
+/* $OpenBSD: rsa_gen.c,v 1.26 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
#include <openssl/rsa.h>
-#include "bn_lcl.h"
-#include "rsa_locl.h"
+#include "bn_local.h"
+#include "rsa_local.h"
static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb);
-/* $OpenBSD: rsa_lib.c,v 1.43 2022/06/27 12:30:28 tb Exp $ */
+/* $OpenBSD: rsa_lib.c,v 1.44 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/lhash.h>
#include <openssl/rsa.h>
-#include "evp_locl.h"
-#include "rsa_locl.h"
+#include "evp_local.h"
+#include "rsa_local.h"
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
--- /dev/null
+/* $OpenBSD: rsa_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
+
+__BEGIN_HIDDEN_DECLS
+
+#define RSA_MIN_MODULUS_BITS 512
+
+/* Macros to test if a pkey or ctx is for a PSS key */
+#define pkey_is_pss(pkey) (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS)
+#define pkey_ctx_is_pss(ctx) (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS)
+
+struct rsa_meth_st {
+ char *name;
+ int (*rsa_pub_enc)(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+ int (*rsa_pub_dec)(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+ int (*rsa_priv_enc)(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+ int (*rsa_priv_dec)(int flen, const unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+ int (*rsa_mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+ BN_CTX *ctx); /* Can be null */
+ int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */
+ int (*init)(RSA *rsa); /* called at new */
+ int (*finish)(RSA *rsa); /* called at free */
+ int flags; /* RSA_METHOD_FLAG_* things */
+ char *app_data; /* may be needed! */
+/* New sign and verify functions: some libraries don't allow arbitrary data
+ * to be signed/verified: this allows them to be used. Note: for this to work
+ * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
+ * RSA_sign(), RSA_verify() should be used instead. Note: for backwards
+ * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
+ * option is set in 'flags'.
+ */
+ int (*rsa_sign)(int type, const unsigned char *m, unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+ int (*rsa_verify)(int dtype, const unsigned char *m,
+ unsigned int m_length, const unsigned char *sigbuf,
+ unsigned int siglen, const RSA *rsa);
+/* If this callback is NULL, the builtin software RSA key-gen will be used. This
+ * is for behavioural compatibility whilst the code gets rewired, but one day
+ * it would be nice to assume there are no such things as "builtin software"
+ * implementations. */
+ int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+};
+
+struct rsa_st {
+ /* The first parameter is used to pickup errors where
+ * this is passed instead of aEVP_PKEY, it is set to 0 */
+ int pad;
+ long version;
+ const RSA_METHOD *meth;
+
+ /* functional reference if 'meth' is ENGINE-provided */
+ ENGINE *engine;
+ BIGNUM *n;
+ BIGNUM *e;
+ BIGNUM *d;
+ BIGNUM *p;
+ BIGNUM *q;
+ BIGNUM *dmp1;
+ BIGNUM *dmq1;
+ BIGNUM *iqmp;
+
+ /* Parameter restrictions for PSS only keys. */
+ RSA_PSS_PARAMS *pss;
+
+ /* be careful using this if the RSA structure is shared */
+ CRYPTO_EX_DATA ex_data;
+ int references;
+ int flags;
+
+ /* Used to cache montgomery values */
+ BN_MONT_CTX *_method_mod_n;
+ BN_MONT_CTX *_method_mod_p;
+ BN_MONT_CTX *_method_mod_q;
+
+ /* all BIGNUM values are actually in the following data, if it is not
+ * NULL */
+ BN_BLINDING *blinding;
+ BN_BLINDING *mt_blinding;
+};
+
+RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd, const EVP_MD *mgf1md,
+ int saltlen);
+int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd,
+ const EVP_MD **pmgf1md, int *psaltlen);
+
+extern int int_rsa_verify(int dtype, const unsigned char *m,
+ unsigned int m_len, unsigned char *rm, size_t *prm_len,
+ const unsigned char *sigbuf, size_t siglen, RSA *rsa);
+
+__END_HIDDEN_DECLS
+++ /dev/null
-/* $OpenBSD: rsa_locl.h,v 1.13 2022/07/04 12:23:30 tb Exp $ */
-
-__BEGIN_HIDDEN_DECLS
-
-#define RSA_MIN_MODULUS_BITS 512
-
-/* Macros to test if a pkey or ctx is for a PSS key */
-#define pkey_is_pss(pkey) (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS)
-#define pkey_ctx_is_pss(ctx) (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS)
-
-struct rsa_meth_st {
- char *name;
- int (*rsa_pub_enc)(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
- int (*rsa_pub_dec)(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
- int (*rsa_priv_enc)(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
- int (*rsa_priv_dec)(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa, int padding);
- int (*rsa_mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
- BN_CTX *ctx); /* Can be null */
- int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */
- int (*init)(RSA *rsa); /* called at new */
- int (*finish)(RSA *rsa); /* called at free */
- int flags; /* RSA_METHOD_FLAG_* things */
- char *app_data; /* may be needed! */
-/* New sign and verify functions: some libraries don't allow arbitrary data
- * to be signed/verified: this allows them to be used. Note: for this to work
- * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
- * RSA_sign(), RSA_verify() should be used instead. Note: for backwards
- * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
- * option is set in 'flags'.
- */
- int (*rsa_sign)(int type, const unsigned char *m, unsigned int m_length,
- unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
- int (*rsa_verify)(int dtype, const unsigned char *m,
- unsigned int m_length, const unsigned char *sigbuf,
- unsigned int siglen, const RSA *rsa);
-/* If this callback is NULL, the builtin software RSA key-gen will be used. This
- * is for behavioural compatibility whilst the code gets rewired, but one day
- * it would be nice to assume there are no such things as "builtin software"
- * implementations. */
- int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
-};
-
-struct rsa_st {
- /* The first parameter is used to pickup errors where
- * this is passed instead of aEVP_PKEY, it is set to 0 */
- int pad;
- long version;
- const RSA_METHOD *meth;
-
- /* functional reference if 'meth' is ENGINE-provided */
- ENGINE *engine;
- BIGNUM *n;
- BIGNUM *e;
- BIGNUM *d;
- BIGNUM *p;
- BIGNUM *q;
- BIGNUM *dmp1;
- BIGNUM *dmq1;
- BIGNUM *iqmp;
-
- /* Parameter restrictions for PSS only keys. */
- RSA_PSS_PARAMS *pss;
-
- /* be careful using this if the RSA structure is shared */
- CRYPTO_EX_DATA ex_data;
- int references;
- int flags;
-
- /* Used to cache montgomery values */
- BN_MONT_CTX *_method_mod_n;
- BN_MONT_CTX *_method_mod_p;
- BN_MONT_CTX *_method_mod_q;
-
- /* all BIGNUM values are actually in the following data, if it is not
- * NULL */
- BN_BLINDING *blinding;
- BN_BLINDING *mt_blinding;
-};
-
-RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd, const EVP_MD *mgf1md,
- int saltlen);
-int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd,
- const EVP_MD **pmgf1md, int *psaltlen);
-
-extern int int_rsa_verify(int dtype, const unsigned char *m,
- unsigned int m_len, unsigned char *rm, size_t *prm_len,
- const unsigned char *sigbuf, size_t siglen, RSA *rsa);
-
-__END_HIDDEN_DECLS
-/* $OpenBSD: rsa_meth.c,v 1.5 2022/07/04 12:23:30 tb Exp $ */
+/* $OpenBSD: rsa_meth.c,v 1.6 2022/11/26 16:08:54 tb Exp $ */
/*
* Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
*
#include <openssl/err.h>
#include <openssl/rsa.h>
-#include "rsa_locl.h"
+#include "rsa_local.h"
RSA_METHOD *
RSA_meth_new(const char *name, int flags)
-/* $OpenBSD: rsa_oaep.c,v 1.35 2022/02/20 19:16:34 tb Exp $ */
+/* $OpenBSD: rsa_oaep.c,v 1.36 2022/11/26 16:08:54 tb Exp $ */
/*
* Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
*
#include <openssl/rsa.h>
#include <openssl/sha.h>
-#include "constant_time_locl.h"
-#include "evp_locl.h"
-#include "rsa_locl.h"
+#include "constant_time.h"
+#include "evp_local.h"
+#include "rsa_local.h"
int
RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
-/* $OpenBSD: rsa_pmeth.c,v 1.33 2021/12/04 16:08:32 tb Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.34 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006.
*/
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "bn_lcl.h"
-#include "evp_locl.h"
-#include "rsa_locl.h"
+#include "bn_local.h"
+#include "evp_local.h"
+#include "rsa_local.h"
/* RSA pkey context structure */
-/* $OpenBSD: rsa_pss.c,v 1.15 2022/01/07 09:55:32 tb Exp $ */
+/* $OpenBSD: rsa_pss.c,v 1.16 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2005.
*/
#include <openssl/rsa.h>
#include <openssl/sha.h>
-#include "evp_locl.h"
-#include "rsa_locl.h"
+#include "evp_local.h"
+#include "rsa_local.h"
static const unsigned char zeroes[] = { 0, 0, 0, 0, 0, 0, 0, 0 };
-/* $OpenBSD: rsa_sign.c,v 1.34 2022/01/07 11:13:55 tb Exp $ */
+/* $OpenBSD: rsa_sign.c,v 1.35 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#include <openssl/x509.h>
-#include "asn1_locl.h"
-#include "rsa_locl.h"
-#include "x509_lcl.h"
+#include "asn1_local.h"
+#include "rsa_local.h"
+#include "x509_local.h"
/* Size of an SSL signature: MD5+SHA1 */
#define SSL_SIG_LENGTH 36
-/* $OpenBSD: sha1dgst.c,v 1.14 2015/09/13 21:09:56 doug Exp $ */
+/* $OpenBSD: sha1dgst.c,v 1.15 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
/* The implementation is in ../md32_common.h */
-#include "sha_locl.h"
+#include "sha_local.h"
#endif
--- /dev/null
+/* $OpenBSD: sha_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/opensslconf.h>
+#include <openssl/sha.h>
+
+#define DATA_ORDER_IS_BIG_ENDIAN
+
+#define HASH_LONG SHA_LONG
+#define HASH_CTX SHA_CTX
+#define HASH_CBLOCK SHA_CBLOCK
+#define HASH_MAKE_STRING(c,s) do { \
+ unsigned long ll; \
+ ll=(c)->h0; HOST_l2c(ll,(s)); \
+ ll=(c)->h1; HOST_l2c(ll,(s)); \
+ ll=(c)->h2; HOST_l2c(ll,(s)); \
+ ll=(c)->h3; HOST_l2c(ll,(s)); \
+ ll=(c)->h4; HOST_l2c(ll,(s)); \
+ } while (0)
+
+# define HASH_UPDATE SHA1_Update
+# define HASH_TRANSFORM SHA1_Transform
+# define HASH_FINAL SHA1_Final
+# define HASH_INIT SHA1_Init
+# define HASH_BLOCK_DATA_ORDER sha1_block_data_order
+# define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \
+ ix=(a)=ROTATE((a),1) \
+ )
+
+__BEGIN_HIDDEN_DECLS
+
+#ifndef SHA1_ASM
+static
+#endif
+
+void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
+
+__END_HIDDEN_DECLS
+
+#include "md32_common.h"
+
+#define INIT_DATA_h0 0x67452301UL
+#define INIT_DATA_h1 0xefcdab89UL
+#define INIT_DATA_h2 0x98badcfeUL
+#define INIT_DATA_h3 0x10325476UL
+#define INIT_DATA_h4 0xc3d2e1f0UL
+
+int SHA1_Init(SHA_CTX *c)
+ {
+ memset (c,0,sizeof(*c));
+ c->h0=INIT_DATA_h0;
+ c->h1=INIT_DATA_h1;
+ c->h2=INIT_DATA_h2;
+ c->h3=INIT_DATA_h3;
+ c->h4=INIT_DATA_h4;
+ return 1;
+ }
+
+#define K_00_19 0x5a827999UL
+#define K_20_39 0x6ed9eba1UL
+#define K_40_59 0x8f1bbcdcUL
+#define K_60_79 0xca62c1d6UL
+
+/* As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
+ * simplified to the code in F_00_19. Wei attributes these optimisations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ * #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
+ * I've just become aware of another tweak to be made, again from Wei Dai,
+ * in F_40_59, (x&a)|(y&a) -> (x|y)&a
+ */
+#define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
+#define F_20_39(b,c,d) ((b) ^ (c) ^ (d))
+#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d)))
+#define F_60_79(b,c,d) F_20_39(b,c,d)
+
+#ifndef OPENSSL_SMALL_FOOTPRINT
+
+#define BODY_00_15(i,a,b,c,d,e,f,xi) \
+ (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
+ Xupdate(f,xi,xa,xb,xc,xd); \
+ (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
+ Xupdate(f,xi,xa,xb,xc,xd); \
+ (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+ Xupdate(f,xa,xa,xb,xc,xd); \
+ (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+ Xupdate(f,xa,xa,xb,xc,xd); \
+ (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+ Xupdate(f,xa,xa,xb,xc,xd); \
+ (f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#ifdef X
+#undef X
+#endif
+#ifndef MD32_XARRAY
+ /*
+ * Originally X was an array. As it's automatic it's natural
+ * to expect RISC compiler to accommodate at least part of it in
+ * the register bank, isn't it? Unfortunately not all compilers
+ * "find" this expectation reasonable:-( On order to make such
+ * compilers generate better code I replace X[] with a bunch of
+ * X0, X1, etc. See the function body below...
+ * <appro@fy.chalmers.se>
+ */
+# define X(i) XX##i
+#else
+ /*
+ * However! Some compilers (most notably HP C) get overwhelmed by
+ * that many local variables so that we have to have the way to
+ * fall down to the original behavior.
+ */
+# define X(i) XX[i]
+#endif
+
+#if !defined(SHA1_ASM)
+#include <endian.h>
+static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
+ {
+ const unsigned char *data=p;
+ unsigned MD32_REG_T A,B,C,D,E,T,l;
+#ifndef MD32_XARRAY
+ unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+ XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
+#else
+ SHA_LONG XX[16];
+#endif
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ for (;;)
+ {
+
+ if (BYTE_ORDER != LITTLE_ENDIAN &&
+ sizeof(SHA_LONG)==4 && ((size_t)p%4)==0)
+ {
+ const SHA_LONG *W=(const SHA_LONG *)data;
+
+ X( 0) = W[0]; X( 1) = W[ 1];
+ BODY_00_15( 0,A,B,C,D,E,T,X( 0)); X( 2) = W[ 2];
+ BODY_00_15( 1,T,A,B,C,D,E,X( 1)); X( 3) = W[ 3];
+ BODY_00_15( 2,E,T,A,B,C,D,X( 2)); X( 4) = W[ 4];
+ BODY_00_15( 3,D,E,T,A,B,C,X( 3)); X( 5) = W[ 5];
+ BODY_00_15( 4,C,D,E,T,A,B,X( 4)); X( 6) = W[ 6];
+ BODY_00_15( 5,B,C,D,E,T,A,X( 5)); X( 7) = W[ 7];
+ BODY_00_15( 6,A,B,C,D,E,T,X( 6)); X( 8) = W[ 8];
+ BODY_00_15( 7,T,A,B,C,D,E,X( 7)); X( 9) = W[ 9];
+ BODY_00_15( 8,E,T,A,B,C,D,X( 8)); X(10) = W[10];
+ BODY_00_15( 9,D,E,T,A,B,C,X( 9)); X(11) = W[11];
+ BODY_00_15(10,C,D,E,T,A,B,X(10)); X(12) = W[12];
+ BODY_00_15(11,B,C,D,E,T,A,X(11)); X(13) = W[13];
+ BODY_00_15(12,A,B,C,D,E,T,X(12)); X(14) = W[14];
+ BODY_00_15(13,T,A,B,C,D,E,X(13)); X(15) = W[15];
+ BODY_00_15(14,E,T,A,B,C,D,X(14));
+ BODY_00_15(15,D,E,T,A,B,C,X(15));
+
+ data += SHA_CBLOCK;
+ }
+ else
+ {
+ HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
+ BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l;
+ BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l;
+ BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l;
+ BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l;
+ BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l;
+ BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l;
+ BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l;
+ BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l;
+ BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l;
+ BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l;
+ BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l;
+ BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l;
+ BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l;
+ BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l;
+ BODY_00_15(14,E,T,A,B,C,D,X(14));
+ BODY_00_15(15,D,E,T,A,B,C,X(15));
+ }
+
+ BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
+ BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
+ BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
+ BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));
+
+ BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
+ BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
+ BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
+ BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
+ BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
+ BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
+ BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
+ BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
+ BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
+ BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
+ BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
+ BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
+
+ BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
+ BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
+ BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
+ BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
+ BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
+ BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
+ BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
+ BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
+
+ BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
+ BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
+ BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
+ BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
+ BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
+ BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
+ BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
+ BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
+ BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
+ BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
+ BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
+ BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
+ BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
+ BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
+ BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
+ BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
+ BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
+ BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
+ BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
+ BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
+
+ BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
+ BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
+ BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
+ BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
+ BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
+ BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
+ BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
+ BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
+ BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
+ BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
+ BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
+ BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
+ BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
+ BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
+ BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
+ BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
+ BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
+ BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
+ BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
+ BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
+
+ c->h0=(c->h0+E)&0xffffffffL;
+ c->h1=(c->h1+T)&0xffffffffL;
+ c->h2=(c->h2+A)&0xffffffffL;
+ c->h3=(c->h3+B)&0xffffffffL;
+ c->h4=(c->h4+C)&0xffffffffL;
+
+ if (--num == 0) break;
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ }
+ }
+#endif
+
+#else /* OPENSSL_SMALL_FOOTPRINT */
+
+#define BODY_00_15(xi) do { \
+ T=E+K_00_19+F_00_19(B,C,D); \
+ E=D, D=C, C=ROTATE(B,30), B=A; \
+ A=ROTATE(A,5)+T+xi; } while(0)
+
+#define BODY_16_19(xa,xb,xc,xd) do { \
+ Xupdate(T,xa,xa,xb,xc,xd); \
+ T+=E+K_00_19+F_00_19(B,C,D); \
+ E=D, D=C, C=ROTATE(B,30), B=A; \
+ A=ROTATE(A,5)+T; } while(0)
+
+#define BODY_20_39(xa,xb,xc,xd) do { \
+ Xupdate(T,xa,xa,xb,xc,xd); \
+ T+=E+K_20_39+F_20_39(B,C,D); \
+ E=D, D=C, C=ROTATE(B,30), B=A; \
+ A=ROTATE(A,5)+T; } while(0)
+
+#define BODY_40_59(xa,xb,xc,xd) do { \
+ Xupdate(T,xa,xa,xb,xc,xd); \
+ T+=E+K_40_59+F_40_59(B,C,D); \
+ E=D, D=C, C=ROTATE(B,30), B=A; \
+ A=ROTATE(A,5)+T; } while(0)
+
+#define BODY_60_79(xa,xb,xc,xd) do { \
+ Xupdate(T,xa,xa,xb,xc,xd); \
+ T=E+K_60_79+F_60_79(B,C,D); \
+ E=D, D=C, C=ROTATE(B,30), B=A; \
+ A=ROTATE(A,5)+T+xa; } while(0)
+
+#if !defined(SHA1_ASM)
+static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
+ {
+ const unsigned char *data=p;
+ unsigned MD32_REG_T A,B,C,D,E,T,l;
+ int i;
+ SHA_LONG X[16];
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ for (;;)
+ {
+ for (i=0;i<16;i++)
+ { HOST_c2l(data,l); X[i]=l; BODY_00_15(X[i]); }
+ for (i=0;i<4;i++)
+ { BODY_16_19(X[i], X[i+2], X[i+8], X[(i+13)&15]); }
+ for (;i<24;i++)
+ { BODY_20_39(X[i&15], X[(i+2)&15], X[(i+8)&15],X[(i+13)&15]); }
+ for (i=0;i<20;i++)
+ { BODY_40_59(X[(i+8)&15],X[(i+10)&15],X[i&15], X[(i+5)&15]); }
+ for (i=4;i<24;i++)
+ { BODY_60_79(X[(i+8)&15],X[(i+10)&15],X[i&15], X[(i+5)&15]); }
+
+ c->h0=(c->h0+A)&0xffffffffL;
+ c->h1=(c->h1+B)&0xffffffffL;
+ c->h2=(c->h2+C)&0xffffffffL;
+ c->h3=(c->h3+D)&0xffffffffL;
+ c->h4=(c->h4+E)&0xffffffffL;
+
+ if (--num == 0) break;
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ }
+ }
+#endif
+
+#endif
+++ /dev/null
-/* $OpenBSD: sha_locl.h,v 1.24 2021/11/09 18:40:21 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-#include <openssl/sha.h>
-
-#define DATA_ORDER_IS_BIG_ENDIAN
-
-#define HASH_LONG SHA_LONG
-#define HASH_CTX SHA_CTX
-#define HASH_CBLOCK SHA_CBLOCK
-#define HASH_MAKE_STRING(c,s) do { \
- unsigned long ll; \
- ll=(c)->h0; HOST_l2c(ll,(s)); \
- ll=(c)->h1; HOST_l2c(ll,(s)); \
- ll=(c)->h2; HOST_l2c(ll,(s)); \
- ll=(c)->h3; HOST_l2c(ll,(s)); \
- ll=(c)->h4; HOST_l2c(ll,(s)); \
- } while (0)
-
-# define HASH_UPDATE SHA1_Update
-# define HASH_TRANSFORM SHA1_Transform
-# define HASH_FINAL SHA1_Final
-# define HASH_INIT SHA1_Init
-# define HASH_BLOCK_DATA_ORDER sha1_block_data_order
-# define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \
- ix=(a)=ROTATE((a),1) \
- )
-
-__BEGIN_HIDDEN_DECLS
-
-#ifndef SHA1_ASM
-static
-#endif
-
-void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
-
-__END_HIDDEN_DECLS
-
-#include "md32_common.h"
-
-#define INIT_DATA_h0 0x67452301UL
-#define INIT_DATA_h1 0xefcdab89UL
-#define INIT_DATA_h2 0x98badcfeUL
-#define INIT_DATA_h3 0x10325476UL
-#define INIT_DATA_h4 0xc3d2e1f0UL
-
-int SHA1_Init(SHA_CTX *c)
- {
- memset (c,0,sizeof(*c));
- c->h0=INIT_DATA_h0;
- c->h1=INIT_DATA_h1;
- c->h2=INIT_DATA_h2;
- c->h3=INIT_DATA_h3;
- c->h4=INIT_DATA_h4;
- return 1;
- }
-
-#define K_00_19 0x5a827999UL
-#define K_20_39 0x6ed9eba1UL
-#define K_40_59 0x8f1bbcdcUL
-#define K_60_79 0xca62c1d6UL
-
-/* As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
- * simplified to the code in F_00_19. Wei attributes these optimisations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- * #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
- * I've just become aware of another tweak to be made, again from Wei Dai,
- * in F_40_59, (x&a)|(y&a) -> (x|y)&a
- */
-#define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
-#define F_20_39(b,c,d) ((b) ^ (c) ^ (d))
-#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d)))
-#define F_60_79(b,c,d) F_20_39(b,c,d)
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-
-#define BODY_00_15(i,a,b,c,d,e,f,xi) \
- (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
- Xupdate(f,xi,xa,xb,xc,xd); \
- (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
- Xupdate(f,xi,xa,xb,xc,xd); \
- (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
- Xupdate(f,xa,xa,xb,xc,xd); \
- (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
- Xupdate(f,xa,xa,xb,xc,xd); \
- (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
- Xupdate(f,xa,xa,xb,xc,xd); \
- (f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
- (b)=ROTATE((b),30);
-
-#ifdef X
-#undef X
-#endif
-#ifndef MD32_XARRAY
- /*
- * Originally X was an array. As it's automatic it's natural
- * to expect RISC compiler to accommodate at least part of it in
- * the register bank, isn't it? Unfortunately not all compilers
- * "find" this expectation reasonable:-( On order to make such
- * compilers generate better code I replace X[] with a bunch of
- * X0, X1, etc. See the function body below...
- * <appro@fy.chalmers.se>
- */
-# define X(i) XX##i
-#else
- /*
- * However! Some compilers (most notably HP C) get overwhelmed by
- * that many local variables so that we have to have the way to
- * fall down to the original behavior.
