mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-27 11:55:06 +00:00
Import OpenSSL 1.0.2o.
This commit is contained in:
parent
4f94f84d84
commit
02be298e50
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/vendor-crypto/openssl/dist/; revision=331625 svn path=/vendor-crypto/openssl/1.0.2o/; revision=331626; tag=vendor/openssl/1.0.2o
22
CHANGES
22
CHANGES
@ -7,6 +7,21 @@
|
||||
https://github.com/openssl/openssl/commits/ and pick the appropriate
|
||||
release branch.
|
||||
|
||||
Changes between 1.0.2n and 1.0.2o [27 Mar 2018]
|
||||
|
||||
*) Constructed ASN.1 types with a recursive definition could exceed the stack
|
||||
|
||||
Constructed ASN.1 types with a recursive definition (such as can be found
|
||||
in PKCS7) could eventually exceed the stack given malicious input with
|
||||
excessive recursion. This could result in a Denial Of Service attack. There
|
||||
are no such structures used within SSL/TLS that come from untrusted sources
|
||||
so this is considered safe.
|
||||
|
||||
This issue was reported to OpenSSL on 4th January 2018 by the OSS-fuzz
|
||||
project.
|
||||
(CVE-2018-0739)
|
||||
[Matt Caswell]
|
||||
|
||||
Changes between 1.0.2m and 1.0.2n [7 Dec 2017]
|
||||
|
||||
*) Read/write after SSL object in error state
|
||||
@ -2012,8 +2027,11 @@
|
||||
to work with OPENSSL_NO_SSL_INTERN defined.
|
||||
[Steve Henson]
|
||||
|
||||
*) Add SRP support.
|
||||
[Tom Wu <tjw@cs.stanford.edu> and Ben Laurie]
|
||||
*) A long standing patch to add support for SRP from EdelWeb (Peter
|
||||
Sylvester and Christophe Renou) was integrated.
|
||||
[Christophe Renou <christophe.renou@edelweb.fr>, Peter Sylvester
|
||||
<peter.sylvester@edelweb.fr>, Tom Wu <tjw@cs.stanford.edu>, and
|
||||
Ben Laurie]
|
||||
|
||||
*) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
|
||||
[Steve Henson]
|
||||
|
24
Configure
24
Configure
@ -354,7 +354,7 @@ my %table=(
|
||||
"hpux-gcc", "gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
|
||||
|
||||
#### HP MPE/iX http://jazz.external.hp.com/src/openssl/
|
||||
"MPE/iX-gcc", "gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
|
||||
"MPE/iX-gcc", "gcc:-DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
|
||||
|
||||
# DEC Alpha OSF/1/Tru64 targets.
|
||||
#
|
||||
@ -1269,7 +1269,7 @@ my ($prelflags,$postlflags)=split('%',$lflags);
|
||||
if (defined($postlflags)) { $lflags=$postlflags; }
|
||||
else { $lflags=$prelflags; undef $prelflags; }
|
||||
|
||||
if ($target =~ /^mingw/ && `$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
|
||||
if ($target =~ /^mingw/ && `$cross_compile_prefix$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
|
||||
{
|
||||
$cflags =~ s/\-mno\-cygwin\s*//;
|
||||
$shared_ldflag =~ s/\-mno\-cygwin\s*//;
|
||||
@ -1661,18 +1661,25 @@ if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
|
||||
$shlib_minor=$2;
|
||||
}
|
||||
|
||||
my $ecc = $cc;
|
||||
$ecc = "clang" if `$cc --version 2>&1` =~ /clang/;
|
||||
my %predefined;
|
||||
|
||||
# collect compiler pre-defines from gcc or gcc-alike...
|
||||
open(PIPE, "$cross_compile_prefix$cc -dM -E -x c /dev/null 2>&1 |");
|
||||
while (<PIPE>) {
|
||||
m/^#define\s+(\w+(?:\(\w+\))?)(?:\s+(.+))?/ or last;
|
||||
$predefined{$1} = defined($2) ? $2 : "";
|
||||
}
|
||||
close(PIPE);
|
||||
|
||||
if ($strict_warnings)
|
||||
{
|
||||
my $wopt;
|
||||
die "ERROR --strict-warnings requires gcc or clang" unless ($ecc =~ /gcc$/ or $ecc =~ /clang$/);
|
||||
die "ERROR --strict-warnings requires gcc or clang" unless defined($predefined{__GNUC__});
|
||||
foreach $wopt (split /\s+/, $gcc_devteam_warn)
|
||||
{
|
||||
$cflags .= " $wopt" unless ($cflags =~ /(^|\s)$wopt(\s|$)/)
|
||||
}
|
||||
if ($ecc eq "clang")
|
||||
if (defined($predefined{__clang__}))
|
||||
{
|
||||
foreach $wopt (split /\s+/, $clang_devteam_warn)
|
||||
{
|
||||
@ -1723,15 +1730,14 @@ while (<IN>)
|
||||
s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
|
||||
s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
|
||||
s/^RC=\s*/RC= \$\(CROSS_COMPILE\)/;
|
||||
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
|
||||
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $predefined{__GNUC__} >= 3;
|
||||
}
|
||||
else {
|
||||
s/^CC=.*$/CC= $cc/;
|
||||
s/^AR=\s*ar/AR= $ar/;
|
||||
s/^RANLIB=.*/RANLIB= $ranlib/;
|
||||
s/^RC=.*/RC= $windres/;
|
||||
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
|
||||
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $ecc eq "gcc" || $ecc eq "clang";
|
||||
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $predefined{__GNUC__} >= 3;
|
||||
}
|
||||
s/^CFLAG=.*$/CFLAG= $cflags/;
|
||||
s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
|
||||
|
@ -11,8 +11,8 @@ First, read http://wiki.freebsd.org/SubversionPrimer/VendorImports
|
||||
# Xlist
|
||||
setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist
|
||||
setenv FSVN "svn+ssh://repo.freebsd.org/base"
|
||||
setenv OSSLVER 1.0.2n
|
||||
# OSSLTAG format: v1_0_2n
|
||||
setenv OSSLVER 1.0.2o
|
