maxmustermann/godot
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

openssl: Update to pristine 1.0.2o (security update)

Browse source
This commit is contained in:
Rémi Verschelde 2018-07-27 16:38:54 +02:00
parent 96e5d9430b
commit 9f0e38cca8
155 changed files with 1406 additions and 823 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
COPYRIGHT.txt
View file

@ -265,7 +265,7 @@ License: BSD-2-clause
Files: ./thirdparty/openssl/
Comment: The OpenSSL Project
Copyright: 1998-2016, The OpenSSL Project.
Copyright: 1998-2018, The OpenSSL Project.
License: OpenSSL
Files: ./thirdparty/opus/

2
thirdparty/README.md vendored
View file

@ -241,7 +241,7 @@ Collection of single-file libraries used in Godot components.
## openssl
- Upstream: https://www.openssl.org
- Version: 1.0.2l
- Version: 1.0.2o
- License: OpenSSL license / BSD-like
Files extracted from the upstream source:

4
thirdparty/openssl/LICENSE vendored
View file

@ -2,7 +2,7 @@
LICENSE ISSUES
==============
The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
The OpenSSL toolkit stays under a double license, i.e. both the conditions of
the OpenSSL License and the original SSLeay license apply to the toolkit.
See below for the actual license texts. Actually both licenses are BSD-style
Open Source licenses. In case of any license issues related to OpenSSL
@ -12,7 +12,7 @@
---------------
/* ====================================================================
* Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions

17
thirdparty/openssl/crypto/LPdir_win.c vendored
View file

@ -94,8 +94,23 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
TCHAR *wdir = NULL;
/* len_0 denotes string length *with* trailing 0 */
size_t index = 0, len_0 = strlen(extdir) + 1;
size_t amount;
wdir = (TCHAR *)calloc(len_0, sizeof(TCHAR));
/*
* Size check
* The reasoning is that absolutely worst case, each byte in
* extdir will take up one TCHAR each, so the maximum size in
* bytes that we can tolerate is MAX_PATH TCHARs... not counting
* the ending NUL.
*/
if ((len_0 - 1) > MAX_PATH * sizeof(TCHAR)) {
free(*ctx);
*ctx = NULL;
errno = EINVAL;
return 0;
}
amount = len_0 * sizeof(TCHAR);
wdir = (TCHAR *)malloc(amount);
if (wdir == NULL) {
if (extdirbuf != NULL) {
free(extdirbuf);

6
thirdparty/openssl/crypto/asn1/a_bitstr.c vendored
View file

@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
#include <limits.h>
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
@ -136,6 +137,11 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
goto err;
}
if (len > INT_MAX) {
i = ASN1_R_STRING_TOO_LONG;
goto err;
}
if ((a == NULL) || ((*a) == NULL)) {
if ((ret = M_ASN1_BIT_STRING_new()) == NULL)
return (NULL);

2
thirdparty/openssl/crypto/asn1/a_gentm.c vendored
View file

@ -78,7 +78,7 @@ int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
ASN1_STRING tmpstr = *(ASN1_STRING *)a;
len = tmpstr.length;
ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len);
tmpstr.data = tmp;
a = (ASN1_GENERALIZEDTIME *)&tmpstr;

3
thirdparty/openssl/crypto/asn1/a_i2d_fp.c vendored
View file

@ -87,6 +87,9 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
int i, j = 0, n, ret = 1;
n = i2d(x, NULL);
if (n <= 0)
return 0;
b = (char *)OPENSSL_malloc(n);
if (b == NULL) {
ASN1err(ASN1_F_ASN1_I2D_BIO, ERR_R_MALLOC_FAILURE);

4
thirdparty/openssl/crypto/asn1/a_mbstr.c vendored
View file

@ -149,14 +149,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
if ((minsize > 0) && (nchar < minsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
BIO_snprintf(strbuf, sizeof(strbuf), "%ld", minsize);
ERR_add_error_data(2, "minsize=", strbuf);
return -1;
}
if ((maxsize > 0) && (nchar > maxsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
BIO_snprintf(strbuf, sizeof(strbuf), "%ld", maxsize);
ERR_add_error_data(2, "maxsize=", strbuf);
return -1;
}

4
thirdparty/openssl/crypto/asn1/a_object.c vendored
View file

@ -89,7 +89,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
{
int i, first, len = 0, c, use_bn;
char ftmp[24], *tmp = ftmp;
int tmpsize = sizeof ftmp;
int tmpsize = sizeof(ftmp);
const char *p;
unsigned long l;
BIGNUM *bl = NULL;
@ -226,7 +226,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
if ((a == NULL) || (a->data == NULL))
return (BIO_write(bp, "NULL", 4));
i = i2t_ASN1_OBJECT(buf, sizeof buf, a);
i = i2t_ASN1_OBJECT(buf, sizeof(buf), a);
if (i > (int)(sizeof(buf) - 1)) {
p = OPENSSL_malloc(i + 1);
if (!p)

8
thirdparty/openssl/crypto/asn1/a_strex.c vendored
View file

@ -130,13 +130,13 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
if (c > 0xffffffffL)
return -1;
if (c > 0xffff) {
BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c);
BIO_snprintf(tmphex, sizeof(tmphex), "\\W%08lX", c);
if (!io_ch(arg, tmphex, 10))
return -1;
return 10;
}
if (c > 0xff) {
BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c);
BIO_snprintf(tmphex, sizeof(tmphex), "\\U%04lX", c);
if (!io_ch(arg, tmphex, 6))
return -1;
return 6;
@ -236,7 +236,7 @@ static int do_buf(unsigned char *buf, int buflen,
if (type & BUF_TYPE_CONVUTF8) {
unsigned char utfbuf[6];
int utflen;
utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
utflen = UTF8_putc(utfbuf, sizeof(utfbuf), c);
for (i = 0; i < utflen; i++) {
/*
* We don't need to worry about setting orflags correctly
@ -533,7 +533,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
if (fn_opt != XN_FLAG_FN_NONE) {
int objlen, fld_len;
if ((fn_opt == XN_FLAG_FN_OID) || (fn_nid == NID_undef)) {
OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
OBJ_obj2txt(objtmp, sizeof(objtmp), fn, 1);
fld_len = 0; /* XXX: what should this be? */
objbuf = objtmp;
} else {

2
thirdparty/openssl/crypto/asn1/a_time.c vendored
View file

@ -86,7 +86,7 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
tmpstr = *(ASN1_STRING *)a;
len = tmpstr.length;
ebcdic2ascii(tmp, tmpstr.data,
(len >= sizeof tmp) ? sizeof tmp : len);
(len >= sizeof(tmp)) ? sizeof(tmp) : len);
tmpstr.data = tmp;
a = (ASN1_GENERALIZEDTIME *)&tmpstr;
}

4
thirdparty/openssl/crypto/asn1/a_utctm.c vendored
View file

@ -76,7 +76,7 @@ int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
ASN1_STRING x = *(ASN1_STRING *)a;
len = x.length;
ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len);
ebcdic2ascii(tmp, x.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len);
x.data = tmp;
return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
# endif
@ -317,7 +317,7 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
struct tm tm;
int offset;
memset(&tm, '\0', sizeof tm);
memset(&tm, '\0', sizeof(tm));
# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
tm.tm_year = g2(s->data);

3
thirdparty/openssl/crypto/asn1/asn1_err.c vendored
View file

@ -1,6 +1,6 @@
/* crypto/asn1/asn1_err.c */
/* ====================================================================
* Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -279,6 +279,7 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
{ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"},
{ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"},
{ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"},
{ERR_REASON(ASN1_R_NESTED_TOO_DEEP), "nested too deep"},
{ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"},
{ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
{ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},

63
thirdparty/openssl/crypto/asn1/asn1_int.h vendored Normal file
View file

@ -0,0 +1,63 @@
/* asn1t.h */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 2006.
*/
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
/* Internal ASN1 template structures and functions: not for application use */
void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
int combine);

4
thirdparty/openssl/crypto/asn1/asn1_lib.c vendored
View file

@ -456,8 +456,8 @@ void asn1_add_error(const unsigned char *address, int offset)
{
char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1];
BIO_snprintf(buf1, sizeof buf1, "%lu", (unsigned long)address);
BIO_snprintf(buf2, sizeof buf2, "%d", offset);
BIO_snprintf(buf1, sizeof(buf1), "%lu", (unsigned long)address);
BIO_snprintf(buf2, sizeof(buf2), "%d", offset);
ERR_add_error_data(4, "address=", buf1, " offset=", buf2);
}

8
thirdparty/openssl/crypto/asn1/asn1_par.c vendored
View file

@ -87,13 +87,13 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
p = str;
if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
BIO_snprintf(str, sizeof str, "priv [ %d ] ", tag);
BIO_snprintf(str, sizeof(str), "priv [ %d ] ", tag);
else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
BIO_snprintf(str, sizeof str, "cont [ %d ]", tag);
BIO_snprintf(str, sizeof(str), "cont [ %d ]", tag);
else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
BIO_snprintf(str, sizeof str, "appl [ %d ]", tag);
BIO_snprintf(str, sizeof(str), "appl [ %d ]", tag);
else if (tag > 30)
BIO_snprintf(str, sizeof str, "<ASN1 %d>", tag);
BIO_snprintf(str, sizeof(str), "<ASN1 %d>", tag);
else
p = ASN1_tag2str(tag);

3
thirdparty/openssl/crypto/asn1/asn_mime.c vendored
View file

@ -4,7 +4,7 @@
* project.
*/
/* ====================================================================
* Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -473,6 +473,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
sk_BIO_pop_free(parts, BIO_vfree);
return NULL;
}

4
thirdparty/openssl/crypto/asn1/t_x509a.c vendored
View file

@ -81,7 +81,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
BIO_puts(out, ", ");
else
first = 0;
OBJ_obj2txt(oidstr, sizeof oidstr,
OBJ_obj2txt(oidstr, sizeof(oidstr),
sk_ASN1_OBJECT_value(aux->trust, i), 0);
BIO_puts(out, oidstr);
}
@ -96,7 +96,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
BIO_puts(out, ", ");
else
first = 0;
OBJ_obj2txt(oidstr, sizeof oidstr,
OBJ_obj2txt(oidstr, sizeof(oidstr),
sk_ASN1_OBJECT_value(aux->reject, i), 0);
BIO_puts(out, oidstr);
}

64
thirdparty/openssl/crypto/asn1/tasn_dec.c vendored
View file

@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
* Copyright (c) 2000-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -65,6 +65,14 @@
#include <openssl/buffer.h>
#include <openssl/err.h>
/*
* Constructed types with a recursive definition (such as can be found in PKCS7)
* could eventually exceed the stack given malicious input with excessive
* recursion. Therefore we limit the stack depth. This is the maximum number of
* recursive invocations of asn1_item_embed_d2i().
*/
#define ASN1_MAX_CONSTRUCTED_NEST 30
static int asn1_check_eoc(const unsigned char **in, long len);
static int asn1_find_end(const unsigned char **in, long len, char inf);
@ -81,11 +89,11 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
static int asn1_template_ex_d2i(ASN1_VALUE **pval,
const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx);
ASN1_TLC *ctx, int depth);
static int asn1_template_noexp_d2i(ASN1_VALUE **val,
const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx);
ASN1_TLC *ctx, int depth);
static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
const unsigned char **in, long len,
const ASN1_ITEM *it,
@ -154,17 +162,16 @@ int ASN1_template_d2i(ASN1_VALUE **pval,
{
ASN1_TLC c;
asn1_tlc_clear_nc(&c);
return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
return asn1_template_ex_d2i(pval, in, len, tt, 0, &c, 0);
}
/*
* Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and
* tag mismatch return -1 to handle OPTIONAL
*/
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it,
int tag, int aclass, char opt, ASN1_TLC *ctx)
static int asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in,
long len, const ASN1_ITEM *it, int tag, int aclass,
char opt, ASN1_TLC *ctx, int depth)
{
const ASN1_TEMPLATE *tt, *errtt = NULL;
const ASN1_COMPAT_FUNCS *cf;
@ -189,6 +196,11 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
else
asn1_cb = 0;
if (++depth > ASN1_MAX_CONSTRUCTED_NEST) {
ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NESTED_TOO_DEEP);
goto err;
}
switch (it->itype) {
case ASN1_ITYPE_PRIMITIVE:
if (it->templates) {
@ -204,7 +216,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
goto err;
}
return asn1_template_ex_d2i(pval, in, len,
it->templates, opt, ctx);
it->templates, opt, ctx, depth);
}
return asn1_d2i_ex_primitive(pval, in, len, it,
tag, aclass, opt, ctx);
@ -326,7 +338,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
/*
* We mark field as OPTIONAL so its absence can be recognised.
*/
ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx, depth);
/* If field not present, try the next one */
if (ret == -1)
continue;
@ -444,7 +456,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
* attempt to read in field, allowing each to be OPTIONAL
*/
ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx,
depth);
if (!ret) {
errtt = seqtt;
goto err;
@ -514,6 +527,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
return 0;
}
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
const ASN1_ITEM *it,
int tag, int aclass, char opt, ASN1_TLC *ctx)
{
return asn1_item_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx, 0);
}
/*
* Templates are handled with two separate functions. One handles any
* EXPLICIT tag and the other handles the rest.
@ -522,7 +542,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
static int asn1_template_ex_d2i(ASN1_VALUE **val,
const unsigned char **in, long inlen,
const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx)
ASN1_TLC *ctx, int depth)
{
int flags, aclass;
int ret;
@ -557,7 +577,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
return 0;
}
/* We've found the field so it can't be OPTIONAL now */
ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx, depth);
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
return 0;
@ -581,7 +601,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
}
}
} else
return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx, depth);
*in = p;
return 1;
@ -594,7 +614,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
static int asn1_template_noexp_d2i(ASN1_VALUE **val,
const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt,
ASN1_TLC *ctx)
ASN1_TLC *ctx, int depth)
{
int flags, aclass;
int ret;
@ -665,8 +685,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
break;
}
skfield = NULL;
if (!ASN1_item_ex_d2i(&skfield, &p, len,
ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
if (!asn1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item),
-1, 0, 0, ctx, depth)) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ERR_R_NESTED_ASN1_ERROR);
goto err;
@ -684,9 +704,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
}
} else if (flags & ASN1_TFLG_IMPTAG) {
/* IMPLICIT tagging */
ret = ASN1_item_ex_d2i(val, &p, len,
ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt,
ctx);
ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag,
aclass, opt, ctx, depth);
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
@ -694,8 +713,9 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
return -1;
} else {
/* Nothing special */
ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
-1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
-1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx,
depth);
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;