- */
-# define X(i) XX[i]
-#endif
-
-#if !defined(SHA1_ASM)
-#include <endian.h>
-static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
- {
- const unsigned char *data=p;
- unsigned MD32_REG_T A,B,C,D,E,T,l;
-#ifndef MD32_XARRAY
- unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
- XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-#else
- SHA_LONG XX[16];
-#endif
-
- A=c->h0;
- B=c->h1;
- C=c->h2;
- D=c->h3;
- E=c->h4;
-
- for (;;)
- {
-
- if (BYTE_ORDER != LITTLE_ENDIAN &&
- sizeof(SHA_LONG)==4 && ((size_t)p%4)==0)
- {
- const SHA_LONG *W=(const SHA_LONG *)data;
-
- X( 0) = W[0]; X( 1) = W[ 1];
- BODY_00_15( 0,A,B,C,D,E,T,X( 0)); X( 2) = W[ 2];
- BODY_00_15( 1,T,A,B,C,D,E,X( 1)); X( 3) = W[ 3];
- BODY_00_15( 2,E,T,A,B,C,D,X( 2)); X( 4) = W[ 4];
- BODY_00_15( 3,D,E,T,A,B,C,X( 3)); X( 5) = W[ 5];
- BODY_00_15( 4,C,D,E,T,A,B,X( 4)); X( 6) = W[ 6];
- BODY_00_15( 5,B,C,D,E,T,A,X( 5)); X( 7) = W[ 7];
- BODY_00_15( 6,A,B,C,D,E,T,X( 6)); X( 8) = W[ 8];
- BODY_00_15( 7,T,A,B,C,D,E,X( 7)); X( 9) = W[ 9];
- BODY_00_15( 8,E,T,A,B,C,D,X( 8)); X(10) = W[10];
- BODY_00_15( 9,D,E,T,A,B,C,X( 9)); X(11) = W[11];
- BODY_00_15(10,C,D,E,T,A,B,X(10)); X(12) = W[12];
- BODY_00_15(11,B,C,D,E,T,A,X(11)); X(13) = W[13];
- BODY_00_15(12,A,B,C,D,E,T,X(12)); X(14) = W[14];
- BODY_00_15(13,T,A,B,C,D,E,X(13)); X(15) = W[15];
- BODY_00_15(14,E,T,A,B,C,D,X(14));
- BODY_00_15(15,D,E,T,A,B,C,X(15));
-
- data += SHA_CBLOCK;
- }
- else
- {
- HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
- BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l;
- BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l;
- BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l;
- BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l;
- BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l;
- BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l;
- BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l;
- BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l;
- BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l;
- BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l;
- BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l;
- BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l;
- BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l;
- BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l;
- BODY_00_15(14,E,T,A,B,C,D,X(14));
- BODY_00_15(15,D,E,T,A,B,C,X(15));
- }
-
- BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
- BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
- BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
- BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));
-
- BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
- BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
- BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
- BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
- BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
- BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
- BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
- BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
- BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
- BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
- BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
- BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
-
- BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
- BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
- BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
- BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
- BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
- BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
- BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
- BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
-
- BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
- BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
- BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
- BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
- BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
- BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
- BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
- BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
- BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
- BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
- BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
- BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
- BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
- BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
- BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
- BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
- BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
- BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
- BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
- BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
-
- BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
- BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
- BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
- BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
- BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
- BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
- BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
- BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
- BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
- BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
- BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
- BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
- BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
- BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
- BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
- BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
- BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
- BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
- BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
- BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
-
- c->h0=(c->h0+E)&0xffffffffL;
- c->h1=(c->h1+T)&0xffffffffL;
- c->h2=(c->h2+A)&0xffffffffL;
- c->h3=(c->h3+B)&0xffffffffL;
- c->h4=(c->h4+C)&0xffffffffL;
-
- if (--num == 0) break;
-
- A=c->h0;
- B=c->h1;
- C=c->h2;
- D=c->h3;
- E=c->h4;
-
- }
- }
-#endif
-
-#else /* OPENSSL_SMALL_FOOTPRINT */
-
-#define BODY_00_15(xi) do { \
- T=E+K_00_19+F_00_19(B,C,D); \
- E=D, D=C, C=ROTATE(B,30), B=A; \
- A=ROTATE(A,5)+T+xi; } while(0)
-
-#define BODY_16_19(xa,xb,xc,xd) do { \
- Xupdate(T,xa,xa,xb,xc,xd); \
- T+=E+K_00_19+F_00_19(B,C,D); \
- E=D, D=C, C=ROTATE(B,30), B=A; \
- A=ROTATE(A,5)+T; } while(0)
-
-#define BODY_20_39(xa,xb,xc,xd) do { \
- Xupdate(T,xa,xa,xb,xc,xd); \
- T+=E+K_20_39+F_20_39(B,C,D); \
- E=D, D=C, C=ROTATE(B,30), B=A; \
- A=ROTATE(A,5)+T; } while(0)
-
-#define BODY_40_59(xa,xb,xc,xd) do { \
- Xupdate(T,xa,xa,xb,xc,xd); \
- T+=E+K_40_59+F_40_59(B,C,D); \
- E=D, D=C, C=ROTATE(B,30), B=A; \
- A=ROTATE(A,5)+T; } while(0)
-
-#define BODY_60_79(xa,xb,xc,xd) do { \
- Xupdate(T,xa,xa,xb,xc,xd); \
- T=E+K_60_79+F_60_79(B,C,D); \
- E=D, D=C, C=ROTATE(B,30), B=A; \
- A=ROTATE(A,5)+T+xa; } while(0)
-
-#if !defined(SHA1_ASM)
-static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
- {
- const unsigned char *data=p;
- unsigned MD32_REG_T A,B,C,D,E,T,l;
- int i;
- SHA_LONG X[16];
-
- A=c->h0;
- B=c->h1;
- C=c->h2;
- D=c->h3;
- E=c->h4;
-
- for (;;)
- {
- for (i=0;i<16;i++)
- { HOST_c2l(data,l); X[i]=l; BODY_00_15(X[i]); }
- for (i=0;i<4;i++)
- { BODY_16_19(X[i], X[i+2], X[i+8], X[(i+13)&15]); }
- for (;i<24;i++)
- { BODY_20_39(X[i&15], X[(i+2)&15], X[(i+8)&15],X[(i+13)&15]); }
- for (i=0;i<20;i++)
- { BODY_40_59(X[(i+8)&15],X[(i+10)&15],X[i&15], X[(i+5)&15]); }
- for (i=4;i<24;i++)
- { BODY_60_79(X[(i+8)&15],X[(i+10)&15],X[i&15], X[(i+5)&15]); }
-
- c->h0=(c->h0+A)&0xffffffffL;
- c->h1=(c->h1+B)&0xffffffffL;
- c->h2=(c->h2+C)&0xffffffffL;
- c->h3=(c->h3+D)&0xffffffffL;
- c->h4=(c->h4+E)&0xffffffffL;
-
- if (--num == 0) break;
-
- A=c->h0;
- B=c->h1;
- C=c->h2;
- D=c->h3;
- E=c->h4;
-
- }
- }
-#endif
-
-#endif
-/* $OpenBSD: sm2_crypt.c,v 1.1.1.1 2021/08/18 16:04:32 tb Exp $ */
+/* $OpenBSD: sm2_crypt.c,v 1.2 2022/11/26 16:08:54 tb Exp $ */
/*
* Copyright (c) 2017, 2019 Ribose Inc
*
#include <openssl/evp.h>
#include <openssl/sm2.h>
-#include "sm2_locl.h"
+#include "sm2_local.h"
typedef struct SM2_Ciphertext_st SM2_Ciphertext;
--- /dev/null
+/* $OpenBSD: sm2_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
+/*
+ * Copyright (c) 2017, 2019 Ribose Inc
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef HEADER_SM2_LOCL_H
+#define HEADER_SM2_LOCL_H
+
+#include <openssl/ec.h>
+#include <openssl/ecdsa.h>
+
+__BEGIN_HIDDEN_DECLS
+
+int sm2_compute_userid_digest(uint8_t *out, const EVP_MD *digest,
+ const uint8_t *uid, size_t uid_len, const EC_KEY *key);
+
+/*
+ * SM2 signature operation. Computes ZA (user id digest) and then signs
+ * H(ZA || msg) using SM2
+ */
+ECDSA_SIG *sm2_do_sign(const EC_KEY *key, const EVP_MD *digest,
+ const uint8_t *uid, size_t uid_len, const uint8_t *msg, size_t msg_len);
+
+int sm2_do_verify(const EC_KEY *key, const EVP_MD *digest,
+ const ECDSA_SIG *signature, const uint8_t *uid, size_t uid_len,
+ const uint8_t *msg, size_t msg_len);
+
+__END_HIDDEN_DECLS
+
+#endif
+
+++ /dev/null
-/* $OpenBSD: sm2_locl.h,v 1.1.1.1 2021/08/18 16:04:32 tb Exp $ */
-/*
- * Copyright (c) 2017, 2019 Ribose Inc
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#ifndef HEADER_SM2_LOCL_H
-#define HEADER_SM2_LOCL_H
-
-#include <openssl/ec.h>
-#include <openssl/ecdsa.h>
-
-__BEGIN_HIDDEN_DECLS
-
-int sm2_compute_userid_digest(uint8_t *out, const EVP_MD *digest,
- const uint8_t *uid, size_t uid_len, const EC_KEY *key);
-
-/*
- * SM2 signature operation. Computes ZA (user id digest) and then signs
- * H(ZA || msg) using SM2
- */
-ECDSA_SIG *sm2_do_sign(const EC_KEY *key, const EVP_MD *digest,
- const uint8_t *uid, size_t uid_len, const uint8_t *msg, size_t msg_len);
-
-int sm2_do_verify(const EC_KEY *key, const EVP_MD *digest,
- const ECDSA_SIG *signature, const uint8_t *uid, size_t uid_len,
- const uint8_t *msg, size_t msg_len);
-
-__END_HIDDEN_DECLS
-
-#endif
-
-/* $OpenBSD: sm2_pmeth.c,v 1.1.1.1 2021/08/18 16:04:32 tb Exp $ */
+/* $OpenBSD: sm2_pmeth.c,v 1.2 2022/11/26 16:08:54 tb Exp $ */
/*
* Copyright (c) 2017, 2019 Ribose Inc
*
#include <openssl/err.h>
#include <openssl/evp.h>
-#include "evp_locl.h"
-#include "sm2_locl.h"
+#include "evp_local.h"
+#include "sm2_local.h"
/* SM2 pkey context structure */
-/* $OpenBSD: sm2_sign.c,v 1.2 2022/01/20 11:12:14 inoguchi Exp $ */
+/* $OpenBSD: sm2_sign.c,v 1.3 2022/11/26 16:08:54 tb Exp $ */
/*
* Copyright (c) 2017, 2019 Ribose Inc
*
#include <openssl/err.h>
#include <openssl/bn.h>
-#include "bn_lcl.h"
-#include "sm2_locl.h"
+#include "bn_local.h"
+#include "sm2_local.h"
static BIGNUM *
sm2_compute_msg_hash(const EVP_MD *digest, const EC_KEY *key,
-/* $OpenBSD: sm3.c,v 1.1 2018/11/11 06:53:31 tb Exp $ */
+/* $OpenBSD: sm3.c,v 1.2 2022/11/26 16:08:54 tb Exp $ */
/*
* Copyright (c) 2018, Ribose Inc
*
#include <openssl/sm3.h>
-#include "sm3_locl.h"
+#include "sm3_local.h"
int
SM3_Init(SM3_CTX *c)
--- /dev/null
+/* $OpenBSD: sm3_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
+/*
+ * Copyright (c) 2018, Ribose Inc
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <string.h>
+
+#include <openssl/opensslconf.h>
+
+#define DATA_ORDER_IS_BIG_ENDIAN
+
+#define HASH_LONG SM3_WORD
+#define HASH_CTX SM3_CTX
+#define HASH_CBLOCK SM3_CBLOCK
+#define HASH_UPDATE SM3_Update
+#define HASH_TRANSFORM SM3_Transform
+#define HASH_FINAL SM3_Final
+#define HASH_MAKE_STRING(c, s) do { \
+ unsigned long ll; \
+ ll = (c)->A; HOST_l2c(ll, (s)); \
+ ll = (c)->B; HOST_l2c(ll, (s)); \
+ ll = (c)->C; HOST_l2c(ll, (s)); \
+ ll = (c)->D; HOST_l2c(ll, (s)); \
+ ll = (c)->E; HOST_l2c(ll, (s)); \
+ ll = (c)->F; HOST_l2c(ll, (s)); \
+ ll = (c)->G; HOST_l2c(ll, (s)); \
+ ll = (c)->H; HOST_l2c(ll, (s)); \
+} while (0)
+#define HASH_BLOCK_DATA_ORDER SM3_block_data_order
+
+void SM3_block_data_order(SM3_CTX *c, const void *p, size_t num);
+void SM3_transform(SM3_CTX *c, const unsigned char *data);
+
+#include "md32_common.h"
+
+#define P0(X) (X ^ ROTATE(X, 9) ^ ROTATE(X, 17))
+#define P1(X) (X ^ ROTATE(X, 15) ^ ROTATE(X, 23))
+
+#define FF0(X, Y, Z) (X ^ Y ^ Z)
+#define GG0(X, Y, Z) (X ^ Y ^ Z)
+
+#define FF1(X, Y, Z) ((X & Y) | ((X | Y) & Z))
+#define GG1(X, Y, Z) ((Z ^ (X & (Y ^ Z))))
+
+#define EXPAND(W0, W7, W13, W3, W10) \
+ (P1(W0 ^ W7 ^ ROTATE(W13, 15)) ^ ROTATE(W3, 7) ^ W10)
+
+#define ROUND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF, GG) do { \
+ const SM3_WORD A12 = ROTATE(A, 12); \
+ const SM3_WORD A12_SM = A12 + E + TJ; \
+ const SM3_WORD SS1 = ROTATE(A12_SM, 7); \
+ const SM3_WORD TT1 = FF(A, B, C) + D + (SS1 ^ A12) + (Wj); \
+ const SM3_WORD TT2 = GG(E, F, G) + H + SS1 + Wi; \
+ B = ROTATE(B, 9); \
+ D = TT1; \
+ F = ROTATE(F, 19); \
+ H = P0(TT2); \
+} while(0)
+
+#define R1(A, B, C, D, E, F, G, H, TJ, Wi, Wj) \
+ ROUND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF0, GG0)
+
+#define R2(A, B, C, D, E, F, G, H, TJ, Wi, Wj) \
+ ROUND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF1, GG1)
+
+#define SM3_A 0x7380166fUL
+#define SM3_B 0x4914b2b9UL
+#define SM3_C 0x172442d7UL
+#define SM3_D 0xda8a0600UL
+#define SM3_E 0xa96f30bcUL
+#define SM3_F 0x163138aaUL
+#define SM3_G 0xe38dee4dUL
+#define SM3_H 0xb0fb0e4eUL
+++ /dev/null
-/* $OpenBSD: sm3_locl.h,v 1.1 2018/11/11 06:53:31 tb Exp $ */
-/*
- * Copyright (c) 2018, Ribose Inc
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#define DATA_ORDER_IS_BIG_ENDIAN
-
-#define HASH_LONG SM3_WORD
-#define HASH_CTX SM3_CTX
-#define HASH_CBLOCK SM3_CBLOCK
-#define HASH_UPDATE SM3_Update
-#define HASH_TRANSFORM SM3_Transform
-#define HASH_FINAL SM3_Final
-#define HASH_MAKE_STRING(c, s) do { \
- unsigned long ll; \
- ll = (c)->A; HOST_l2c(ll, (s)); \
- ll = (c)->B; HOST_l2c(ll, (s)); \
- ll = (c)->C; HOST_l2c(ll, (s)); \
- ll = (c)->D; HOST_l2c(ll, (s)); \
- ll = (c)->E; HOST_l2c(ll, (s)); \
- ll = (c)->F; HOST_l2c(ll, (s)); \
- ll = (c)->G; HOST_l2c(ll, (s)); \
- ll = (c)->H; HOST_l2c(ll, (s)); \
-} while (0)
-#define HASH_BLOCK_DATA_ORDER SM3_block_data_order
-
-void SM3_block_data_order(SM3_CTX *c, const void *p, size_t num);
-void SM3_transform(SM3_CTX *c, const unsigned char *data);
-
-#include "md32_common.h"
-
-#define P0(X) (X ^ ROTATE(X, 9) ^ ROTATE(X, 17))
-#define P1(X) (X ^ ROTATE(X, 15) ^ ROTATE(X, 23))
-
-#define FF0(X, Y, Z) (X ^ Y ^ Z)
-#define GG0(X, Y, Z) (X ^ Y ^ Z)
-
-#define FF1(X, Y, Z) ((X & Y) | ((X | Y) & Z))
-#define GG1(X, Y, Z) ((Z ^ (X & (Y ^ Z))))
-
-#define EXPAND(W0, W7, W13, W3, W10) \
- (P1(W0 ^ W7 ^ ROTATE(W13, 15)) ^ ROTATE(W3, 7) ^ W10)
-
-#define ROUND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF, GG) do { \
- const SM3_WORD A12 = ROTATE(A, 12); \
- const SM3_WORD A12_SM = A12 + E + TJ; \
- const SM3_WORD SS1 = ROTATE(A12_SM, 7); \
- const SM3_WORD TT1 = FF(A, B, C) + D + (SS1 ^ A12) + (Wj); \
- const SM3_WORD TT2 = GG(E, F, G) + H + SS1 + Wi; \
- B = ROTATE(B, 9); \
- D = TT1; \
- F = ROTATE(F, 19); \
- H = P0(TT2); \
-} while(0)
-
-#define R1(A, B, C, D, E, F, G, H, TJ, Wi, Wj) \
- ROUND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF0, GG0)
-
-#define R2(A, B, C, D, E, F, G, H, TJ, Wi, Wj) \
- ROUND(A, B, C, D, E, F, G, H, TJ, Wi, Wj, FF1, GG1)
-
-#define SM3_A 0x7380166fUL
-#define SM3_B 0x4914b2b9UL
-#define SM3_C 0x172442d7UL
-#define SM3_D 0xda8a0600UL
-#define SM3_E 0xa96f30bcUL
-#define SM3_F 0x163138aaUL
-#define SM3_G 0xe38dee4dUL
-#define SM3_H 0xb0fb0e4eUL
-/* $OpenBSD: ts_lib.c,v 1.12 2021/12/04 16:08:32 tb Exp $ */
+/* $OpenBSD: ts_lib.c,v 1.13 2022/11/26 16:08:54 tb Exp $ */
/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
* project 2002.
*/
#include <openssl/ts.h>
#include <openssl/x509v3.h>
-#include "bn_lcl.h"
-#include "x509_lcl.h"
+#include "bn_local.h"
+#include "x509_local.h"
/* Local function declarations. */
-/* $OpenBSD: ts_rsp_sign.c,v 1.29 2022/07/24 20:02:04 tb Exp $ */
+/* $OpenBSD: ts_rsp_sign.c,v 1.30 2022/11/26 16:08:54 tb Exp $ */
/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
* project 2002.
*/
#include <openssl/pkcs7.h>
#include <openssl/ts.h>
-#include "evp_locl.h"
+#include "evp_local.h"
#include "ts_local.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
/* Private function declarations. */
-/* $OpenBSD: ts_rsp_verify.c,v 1.28 2022/07/24 08:16:47 tb Exp $ */
+/* $OpenBSD: ts_rsp_verify.c,v 1.29 2022/11/26 16:08:54 tb Exp $ */
/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
* project 2002.
*/
#include <openssl/pkcs7.h>
#include <openssl/ts.h>
-#include "evp_locl.h"
+#include "evp_local.h"
#include "ts_local.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
/* Private function declarations. */
-/* $OpenBSD: ui_lib.c,v 1.45 2022/11/12 13:16:10 beck Exp $ */
+/* $OpenBSD: ui_lib.c,v 1.46 2022/11/26 16:08:54 tb Exp $ */
/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
* project 2001.
*/
#include <openssl/err.h>
#include <openssl/ui.h>
-#include "ui_locl.h"
+#include "ui_local.h"
static const UI_METHOD *default_UI_meth = NULL;
--- /dev/null
+/* $OpenBSD: ui_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
+
+/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UI_LOCL_H
+#define HEADER_UI_LOCL_H
+
+#include <openssl/ui.h>
+#include <openssl/crypto.h>
+
+__BEGIN_HIDDEN_DECLS
+
+#ifdef _
+#undef _
+#endif
+
+struct ui_method_st {
+ char *name;
+
+ /* All the functions return 1 or non-NULL for success and 0 or NULL
+ for failure */
+
+ /* Open whatever channel for this, be it the console, an X window
+ or whatever.
+ This function should use the ex_data structure to save
+ intermediate data. */
+ int (*ui_open_session)(UI *ui);
+
+ int (*ui_write_string)(UI *ui, UI_STRING *uis);
+
+ /* Flush the output. If a GUI dialog box is used, this function can
+ be used to actually display it. */
+ int (*ui_flush)(UI *ui);
+
+ int (*ui_read_string)(UI *ui, UI_STRING *uis);
+
+ int (*ui_close_session)(UI *ui);
+
+ /* Construct a prompt in a user-defined manner. object_desc is a
+ textual short description of the object, for example "pass phrase",
+ and object_name is the name of the object (might be a card name or
+ a file name.
+ The returned string shall always be allocated on the heap with
+ malloc(), and need to be free'd with free(). */
+ char *(*ui_construct_prompt)(UI *ui, const char *object_desc,
+ const char *object_name);
+};
+
+struct ui_string_st {
+ enum UI_string_types type; /* Input */
+ const char *out_string; /* Input */
+ int input_flags; /* Flags from the user */
+
+ /* The following parameters are completely irrelevant for UIT_INFO,
+ and can therefore be set to 0 or NULL */
+ char *result_buf; /* Input and Output: If not NULL, user-defined
+ with size in result_maxsize. Otherwise, it
+ may be allocated by the UI routine, meaning
+ result_minsize is going to be overwritten.*/
+ union {
+ struct {
+ int result_minsize; /* Input: minimum required
+ size of the result.
+ */
+ int result_maxsize; /* Input: maximum permitted
+ size of the result */
+
+ const char *test_buf; /* Input: test string to verify
+ against */
+ } string_data;
+ struct {
+ const char *action_desc; /* Input */
+ const char *ok_chars; /* Input */
+ const char *cancel_chars; /* Input */
+ } boolean_data;
+ } _;
+
+#define OUT_STRING_FREEABLE 0x01
+ int flags; /* flags for internal use */
+};
+
+struct ui_st {
+ const UI_METHOD *meth;
+ STACK_OF(UI_STRING) *strings; /* We might want to prompt for more
+ than one thing at a time, and
+ with different echoing status. */
+ void *user_data;
+ CRYPTO_EX_DATA ex_data;
+
+#define UI_FLAG_REDOABLE 0x0001
+#define UI_FLAG_PRINT_ERRORS 0x0100
+ int flags;
+};
+
+__END_HIDDEN_DECLS
+
+#endif
+++ /dev/null
-/* $OpenBSD: ui_locl.h,v 1.7 2016/12/21 15:49:29 jsing Exp $ */
-
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_LOCL_H
-#define HEADER_UI_LOCL_H
-
-#include <openssl/ui.h>
-#include <openssl/crypto.h>
-
-__BEGIN_HIDDEN_DECLS
-
-#ifdef _
-#undef _
-#endif
-
-struct ui_method_st {
- char *name;
-
- /* All the functions return 1 or non-NULL for success and 0 or NULL
- for failure */
-
- /* Open whatever channel for this, be it the console, an X window
- or whatever.
- This function should use the ex_data structure to save
- intermediate data. */
- int (*ui_open_session)(UI *ui);
-
- int (*ui_write_string)(UI *ui, UI_STRING *uis);
-
- /* Flush the output. If a GUI dialog box is used, this function can
- be used to actually display it. */
- int (*ui_flush)(UI *ui);
-
- int (*ui_read_string)(UI *ui, UI_STRING *uis);
-
- int (*ui_close_session)(UI *ui);
-
- /* Construct a prompt in a user-defined manner. object_desc is a
- textual short description of the object, for example "pass phrase",
- and object_name is the name of the object (might be a card name or
- a file name.
- The returned string shall always be allocated on the heap with
- malloc(), and need to be free'd with free(). */
- char *(*ui_construct_prompt)(UI *ui, const char *object_desc,
- const char *object_name);
-};
-
-struct ui_string_st {
- enum UI_string_types type; /* Input */
- const char *out_string; /* Input */
- int input_flags; /* Flags from the user */
-
- /* The following parameters are completely irrelevant for UIT_INFO,
- and can therefore be set to 0 or NULL */
- char *result_buf; /* Input and Output: If not NULL, user-defined
- with size in result_maxsize. Otherwise, it
- may be allocated by the UI routine, meaning
- result_minsize is going to be overwritten.*/
- union {
- struct {
- int result_minsize; /* Input: minimum required
- size of the result.
- */
- int result_maxsize; /* Input: maximum permitted
- size of the result */
-
- const char *test_buf; /* Input: test string to verify
- against */
- } string_data;
- struct {
- const char *action_desc; /* Input */
- const char *ok_chars; /* Input */
- const char *cancel_chars; /* Input */
- } boolean_data;
- } _;
-
-#define OUT_STRING_FREEABLE 0x01
- int flags; /* flags for internal use */
-};
-
-struct ui_st {
- const UI_METHOD *meth;
- STACK_OF(UI_STRING) *strings; /* We might want to prompt for more
- than one thing at a time, and
- with different echoing status. */
- void *user_data;
- CRYPTO_EX_DATA ex_data;
-
-#define UI_FLAG_REDOABLE 0x0001
-#define UI_FLAG_PRINT_ERRORS 0x0100
- int flags;
-};
-
-__END_HIDDEN_DECLS
-
-#endif
-/* $OpenBSD: ui_openssl.c,v 1.26 2022/11/12 13:16:10 beck Exp $ */
+/* $OpenBSD: ui_openssl.c,v 1.27 2022/11/26 16:08:54 tb Exp $ */
/* Written by Richard Levitte (richard@levitte.org) and others
* for the OpenSSL project 2001.
*/
#include <termios.h>
#include <unistd.h>
-#include "ui_locl.h"
+#include "ui_local.h"
#ifndef NX509_SIG
#define NX509_SIG 32
-/* $OpenBSD: ui_util.c,v 1.11 2022/11/12 13:16:10 beck Exp $ */
+/* $OpenBSD: ui_util.c,v 1.12 2022/11/26 16:08:54 tb Exp $ */
/* ====================================================================
* Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
*
#include <openssl/ui_compat.h>
-#include "ui_locl.h"
+#include "ui_local.h"
int
UI_UTIL_read_pw_string(char *buf, int length, const char *prompt, int verify)
-/* $OpenBSD: wp_block.c,v 1.14 2021/11/09 18:40:21 bcook Exp $ */
+/* $OpenBSD: wp_block.c,v 1.15 2022/11/26 16:08:54 tb Exp $ */
/**
* The Whirlpool hashing function.
*
#include <string.h>
#include <openssl/crypto.h>
-#include "wp_locl.h"
+#include "wp_local.h"
typedef unsigned char u8;
#if defined(_LP64)
-/* $OpenBSD: wp_dgst.c,v 1.4 2014/07/12 11:25:25 miod Exp $ */
+/* $OpenBSD: wp_dgst.c,v 1.5 2022/11/26 16:08:54 tb Exp $ */
/**
* The Whirlpool hashing function.
*
* input. This is done for performance.
*/
-#include "wp_locl.h"
+#include "wp_local.h"
#include <openssl/crypto.h>
#include <string.h>
--- /dev/null
+/* $OpenBSD: wp_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
+
+#include <openssl/whrlpool.h>
+
+__BEGIN_HIDDEN_DECLS
+
+void whirlpool_block(WHIRLPOOL_CTX *,const void *,size_t);
+
+__END_HIDDEN_DECLS
+++ /dev/null
-/* $OpenBSD: wp_locl.h,v 1.3 2016/12/21 15:49:29 jsing Exp $ */
-
-#include <openssl/whrlpool.h>
-
-__BEGIN_HIDDEN_DECLS
-
-void whirlpool_block(WHIRLPOOL_CTX *,const void *,size_t);
-
-__END_HIDDEN_DECLS
-/* $OpenBSD: by_dir.c,v 1.42 2022/11/14 17:48:49 beck Exp $ */
+/* $OpenBSD: by_dir.c,v 1.43 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/err.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
typedef struct lookup_dir_hashes_st {
unsigned long hash;
-/* $OpenBSD: by_file.c,v 1.26 2022/11/14 17:48:49 beck Exp $ */
+/* $OpenBSD: by_file.c,v 1.27 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/pem.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret);
-/* $OpenBSD: by_mem.c,v 1.6 2022/11/14 17:48:49 beck Exp $ */
+/* $OpenBSD: by_mem.c,v 1.7 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/lhash.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
static int by_mem_ctrl(X509_LOOKUP *, int, const char *, long, char **);
-/* $OpenBSD: pcy_cache.c,v 1.2 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: pcy_cache.c,v 1.3 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2004.
*/
#include <openssl/x509v3.h>
#include "pcy_int.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
static int policy_data_cmp(const X509_POLICY_DATA * const *a,
const X509_POLICY_DATA * const *b);
-/* $OpenBSD: pcy_map.c,v 1.2 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: pcy_map.c,v 1.3 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2004.
*/
#include <openssl/x509v3.h>
#include "pcy_int.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
/* Set policy mapping entries in cache.
* Note: this modifies the passed POLICY_MAPPINGS structure
-/* $OpenBSD: pcy_tree.c,v 1.3 2022/11/14 17:48:49 beck Exp $ */
+/* $OpenBSD: pcy_tree.c,v 1.4 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2004.
*/
#include <openssl/x509v3.h>
#include "pcy_int.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
/* Enable this to print out the complete policy tree at various point during
* evaluation.
-/* $OpenBSD: x509_addr.c,v 1.84 2022/11/14 17:48:49 beck Exp $ */
+/* $OpenBSD: x509_addr.c,v 1.85 2022/11/26 16:08:54 tb Exp $ */
/*
* Contributed to the OpenSSL Project by the American Registry for
* Internet Numbers ("ARIN").
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#include "bytestring.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
#ifndef OPENSSL_NO_RFC3779
-/* $OpenBSD: x509_asid.c,v 1.37 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_asid.c,v 1.38 2022/11/26 16:08:54 tb Exp $ */
/*
* Contributed to the OpenSSL Project by the American Registry for
* Internet Numbers ("ARIN").