||||
# OSSLTAG format: v1_0_2o
|
||||
|
||||
###setenv OSSLTAG v`echo ${OSSLVER} | tr . _`
|
||||
|
||||
|
2
LICENSE
2
LICENSE
@ -12,7 +12,7 @@
|
||||
---------------
|
||||
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2017 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
|
4
Makefile
4
Makefile
@ -4,7 +4,7 @@
|
||||
## Makefile for OpenSSL
|
||||
##
|
||||
|
||||
VERSION=1.0.2n
|
||||
VERSION=1.0.2o
|
||||
MAJOR=1
|
||||
MINOR=0.2
|
||||
SHLIB_VERSION_NUMBER=1.0.0
|
||||
@ -73,7 +73,7 @@ NM= nm
|
||||
PERL= /usr/bin/perl
|
||||
TAR= tar
|
||||
TARFLAGS= --no-recursion
|
||||
MAKEDEPPROG=makedepend
|
||||
MAKEDEPPROG= cc
|
||||
LIBDIR=lib
|
||||
|
||||
# We let the C compiler driver to take care of .s files. This is done in
|
||||
|
5
NEWS
5
NEWS
@ -5,6 +5,11 @@
|
||||
This file gives a brief overview of the major changes between each OpenSSL
|
||||
release. For more details please read the CHANGES file.
|
||||
|
||||
Major changes between OpenSSL 1.0.2n and OpenSSL 1.0.2o [27 Mar 2018]
|
||||
|
||||
o Constructed ASN.1 types with a recursive definition could exceed the
|
||||
stack (CVE-2018-0739)
|
||||
|
||||
Major changes between OpenSSL 1.0.2m and OpenSSL 1.0.2n [7 Dec 2017]
|
||||
|
||||
o Read/write after SSL object in error state (CVE-2017-3737)
|
||||
|
2
README
2
README
@ -1,5 +1,5 @@
|
||||
|
||||
OpenSSL 1.0.2n 7 Dec 2017
|
||||
OpenSSL 1.0.2o 27 Mar 2018
|
||||
|
||||
Copyright (c) 1998-2015 The OpenSSL Project
|
||||
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
|
||||
|
@ -128,7 +128,7 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
|
||||
#endif
|
||||
|
||||
if (file == NULL)
|
||||
file = RAND_file_name(buffer, sizeof buffer);
|
||||
file = RAND_file_name(buffer, sizeof(buffer));
|
||||
else if (RAND_egd(file) > 0) {
|
||||
/*
|
||||
* we try if the given filename is an EGD socket. if it is, we don't
|
||||
@ -203,7 +203,7 @@ int app_RAND_write_file(const char *file, BIO *bio_e)
|
||||
return 0;
|
||||
|
||||
if (file == NULL)
|
||||
file = RAND_file_name(buffer, sizeof buffer);
|
||||
file = RAND_file_name(buffer, sizeof(buffer));
|
||||
if (file == NULL || !RAND_write_file(file)) {
|
||||
BIO_printf(bio_e, "unable to write 'random state'\n");
|
||||
return 0;
|
||||
|
62
apps/apps.c
62
apps/apps.c
@ -1738,9 +1738,9 @@ int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
|
||||
BUF_strlcpy(buf[0], serialfile, BSIZE);
|
||||
else {
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
|
||||
j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
|
||||
j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, suffix);
|
||||
#endif
|
||||
}
|
||||
#ifdef RL_DEBUG
|
||||
@ -1789,14 +1789,14 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
|
||||
goto err;
|
||||
}
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, new_suffix);
|
||||
j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", serialfile, new_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, new_suffix);
|
||||
j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", serialfile, new_suffix);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", serialfile, old_suffix);
|
||||
j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", serialfile, old_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", serialfile, old_suffix);
|
||||
j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-%s", serialfile, old_suffix);
|
||||
#endif
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
|
||||
@ -1877,9 +1877,9 @@ CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
|
||||
goto err;
|
||||
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
|
||||
BIO_snprintf(buf[0], sizeof(buf[0]), "%s.attr", dbfile);
|
||||
#else
|
||||
BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile);
|
||||
BIO_snprintf(buf[0], sizeof(buf[0]), "%s-attr", dbfile);
|
||||
#endif
|
||||
dbattr_conf = NCONF_new(NULL);
|
||||
if (NCONF_load(dbattr_conf, buf[0], &errorline) <= 0) {
|
||||
@ -1967,19 +1967,19 @@ int save_index(const char *dbfile, const char *suffix, CA_DB *db)
|
||||
goto err;
|
||||
}
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
|
||||
j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr", dbfile);
|
||||
#else
|
||||
j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr", dbfile);
|
||||
j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s-attr", dbfile);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
|
||||
j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.attr.%s", dbfile, suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-attr-%s", dbfile, suffix);
|
||||
j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-attr-%s", dbfile, suffix);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
|
||||
j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, suffix);
|
||||
j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", dbfile, suffix);
|
||||
#endif
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
|
||||
@ -2028,29 +2028,29 @@ int rotate_index(const char *dbfile, const char *new_suffix,