7
thirdparty/openssl/crypto/asn1/tasn_fre.c vendored
View file

@ -61,9 +61,7 @@
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
int combine);
#include "asn1_int.h"
/* Free up an ASN1 structure */
@ -77,8 +75,7 @@ void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
asn1_item_combine_free(pval, it, 0);
}
static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
int combine)
void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
{
const ASN1_TEMPLATE *tt = NULL, *seqtt;
const ASN1_EXTERN_FUNCS *ef;

5
thirdparty/openssl/crypto/asn1/tasn_new.c vendored
View file

@ -63,6 +63,7 @@
#include <openssl/err.h>
#include <openssl/asn1t.h>
#include <string.h>
#include "asn1_int.h"
static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
int combine);
@ -199,7 +200,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
return 1;
memerr2:
ASN1_item_ex_free(pval, it);
asn1_item_combine_free(pval, it, combine);
memerr:
ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
#ifdef CRYPTO_MDEBUG
@ -209,7 +210,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
return 0;
auxerr2:
ASN1_item_ex_free(pval, it);
asn1_item_combine_free(pval, it, combine);
auxerr:
ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
#ifdef CRYPTO_MDEBUG

2
thirdparty/openssl/crypto/asn1/tasn_prn.c vendored
View file

@ -463,7 +463,7 @@ static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
ln = OBJ_nid2ln(OBJ_obj2nid(oid));
if (!ln)
ln = "";
OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
OBJ_obj2txt(objbuf, sizeof(objbuf), oid, 1);
if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
return 0;
return 1;

18
thirdparty/openssl/crypto/asn1/x_name.c vendored
View file

@ -523,19 +523,11 @@ static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname,
int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
{
X509_NAME *in;
if (!xn || !name)
return (0);
if (*xn != name) {
in = X509_NAME_dup(name);
if (in != NULL) {
X509_NAME_free(*xn);
*xn = in;
}
}
return (*xn != NULL);
if ((name = X509_NAME_dup(name)) == NULL)
return 0;
X509_NAME_free(*xn);
*xn = name;
return 1;
}
IMPLEMENT_STACK_OF(X509_NAME_ENTRY)

21
thirdparty/openssl/crypto/asn1/x_pkey.c vendored
View file

@ -106,10 +106,14 @@ X509_PKEY *X509_PKEY_new(void)
X509_PKEY *ret = NULL;
ASN1_CTX c;
M_ASN1_New_Malloc(ret, X509_PKEY);
ret = OPENSSL_malloc(sizeof(X509_PKEY));
if (ret == NULL) {
c.line = __LINE__;
goto err;
}
ret->version = 0;
M_ASN1_New(ret->enc_algor, X509_ALGOR_new);
M_ASN1_New(ret->enc_pkey, M_ASN1_OCTET_STRING_new);
ret->enc_algor = X509_ALGOR_new();
ret->enc_pkey = M_ASN1_OCTET_STRING_new();
ret->dec_pkey = NULL;
ret->key_length = 0;
ret->key_data = NULL;
@ -117,8 +121,15 @@ X509_PKEY *X509_PKEY_new(void)
ret->cipher.cipher = NULL;
memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
ret->references = 1;
return (ret);
M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
if (ret->enc_algor == NULL || ret->enc_pkey == NULL) {
c.line = __LINE__;
goto err;
}
return ret;
err:
X509_PKEY_free(ret);
ASN1_MAC_H_err(ASN1_F_X509_PKEY_NEW, ERR_R_MALLOC_FAILURE, c.line);
return NULL;
}
void X509_PKEY_free(X509_PKEY *x)

41
thirdparty/openssl/crypto/bio/b_dump.c vendored
View file

@ -64,7 +64,6 @@
#include "cryptlib.h"
#include "bio_lcl.h"
#define TRUNCATE
#define DUMP_WIDTH 16
#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4))
@ -79,17 +78,10 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
{
int ret = 0;
char buf[288 + 1], tmp[20], str[128 + 1];
int i, j, rows, trc;
int i, j, rows;
unsigned char ch;
int dump_width;
trc = 0;
#ifdef TRUNCATE
for (; (len > 0) && ((s[len - 1] == ' ') || (s[len - 1] == '\0')); len--)
trc++;
#endif
if (indent < 0)
indent = 0;
if (indent) {
@ -104,50 +96,43 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
if ((rows * dump_width) < len)
rows++;
for (i = 0; i < rows; i++) {
BUF_strlcpy(buf, str, sizeof buf);
BIO_snprintf(tmp, sizeof tmp, "%04x - ", i * dump_width);
BUF_strlcat(buf, tmp, sizeof buf);
BUF_strlcpy(buf, str, sizeof(buf));
BIO_snprintf(tmp, sizeof(tmp), "%04x - ", i * dump_width);
BUF_strlcat(buf, tmp, sizeof(buf));
for (j = 0; j < dump_width; j++) {
if (((i * dump_width) + j) >= len) {
BUF_strlcat(buf, " ", sizeof buf);
BUF_strlcat(buf, " ", sizeof(buf));
} else {
ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
BIO_snprintf(tmp, sizeof tmp, "%02x%c", ch,
BIO_snprintf(tmp, sizeof(tmp), "%02x%c", ch,
j == 7 ? '-' : ' ');
BUF_strlcat(buf, tmp, sizeof buf);
BUF_strlcat(buf, tmp, sizeof(buf));
}
}
BUF_strlcat(buf, " ", sizeof buf);
BUF_strlcat(buf, " ", sizeof(buf));
for (j = 0; j < dump_width; j++) {
if (((i * dump_width) + j) >= len)
break;
ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
#ifndef CHARSET_EBCDIC
BIO_snprintf(tmp, sizeof tmp, "%c",
BIO_snprintf(tmp, sizeof(tmp), "%c",
((ch >= ' ') && (ch <= '~')) ? ch : '.');
#else
BIO_snprintf(tmp, sizeof tmp, "%c",
BIO_snprintf(tmp, sizeof(tmp), "%c",
((ch >= os_toascii[' ']) && (ch <= os_toascii['~']))
? os_toebcdic[ch]
: '.');
#endif
BUF_strlcat(buf, tmp, sizeof buf);
BUF_strlcat(buf, tmp, sizeof(buf));
}
BUF_strlcat(buf, "\n", sizeof buf);
BUF_strlcat(buf, "\n", sizeof(buf));
/*
* if this is the last call then update the ddt_dump thing so that we
* will move the selection point in the debug window
*/
ret += cb((void *)buf, strlen(buf), u);
}
#ifdef TRUNCATE
if (trc > 0) {
BIO_snprintf(buf, sizeof buf, "%s%04x - <SPACES/NULS>\n", str,
len + trc);
ret += cb((void *)buf, strlen(buf), u);
}
#endif
return (ret);
return ret;
}
#ifndef OPENSSL_NO_FP_API

8
thirdparty/openssl/crypto/bio/b_print.c vendored
View file

@ -385,7 +385,7 @@ _dopr(char **sbuffer,
if (cflags == DP_C_SHORT) {
short int *num;
num = va_arg(args, short int *);
*num = currlen;
*num = (short int)currlen;
} else if (cflags == DP_C_LONG) { /* XXX */
long int *num;
num = va_arg(args, long int *);
@ -502,7 +502,7 @@ fmtint(char **sbuffer,
if (!(flags & DP_F_UNSIGNED)) {
if (value < 0) {
signvalue = '-';
uvalue = -(unsigned LLONG)value;
uvalue = 0 - (unsigned LLONG)value;
} else if (flags & DP_F_PLUS)
signvalue = '+';
else if (flags & DP_F_SPACE)
@ -663,7 +663,7 @@ fmtfp(char **sbuffer,
iconvert[iplace++] = "0123456789"[intpart % 10];
intpart = (intpart / 10);
} while (intpart && (iplace < (int)sizeof(iconvert)));
if (iplace == sizeof iconvert)
if (iplace == sizeof(iconvert))
iplace--;
iconvert[iplace] = 0;
@ -672,7 +672,7 @@ fmtfp(char **sbuffer,
fconvert[fplace++] = "0123456789"[fracpart % 10];
fracpart = (fracpart / 10);
} while (fplace < max);
if (fplace == sizeof fconvert)
if (fplace == sizeof(fconvert))
fplace--;
fconvert[fplace] = 0;

2
thirdparty/openssl/crypto/bio/bio_cb.c vendored
View file

@ -76,7 +76,7 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
if (BIO_CB_RETURN & cmd)
r = ret;
len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio);
len = BIO_snprintf(buf,sizeof(buf),"BIO[%p]: ",(void *)bio);
/* Ignore errors and continue printing the other information. */
if (len < 0)

2
thirdparty/openssl/crypto/bio/bss_bio.c vendored
View file

@ -144,7 +144,7 @@ static int bio_new(BIO *bio)
{
struct bio_bio_st *b;
b = OPENSSL_malloc(sizeof *b);
b = OPENSSL_malloc(sizeof(*b));
if (b == NULL)
return 0;

4
thirdparty/openssl/crypto/bio/bss_conn.c vendored
View file

@ -481,7 +481,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
char buf[16];
unsigned char *p = ptr;
BIO_snprintf(buf, sizeof buf, "%d.%d.%d.%d",
BIO_snprintf(buf, sizeof(buf), "%d.%d.%d.%d",
p[0], p[1], p[2], p[3]);
if (data->param_hostname != NULL)
OPENSSL_free(data->param_hostname);
@ -490,7 +490,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
} else if (num == 3) {
char buf[DECIMAL_SIZE(int) + 1];
BIO_snprintf(buf, sizeof buf, "%d", *(int *)ptr);
BIO_snprintf(buf, sizeof(buf), "%d", *(int *)ptr);
if (data->param_port != NULL)
OPENSSL_free(data->param_port);
data->param_port = BUF_strdup(buf);

10
thirdparty/openssl/crypto/bio/bss_file.c vendored
View file

@ -375,15 +375,15 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
b->shutdown = (int)num & BIO_CLOSE;
if (num & BIO_FP_APPEND) {
if (num & BIO_FP_READ)
BUF_strlcpy(p, "a+", sizeof p);
BUF_strlcpy(p, "a+", sizeof(p));
else
BUF_strlcpy(p, "a", sizeof p);
BUF_strlcpy(p, "a", sizeof(p));
} else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
BUF_strlcpy(p, "r+", sizeof p);
BUF_strlcpy(p, "r+", sizeof(p));
else if (num & BIO_FP_WRITE)
BUF_strlcpy(p, "w", sizeof p);
BUF_strlcpy(p, "w", sizeof(p));
else if (num & BIO_FP_READ)
BUF_strlcpy(p, "r", sizeof p);
BUF_strlcpy(p, "r", sizeof(p));
else {
BIOerr(BIO_F_FILE_CTRL, BIO_R_BAD_FOPEN_MODE);
ret = 0;