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
#ifndef OPENSSL_NO_RFC3779
-/* $OpenBSD: x509_att.c,v 1.20 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_att.c,v 1.21 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
int
X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
-/* $OpenBSD: x509_cmp.c,v 1.40 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_cmp.c,v 1.41 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "evp_locl.h"
-#include "x509_lcl.h"
+#include "evp_local.h"
+#include "x509_local.h"
int
X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
-/* $OpenBSD: x509_conf.c,v 1.3 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_conf.c,v 1.4 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
static int v3_check_critical(const char **value);
static int v3_check_generic(const char **value);
-/* $OpenBSD: x509_cpols.c,v 1.5 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_cpols.c,v 1.6 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/x509v3.h>
#include "pcy_int.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
/* Certificate policies extension support: this one is a bit complex... */
-/* $OpenBSD: x509_crld.c,v 1.3 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_crld.c,v 1.4 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/err.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
static void *v2i_crld(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-/* $OpenBSD: x509_ext.c,v 1.14 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_ext.c,v 1.15 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
int
X509_CRL_get_ext_count(const X509_CRL *x)
-/* $OpenBSD: x509_internal.h,v 1.22 2022/11/17 00:42:12 beck Exp $ */
+/* $OpenBSD: x509_internal.h,v 1.23 2022/11/26 16:08:54 tb Exp $ */
/*
* Copyright (c) 2020 Bob Beck <beck@openbsd.org>
*
#include <openssl/x509_verify.h>
#include "bytestring.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
/* Hard limits on structure size and number of signature checks. */
#define X509_VERIFY_MAX_CHAINS 8 /* Max validated chains */
+++ /dev/null
-/* $OpenBSD: x509_lcl.h,v 1.16 2022/08/15 11:52:37 tb Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2013.
- */
-/* ====================================================================
- * Copyright (c) 2013 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_X509_LCL_H
-#define HEADER_X509_LCL_H
-
-__BEGIN_HIDDEN_DECLS
-
-#define TS_HASH_EVP EVP_sha1()
-#define TS_HASH_LEN SHA_DIGEST_LENGTH
-
-#define X509_CERT_HASH_EVP EVP_sha512()
-#define X509_CERT_HASH_LEN SHA512_DIGEST_LENGTH
-#define X509_CRL_HASH_EVP EVP_sha512()
-#define X509_CRL_HASH_LEN SHA512_DIGEST_LENGTH
-
-struct X509_pubkey_st {
- X509_ALGOR *algor;
- ASN1_BIT_STRING *public_key;
- EVP_PKEY *pkey;
-};
-
-struct X509_sig_st {
- X509_ALGOR *algor;
- ASN1_OCTET_STRING *digest;
-} /* X509_SIG */;
-
-struct X509_name_entry_st {
- ASN1_OBJECT *object;
- ASN1_STRING *value;
- int set;
- int size; /* temp variable */
-} /* X509_NAME_ENTRY */;
-
-/* we always keep X509_NAMEs in 2 forms. */
-struct X509_name_st {
- STACK_OF(X509_NAME_ENTRY) *entries;
- int modified; /* true if 'bytes' needs to be built */
-#ifndef OPENSSL_NO_BUFFER
- BUF_MEM *bytes;
-#else
- char *bytes;
-#endif
-/* unsigned long hash; Keep the hash around for lookups */
- unsigned char *canon_enc;
- int canon_enclen;
-} /* X509_NAME */;
-
-struct X509_extension_st {
- ASN1_OBJECT *object;
- ASN1_BOOLEAN critical;
- ASN1_OCTET_STRING *value;
-} /* X509_EXTENSION */;
-
-struct x509_attributes_st {
- ASN1_OBJECT *object;
- STACK_OF(ASN1_TYPE) *set;
-} /* X509_ATTRIBUTE */;
-
-struct X509_req_info_st {
- ASN1_ENCODING enc;
- ASN1_INTEGER *version;
- X509_NAME *subject;
- X509_PUBKEY *pubkey;
- /* d=2 hl=2 l= 0 cons: cont: 00 */
- STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-} /* X509_REQ_INFO */;
-
-struct X509_req_st {
- X509_REQ_INFO *req_info;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int references;
-} /* X509_REQ */;
-
-/*
- * This stuff is certificate "auxiliary info" it contains details which are
- * useful in certificate stores and databases. When used this is tagged onto
- * the end of the certificate itself.
- */
-struct x509_cert_aux_st {
- STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
- STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
- ASN1_UTF8STRING *alias; /* "friendly name" */
- ASN1_OCTET_STRING *keyid; /* key id of private key */
- STACK_OF(X509_ALGOR) *other; /* other unspecified info */
-} /* X509_CERT_AUX */;
-
-struct x509_cinf_st {
- ASN1_INTEGER *version; /* [ 0 ] default of v1 */
- ASN1_INTEGER *serialNumber;
- X509_ALGOR *signature;
- X509_NAME *issuer;
- X509_VAL *validity;
- X509_NAME *subject;
- X509_PUBKEY *key;
- ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
- ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
- STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
- ASN1_ENCODING enc;
-} /* X509_CINF */;
-
-struct x509_st {
- X509_CINF *cert_info;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int valid;
- int references;
- char *name;
- CRYPTO_EX_DATA ex_data;
- /* These contain copies of various extension values */
- long ex_pathlen;
- long ex_pcpathlen;
- unsigned long ex_flags;
- unsigned long ex_kusage;
- unsigned long ex_xkusage;
- unsigned long ex_nscert;
- ASN1_OCTET_STRING *skid;
- AUTHORITY_KEYID *akid;
- X509_POLICY_CACHE *policy_cache;
- STACK_OF(DIST_POINT) *crldp;
- STACK_OF(GENERAL_NAME) *altname;
- NAME_CONSTRAINTS *nc;
-#ifndef OPENSSL_NO_RFC3779
- STACK_OF(IPAddressFamily) *rfc3779_addr;
- struct ASIdentifiers_st *rfc3779_asid;
-#endif
- unsigned char hash[X509_CERT_HASH_LEN];
- time_t not_before;
- time_t not_after;
- X509_CERT_AUX *aux;
-} /* X509 */;
-
-struct x509_revoked_st {
- ASN1_INTEGER *serialNumber;
- ASN1_TIME *revocationDate;
- STACK_OF(X509_EXTENSION) /* optional */ *extensions;
- /* Set up if indirect CRL */
- STACK_OF(GENERAL_NAME) *issuer;
- /* Revocation reason */
- int reason;
- int sequence; /* load sequence */
-};
-
-struct X509_crl_info_st {
- ASN1_INTEGER *version;
- X509_ALGOR *sig_alg;
- X509_NAME *issuer;
- ASN1_TIME *lastUpdate;
- ASN1_TIME *nextUpdate;
- STACK_OF(X509_REVOKED) *revoked;
- STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
- ASN1_ENCODING enc;
-} /* X509_CRL_INFO */;
-
-struct X509_crl_st {
- /* actual signature */
- X509_CRL_INFO *crl;
- X509_ALGOR *sig_alg;
- ASN1_BIT_STRING *signature;
- int references;
- int flags;
- /* Copies of various extensions */
- AUTHORITY_KEYID *akid;
- ISSUING_DIST_POINT *idp;
- /* Convenient breakdown of IDP */
- int idp_flags;
- int idp_reasons;
- /* CRL and base CRL numbers for delta processing */
- ASN1_INTEGER *crl_number;
- ASN1_INTEGER *base_crl_number;
- unsigned char hash[X509_CRL_HASH_LEN];
- STACK_OF(GENERAL_NAMES) *issuers;
- const X509_CRL_METHOD *meth;
- void *meth_data;
-} /* X509_CRL */;
-
-struct pkcs8_priv_key_info_st {
- ASN1_INTEGER *version;
- X509_ALGOR *pkeyalg;
- ASN1_OCTET_STRING *pkey;
- STACK_OF(X509_ATTRIBUTE) *attributes;
-};
-
-struct x509_object_st {
- /* one of the above types */
- int type;
- union {
- X509 *x509;
- X509_CRL *crl;
- } data;
-} /* X509_OBJECT */;
-
-struct x509_lookup_method_st {
- const char *name;
- int (*new_item)(X509_LOOKUP *ctx);
- void (*free)(X509_LOOKUP *ctx);
- int (*init)(X509_LOOKUP *ctx);
- int (*shutdown)(X509_LOOKUP *ctx);
- int (*ctrl)(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
- char **ret);
- int (*get_by_subject)(X509_LOOKUP *ctx, int type, X509_NAME *name,
- X509_OBJECT *ret);
- int (*get_by_issuer_serial)(X509_LOOKUP *ctx, int type, X509_NAME *name,
- ASN1_INTEGER *serial,X509_OBJECT *ret);
- int (*get_by_fingerprint)(X509_LOOKUP *ctx, int type,
- const unsigned char *bytes, int len, X509_OBJECT *ret);
- int (*get_by_alias)(X509_LOOKUP *ctx, int type, const char *str,
- int len, X509_OBJECT *ret);
-} /* X509_LOOKUP_METHOD */;
-
-struct X509_VERIFY_PARAM_st {
- char *name;
- time_t check_time; /* Time to use */
- unsigned long inh_flags; /* Inheritance flags */
- unsigned long flags; /* Various verify flags */
- int purpose; /* purpose to check untrusted certificates */
- int trust; /* trust setting to check */
- int depth; /* Verify depth */
- int security_level; /* 'Security level', see SP800-57. */
- STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
- X509_VERIFY_PARAM_ID *id; /* opaque ID data */
-} /* X509_VERIFY_PARAM */;
-
-/*
- * This is used to hold everything. It is used for all certificate
- * validation. Once we have a certificate chain, the 'verify'
- * function is then called to actually check the cert chain.
- */
-struct x509_store_st {
- /* The following is a cache of trusted certs */
- STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
-
- /* These are external lookup methods */
- STACK_OF(X509_LOOKUP) *get_cert_methods;
-
- X509_VERIFY_PARAM *param;
-
- /* Callbacks for various operations */
- int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
- int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
- int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
- int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
- int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
- int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
- int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
- int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
- STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
- STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
- int (*cleanup)(X509_STORE_CTX *ctx);
-
- CRYPTO_EX_DATA ex_data;
- int references;
-} /* X509_STORE */;
-
-/* This is the functions plus an instance of the local variables. */
-struct x509_lookup_st {
- int init; /* have we been started */
- X509_LOOKUP_METHOD *method; /* the functions */
- char *method_data; /* method data */
-
- X509_STORE *store_ctx; /* who owns us */
-} /* X509_LOOKUP */;
-
-/*
- * This is used when verifying cert chains. Since the gathering of the cert
- * chain can take some time (and has to be 'retried'), this needs to be kept
- * and passed around.
- */
-struct x509_store_ctx_st {
- X509_STORE *store;
- int current_method; /* used when looking up certs */
-
- /* The following are set by the caller */
- X509 *cert; /* The cert to check */
- STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */
- STACK_OF(X509_CRL) *crls; /* set of CRLs passed in */
-
- X509_VERIFY_PARAM *param;
- void *other_ctx; /* Other info for use with get_issuer() */
-
- /* Callbacks for various operations */
- int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
- int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
- int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
- int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
- int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
- int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
- int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
- int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
- int (*check_policy)(X509_STORE_CTX *ctx);
- STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
- STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
- int (*cleanup)(X509_STORE_CTX *ctx);
-
- /* The following is built up */
- int valid; /* if 0, rebuild chain */
- int num_untrusted; /* number of untrusted certs in chain */
- STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */
- X509_POLICY_TREE *tree; /* Valid policy tree */
-
- int explicit_policy; /* Require explicit policy value */
-
- /* When something goes wrong, this is why */
- int error_depth;
- int error;
- X509 *current_cert;
- X509 *current_issuer; /* cert currently being tested as valid issuer */
- X509_CRL *current_crl; /* current CRL */
-
- int current_crl_score; /* score of current CRL */
- unsigned int current_reasons; /* Reason mask */
-
- X509_STORE_CTX *parent; /* For CRL path validation: parent context */
-
- CRYPTO_EX_DATA ex_data;
-} /* X509_STORE_CTX */;
-
-int x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int quiet);
-
-int name_cmp(const char *name, const char *cmp);
-
-__END_HIDDEN_DECLS
-
-#endif /* !HEADER_X509_LCL_H */
-/* $OpenBSD: x509_lib.c,v 1.5 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_lib.c,v 1.6 2022/11/26 16:08:54 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/x509v3.h>
#include "ext_dat.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
--- /dev/null
+/* $OpenBSD: x509_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2013.
+ */
+/* ====================================================================
+ * Copyright (c) 2013 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_X509_LCL_H
+#define HEADER_X509_LCL_H
+
+__BEGIN_HIDDEN_DECLS
+
+#define TS_HASH_EVP EVP_sha1()
+#define TS_HASH_LEN SHA_DIGEST_LENGTH
+
+#define X509_CERT_HASH_EVP EVP_sha512()
+#define X509_CERT_HASH_LEN SHA512_DIGEST_LENGTH
+#define X509_CRL_HASH_EVP EVP_sha512()
+#define X509_CRL_HASH_LEN SHA512_DIGEST_LENGTH
+
+struct X509_pubkey_st {
+ X509_ALGOR *algor;
+ ASN1_BIT_STRING *public_key;
+ EVP_PKEY *pkey;
+};
+
+struct X509_sig_st {
+ X509_ALGOR *algor;
+ ASN1_OCTET_STRING *digest;
+} /* X509_SIG */;
+
+struct X509_name_entry_st {
+ ASN1_OBJECT *object;
+ ASN1_STRING *value;
+ int set;
+ int size; /* temp variable */
+} /* X509_NAME_ENTRY */;
+
+/* we always keep X509_NAMEs in 2 forms. */
+struct X509_name_st {
+ STACK_OF(X509_NAME_ENTRY) *entries;
+ int modified; /* true if 'bytes' needs to be built */
+#ifndef OPENSSL_NO_BUFFER
+ BUF_MEM *bytes;
+#else
+ char *bytes;
+#endif
+/* unsigned long hash; Keep the hash around for lookups */
+ unsigned char *canon_enc;
+ int canon_enclen;
+} /* X509_NAME */;
+
+struct X509_extension_st {
+ ASN1_OBJECT *object;
+ ASN1_BOOLEAN critical;
+ ASN1_OCTET_STRING *value;
+} /* X509_EXTENSION */;
+
+struct x509_attributes_st {
+ ASN1_OBJECT *object;
+ STACK_OF(ASN1_TYPE) *set;
+} /* X509_ATTRIBUTE */;
+
+struct X509_req_info_st {
+ ASN1_ENCODING enc;
+ ASN1_INTEGER *version;
+ X509_NAME *subject;
+ X509_PUBKEY *pubkey;
+ /* d=2 hl=2 l= 0 cons: cont: 00 */
+ STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
+} /* X509_REQ_INFO */;
+
+struct X509_req_st {
+ X509_REQ_INFO *req_info;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int references;
+} /* X509_REQ */;
+
+/*
+ * This stuff is certificate "auxiliary info" it contains details which are
+ * useful in certificate stores and databases. When used this is tagged onto
+ * the end of the certificate itself.
+ */
+struct x509_cert_aux_st {
+ STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
+ STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
+ ASN1_UTF8STRING *alias; /* "friendly name" */
+ ASN1_OCTET_STRING *keyid; /* key id of private key */
+ STACK_OF(X509_ALGOR) *other; /* other unspecified info */
+} /* X509_CERT_AUX */;
+
+struct x509_cinf_st {
+ ASN1_INTEGER *version; /* [ 0 ] default of v1 */
+ ASN1_INTEGER *serialNumber;
+ X509_ALGOR *signature;
+ X509_NAME *issuer;
+ X509_VAL *validity;
+ X509_NAME *subject;
+ X509_PUBKEY *key;
+ ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
+ ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
+ STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
+ ASN1_ENCODING enc;
+} /* X509_CINF */;
+
+struct x509_st {
+ X509_CINF *cert_info;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int valid;
+ int references;
+ char *name;
+ CRYPTO_EX_DATA ex_data;
+ /* These contain copies of various extension values */
+ long ex_pathlen;
+ long ex_pcpathlen;
+ unsigned long ex_flags;
+ unsigned long ex_kusage;
+ unsigned long ex_xkusage;
+ unsigned long ex_nscert;
+ ASN1_OCTET_STRING *skid;
+ AUTHORITY_KEYID *akid;
+ X509_POLICY_CACHE *policy_cache;
+ STACK_OF(DIST_POINT) *crldp;
+ STACK_OF(GENERAL_NAME) *altname;
+ NAME_CONSTRAINTS *nc;
+#ifndef OPENSSL_NO_RFC3779
+ STACK_OF(IPAddressFamily) *rfc3779_addr;
+ struct ASIdentifiers_st *rfc3779_asid;
+#endif
+ unsigned char hash[X509_CERT_HASH_LEN];
+ time_t not_before;
+ time_t not_after;
+ X509_CERT_AUX *aux;
+} /* X509 */;
+
+struct x509_revoked_st {
+ ASN1_INTEGER *serialNumber;
+ ASN1_TIME *revocationDate;
+ STACK_OF(X509_EXTENSION) /* optional */ *extensions;
+ /* Set up if indirect CRL */
+ STACK_OF(GENERAL_NAME) *issuer;
+ /* Revocation reason */
+ int reason;
+ int sequence; /* load sequence */
+};
+
+struct X509_crl_info_st {
+ ASN1_INTEGER *version;
+ X509_ALGOR *sig_alg;
+ X509_NAME *issuer;
+ ASN1_TIME *lastUpdate;
+ ASN1_TIME *nextUpdate;
+ STACK_OF(X509_REVOKED) *revoked;
+ STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
+ ASN1_ENCODING enc;
+} /* X509_CRL_INFO */;
+
+struct X509_crl_st {
+ /* actual signature */
+ X509_CRL_INFO *crl;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int references;
+ int flags;
+ /* Copies of various extensions */
+ AUTHORITY_KEYID *akid;
+ ISSUING_DIST_POINT *idp;
+ /* Convenient breakdown of IDP */
+ int idp_flags;
+ int idp_reasons;
+ /* CRL and base CRL numbers for delta processing */
+ ASN1_INTEGER *crl_number;
+ ASN1_INTEGER *base_crl_number;
+ unsigned char hash[X509_CRL_HASH_LEN];
+ STACK_OF(GENERAL_NAMES) *issuers;
+ const X509_CRL_METHOD *meth;
+ void *meth_data;
+} /* X509_CRL */;
+
+struct pkcs8_priv_key_info_st {
+ ASN1_INTEGER *version;
+ X509_ALGOR *pkeyalg;
+ ASN1_OCTET_STRING *pkey;
+ STACK_OF(X509_ATTRIBUTE) *attributes;
+};
+
+struct x509_object_st {
+ /* one of the above types */
+ int type;
+ union {
+ X509 *x509;
+ X509_CRL *crl;
+ } data;
+} /* X509_OBJECT */;
+
+struct x509_lookup_method_st {
+ const char *name;
+ int (*new_item)(X509_LOOKUP *ctx);
+ void (*free)(X509_LOOKUP *ctx);
+ int (*init)(X509_LOOKUP *ctx);
+ int (*shutdown)(X509_LOOKUP *ctx);
+ int (*ctrl)(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
+ char **ret);
+ int (*get_by_subject)(X509_LOOKUP *ctx, int type, X509_NAME *name,
+ X509_OBJECT *ret);
+ int (*get_by_issuer_serial)(X509_LOOKUP *ctx, int type, X509_NAME *name,
+ ASN1_INTEGER *serial,X509_OBJECT *ret);
+ int (*get_by_fingerprint)(X509_LOOKUP *ctx, int type,
+ const unsigned char *bytes, int len, X509_OBJECT *ret);
+ int (*get_by_alias)(X509_LOOKUP *ctx, int type, const char *str,
+ int len, X509_OBJECT *ret);
+} /* X509_LOOKUP_METHOD */;
+
+struct X509_VERIFY_PARAM_st {
+ char *name;
+ time_t check_time; /* Time to use */
+ unsigned long inh_flags; /* Inheritance flags */
+ unsigned long flags; /* Various verify flags */
+ int purpose; /* purpose to check untrusted certificates */
+ int trust; /* trust setting to check */
+ int depth; /* Verify depth */
+ int security_level; /* 'Security level', see SP800-57. */
+ STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
+ X509_VERIFY_PARAM_ID *id; /* opaque ID data */
+} /* X509_VERIFY_PARAM */;
+
+/*
+ * This is used to hold everything. It is used for all certificate
+ * validation. Once we have a certificate chain, the 'verify'
+ * function is then called to actually check the cert chain.
+ */
+struct x509_store_st {
+ /* The following is a cache of trusted certs */
+ STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
+
+ /* These are external lookup methods */
+ STACK_OF(X509_LOOKUP) *get_cert_methods;
+
+ X509_VERIFY_PARAM *param;
+
+ /* Callbacks for various operations */
+ int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
+ int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
+ int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
+ int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
+ int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
+ int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
+ int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
+ int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
+ STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
+ STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
+ int (*cleanup)(X509_STORE_CTX *ctx);
+
+ CRYPTO_EX_DATA ex_data;
+ int references;
+} /* X509_STORE */;
+
+/* This is the functions plus an instance of the local variables. */
+struct x509_lookup_st {
+ int init; /* have we been started */
+ X509_LOOKUP_METHOD *method; /* the functions */
+ char *method_data; /* method data */
+
+ X509_STORE *store_ctx; /* who owns us */
+} /* X509_LOOKUP */;
+
+/*
+ * This is used when verifying cert chains. Since the gathering of the cert
+ * chain can take some time (and has to be 'retried'), this needs to be kept
+ * and passed around.
+ */
+struct x509_store_ctx_st {
+ X509_STORE *store;
+ int current_method; /* used when looking up certs */
+
+ /* The following are set by the caller */
+ X509 *cert; /* The cert to check */
+ STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */
+ STACK_OF(X509_CRL) *crls; /* set of CRLs passed in */
+
+ X509_VERIFY_PARAM *param;
+ void *other_ctx; /* Other info for use with get_issuer() */
+
+ /* Callbacks for various operations */
+ int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
+ int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
+ int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
+ int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
+ int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
+ int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
+ int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
+ int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
+ int (*check_policy)(X509_STORE_CTX *ctx);
+ STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
+ STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
+ int (*cleanup)(X509_STORE_CTX *ctx);
+
+ /* The following is built up */
+ int valid; /* if 0, rebuild chain */
+ int num_untrusted; /* number of untrusted certs in chain */
+ STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */
+ X509_POLICY_TREE *tree; /* Valid policy tree */
+
+ int explicit_policy; /* Require explicit policy value */
+
+ /* When something goes wrong, this is why */
+ int error_depth;
+ int error;
+ X509 *current_cert;
+ X509 *current_issuer; /* cert currently being tested as valid issuer */
+ X509_CRL *current_crl; /* current CRL */
+
+ int current_crl_score; /* score of current CRL */
+ unsigned int current_reasons; /* Reason mask */
+
+ X509_STORE_CTX *parent; /* For CRL path validation: parent context */
+
+ CRYPTO_EX_DATA ex_data;
+} /* X509_STORE_CTX */;
+
+int x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int quiet);
+
+int name_cmp(const char *name, const char *cmp);
+
+__END_HIDDEN_DECLS
+
+#endif /* !HEADER_X509_LCL_H */
-/* $OpenBSD: x509_lu.c,v 1.56 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_lu.c,v 1.57 2022/11/26 16:08:54 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/lhash.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
X509_LOOKUP *
X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
-/* $OpenBSD: x509_ncons.c,v 1.6 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_ncons.c,v 1.7 2022/11/26 16:08:55 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
*/
#include <openssl/err.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-/* $OpenBSD: x509_obj.c,v 1.20 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_obj.c,v 1.21 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
char *
X509_NAME_oneline(const X509_NAME *a, char *buf, int len)
-/* $OpenBSD: x509_prn.c,v 1.3 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_prn.c,v 1.4 2022/11/26 16:08:55 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/conf.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
/* Extension printing routines */
-/* $OpenBSD: x509_purp.c,v 1.17 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_purp.c,v 1.18 2022/11/26 16:08:55 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2001.
*/
#include <openssl/x509_vfy.h>
#include "x509_internal.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
#define V1_ROOT (EXFLAG_V1|EXFLAG_SS)
#define ku_reject(x, usage) \
-/* $OpenBSD: x509_r2x.c,v 1.14 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_r2x.c,v 1.15 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
X509 *
X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
-/* $OpenBSD: x509_req.c,v 1.30 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_req.c,v 1.31 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/pem.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
-#include "x509_lcl.h"
+#include "evp_local.h"
+#include "x509_local.h"
X509_REQ *
X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
-/* $OpenBSD: x509_set.c,v 1.21 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_set.c,v 1.22 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
const STACK_OF(X509_EXTENSION) *
X509_get0_extensions(const X509 *x)
-/* $OpenBSD: x509_skey.c,v 1.3 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_skey.c,v 1.4 2022/11/26 16:08:55 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/err.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, char *str);
-/* $OpenBSD: x509_trs.c,v 1.29 2022/11/17 00:42:12 beck Exp $ */
+/* $OpenBSD: x509_trs.c,v 1.30 2022/11/26 16:08:55 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
#include <openssl/err.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
static int tr_cmp(const X509_TRUST * const *a, const X509_TRUST * const *b);
static void trtable_free(X509_TRUST *p);
-/* $OpenBSD: x509_v3.c,v 1.19 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_v3.c,v 1.20 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
int
X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
-/* $OpenBSD: x509_vfy.c,v 1.106 2022/11/17 00:42:12 beck Exp $ */
+/* $OpenBSD: x509_vfy.c,v 1.107 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
#include "vpm_int.h"
#include "x509_internal.h"
-/* $OpenBSD: x509_vpm.c,v 1.31 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509_vpm.c,v 1.32 2022/11/26 16:08:55 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2004.
*/
#include <openssl/x509v3.h>
#include "vpm_int.h"
-#include "x509_lcl.h"
+#include "x509_local.h"
/* X509_VERIFY_PARAM functions */
-/* $OpenBSD: x509cset.c,v 1.17 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509cset.c,v 1.18 2022/11/26 16:08:55 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2001.