|
||||
goto err;
|
||||
}
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
|
||||
j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s.attr", dbfile);
|
||||
#else
|
||||
j = BIO_snprintf(buf[4], sizeof buf[4], "%s-attr", dbfile);
|
||||
j = BIO_snprintf(buf[4], sizeof(buf[4]), "%s-attr", dbfile);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr.%s", dbfile, new_suffix);
|
||||
j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s.attr.%s", dbfile, new_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr-%s", dbfile, new_suffix);
|
||||
j = BIO_snprintf(buf[2], sizeof(buf[2]), "%s-attr-%s", dbfile, new_suffix);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, new_suffix);
|
||||
j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s.%s", dbfile, new_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, new_suffix);
|
||||
j = BIO_snprintf(buf[0], sizeof(buf[0]), "%s-%s", dbfile, new_suffix);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", dbfile, old_suffix);
|
||||
j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s.%s", dbfile, old_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", dbfile, old_suffix);
|
||||
j = BIO_snprintf(buf[1], sizeof(buf[1]), "%s-%s", dbfile, old_suffix);
|
||||
#endif
|
||||
#ifndef OPENSSL_SYS_VMS
|
||||
j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s", dbfile, old_suffix);
|
||||
j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s.attr.%s", dbfile, old_suffix);
|
||||
#else
|
||||
j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s", dbfile, old_suffix);
|
||||
j = BIO_snprintf(buf[3], sizeof(buf[3]), "%s-attr-%s", dbfile, old_suffix);
|
||||
#endif
|
||||
#ifdef RL_DEBUG
|
||||
BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", dbfile, buf[1]);
|
||||
@ -2604,7 +2604,7 @@ static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx)
|
||||
|
||||
JPAKE_STEP3A_init(&s3a);
|
||||
JPAKE_STEP3A_generate(&s3a, ctx);
|
||||
BIO_write(bconn, s3a.hhk, sizeof s3a.hhk);
|
||||
BIO_write(bconn, s3a.hhk, sizeof(s3a.hhk));
|
||||
(void)BIO_flush(bconn);
|
||||
JPAKE_STEP3A_release(&s3a);
|
||||
}
|
||||
@ -2615,7 +2615,7 @@ static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx)
|
||||
|
||||
JPAKE_STEP3B_init(&s3b);
|
||||
JPAKE_STEP3B_generate(&s3b, ctx);
|
||||
BIO_write(bconn, s3b.hk, sizeof s3b.hk);
|
||||
BIO_write(bconn, s3b.hk, sizeof(s3b.hk));
|
||||
(void)BIO_flush(bconn);
|
||||
JPAKE_STEP3B_release(&s3b);
|
||||
}
|
||||
@ -2625,7 +2625,7 @@ static void readbn(BIGNUM **bn, BIO *bconn)
|
||||
char buf[10240];
|
||||
int l;
|
||||
|
||||
l = BIO_gets(bconn, buf, sizeof buf);
|
||||
l = BIO_gets(bconn, buf, sizeof(buf));
|
||||
assert(l > 0);
|
||||
assert(buf[l - 1] == '\n');
|
||||
buf[l - 1] = '\0';
|
||||
@ -2672,8 +2672,8 @@ static void jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn)
|
||||
int l;
|
||||
|
||||
JPAKE_STEP3A_init(&s3a);
|
||||
l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk);
|
||||
assert(l == sizeof s3a.hhk);
|
||||
l = BIO_read(bconn, s3a.hhk, sizeof(s3a.hhk));
|
||||
assert(l == sizeof(s3a.hhk));
|
||||
if (!JPAKE_STEP3A_process(ctx, &s3a)) {
|
||||
ERR_print_errors(bio_err);
|
||||
exit(1);
|
||||
@ -2687,8 +2687,8 @@ static void jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn)
|
||||
int l;
|
||||
|
||||
JPAKE_STEP3B_init(&s3b);
|
||||
l = BIO_read(bconn, s3b.hk, sizeof s3b.hk);
|
||||
assert(l == sizeof s3b.hk);
|
||||
l = BIO_read(bconn, s3b.hk, sizeof(s3b.hk));
|
||||
assert(l == sizeof(s3b.hk));
|
||||
if (!JPAKE_STEP3B_process(ctx, &s3b)) {
|
||||
ERR_print_errors(bio_err);
|
||||
exit(1);
|
||||
|
237
apps/ca.c
237
apps/ca.c
@ -1628,8 +1628,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
|
||||
CONF *lconf, unsigned long certopt, unsigned long nameopt,
|
||||
int default_op, int ext_copy, int selfsign)
|
||||
{
|
||||
X509_NAME *name = NULL, *CAname = NULL, *subject = NULL, *dn_subject =
|
||||
NULL;
|
||||
X509_NAME *name = NULL, *CAname = NULL, *subject = NULL;
|
||||
ASN1_UTCTIME *tm, *tmptm;
|
||||
ASN1_STRING *str, *str2;
|
||||
ASN1_OBJECT *obj;
|
||||
@ -1817,8 +1816,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
|
||||
|
||||
if (push != NULL) {
|
||||
if (!X509_NAME_add_entry(subject, push, -1, 0)) {
|
||||
if (push != NULL)
|
||||
X509_NAME_ENTRY_free(push);
|
||||
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||
goto err;
|
||||
}
|
||||
@ -1836,104 +1833,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (verbose)
|
||||
BIO_printf(bio_err,
|
||||
"The subject name appears to be ok, checking data base for clashes\n");
|
||||
|
||||
/* Build the correct Subject if no e-mail is wanted in the subject */
|
||||
/*
|
||||
* and add it later on because of the method extensions are added
|
||||
* (altName)
|
||||
*/
|
||||
|
||||
if (email_dn)
|
||||
dn_subject = subject;
|
||||
else {
|
||||
X509_NAME_ENTRY *tmpne;
|
||||
/*
|
||||
* Its best to dup the subject DN and then delete any email addresses
|
||||
* because this retains its structure.