38
thirdparty/openssl/crypto/bn/bn_exp.c vendored
View file

@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -145,10 +145,11 @@ int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
int i, bits, ret = 0;
BIGNUM *v, *rr;
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0
|| BN_get_flags(a, BN_FLG_CONSTTIME) != 0) {
/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
BNerr(BN_F_BN_EXP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return -1;
return 0;
}
BN_CTX_start(ctx);
@ -245,7 +246,9 @@ int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
if (BN_is_odd(m)) {
# ifdef MONT_EXP_WORD
if (a->top == 1 && !a->neg
&& (BN_get_flags(p, BN_FLG_CONSTTIME) == 0)) {
&& (BN_get_flags(p, BN_FLG_CONSTTIME) == 0)
&& (BN_get_flags(a, BN_FLG_CONSTTIME) == 0)
&& (BN_get_flags(m, BN_FLG_CONSTTIME) == 0)) {
BN_ULONG A = a->d[0];
ret = BN_mod_exp_mont_word(r, A, p, m, ctx, NULL);
} else
@ -277,10 +280,12 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
BIGNUM *val[TABLE_SIZE];
BN_RECP_CTX recp;
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0
|| BN_get_flags(a, BN_FLG_CONSTTIME) != 0
|| BN_get_flags(m, BN_FLG_CONSTTIME) != 0) {
/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
BNerr(BN_F_BN_MOD_EXP_RECP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return -1;
return 0;
}
bits = BN_num_bits(p);
@ -411,7 +416,9 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
BIGNUM *val[TABLE_SIZE];
BN_MONT_CTX *mont = NULL;
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0
|| BN_get_flags(a, BN_FLG_CONSTTIME) != 0
|| BN_get_flags(m, BN_FLG_CONSTTIME) != 0) {
return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont);
}
@ -720,7 +727,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
top = m->top;
bits = BN_num_bits(p);
/*
* Use all bits stored in |p|, rather than |BN_num_bits|, so we do not leak
* whether the top bits are zero.
*/
bits = p->top * BN_BITS2;
if (bits == 0) {
/* x**0 mod 1 is still zero. */
if (BN_is_one(m)) {
@ -1217,10 +1228,11 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
#define BN_TO_MONTGOMERY_WORD(r, w, mont) \
(BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0
|| BN_get_flags(m, BN_FLG_CONSTTIME) != 0) {
/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
BNerr(BN_F_BN_MOD_EXP_MONT_WORD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return -1;
return 0;
}
bn_check_top(p);
@ -1348,10 +1360,12 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
/* Table of variables obtained from 'ctx' */
BIGNUM *val[TABLE_SIZE];
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0
|| BN_get_flags(a, BN_FLG_CONSTTIME) != 0
|| BN_get_flags(m, BN_FLG_CONSTTIME) != 0) {
/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
BNerr(BN_F_BN_MOD_EXP_SIMPLE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return -1;
return 0;
}
bits = BN_num_bits(p);

105
thirdparty/openssl/crypto/bn/bn_lib.c vendored
View file

@ -144,74 +144,47 @@ const BIGNUM *BN_value_one(void)
int BN_num_bits_word(BN_ULONG l)
{
static const unsigned char bits[256] = {
0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
};
BN_ULONG x, mask;
int bits = (l != 0);
#if defined(SIXTY_FOUR_BIT_LONG)
if (l & 0xffffffff00000000L) {
if (l & 0xffff000000000000L) {
if (l & 0xff00000000000000L) {
return (bits[(int)(l >> 56)] + 56);
} else
return (bits[(int)(l >> 48)] + 48);
} else {
if (l & 0x0000ff0000000000L) {
return (bits[(int)(l >> 40)] + 40);
} else
return (bits[(int)(l >> 32)] + 32);
}
} else
#else
# ifdef SIXTY_FOUR_BIT
if (l & 0xffffffff00000000LL) {
if (l & 0xffff000000000000LL) {
if (l & 0xff00000000000000LL) {
return (bits[(int)(l >> 56)] + 56);
} else
return (bits[(int)(l >> 48)] + 48);
} else {
if (l & 0x0000ff0000000000LL) {
return (bits[(int)(l >> 40)] + 40);
} else
return (bits[(int)(l >> 32)] + 32);
}
} else
# endif
#if BN_BITS2 > 32
x = l >> 32;
mask = (0 - x) & BN_MASK2;
mask = (0 - (mask >> (BN_BITS2 - 1)));
bits += 32 & mask;
l ^= (x ^ l) & mask;
#endif
{
#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
if (l & 0xffff0000L) {
if (l & 0xff000000L)
return (bits[(int)(l >> 24L)] + 24);
else
return (bits[(int)(l >> 16L)] + 16);
} else
#endif
{
#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
if (l & 0xff00L)
return (bits[(int)(l >> 8)] + 8);
else
#endif
return (bits[(int)(l)]);
}
}
x = l >> 16;
mask = (0 - x) & BN_MASK2;
mask = (0 - (mask >> (BN_BITS2 - 1)));
bits += 16 & mask;
l ^= (x ^ l) & mask;
x = l >> 8;
mask = (0 - x) & BN_MASK2;
mask = (0 - (mask >> (BN_BITS2 - 1)));
bits += 8 & mask;
l ^= (x ^ l) & mask;
x = l >> 4;
mask = (0 - x) & BN_MASK2;
mask = (0 - (mask >> (BN_BITS2 - 1)));
bits += 4 & mask;
l ^= (x ^ l) & mask;
x = l >> 2;
mask = (0 - x) & BN_MASK2;
mask = (0 - (mask >> (BN_BITS2 - 1)));
bits += 2 & mask;
l ^= (x ^ l) & mask;
x = l >> 1;
mask = (0 - x) & BN_MASK2;
mask = (0 - (mask >> (BN_BITS2 - 1)));
bits += 1 & mask;
return bits;
}
int BN_num_bits(const BIGNUM *a)

82
thirdparty/openssl/crypto/bn/bn_mont.c vendored
View file

@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -207,26 +207,13 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
r->top = max;
n0 = mont->n0[0];
# ifdef BN_COUNT
fprintf(stderr, "word BN_from_montgomery_word %d * %d\n", nl, nl);
# endif
/*
* Add multiples of |n| to |r| until R = 2^(nl * BN_BITS2) divides it. On
* input, we had |r| < |n| * R, so now |r| < 2 * |n| * R. Note that |r|
* includes |carry| which is stored separately.
*/
for (carry = 0, i = 0; i < nl; i++, rp++) {
# ifdef __TANDEM
{
long long t1;
long long t2;
long long t3;
t1 = rp[0] * (n0 & 0177777);
t2 = 037777600000l;
t2 = n0 & t2;
t3 = rp[0] & 0177777;
t2 = (t3 * t2) & BN_MASK2;
t1 = t1 + t2;
v = bn_mul_add_words(rp, np, nl, (BN_ULONG)t1);
}
# else
v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
# endif
v = (v + carry + rp[nl]) & BN_MASK2;
carry |= (v != rp[nl]);
carry &= (v <= rp[nl]);
@ -239,46 +226,24 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
ret->neg = r->neg;
rp = ret->d;
/*
* Shift |nl| words to divide by R. We have |ap| < 2 * |n|. Note that |ap|
* includes |carry| which is stored separately.
*/
ap = &(r->d[nl]);
# define BRANCH_FREE 1
# if BRANCH_FREE
{
BN_ULONG *nrp;
size_t m;
v = bn_sub_words(rp, ap, np, nl) - carry;
/*
* if subtraction result is real, then trick unconditional memcpy
* below to perform in-place "refresh" instead of actual copy.
*/
m = (0 - (size_t)v);
nrp =
(BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m));
for (i = 0, nl -= 4; i < nl; i += 4) {
BN_ULONG t1, t2, t3, t4;
t1 = nrp[i + 0];
t2 = nrp[i + 1];
t3 = nrp[i + 2];
ap[i + 0] = 0;
t4 = nrp[i + 3];
ap[i + 1] = 0;
rp[i + 0] = t1;
ap[i + 2] = 0;
rp[i + 1] = t2;
ap[i + 3] = 0;
rp[i + 2] = t3;
rp[i + 3] = t4;
}
for (nl += 4; i < nl; i++)
rp[i] = nrp[i], ap[i] = 0;
/*
* |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v|
* cannot be -1. That would imply the subtraction did not fit in |nl| words,
* and we know at most one subtraction is needed.
*/
v = bn_sub_words(rp, ap, np, nl) - carry;
v = 0 - v;
for (i = 0; i < nl; i++) {
rp[i] = (v & ap[i]) | (~v & rp[i]);
ap[i] = 0;
}
# else
if (bn_sub_words(rp, ap, np, nl) - carry)
memcpy(rp, ap, nl * sizeof(BN_ULONG));
# endif
bn_correct_top(r);
bn_correct_top(ret);
bn_check_top(ret);
@ -382,6 +347,8 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
R = &(mont->RR); /* grab RR as a temp */
if (!BN_copy(&(mont->N), mod))
goto err; /* Set N */
if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
BN_set_flags(&(mont->N), BN_FLG_CONSTTIME);
mont->N.neg = 0;
#ifdef MONT_WORD
@ -394,6 +361,9 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
tmod.dmax = 2;
tmod.neg = 0;
if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
BN_set_flags(&tmod, BN_FLG_CONSTTIME);
mont->ri = (BN_num_bits(mod) + (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
# if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)

40
thirdparty/openssl/crypto/bn/bn_mul.c vendored
View file

@ -1032,46 +1032,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
rr->top = top;
goto end;
}
# if 0
if (i == 1 && !BN_get_flags(b, BN_FLG_STATIC_DATA)) {
BIGNUM *tmp_bn = (BIGNUM *)b;
if (bn_wexpand(tmp_bn, al) == NULL)
goto err;
tmp_bn->d[bl] = 0;
bl++;
i--;
} else if (i == -1 && !BN_get_flags(a, BN_FLG_STATIC_DATA)) {
BIGNUM *tmp_bn = (BIGNUM *)a;
if (bn_wexpand(tmp_bn, bl) == NULL)
goto err;
tmp_bn->d[al] = 0;
al++;
i++;
}
if (i == 0) {
/* symmetric and > 4 */
/* 16 or larger */
j = BN_num_bits_word((BN_ULONG)al);
j = 1 << (j - 1);
k = j + j;
t = BN_CTX_get(ctx);
if (al == j) { /* exact multiple */
if (bn_wexpand(t, k * 2) == NULL)
goto err;
if (bn_wexpand(rr, k * 2) == NULL)
goto err;
bn_mul_recursive(rr->d, a->d, b->d, al, t->d);
} else {
if (bn_wexpand(t, k * 4) == NULL)
goto err;
if (bn_wexpand(rr, k * 4) == NULL)
goto err;
bn_mul_part_recursive(rr->d, a->d, b->d, al - j, j, t->d);
}
rr->top = top;
goto end;
}
# endif
}
#endif /* BN_RECURSION */
if (bn_wexpand(rr, top) == NULL)

4
thirdparty/openssl/crypto/bn/bn_print.c vendored
View file

@ -391,10 +391,10 @@ char *BN_options(void)
if (!init) {
init++;
#ifdef BN_LLONG
BIO_snprintf(data, sizeof data, "bn(%d,%d)",
BIO_snprintf(data, sizeof(data), "bn(%d,%d)",
(int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
#else
BIO_snprintf(data, sizeof data, "bn(%d,%d)",
BIO_snprintf(data, sizeof(data), "bn(%d,%d)",
(int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
#endif
}

8
thirdparty/openssl/crypto/bn/bn_x931p.c vendored
View file

@ -217,6 +217,8 @@ int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
BN_CTX_start(ctx);
t = BN_CTX_get(ctx);
if (t == NULL)
goto err;
for (i = 0; i < 1000; i++) {
if (!BN_rand(Xq, nbits, 1, 0))
@ -255,10 +257,12 @@ int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
int ret = 0;
BN_CTX_start(ctx);
if (!Xp1)
if (Xp1 == NULL)
Xp1 = BN_CTX_get(ctx);
if (!Xp2)
if (Xp2 == NULL)
Xp2 = BN_CTX_get(ctx);
if (Xp1 == NULL || Xp2 == NULL)
goto error;
if (!BN_rand(Xp1, 101, 0, 0))
goto error;

2
thirdparty/openssl/crypto/bn/expspeed.c vendored
View file

@ -198,7 +198,7 @@ static int mul_c[NUM_SIZES] =
* static int sizes[NUM_SIZES]={59,179,299,419,539};
*/
#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); }
#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof(str)); }
void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx);

2
thirdparty/openssl/crypto/conf/conf_def.c vendored
View file

@ -423,7 +423,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
OPENSSL_free(section);
if (line != NULL)
*line = eline;
BIO_snprintf(btmp, sizeof btmp, "%ld", eline);
BIO_snprintf(btmp, sizeof(btmp), "%ld", eline);
ERR_add_error_data(2, "line ", btmp);
if ((h != conf->data) && (conf->data != NULL)) {
CONF_free(conf->data);

2
thirdparty/openssl/crypto/conf/conf_mod.c vendored
View file

@ -221,7 +221,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
if (!(flags & CONF_MFLAGS_SILENT)) {
char rcode[DECIMAL_SIZE(ret) + 1];
CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
BIO_snprintf(rcode, sizeof(rcode), "%-8d", ret);
ERR_add_error_data(6, "module=", name, ", value=", value,
", retcode=", rcode);
}