*/
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
int
X509_CRL_up_ref(X509_CRL *x)
-/* $OpenBSD: x509name.c,v 1.28 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509name.c,v 1.29 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/stack.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
int
X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
-/* $OpenBSD: x509rset.c,v 1.10 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509rset.c,v 1.11 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "x509_lcl.h"
+#include "x509_local.h"
int
X509_REQ_set_version(X509_REQ *x, long version)
-/* $OpenBSD: x509type.c,v 1.16 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x509type.c,v 1.17 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
-#include "x509_lcl.h"
+#include "evp_local.h"
+#include "x509_local.h"
int
X509_certificate_type(const X509 *x, const EVP_PKEY *pkey)
-/* $OpenBSD: x_all.c,v 1.28 2022/11/14 17:48:50 beck Exp $ */
+/* $OpenBSD: x_all.c,v 1.29 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/rsa.h>
#endif
-#include "x509_lcl.h"
+#include "x509_local.h"
X509 *
d2i_X509_bio(BIO *bp, X509 **x509)
-/* $OpenBSD: bio_ssl.c,v 1.36 2022/11/11 11:25:18 beck Exp $ */
+/* $OpenBSD: bio_ssl.c,v 1.37 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/ssl.h>
#include "bio_local.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
static int ssl_write(BIO *h, const char *buf, int num);
static int ssl_read(BIO *h, char *buf, int size);
-/* $OpenBSD: d1_both.c,v 1.82 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: d1_both.c,v 1.83 2022/11/26 16:08:55 tb Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
#include <openssl/x509.h>
#include "bytestring.h"
-#include "dtls_locl.h"
+#include "dtls_local.h"
#include "pqueue.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
#define RSMBLY_BITMASK_SIZE(msg_len) (((msg_len) + 7) / 8)
-/* $OpenBSD: d1_lib.c,v 1.63 2022/11/11 17:15:26 jsing Exp $ */
+/* $OpenBSD: d1_lib.c,v 1.64 2022/11/26 16:08:55 tb Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
#include <openssl/objects.h>
-#include "dtls_locl.h"
+#include "dtls_local.h"
#include "pqueue.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
void dtls1_hm_fragment_free(hm_fragment *frag);
-/* $OpenBSD: d1_pkt.c,v 1.126 2022/11/23 07:31:12 tb Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.127 2022/11/26 16:08:55 tb Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
#include <openssl/evp.h>
#include "bytestring.h"
-#include "dtls_locl.h"
+#include "dtls_local.h"
#include "pqueue.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "tls_content.h"
/* mod 128 saturating subtract of two 64-bit values in big-endian order */
-/* $OpenBSD: d1_srtp.c,v 1.31 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: d1_srtp.c,v 1.32 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#ifndef OPENSSL_NO_SRTP
#include "bytestring.h"
-#include "dtls_locl.h"
-#include "ssl_locl.h"
+#include "dtls_local.h"
+#include "ssl_local.h"
#include "srtp.h"
static const SRTP_PROTECTION_PROFILE srtp_known_profiles[] = {
--- /dev/null
+/* $OpenBSD: dtls_local.h,v 1.1 2022/11/26 16:08:55 tb Exp $ */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DTLS_LOCL_H
+#define HEADER_DTLS_LOCL_H
+
+#include <sys/time.h>
+
+#include <openssl/dtls1.h>
+
+#include "ssl_local.h"
+#include "tls_content.h"
+
+__BEGIN_HIDDEN_DECLS
+
+typedef struct dtls1_bitmap_st {
+ unsigned long map; /* track 32 packets on 32-bit systems
+ and 64 - on 64-bit systems */
+ unsigned char max_seq_num[8]; /* max record number seen so far,
+ 64-bit value in big-endian
+ encoding */
+} DTLS1_BITMAP;
+
+struct dtls1_retransmit_state {
+ SSL_SESSION *session;
+ unsigned short epoch;
+};
+
+struct hm_header_st {
+ unsigned char type;
+ unsigned long msg_len;
+ unsigned short seq;
+ unsigned long frag_off;
+ unsigned long frag_len;
+ unsigned int is_ccs;
+ struct dtls1_retransmit_state saved_retransmit_state;
+};
+
+struct dtls1_timeout_st {
+ /* Number of read timeouts so far */
+ unsigned int read_timeouts;
+
+ /* Number of write timeouts so far */
+ unsigned int write_timeouts;
+
+ /* Number of alerts received so far */
+ unsigned int num_alerts;
+};
+
+struct _pqueue;
+
+typedef struct record_pqueue_st {
+ unsigned short epoch;
+ struct _pqueue *q;
+} record_pqueue;
+
+typedef struct rcontent_pqueue_st {
+ unsigned short epoch;
+ struct _pqueue *q;
+} rcontent_pqueue;
+
+typedef struct hm_fragment_st {
+ struct hm_header_st msg_header;
+ unsigned char *fragment;
+ unsigned char *reassembly;
+} hm_fragment;
+
+typedef struct dtls1_record_data_internal_st {
+ unsigned char *packet;
+ unsigned int packet_length;
+ SSL3_BUFFER_INTERNAL rbuf;
+ SSL3_RECORD_INTERNAL rrec;
+} DTLS1_RECORD_DATA_INTERNAL;
+
+typedef struct dtls1_rcontent_data_internal_st {
+ struct tls_content *rcontent;
+} DTLS1_RCONTENT_DATA_INTERNAL;
+
+struct dtls1_state_st {
+ /* Buffered (sent) handshake records */
+ struct _pqueue *sent_messages;
+
+ /* Indicates when the last handshake msg or heartbeat sent will timeout */
+ struct timeval next_timeout;
+
+ /* Timeout duration */
+ unsigned short timeout_duration;
+
+ unsigned int send_cookie;
+ unsigned char cookie[DTLS1_COOKIE_LENGTH];
+ unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
+ unsigned int cookie_len;
+
+ /* records being received in the current epoch */
+ DTLS1_BITMAP bitmap;
+
+ /* renegotiation starts a new set of sequence numbers */
+ DTLS1_BITMAP next_bitmap;
+
+ /* handshake message numbers */
+ unsigned short handshake_write_seq;
+ unsigned short next_handshake_write_seq;
+
+ unsigned short handshake_read_seq;
+
+ /* Received handshake records (unprocessed) */
+ record_pqueue unprocessed_rcds;
+
+ /* Buffered handshake messages */
+ struct _pqueue *buffered_messages;
+
+ /* Buffered application records.
+ * Only for records between CCS and Finished
+ * to prevent either protocol violation or
+ * unnecessary message loss.
+ */
+ rcontent_pqueue buffered_app_data;
+
+ /* Is set when listening for new connections with dtls1_listen() */
+ unsigned int listen;
+
+ unsigned int mtu; /* max DTLS packet size */
+
+ struct hm_header_st w_msg_hdr;
+ struct hm_header_st r_msg_hdr;
+
+ struct dtls1_timeout_st timeout;
+
+ unsigned int retransmitting;
+ unsigned int change_cipher_spec_ok;
+};
+
+int dtls1_do_write(SSL *s, int type);
+int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
+void dtls1_set_message_header(SSL *s, unsigned char mt, unsigned long len,
+ unsigned long frag_off, unsigned long frag_len);
+void dtls1_set_message_header_int(SSL *s, unsigned char mt,
+ unsigned long len, unsigned short seq_num, unsigned long frag_off,
+ unsigned long frag_len);
+
+int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
+ unsigned int len);
+
+int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
+int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
+
+int dtls1_read_failed(SSL *s, int code);
+int dtls1_buffer_message(SSL *s, int ccs);
+int dtls1_retransmit_message(SSL *s, unsigned short seq,
+ unsigned long frag_off, int *found);
+int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
+int dtls1_retransmit_buffered_messages(SSL *s);
+void dtls1_clear_record_buffer(SSL *s);
+int dtls1_get_message_header(CBS *header, struct hm_header_st *msg_hdr);
+void dtls1_reset_read_seq_numbers(SSL *s);
+struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
+int dtls1_check_timeout_num(SSL *s);
+int dtls1_handle_timeout(SSL *s);
+const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
+void dtls1_start_timer(SSL *s);
+void dtls1_stop_timer(SSL *s);
+int dtls1_is_timer_expired(SSL *s);
+void dtls1_double_timeout(SSL *s);
+unsigned int dtls1_min_mtu(void);
+
+int dtls1_new(SSL *s);
+void dtls1_free(SSL *s);
+void dtls1_clear(SSL *s);
+long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg);
+
+int dtls1_get_message(SSL *s, int st1, int stn, int mt, long max);
+int dtls1_get_record(SSL *s);
+
+__END_HIDDEN_DECLS
+
+#endif
+++ /dev/null
-/* $OpenBSD: dtls_locl.h,v 1.11 2022/11/11 17:15:26 jsing Exp $ */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DTLS_LOCL_H
-#define HEADER_DTLS_LOCL_H
-
-#include <sys/time.h>
-
-#include <openssl/dtls1.h>
-
-#include "ssl_locl.h"
-#include "tls_content.h"
-
-__BEGIN_HIDDEN_DECLS
-
-typedef struct dtls1_bitmap_st {
- unsigned long map; /* track 32 packets on 32-bit systems
- and 64 - on 64-bit systems */
- unsigned char max_seq_num[8]; /* max record number seen so far,
- 64-bit value in big-endian
- encoding */
-} DTLS1_BITMAP;
-
-struct dtls1_retransmit_state {
- SSL_SESSION *session;
- unsigned short epoch;
-};
-
-struct hm_header_st {
- unsigned char type;
- unsigned long msg_len;
- unsigned short seq;
- unsigned long frag_off;
- unsigned long frag_len;
- unsigned int is_ccs;
- struct dtls1_retransmit_state saved_retransmit_state;
-};
-
-struct dtls1_timeout_st {
- /* Number of read timeouts so far */
- unsigned int read_timeouts;
-
- /* Number of write timeouts so far */
- unsigned int write_timeouts;
-
- /* Number of alerts received so far */
- unsigned int num_alerts;
-};
-
-struct _pqueue;
-
-typedef struct record_pqueue_st {
- unsigned short epoch;
- struct _pqueue *q;
-} record_pqueue;
-
-typedef struct rcontent_pqueue_st {
- unsigned short epoch;
- struct _pqueue *q;
-} rcontent_pqueue;
-
-typedef struct hm_fragment_st {
- struct hm_header_st msg_header;
- unsigned char *fragment;
- unsigned char *reassembly;
-} hm_fragment;
-
-typedef struct dtls1_record_data_internal_st {
- unsigned char *packet;
- unsigned int packet_length;
- SSL3_BUFFER_INTERNAL rbuf;
- SSL3_RECORD_INTERNAL rrec;
-} DTLS1_RECORD_DATA_INTERNAL;
-
-typedef struct dtls1_rcontent_data_internal_st {
- struct tls_content *rcontent;
-} DTLS1_RCONTENT_DATA_INTERNAL;
-
-struct dtls1_state_st {
- /* Buffered (sent) handshake records */
- struct _pqueue *sent_messages;
-
- /* Indicates when the last handshake msg or heartbeat sent will timeout */
- struct timeval next_timeout;
-
- /* Timeout duration */
- unsigned short timeout_duration;
-
- unsigned int send_cookie;
- unsigned char cookie[DTLS1_COOKIE_LENGTH];
- unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
- unsigned int cookie_len;
-
- /* records being received in the current epoch */
- DTLS1_BITMAP bitmap;
-
- /* renegotiation starts a new set of sequence numbers */
- DTLS1_BITMAP next_bitmap;
-
- /* handshake message numbers */
- unsigned short handshake_write_seq;
- unsigned short next_handshake_write_seq;
-
- unsigned short handshake_read_seq;
-
- /* Received handshake records (unprocessed) */
- record_pqueue unprocessed_rcds;
-
- /* Buffered handshake messages */
- struct _pqueue *buffered_messages;
-
- /* Buffered application records.
- * Only for records between CCS and Finished
- * to prevent either protocol violation or
- * unnecessary message loss.
- */
- rcontent_pqueue buffered_app_data;
-
- /* Is set when listening for new connections with dtls1_listen() */
- unsigned int listen;
-
- unsigned int mtu; /* max DTLS packet size */
-
- struct hm_header_st w_msg_hdr;
- struct hm_header_st r_msg_hdr;
-
- struct dtls1_timeout_st timeout;
-
- unsigned int retransmitting;
- unsigned int change_cipher_spec_ok;
-};
-
-int dtls1_do_write(SSL *s, int type);
-int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
-void dtls1_set_message_header(SSL *s, unsigned char mt, unsigned long len,
- unsigned long frag_off, unsigned long frag_len);
-void dtls1_set_message_header_int(SSL *s, unsigned char mt,
- unsigned long len, unsigned short seq_num, unsigned long frag_off,
- unsigned long frag_len);
-
-int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
- unsigned int len);
-
-int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
-int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
-
-int dtls1_read_failed(SSL *s, int code);
-int dtls1_buffer_message(SSL *s, int ccs);
-int dtls1_retransmit_message(SSL *s, unsigned short seq,
- unsigned long frag_off, int *found);
-int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
-int dtls1_retransmit_buffered_messages(SSL *s);
-void dtls1_clear_record_buffer(SSL *s);
-int dtls1_get_message_header(CBS *header, struct hm_header_st *msg_hdr);
-void dtls1_reset_read_seq_numbers(SSL *s);
-struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
-int dtls1_check_timeout_num(SSL *s);
-int dtls1_handle_timeout(SSL *s);
-const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
-void dtls1_start_timer(SSL *s);
-void dtls1_stop_timer(SSL *s);
-int dtls1_is_timer_expired(SSL *s);
-void dtls1_double_timeout(SSL *s);
-unsigned int dtls1_min_mtu(void);
-
-int dtls1_new(SSL *s);
-void dtls1_free(SSL *s);
-void dtls1_clear(SSL *s);
-long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg);
-
-int dtls1_get_message(SSL *s, int st1, int stn, int mt, long max);
-int dtls1_get_record(SSL *s);
-
-__END_HIDDEN_DECLS
-
-#endif
-/* $OpenBSD: s3_cbc.c,v 1.25 2021/12/09 17:45:49 tb Exp $ */
+/* $OpenBSD: s3_cbc.c,v 1.26 2022/11/26 16:08:55 tb Exp $ */
/* ====================================================================
* Copyright (c) 2012 The OpenSSL Project. All rights reserved.
*
#include <openssl/md5.h>
#include <openssl/sha.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
/* MAX_HASH_BIT_COUNT_BYTES is the maximum number of bytes in the hash's length
* field. (SHA-384/512 have 128-bit length.) */
-/* $OpenBSD: s3_lib.c,v 1.241 2022/11/11 17:15:26 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.242 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/opensslconf.h>
#include "bytestring.h"
-#include "dtls_locl.h"
-#include "ssl_locl.h"
+#include "dtls_local.h"
+#include "ssl_local.h"
#include "ssl_sigalgs.h"
#include "ssl_tlsext.h"
#include "tls_content.h"
-/* $OpenBSD: ssl_algs.c,v 1.30 2022/01/14 08:38:48 tb Exp $ */
+/* $OpenBSD: ssl_algs.c,v 1.31 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/opensslconf.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
int
SSL_library_init(void)
-/* $OpenBSD: ssl_asn1.c,v 1.65 2022/06/07 17:53:42 tb Exp $ */
+/* $OpenBSD: ssl_asn1.c,v 1.66 2022/11/26 16:08:55 tb Exp $ */
/*
* Copyright (c) 2016 Joel Sing <jsing@openbsd.org>
*
#include <openssl/x509.h>
#include "bytestring.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
#define SSLASN1_TAG (CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC)
#define SSLASN1_TIME_TAG (SSLASN1_TAG | 1)
-/* $OpenBSD: ssl_both.c,v 1.44 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: ssl_both.c,v 1.45 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/x509.h>
#include "bytestring.h"
-#include "dtls_locl.h"
-#include "ssl_locl.h"
+#include "dtls_local.h"
+#include "ssl_local.h"
/*
* Send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
-/* $OpenBSD: ssl_cert.c,v 1.104 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: ssl_cert.c,v 1.105 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/pem.h>
#include <openssl/x509v3.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
int
SSL_get_ex_data_X509_STORE_CTX_idx(void)
-/* $OpenBSD: ssl_ciph.c,v 1.134 2022/09/08 15:31:12 millert Exp $ */
+/* $OpenBSD: ssl_ciph.c,v 1.135 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/engine.h>
#endif
-#include "ssl_locl.h"
+#include "ssl_local.h"
#define CIPHER_ADD 1
#define CIPHER_KILL 2
-/* $OpenBSD: ssl_ciphers.c,v 1.16 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: ssl_ciphers.c,v 1.17 2022/11/26 16:08:55 tb Exp $ */
/*
* Copyright (c) 2015-2017 Doug Hogan <doug@openbsd.org>
* Copyright (c) 2015-2018, 2020 Joel Sing <jsing@openbsd.org>
#include <openssl/safestack.h>
#include "bytestring.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
int
ssl_cipher_in_list(STACK_OF(SSL_CIPHER) *ciphers, const SSL_CIPHER *cipher)
-/* $OpenBSD: ssl_clnt.c,v 1.156 2022/10/20 15:18:54 tb Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.157 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#endif
#include "bytestring.h"
-#include "dtls_locl.h"
-#include "ssl_locl.h"
+#include "dtls_local.h"
+#include "ssl_local.h"
#include "ssl_sigalgs.h"
#include "ssl_tlsext.h"
-/* $OpenBSD: ssl_err.c,v 1.44 2022/08/21 19:18:57 jsing Exp $ */
+/* $OpenBSD: ssl_err.c,v 1.45 2022/11/26 16:08:55 tb Exp $ */
/* ====================================================================
* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
*
#include <openssl/opensslconf.h>
#include <openssl/ssl.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#ifndef OPENSSL_NO_ERR
-/* $OpenBSD: ssl_init.c,v 1.2 2018/03/30 14:59:46 jsing Exp $ */
+/* $OpenBSD: ssl_init.c,v 1.3 2022/11/26 16:08:55 tb Exp $ */
/*
* Copyright (c) 2018 Bob Beck <beck@openbsd.org>
*
#include <openssl/objects.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
static pthread_t ssl_init_thread;
-/* $OpenBSD: ssl_lib.c,v 1.307 2022/11/07 11:58:45 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.308 2022/11/26 16:08:55 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#endif
#include "bytestring.h"
-#include "dtls_locl.h"
-#include "ssl_locl.h"
+#include "dtls_local.h"
+#include "ssl_local.h"
#include "ssl_sigalgs.h"
#include "ssl_tlsext.h"
#include "tls12_internal.h"
--- /dev/null
+/* $OpenBSD: ssl_local.h,v 1.1 2022/11/26 16:08:55 tb Exp $ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#ifndef HEADER_SSL_LOCL_H
+#define HEADER_SSL_LOCL_H
+
+#include <sys/types.h>
+
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <unistd.h>
+
+#include <openssl/opensslconf.h>
+
+#include <openssl/bio.h>
+#include <openssl/buffer.h>
+#include <openssl/dsa.h>
+#include <openssl/err.h>
+#include <openssl/rsa.h>
+#include <openssl/ssl.h>
+#include <openssl/stack.h>
+
+#include "bytestring.h"
+#include "tls_content.h"
+#include "tls13_internal.h"
+
+__BEGIN_HIDDEN_DECLS
+
+#define CTASSERT(x) extern char _ctassert[(x) ? 1 : -1 ] \
+ __attribute__((__unused__))
+
+#ifndef LIBRESSL_HAS_DTLS1_2
+#define LIBRESSL_HAS_DTLS1_2
+#endif
+
+#ifndef LIBRESSL_HAS_TLS1_3_CLIENT
+#define LIBRESSL_HAS_TLS1_3_CLIENT
+#endif
+
+#ifndef LIBRESSL_HAS_TLS1_3_SERVER
+#define LIBRESSL_HAS_TLS1_3_SERVER
+#endif
+
+#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) || defined(LIBRESSL_HAS_TLS1_3_SERVER)
+#define LIBRESSL_HAS_TLS1_3
+#endif
+
+/* LOCAL STUFF */
+
+#define SSL_DECRYPT 0
+#define SSL_ENCRYPT 1
+
+/*
+ * Define the Bitmasks for SSL_CIPHER.algorithms.
+ * This bits are used packed as dense as possible. If new methods/ciphers
+ * etc will be added, the bits a likely to change, so this information
+ * is for internal library use only, even though SSL_CIPHER.algorithms
+ * can be publicly accessed.
+ * Use the according functions for cipher management instead.
+ *
+ * The bit mask handling in the selection and sorting scheme in
+ * ssl_create_cipher_list() has only limited capabilities, reflecting
+ * that the different entities within are mutually exclusive:
+ * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
+ */
+
+/* Bits for algorithm_mkey (key exchange algorithm) */
+#define SSL_kRSA 0x00000001L /* RSA key exchange */
+#define SSL_kDHE 0x00000008L /* tmp DH key no DH cert */
+#define SSL_kECDHE 0x00000080L /* ephemeral ECDH */
+#define SSL_kGOST 0x00000200L /* GOST key exchange */
+#define SSL_kTLS1_3 0x00000400L /* TLSv1.3 key exchange */
+
+/* Bits for algorithm_auth (server authentication) */
+#define SSL_aRSA 0x00000001L /* RSA auth */
+#define SSL_aDSS 0x00000002L /* DSS auth */
+#define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) */
+#define SSL_aECDSA 0x00000040L /* ECDSA auth*/
+#define SSL_aGOST01 0x00000200L /* GOST R 34.10-2001 signature auth */
+#define SSL_aTLS1_3 0x00000400L /* TLSv1.3 authentication */
+
+/* Bits for algorithm_enc (symmetric encryption) */
+#define SSL_DES 0x00000001L
+#define SSL_3DES 0x00000002L
+#define SSL_RC4 0x00000004L
+#define SSL_IDEA 0x00000008L
+#define SSL_eNULL 0x00000010L
+#define SSL_AES128 0x00000020L
+#define SSL_AES256 0x00000040L
+#define SSL_CAMELLIA128 0x00000080L
+#define SSL_CAMELLIA256 0x00000100L
+#define SSL_eGOST2814789CNT 0x00000200L
+#define SSL_AES128GCM 0x00000400L
+#define SSL_AES256GCM 0x00000800L
+#define SSL_CHACHA20POLY1305 0x00001000L
+
+#define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
+#define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
+
+
+/* Bits for algorithm_mac (symmetric authentication) */
+
+#define SSL_MD5 0x00000001L
+#define SSL_SHA1 0x00000002L
+#define SSL_GOST94 0x00000004L
+#define SSL_GOST89MAC 0x00000008L
+#define SSL_SHA256 0x00000010L
+#define SSL_SHA384 0x00000020L
+/* Not a real MAC, just an indication it is part of cipher */
+#define SSL_AEAD 0x00000040L
+#define SSL_STREEBOG256 0x00000080L
+
+/* Bits for algorithm_ssl (protocol version) */
+#define SSL_SSLV3 0x00000002L
+#define SSL_TLSV1 SSL_SSLV3 /* for now */
+#define SSL_TLSV1_2 0x00000004L
+#define SSL_TLSV1_3 0x00000008L
+
+
+/* Bits for algorithm2 (handshake digests and other extra flags) */
+
+#define SSL_HANDSHAKE_MAC_MASK 0xff0
+#define SSL_HANDSHAKE_MAC_MD5 0x010
+#define SSL_HANDSHAKE_MAC_SHA 0x020
+#define SSL_HANDSHAKE_MAC_GOST94 0x040
+#define SSL_HANDSHAKE_MAC_SHA256 0x080
+#define SSL_HANDSHAKE_MAC_SHA384 0x100
+#define SSL_HANDSHAKE_MAC_STREEBOG256 0x200
+#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
+
+#define SSL3_CK_ID 0x03000000
+#define SSL3_CK_VALUE_MASK 0x0000ffff
+
+#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
+
+#define TLS1_PRF_DGST_SHIFT 10
+#define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
+#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
+#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
+#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
+#define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
+#define TLS1_PRF_STREEBOG256 (SSL_HANDSHAKE_MAC_STREEBOG256 << TLS1_PRF_DGST_SHIFT)
+#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
+
+/*
+ * Stream MAC for GOST ciphersuites from cryptopro draft
+ * (currently this also goes into algorithm2).
+ */
+#define TLS1_STREAM_MAC 0x04
+
+/*
+ * SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD is an algorithm2 flag that
+ * indicates that the variable part of the nonce is included as a prefix of
+ * the record (AES-GCM, for example, does this with an 8-byte variable nonce.)
+ */
+#define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD (1 << 22)
+
+/*
+ * SSL_CIPHER_AEAD_FIXED_NONCE_LEN returns the number of bytes of fixed nonce
+ * for an SSL_CIPHER with an algorithm_mac of SSL_AEAD.
+ */
+#define SSL_CIPHER_AEAD_FIXED_NONCE_LEN(ssl_cipher) \
+ (((ssl_cipher->algorithm2 >> 24) & 0xf) * 2)
+
+/*
+ * Cipher strength information.
+ */
+#define SSL_STRONG_MASK 0x000001fcL
+#define SSL_STRONG_NONE 0x00000004L
+#define SSL_LOW 0x00000020L
+#define SSL_MEDIUM 0x00000040L
+#define SSL_HIGH 0x00000080L
+
+/*
+ * The keylength (measured in RSA key bits, I guess) for temporary keys.
+ * Cipher argument is so that this can be variable in the future.
+ */
+#define SSL_C_PKEYLENGTH(c) 1024
+
+/* See if we use signature algorithms extension. */
+#define SSL_USE_SIGALGS(s) \
+ (s->method->enc_flags & SSL_ENC_FLAG_SIGALGS)
+
+/* See if we use SHA256 default PRF. */
+#define SSL_USE_SHA256_PRF(s) \
+ (s->method->enc_flags & SSL_ENC_FLAG_SHA256_PRF)
+
+/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
+#define SSL_USE_TLS1_2_CIPHERS(s) \
+ (s->method->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
+
+/* Allow TLS 1.3 ciphersuites only. */
+#define SSL_USE_TLS1_3_CIPHERS(s) \
+ (s->method->enc_flags & SSL_ENC_FLAG_TLS1_3_CIPHERS)
+
+#define SSL_PKEY_RSA 0
+#define SSL_PKEY_ECC 1
+#define SSL_PKEY_GOST01 2
+#define SSL_PKEY_NUM 3
+
+#define SSL_MAX_EMPTY_RECORDS 32
+
+/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
+ * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
+ * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
+ * SSL_kDHE <- RSA_ENC | RSA_SIGN | DSA_SIGN
+ * SSL_aRSA <- RSA_ENC | RSA_SIGN
+ * SSL_aDSS <- DSA_SIGN
+ */
+
+/* From ECC-TLS draft, used in encoding the curve type in
+ * ECParameters
+ */
+#define EXPLICIT_PRIME_CURVE_TYPE 1
+#define EXPLICIT_CHAR2_CURVE_TYPE 2
+#define NAMED_CURVE_TYPE 3
+
+typedef struct ssl_cert_pkey_st {
+ X509 *x509;
+ EVP_PKEY *privatekey;
+ STACK_OF(X509) *chain;
+} SSL_CERT_PKEY;
+
+typedef struct ssl_cert_st {
+ /* Current active set */
+ /* ALWAYS points to an element of the pkeys array
+ * Probably it would make more sense to store
+ * an index, not a pointer. */
+ SSL_CERT_PKEY *key;
+
+ SSL_CERT_PKEY pkeys[SSL_PKEY_NUM];
+
+ /* The following masks are for the key and auth
+ * algorithms that are supported by the certs below */
+ int valid;
+ unsigned long mask_k;
+ unsigned long mask_a;
+
+ DH *dhe_params;
+ DH *(*dhe_params_cb)(SSL *ssl, int is_export, int keysize);
+ int dhe_params_auto;
+
+ int (*security_cb)(const SSL *s, const SSL_CTX *ctx, int op, int bits,
+ int nid, void *other, void *ex_data); /* Not exposed in API. */
+ int security_level;
+ void *security_ex_data; /* Not exposed in API. */
+
+ int references; /* >1 only if SSL_copy_session_id is used */
+} SSL_CERT;
+
+struct ssl_comp_st {
+ int id;
+ const char *name;
+};
+
+struct ssl_cipher_st {
+ int valid;
+ const char *name; /* text name */
+ unsigned long id; /* id, 4 bytes, first is version */
+
+ unsigned long algorithm_mkey; /* key exchange algorithm */
+ unsigned long algorithm_auth; /* server authentication */
+ unsigned long algorithm_enc; /* symmetric encryption */
+ unsigned long algorithm_mac; /* symmetric authentication */
+ unsigned long algorithm_ssl; /* (major) protocol version */
+
+ unsigned long algo_strength; /* strength and export flags */
+ unsigned long algorithm2; /* Extra flags */
+ int strength_bits; /* Number of bits really used */
+ int alg_bits; /* Number of bits for algorithm */
+};
+
+struct ssl_method_st {
+ int dtls;
+ int server;
+ int version;
+
+ uint16_t min_tls_version;
+ uint16_t max_tls_version;
+
+ int (*ssl_new)(SSL *s);
+ void (*ssl_clear)(SSL *s);
+ void (*ssl_free)(SSL *s);
+
+ int (*ssl_accept)(SSL *s);
+ int (*ssl_connect)(SSL *s);
+ int (*ssl_shutdown)(SSL *s);
+
+ int (*ssl_renegotiate)(SSL *s);
+ int (*ssl_renegotiate_check)(SSL *s);
+
+ int (*ssl_pending)(const SSL *s);
+ int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf, int len,
+ int peek);
+ int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
+
+ const SSL_CIPHER *(*get_cipher)(unsigned int ncipher);
+
+ unsigned int enc_flags; /* SSL_ENC_FLAG_* */
+};
+
+/*
+ * Let's make this into an ASN.1 type structure as follows
+ * SSL_SESSION_ID ::= SEQUENCE {
+ * version INTEGER, -- structure version number
+ * SSLversion INTEGER, -- SSL version number
+ * Cipher OCTET STRING, -- the 2 byte cipher ID
+ * Session_ID OCTET STRING, -- the Session ID
+ * Master_key OCTET STRING, -- the master key
+ * KRB5_principal OCTET STRING -- optional Kerberos principal
+ * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
+ * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
+ * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
+ * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context
+ * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer'
+ * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension
+ * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
+ * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity
+ * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
+ * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only)
+ * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method
+ * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
+ * }
+ * Look in ssl/ssl_asn1.c for more details
+ * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
+ */
+struct ssl_session_st {
+ int ssl_version; /* what ssl version session info is
+ * being kept in here? */
+
+ size_t master_key_length;
+ unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
+
+ /* session_id - valid? */
+ size_t session_id_length;
+ unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
+
+ /* this is used to determine whether the session is being reused in
+ * the appropriate context. It is up to the application to set this,
+ * via SSL_new */
+ size_t sid_ctx_length;
+ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+
+ /* Peer provided leaf (end-entity) certificate. */
+ X509 *peer_cert;
+ int peer_cert_type;
+
+ /* when app_verify_callback accepts a session where the peer's certificate
+ * is not ok, we must remember the error for session reuse: */
+ long verify_result; /* only for servers */
+
+ long timeout;
+ time_t time;
+ int references;
+
+ const SSL_CIPHER *cipher;
+ unsigned long cipher_id; /* when ASN.1 loaded, this
+ * needs to be used to load
+ * the 'cipher' structure */
+
+ STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
+
+ char *tlsext_hostname;
+
+ /* Session resumption - RFC 5077 and RFC 8446. */
+ unsigned char *tlsext_tick; /* Session ticket */
+ size_t tlsext_ticklen; /* Session ticket length */
+ uint32_t tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
+ uint32_t tlsext_tick_age_add; /* TLSv1.3 ticket age obfuscation (in ms) */
+ struct tls13_secret resumption_master_secret;
+
+ CRYPTO_EX_DATA ex_data; /* application specific data */
+
+ /* These are used to make removal of session-ids more
+ * efficient and to implement a maximum cache size. */
+ struct ssl_session_st *prev, *next;
+
+ /* Used to indicate that session resumption is not allowed.