|
||||
*/
|
||||
if (!(dn_subject = X509_NAME_dup(subject))) {
|
||||
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||
goto err;
|
||||
}
|
||||
while ((i = X509_NAME_get_index_by_NID(dn_subject,
|
||||
NID_pkcs9_emailAddress,
|
||||
-1)) >= 0) {
|
||||
tmpne = X509_NAME_get_entry(dn_subject, i);
|
||||
X509_NAME_delete_entry(dn_subject, i);
|
||||
X509_NAME_ENTRY_free(tmpne);
|
||||
}
|
||||
}
|
||||
|
||||
if (BN_is_zero(serial))
|
||||
row[DB_serial] = BUF_strdup("00");
|
||||
else
|
||||
row[DB_serial] = BN_bn2hex(serial);
|
||||
if (row[DB_serial] == NULL) {
|
||||
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (db->attributes.unique_subject) {
|
||||
OPENSSL_STRING *crow = row;
|
||||
|
||||
rrow = TXT_DB_get_by_index(db->db, DB_name, crow);
|
||||
if (rrow != NULL) {
|
||||
BIO_printf(bio_err,
|
||||
"ERROR:There is already a certificate for %s\n",
|
||||
row[DB_name]);
|
||||
}
|
||||
}
|
||||
if (rrow == NULL) {
|
||||
rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
|
||||
if (rrow != NULL) {
|
||||
BIO_printf(bio_err,
|
||||
"ERROR:Serial number %s has already been issued,\n",
|
||||
row[DB_serial]);
|
||||
BIO_printf(bio_err,
|
||||
" check the database/serial_file for corruption\n");
|
||||
}
|
||||
}
|
||||
|
||||
if (rrow != NULL) {
|
||||
BIO_printf(bio_err, "The matching entry has the following details\n");
|
||||
if (rrow[DB_type][0] == 'E')
|
||||
p = "Expired";
|
||||
else if (rrow[DB_type][0] == 'R')
|
||||
p = "Revoked";
|
||||
else if (rrow[DB_type][0] == 'V')
|
||||
p = "Valid";
|
||||
else
|
||||
p = "\ninvalid type, Data base error\n";
|
||||
BIO_printf(bio_err, "Type :%s\n", p);;
|
||||
if (rrow[DB_type][0] == 'R') {
|
||||
p = rrow[DB_exp_date];
|
||||
if (p == NULL)
|
||||
p = "undef";
|
||||
BIO_printf(bio_err, "Was revoked on:%s\n", p);
|
||||
}
|
||||
p = rrow[DB_exp_date];
|
||||
if (p == NULL)
|
||||
p = "undef";
|
||||
BIO_printf(bio_err, "Expires on :%s\n", p);
|
||||
p = rrow[DB_serial];
|
||||
if (p == NULL)
|
||||
p = "undef";
|
||||
BIO_printf(bio_err, "Serial Number :%s\n", p);
|
||||
p = rrow[DB_file];
|
||||
if (p == NULL)
|
||||
p = "undef";
|
||||
BIO_printf(bio_err, "File name :%s\n", p);
|
||||
p = rrow[DB_name];
|
||||
if (p == NULL)
|
||||
p = "undef";
|
||||
BIO_printf(bio_err, "Subject Name :%s\n", p);
|
||||
ok = -1; /* This is now a 'bad' error. */
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* We are now totally happy, lets make and sign the certificate */
|
||||
if (verbose)
|
||||
BIO_printf(bio_err,
|
||||
@ -2056,10 +1955,124 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* Set the right value for the noemailDN option */
|
||||
if (email_dn == 0) {
|
||||
if (!X509_set_subject_name(ret, dn_subject))
|
||||
if (verbose)
|
||||
BIO_printf(bio_err,
|
||||
"The subject name appears to be ok, checking data base for clashes\n");
|
||||
|
||||
/* Build the correct Subject if no e-mail is wanted in the subject */
|
||||
|
||||
if (!email_dn) {
|
||||
X509_NAME_ENTRY *tmpne;
|
||||
X509_NAME *dn_subject;
|
||||
|
||||
/*
|
||||
* Its best to dup the subject DN and then delete any email addresses
|
||||
* because this retains its structure.
|
||||
*/
|
||||
if (!(dn_subject = X509_NAME_dup(subject))) {
|
||||
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||
goto err;
|
||||
}
|
||||
while ((i = X509_NAME_get_index_by_NID(dn_subject,
|
||||
NID_pkcs9_emailAddress,
|
||||
-1)) >= 0) {
|
||||
tmpne = X509_NAME_get_entry(dn_subject, i);
|
||||
X509_NAME_delete_entry(dn_subject, i);
|
||||
X509_NAME_ENTRY_free(tmpne);
|
||||
}
|
||||
|
||||
if (!X509_set_subject_name(ret, dn_subject)) {
|
||||
X509_NAME_free(dn_subject);
|
||||
goto err;
|
||||
}
|
||||
X509_NAME_free(dn_subject);
|
||||
}
|
||||
|
||||
row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0);
|
||||
if (row[DB_name] == NULL) {
|
||||
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (BN_is_zero(serial))
|
||||
row[DB_serial] = BUF_strdup("00");
|
||||
else
|
||||
row[DB_serial] = BN_bn2hex(serial);
|
||||
if (row[DB_serial] == NULL) {
|
||||
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (row[DB_name][0] == '\0') {
|
||||
/*
|
||||
* An empty subject! We'll use the serial number instead. If
|
||||
* unique_subject is in use then we don't want different entries with
|
||||
* empty subjects matching each other.