7
thirdparty/openssl/crypto/cryptlib.c vendored
View file

@ -469,11 +469,18 @@ void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr)
}
}
#ifdef OPENSSL_FIPS
extern int FIPS_crypto_threadid_set_callback(void (*func) (CRYPTO_THREADID *));
#endif
int CRYPTO_THREADID_set_callback(void (*func) (CRYPTO_THREADID *))
{
if (threadid_callback)
return 0;
threadid_callback = func;
#ifdef OPENSSL_FIPS
FIPS_crypto_threadid_set_callback(func);
#endif
return 1;
}

2
thirdparty/openssl/crypto/des/ecb_enc.c vendored
View file

@ -96,7 +96,7 @@ const char *DES_options(void)
size = "int";
else
size = "long";
BIO_snprintf(buf, sizeof buf, "des(%s,%s,%s,%s)", ptr, risc, unroll,
BIO_snprintf(buf, sizeof(buf), "des(%s,%s,%s,%s)", ptr, risc, unroll,
size);
init = 0;
}

4
thirdparty/openssl/crypto/des/fcrypt.c vendored
View file

@ -80,10 +80,10 @@ char *DES_crypt(const char *buf, const char *salt)
e_salt[sizeof(e_salt) - 1] = e_buf[sizeof(e_buf) - 1] = '\0';
/* Convert the e_salt to ASCII, as that's what DES_fcrypt works on */
ebcdic2ascii(e_salt, e_salt, sizeof e_salt);
ebcdic2ascii(e_salt, e_salt, sizeof(e_salt));
/* Convert the cleartext password to ASCII */
ebcdic2ascii(e_buf, e_buf, sizeof e_buf);
ebcdic2ascii(e_buf, e_buf, sizeof(e_buf));
/* Encrypt it (from/to ASCII) */
ret = DES_fcrypt(e_buf, e_salt, buff);

2
thirdparty/openssl/crypto/des/read_pwd.c vendored
View file

@ -434,7 +434,7 @@ static void pushsig(void)
# ifdef SIGACTION
struct sigaction sa;
memset(&sa, 0, sizeof sa);
memset(&sa, 0, sizeof(sa));
sa.sa_handler = recsig;
# endif

2
thirdparty/openssl/crypto/des/set_key.c vendored
View file

@ -377,7 +377,7 @@ void private_DES_set_key_unchecked(const_DES_cblock *key,
register int i;
#ifdef OPENBSD_DEV_CRYPTO
memcpy(schedule->key, key, sizeof schedule->key);
memcpy(schedule->key, key, sizeof(schedule->key));
schedule->session = NULL;
#endif
k = &schedule->ks->deslong[0];

4
thirdparty/openssl/crypto/dh/dh_kdf.c vendored
View file

@ -51,6 +51,9 @@
* ====================================================================
*/
#include <e_os.h>
#ifndef OPENSSL_NO_CMS
#include <string.h>
#include <openssl/dh.h>
#include <openssl/evp.h>
@ -185,3 +188,4 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen,
EVP_MD_CTX_cleanup(&mctx);
return rv;
}
#endif

9
thirdparty/openssl/crypto/dh/dh_pmeth.c vendored
View file

@ -207,7 +207,11 @@ static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
case EVP_PKEY_CTRL_DH_KDF_TYPE:
if (p1 == -2)
return dctx->kdf_type;
#ifdef OPENSSL_NO_CMS
if (p1 != EVP_PKEY_DH_KDF_NONE)
#else
if (p1 != EVP_PKEY_DH_KDF_NONE && p1 != EVP_PKEY_DH_KDF_X9_42)
#endif
return -2;
dctx->kdf_type = p1;
return 1;
@ -448,7 +452,9 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
return ret;
*keylen = ret;
return 1;
} else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
}
#ifndef OPENSSL_NO_CMS
else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
unsigned char *Z = NULL;
size_t Zlen = 0;
if (!dctx->kdf_outlen || !dctx->kdf_oid)
@ -479,6 +485,7 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
}
return ret;
}
#endif
return 1;
}

9
thirdparty/openssl/crypto/dsa/dsa_ameth.c vendored
View file

@ -133,6 +133,7 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
unsigned char *penc = NULL;
int penclen;
ASN1_STRING *str = NULL;
ASN1_OBJECT *aobj;
dsa = pkey->pkey.dsa;
if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
@ -159,8 +160,11 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
goto err;
}
if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
ptype, str, penc, penclen))
aobj = OBJ_nid2obj(EVP_PKEY_DSA);
if (aobj == NULL)
goto err;
if (X509_PUBKEY_set0_param(pk, aobj, ptype, str, penc, penclen))
return 1;
err:
@ -258,6 +262,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
goto dsaerr;
}
BN_set_flags(dsa->priv_key, BN_FLG_CONSTTIME);
if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
goto dsaerr;

2
thirdparty/openssl/crypto/dsa/dsa_gen.c vendored
View file

@ -482,6 +482,8 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
} else {
p = BN_CTX_get(ctx);
q = BN_CTX_get(ctx);
if (q == NULL)
goto err;
}
if (!BN_lshift(test, BN_value_one(), L - 1))

44
thirdparty/openssl/crypto/dsa/dsa_ossl.c vendored
View file

@ -224,7 +224,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
{
BN_CTX *ctx;
BIGNUM k, kq, *K, *kinv = NULL, *r = NULL;
BIGNUM l, m;
int ret = 0;
int q_bits;
if (!dsa->p || !dsa->q || !dsa->g) {
DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_MISSING_PARAMETERS);
@ -233,6 +235,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
BN_init(&k);
BN_init(&kq);
BN_init(&l);
BN_init(&m);
if (ctx_in == NULL) {
if ((ctx = BN_CTX_new()) == NULL)
@ -243,6 +247,13 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
if ((r = BN_new()) == NULL)
goto err;
/* Preallocate space */
q_bits = BN_num_bits(dsa->q);
if (!BN_set_bit(&k, q_bits)
|| !BN_set_bit(&l, q_bits)
|| !BN_set_bit(&m, q_bits))
goto err;
/* Get random k */
do
if (!BN_rand_range(&k, dsa->q))
@ -263,25 +274,24 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
/* Compute r = (g^k mod p) mod q */
if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
if (!BN_copy(&kq, &k))
/*
* We do not want timing information to leak the length of k, so we
* compute G^k using an equivalent scalar of fixed bit-length.
*
* We unconditionally perform both of these additions to prevent a
* small timing information leakage. We then choose the sum that is
* one bit longer than the modulus.
*
* TODO: revisit the BN_copy aiming for a memory access agnostic
* conditional copy.
*/
if (!BN_add(&l, &k, dsa->q)
|| !BN_add(&m, &l, dsa->q)
|| !BN_copy(&kq, BN_num_bits(&l) > q_bits ? &l : &m))
goto err;
BN_set_flags(&kq, BN_FLG_CONSTTIME);
/*
* We do not want timing information to leak the length of k, so we
* compute g^k using an equivalent exponent of fixed length. (This
* is a kludge that we need because the BN_mod_exp_mont() does not
* let us specify the desired timing behaviour.)
*/
if (!BN_add(&kq, &kq, dsa->q))
goto err;
if (BN_num_bits(&kq) <= BN_num_bits(dsa->q)) {
if (!BN_add(&kq, &kq, dsa->q))
goto err;
}
K = &kq;
} else {
K = &k;
@ -314,7 +324,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
BN_CTX_free(ctx);
BN_clear_free(&k);
BN_clear_free(&kq);
return (ret);
BN_clear_free(&l);
BN_clear_free(&m);
return ret;
}
static int dsa_do_verify(const unsigned char *dgst, int dgst_len,

10
thirdparty/openssl/crypto/ec/ec_lib.c vendored
View file

@ -85,7 +85,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
return NULL;
}
ret = OPENSSL_malloc(sizeof *ret);
ret = OPENSSL_malloc(sizeof(*ret));
if (ret == NULL) {
ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
@ -164,7 +164,7 @@ void EC_GROUP_clear_free(EC_GROUP *group)
OPENSSL_free(group->seed);
}
OPENSSL_cleanse(group, sizeof *group);
OPENSSL_cleanse(group, sizeof(*group));
OPENSSL_free(group);
}
@ -575,7 +575,7 @@ int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data,
/* no explicit entry needed */
return 1;
d = OPENSSL_malloc(sizeof *d);
d = OPENSSL_malloc(sizeof(*d));
if (d == NULL)
return 0;
@ -712,7 +712,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group)
return NULL;
}
ret = OPENSSL_malloc(sizeof *ret);
ret = OPENSSL_malloc(sizeof(*ret));
if (ret == NULL) {
ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
@ -747,7 +747,7 @@ void EC_POINT_clear_free(EC_POINT *point)
point->meth->point_clear_finish(point);
else if (point->meth->point_finish != 0)
point->meth->point_finish(point);
OPENSSL_cleanse(point, sizeof *point);
OPENSSL_cleanse(point, sizeof(*point));
OPENSSL_free(point);
}

16
thirdparty/openssl/crypto/ec/ec_mult.c vendored
View file

@ -169,11 +169,11 @@ static void ec_pre_comp_clear_free(void *pre_)
for (p = pre->points; *p != NULL; p++) {
EC_POINT_clear_free(*p);
OPENSSL_cleanse(p, sizeof *p);
OPENSSL_cleanse(p, sizeof(*p));
}
OPENSSL_free(pre->points);
}
OPENSSL_cleanse(pre, sizeof *pre);
OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre);
}
@ -430,11 +430,11 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
totalnum = num + numblocks;
wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]);
wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]);
wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space
* for pivot */
val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]);
wsize = OPENSSL_malloc(totalnum * sizeof(wsize[0]));
wNAF_len = OPENSSL_malloc(totalnum * sizeof(wNAF_len[0]));
/* include space for pivot */
wNAF = OPENSSL_malloc((totalnum + 1) * sizeof(wNAF[0]));
val_sub = OPENSSL_malloc(totalnum * sizeof(val_sub[0]));
/* Ensure wNAF is initialised in case we end up going to err */
if (wNAF)
@ -580,7 +580,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
* 'val_sub[i]' is a pointer to the subarray for the i-th point, or to a
* subarray of 'pre_comp->points' if we already have precomputation.
*/
val = OPENSSL_malloc((num_val + 1) * sizeof val[0]);
val = OPENSSL_malloc((num_val + 1) * sizeof(val[0]));
if (val == NULL) {
ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
goto err;

2
thirdparty/openssl/crypto/ec/ecp_mont.c vendored
View file

@ -247,6 +247,8 @@ int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p,
BN_CTX_free(new_ctx);
if (mont != NULL)
BN_MONT_CTX_free(mont);
if (one != NULL)
BN_free(one);
return ret;
}

18
thirdparty/openssl/crypto/ec/ecp_nistp224.c vendored
View file

@ -48,7 +48,6 @@ typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit
typedef uint8_t u8;
typedef uint64_t u64;
typedef int64_t s64;
/******************************************************************************/
/*-
@ -351,9 +350,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
unsigned num_bytes;
/* BN_bn2bin eats leading zeroes */
memset(b_out, 0, sizeof b_out);
memset(b_out, 0, sizeof(b_out));
num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof b_out) {
if (num_bytes > sizeof(b_out)) {
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
return 0;
}
@ -372,8 +371,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
{
felem_bytearray b_in, b_out;
felem_to_bin28(b_in, in);
flip_endian(b_out, b_in, sizeof b_out);
return BN_bin2bn(b_out, sizeof b_out, out);
flip_endian(b_out, b_in, sizeof(b_out));
return BN_bin2bn(b_out, sizeof(b_out), out);
}
/******************************************************************************/
@ -716,7 +715,7 @@ static limb felem_is_zero(const felem in)
return (zero | two224m96p1 | two225m97p2);
}
static limb felem_is_zero_int(const felem in)
static int felem_is_zero_int(const void *in)
{
return (int)(felem_is_zero(in) & ((limb) 1));
}
@ -1234,7 +1233,7 @@ static void batch_mul(felem x_out, felem y_out, felem z_out,
static NISTP224_PRE_COMP *nistp224_pre_comp_new()
{
NISTP224_PRE_COMP *ret = NULL;
ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof(*ret));
if (!ret) {
ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
return ret;
@ -1281,7 +1280,7 @@ static void nistp224_pre_comp_clear_free(void *pre_)
if (i > 0)
return;
OPENSSL_cleanse(pre, sizeof *pre);
OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre);
}
@ -1391,7 +1390,6 @@ static void make_points_affine(size_t num, felem points[ /* num */ ][3],
sizeof(felem),
tmp_felems,
(void (*)(void *))felem_one,
(int (*)(const void *))
felem_is_zero_int,
(void (*)(void *, const void *))
felem_assign,
@ -1569,7 +1567,7 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
/* the scalar for the generator */
if ((scalar != NULL) && (have_pre_comp)) {
memset(g_secret, 0, sizeof g_secret);
memset(g_secret, 0, sizeof(g_secret));
/* reduce scalar to 0 <= scalar < 2^224 */
if ((BN_num_bits(scalar) > 224) || (BN_is_negative(scalar))) {
/*