+ * Applications can also set this bit for a new session via
+ * not_resumable_session_cb to disable session caching and tickets. */
+ int not_resumable;
+
+ size_t tlsext_ecpointformatlist_length;
+ uint8_t *tlsext_ecpointformatlist; /* peer's list */
+ size_t tlsext_supportedgroups_length;
+ uint16_t *tlsext_supportedgroups; /* peer's list */
+};
+
+struct ssl_sigalg;
+
+typedef struct ssl_handshake_tls12_st {
+ /* Used when SSL_ST_FLUSH_DATA is entered. */
+ int next_state;
+
+ /* Handshake message type and size. */
+ int message_type;
+ unsigned long message_size;
+
+ /* Reuse current handshake message. */
+ int reuse_message;
+
+ /* Client certificate requests. */
+ int cert_request;
+ STACK_OF(X509_NAME) *ca_names;
+
+ /* Record-layer key block for TLS 1.2 and earlier. */
+ struct tls12_key_block *key_block;
+
+ /* Transcript hash prior to sending certificate verify message. */
+ uint8_t cert_verify[EVP_MAX_MD_SIZE];
+} SSL_HANDSHAKE_TLS12;
+
+typedef struct ssl_handshake_tls13_st {
+ int use_legacy;
+ int hrr;
+
+ /* Client indicates psk_dhe_ke support in PskKeyExchangeMode. */
+ int use_psk_dhe_ke;
+
+ /* Certificate selected for use (static pointer). */
+ const SSL_CERT_PKEY *cpk;
+
+ /* Version proposed by peer server. */
+ uint16_t server_version;
+
+ uint16_t server_group;
+ struct tls13_secrets *secrets;
+
+ uint8_t *cookie;
+ size_t cookie_len;
+
+ /* Preserved transcript hash. */
+ uint8_t transcript_hash[EVP_MAX_MD_SIZE];
+ size_t transcript_hash_len;
+
+ /* Legacy session ID. */
+ uint8_t legacy_session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
+ size_t legacy_session_id_len;
+
+ /* ClientHello hash, used to validate following HelloRetryRequest */
+ EVP_MD_CTX *clienthello_md_ctx;
+ unsigned char *clienthello_hash;
+ unsigned int clienthello_hash_len;
+
+ /* QUIC read buffer and read/write encryption levels. */
+ struct tls_buffer *quic_read_buffer;
+ enum ssl_encryption_level_t quic_read_level;
+ enum ssl_encryption_level_t quic_write_level;
+} SSL_HANDSHAKE_TLS13;
+
+typedef struct ssl_handshake_st {
+ /*
+ * Minimum and maximum versions supported for this handshake. These are
+ * initialised at the start of a handshake based on the method in use
+ * and the current protocol version configuration.
+ */
+ uint16_t our_min_tls_version;
+ uint16_t our_max_tls_version;
+
+ /*
+ * Version negotiated for this session. For a client this is set once
+ * the server selected version is parsed from the ServerHello (either
+ * from the legacy version or supported versions extension). For a
+ * server this is set once we select the version we will use with the
+ * client.
+ */
+ uint16_t negotiated_tls_version;
+
+ /*
+ * Legacy version advertised by our peer. For a server this is the
+ * version specified by the client in the ClientHello message. For a
+ * client, this is the version provided in the ServerHello message.
+ */
+ uint16_t peer_legacy_version;
+
+ /*
+ * Current handshake state - contains one of the SSL3_ST_* values and
+ * is used by the TLSv1.2 state machine, as well as being updated by
+ * the TLSv1.3 stack due to it being exposed externally.
+ */
+ int state;
+
+ /* Cipher being negotiated in this handshake. */
+ const SSL_CIPHER *cipher;
+
+ /* Extensions seen in this handshake. */
+ uint32_t extensions_seen;
+
+ /* Signature algorithms selected for use (static pointers). */
+ const struct ssl_sigalg *our_sigalg;
+ const struct ssl_sigalg *peer_sigalg;
+
+ /* sigalgs offered in this handshake in wire form */
+ uint8_t *sigalgs;
+ size_t sigalgs_len;
+
+ /* Key share for ephemeral key exchange. */
+ struct tls_key_share *key_share;
+
+ /*
+ * Copies of the verify data sent in our finished message and the
+ * verify data received in the finished message sent by our peer.
+ */
+ uint8_t finished[EVP_MAX_MD_SIZE];
+ size_t finished_len;
+ uint8_t peer_finished[EVP_MAX_MD_SIZE];
+ size_t peer_finished_len;
+
+ /* List of certificates received from our peer. */
+ STACK_OF(X509) *peer_certs;
+ STACK_OF(X509) *peer_certs_no_leaf;
+
+ SSL_HANDSHAKE_TLS12 tls12;
+ SSL_HANDSHAKE_TLS13 tls13;
+} SSL_HANDSHAKE;
+
+typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
+
+/* TLS Session Ticket extension struct. */
+struct tls_session_ticket_ext_st {
+ unsigned short length;
+ void *data;
+};
+
+struct tls12_key_block;
+
+struct tls12_key_block *tls12_key_block_new(void);
+void tls12_key_block_free(struct tls12_key_block *kb);
+void tls12_key_block_client_write(struct tls12_key_block *kb, CBS *mac_key,
+ CBS *key, CBS *iv);
+void tls12_key_block_server_write(struct tls12_key_block *kb, CBS *mac_key,
+ CBS *key, CBS *iv);
+int tls12_key_block_generate(struct tls12_key_block *kb, SSL *s,
+ const EVP_AEAD *aead, const EVP_CIPHER *cipher, const EVP_MD *mac_hash);
+
+struct tls12_record_layer;
+
+struct tls12_record_layer *tls12_record_layer_new(void);
+void tls12_record_layer_free(struct tls12_record_layer *rl);
+void tls12_record_layer_alert(struct tls12_record_layer *rl,
+ uint8_t *alert_desc);
+int tls12_record_layer_write_overhead(struct tls12_record_layer *rl,
+ size_t *overhead);
+int tls12_record_layer_read_protected(struct tls12_record_layer *rl);
+int tls12_record_layer_write_protected(struct tls12_record_layer *rl);
+void tls12_record_layer_set_aead(struct tls12_record_layer *rl,
+ const EVP_AEAD *aead);
+void tls12_record_layer_set_cipher_hash(struct tls12_record_layer *rl,
+ const EVP_CIPHER *cipher, const EVP_MD *handshake_hash,
+ const EVP_MD *mac_hash);
+void tls12_record_layer_set_version(struct tls12_record_layer *rl,
+ uint16_t version);
+void tls12_record_layer_set_initial_epoch(struct tls12_record_layer *rl,
+ uint16_t epoch);
+uint16_t tls12_record_layer_read_epoch(struct tls12_record_layer *rl);
+uint16_t tls12_record_layer_write_epoch(struct tls12_record_layer *rl);
+int tls12_record_layer_use_write_epoch(struct tls12_record_layer *rl,
+ uint16_t epoch);
+void tls12_record_layer_write_epoch_done(struct tls12_record_layer *rl,
+ uint16_t epoch);
+void tls12_record_layer_clear_read_state(struct tls12_record_layer *rl);
+void tls12_record_layer_clear_write_state(struct tls12_record_layer *rl);
+void tls12_record_layer_reflect_seq_num(struct tls12_record_layer *rl);
+int tls12_record_layer_change_read_cipher_state(struct tls12_record_layer *rl,
+ CBS *mac_key, CBS *key, CBS *iv);
+int tls12_record_layer_change_write_cipher_state(struct tls12_record_layer *rl,
+ CBS *mac_key, CBS *key, CBS *iv);
+int tls12_record_layer_open_record(struct tls12_record_layer *rl,
+ uint8_t *buf, size_t buf_len, struct tls_content *out);
+int tls12_record_layer_seal_record(struct tls12_record_layer *rl,
+ uint8_t content_type, const uint8_t *content, size_t content_len,
+ CBB *out);
+
+typedef void (ssl_info_callback_fn)(const SSL *s, int type, int val);
+typedef void (ssl_msg_callback_fn)(int is_write, int version, int content_type,
+ const void *buf, size_t len, SSL *ssl, void *arg);
+
+struct ssl_ctx_st {
+ const SSL_METHOD *method;
+ const SSL_QUIC_METHOD *quic_method;
+
+ STACK_OF(SSL_CIPHER) *cipher_list;
+
+ struct x509_store_st /* X509_STORE */ *cert_store;
+
+ /* If timeout is not 0, it is the default timeout value set
+ * when SSL_new() is called. This has been put in to make
+ * life easier to set things up */
+ long session_timeout;
+
+ int references;
+
+ /* Default values to use in SSL structures follow (these are copied by SSL_new) */
+
+ STACK_OF(X509) *extra_certs;
+
+ int verify_mode;
+ size_t sid_ctx_length;
+ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+
+ X509_VERIFY_PARAM *param;
+
+ /*
+ * XXX
+ * default_passwd_cb used by python and openvpn, need to keep it until we
+ * add an accessor
+ */
+ /* Default password callback. */
+ pem_password_cb *default_passwd_callback;
+
+ /* Default password callback user data. */
+ void *default_passwd_callback_userdata;
+
+ uint16_t min_tls_version;
+ uint16_t max_tls_version;
+
+ /*
+ * These may be zero to imply minimum or maximum version supported by
+ * the method.
+ */
+ uint16_t min_proto_version;
+ uint16_t max_proto_version;
+
+ unsigned long options;
+ unsigned long mode;
+
+ /* If this callback is not null, it will be called each
+ * time a session id is added to the cache. If this function
+ * returns 1, it means that the callback will do a
+ * SSL_SESSION_free() when it has finished using it. Otherwise,
+ * on 0, it means the callback has finished with it.
+ * If remove_session_cb is not null, it will be called when
+ * a session-id is removed from the cache. After the call,
+ * OpenSSL will SSL_SESSION_free() it. */
+ int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
+ void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
+ SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
+ const unsigned char *data, int len, int *copy);
+
+ /* if defined, these override the X509_verify_cert() calls */
+ int (*app_verify_callback)(X509_STORE_CTX *, void *);
+ void *app_verify_arg;
+
+ /* get client cert callback */
+ int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
+
+ /* cookie generate callback */
+ int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
+ unsigned int *cookie_len);
+
+ /* verify cookie callback */
+ int (*app_verify_cookie_cb)(SSL *ssl, const unsigned char *cookie,
+ unsigned int cookie_len);
+
+ ssl_info_callback_fn *info_callback;
+
+ /* callback that allows applications to peek at protocol messages */
+ ssl_msg_callback_fn *msg_callback;
+ void *msg_callback_arg;
+
+ int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
+
+ /* Default generate session ID callback. */
+ GEN_SESSION_CB generate_session_id;
+
+ /* TLS extensions servername callback */
+ int (*tlsext_servername_callback)(SSL*, int *, void *);
+ void *tlsext_servername_arg;
+
+ /* Callback to support customisation of ticket key setting */
+ int (*tlsext_ticket_key_cb)(SSL *ssl, unsigned char *name,
+ unsigned char *iv, EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc);
+
+ /* certificate status request info */
+ /* Callback for status request */
+ int (*tlsext_status_cb)(SSL *ssl, void *arg);
+ void *tlsext_status_arg;
+
+ struct lhash_st_SSL_SESSION *sessions;
+
+ /* Most session-ids that will be cached, default is
+ * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
+ unsigned long session_cache_size;
+ struct ssl_session_st *session_cache_head;
+ struct ssl_session_st *session_cache_tail;
+
+ /* This can have one of 2 values, ored together,
+ * SSL_SESS_CACHE_CLIENT,
+ * SSL_SESS_CACHE_SERVER,
+ * Default is SSL_SESSION_CACHE_SERVER, which means only
+ * SSL_accept which cache SSL_SESSIONS. */
+ int session_cache_mode;
+
+ struct {
+ int sess_connect; /* SSL new conn - started */
+ int sess_connect_renegotiate;/* SSL reneg - requested */
+ int sess_connect_good; /* SSL new conne/reneg - finished */
+ int sess_accept; /* SSL new accept - started */
+ int sess_accept_renegotiate;/* SSL reneg - requested */
+ int sess_accept_good; /* SSL accept/reneg - finished */
+ int sess_miss; /* session lookup misses */
+ int sess_timeout; /* reuse attempt on timeouted session */
+ int sess_cache_full; /* session removed due to full cache */
+ int sess_hit; /* session reuse actually done */
+ int sess_cb_hit; /* session-id that was not
+ * in the cache was
+ * passed back via the callback. This
+ * indicates that the application is
+ * supplying session-id's from other
+ * processes - spooky :-) */
+ } stats;
+
+ CRYPTO_EX_DATA ex_data;
+
+ STACK_OF(SSL_CIPHER) *cipher_list_tls13;
+
+ SSL_CERT *cert;
+
+ /* Default values used when no per-SSL value is defined follow */
+
+ /* what we put in client cert requests */
+ STACK_OF(X509_NAME) *client_CA;
+
+ long max_cert_list;
+
+ int read_ahead;
+
+ int quiet_shutdown;
+
+ /* Maximum amount of data to send in one fragment.
+ * actual record size can be more than this due to
+ * padding and MAC overheads.
+ */
+ unsigned int max_send_fragment;
+
+#ifndef OPENSSL_NO_ENGINE
+ /* Engine to pass requests for client certs to
+ */
+ ENGINE *client_cert_engine;
+#endif
+
+ /* RFC 4507 session ticket keys */
+ unsigned char tlsext_tick_key_name[16];
+ unsigned char tlsext_tick_hmac_key[16];
+ unsigned char tlsext_tick_aes_key[16];
+
+ /* SRTP profiles we are willing to do from RFC 5764 */
+ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
+
+ /*
+ * ALPN information.
+ */
+
+ /*
+ * Server callback function that allows the server to select the
+ * protocol for the connection.
+ * out: on successful return, this must point to the raw protocol
+ * name (without the length prefix).
+ * outlen: on successful return, this contains the length of out.
+ * in: points to the client's list of supported protocols in
+ * wire-format.
+ * inlen: the length of in.
+ */
+ int (*alpn_select_cb)(SSL *s, const unsigned char **out,
+ unsigned char *outlen, const unsigned char *in, unsigned int inlen,
+ void *arg);
+ void *alpn_select_cb_arg;
+
+ /* Client list of supported protocols in wire format. */
+ uint8_t *alpn_client_proto_list;
+ size_t alpn_client_proto_list_len;
+
+ size_t tlsext_ecpointformatlist_length;
+ uint8_t *tlsext_ecpointformatlist; /* our list */
+ size_t tlsext_supportedgroups_length;
+ uint16_t *tlsext_supportedgroups; /* our list */
+ SSL_CTX_keylog_cb_func keylog_callback; /* Unused. For OpenSSL compatibility. */
+ size_t num_tickets; /* Unused, for OpenSSL compatibility */
+};
+
+struct ssl_st {
+ /* protocol version
+ * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION)
+ */
+ int version;
+
+ const SSL_METHOD *method;
+ const SSL_QUIC_METHOD *quic_method;
+
+ /* There are 2 BIO's even though they are normally both the
+ * same. This is so data can be read and written to different
+ * handlers */
+
+ BIO *rbio; /* used by SSL_read */
+ BIO *wbio; /* used by SSL_write */
+ BIO *bbio; /* used during session-id reuse to concatenate
+ * messages */
+ int server; /* are we the server side? - mostly used by SSL_clear*/
+
+ struct ssl3_state_st *s3; /* SSLv3 variables */
+ struct dtls1_state_st *d1; /* DTLSv1 variables */
+
+ X509_VERIFY_PARAM *param;
+
+ /* crypto */
+ STACK_OF(SSL_CIPHER) *cipher_list;
+
+ /* This is used to hold the server certificate used */
+ SSL_CERT *cert;
+
+ /* the session_id_context is used to ensure sessions are only reused
+ * in the appropriate context */
+ size_t sid_ctx_length;
+ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+
+ /* This can also be in the session once a session is established */
+ SSL_SESSION *session;
+
+ /* Used in SSL2 and SSL3 */
+ int verify_mode; /* 0 don't care about verify failure.
+ * 1 fail if verify fails */
+ int error; /* error bytes to be written */
+ int error_code; /* actual code */
+
+ SSL_CTX *ctx;
+
+ long verify_result;
+
+ int references;
+
+ int client_version; /* what was passed, used for
+ * SSLv3/TLS rollback check */
+
+ unsigned int max_send_fragment;
+
+ char *tlsext_hostname;
+
+ /* certificate status request info */
+ /* Status type or -1 if no status type */
+ int tlsext_status_type;
+
+ SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
+#define session_ctx initial_ctx
+
+ struct tls13_ctx *tls13;
+
+ uint16_t min_tls_version;
+ uint16_t max_tls_version;
+
+ /*
+ * These may be zero to imply minimum or maximum version supported by
+ * the method.
+ */
+ uint16_t min_proto_version;
+ uint16_t max_proto_version;
+
+ unsigned long options; /* protocol behaviour */
+ unsigned long mode; /* API behaviour */
+
+ /* Client list of supported protocols in wire format. */
+ uint8_t *alpn_client_proto_list;
+ size_t alpn_client_proto_list_len;
+
+ /* QUIC transport params we will send */
+ uint8_t *quic_transport_params;
+ size_t quic_transport_params_len;
+
+ /* XXX Callbacks */
+
+ /* true when we are actually in SSL_accept() or SSL_connect() */
+ int in_handshake;
+ int (*handshake_func)(SSL *);
+
+ ssl_info_callback_fn *info_callback;
+
+ /* callback that allows applications to peek at protocol messages */
+ ssl_msg_callback_fn *msg_callback;
+ void *msg_callback_arg;
+
+ int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
+
+ /* Default generate session ID callback. */
+ GEN_SESSION_CB generate_session_id;
+
+ /* TLS extension debug callback */
+ void (*tlsext_debug_cb)(SSL *s, int client_server, int type,
+ unsigned char *data, int len, void *arg);
+ void *tlsext_debug_arg;
+
+ /* TLS Session Ticket extension callback */
+ tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
+ void *tls_session_ticket_ext_cb_arg;
+
+ /* TLS pre-shared secret session resumption */
+ tls_session_secret_cb_fn tls_session_secret_cb;
+ void *tls_session_secret_cb_arg;
+
+ /* XXX non-callback */
+
+ /* This holds a variable that indicates what we were doing
+ * when a 0 or -1 is returned. This is needed for
+ * non-blocking IO so we know what request needs re-doing when
+ * in SSL_accept or SSL_connect */
+ int rwstate;
+
+ /* Imagine that here's a boolean member "init" that is
+ * switched as soon as SSL_set_{accept/connect}_state
+ * is called for the first time, so that "state" and
+ * "handshake_func" are properly initialized. But as
+ * handshake_func is == 0 until then, we use this
+ * test instead of an "init" member.
+ */
+
+ int new_session;/* Generate a new session or reuse an old one.
+ * NB: For servers, the 'new' session may actually be a previously
+ * cached session or even the previous session unless
+ * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
+ int quiet_shutdown;/* don't send shutdown packets */
+ int shutdown; /* we have shut things down, 0x01 sent, 0x02
+ * for received */
+ BUF_MEM *init_buf; /* buffer used during init */
+ void *init_msg; /* pointer to handshake message body, set by ssl3_get_message() */
+ int init_num; /* amount read/written */
+ int init_off; /* amount read/written */
+
+ /* used internally to point at a raw packet */
+ unsigned char *packet;
+ unsigned int packet_length;
+
+ int read_ahead; /* Read as many input bytes as possible
+ * (for non-blocking reads) */
+
+ int hit; /* reusing a previous session */
+
+ STACK_OF(SSL_CIPHER) *cipher_list_tls13;
+
+ struct tls12_record_layer *rl;
+
+ /* session info */
+
+ /* extra application data */
+ CRYPTO_EX_DATA ex_data;
+
+ /* client cert? */
+ /* for server side, keep the list of CA_dn we can use */
+ STACK_OF(X509_NAME) *client_CA;
+
+ /* set this flag to 1 and a sleep(1) is put into all SSL_read()
+ * and SSL_write() calls, good for nbio debuging :-) */
+ int debug;
+ long max_cert_list;
+ int first_packet;
+
+ /* Expect OCSP CertificateStatus message */
+ int tlsext_status_expected;
+ /* OCSP status request only */
+ STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids;
+ X509_EXTENSIONS *tlsext_ocsp_exts;
+
+ /* OCSP response received or to be sent */
+ unsigned char *tlsext_ocsp_resp;
+ size_t tlsext_ocsp_resp_len;
+
+ /* RFC4507 session ticket expected to be received or sent */
+ int tlsext_ticket_expected;
+
+ size_t tlsext_ecpointformatlist_length;
+ uint8_t *tlsext_ecpointformatlist; /* our list */
+ size_t tlsext_supportedgroups_length;
+ uint16_t *tlsext_supportedgroups; /* our list */
+
+ /* TLS Session Ticket extension override */
+ TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
+
+ STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What we'll do */
+ const SRTP_PROTECTION_PROFILE *srtp_profile; /* What's been chosen */
+
+ int renegotiate;/* 1 if we are renegotiating.
+ * 2 if we are a server and are inside a handshake
+ * (i.e. not just sending a HelloRequest) */
+
+ int rstate; /* where we are when reading */
+
+ int mac_packet;
+
+ int empty_record_count;
+
+ size_t num_tickets; /* Unused, for OpenSSL compatibility */
+ STACK_OF(X509) *verified_chain;
+};
+
+typedef struct ssl3_record_internal_st {
+ int type; /* type of record */
+ unsigned int length; /* How many bytes available */
+ unsigned int padding_length; /* Number of padding bytes. */
+ unsigned int off; /* read/write offset into 'buf' */
+ unsigned char *data; /* pointer to the record data */
+ unsigned char *input; /* where the decode bytes are */
+ uint16_t epoch; /* epoch number, needed by DTLS1 */
+ unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
+} SSL3_RECORD_INTERNAL;
+
+typedef struct ssl3_buffer_internal_st {
+ unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
+ * see ssl3_setup_buffers() */
+ size_t len; /* buffer size */
+ int offset; /* where to 'copy from' */
+ int left; /* how many bytes left */
+} SSL3_BUFFER_INTERNAL;
+
+typedef struct ssl3_state_st {
+ long flags;
+
+ unsigned char server_random[SSL3_RANDOM_SIZE];
+ unsigned char client_random[SSL3_RANDOM_SIZE];
+
+ SSL3_BUFFER_INTERNAL rbuf; /* read IO goes into here */
+ SSL3_BUFFER_INTERNAL wbuf; /* write IO goes into here */
+
+ SSL3_RECORD_INTERNAL rrec; /* each decoded record goes in here */
+
+ struct tls_content *rcontent; /* Content from opened TLS records. */
+
+ /* we allow one fatal and one warning alert to be outstanding,
+ * send close alert via the warning alert */
+ int alert_dispatch;
+ unsigned char send_alert[2];
+
+ /* flags for countermeasure against known-IV weakness */
+ int need_empty_fragments;
+ int empty_fragment_done;
+
+ /* Unprocessed Alert/Handshake protocol data. */
+ struct tls_buffer *alert_fragment;
+ struct tls_buffer *handshake_fragment;
+
+ /* partial write - check the numbers match */
+ unsigned int wnum; /* number of bytes sent so far */
+ int wpend_tot; /* number bytes written */
+ int wpend_type;
+ int wpend_ret; /* number of bytes submitted */
+ const unsigned char *wpend_buf;
+
+ /* Transcript of handshake messages that have been sent and received. */
+ struct tls_buffer *handshake_transcript;
+
+ /* Rolling hash of handshake messages. */
+ EVP_MD_CTX *handshake_hash;
+
+ /* this is set whenerver we see a change_cipher_spec message
+ * come in when we are not looking for one */
+ int change_cipher_spec;
+
+ int warn_alert;
+ int fatal_alert;
+
+ /* This flag is set when we should renegotiate ASAP, basically when
+ * there is no more data in the read or write buffers */
+ int renegotiate;
+ int total_renegotiations;
+ int num_renegotiations;
+
+ int in_read_app_data;
+
+ SSL_HANDSHAKE hs;
+
+ /* Connection binding to prevent renegotiation attacks */
+ unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
+ unsigned char previous_client_finished_len;
+ unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
+ unsigned char previous_server_finished_len;
+ int send_connection_binding; /* TODOEKR */
+
+ /* Set if we saw a Renegotiation Indication extension from our peer. */
+ int renegotiate_seen;
+
+ /*
+ * ALPN information.
+ *
+ * In a server these point to the selected ALPN protocol after the
+ * ClientHello has been processed. In a client these contain the
+ * protocol that the server selected once the ServerHello has been
+ * processed.
+ */
+ uint8_t *alpn_selected;
+ size_t alpn_selected_len;
+
+ /* Contains the QUIC transport params received from our peer. */
+ uint8_t *peer_quic_transport_params;
+ size_t peer_quic_transport_params_len;
+} SSL3_STATE;
+
+/*
+ * Flag values for enc_flags.