|
||||
*/
|
||||
OPENSSL_free(row[DB_name]);
|
||||
row[DB_name] = OPENSSL_strdup(row[DB_serial]);
|
||||
if (row[DB_name] == NULL) {
|
||||
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
|
||||
if (db->attributes.unique_subject) {
|
||||
OPENSSL_STRING *crow = row;
|
||||
|
||||
rrow = TXT_DB_get_by_index(db->db, DB_name, crow);
|
||||
if (rrow != NULL) {
|
||||
BIO_printf(bio_err,
|
||||
"ERROR:There is already a certificate for %s\n",
|
||||
row[DB_name]);
|
||||
}
|
||||
}
|
||||
if (rrow == NULL) {
|
||||
rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
|
||||
if (rrow != NULL) {
|
||||
BIO_printf(bio_err,
|
||||
"ERROR:Serial number %s has already been issued,\n",
|
||||
row[DB_serial]);
|
||||
BIO_printf(bio_err,
|
||||
" check the database/serial_file for corruption\n");
|
||||
}
|
||||
}
|
||||
|
||||
if (rrow != NULL) {
|
||||
BIO_printf(bio_err, "The matching entry has the following details\n");
|
||||
if (rrow[DB_type][0] == 'E')
|
||||
p = "Expired";
|
||||
else if (rrow[DB_type][0] == 'R')
|
||||
p = "Revoked";
|
||||
else if (rrow[DB_type][0] == 'V')
|
||||
p = "Valid";
|
||||
else
|
||||
p = "\ninvalid type, Data base error\n";
|
||||
BIO_printf(bio_err, "Type :%s\n", p);;
|
||||
if (rrow[DB_type][0] == 'R') {
|
||||
p = rrow[DB_exp_date];
|
||||
if (p == NULL)
|
||||
p = "undef";
|
||||
BIO_printf(bio_err, "Was revoked on:%s\n", p);
|
||||
}
|
||||
p = rrow[DB_exp_date];
|
||||
if (p == NULL)
|
||||
p = "undef";
|
||||
BIO_printf(bio_err, "Expires on :%s\n", p);
|
||||
p = rrow[DB_serial];
|
||||
if (p == NULL)
|
||||
p = "undef";
|
||||
BIO_printf(bio_err, "Serial Number :%s\n", p);
|
||||
p = rrow[DB_file];
|
||||
if (p == NULL)
|
||||
p = "undef";
|
||||
BIO_printf(bio_err, "File name :%s\n", p);
|
||||
p = rrow[DB_name];
|
||||
if (p == NULL)
|
||||
p = "undef";
|
||||
BIO_printf(bio_err, "Subject Name :%s\n", p);
|
||||
ok = -1; /* This is now a 'bad' error. */
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (!default_op) {
|
||||
@ -2110,10 +2123,9 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
|
||||
row[DB_exp_date] = OPENSSL_malloc(tm->length + 1);
|
||||
row[DB_rev_date] = OPENSSL_malloc(1);
|
||||
row[DB_file] = OPENSSL_malloc(8);
|
||||
row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0);
|
||||
if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
|
||||
(row[DB_rev_date] == NULL) ||
|
||||
(row[DB_file] == NULL) || (row[DB_name] == NULL)) {
|
||||
(row[DB_file] == NULL)) {
|
||||
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||
goto err;
|
||||
}
|
||||
@ -2143,18 +2155,16 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
|
||||
irow = NULL;
|
||||
ok = 1;
|
||||
err:
|
||||
if (irow != NULL) {
|
||||
if (ok != 1) {
|
||||
for (i = 0; i < DB_NUMBER; i++)
|
||||
OPENSSL_free(row[i]);
|
||||
OPENSSL_free(irow);
|
||||
}
|
||||
OPENSSL_free(irow);
|
||||
|
||||
if (CAname != NULL)
|
||||
X509_NAME_free(CAname);
|
||||
if (subject != NULL)
|
||||
X509_NAME_free(subject);
|
||||
if ((dn_subject != NULL) && !email_dn)
|
||||
X509_NAME_free(dn_subject);
|
||||
if (tmptm != NULL)
|
||||
ASN1_UTCTIME_free(tmptm);
|
||||
if (ok <= 0) {
|
||||
@ -2357,6 +2367,11 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
|
||||
else
|
||||
row[DB_serial] = BN_bn2hex(bn);
|
||||
BN_free(bn);
|
||||
if (row[DB_name] != NULL && row[DB_name][0] == '\0') {
|
||||
/* Entries with empty Subjects actually use the serial number instead */
|
||||
OPENSSL_free(row[DB_name]);
|
||||
row[DB_name] = OPENSSL_strdup(row[DB_serial]);
|
||||
}
|
||||
if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) {
|
||||
BIO_printf(bio_err, "Memory allocation failure\n");
|
||||
goto err;
|
||||
|
@ -217,7 +217,7 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf(STDout, "%s - ", nm);
|
||||
}
|
||||
#endif
|
||||
BIO_puts(STDout, SSL_CIPHER_description(c, buf, sizeof buf));
|
||||
BIO_puts(STDout, SSL_CIPHER_description(c, buf, sizeof(buf)));
|
||||
}
|
||||
}
|
||||
|
||||
|
10
apps/cms.c
10
apps/cms.c
@ -4,7 +4,7 @@
|
||||