44
thirdparty/openssl/crypto/ec/ecp_nistp256.c vendored
View file

@ -51,7 +51,6 @@ typedef __int128_t int128_t;
typedef uint8_t u8;
typedef uint32_t u32;
typedef uint64_t u64;
typedef int64_t s64;
/*
* The underlying field. P256 operates over GF(2^256-2^224+2^192+2^96-1). We
@ -161,9 +160,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
unsigned num_bytes;
/* BN_bn2bin eats leading zeroes */
memset(b_out, 0, sizeof b_out);
memset(b_out, 0, sizeof(b_out));
num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof b_out) {
if (num_bytes > sizeof(b_out)) {
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
return 0;
}
@ -182,8 +181,8 @@ static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in)
{
felem_bytearray b_in, b_out;
smallfelem_to_bin32(b_in, in);
flip_endian(b_out, b_in, sizeof b_out);
return BN_bin2bn(b_out, sizeof b_out, out);
flip_endian(b_out, b_in, sizeof(b_out));
return BN_bin2bn(b_out, sizeof(b_out), out);
}
/*-
@ -392,7 +391,7 @@ static void felem_shrink(smallfelem out, const felem in)
{
felem tmp;
u64 a, b, mask;
s64 high, low;
u64 high, low;
static const u64 kPrime3Test = 0x7fffffff00000001ul; /* 2^63 - 2^32 + 1 */
/* Carry 2->3 */
@ -433,29 +432,31 @@ static void felem_shrink(smallfelem out, const felem in)
* In order to make space in tmp[3] for the carry from 2 -> 3, we
* conditionally subtract kPrime if tmp[3] is large enough.
*/
high = tmp[3] >> 64;
high = (u64)(tmp[3] >> 64);
/* As tmp[3] < 2^65, high is either 1 or 0 */
high <<= 63;
high >>= 63;
high = 0 - high;
/*-
* high is:
* all ones if the high word of tmp[3] is 1
* all zeros if the high word of tmp[3] if 0 */
low = tmp[3];
mask = low >> 63;
* all zeros if the high word of tmp[3] if 0
*/
low = (u64)tmp[3];
mask = 0 - (low >> 63);
/*-
* mask is:
* all ones if the MSB of low is 1
* all zeros if the MSB of low if 0 */
* all zeros if the MSB of low if 0
*/
low &= bottom63bits;
low -= kPrime3Test;
/* if low was greater than kPrime3Test then the MSB is zero */
low = ~low;
low >>= 63;
low = 0 - (low >> 63);
/*-
* low is:
* all ones if low was > kPrime3Test
* all zeros if low was <= kPrime3Test */
* all zeros if low was <= kPrime3Test
*/
mask = (mask & low) | high;
tmp[0] -= mask & kPrime[0];
tmp[1] -= mask & kPrime[1];
@ -889,7 +890,7 @@ static void felem_contract(smallfelem out, const felem in)
equal &= equal << 4;
equal &= equal << 2;
equal &= equal << 1;
equal = ((s64) equal) >> 63;
equal = 0 - (equal >> 63);
all_equal_so_far &= equal;
}
@ -956,7 +957,7 @@ static limb smallfelem_is_zero(const smallfelem small)
is_zero &= is_zero << 4;
is_zero &= is_zero << 2;
is_zero &= is_zero << 1;
is_zero = ((s64) is_zero) >> 63;
is_zero = 0 - (is_zero >> 63);
is_p = (small[0] ^ kPrime[0]) |
(small[1] ^ kPrime[1]) |
@ -968,7 +969,7 @@ static limb smallfelem_is_zero(const smallfelem small)
is_p &= is_p << 4;
is_p &= is_p << 2;
is_p &= is_p << 1;
is_p = ((s64) is_p) >> 63;
is_p = 0 - (is_p >> 63);
is_zero |= is_p;
@ -977,7 +978,7 @@ static limb smallfelem_is_zero(const smallfelem small)
return result;
}
static int smallfelem_is_zero_int(const smallfelem small)
static int smallfelem_is_zero_int(const void *small)
{
return (int)(smallfelem_is_zero(small) & ((limb) 1));
}
@ -1820,7 +1821,7 @@ const EC_METHOD *EC_GFp_nistp256_method(void)
static NISTP256_PRE_COMP *nistp256_pre_comp_new()
{
NISTP256_PRE_COMP *ret = NULL;
ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof(*ret));
if (!ret) {
ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
return ret;
@ -1867,7 +1868,7 @@ static void nistp256_pre_comp_clear_free(void *pre_)
if (i > 0)
return;
OPENSSL_cleanse(pre, sizeof *pre);
OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre);
}
@ -1979,7 +1980,6 @@ static void make_points_affine(size_t num, smallfelem points[][3],
sizeof(smallfelem),
tmp_smallfelems,
(void (*)(void *))smallfelem_one,
(int (*)(const void *))
smallfelem_is_zero_int,
(void (*)(void *, const void *))
smallfelem_assign,

20
thirdparty/openssl/crypto/ec/ecp_nistp521.c vendored
View file

@ -49,7 +49,6 @@ typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit
typedef uint8_t u8;
typedef uint64_t u64;
typedef int64_t s64;
/*
* The underlying field. P521 operates over GF(2^521-1). We can serialise an
@ -185,9 +184,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
unsigned num_bytes;
/* BN_bn2bin eats leading zeroes */
memset(b_out, 0, sizeof b_out);
memset(b_out, 0, sizeof(b_out));
num_bytes = BN_num_bytes(bn);
if (num_bytes > sizeof b_out) {
if (num_bytes > sizeof(b_out)) {
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
return 0;
}
@ -206,8 +205,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
{
felem_bytearray b_in, b_out;
felem_to_bin66(b_in, in);
flip_endian(b_out, b_in, sizeof b_out);
return BN_bin2bn(b_out, sizeof b_out, out);
flip_endian(b_out, b_in, sizeof(b_out));
return BN_bin2bn(b_out, sizeof(b_out), out);
}
/*-
@ -852,7 +851,7 @@ static limb felem_is_zero(const felem in)
* We know that ftmp[i] < 2^63, therefore the only way that the top bit
* can be set is if is_zero was 0 before the decrement.
*/
is_zero = ((s64) is_zero) >> 63;
is_zero = 0 - (is_zero >> 63);
is_p = ftmp[0] ^ kPrime[0];
is_p |= ftmp[1] ^ kPrime[1];
@ -865,13 +864,13 @@ static limb felem_is_zero(const felem in)
is_p |= ftmp[8] ^ kPrime[8];
is_p--;
is_p = ((s64) is_p) >> 63;
is_p = 0 - (is_p >> 63);
is_zero |= is_p;
return is_zero;
}
static int felem_is_zero_int(const felem in)
static int felem_is_zero_int(const void *in)
{
return (int)(felem_is_zero(in) & ((limb) 1));
}
@ -936,7 +935,7 @@ static void felem_contract(felem out, const felem in)
is_p &= is_p << 4;
is_p &= is_p << 2;
is_p &= is_p << 1;
is_p = ((s64) is_p) >> 63;
is_p = 0 - (is_p >> 63);
is_p = ~is_p;
/* is_p is 0 iff |out| == 2^521-1 and all ones otherwise */
@ -962,7 +961,7 @@ static void felem_contract(felem out, const felem in)
is_greater |= is_greater << 4;
is_greater |= is_greater << 2;
is_greater |= is_greater << 1;
is_greater = ((s64) is_greater) >> 63;
is_greater = 0 - (is_greater >> 63);
out[0] -= kPrime[0] & is_greater;
out[1] -= kPrime[1] & is_greater;
@ -1787,7 +1786,6 @@ static void make_points_affine(size_t num, felem points[][3],
sizeof(felem),
tmp_felems,
(void (*)(void *))felem_one,
(int (*)(const void *))
felem_is_zero_int,
(void (*)(void *, const void *))
felem_assign,

2
thirdparty/openssl/crypto/ec/ecp_nistz256.c vendored
View file

@ -1504,7 +1504,7 @@ static void ecp_nistz256_pre_comp_clear_free(void *pre_)
32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37);
OPENSSL_free(pre->precomp_storage);
}
OPENSSL_cleanse(pre, sizeof *pre);
OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre);
}

2
thirdparty/openssl/crypto/ec/ecp_smpl.c vendored
View file

@ -1270,7 +1270,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num,
if (tmp == NULL || tmp_Z == NULL)
goto err;
prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]);
prod_Z = OPENSSL_malloc(num * sizeof(prod_Z[0]));
if (prod_Z == NULL)
goto err;
for (i = 0; i < num; i++) {

9
thirdparty/openssl/crypto/ecdh/ech_lib.c vendored
View file

@ -225,9 +225,16 @@ ECDH_DATA *ecdh_check(EC_KEY *key)
*/
ecdh_data_free(ecdh_data);
ecdh_data = (ECDH_DATA *)data;
} else if (EC_KEY_get_key_method_data(key, ecdh_data_dup,
ecdh_data_free,
ecdh_data_free) != ecdh_data) {
/* Or an out of memory error in EC_KEY_insert_key_method_data. */
ecdh_data_free(ecdh_data);
return NULL;
}
} else
} else {
ecdh_data = (ECDH_DATA *)data;
}
#ifdef OPENSSL_FIPS
if (FIPS_mode() && !(ecdh_data->flags & ECDH_FLAG_FIPS_METHOD)
&& !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) {

9
thirdparty/openssl/crypto/ecdsa/ecs_lib.c vendored
View file

@ -203,9 +203,16 @@ ECDSA_DATA *ecdsa_check(EC_KEY *key)
*/
ecdsa_data_free(ecdsa_data);
ecdsa_data = (ECDSA_DATA *)data;
} else if (EC_KEY_get_key_method_data(key, ecdsa_data_dup,
ecdsa_data_free,
ecdsa_data_free) != ecdsa_data) {
/* Or an out of memory error in EC_KEY_insert_key_method_data. */
ecdsa_data_free(ecdsa_data);
return NULL;
}
} else
} else {
ecdsa_data = (ECDSA_DATA *)data;
}
#ifdef OPENSSL_FIPS
if (FIPS_mode() && !(ecdsa_data->flags & ECDSA_FLAG_FIPS_METHOD)
&& !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) {

24
thirdparty/openssl/crypto/ecdsa/ecs_ossl.c vendored
View file

@ -95,6 +95,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
EC_POINT *tmp_point = NULL;
const EC_GROUP *group;
int ret = 0;
int order_bits;
if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
@ -126,6 +127,13 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
goto err;
}
/* Preallocate space */
order_bits = BN_num_bits(order);
if (!BN_set_bit(k, order_bits)
|| !BN_set_bit(r, order_bits)
|| !BN_set_bit(X, order_bits))
goto err;
do {
/* get random k */
do
@ -139,13 +147,19 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
/*
* We do not want timing information to leak the length of k, so we
* compute G*k using an equivalent scalar of fixed bit-length.
*
* We unconditionally perform both of these additions to prevent a
* small timing information leakage. We then choose the sum that is
* one bit longer than the order. This guarantees the code
* path used in the constant time implementations elsewhere.
*
* TODO: revisit the BN_copy aiming for a memory access agnostic
* conditional copy.
*/
if (!BN_add(k, k, order))
if (!BN_add(r, k, order)
|| !BN_add(X, r, order)
|| !BN_copy(k, BN_num_bits(r) > order_bits ? r : X))
goto err;
if (BN_num_bits(k) <= BN_num_bits(order))
if (!BN_add(k, k, order))
goto err;
/* compute r the x-coordinate of generator * k */
if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {

12
thirdparty/openssl/crypto/engine/eng_cryptodev.c vendored
View file

@ -1057,7 +1057,7 @@ static int crparam2bn(struct crparam *crp, BIGNUM *a)
return (-1);
for (i = 0; i < bytes; i++)
pd[i] = crp->crp_p[bytes - i - 1];
pd[i] = ((char *)crp->crp_p)[bytes - i - 1];
BN_bin2bn(pd, bytes, a);
free(pd);
@ -1133,7 +1133,7 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
return (ret);
}
memset(&kop, 0, sizeof kop);
memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_MOD_EXP;
/* inputs: a^p % m */
@ -1184,7 +1184,7 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
return (0);
}
memset(&kop, 0, sizeof kop);
memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_MOD_EXP_CRT;
/* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
if (bn2crparam(rsa->p, &kop.crk_param[0]))
@ -1287,7 +1287,7 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
goto err;
}
memset(&kop, 0, sizeof kop);
memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_DSA_SIGN;
/* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
@ -1330,7 +1330,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
struct crypt_kop kop;
int dsaret = 1;
memset(&kop, 0, sizeof kop);
memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_DSA_VERIFY;
/* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
@ -1403,7 +1403,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
keylen = BN_num_bits(dh->p);
memset(&kop, 0, sizeof kop);
memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_DH_COMPUTE_KEY;
/* inputs: dh->priv_key pub_key dh->p key */