+ */
+
+/* Uses signature algorithms extension. */
+#define SSL_ENC_FLAG_SIGALGS (1 << 1)
+
+/* Uses SHA256 default PRF. */
+#define SSL_ENC_FLAG_SHA256_PRF (1 << 2)
+
+/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
+#define SSL_ENC_FLAG_TLS1_2_CIPHERS (1 << 4)
+
+/* Allow TLS 1.3 ciphersuites only. */
+#define SSL_ENC_FLAG_TLS1_3_CIPHERS (1 << 5)
+
+#define TLSV1_ENC_FLAGS 0
+#define TLSV1_1_ENC_FLAGS 0
+#define TLSV1_2_ENC_FLAGS (SSL_ENC_FLAG_SIGALGS | \
+ SSL_ENC_FLAG_SHA256_PRF | \
+ SSL_ENC_FLAG_TLS1_2_CIPHERS)
+#define TLSV1_3_ENC_FLAGS (SSL_ENC_FLAG_SIGALGS | \
+ SSL_ENC_FLAG_TLS1_3_CIPHERS)
+
+extern const SSL_CIPHER ssl3_ciphers[];
+
+const char *ssl_version_string(int ver);
+int ssl_version_set_min(const SSL_METHOD *meth, uint16_t proto_ver,
+ uint16_t max_tls_ver, uint16_t *out_tls_ver, uint16_t *out_proto_ver);
+int ssl_version_set_max(const SSL_METHOD *meth, uint16_t proto_ver,
+ uint16_t min_tls_ver, uint16_t *out_tls_ver, uint16_t *out_proto_ver);
+int ssl_enabled_tls_version_range(SSL *s, uint16_t *min_ver, uint16_t *max_ver);
+int ssl_supported_tls_version_range(SSL *s, uint16_t *min_ver, uint16_t *max_ver);
+uint16_t ssl_tls_version(uint16_t version);
+uint16_t ssl_effective_tls_version(SSL *s);
+int ssl_max_supported_version(SSL *s, uint16_t *max_ver);
+int ssl_max_legacy_version(SSL *s, uint16_t *max_ver);
+int ssl_max_shared_version(SSL *s, uint16_t peer_ver, uint16_t *max_ver);
+int ssl_check_version_from_server(SSL *s, uint16_t server_version);
+int ssl_legacy_stack_version(SSL *s, uint16_t version);
+int ssl_cipher_in_list(STACK_OF(SSL_CIPHER) *ciphers, const SSL_CIPHER *cipher);
+int ssl_cipher_allowed_in_tls_version_range(const SSL_CIPHER *cipher,
+ uint16_t min_ver, uint16_t max_ver);
+
+const SSL_METHOD *tls_legacy_method(void);
+const SSL_METHOD *ssl_get_method(uint16_t version);
+
+void ssl_clear_cipher_state(SSL *s);
+int ssl_clear_bad_session(SSL *s);
+
+void ssl_info_callback(const SSL *s, int type, int value);
+void ssl_msg_callback(SSL *s, int is_write, int content_type,
+ const void *msg_buf, size_t msg_len);
+void ssl_msg_callback_cbs(SSL *s, int is_write, int content_type, CBS *cbs);
+
+SSL_CERT *ssl_cert_new(void);
+SSL_CERT *ssl_cert_dup(SSL_CERT *cert);
+void ssl_cert_free(SSL_CERT *c);
+SSL_CERT *ssl_get0_cert(SSL_CTX *ctx, SSL *ssl);
+int ssl_cert_set0_chain(SSL_CTX *ctx, SSL *ssl, STACK_OF(X509) *chain);
+int ssl_cert_set1_chain(SSL_CTX *ctx, SSL *ssl, STACK_OF(X509) *chain);
+int ssl_cert_add0_chain_cert(SSL_CTX *ctx, SSL *ssl, X509 *cert);
+int ssl_cert_add1_chain_cert(SSL_CTX *ctx, SSL *ssl, X509 *cert);
+
+int ssl_security_default_cb(const SSL *ssl, const SSL_CTX *ctx, int op,
+ int bits, int nid, void *other, void *ex_data);
+
+int ssl_security_cipher_check(const SSL *ssl, SSL_CIPHER *cipher);
+int ssl_security_shared_cipher(const SSL *ssl, SSL_CIPHER *cipher);
+int ssl_security_supported_cipher(const SSL *ssl, SSL_CIPHER *cipher);
+int ssl_ctx_security_dh(const SSL_CTX *ctx, DH *dh);
+int ssl_security_dh(const SSL *ssl, DH *dh);
+int ssl_security_sigalg_check(const SSL *ssl, const EVP_PKEY *pkey);
+int ssl_security_tickets(const SSL *ssl);
+int ssl_security_version(const SSL *ssl, int version);
+int ssl_security_cert(const SSL_CTX *ctx, const SSL *ssl, X509 *x509,
+ int is_peer, int *out_error);
+int ssl_security_cert_chain(const SSL *ssl, STACK_OF(X509) *sk,
+ X509 *x509, int *out_error);
+int ssl_security_shared_group(const SSL *ssl, uint16_t group_id);
+int ssl_security_supported_group(const SSL *ssl, uint16_t group_id);
+
+SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int include_ticket);
+int ssl_get_new_session(SSL *s, int session);
+int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block,
+ int *alert);
+int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
+SSL_CIPHER *OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base,
+ int num);
+int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb);
+STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, CBS *cbs);
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
+ STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) *tls13,
+ const char *rule_str, SSL_CERT *cert);
+int ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str);
+int ssl_merge_cipherlists(STACK_OF(SSL_CIPHER) *cipherlist,
+ STACK_OF(SSL_CIPHER) *cipherlist_tls13,
+ STACK_OF(SSL_CIPHER) **out_cipherlist);
+void ssl_update_cache(SSL *s, int mode);
+int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
+ const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size);
+int ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead);
+int ssl_get_handshake_evp_md(SSL *s, const EVP_MD **md);
+
+int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk);
+int ssl_undefined_function(SSL *s);
+int ssl_undefined_void_function(void);
+int ssl_undefined_const_function(const SSL *s);
+SSL_CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
+EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd,
+ const struct ssl_sigalg **sap);
+size_t ssl_dhe_params_auto_key_bits(SSL *s);
+int ssl_cert_type(EVP_PKEY *pkey);
+void ssl_set_cert_masks(SSL_CERT *c, const SSL_CIPHER *cipher);
+STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
+int ssl_has_ecc_ciphers(SSL *s);
+int ssl_verify_alarm_type(long type);
+
+int SSL_SESSION_ticket(SSL_SESSION *ss, unsigned char **out, size_t *out_len);
+
+const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
+int ssl3_do_write(SSL *s, int type);
+int ssl3_send_alert(SSL *s, int level, int desc);
+int ssl3_get_req_cert_types(SSL *s, CBB *cbb);
+int ssl3_get_message(SSL *s, int st1, int stn, int mt, long max);
+int ssl3_num_ciphers(void);
+const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
+const SSL_CIPHER *ssl3_get_cipher_by_value(uint16_t value);
+uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c);
+int ssl3_renegotiate(SSL *ssl);
+
+int ssl3_renegotiate_check(SSL *ssl);
+
+void ssl_force_want_read(SSL *s);
+
+int ssl3_dispatch_alert(SSL *s);
+int ssl3_read_alert(SSL *s);
+int ssl3_read_change_cipher_spec(SSL *s);
+int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
+int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
+int ssl3_output_cert_chain(SSL *s, CBB *cbb, SSL_CERT_PKEY *cpk);
+SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
+ STACK_OF(SSL_CIPHER) *srvr);
+int ssl3_setup_buffers(SSL *s);
+int ssl3_setup_init_buffer(SSL *s);
+void ssl3_release_init_buffer(SSL *s);
+int ssl3_setup_read_buffer(SSL *s);
+int ssl3_setup_write_buffer(SSL *s);
+void ssl3_release_buffer(SSL3_BUFFER_INTERNAL *b);
+void ssl3_release_read_buffer(SSL *s);
+void ssl3_release_write_buffer(SSL *s);
+int ssl3_new(SSL *s);
+void ssl3_free(SSL *s);
+int ssl3_accept(SSL *s);
+int ssl3_connect(SSL *s);
+int ssl3_read(SSL *s, void *buf, int len);
+int ssl3_peek(SSL *s, void *buf, int len);
+int ssl3_write(SSL *s, const void *buf, int len);
+int ssl3_shutdown(SSL *s);
+void ssl3_clear(SSL *s);
+long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg);
+long ssl3_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
+long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void));
+long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp)(void));
+int ssl3_pending(const SSL *s);
+
+int ssl3_handshake_msg_hdr_len(SSL *s);
+int ssl3_handshake_msg_start(SSL *s, CBB *handshake, CBB *body,
+ uint8_t msg_type);
+int ssl3_handshake_msg_finish(SSL *s, CBB *handshake);
+int ssl3_handshake_write(SSL *s);
+int ssl3_record_write(SSL *s, int type);
+
+int ssl3_do_change_cipher_spec(SSL *ssl);
+
+int ssl3_packet_read(SSL *s, int plen);
+int ssl3_packet_extend(SSL *s, int plen);
+int ssl_server_legacy_first_packet(SSL *s);
+int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
+ unsigned int len);
+
+int ssl_kex_generate_dhe(DH *dh, DH *dh_params);
+int ssl_kex_generate_dhe_params_auto(DH *dh, size_t key_len);
+int ssl_kex_params_dhe(DH *dh, CBB *cbb);
+int ssl_kex_public_dhe(DH *dh, CBB *cbb);
+int ssl_kex_peer_params_dhe(DH *dh, CBS *cbs, int *decode_error,
+ int *invalid_params);
+int ssl_kex_peer_public_dhe(DH *dh, CBS *cbs, int *decode_error,
+ int *invalid_key);
+int ssl_kex_derive_dhe(DH *dh, DH *dh_peer,
+ uint8_t **shared_key, size_t *shared_key_len);
+
+int ssl_kex_dummy_ecdhe_x25519(EVP_PKEY *pkey);
+int ssl_kex_generate_ecdhe_ecp(EC_KEY *ecdh, int nid);
+int ssl_kex_public_ecdhe_ecp(EC_KEY *ecdh, CBB *cbb);
+int ssl_kex_peer_public_ecdhe_ecp(EC_KEY *ecdh, int nid, CBS *cbs);
+int ssl_kex_derive_ecdhe_ecp(EC_KEY *ecdh, EC_KEY *ecdh_peer,
+ uint8_t **shared_key, size_t *shared_key_len);
+
+int tls1_new(SSL *s);
+void tls1_free(SSL *s);
+void tls1_clear(SSL *s);
+
+int ssl_init_wbio_buffer(SSL *s, int push);
+void ssl_free_wbio_buffer(SSL *s);
+
+int tls1_transcript_hash_init(SSL *s);
+int tls1_transcript_hash_update(SSL *s, const unsigned char *buf, size_t len);
+int tls1_transcript_hash_value(SSL *s, unsigned char *out, size_t len,
+ size_t *outlen);
+void tls1_transcript_hash_free(SSL *s);
+
+int tls1_transcript_init(SSL *s);
+void tls1_transcript_free(SSL *s);
+void tls1_transcript_reset(SSL *s);
+int tls1_transcript_append(SSL *s, const unsigned char *buf, size_t len);
+int tls1_transcript_data(SSL *s, const unsigned char **data, size_t *len);
+void tls1_transcript_freeze(SSL *s);
+void tls1_transcript_unfreeze(SSL *s);
+int tls1_transcript_record(SSL *s, const unsigned char *buf, size_t len);
+
+int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len,
+ const void *seed1, size_t seed1_len, const void *seed2, size_t seed2_len,
+ const void *seed3, size_t seed3_len, const void *seed4, size_t seed4_len,
+ const void *seed5, size_t seed5_len, unsigned char *out, size_t out_len);
+
+void tls1_cleanup_key_block(SSL *s);
+int tls1_change_read_cipher_state(SSL *s);
+int tls1_change_write_cipher_state(SSL *s);
+int tls1_setup_key_block(SSL *s);
+int tls1_generate_key_block(SSL *s, uint8_t *key_block, size_t key_block_len);
+int ssl_ok(SSL *s);
+
+int tls12_derive_finished(SSL *s);
+int tls12_derive_peer_finished(SSL *s);
+int tls12_derive_master_secret(SSL *s, uint8_t *premaster_secret,
+ size_t premaster_secret_len);
+
+int ssl_using_ecc_cipher(SSL *s);
+int ssl_check_srvr_ecc_cert_and_alg(SSL *s, X509 *x);
+
+void tls1_get_formatlist(const SSL *s, int client_formats,
+ const uint8_t **pformats, size_t *pformatslen);
+void tls1_get_group_list(const SSL *s, int client_groups,
+ const uint16_t **pgroups, size_t *pgroupslen);
+
+int tls1_set_groups(uint16_t **out_group_ids, size_t *out_group_ids_len,
+ const int *groups, size_t ngroups);
+int tls1_set_group_list(uint16_t **out_group_ids, size_t *out_group_ids_len,
+ const char *groups);
+
+int tls1_ec_group_id2nid(uint16_t group_id, int *out_nid);
+int tls1_ec_group_id2bits(uint16_t group_id, int *out_bits);
+int tls1_ec_nid2group_id(int nid, uint16_t *out_group_id);
+int tls1_check_group(SSL *s, uint16_t group_id);
+int tls1_count_shared_groups(const SSL *ssl, size_t *out_count);
+int tls1_get_shared_group_by_index(const SSL *ssl, size_t index, int *out_nid);
+int tls1_get_supported_group(const SSL *s, int *out_nid);
+
+int ssl_check_clienthello_tlsext_early(SSL *s);
+int ssl_check_clienthello_tlsext_late(SSL *s);
+int ssl_check_serverhello_tlsext(SSL *s);
+
+#define TLS1_TICKET_FATAL_ERROR -1
+#define TLS1_TICKET_NONE 0
+#define TLS1_TICKET_EMPTY 1
+#define TLS1_TICKET_NOT_DECRYPTED 2
+#define TLS1_TICKET_DECRYPTED 3
+
+int tls1_process_ticket(SSL *s, CBS *ext_block, int *alert, SSL_SESSION **ret);
+
+int tls1_check_ec_server_key(SSL *s);
+
+/* s3_cbc.c */
+void ssl3_cbc_copy_mac(unsigned char *out, const SSL3_RECORD_INTERNAL *rec,
+ unsigned int md_size, unsigned int orig_len);
+int ssl3_cbc_remove_padding(SSL3_RECORD_INTERNAL *rec, unsigned int eiv_len,
+ unsigned int mac_size);
+char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
+int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char *md_out,
+ size_t *md_out_size, const unsigned char header[13],
+ const unsigned char *data, size_t data_plus_mac_size,
+ size_t data_plus_mac_plus_padding_size, const unsigned char *mac_secret,
+ unsigned int mac_secret_length);
+int SSL_state_func_code(int _state);
+
+#define SSLerror(s, r) SSL_error_internal(s, r, __FILE__, __LINE__)
+#define SSLerrorx(r) ERR_PUT_error(ERR_LIB_SSL,(0xfff),(r),__FILE__,__LINE__)
+void SSL_error_internal(const SSL *s, int r, char *f, int l);
+
+#ifndef OPENSSL_NO_SRTP
+
+int srtp_find_profile_by_name(const char *profile_name,
+ const SRTP_PROTECTION_PROFILE **pptr, unsigned int len);
+int srtp_find_profile_by_num(unsigned int profile_num,
+ const SRTP_PROTECTION_PROFILE **pptr);
+
+#endif /* OPENSSL_NO_SRTP */
+
+int tls_process_peer_certs(SSL *s, STACK_OF(X509) *peer_certs);
+
+__END_HIDDEN_DECLS
+
+#endif
+++ /dev/null
-/* $OpenBSD: ssl_locl.h,v 1.432 2022/11/11 17:15:26 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifndef HEADER_SSL_LOCL_H
-#define HEADER_SSL_LOCL_H
-
-#include <sys/types.h>
-
-#include <errno.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <unistd.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bio.h>
-#include <openssl/buffer.h>
-#include <openssl/dsa.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-#include <openssl/ssl.h>
-#include <openssl/stack.h>
-
-#include "bytestring.h"
-#include "tls_content.h"
-#include "tls13_internal.h"
-
-__BEGIN_HIDDEN_DECLS
-
-#define CTASSERT(x) extern char _ctassert[(x) ? 1 : -1 ] \
- __attribute__((__unused__))
-
-#ifndef LIBRESSL_HAS_DTLS1_2
-#define LIBRESSL_HAS_DTLS1_2
-#endif
-
-#ifndef LIBRESSL_HAS_TLS1_3_CLIENT
-#define LIBRESSL_HAS_TLS1_3_CLIENT
-#endif
-
-#ifndef LIBRESSL_HAS_TLS1_3_SERVER
-#define LIBRESSL_HAS_TLS1_3_SERVER
-#endif
-
-#if defined(LIBRESSL_HAS_TLS1_3_CLIENT) || defined(LIBRESSL_HAS_TLS1_3_SERVER)
-#define LIBRESSL_HAS_TLS1_3
-#endif
-
-/* LOCAL STUFF */
-
-#define SSL_DECRYPT 0
-#define SSL_ENCRYPT 1
-
-/*
- * Define the Bitmasks for SSL_CIPHER.algorithms.
- * This bits are used packed as dense as possible. If new methods/ciphers
- * etc will be added, the bits a likely to change, so this information
- * is for internal library use only, even though SSL_CIPHER.algorithms
- * can be publicly accessed.
- * Use the according functions for cipher management instead.
- *
- * The bit mask handling in the selection and sorting scheme in
- * ssl_create_cipher_list() has only limited capabilities, reflecting
- * that the different entities within are mutually exclusive:
- * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
- */
-
-/* Bits for algorithm_mkey (key exchange algorithm) */
-#define SSL_kRSA 0x00000001L /* RSA key exchange */
-#define SSL_kDHE 0x00000008L /* tmp DH key no DH cert */
-#define SSL_kECDHE 0x00000080L /* ephemeral ECDH */
-#define SSL_kGOST 0x00000200L /* GOST key exchange */
-#define SSL_kTLS1_3 0x00000400L /* TLSv1.3 key exchange */
-
-/* Bits for algorithm_auth (server authentication) */
-#define SSL_aRSA 0x00000001L /* RSA auth */
-#define SSL_aDSS 0x00000002L /* DSS auth */
-#define SSL_aNULL 0x00000004L /* no auth (i.e. use ADH or AECDH) */
-#define SSL_aECDSA 0x00000040L /* ECDSA auth*/
-#define SSL_aGOST01 0x00000200L /* GOST R 34.10-2001 signature auth */
-#define SSL_aTLS1_3 0x00000400L /* TLSv1.3 authentication */
-
-/* Bits for algorithm_enc (symmetric encryption) */
-#define SSL_DES 0x00000001L
-#define SSL_3DES 0x00000002L
-#define SSL_RC4 0x00000004L
-#define SSL_IDEA 0x00000008L
-#define SSL_eNULL 0x00000010L
-#define SSL_AES128 0x00000020L
-#define SSL_AES256 0x00000040L
-#define SSL_CAMELLIA128 0x00000080L
-#define SSL_CAMELLIA256 0x00000100L
-#define SSL_eGOST2814789CNT 0x00000200L
-#define SSL_AES128GCM 0x00000400L
-#define SSL_AES256GCM 0x00000800L
-#define SSL_CHACHA20POLY1305 0x00001000L
-
-#define SSL_AES (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
-#define SSL_CAMELLIA (SSL_CAMELLIA128|SSL_CAMELLIA256)
-
-
-/* Bits for algorithm_mac (symmetric authentication) */
-
-#define SSL_MD5 0x00000001L
-#define SSL_SHA1 0x00000002L
-#define SSL_GOST94 0x00000004L
-#define SSL_GOST89MAC 0x00000008L
-#define SSL_SHA256 0x00000010L
-#define SSL_SHA384 0x00000020L
-/* Not a real MAC, just an indication it is part of cipher */
-#define SSL_AEAD 0x00000040L
-#define SSL_STREEBOG256 0x00000080L
-
-/* Bits for algorithm_ssl (protocol version) */
-#define SSL_SSLV3 0x00000002L
-#define SSL_TLSV1 SSL_SSLV3 /* for now */
-#define SSL_TLSV1_2 0x00000004L
-#define SSL_TLSV1_3 0x00000008L
-
-
-/* Bits for algorithm2 (handshake digests and other extra flags) */
-
-#define SSL_HANDSHAKE_MAC_MASK 0xff0
-#define SSL_HANDSHAKE_MAC_MD5 0x010
-#define SSL_HANDSHAKE_MAC_SHA 0x020
-#define SSL_HANDSHAKE_MAC_GOST94 0x040
-#define SSL_HANDSHAKE_MAC_SHA256 0x080
-#define SSL_HANDSHAKE_MAC_SHA384 0x100
-#define SSL_HANDSHAKE_MAC_STREEBOG256 0x200
-#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
-
-#define SSL3_CK_ID 0x03000000
-#define SSL3_CK_VALUE_MASK 0x0000ffff
-
-#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
-
-#define TLS1_PRF_DGST_SHIFT 10
-#define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_STREEBOG256 (SSL_HANDSHAKE_MAC_STREEBOG256 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
-
-/*
- * Stream MAC for GOST ciphersuites from cryptopro draft
- * (currently this also goes into algorithm2).
- */
-#define TLS1_STREAM_MAC 0x04
-
-/*
- * SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD is an algorithm2 flag that
- * indicates that the variable part of the nonce is included as a prefix of
- * the record (AES-GCM, for example, does this with an 8-byte variable nonce.)
- */
-#define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD (1 << 22)
-
-/*
- * SSL_CIPHER_AEAD_FIXED_NONCE_LEN returns the number of bytes of fixed nonce
- * for an SSL_CIPHER with an algorithm_mac of SSL_AEAD.
- */
-#define SSL_CIPHER_AEAD_FIXED_NONCE_LEN(ssl_cipher) \
- (((ssl_cipher->algorithm2 >> 24) & 0xf) * 2)
-
-/*
- * Cipher strength information.
- */
-#define SSL_STRONG_MASK 0x000001fcL
-#define SSL_STRONG_NONE 0x00000004L
-#define SSL_LOW 0x00000020L
-#define SSL_MEDIUM 0x00000040L
-#define SSL_HIGH 0x00000080L
-
-/*
- * The keylength (measured in RSA key bits, I guess) for temporary keys.
- * Cipher argument is so that this can be variable in the future.
- */
-#define SSL_C_PKEYLENGTH(c) 1024
-
-/* See if we use signature algorithms extension. */
-#define SSL_USE_SIGALGS(s) \
- (s->method->enc_flags & SSL_ENC_FLAG_SIGALGS)
-
-/* See if we use SHA256 default PRF. */
-#define SSL_USE_SHA256_PRF(s) \
- (s->method->enc_flags & SSL_ENC_FLAG_SHA256_PRF)
-
-/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
-#define SSL_USE_TLS1_2_CIPHERS(s) \
- (s->method->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
-
-/* Allow TLS 1.3 ciphersuites only. */
-#define SSL_USE_TLS1_3_CIPHERS(s) \
- (s->method->enc_flags & SSL_ENC_FLAG_TLS1_3_CIPHERS)
-
-#define SSL_PKEY_RSA 0
-#define SSL_PKEY_ECC 1
-#define SSL_PKEY_GOST01 2
-#define SSL_PKEY_NUM 3
-
-#define SSL_MAX_EMPTY_RECORDS 32
-
-/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
- * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
- * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
- * SSL_kDHE <- RSA_ENC | RSA_SIGN | DSA_SIGN
- * SSL_aRSA <- RSA_ENC | RSA_SIGN
- * SSL_aDSS <- DSA_SIGN
- */
-
-/* From ECC-TLS draft, used in encoding the curve type in
- * ECParameters
- */
-#define EXPLICIT_PRIME_CURVE_TYPE 1
-#define EXPLICIT_CHAR2_CURVE_TYPE 2
-#define NAMED_CURVE_TYPE 3
-
-typedef struct ssl_cert_pkey_st {
- X509 *x509;
- EVP_PKEY *privatekey;
- STACK_OF(X509) *chain;
-} SSL_CERT_PKEY;
-
-typedef struct ssl_cert_st {
- /* Current active set */
- /* ALWAYS points to an element of the pkeys array
- * Probably it would make more sense to store
- * an index, not a pointer. */
- SSL_CERT_PKEY *key;
-
- SSL_CERT_PKEY pkeys[SSL_PKEY_NUM];
-
- /* The following masks are for the key and auth
- * algorithms that are supported by the certs below */
- int valid;
- unsigned long mask_k;
- unsigned long mask_a;
-
- DH *dhe_params;
- DH *(*dhe_params_cb)(SSL *ssl, int is_export, int keysize);
- int dhe_params_auto;
-
- int (*security_cb)(const SSL *s, const SSL_CTX *ctx, int op, int bits,
- int nid, void *other, void *ex_data); /* Not exposed in API. */
- int security_level;
- void *security_ex_data; /* Not exposed in API. */
-
- int references; /* >1 only if SSL_copy_session_id is used */
-} SSL_CERT;
-
-struct ssl_comp_st {
- int id;
- const char *name;
-};
-
-struct ssl_cipher_st {
- int valid;
- const char *name; /* text name */
- unsigned long id; /* id, 4 bytes, first is version */
-
- unsigned long algorithm_mkey; /* key exchange algorithm */
- unsigned long algorithm_auth; /* server authentication */
- unsigned long algorithm_enc; /* symmetric encryption */
- unsigned long algorithm_mac; /* symmetric authentication */
- unsigned long algorithm_ssl; /* (major) protocol version */
-
- unsigned long algo_strength; /* strength and export flags */
- unsigned long algorithm2; /* Extra flags */
- int strength_bits; /* Number of bits really used */
- int alg_bits; /* Number of bits for algorithm */
-};
-
-struct ssl_method_st {
- int dtls;
- int server;
- int version;
-
- uint16_t min_tls_version;
- uint16_t max_tls_version;
-
- int (*ssl_new)(SSL *s);
- void (*ssl_clear)(SSL *s);
- void (*ssl_free)(SSL *s);
-
- int (*ssl_accept)(SSL *s);
- int (*ssl_connect)(SSL *s);
- int (*ssl_shutdown)(SSL *s);
-
- int (*ssl_renegotiate)(SSL *s);
- int (*ssl_renegotiate_check)(SSL *s);
-
- int (*ssl_pending)(const SSL *s);
- int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf, int len,
- int peek);
- int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
-
- const SSL_CIPHER *(*get_cipher)(unsigned int ncipher);
-
- unsigned int enc_flags; /* SSL_ENC_FLAG_* */
-};
-
-/*
- * Let's make this into an ASN.1 type structure as follows
- * SSL_SESSION_ID ::= SEQUENCE {
- * version INTEGER, -- structure version number
- * SSLversion INTEGER, -- SSL version number
- * Cipher OCTET STRING, -- the 2 byte cipher ID
- * Session_ID OCTET STRING, -- the Session ID
- * Master_key OCTET STRING, -- the master key
- * KRB5_principal OCTET STRING -- optional Kerberos principal
- * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
- * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
- * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
- * Session_ID_context [ 4 ] EXPLICIT OCTET STRING, -- the Session ID context
- * Verify_result [ 5 ] EXPLICIT INTEGER, -- X509_V_... code for `Peer'
- * HostName [ 6 ] EXPLICIT OCTET STRING, -- optional HostName from servername TLS extension
- * PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
- * PSK_identity [ 8 ] EXPLICIT OCTET STRING, -- optional PSK identity
- * Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
- * Ticket [10] EXPLICIT OCTET STRING, -- session ticket (clients only)
- * Compression_meth [11] EXPLICIT OCTET STRING, -- optional compression method
- * SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
- * }
- * Look in ssl/ssl_asn1.c for more details
- * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
- */
-struct ssl_session_st {
- int ssl_version; /* what ssl version session info is
- * being kept in here? */
-
- size_t master_key_length;
- unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
-
- /* session_id - valid? */
- size_t session_id_length;
- unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
-
- /* this is used to determine whether the session is being reused in
- * the appropriate context. It is up to the application to set this,
- * via SSL_new */
- size_t sid_ctx_length;
- unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-
- /* Peer provided leaf (end-entity) certificate. */
- X509 *peer_cert;
- int peer_cert_type;
-
- /* when app_verify_callback accepts a session where the peer's certificate
- * is not ok, we must remember the error for session reuse: */
- long verify_result; /* only for servers */
-
- long timeout;
- time_t time;
- int references;
-
- const SSL_CIPHER *cipher;
- unsigned long cipher_id; /* when ASN.1 loaded, this
- * needs to be used to load
- * the 'cipher' structure */
-
- STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
-
- char *tlsext_hostname;
-
- /* Session resumption - RFC 5077 and RFC 8446. */
- unsigned char *tlsext_tick; /* Session ticket */
- size_t tlsext_ticklen; /* Session ticket length */
- uint32_t tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
- uint32_t tlsext_tick_age_add; /* TLSv1.3 ticket age obfuscation (in ms) */
- struct tls13_secret resumption_master_secret;
-
- CRYPTO_EX_DATA ex_data; /* application specific data */
-
- /* These are used to make removal of session-ids more
- * efficient and to implement a maximum cache size. */
- struct ssl_session_st *prev, *next;
-
- /* Used to indicate that session resumption is not allowed.