* project.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 2008-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -977,12 +977,16 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL,
|
||||
e, "signer certificate");
|
||||
if (!signer)
|
||||
if (!signer) {
|
||||
ret = 2;
|
||||
goto end;
|
||||
}
|
||||
key = load_key(bio_err, keyfile, keyform, 0, passin, e,
|
||||
"signing key file");
|
||||
if (!key)
|
||||
if (!key) {
|
||||
ret = 2;
|
||||
goto end;
|
||||
}
|
||||
for (kparam = key_first; kparam; kparam = kparam->next) {
|
||||
if (kparam->idx == i) {
|
||||
tflags |= CMS_KEY_PARAM;
|
||||
|
@ -145,7 +145,7 @@ int MAIN(int argc, char **argv)
|
||||
goto end;
|
||||
|
||||
/* first check the program name */
|
||||
program_name(argv[0], pname, sizeof pname);
|
||||
program_name(argv[0], pname, sizeof(pname));
|
||||
|
||||
md = EVP_get_digestbyname(pname);
|
||||
|
||||
|
@ -382,6 +382,9 @@ int MAIN(int argc, char **argv)
|
||||
printf("\treturn(dsa);\n\t}\n");
|
||||
}
|
||||
|
||||
if (outformat == FORMAT_ASN1 && genkey)
|
||||
noout = 1;
|
||||
|
||||
if (!noout) {
|
||||
if (outformat == FORMAT_ASN1)
|
||||
i = i2d_DSAparams_bio(out, dsa);
|
||||
|
@ -3,7 +3,7 @@
|
||||
* Written by Nils Larsch for the OpenSSL project.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -546,6 +546,9 @@ int MAIN(int argc, char **argv)
|
||||
BIO_printf(out, "\treturn(group);\n\t}\n");
|
||||
}
|
||||
|
||||
if (outformat == FORMAT_ASN1 && genkey)
|
||||
noout = 1;
|
||||
|
||||
if (!noout) {
|
||||
if (outformat == FORMAT_ASN1)
|
||||
i = i2d_ECPKParameters_bio(out, group);
|
||||
@ -582,6 +585,9 @@ int MAIN(int argc, char **argv)
|
||||
if (EC_KEY_set_group(eckey, group) == 0)
|
||||
goto end;
|
||||
|
||||
if (new_form)
|
||||
EC_KEY_set_conv_form(eckey, form);
|
||||
|
||||
if (!EC_KEY_generate_key(eckey)) {
|
||||
EC_KEY_free(eckey);
|
||||
goto end;
|
||||
|
24
apps/enc.c
24
apps/enc.c
@ -114,7 +114,7 @@ int MAIN(int, char **);
|
||||
int MAIN(int argc, char **argv)
|
||||
{
|
||||
static const char magic[] = "Salted__";
|
||||
char mbuf[sizeof magic - 1];
|
||||
char mbuf[sizeof(magic) - 1];
|
||||
char *strbuf = NULL;
|
||||
unsigned char *buff = NULL, *bufsize = NULL;
|
||||
int bsize = BSIZE, verbose = 0;
|
||||
@ -154,7 +154,7 @@ int MAIN(int argc, char **argv)
|
||||
goto end;
|
||||
|
||||
/* first check the program name */
|
||||
program_name(argv[0], pname, sizeof pname);
|
||||
program_name(argv[0], pname, sizeof(pname));
|
||||
if (strcmp(pname, "base64") == 0)
|
||||
base64 = 1;
|
||||
#ifdef ZLIB
|
||||
@ -247,7 +247,7 @@ int MAIN(int argc, char **argv)
|
||||
goto bad;
|
||||
}
|
||||
buf[0] = '\0';
|
||||
if (!fgets(buf, sizeof buf, infile)) {
|
||||
if (!fgets(buf, sizeof(buf), infile)) {
|
||||
BIO_printf(bio_err, "unable to read key from '%s'\n", file);
|
||||
goto bad;
|
||||
}
|
||||
@ -432,7 +432,7 @@ int MAIN(int argc, char **argv)
|
||||
for (;;) {
|
||||
char buf[200];
|
||||
|
||||
BIO_snprintf(buf, sizeof buf, "enter %s %s password:",
|
||||
BIO_snprintf(buf, sizeof(buf), "enter %s %s password:",
|
||||
OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
|
||||
(enc) ? "encryption" : "decryption");
|
||||
strbuf[0] = '\0';
|
||||
@ -517,31 +517,31 @@ int MAIN(int argc, char **argv)
|
||||
else {
|
||||
if (enc) {
|
||||
if (hsalt) {
|
||||
if (!set_hex(hsalt, salt, sizeof salt)) {
|
||||
if (!set_hex(hsalt, salt, sizeof(salt))) {
|
||||
BIO_printf(bio_err, "invalid hex salt value\n");
|
||||
goto end;
|
||||
}
|
||||
} else if (RAND_bytes(salt, sizeof salt) <= 0)
|
||||
} else if (RAND_bytes(salt, sizeof(salt)) <= 0)
|
||||
goto end;
|
||||
/*
|
||||
* If -P option then don't bother writing
|
||||
*/
|
||||
if ((printkey != 2)
|
||||
&& (BIO_write(wbio, magic,
|
||||
sizeof magic - 1) != sizeof magic - 1
|
||||
sizeof(magic) - 1) != sizeof(magic) - 1
|
||||
|| BIO_write(wbio,
|
||||
(char *)salt,
|
||||
sizeof salt) != sizeof salt)) {
|
||||
sizeof(salt)) != sizeof(salt))) {
|
||||
BIO_printf(bio_err, "error writing output file\n");
|
||||
goto end;
|
||||
}
|
||||