1
thirdparty/openssl/crypto/engine/eng_fat.c vendored
View file

@ -167,6 +167,7 @@ int ENGINE_register_complete(ENGINE *e)
#endif
ENGINE_register_RAND(e);
ENGINE_register_pkey_meths(e);
ENGINE_register_pkey_asn1_meths(e);
return 1;
}

7
thirdparty/openssl/crypto/engine/eng_table.c vendored
View file

@ -1,5 +1,5 @@
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
* Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -159,6 +159,11 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
}
fnd->funct = NULL;
(void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
if (lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate) != fnd) {
sk_ENGINE_free(fnd->sk);
OPENSSL_free(fnd);
goto end;
}
}
/* A registration shouldn't add duplciate entries */
(void)sk_ENGINE_delete_ptr(fnd->sk, e);

23
thirdparty/openssl/crypto/err/err.c vendored
View file

@ -602,8 +602,8 @@ static void build_SYS_str_reasons(void)
char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
char *src = strerror(i);
if (src != NULL) {
strncpy(*dest, src, sizeof *dest);
(*dest)[sizeof *dest - 1] = '\0';
strncpy(*dest, src, sizeof(*dest));
(*dest)[sizeof(*dest) - 1] = '\0';
str->string = *dest;
}
}
@ -725,6 +725,8 @@ void ERR_put_error(int lib, int func, int reason, const char *file, int line)
}
#endif
es = ERR_get_state();
if (es == NULL)
return;
es->top = (es->top + 1) % ERR_NUM_ERRORS;
if (es->top == es->bottom)
@ -742,6 +744,8 @@ void ERR_clear_error(void)
ERR_STATE *es;
es = ERR_get_state();
if (es == NULL)
return;
for (i = 0; i < ERR_NUM_ERRORS; i++) {
err_clear(es, i);
@ -806,6 +810,8 @@ static unsigned long get_error_values(int inc, int top, const char **file,
unsigned long ret;
es = ERR_get_state();
if (es == NULL)
return 0;
if (inc && top) {
if (file)
@ -1016,7 +1022,6 @@ void ERR_remove_state(unsigned long pid)
ERR_STATE *ERR_get_state(void)
{
static ERR_STATE fallback;
ERR_STATE *ret, tmp, *tmpp = NULL;
int i;
CRYPTO_THREADID tid;
@ -1030,7 +1035,7 @@ ERR_STATE *ERR_get_state(void)
if (ret == NULL) {
ret = (ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE));
if (ret == NULL)
return (&fallback);
return NULL;
CRYPTO_THREADID_cpy(&ret->tid, &tid);
ret->top = 0;
ret->bottom = 0;
@ -1042,7 +1047,7 @@ ERR_STATE *ERR_get_state(void)
/* To check if insertion failed, do a get. */
if (ERRFN(thread_get_item) (ret) != ret) {
ERR_STATE_free(ret); /* could not insert it */
return (&fallback);
return NULL;
}
/*
* If a race occured in this function and we came second, tmpp is the
@ -1066,10 +1071,10 @@ void ERR_set_error_data(char *data, int flags)
int i;
es = ERR_get_state();
if (es == NULL)
return;
i = es->top;
if (i == 0)
i = ERR_NUM_ERRORS - 1;
err_clear_data(es, i);
es->err_data[i] = data;
@ -1121,6 +1126,8 @@ int ERR_set_mark(void)
ERR_STATE *es;
es = ERR_get_state();
if (es == NULL)
return 0;
if (es->bottom == es->top)
return 0;
@ -1133,6 +1140,8 @@ int ERR_pop_to_mark(void)
ERR_STATE *es;
es = ERR_get_state();
if (es == NULL)
return 0;
while (es->bottom != es->top
&& (es->err_flags[es->top] & ERR_FLAG_MARK) == 0) {

2
thirdparty/openssl/crypto/err/err_prn.c vendored
View file

@ -77,7 +77,7 @@ void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
CRYPTO_THREADID_current(&cur);
es = CRYPTO_THREADID_hash(&cur);
while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
ERR_error_string_n(l, buf, sizeof buf);
ERR_error_string_n(l, buf, sizeof(buf));
BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf,
file, line, (flags & ERR_TXT_STRING) ? data : "");
if (cb(buf2, strlen(buf2), u) <= 0)

8
thirdparty/openssl/crypto/evp/bio_b64.c vendored
View file

@ -330,6 +330,14 @@ static int b64_read(BIO *b, char *out, int outl)
(unsigned char *)ctx->tmp, i);
ctx->tmp_len = 0;
}
/*
* If eof or an error was signalled, then the condition
* 'ctx->cont <= 0' will prevent b64_read() from reading
* more data on subsequent calls. This assignment was
* deleted accidentally in commit 5562cfaca4f3.
*/
ctx->cont = i;
ctx->buf_off = 0;
if (i < 0) {
ret_code = 0;

8
thirdparty/openssl/crypto/evp/digest.c vendored
View file

@ -124,12 +124,12 @@
void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
{
memset(ctx, '\0', sizeof *ctx);
memset(ctx, '\0', sizeof(*ctx));
}
EVP_MD_CTX *EVP_MD_CTX_create(void)
{
EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx)
EVP_MD_CTX_init(ctx);
@ -316,7 +316,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
} else
tmp_buf = NULL;
EVP_MD_CTX_cleanup(out);
memcpy(out, in, sizeof *out);
memcpy(out, in, sizeof(*out));
if (in->md_data && out->digest->ctx_size) {
if (tmp_buf)
@ -402,7 +402,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
#ifdef OPENSSL_FIPS
FIPS_md_ctx_cleanup(ctx);
#endif
memset(ctx, '\0', sizeof *ctx);
memset(ctx, '\0', sizeof(*ctx));
return 1;
}

4
thirdparty/openssl/crypto/evp/e_aes.c vendored
View file

@ -1,5 +1,5 @@
/* ====================================================================
* Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
* Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -1089,6 +1089,8 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
ctx->iv, &ctx->num, ctx->encrypt, dat->block);
len -= MAXBITCHUNK;
out += MAXBITCHUNK;
in += MAXBITCHUNK;
}
if (len)
CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,

13
thirdparty/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c vendored
View file

@ -579,12 +579,17 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
maxpad &= 255;
ret &= constant_time_ge(maxpad, pad);
mask = constant_time_ge(maxpad, pad);
ret &= mask;
/*
* If pad is invalid then we will fail the above test but we must
* continue anyway because we are in constant time code. However,
* we'll use the maxpad value instead of the supplied pad to make
* sure we perform well defined pointer arithmetic.
*/
pad = constant_time_select(mask, pad, maxpad);
inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
inp_len &= mask;
ret &= (int)mask;
key->aux.tls_aad[plen - 2] = inp_len >> 8;
key->aux.tls_aad[plen - 1] = inp_len;

21
thirdparty/openssl/crypto/evp/e_aes_cbc_hmac_sha256.c vendored
View file

@ -507,10 +507,12 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
* to identify it and avoid stitch invocation. So that after we
* establish that current CPU supports AVX, we even see if it's
* either even XOP-capable Bulldozer-based or GenuineIntel one.
* But SHAEXT-capable go ahead...
*/
if (OPENSSL_ia32cap_P[1] & (1 << (60 - 32)) && /* AVX? */
((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */
| (OPENSSL_ia32cap_P[0] & (1<<30))) && /* "Intel CPU"? */
if (((OPENSSL_ia32cap_P[2] & (1 << 29)) || /* SHAEXT? */
((OPENSSL_ia32cap_P[1] & (1 << (60 - 32))) && /* AVX? */
((OPENSSL_ia32cap_P[1] & (1 << (43 - 32))) /* XOP? */
| (OPENSSL_ia32cap_P[0] & (1 << 30))))) && /* "Intel CPU"? */
plen > (sha_off + iv) &&
(blocks = (plen - (sha_off + iv)) / SHA256_CBLOCK)) {
SHA256_Update(&key->md, in + iv, sha_off);
@ -590,12 +592,17 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
maxpad &= 255;
ret &= constant_time_ge(maxpad, pad);
mask = constant_time_ge(maxpad, pad);
ret &= mask;
/*
* If pad is invalid then we will fail the above test but we must
* continue anyway because we are in constant time code. However,
* we'll use the maxpad value instead of the supplied pad to make
* sure we perform well defined pointer arithmetic.
*/
pad = constant_time_select(mask, pad, maxpad);
inp_len = len - (SHA256_DIGEST_LENGTH + pad + 1);
mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
inp_len &= mask;
ret &= (int)mask;
key->aux.tls_aad[plen - 2] = inp_len >> 8;
key->aux.tls_aad[plen - 1] = inp_len;

4
thirdparty/openssl/crypto/evp/e_camellia.c vendored
View file

@ -1,6 +1,6 @@
/* crypto/evp/e_camellia.c */
/* ====================================================================
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -356,6 +356,8 @@ static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
ctx->iv, &ctx->num, ctx->encrypt, dat->block);
len -= MAXBITCHUNK;
out += MAXBITCHUNK;
in += MAXBITCHUNK;
}
if (len)
CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,

10
thirdparty/openssl/crypto/evp/evp_enc.c vendored
View file

@ -85,7 +85,7 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
{
EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx)
EVP_CIPHER_CTX_init(ctx);
return ctx;
@ -402,7 +402,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
}
b = ctx->cipher->block_size;
OPENSSL_assert(b <= sizeof ctx->buf);
OPENSSL_assert(b <= sizeof(ctx->buf));
if (b == 1) {
*outl = 0;
return 1;
@ -454,7 +454,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
return EVP_EncryptUpdate(ctx, out, outl, in, inl);
b = ctx->cipher->block_size;
OPENSSL_assert(b <= sizeof ctx->final);
OPENSSL_assert(b <= sizeof(ctx->final));
if (ctx->final_used) {
memcpy(out, ctx->final, b);
@ -520,7 +520,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH);
return (0);
}
OPENSSL_assert(b <= sizeof ctx->final);
OPENSSL_assert(b <= sizeof(ctx->final));
/*
* The following assumes that the ciphertext has been authenticated.
@ -651,7 +651,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
#endif
EVP_CIPHER_CTX_cleanup(out);
memcpy(out, in, sizeof *out);
memcpy(out, in, sizeof(*out));
if (in->cipher_data && in->cipher->ctx_size) {
out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);

20
thirdparty/openssl/crypto/evp/evp_key.c vendored
View file

@ -97,7 +97,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
int verify)
{
int ret;
int ret = -1;
char buff[BUFSIZ];
UI *ui;
@ -105,16 +105,18 @@ int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
prompt = prompt_string;
ui = UI_new();
if (ui == NULL)
return -1;
UI_add_input_string(ui, prompt, 0, buf, min,
(len >= BUFSIZ) ? BUFSIZ - 1 : len);
if (verify)
UI_add_verify_string(ui, prompt, 0,
buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
buf);
return ret;
if (UI_add_input_string(ui, prompt, 0, buf, min,
(len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0
|| (verify
&& UI_add_verify_string(ui, prompt, 0, buff, min,
(len >= BUFSIZ) ? BUFSIZ - 1 : len,
buf) < 0))
goto end;
ret = UI_process(ui);
UI_free(ui);
OPENSSL_cleanse(buff, BUFSIZ);
end:
UI_free(ui);
return ret;
}

4
thirdparty/openssl/crypto/evp/evp_locl.h vendored
View file

@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -116,7 +116,7 @@ static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (inl<chunk) chunk=inl;\
while(inl && inl>=chunk)\
{\
cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?chunk*8:chunk), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
inl-=chunk;\
in +=chunk;\
out+=chunk;\

4
thirdparty/openssl/crypto/evp/evp_pbe.c vendored
View file

@ -161,9 +161,9 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
char obj_tmp[80];
EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
if (!pbe_obj)
BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
BUF_strlcpy(obj_tmp, "NULL", sizeof(obj_tmp));
else
i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
i2t_ASN1_OBJECT(obj_tmp, sizeof(obj_tmp), pbe_obj);
ERR_add_error_data(2, "TYPE=", obj_tmp);
return 0;
}