- * Applications can also set this bit for a new session via
- * not_resumable_session_cb to disable session caching and tickets. */
- int not_resumable;
-
- size_t tlsext_ecpointformatlist_length;
- uint8_t *tlsext_ecpointformatlist; /* peer's list */
- size_t tlsext_supportedgroups_length;
- uint16_t *tlsext_supportedgroups; /* peer's list */
-};
-
-struct ssl_sigalg;
-
-typedef struct ssl_handshake_tls12_st {
- /* Used when SSL_ST_FLUSH_DATA is entered. */
- int next_state;
-
- /* Handshake message type and size. */
- int message_type;
- unsigned long message_size;
-
- /* Reuse current handshake message. */
- int reuse_message;
-
- /* Client certificate requests. */
- int cert_request;
- STACK_OF(X509_NAME) *ca_names;
-
- /* Record-layer key block for TLS 1.2 and earlier. */
- struct tls12_key_block *key_block;
-
- /* Transcript hash prior to sending certificate verify message. */
- uint8_t cert_verify[EVP_MAX_MD_SIZE];
-} SSL_HANDSHAKE_TLS12;
-
-typedef struct ssl_handshake_tls13_st {
- int use_legacy;
- int hrr;
-
- /* Client indicates psk_dhe_ke support in PskKeyExchangeMode. */
- int use_psk_dhe_ke;
-
- /* Certificate selected for use (static pointer). */
- const SSL_CERT_PKEY *cpk;
-
- /* Version proposed by peer server. */
- uint16_t server_version;
-
- uint16_t server_group;
- struct tls13_secrets *secrets;
-
- uint8_t *cookie;
- size_t cookie_len;
-
- /* Preserved transcript hash. */
- uint8_t transcript_hash[EVP_MAX_MD_SIZE];
- size_t transcript_hash_len;
-
- /* Legacy session ID. */
- uint8_t legacy_session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
- size_t legacy_session_id_len;
-
- /* ClientHello hash, used to validate following HelloRetryRequest */
- EVP_MD_CTX *clienthello_md_ctx;
- unsigned char *clienthello_hash;
- unsigned int clienthello_hash_len;
-
- /* QUIC read buffer and read/write encryption levels. */
- struct tls_buffer *quic_read_buffer;
- enum ssl_encryption_level_t quic_read_level;
- enum ssl_encryption_level_t quic_write_level;
-} SSL_HANDSHAKE_TLS13;
-
-typedef struct ssl_handshake_st {
- /*
- * Minimum and maximum versions supported for this handshake. These are
- * initialised at the start of a handshake based on the method in use
- * and the current protocol version configuration.
- */
- uint16_t our_min_tls_version;
- uint16_t our_max_tls_version;
-
- /*
- * Version negotiated for this session. For a client this is set once
- * the server selected version is parsed from the ServerHello (either
- * from the legacy version or supported versions extension). For a
- * server this is set once we select the version we will use with the
- * client.
- */
- uint16_t negotiated_tls_version;
-
- /*
- * Legacy version advertised by our peer. For a server this is the
- * version specified by the client in the ClientHello message. For a
- * client, this is the version provided in the ServerHello message.
- */
- uint16_t peer_legacy_version;
-
- /*
- * Current handshake state - contains one of the SSL3_ST_* values and
- * is used by the TLSv1.2 state machine, as well as being updated by
- * the TLSv1.3 stack due to it being exposed externally.
- */
- int state;
-
- /* Cipher being negotiated in this handshake. */
- const SSL_CIPHER *cipher;
-
- /* Extensions seen in this handshake. */
- uint32_t extensions_seen;
-
- /* Signature algorithms selected for use (static pointers). */
- const struct ssl_sigalg *our_sigalg;
- const struct ssl_sigalg *peer_sigalg;
-
- /* sigalgs offered in this handshake in wire form */
- uint8_t *sigalgs;
- size_t sigalgs_len;
-
- /* Key share for ephemeral key exchange. */
- struct tls_key_share *key_share;
-
- /*
- * Copies of the verify data sent in our finished message and the
- * verify data received in the finished message sent by our peer.
- */
- uint8_t finished[EVP_MAX_MD_SIZE];
- size_t finished_len;
- uint8_t peer_finished[EVP_MAX_MD_SIZE];
- size_t peer_finished_len;
-
- /* List of certificates received from our peer. */
- STACK_OF(X509) *peer_certs;
- STACK_OF(X509) *peer_certs_no_leaf;
-
- SSL_HANDSHAKE_TLS12 tls12;
- SSL_HANDSHAKE_TLS13 tls13;
-} SSL_HANDSHAKE;
-
-typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
-
-/* TLS Session Ticket extension struct. */
-struct tls_session_ticket_ext_st {
- unsigned short length;
- void *data;
-};
-
-struct tls12_key_block;
-
-struct tls12_key_block *tls12_key_block_new(void);
-void tls12_key_block_free(struct tls12_key_block *kb);
-void tls12_key_block_client_write(struct tls12_key_block *kb, CBS *mac_key,
- CBS *key, CBS *iv);
-void tls12_key_block_server_write(struct tls12_key_block *kb, CBS *mac_key,
- CBS *key, CBS *iv);
-int tls12_key_block_generate(struct tls12_key_block *kb, SSL *s,
- const EVP_AEAD *aead, const EVP_CIPHER *cipher, const EVP_MD *mac_hash);
-
-struct tls12_record_layer;
-
-struct tls12_record_layer *tls12_record_layer_new(void);
-void tls12_record_layer_free(struct tls12_record_layer *rl);
-void tls12_record_layer_alert(struct tls12_record_layer *rl,
- uint8_t *alert_desc);
-int tls12_record_layer_write_overhead(struct tls12_record_layer *rl,
- size_t *overhead);
-int tls12_record_layer_read_protected(struct tls12_record_layer *rl);
-int tls12_record_layer_write_protected(struct tls12_record_layer *rl);
-void tls12_record_layer_set_aead(struct tls12_record_layer *rl,
- const EVP_AEAD *aead);
-void tls12_record_layer_set_cipher_hash(struct tls12_record_layer *rl,
- const EVP_CIPHER *cipher, const EVP_MD *handshake_hash,
- const EVP_MD *mac_hash);
-void tls12_record_layer_set_version(struct tls12_record_layer *rl,
- uint16_t version);
-void tls12_record_layer_set_initial_epoch(struct tls12_record_layer *rl,
- uint16_t epoch);
-uint16_t tls12_record_layer_read_epoch(struct tls12_record_layer *rl);
-uint16_t tls12_record_layer_write_epoch(struct tls12_record_layer *rl);
-int tls12_record_layer_use_write_epoch(struct tls12_record_layer *rl,
- uint16_t epoch);
-void tls12_record_layer_write_epoch_done(struct tls12_record_layer *rl,
- uint16_t epoch);
-void tls12_record_layer_clear_read_state(struct tls12_record_layer *rl);
-void tls12_record_layer_clear_write_state(struct tls12_record_layer *rl);
-void tls12_record_layer_reflect_seq_num(struct tls12_record_layer *rl);
-int tls12_record_layer_change_read_cipher_state(struct tls12_record_layer *rl,
- CBS *mac_key, CBS *key, CBS *iv);
-int tls12_record_layer_change_write_cipher_state(struct tls12_record_layer *rl,
- CBS *mac_key, CBS *key, CBS *iv);
-int tls12_record_layer_open_record(struct tls12_record_layer *rl,
- uint8_t *buf, size_t buf_len, struct tls_content *out);
-int tls12_record_layer_seal_record(struct tls12_record_layer *rl,
- uint8_t content_type, const uint8_t *content, size_t content_len,
- CBB *out);
-
-typedef void (ssl_info_callback_fn)(const SSL *s, int type, int val);
-typedef void (ssl_msg_callback_fn)(int is_write, int version, int content_type,
- const void *buf, size_t len, SSL *ssl, void *arg);
-
-struct ssl_ctx_st {
- const SSL_METHOD *method;
- const SSL_QUIC_METHOD *quic_method;
-
- STACK_OF(SSL_CIPHER) *cipher_list;
-
- struct x509_store_st /* X509_STORE */ *cert_store;
-
- /* If timeout is not 0, it is the default timeout value set
- * when SSL_new() is called. This has been put in to make
- * life easier to set things up */
- long session_timeout;
-
- int references;
-
- /* Default values to use in SSL structures follow (these are copied by SSL_new) */
-
- STACK_OF(X509) *extra_certs;
-
- int verify_mode;
- size_t sid_ctx_length;
- unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-
- X509_VERIFY_PARAM *param;
-
- /*
- * XXX
- * default_passwd_cb used by python and openvpn, need to keep it until we
- * add an accessor
- */
- /* Default password callback. */
- pem_password_cb *default_passwd_callback;
-
- /* Default password callback user data. */
- void *default_passwd_callback_userdata;
-
- uint16_t min_tls_version;
- uint16_t max_tls_version;
-
- /*
- * These may be zero to imply minimum or maximum version supported by
- * the method.
- */
- uint16_t min_proto_version;
- uint16_t max_proto_version;
-
- unsigned long options;
- unsigned long mode;
-
- /* If this callback is not null, it will be called each
- * time a session id is added to the cache. If this function
- * returns 1, it means that the callback will do a
- * SSL_SESSION_free() when it has finished using it. Otherwise,
- * on 0, it means the callback has finished with it.
- * If remove_session_cb is not null, it will be called when
- * a session-id is removed from the cache. After the call,
- * OpenSSL will SSL_SESSION_free() it. */
- int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
- void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
- SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
- const unsigned char *data, int len, int *copy);
-
- /* if defined, these override the X509_verify_cert() calls */
- int (*app_verify_callback)(X509_STORE_CTX *, void *);
- void *app_verify_arg;
-
- /* get client cert callback */
- int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
-
- /* cookie generate callback */
- int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
- unsigned int *cookie_len);
-
- /* verify cookie callback */
- int (*app_verify_cookie_cb)(SSL *ssl, const unsigned char *cookie,
- unsigned int cookie_len);
-
- ssl_info_callback_fn *info_callback;
-
- /* callback that allows applications to peek at protocol messages */
- ssl_msg_callback_fn *msg_callback;
- void *msg_callback_arg;
-
- int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
-
- /* Default generate session ID callback. */
- GEN_SESSION_CB generate_session_id;
-
- /* TLS extensions servername callback */
- int (*tlsext_servername_callback)(SSL*, int *, void *);
- void *tlsext_servername_arg;
-
- /* Callback to support customisation of ticket key setting */
- int (*tlsext_ticket_key_cb)(SSL *ssl, unsigned char *name,
- unsigned char *iv, EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc);
-
- /* certificate status request info */
- /* Callback for status request */
- int (*tlsext_status_cb)(SSL *ssl, void *arg);
- void *tlsext_status_arg;
-
- struct lhash_st_SSL_SESSION *sessions;
-
- /* Most session-ids that will be cached, default is
- * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
- unsigned long session_cache_size;
- struct ssl_session_st *session_cache_head;
- struct ssl_session_st *session_cache_tail;
-
- /* This can have one of 2 values, ored together,
- * SSL_SESS_CACHE_CLIENT,
- * SSL_SESS_CACHE_SERVER,
- * Default is SSL_SESSION_CACHE_SERVER, which means only
- * SSL_accept which cache SSL_SESSIONS. */
- int session_cache_mode;
-
- struct {
- int sess_connect; /* SSL new conn - started */
- int sess_connect_renegotiate;/* SSL reneg - requested */
- int sess_connect_good; /* SSL new conne/reneg - finished */
- int sess_accept; /* SSL new accept - started */
- int sess_accept_renegotiate;/* SSL reneg - requested */
- int sess_accept_good; /* SSL accept/reneg - finished */
- int sess_miss; /* session lookup misses */
- int sess_timeout; /* reuse attempt on timeouted session */
- int sess_cache_full; /* session removed due to full cache */
- int sess_hit; /* session reuse actually done */
- int sess_cb_hit; /* session-id that was not
- * in the cache was
- * passed back via the callback. This
- * indicates that the application is
- * supplying session-id's from other
- * processes - spooky :-) */
- } stats;
-
- CRYPTO_EX_DATA ex_data;
-
- STACK_OF(SSL_CIPHER) *cipher_list_tls13;
-
- SSL_CERT *cert;
-
- /* Default values used when no per-SSL value is defined follow */
-
- /* what we put in client cert requests */
- STACK_OF(X509_NAME) *client_CA;
-
- long max_cert_list;
-
- int read_ahead;
-
- int quiet_shutdown;
-
- /* Maximum amount of data to send in one fragment.
- * actual record size can be more than this due to
- * padding and MAC overheads.
- */
- unsigned int max_send_fragment;
-
-#ifndef OPENSSL_NO_ENGINE
- /* Engine to pass requests for client certs to
- */
- ENGINE *client_cert_engine;
-#endif
-
- /* RFC 4507 session ticket keys */
- unsigned char tlsext_tick_key_name[16];
- unsigned char tlsext_tick_hmac_key[16];
- unsigned char tlsext_tick_aes_key[16];
-
- /* SRTP profiles we are willing to do from RFC 5764 */
- STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
-
- /*
- * ALPN information.
- */
-
- /*
- * Server callback function that allows the server to select the
- * protocol for the connection.
- * out: on successful return, this must point to the raw protocol
- * name (without the length prefix).
- * outlen: on successful return, this contains the length of out.
- * in: points to the client's list of supported protocols in
- * wire-format.
- * inlen: the length of in.
- */
- int (*alpn_select_cb)(SSL *s, const unsigned char **out,
- unsigned char *outlen, const unsigned char *in, unsigned int inlen,
- void *arg);
- void *alpn_select_cb_arg;
-
- /* Client list of supported protocols in wire format. */
- uint8_t *alpn_client_proto_list;
- size_t alpn_client_proto_list_len;
-
- size_t tlsext_ecpointformatlist_length;
- uint8_t *tlsext_ecpointformatlist; /* our list */
- size_t tlsext_supportedgroups_length;
- uint16_t *tlsext_supportedgroups; /* our list */
- SSL_CTX_keylog_cb_func keylog_callback; /* Unused. For OpenSSL compatibility. */
- size_t num_tickets; /* Unused, for OpenSSL compatibility */
-};
-
-struct ssl_st {
- /* protocol version
- * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION)
- */
- int version;
-
- const SSL_METHOD *method;
- const SSL_QUIC_METHOD *quic_method;
-
- /* There are 2 BIO's even though they are normally both the
- * same. This is so data can be read and written to different
- * handlers */
-
- BIO *rbio; /* used by SSL_read */
- BIO *wbio; /* used by SSL_write */
- BIO *bbio; /* used during session-id reuse to concatenate
- * messages */
- int server; /* are we the server side? - mostly used by SSL_clear*/
-
- struct ssl3_state_st *s3; /* SSLv3 variables */
- struct dtls1_state_st *d1; /* DTLSv1 variables */
-
- X509_VERIFY_PARAM *param;
-
- /* crypto */
- STACK_OF(SSL_CIPHER) *cipher_list;
-
- /* This is used to hold the server certificate used */
- SSL_CERT *cert;
-
- /* the session_id_context is used to ensure sessions are only reused
- * in the appropriate context */
- size_t sid_ctx_length;
- unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-
- /* This can also be in the session once a session is established */
- SSL_SESSION *session;
-
- /* Used in SSL2 and SSL3 */
- int verify_mode; /* 0 don't care about verify failure.
- * 1 fail if verify fails */
- int error; /* error bytes to be written */
- int error_code; /* actual code */
-
- SSL_CTX *ctx;
-
- long verify_result;
-
- int references;
-
- int client_version; /* what was passed, used for
- * SSLv3/TLS rollback check */
-
- unsigned int max_send_fragment;
-
- char *tlsext_hostname;
-
- /* certificate status request info */
- /* Status type or -1 if no status type */
- int tlsext_status_type;
-
- SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
-#define session_ctx initial_ctx
-
- struct tls13_ctx *tls13;
-
- uint16_t min_tls_version;
- uint16_t max_tls_version;
-
- /*
- * These may be zero to imply minimum or maximum version supported by
- * the method.
- */
- uint16_t min_proto_version;
- uint16_t max_proto_version;
-
- unsigned long options; /* protocol behaviour */
- unsigned long mode; /* API behaviour */
-
- /* Client list of supported protocols in wire format. */
- uint8_t *alpn_client_proto_list;
- size_t alpn_client_proto_list_len;
-
- /* QUIC transport params we will send */
- uint8_t *quic_transport_params;
- size_t quic_transport_params_len;
-
- /* XXX Callbacks */
-
- /* true when we are actually in SSL_accept() or SSL_connect() */
- int in_handshake;
- int (*handshake_func)(SSL *);
-
- ssl_info_callback_fn *info_callback;
-
- /* callback that allows applications to peek at protocol messages */
- ssl_msg_callback_fn *msg_callback;
- void *msg_callback_arg;
-
- int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
-
- /* Default generate session ID callback. */
- GEN_SESSION_CB generate_session_id;
-
- /* TLS extension debug callback */
- void (*tlsext_debug_cb)(SSL *s, int client_server, int type,
- unsigned char *data, int len, void *arg);
- void *tlsext_debug_arg;
-
- /* TLS Session Ticket extension callback */
- tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
- void *tls_session_ticket_ext_cb_arg;
-
- /* TLS pre-shared secret session resumption */
- tls_session_secret_cb_fn tls_session_secret_cb;
- void *tls_session_secret_cb_arg;
-
- /* XXX non-callback */
-
- /* This holds a variable that indicates what we were doing
- * when a 0 or -1 is returned. This is needed for
- * non-blocking IO so we know what request needs re-doing when
- * in SSL_accept or SSL_connect */
- int rwstate;
-
- /* Imagine that here's a boolean member "init" that is
- * switched as soon as SSL_set_{accept/connect}_state
- * is called for the first time, so that "state" and
- * "handshake_func" are properly initialized. But as
- * handshake_func is == 0 until then, we use this
- * test instead of an "init" member.
- */
-
- int new_session;/* Generate a new session or reuse an old one.
- * NB: For servers, the 'new' session may actually be a previously
- * cached session or even the previous session unless
- * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
- int quiet_shutdown;/* don't send shutdown packets */
- int shutdown; /* we have shut things down, 0x01 sent, 0x02
- * for received */
- BUF_MEM *init_buf; /* buffer used during init */
- void *init_msg; /* pointer to handshake message body, set by ssl3_get_message() */
- int init_num; /* amount read/written */
- int init_off; /* amount read/written */
-
- /* used internally to point at a raw packet */
- unsigned char *packet;
- unsigned int packet_length;
-
- int read_ahead; /* Read as many input bytes as possible
- * (for non-blocking reads) */
-
- int hit; /* reusing a previous session */
-
- STACK_OF(SSL_CIPHER) *cipher_list_tls13;
-
- struct tls12_record_layer *rl;
-
- /* session info */
-
- /* extra application data */
- CRYPTO_EX_DATA ex_data;
-
- /* client cert? */
- /* for server side, keep the list of CA_dn we can use */
- STACK_OF(X509_NAME) *client_CA;
-
- /* set this flag to 1 and a sleep(1) is put into all SSL_read()
- * and SSL_write() calls, good for nbio debuging :-) */
- int debug;
- long max_cert_list;
- int first_packet;
-
- /* Expect OCSP CertificateStatus message */
- int tlsext_status_expected;
- /* OCSP status request only */
- STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids;
- X509_EXTENSIONS *tlsext_ocsp_exts;
-
- /* OCSP response received or to be sent */
- unsigned char *tlsext_ocsp_resp;
- size_t tlsext_ocsp_resp_len;
-
- /* RFC4507 session ticket expected to be received or sent */
- int tlsext_ticket_expected;
-
- size_t tlsext_ecpointformatlist_length;
- uint8_t *tlsext_ecpointformatlist; /* our list */
- size_t tlsext_supportedgroups_length;
- uint16_t *tlsext_supportedgroups; /* our list */
-
- /* TLS Session Ticket extension override */
- TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
-
- STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What we'll do */
- const SRTP_PROTECTION_PROFILE *srtp_profile; /* What's been chosen */
-
- int renegotiate;/* 1 if we are renegotiating.
- * 2 if we are a server and are inside a handshake
- * (i.e. not just sending a HelloRequest) */
-
- int rstate; /* where we are when reading */
-
- int mac_packet;
-
- int empty_record_count;
-
- size_t num_tickets; /* Unused, for OpenSSL compatibility */
- STACK_OF(X509) *verified_chain;
-};
-
-typedef struct ssl3_record_internal_st {
- int type; /* type of record */
- unsigned int length; /* How many bytes available */
- unsigned int padding_length; /* Number of padding bytes. */
- unsigned int off; /* read/write offset into 'buf' */
- unsigned char *data; /* pointer to the record data */
- unsigned char *input; /* where the decode bytes are */
- uint16_t epoch; /* epoch number, needed by DTLS1 */
- unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
-} SSL3_RECORD_INTERNAL;
-
-typedef struct ssl3_buffer_internal_st {
- unsigned char *buf; /* at least SSL3_RT_MAX_PACKET_SIZE bytes,
- * see ssl3_setup_buffers() */
- size_t len; /* buffer size */
- int offset; /* where to 'copy from' */
- int left; /* how many bytes left */
-} SSL3_BUFFER_INTERNAL;
-
-typedef struct ssl3_state_st {
- long flags;
-
- unsigned char server_random[SSL3_RANDOM_SIZE];
- unsigned char client_random[SSL3_RANDOM_SIZE];
-
- SSL3_BUFFER_INTERNAL rbuf; /* read IO goes into here */
- SSL3_BUFFER_INTERNAL wbuf; /* write IO goes into here */
-
- SSL3_RECORD_INTERNAL rrec; /* each decoded record goes in here */
-
- struct tls_content *rcontent; /* Content from opened TLS records. */
-
- /* we allow one fatal and one warning alert to be outstanding,
- * send close alert via the warning alert */
- int alert_dispatch;
- unsigned char send_alert[2];
-
- /* flags for countermeasure against known-IV weakness */
- int need_empty_fragments;
- int empty_fragment_done;
-
- /* Unprocessed Alert/Handshake protocol data. */
- struct tls_buffer *alert_fragment;
- struct tls_buffer *handshake_fragment;
-
- /* partial write - check the numbers match */
- unsigned int wnum; /* number of bytes sent so far */
- int wpend_tot; /* number bytes written */
- int wpend_type;
- int wpend_ret; /* number of bytes submitted */
- const unsigned char *wpend_buf;
-
- /* Transcript of handshake messages that have been sent and received. */
- struct tls_buffer *handshake_transcript;
-
- /* Rolling hash of handshake messages. */
- EVP_MD_CTX *handshake_hash;
-
- /* this is set whenerver we see a change_cipher_spec message
- * come in when we are not looking for one */
- int change_cipher_spec;
-
- int warn_alert;
- int fatal_alert;
-
- /* This flag is set when we should renegotiate ASAP, basically when
- * there is no more data in the read or write buffers */
- int renegotiate;
- int total_renegotiations;
- int num_renegotiations;
-
- int in_read_app_data;
-
- SSL_HANDSHAKE hs;
-
- /* Connection binding to prevent renegotiation attacks */
- unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
- unsigned char previous_client_finished_len;
- unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
- unsigned char previous_server_finished_len;
- int send_connection_binding; /* TODOEKR */
-
- /* Set if we saw a Renegotiation Indication extension from our peer. */
- int renegotiate_seen;
-
- /*
- * ALPN information.
- *
- * In a server these point to the selected ALPN protocol after the
- * ClientHello has been processed. In a client these contain the
- * protocol that the server selected once the ServerHello has been
- * processed.
- */
- uint8_t *alpn_selected;
- size_t alpn_selected_len;
-
- /* Contains the QUIC transport params received from our peer. */
- uint8_t *peer_quic_transport_params;
- size_t peer_quic_transport_params_len;
-} SSL3_STATE;
-
-/*
- * Flag values for enc_flags.