} else if (BIO_read(rbio, mbuf, sizeof mbuf) != sizeof mbuf
|
||||
} else if (BIO_read(rbio, mbuf, sizeof(mbuf)) != sizeof(mbuf)
|
||||
|| BIO_read(rbio,
|
||||
(unsigned char *)salt,
|
||||
sizeof salt) != sizeof salt) {
|
||||
sizeof(salt)) != sizeof(salt)) {
|
||||
BIO_printf(bio_err, "error reading input file\n");
|
||||
goto end;
|
||||
} else if (memcmp(mbuf, magic, sizeof magic - 1)) {
|
||||
} else if (memcmp(mbuf, magic, sizeof(magic) - 1)) {
|
||||
BIO_printf(bio_err, "bad magic number\n");
|
||||
goto end;
|
||||
}
|
||||
@ -564,7 +564,7 @@ int MAIN(int argc, char **argv)
|
||||
int siz = EVP_CIPHER_iv_length(cipher);
|
||||
if (siz == 0) {
|
||||
BIO_printf(bio_err, "warning: iv not use by this cipher\n");
|
||||
} else if (!set_hex(hiv, iv, sizeof iv)) {
|
||||
} else if (!set_hex(hiv, iv, sizeof(iv))) {
|
||||
BIO_printf(bio_err, "invalid hex iv value\n");
|
||||
goto end;
|
||||
}
|
||||
|
@ -108,7 +108,7 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
for (i = 1; i < argc; i++) {
|
||||
if (sscanf(argv[i], "%lx", &l)) {
|
||||
ERR_error_string_n(l, buf, sizeof buf);
|
||||
ERR_error_string_n(l, buf, sizeof(buf));
|
||||
printf("%s\n", buf);
|
||||
} else {
|
||||
printf("%s: bad error code\n", argv[i]);
|
||||
|
@ -1195,7 +1195,7 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
|
||||
*pcbio = cbio;
|
||||
|
||||
for (;;) {
|
||||
len = BIO_gets(cbio, inbuf, sizeof inbuf);
|
||||
len = BIO_gets(cbio, inbuf, sizeof(inbuf));
|
||||
if (len <= 0)
|
||||
return 1;
|
||||
/* Look for "POST" signalling start of query */
|
||||
|
@ -351,7 +351,7 @@ int main(int Argc, char *ARGV[])
|
||||
prog = prog_init();
|
||||
|
||||
/* first check the program name */
|
||||
program_name(Argv[0], pname, sizeof pname);
|
||||
program_name(Argv[0], pname, sizeof(pname));
|
||||
|
||||
f.name = pname;
|
||||
fp = lh_FUNCTION_retrieve(prog, &f);
|
||||
@ -379,7 +379,7 @@ int main(int Argc, char *ARGV[])
|
||||
for (;;) {
|
||||
ret = 0;
|
||||
p = buf;
|
||||
n = sizeof buf;
|
||||
n = sizeof(buf);
|
||||
i = 0;
|
||||
for (;;) {
|
||||
p[0] = '\0';
|
||||
@ -685,7 +685,7 @@ static LHASH_OF(FUNCTION) *prog_init(void)
|
||||
|
||||
/* Purely so it looks nice when the user hits ? */
|
||||
for (i = 0, f = functions; f->name != NULL; ++f, ++i) ;
|
||||
qsort(functions, i, sizeof *functions, SortFnByName);
|
||||
qsort(functions, i, sizeof(*functions), SortFnByName);
|
||||
|
||||
if ((ret = lh_FUNCTION_new()) == NULL)
|
||||
return (NULL);
|
||||
|
@ -252,7 +252,7 @@ int MAIN(int argc, char **argv)
|
||||
/* ignore rest of line */
|
||||
char trash[BUFSIZ];
|
||||
do
|
||||
r = BIO_gets(in, trash, sizeof trash);
|
||||
r = BIO_gets(in, trash, sizeof(trash));
|
||||
while ((r > 0) && (!strchr(trash, '\n')));
|
||||
}
|
||||
|
||||
@ -329,8 +329,8 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
|
||||
EVP_DigestUpdate(&md2, passwd, passwd_len);
|
||||
EVP_DigestFinal_ex(&md2, buf, NULL);
|
||||
|
||||
for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
|
||||
EVP_DigestUpdate(&md, buf, sizeof buf);
|
||||
for (i = passwd_len; i > sizeof(buf); i -= sizeof(buf))
|
||||
EVP_DigestUpdate(&md, buf, sizeof(buf));
|
||||
EVP_DigestUpdate(&md, buf, i);
|
||||
|
||||
n = passwd_len;
|
||||
@ -343,13 +343,13 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
|
||||
for (i = 0; i < 1000; i++) {
|
||||
EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
|
||||
EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *)passwd : buf,
|
||||
(i & 1) ? passwd_len : sizeof buf);
|
||||
(i & 1) ? passwd_len : sizeof(buf));
|
||||
if (i % 3)
|
||||
EVP_DigestUpdate(&md2, salt_out, salt_len);
|
||||
if (i % 7)
|
||||
EVP_DigestUpdate(&md2, passwd, passwd_len);
|
||||
EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *)passwd,
|
||||
(i & 1) ? sizeof buf : passwd_len);
|
||||
(i & 1) ? sizeof(buf) : passwd_len);
|
||||
EVP_DigestFinal_ex(&md2, buf, NULL);
|
||||
}
|
||||
EVP_MD_CTX_cleanup(&md2);
|
||||
@ -357,7 +357,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
|
||||
{
|
||||
/* transform buf into output string */