6
thirdparty/openssl/crypto/evp/openbsd_hw.c vendored
View file

@ -111,7 +111,7 @@ static int dev_crypto_init(session_op *ses)
close(cryptodev_fd);
}
assert(ses);
memset(ses, '\0', sizeof *ses);
memset(ses, '\0', sizeof(*ses));
return 1;
}
@ -164,7 +164,7 @@ static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
assert(CDATA(ctx));
assert(!dev_failed);
memset(&cryp, '\0', sizeof cryp);
memset(&cryp, '\0', sizeof(cryp));
cryp.ses = CDATA(ctx)->ses;
cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
cryp.flags = 0;
@ -329,7 +329,7 @@ static int do_digest(int ses, unsigned char *md, const void *data, int len)
return 1;
}
memset(&cryp, '\0', sizeof cryp);
memset(&cryp, '\0', sizeof(cryp));
cryp.ses = ses;
cryp.op = COP_ENCRYPT; /* required to do the MAC rather than check
* it */

2
thirdparty/openssl/crypto/evp/p5_crpt2.c vendored
View file

@ -262,7 +262,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
goto err;
}
keylen = EVP_CIPHER_CTX_key_length(ctx);
OPENSSL_assert(keylen <= sizeof key);
OPENSSL_assert(keylen <= sizeof(key));
/* Decode parameter */

167
thirdparty/openssl/crypto/evp/pmeth_lib.c vendored
View file

@ -589,3 +589,170 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
pmeth->ctrl = ctrl;
pmeth->ctrl_str = ctrl_str;
}
void EVP_PKEY_meth_get_init(EVP_PKEY_METHOD *pmeth,
int (**pinit) (EVP_PKEY_CTX *ctx))
{
*pinit = pmeth->init;
}
void EVP_PKEY_meth_get_copy(EVP_PKEY_METHOD *pmeth,
int (**pcopy) (EVP_PKEY_CTX *dst,
EVP_PKEY_CTX *src))
{
*pcopy = pmeth->copy;
}
void EVP_PKEY_meth_get_cleanup(EVP_PKEY_METHOD *pmeth,
void (**pcleanup) (EVP_PKEY_CTX *ctx))
{
*pcleanup = pmeth->cleanup;
}
void EVP_PKEY_meth_get_paramgen(EVP_PKEY_METHOD *pmeth,
int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
int (**pparamgen) (EVP_PKEY_CTX *ctx,
EVP_PKEY *pkey))
{
if (pparamgen_init)
*pparamgen_init = pmeth->paramgen_init;
if (pparamgen)
*pparamgen = pmeth->paramgen;
}
void EVP_PKEY_meth_get_keygen(EVP_PKEY_METHOD *pmeth,
int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
int (**pkeygen) (EVP_PKEY_CTX *ctx,
EVP_PKEY *pkey))
{
if (pkeygen_init)
*pkeygen_init = pmeth->keygen_init;
if (pkeygen)
*pkeygen = pmeth->keygen;
}
void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth,
int (**psign_init) (EVP_PKEY_CTX *ctx),
int (**psign) (EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen,
const unsigned char *tbs,
size_t tbslen))
{
if (psign_init)
*psign_init = pmeth->sign_init;
if (psign)
*psign = pmeth->sign;
}
void EVP_PKEY_meth_get_verify(EVP_PKEY_METHOD *pmeth,
int (**pverify_init) (EVP_PKEY_CTX *ctx),
int (**pverify) (EVP_PKEY_CTX *ctx,
const unsigned char *sig,
size_t siglen,
const unsigned char *tbs,
size_t tbslen))
{
if (pverify_init)
*pverify_init = pmeth->verify_init;
if (pverify)
*pverify = pmeth->verify;
}
void EVP_PKEY_meth_get_verify_recover(EVP_PKEY_METHOD *pmeth,
int (**pverify_recover_init) (EVP_PKEY_CTX
*ctx),
int (**pverify_recover) (EVP_PKEY_CTX
*ctx,
unsigned char
*sig,
size_t *siglen,
const unsigned
char *tbs,
size_t tbslen))
{
if (pverify_recover_init)
*pverify_recover_init = pmeth->verify_recover_init;
if (pverify_recover)
*pverify_recover = pmeth->verify_recover;
}
void EVP_PKEY_meth_get_signctx(EVP_PKEY_METHOD *pmeth,
int (**psignctx_init) (EVP_PKEY_CTX *ctx,
EVP_MD_CTX *mctx),
int (**psignctx) (EVP_PKEY_CTX *ctx,
unsigned char *sig,
size_t *siglen,
EVP_MD_CTX *mctx))
{
if (psignctx_init)
*psignctx_init = pmeth->signctx_init;
if (psignctx)
*psignctx = pmeth->signctx;
}
void EVP_PKEY_meth_get_verifyctx(EVP_PKEY_METHOD *pmeth,
int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
EVP_MD_CTX *mctx),
int (**pverifyctx) (EVP_PKEY_CTX *ctx,
const unsigned char *sig,
int siglen,
EVP_MD_CTX *mctx))
{
if (pverifyctx_init)
*pverifyctx_init = pmeth->verifyctx_init;
if (pverifyctx)
*pverifyctx = pmeth->verifyctx;
}
void EVP_PKEY_meth_get_encrypt(EVP_PKEY_METHOD *pmeth,
int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
int (**pencryptfn) (EVP_PKEY_CTX *ctx,
unsigned char *out,
size_t *outlen,
const unsigned char *in,
size_t inlen))
{
if (pencrypt_init)
*pencrypt_init = pmeth->encrypt_init;
if (pencryptfn)
*pencryptfn = pmeth->encrypt;
}
void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth,
int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
int (**pdecrypt) (EVP_PKEY_CTX *ctx,
unsigned char *out,
size_t *outlen,
const unsigned char *in,
size_t inlen))
{
if (pdecrypt_init)
*pdecrypt_init = pmeth->decrypt_init;
if (pdecrypt)
*pdecrypt = pmeth->decrypt;
}
void EVP_PKEY_meth_get_derive(EVP_PKEY_METHOD *pmeth,
int (**pderive_init) (EVP_PKEY_CTX *ctx),
int (**pderive) (EVP_PKEY_CTX *ctx,
unsigned char *key,
size_t *keylen))
{
if (pderive_init)
*pderive_init = pmeth->derive_init;
if (pderive)
*pderive = pmeth->derive;
}
void EVP_PKEY_meth_get_ctrl(EVP_PKEY_METHOD *pmeth,
int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
void *p2),
int (**pctrl_str) (EVP_PKEY_CTX *ctx,
const char *type,
const char *value))
{
if (pctrl)
*pctrl = pmeth->ctrl;
if (pctrl_str)
*pctrl_str = pmeth->ctrl_str;
}

9
thirdparty/openssl/crypto/ex_data.c vendored
View file

@ -473,7 +473,14 @@ static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
if (j < mx)
mx = j;
if (mx > 0) {
if (!CRYPTO_set_ex_data(to, mx - 1, NULL))
/*
* Make sure the ex_data stack is at least |mx| elements long to avoid
* issues in the for loop that follows; so go get the |mx|'th element
* (if it does not exist CRYPTO_get_ex_data() returns NULL), and assign
* to itself. This is normally a no-op; but ensures the stack is the
* proper size
*/
if (!CRYPTO_set_ex_data(to, mx - 1, CRYPTO_get_ex_data(to, mx - 1)))
goto skip;
storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS *));
if (!storage)

2
thirdparty/openssl/crypto/hmac/hmac.c vendored
View file

@ -234,7 +234,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx)
EVP_MD_CTX_cleanup(&ctx->i_ctx);
EVP_MD_CTX_cleanup(&ctx->o_ctx);
EVP_MD_CTX_cleanup(&ctx->md_ctx);
OPENSSL_cleanse(ctx, sizeof *ctx);
OPENSSL_cleanse(ctx, sizeof(*ctx));
}
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,

28
thirdparty/openssl/crypto/include/internal/bn_conf.h vendored
View file

@ -1,28 +0,0 @@
/* WARNING: do not edit! */
/* Generated by Makefile from crypto/include/internal/bn_conf.h.in */
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef HEADER_BN_CONF_H
# define HEADER_BN_CONF_H
/*
* The contents of this file are not used in the UEFI build, as
* both 32-bit and 64-bit builds are supported from a single run
* of the Configure script.
*/
/* Should we define BN_DIV2W here? */
/* Only one for the following should be defined */
#define SIXTY_FOUR_BIT_LONG
#undef SIXTY_FOUR_BIT
#undef THIRTY_TWO_BIT
#endif

16
thirdparty/openssl/crypto/include/internal/dso_conf.h vendored
View file

@ -1,16 +0,0 @@
/* WARNING: do not edit! */
/* Generated by Makefile from crypto/include/internal/dso_conf.h.in */
/*
* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef HEADER_DSO_CONF_H
# define HEADER_DSO_CONF_H
# define DSO_EXTENSION ".so"
#endif

12
thirdparty/openssl/crypto/jpake/jpake.c vendored
View file

@ -108,14 +108,14 @@ static void JPAKE_CTX_release(JPAKE_CTX *ctx)
OPENSSL_free(ctx->p.peer_name);
OPENSSL_free(ctx->p.name);
memset(ctx, '\0', sizeof *ctx);
memset(ctx, '\0', sizeof(*ctx));
}
JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
const BIGNUM *secret)
{
JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
JPAKE_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx == NULL)
return NULL;
@ -460,7 +460,7 @@ void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a)
int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx)
{
quickhashbn(send->hhk, ctx->key);
SHA1(send->hhk, sizeof send->hhk, send->hhk);
SHA1(send->hhk, sizeof(send->hhk), send->hhk);
return 1;
}
@ -470,8 +470,8 @@ int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received)
unsigned char hhk[SHA_DIGEST_LENGTH];
quickhashbn(hhk, ctx->key);
SHA1(hhk, sizeof hhk, hhk);
if (memcmp(hhk, received->hhk, sizeof hhk)) {
SHA1(hhk, sizeof(hhk), hhk);
if (memcmp(hhk, received->hhk, sizeof(hhk))) {
JPAKEerr(JPAKE_F_JPAKE_STEP3A_PROCESS,
JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH);
return 0;
@ -499,7 +499,7 @@ int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received)
unsigned char hk[SHA_DIGEST_LENGTH];
quickhashbn(hk, ctx->key);
if (memcmp(hk, received->hk, sizeof hk)) {
if (memcmp(hk, received->hk, sizeof(hk))) {
JPAKEerr(JPAKE_F_JPAKE_STEP3B_PROCESS, JPAKE_R_HASH_OF_KEY_MISMATCH);
return 0;
}

77
thirdparty/openssl/crypto/lhash/lhash.c vendored
View file

@ -101,6 +101,24 @@
#include <openssl/crypto.h>
#include <openssl/lhash.h>
/*
* A hashing implementation that appears to be based on the linear hashing
* alogrithm:
* https://en.wikipedia.org/wiki/Linear_hashing
*
* Litwin, Witold (1980), "Linear hashing: A new tool for file and table
* addressing", Proc. 6th Conference on Very Large Databases: 212-223
* http://hackthology.com/pdfs/Litwin-1980-Linear_Hashing.pdf
*
* From the wikipedia article "Linear hashing is used in the BDB Berkeley
* database system, which in turn is used by many software systems such as
* OpenLDAP, using a C implementation derived from the CACM article and first
* published on the Usenet in 1988 by Esmond Pitt."
*
* The CACM paper is available here:
* https://pdfs.semanticscholar.org/ff4d/1c5deca6269cc316bfd952172284dbf610ee.pdf
*/
const char lh_version[] = "lhash" OPENSSL_VERSION_PTEXT;
#undef MIN_NODES
@ -108,7 +126,7 @@ const char lh_version[] = "lhash" OPENSSL_VERSION_PTEXT;
#define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */
#define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */
static void expand(_LHASH *lh);
static int expand(_LHASH *lh);
static void contract(_LHASH *lh);
static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash);
@ -182,8 +200,9 @@ void *lh_insert(_LHASH *lh, void *data)
void *ret;
lh->error = 0;
if (lh->up_load <= (lh->num_items * LH_LOAD_MULT / lh->num_nodes))
expand(lh);
if (lh->up_load <= (lh->num_items * LH_LOAD_MULT / lh->num_nodes)
&& !expand(lh))
return NULL;
rn = getrn(lh, data, &hash);
@ -300,19 +319,37 @@ void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
doall_util_fn(lh, 1, (LHASH_DOALL_FN_TYPE)0, func, arg);
}
static void expand(_LHASH *lh)
static int expand(_LHASH *lh)
{
LHASH_NODE **n, **n1, **n2, *np;
unsigned int p, i, j;
unsigned long hash, nni;
unsigned int p, pmax, nni, j;
unsigned long hash;
nni = lh->num_alloc_nodes;
p = lh->p;
pmax = lh->pmax;
if (p + 1 >= pmax) {
j = nni * 2;
n = OPENSSL_realloc(lh->b, (int)(sizeof(LHASH_NODE *) * j));
if (n == NULL) {
lh->error++;
return 0;
}
lh->b = n;
memset(n + nni, 0, sizeof(*n) * (j - nni));
lh->pmax = nni;
lh->num_alloc_nodes = j;
lh->num_expand_reallocs++;
lh->p = 0;
} else {
lh->p++;
}
lh->num_nodes++;
lh->num_expands++;
p = (int)lh->p++;
n1 = &(lh->b[p]);
n2 = &(lh->b[p + (int)lh->pmax]);
*n2 = NULL; /* 27/07/92 - eay - undefined pointer bug */
nni = lh->num_alloc_nodes;
n2 = &(lh->b[p + pmax]);
*n2 = NULL;
for (np = *n1; np != NULL;) {
#ifndef OPENSSL_NO_HASH_COMP
@ -330,25 +367,7 @@ static void expand(_LHASH *lh)
np = *n1;
}
if ((lh->p) >= lh->pmax) {
j = (int)lh->num_alloc_nodes * 2;
n = (LHASH_NODE **)OPENSSL_realloc(lh->b,
(int)(sizeof(LHASH_NODE *) * j));
if (n == NULL) {
lh->error++;
lh->num_nodes--;
lh->p = 0;
return;
}
/* else */
for (i = (int)lh->num_alloc_nodes; i < j; i++) /* 26/02/92 eay */
n[i] = NULL; /* 02/03/92 eay */
lh->pmax = lh->num_alloc_nodes;
lh->num_alloc_nodes = j;
lh->num_expand_reallocs++;
lh->p = 0;
lh->b = n;
}
return 1;
}
static void contract(_LHASH *lh)