- */
-
-/* Uses signature algorithms extension. */
-#define SSL_ENC_FLAG_SIGALGS (1 << 1)
-
-/* Uses SHA256 default PRF. */
-#define SSL_ENC_FLAG_SHA256_PRF (1 << 2)
-
-/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
-#define SSL_ENC_FLAG_TLS1_2_CIPHERS (1 << 4)
-
-/* Allow TLS 1.3 ciphersuites only. */
-#define SSL_ENC_FLAG_TLS1_3_CIPHERS (1 << 5)
-
-#define TLSV1_ENC_FLAGS 0
-#define TLSV1_1_ENC_FLAGS 0
-#define TLSV1_2_ENC_FLAGS (SSL_ENC_FLAG_SIGALGS | \
- SSL_ENC_FLAG_SHA256_PRF | \
- SSL_ENC_FLAG_TLS1_2_CIPHERS)
-#define TLSV1_3_ENC_FLAGS (SSL_ENC_FLAG_SIGALGS | \
- SSL_ENC_FLAG_TLS1_3_CIPHERS)
-
-extern const SSL_CIPHER ssl3_ciphers[];
-
-const char *ssl_version_string(int ver);
-int ssl_version_set_min(const SSL_METHOD *meth, uint16_t proto_ver,
- uint16_t max_tls_ver, uint16_t *out_tls_ver, uint16_t *out_proto_ver);
-int ssl_version_set_max(const SSL_METHOD *meth, uint16_t proto_ver,
- uint16_t min_tls_ver, uint16_t *out_tls_ver, uint16_t *out_proto_ver);
-int ssl_enabled_tls_version_range(SSL *s, uint16_t *min_ver, uint16_t *max_ver);
-int ssl_supported_tls_version_range(SSL *s, uint16_t *min_ver, uint16_t *max_ver);
-uint16_t ssl_tls_version(uint16_t version);
-uint16_t ssl_effective_tls_version(SSL *s);
-int ssl_max_supported_version(SSL *s, uint16_t *max_ver);
-int ssl_max_legacy_version(SSL *s, uint16_t *max_ver);
-int ssl_max_shared_version(SSL *s, uint16_t peer_ver, uint16_t *max_ver);
-int ssl_check_version_from_server(SSL *s, uint16_t server_version);
-int ssl_legacy_stack_version(SSL *s, uint16_t version);
-int ssl_cipher_in_list(STACK_OF(SSL_CIPHER) *ciphers, const SSL_CIPHER *cipher);
-int ssl_cipher_allowed_in_tls_version_range(const SSL_CIPHER *cipher,
- uint16_t min_ver, uint16_t max_ver);
-
-const SSL_METHOD *tls_legacy_method(void);
-const SSL_METHOD *ssl_get_method(uint16_t version);
-
-void ssl_clear_cipher_state(SSL *s);
-int ssl_clear_bad_session(SSL *s);
-
-void ssl_info_callback(const SSL *s, int type, int value);
-void ssl_msg_callback(SSL *s, int is_write, int content_type,
- const void *msg_buf, size_t msg_len);
-void ssl_msg_callback_cbs(SSL *s, int is_write, int content_type, CBS *cbs);
-
-SSL_CERT *ssl_cert_new(void);
-SSL_CERT *ssl_cert_dup(SSL_CERT *cert);
-void ssl_cert_free(SSL_CERT *c);
-SSL_CERT *ssl_get0_cert(SSL_CTX *ctx, SSL *ssl);
-int ssl_cert_set0_chain(SSL_CTX *ctx, SSL *ssl, STACK_OF(X509) *chain);
-int ssl_cert_set1_chain(SSL_CTX *ctx, SSL *ssl, STACK_OF(X509) *chain);
-int ssl_cert_add0_chain_cert(SSL_CTX *ctx, SSL *ssl, X509 *cert);
-int ssl_cert_add1_chain_cert(SSL_CTX *ctx, SSL *ssl, X509 *cert);
-
-int ssl_security_default_cb(const SSL *ssl, const SSL_CTX *ctx, int op,
- int bits, int nid, void *other, void *ex_data);
-
-int ssl_security_cipher_check(const SSL *ssl, SSL_CIPHER *cipher);
-int ssl_security_shared_cipher(const SSL *ssl, SSL_CIPHER *cipher);
-int ssl_security_supported_cipher(const SSL *ssl, SSL_CIPHER *cipher);
-int ssl_ctx_security_dh(const SSL_CTX *ctx, DH *dh);
-int ssl_security_dh(const SSL *ssl, DH *dh);
-int ssl_security_sigalg_check(const SSL *ssl, const EVP_PKEY *pkey);
-int ssl_security_tickets(const SSL *ssl);
-int ssl_security_version(const SSL *ssl, int version);
-int ssl_security_cert(const SSL_CTX *ctx, const SSL *ssl, X509 *x509,
- int is_peer, int *out_error);
-int ssl_security_cert_chain(const SSL *ssl, STACK_OF(X509) *sk,
- X509 *x509, int *out_error);
-int ssl_security_shared_group(const SSL *ssl, uint16_t group_id);
-int ssl_security_supported_group(const SSL *ssl, uint16_t group_id);
-
-SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int include_ticket);
-int ssl_get_new_session(SSL *s, int session);
-int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block,
- int *alert);
-int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
-SSL_CIPHER *OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base,
- int num);
-int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb);
-STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, CBS *cbs);
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
- STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) *tls13,
- const char *rule_str, SSL_CERT *cert);
-int ssl_parse_ciphersuites(STACK_OF(SSL_CIPHER) **out_ciphers, const char *str);
-int ssl_merge_cipherlists(STACK_OF(SSL_CIPHER) *cipherlist,
- STACK_OF(SSL_CIPHER) *cipherlist_tls13,
- STACK_OF(SSL_CIPHER) **out_cipherlist);
-void ssl_update_cache(SSL *s, int mode);
-int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
- const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size);
-int ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead);
-int ssl_get_handshake_evp_md(SSL *s, const EVP_MD **md);
-
-int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk);
-int ssl_undefined_function(SSL *s);
-int ssl_undefined_void_function(void);
-int ssl_undefined_const_function(const SSL *s);
-SSL_CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
-EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd,
- const struct ssl_sigalg **sap);
-size_t ssl_dhe_params_auto_key_bits(SSL *s);
-int ssl_cert_type(EVP_PKEY *pkey);
-void ssl_set_cert_masks(SSL_CERT *c, const SSL_CIPHER *cipher);
-STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
-int ssl_has_ecc_ciphers(SSL *s);
-int ssl_verify_alarm_type(long type);
-
-int SSL_SESSION_ticket(SSL_SESSION *ss, unsigned char **out, size_t *out_len);
-
-const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
-int ssl3_do_write(SSL *s, int type);
-int ssl3_send_alert(SSL *s, int level, int desc);
-int ssl3_get_req_cert_types(SSL *s, CBB *cbb);
-int ssl3_get_message(SSL *s, int st1, int stn, int mt, long max);
-int ssl3_num_ciphers(void);
-const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
-const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
-const SSL_CIPHER *ssl3_get_cipher_by_value(uint16_t value);
-uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c);
-int ssl3_renegotiate(SSL *ssl);
-
-int ssl3_renegotiate_check(SSL *ssl);
-
-void ssl_force_want_read(SSL *s);
-
-int ssl3_dispatch_alert(SSL *s);
-int ssl3_read_alert(SSL *s);
-int ssl3_read_change_cipher_spec(SSL *s);
-int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
-int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-int ssl3_output_cert_chain(SSL *s, CBB *cbb, SSL_CERT_PKEY *cpk);
-SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
- STACK_OF(SSL_CIPHER) *srvr);
-int ssl3_setup_buffers(SSL *s);
-int ssl3_setup_init_buffer(SSL *s);
-void ssl3_release_init_buffer(SSL *s);
-int ssl3_setup_read_buffer(SSL *s);
-int ssl3_setup_write_buffer(SSL *s);
-void ssl3_release_buffer(SSL3_BUFFER_INTERNAL *b);
-void ssl3_release_read_buffer(SSL *s);
-void ssl3_release_write_buffer(SSL *s);
-int ssl3_new(SSL *s);
-void ssl3_free(SSL *s);
-int ssl3_accept(SSL *s);
-int ssl3_connect(SSL *s);
-int ssl3_read(SSL *s, void *buf, int len);
-int ssl3_peek(SSL *s, void *buf, int len);
-int ssl3_write(SSL *s, const void *buf, int len);
-int ssl3_shutdown(SSL *s);
-void ssl3_clear(SSL *s);
-long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg);
-long ssl3_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
-long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void));
-long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp)(void));
-int ssl3_pending(const SSL *s);
-
-int ssl3_handshake_msg_hdr_len(SSL *s);
-int ssl3_handshake_msg_start(SSL *s, CBB *handshake, CBB *body,
- uint8_t msg_type);
-int ssl3_handshake_msg_finish(SSL *s, CBB *handshake);
-int ssl3_handshake_write(SSL *s);
-int ssl3_record_write(SSL *s, int type);
-
-int ssl3_do_change_cipher_spec(SSL *ssl);
-
-int ssl3_packet_read(SSL *s, int plen);
-int ssl3_packet_extend(SSL *s, int plen);
-int ssl_server_legacy_first_packet(SSL *s);
-int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
- unsigned int len);
-
-int ssl_kex_generate_dhe(DH *dh, DH *dh_params);
-int ssl_kex_generate_dhe_params_auto(DH *dh, size_t key_len);
-int ssl_kex_params_dhe(DH *dh, CBB *cbb);
-int ssl_kex_public_dhe(DH *dh, CBB *cbb);
-int ssl_kex_peer_params_dhe(DH *dh, CBS *cbs, int *decode_error,
- int *invalid_params);
-int ssl_kex_peer_public_dhe(DH *dh, CBS *cbs, int *decode_error,
- int *invalid_key);
-int ssl_kex_derive_dhe(DH *dh, DH *dh_peer,
- uint8_t **shared_key, size_t *shared_key_len);
-
-int ssl_kex_dummy_ecdhe_x25519(EVP_PKEY *pkey);
-int ssl_kex_generate_ecdhe_ecp(EC_KEY *ecdh, int nid);
-int ssl_kex_public_ecdhe_ecp(EC_KEY *ecdh, CBB *cbb);
-int ssl_kex_peer_public_ecdhe_ecp(EC_KEY *ecdh, int nid, CBS *cbs);
-int ssl_kex_derive_ecdhe_ecp(EC_KEY *ecdh, EC_KEY *ecdh_peer,
- uint8_t **shared_key, size_t *shared_key_len);
-
-int tls1_new(SSL *s);
-void tls1_free(SSL *s);
-void tls1_clear(SSL *s);
-
-int ssl_init_wbio_buffer(SSL *s, int push);
-void ssl_free_wbio_buffer(SSL *s);
-
-int tls1_transcript_hash_init(SSL *s);
-int tls1_transcript_hash_update(SSL *s, const unsigned char *buf, size_t len);
-int tls1_transcript_hash_value(SSL *s, unsigned char *out, size_t len,
- size_t *outlen);
-void tls1_transcript_hash_free(SSL *s);
-
-int tls1_transcript_init(SSL *s);
-void tls1_transcript_free(SSL *s);
-void tls1_transcript_reset(SSL *s);
-int tls1_transcript_append(SSL *s, const unsigned char *buf, size_t len);
-int tls1_transcript_data(SSL *s, const unsigned char **data, size_t *len);
-void tls1_transcript_freeze(SSL *s);
-void tls1_transcript_unfreeze(SSL *s);
-int tls1_transcript_record(SSL *s, const unsigned char *buf, size_t len);
-
-int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len,
- const void *seed1, size_t seed1_len, const void *seed2, size_t seed2_len,
- const void *seed3, size_t seed3_len, const void *seed4, size_t seed4_len,
- const void *seed5, size_t seed5_len, unsigned char *out, size_t out_len);
-
-void tls1_cleanup_key_block(SSL *s);
-int tls1_change_read_cipher_state(SSL *s);
-int tls1_change_write_cipher_state(SSL *s);
-int tls1_setup_key_block(SSL *s);
-int tls1_generate_key_block(SSL *s, uint8_t *key_block, size_t key_block_len);
-int ssl_ok(SSL *s);
-
-int tls12_derive_finished(SSL *s);
-int tls12_derive_peer_finished(SSL *s);
-int tls12_derive_master_secret(SSL *s, uint8_t *premaster_secret,
- size_t premaster_secret_len);
-
-int ssl_using_ecc_cipher(SSL *s);
-int ssl_check_srvr_ecc_cert_and_alg(SSL *s, X509 *x);
-
-void tls1_get_formatlist(const SSL *s, int client_formats,
- const uint8_t **pformats, size_t *pformatslen);
-void tls1_get_group_list(const SSL *s, int client_groups,
- const uint16_t **pgroups, size_t *pgroupslen);
-
-int tls1_set_groups(uint16_t **out_group_ids, size_t *out_group_ids_len,
- const int *groups, size_t ngroups);
-int tls1_set_group_list(uint16_t **out_group_ids, size_t *out_group_ids_len,
- const char *groups);
-
-int tls1_ec_group_id2nid(uint16_t group_id, int *out_nid);
-int tls1_ec_group_id2bits(uint16_t group_id, int *out_bits);
-int tls1_ec_nid2group_id(int nid, uint16_t *out_group_id);
-int tls1_check_group(SSL *s, uint16_t group_id);
-int tls1_count_shared_groups(const SSL *ssl, size_t *out_count);
-int tls1_get_shared_group_by_index(const SSL *ssl, size_t index, int *out_nid);
-int tls1_get_supported_group(const SSL *s, int *out_nid);
-
-int ssl_check_clienthello_tlsext_early(SSL *s);
-int ssl_check_clienthello_tlsext_late(SSL *s);
-int ssl_check_serverhello_tlsext(SSL *s);
-
-#define TLS1_TICKET_FATAL_ERROR -1
-#define TLS1_TICKET_NONE 0
-#define TLS1_TICKET_EMPTY 1
-#define TLS1_TICKET_NOT_DECRYPTED 2
-#define TLS1_TICKET_DECRYPTED 3
-
-int tls1_process_ticket(SSL *s, CBS *ext_block, int *alert, SSL_SESSION **ret);
-
-int tls1_check_ec_server_key(SSL *s);
-
-/* s3_cbc.c */
-void ssl3_cbc_copy_mac(unsigned char *out, const SSL3_RECORD_INTERNAL *rec,
- unsigned int md_size, unsigned int orig_len);
-int ssl3_cbc_remove_padding(SSL3_RECORD_INTERNAL *rec, unsigned int eiv_len,
- unsigned int mac_size);
-char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
-int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char *md_out,
- size_t *md_out_size, const unsigned char header[13],
- const unsigned char *data, size_t data_plus_mac_size,
- size_t data_plus_mac_plus_padding_size, const unsigned char *mac_secret,
- unsigned int mac_secret_length);
-int SSL_state_func_code(int _state);
-
-#define SSLerror(s, r) SSL_error_internal(s, r, __FILE__, __LINE__)
-#define SSLerrorx(r) ERR_PUT_error(ERR_LIB_SSL,(0xfff),(r),__FILE__,__LINE__)
-void SSL_error_internal(const SSL *s, int r, char *f, int l);
-
-#ifndef OPENSSL_NO_SRTP
-
-int srtp_find_profile_by_name(const char *profile_name,
- const SRTP_PROTECTION_PROFILE **pptr, unsigned int len);
-int srtp_find_profile_by_num(unsigned int profile_num,
- const SRTP_PROTECTION_PROFILE **pptr);
-
-#endif /* OPENSSL_NO_SRTP */
-
-int tls_process_peer_certs(SSL *s, STACK_OF(X509) *peer_certs);
-
-__END_HIDDEN_DECLS
-
-#endif
-/* $OpenBSD: ssl_methods.c,v 1.28 2021/07/26 03:17:38 jsing Exp $ */
+/* $OpenBSD: ssl_methods.c,v 1.29 2022/11/26 16:08:56 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* [including the GNU Public Licence.]
*/
-#include "dtls_locl.h"
-#include "ssl_locl.h"
+#include "dtls_local.h"
+#include "ssl_local.h"
#include "tls13_internal.h"
static const SSL_METHOD DTLS_method_data = {
-/* $OpenBSD: ssl_packet.c,v 1.14 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: ssl_packet.c,v 1.15 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
*
*/
#include "bytestring.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
static int
ssl_is_sslv2_client_hello(CBS *header)
-/* $OpenBSD: ssl_pkt.c,v 1.64 2022/11/11 17:15:26 jsing Exp $ */
+/* $OpenBSD: ssl_pkt.c,v 1.65 2022/11/26 16:08:56 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/evp.h>
#include "bytestring.h"
-#include "dtls_locl.h"
-#include "ssl_locl.h"
+#include "dtls_local.h"
+#include "ssl_local.h"
#include "tls_content.h"
static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
-/* $OpenBSD: ssl_rsa.c,v 1.48 2022/08/31 20:49:37 tb Exp $ */
+/* $OpenBSD: ssl_rsa.c,v 1.49 2022/11/26 16:08:56 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/pem.h>
#include <openssl/x509.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
static int ssl_get_password_cb_and_arg(SSL_CTX *ctx, SSL *ssl,
pem_password_cb **passwd_cb, void **passwd_arg);
-/* $OpenBSD: ssl_seclevel.c,v 1.26 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: ssl_seclevel.c,v 1.27 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2020-2022 Theo Buehler <tb@openbsd.org>
*
#include <openssl/x509v3.h>
#include "bytestring.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
static int
ssl_security_normalize_level(const SSL_CTX *ctx, const SSL *ssl, int *out_level)
-/* $OpenBSD: ssl_sess.c,v 1.120 2022/10/20 15:22:51 tb Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.121 2022/11/26 16:08:56 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/engine.h>
#endif
-#include "ssl_locl.h"
+#include "ssl_local.h"
static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
-/* $OpenBSD: ssl_sigalgs.c,v 1.47 2022/07/02 16:31:04 tb Exp $ */
+/* $OpenBSD: ssl_sigalgs.c,v 1.48 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2018-2020 Bob Beck <beck@openbsd.org>
* Copyright (c) 2021 Joel Sing <jsing@openbsd.org>
#include <openssl/opensslconf.h>
#include "bytestring.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "ssl_sigalgs.h"
#include "tls13_internal.h"
-/* $OpenBSD: ssl_srvr.c,v 1.151 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.152 2022/11/26 16:08:56 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#endif
#include "bytestring.h"
-#include "dtls_locl.h"
-#include "ssl_locl.h"
+#include "dtls_local.h"
+#include "ssl_local.h"
#include "ssl_sigalgs.h"
#include "ssl_tlsext.h"
-/* $OpenBSD: ssl_stat.c,v 1.19 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: ssl_stat.c,v 1.20 2022/11/26 16:08:56 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <stdio.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
const char *
SSL_state_string_long(const SSL *s)
-/* $OpenBSD: ssl_tlsext.c,v 1.130 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.131 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
#include <openssl/opensslconf.h>
#include "bytestring.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "ssl_sigalgs.h"
#include "ssl_tlsext.h"
-/* $OpenBSD: ssl_transcript.c,v 1.8 2022/07/22 19:54:46 jsing Exp $ */
+/* $OpenBSD: ssl_transcript.c,v 1.9 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
*
#include <openssl/ssl.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "tls_internal.h"
int
-/* $OpenBSD: ssl_txt.c,v 1.35 2022/06/07 17:55:08 tb Exp $ */
+/* $OpenBSD: ssl_txt.c,v 1.36 2022/11/26 16:08:56 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/buffer.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
int
SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
-/* $OpenBSD: ssl_versions.c,v 1.25 2022/10/02 16:36:41 jsing Exp $ */
+/* $OpenBSD: ssl_versions.c,v 1.26 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
*
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#include "ssl_locl.h"
+#include "ssl_local.h"
static uint16_t
ssl_dtls_to_tls_version(uint16_t dtls_ver)
-/* $OpenBSD: t1_enc.c,v 1.156 2022/11/07 11:58:45 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.157 2022/11/26 16:08:56 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/md5.h>
#include <openssl/opensslconf.h>
-#include "dtls_locl.h"
-#include "ssl_locl.h"
+#include "dtls_local.h"
+#include "ssl_local.h"
void
tls1_cleanup_key_block(SSL *s)
-/* $OpenBSD: t1_lib.c,v 1.196 2022/10/02 16:36:42 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.197 2022/11/26 16:08:56 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/ocsp.h>
#include "bytestring.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "ssl_sigalgs.h"
#include "ssl_tlsext.h"
-/* $OpenBSD: tls12_key_schedule.c,v 1.2 2022/11/07 11:58:45 jsing Exp $ */
+/* $OpenBSD: tls12_key_schedule.c,v 1.3 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2021 Joel Sing <jsing@openbsd.org>
*
#include <openssl/evp.h>
#include "bytestring.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "tls12_internal.h"
struct tls12_key_block {
-/* $OpenBSD: tls12_lib.c,v 1.5 2022/06/07 17:19:09 tb Exp $ */
+/* $OpenBSD: tls12_lib.c,v 1.6 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2021 Joel Sing <jsing@openbsd.org>
*
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#include "ssl_locl.h"
+#include "ssl_local.h"
static int
tls12_finished_verify_data(SSL *s, const char *finished_label,
-/* $OpenBSD: tls12_record_layer.c,v 1.37 2022/11/11 17:15:26 jsing Exp $ */
+/* $OpenBSD: tls12_record_layer.c,v 1.38 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
*
#include <openssl/evp.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#define TLS12_RECORD_SEQ_NUM_LEN 8
#define TLS12_AEAD_FIXED_NONCE_MAX_LEN 12
-/* $OpenBSD: tls13_client.c,v 1.100 2022/10/02 16:36:42 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.101 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
*
#include <openssl/ssl3.h>
#include "bytestring.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "ssl_sigalgs.h"
#include "ssl_tlsext.h"
#include "tls13_handshake.h"
-/* $OpenBSD: tls13_handshake.c,v 1.71 2022/04/19 17:01:43 tb Exp $ */
+/* $OpenBSD: tls13_handshake.c,v 1.72 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2018-2021 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
#include <stddef.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "tls13_handshake.h"
#include "tls13_internal.h"
-/* $OpenBSD: tls13_key_schedule.c,v 1.17 2022/11/07 11:53:39 jsing Exp $ */
+/* $OpenBSD: tls13_key_schedule.c,v 1.18 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2018, Bob Beck <beck@openbsd.org>
*
#include <openssl/hkdf.h>
#include "bytestring.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "tls13_internal.h"
int
-/* $OpenBSD: tls13_legacy.c,v 1.39 2022/10/02 16:36:42 jsing Exp $ */
+/* $OpenBSD: tls13_legacy.c,v 1.40 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
*
#include <limits.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "tls13_internal.h"
static ssize_t
-/* $OpenBSD: tls13_lib.c,v 1.75 2022/11/07 11:53:39 jsing Exp $ */
+/* $OpenBSD: tls13_lib.c,v 1.76 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2019 Bob Beck <beck@openbsd.org>
#include <openssl/evp.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "ssl_tlsext.h"
#include "tls13_internal.h"
-/* $OpenBSD: tls13_quic.c,v 1.6 2022/08/30 18:23:40 tb Exp $ */
+/* $OpenBSD: tls13_quic.c,v 1.7 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
*
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#include <ssl_locl.h>
-
+#include "ssl_local.h"
#include "tls13_internal.h"
static ssize_t
-/* $OpenBSD: tls13_server.c,v 1.104 2022/10/02 16:36:42 jsing Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.105 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2020 Bob Beck <beck@openbsd.org>
#include <openssl/x509v3.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "ssl_sigalgs.h"
#include "ssl_tlsext.h"
#include "tls13_handshake.h"
-/* $OpenBSD: tls_key_share.c,v 1.7 2022/07/02 16:00:12 tb Exp $ */
+/* $OpenBSD: tls_key_share.c,v 1.8 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
*
#include <openssl/evp.h>
#include "bytestring.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "tls_internal.h"
struct tls_key_share {
-/* $OpenBSD: tls_lib.c,v 1.2 2022/08/20 21:48:25 tb Exp $ */
+/* $OpenBSD: tls_lib.c,v 1.3 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2019, 2021 Joel Sing <jsing@openbsd.org>
*
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-#include "ssl_locl.h"
+#include "ssl_local.h"
int
tls_process_peer_certs(SSL *s, STACK_OF(X509) *peer_certs)
-/* $OpenBSD: asn1basic.c,v 1.12 2022/09/05 21:06:31 tb Exp $ */
+/* $OpenBSD: asn1basic.c,v 1.13 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2017, 2021 Joel Sing <jsing@openbsd.org>
*
#include <stdio.h>
#include <string.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
static void
hexdump(const unsigned char *buf, size_t len)
-/* $OpenBSD: asn1object.c,v 1.9 2022/09/05 21:06:31 tb Exp $ */
+/* $OpenBSD: asn1object.c,v 1.10 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2017, 2021, 2022 Joel Sing <jsing@openbsd.org>
*
#include <stdio.h>
#include <string.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
static void
hexdump(const unsigned char *buf, size_t len)
-/* $OpenBSD: bn_isqrt.c,v 1.7 2022/10/11 13:51:41 tb Exp $ */
+/* $OpenBSD: bn_isqrt.c,v 1.8 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
*
#include <openssl/bn.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
#define N_TESTS 400
-/* $OpenBSD: evp_pkey_cleanup.c,v 1.1 2022/03/30 08:57:26 tb Exp $ */
+/* $OpenBSD: evp_pkey_cleanup.c,v 1.2 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
#include <openssl/evp.h>
-#include "evp_locl.h"
+#include "evp_local.h"
struct pkey_cleanup_test {
const char *name;
-/* $OpenBSD: evp_test.c,v 1.2 2022/11/09 17:15:59 jsing Exp $ */
+/* $OpenBSD: evp_test.c,v 1.3 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
*
#include <openssl/evp.h>
#include <openssl/ossl_typ.h>
-#include "evp_locl.h"
+#include "evp_local.h"
static int
evp_asn1_method_test(void)
-/* $OpenBSD: sm2crypttest.c,v 1.1.1.1 2021/08/18 16:06:56 tb Exp $ */
+/* $OpenBSD: sm2crypttest.c,v 1.2 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2017, 2019 Ribose Inc
*
}
#else
#include <openssl/sm2.h>
-#include "sm2_locl.h"
+#include "sm2_local.h"
static EC_GROUP *
create_EC_group(const char *p_hex, const char *a_hex, const char *b_hex,
-/* $OpenBSD: sm2sigtest.c,v 1.1.1.1 2021/08/18 16:06:56 tb Exp $ */
+/* $OpenBSD: sm2sigtest.c,v 1.2 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2017, 2019 Ribose Inc
*
}
#else
#include <openssl/sm2.h>
-#include "sm2_locl.h"
+#include "sm2_local.h"
static EC_GROUP *
create_EC_group(const char *p_hex, const char *a_hex, const char *b_hex,
-/* $OpenBSD: utf8test.c,v 1.4 2018/07/17 17:06:50 tb Exp $ */
+/* $OpenBSD: utf8test.c,v 1.5 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2014 Philip Guenther <guenther@openbsd.org>
*
#include <err.h>
#include <openssl/asn1.h>
-#include "asn1_locl.h" /* peek into the internals */
+#include "asn1_local.h" /* peek into the internals */
#define UNCHANGED 0xfedcba98
-/* $OpenBSD: asn1test.c,v 1.11 2022/06/07 18:00:51 tb Exp $ */
+/* $OpenBSD: asn1test.c,v 1.12 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2014, 2016 Joel Sing <jsing@openbsd.org>
*
#include <openssl/ssl.h>
#include <openssl/tls1.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
-/* $OpenBSD: dtlstest.c,v 1.17 2022/10/26 20:31:38 tb Exp $ */
+/* $OpenBSD: dtlstest.c,v 1.18 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2020, 2021 Joel Sing <jsing@openbsd.org>
*
#include <openssl/ssl.h>
#include "bio_local.h"
-#include "ssl_locl.h"
+#include "ssl_local.h"
const char *server_ca_file;
const char *server_cert_file;
-/* $OpenBSD: exportertest.c,v 1.1 2022/11/05 21:58:24 jsing Exp $ */
+/* $OpenBSD: exportertest.c,v 1.2 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
*
#include <stdio.h>
#include <string.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
static void
hexdump(const unsigned char *buf, size_t len)
-/* $OpenBSD: key_schedule.c,v 1.9 2019/11/18 02:09:58 beck Exp $ */
+/* $OpenBSD: key_schedule.c,v 1.10 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
*
#include <err.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "bytestring.h"
#include "ssl_tlsext.h"
-/* $OpenBSD: record_layer_test.c,v 1.5 2022/06/10 22:00:15 tb Exp $ */
+/* $OpenBSD: record_layer_test.c,v 1.6 2022/11/26 16:08:56 tb Exp $ */
/*
* Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
*
#include <err.h>
#include <string.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "tls13_internal.h"
#include "tls13_record.h"
-/* $OpenBSD: ssltest.c,v 1.35 2022/07/07 13:10:22 tb Exp $ */
+/* $OpenBSD: ssltest.c,v 1.36 2022/11/26 16:08:57 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/dh.h>
#include <openssl/bn.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#define TEST_SERVER_CERT "../apps/server.pem"
#define TEST_CLIENT_CERT "../apps/client.pem"
-/* $OpenBSD: tlsexttest.c,v 1.78 2022/10/21 14:58:53 tb Exp $ */
+/* $OpenBSD: tlsexttest.c,v 1.79 2022/11/26 16:08:57 tb Exp $ */
/*
* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
#include <openssl/tls1.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "bytestring.h"
#include "ssl_tlsext.h"
-/* $OpenBSD: cipher_list.c,v 1.12 2022/10/02 16:38:23 jsing Exp $ */
+/* $OpenBSD: cipher_list.c,v 1.13 2022/11/26 16:08:57 tb Exp $ */
/*
* Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
* Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
#include <stdio.h>
#include <string.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "tests.h"
-/* $OpenBSD: ssl_versions.c,v 1.18 2022/10/02 16:38:23 jsing Exp $ */
+/* $OpenBSD: ssl_versions.c,v 1.19 2022/11/26 16:08:57 tb Exp $ */
/*
* Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
*
#include <openssl/ssl.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
struct version_range_test {
const long options;
-/* $OpenBSD: tls_ext_alpn.c,v 1.8 2022/10/02 16:38:23 jsing Exp $ */
+/* $OpenBSD: tls_ext_alpn.c,v 1.9 2022/11/26 16:08:57 tb Exp $ */
/*
* Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
*
#include <stdio.h>
#include <openssl/ssl.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
#include "ssl_tlsext.h"
#include "tests.h"
-/* $OpenBSD: tls_prf.c,v 1.7 2022/06/10 22:00:15 tb Exp $ */
+/* $OpenBSD: tls_prf.c,v 1.8 2022/11/26 16:08:57 tb Exp $ */
/*
* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
*
#include <err.h>
-#include "ssl_locl.h"
+#include "ssl_local.h"
int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len,
const void *seed1, size_t seed1_len, const void *seed2, size_t seed2_len,
projects / openbsd / commitdiff