6
thirdparty/openssl/crypto/md2/md2_dgst.c vendored
View file

@ -122,9 +122,9 @@ const char *MD2_options(void)
fips_md_init(MD2)
{
c->num = 0;
memset(c->state, 0, sizeof c->state);
memset(c->cksm, 0, sizeof c->cksm);
memset(c->data, 0, sizeof c->data);
memset(c->state, 0, sizeof(c->state));
memset(c->cksm, 0, sizeof(c->cksm));
memset(c->data, 0, sizeof(c->data));
return 1;
}

2
thirdparty/openssl/crypto/md4/md4.c vendored
View file

@ -102,7 +102,7 @@ void do_fp(FILE *f)
fd = fileno(f);
MD4_Init(&c);
for (;;) {
i = read(fd, buf, sizeof buf);
i = read(fd, buf, sizeof(buf));
if (i <= 0)
break;
MD4_Update(&c, buf, (unsigned long)i);

18
thirdparty/openssl/crypto/mem_dbg.c vendored
View file

@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -633,16 +633,22 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
APP_INFO *amip;
int ami_cnt;
struct tm *lcl = NULL;
struct tm result = {0};
CRYPTO_THREADID ti;
#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf))
#define BUF_REMAIN (sizeof(buf) - (size_t)(bufp - buf))
if (m->addr == (char *)l->bio)
return;
if (options & V_CRYPTO_MDEBUG_TIME) {
# if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && \
!defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_SUNOS) && \
(!defined(OPENSSL_SYS_VMS) || defined(localtime_r))
lcl = localtime_r(&m->time, &result);
# else
lcl = localtime(&m->time);
# endif
BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ",
lcl->tm_hour, lcl->tm_min, lcl->tm_sec);
bufp += strlen(bufp);
@ -679,7 +685,7 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
ami_cnt++;
memset(buf, '>', ami_cnt);
BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
BIO_snprintf(buf + ami_cnt, sizeof(buf) - ami_cnt,
" thread=%lu, file=%s, line=%d, info=\"",
CRYPTO_THREADID_hash(&amip->threadid), amip->file,
amip->line);
@ -689,10 +695,10 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
memcpy(buf + buf_len, amip->info, 128 - buf_len - 3);
buf_len = 128 - 3;
} else {
BUF_strlcpy(buf + buf_len, amip->info, sizeof buf - buf_len);
BUF_strlcpy(buf + buf_len, amip->info, sizeof(buf) - buf_len);
buf_len = strlen(buf);
}
BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n");
BIO_snprintf(buf + buf_len, sizeof(buf) - buf_len, "\"\n");
BIO_puts(l->bio, buf);

5
thirdparty/openssl/crypto/o_init.c vendored
View file

@ -58,6 +58,11 @@
#ifdef OPENSSL_FIPS
# include <openssl/fips.h>
# include <openssl/rand.h>
# ifndef OPENSSL_NO_DEPRECATED
/* the prototype is missing in <openssl/fips.h> */
void FIPS_crypto_set_id_callback(unsigned long (*func)(void));
# endif
#endif
/*

8
thirdparty/openssl/crypto/o_time.c vendored
View file

@ -8,7 +8,7 @@
* 2008.
*/
/* ====================================================================
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
* Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -105,7 +105,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
{
struct tm *ts = NULL;
#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_SUNOS)
if (gmtime_r(timer, result) == NULL)
return NULL;
ts = result;
@ -141,14 +141,14 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
pitem->ileb_64$w_mbo = 1;
pitem->ileb_64$w_code = LNM$_STRING;
pitem->ileb_64$l_mbmo = -1;
pitem->ileb_64$q_length = sizeof (logvalue);
pitem->ileb_64$q_length = sizeof(logvalue);
pitem->ileb_64$pq_bufaddr = logvalue;
pitem->ileb_64$pq_retlen_addr = (unsigned __int64 *) &reslen;
pitem++;
/* Last item of the item list is null terminated */
pitem->ileb_64$q_length = pitem->ileb_64$w_code = 0;
# else
pitem->ile3$w_length = sizeof (logvalue);
pitem->ile3$w_length = sizeof(logvalue);
pitem->ile3$w_code = LNM$_STRING;
pitem->ile3$ps_bufaddr = logvalue;
pitem->ile3$ps_retlen_addr = (unsigned short int *) &reslen;

4
thirdparty/openssl/crypto/objects/o_names.c vendored
View file

@ -312,13 +312,13 @@ void OBJ_NAME_do_all_sorted(int type,
d.type = type;
d.names =
OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names);
OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof(*d.names));
/* Really should return an error if !d.names...but its a void function! */
if (d.names) {
d.n = 0;
OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
qsort((void *)d.names, d.n, sizeof(*d.names), do_all_sorted_cmp);
for (n = 0; n < d.n; ++n)
fn(d.names[n], arg);

28
thirdparty/openssl/crypto/objects/obj_dat.c vendored
View file

@ -305,9 +305,8 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
for (i = ADDED_DATA; i <= ADDED_NID; i++)
if (ao[i] != NULL)
OPENSSL_free(ao[i]);
if (o != NULL)
OPENSSL_free(o);
return (NID_undef);
ASN1_OBJECT_free(o);
return NID_undef;
}
ASN1_OBJECT *OBJ_nid2obj(int n)
@ -591,7 +590,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
n += i;
OPENSSL_free(bndec);
} else {
BIO_snprintf(tbuf, sizeof tbuf, ".%lu", l);
BIO_snprintf(tbuf, sizeof(tbuf), ".%lu", l);
i = strlen(tbuf);
if (buf && (buf_len > 0)) {
BUF_strlcpy(buf, tbuf, buf_len);
@ -725,6 +724,10 @@ const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num,
return (p);
}
/*
* Parse a BIO sink to create some extra oid's objects.
* Line format:<OID:isdigit or '.']><isspace><SN><isspace><LN>
*/
int OBJ_create_objects(BIO *in)
{
MS_STATIC char buf[512];
@ -746,9 +749,9 @@ int OBJ_create_objects(BIO *in)
*(s++) = '\0';
while (isspace((unsigned char)*s))
s++;
if (*s == '\0')
if (*s == '\0') {
s = NULL;
else {
} else {
l = s;
while ((*l != '\0') && !isspace((unsigned char)*l))
l++;
@ -756,15 +759,18 @@ int OBJ_create_objects(BIO *in)
*(l++) = '\0';
while (isspace((unsigned char)*l))
l++;
if (*l == '\0')
if (*l == '\0') {
l = NULL;
} else
}
} else {
l = NULL;
}
}
} else
} else {
s = NULL;
if ((o == NULL) || (*o == '\0'))
return (num);
}
if (*o == '\0')
return num;
if (!OBJ_create(o, s, l))
return (num);
num++;

2
thirdparty/openssl/crypto/ocsp/ocsp_vfy.c vendored
View file

@ -118,6 +118,8 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
goto end;
}
}
} else if (certs != NULL) {
untrusted = certs;
} else {
untrusted = bs->certs;
}

2
thirdparty/openssl/crypto/pem/pem_info.c vendored
View file

@ -354,7 +354,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
/* create the right magic header stuff */
OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
sizeof buf);
sizeof(buf));
buf[0] = '\0';
PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);

5
thirdparty/openssl/crypto/pem/pem_lib.c vendored
View file

@ -406,7 +406,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
OPENSSL_cleanse(buf, PEM_BUFSIZE);
OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
sizeof buf);
sizeof(buf));
buf[0] = '\0';
PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
@ -536,7 +536,8 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
((c >= '0') && (c <= '9'))))
break;
#else
if (!(isupper(c) || (c == '-') || isdigit(c)))
if (!(isupper((unsigned char)c) || (c == '-')
|| isdigit((unsigned char)c)))
break;
#endif
header++;

1
thirdparty/openssl/crypto/pem/pem_pk8.c vendored
View file

@ -178,6 +178,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
}
p8inf = PKCS8_decrypt(p8, psbuf, klen);
X509_SIG_free(p8);
OPENSSL_cleanse(psbuf, klen);
if (!p8inf)
return NULL;
ret = EVP_PKCS82PKEY(p8inf);

1
thirdparty/openssl/crypto/pem/pem_pkey.c vendored
View file

@ -120,6 +120,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
}
p8inf = PKCS8_decrypt(p8, psbuf, klen);
X509_SIG_free(p8);
OPENSSL_cleanse(psbuf, klen);
if (!p8inf)
goto p8err;
ret = EVP_PKCS82PKEY(p8inf);

21
thirdparty/openssl/crypto/pkcs12/p12_kiss.c vendored
View file

@ -84,6 +84,12 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
{
STACK_OF(X509) *ocerts = NULL;
X509 *x = NULL;
if (pkey)
*pkey = NULL;
if (cert)
*cert = NULL;
/* Check for NULL PKCS12 structure */
if (!p12) {
@ -92,11 +98,6 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
return 0;
}
if (pkey)
*pkey = NULL;
if (cert)
*cert = NULL;
/* Check the mac */
/*
@ -125,7 +126,7 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
if (!ocerts) {
PKCS12err(PKCS12_F_PKCS12_PARSE, ERR_R_MALLOC_FAILURE);
return 0;
goto err;
}
if (!parse_pk12(p12, pass, -1, pkey, ocerts)) {
@ -163,10 +164,14 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
err:
if (pkey && *pkey)
if (pkey) {
EVP_PKEY_free(*pkey);
if (cert && *cert)
*pkey = NULL;
}
if (cert) {
X509_free(*cert);
*cert = NULL;
}
if (x)
X509_free(x);
if (ocerts)

8
thirdparty/openssl/crypto/pkcs7/pk7_doit.c vendored
View file

@ -375,16 +375,18 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
}
if (bio == NULL) {
if (PKCS7_is_detached(p7))
if (PKCS7_is_detached(p7)) {
bio = BIO_new(BIO_s_null());
else if (os && os->length > 0)
} else if (os && os->length > 0) {
bio = BIO_new_mem_buf(os->data, os->length);
if (bio == NULL) {
} else {
bio = BIO_new(BIO_s_mem());
if (bio == NULL)
goto err;
BIO_set_mem_eof_return(bio, 0);
}
if (bio == NULL)
goto err;
}
if (out)
BIO_push(out, bio);

6
thirdparty/openssl/crypto/rand/md_rand.c vendored
View file

@ -238,7 +238,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
md_c[0] = md_count[0];
md_c[1] = md_count[1];
memcpy(local_md, md, sizeof md);
memcpy(local_md, md, sizeof(md));
/* state_index <= state_num <= STATE_SIZE */
state_index += num;
@ -454,7 +454,7 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
st_num = state_num;
md_c[0] = md_count[0];
md_c[1] = md_count[1];
memcpy(local_md, md, sizeof md);
memcpy(local_md, md, sizeof(md));
state_index += num_ceil;
if (state_index > state_num)
@ -480,7 +480,7 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
goto err;
#ifndef GETPID_IS_MEANINGLESS
if (curr_pid) { /* just in the first iteration to save time */
if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof curr_pid))
if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof(curr_pid)))
goto err;
curr_pid = 0;
}

2
thirdparty/openssl/crypto/rand/rand_egd.c vendored
View file

@ -148,7 +148,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
addr.sun_family = AF_UNIX;
if (strlen(path) >= sizeof(addr.sun_path))
return (-1);
BUF_strlcpy(addr.sun_path, path, sizeof addr.sun_path);
BUF_strlcpy(addr.sun_path, path, sizeof(addr.sun_path));
len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (fd == -1)

Some files were not shown because too many files have changed in this diff Show more