|
||||
|
||||
unsigned char buf_perm[sizeof buf];
|
||||
unsigned char buf_perm[sizeof(buf)];
|
||||
int dest, source;
|
||||
char *output;
|
||||
|
||||
@ -369,7 +369,7 @@ static char *md5crypt(const char *passwd, const char *magic, const char *salt)
|
||||
buf_perm[15] = buf[11];
|
||||
# ifndef PEDANTIC /* Unfortunately, this generates a "no
|
||||
* effect" warning */
|
||||
assert(16 == sizeof buf_perm);
|
||||
assert(16 == sizeof(buf_perm));
|
||||
# endif
|
||||
|
||||
output = salt_out + salt_len;
|
||||
|
@ -481,7 +481,7 @@ int MAIN(int argc, char **argv)
|
||||
CRYPTO_push_info("read MAC password");
|
||||
# endif
|
||||
if (EVP_read_pw_string
|
||||
(macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
|
||||
(macpass, sizeof(macpass), "Enter MAC Password:", export_cert)) {
|
||||
BIO_printf(bio_err, "Can't read Password\n");
|
||||
goto end;
|
||||
}
|
||||
@ -629,13 +629,13 @@ int MAIN(int argc, char **argv)
|
||||
# endif
|
||||
|
||||
if (!noprompt &&
|
||||
EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:",
|
||||
EVP_read_pw_string(pass, sizeof(pass), "Enter Export Password:",
|
||||
1)) {
|
||||
BIO_printf(bio_err, "Can't read Password\n");
|
||||
goto export_end;
|
||||
}
|
||||
if (!twopass)
|
||||
BUF_strlcpy(macpass, pass, sizeof macpass);
|
||||
BUF_strlcpy(macpass, pass, sizeof(macpass));
|
||||
|
||||
# ifdef CRYPTO_MDEBUG
|
||||
CRYPTO_pop_info();
|
||||
@ -698,7 +698,7 @@ int MAIN(int argc, char **argv)
|
||||
CRYPTO_push_info("read import password");
|
||||
# endif
|
||||
if (!noprompt
|
||||
&& EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:",
|
||||
&& EVP_read_pw_string(pass, sizeof(pass), "Enter Import Password:",
|
||||
0)) {
|
||||
BIO_printf(bio_err, "Can't read Password\n");
|
||||
goto end;
|
||||
@ -708,7 +708,7 @@ int MAIN(int argc, char **argv)
|
||||
# endif
|
||||
|
||||
if (!twopass)
|
||||
BUF_strlcpy(macpass, pass, sizeof macpass);
|
||||
BUF_strlcpy(macpass, pass, sizeof(macpass));
|
||||
|
||||
if ((options & INFO) && p12->mac)
|
||||
BIO_printf(bio_err, "MAC Iteration %ld\n",
|
||||
|
@ -277,7 +277,7 @@ int MAIN(int argc, char **argv)
|
||||
else {
|
||||
p8pass = pass;
|
||||
if (EVP_read_pw_string
|
||||
(pass, sizeof pass, "Enter Encryption Password:", 1))
|
||||
(pass, sizeof(pass), "Enter Encryption Password:", 1))
|
||||
goto end;
|
||||
}
|
||||
app_RAND_load_file(NULL, bio_err, 0);
|
||||
@ -331,7 +331,7 @@ int MAIN(int argc, char **argv)
|
||||
p8pass = passin;
|
||||
else {
|
||||
p8pass = pass;
|
||||
EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
|
||||
EVP_read_pw_string(pass, sizeof(pass), "Enter Password:", 0);
|
||||
}
|
||||
p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
|
||||
}
|
||||
|
@ -198,7 +198,7 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
chunk = num;
|
||||
if (chunk > (int)sizeof(buf))
|
||||
chunk = sizeof buf;
|
||||
chunk = sizeof(buf);
|
||||
r = RAND_bytes(buf, chunk);
|
||||
if (r <= 0)
|
||||
goto err;
|
||||
|
36
apps/req.c
36
apps/req.c
@ -1193,7 +1193,7 @@ static int prompt_info(X509_REQ *req,
|
||||
/* If OBJ not recognised ignore it */
|
||||
if ((nid = OBJ_txt2nid(type)) == NID_undef)
|
||||
goto start;
|
||||
if (BIO_snprintf(buf, sizeof buf, "%s_default", v->name)
|
||||
if (BIO_snprintf(buf, sizeof(buf), "%s_default", v->name)
|
||||
>= (int)sizeof(buf)) {
|
||||
BIO_printf(bio_err, "Name '%s' too long\n", v->name);
|
||||
return 0;
|
||||
@ -1204,19 +1204,19 @@ static int prompt_info(X509_REQ *req,
|
||||
def = "";
|
||||
}
|
||||
|
||||
BIO_snprintf(buf, sizeof buf, "%s_value", v->name);
|
||||
BIO_snprintf(buf, sizeof(buf), "%s_value", v->name);
|
||||
if ((value = NCONF_get_string(req_conf, dn_sect, buf)) == NULL) {
|
||||
ERR_clear_error();
|
||||
value = NULL;
|
||||
}
|
||||
|
||||
BIO_snprintf(buf, sizeof buf, "%s_min", v->name);
|
||||
BIO_snprintf(buf, sizeof(buf), "%s_min", v->name);
|
||||
if (!NCONF_get_number(req_conf, dn_sect, buf, &n_min)) {
|
||||
ERR_clear_error();
|
||||
n_min = -1;
|
||||
}
|
||||
|
||||
BIO_snprintf(buf, sizeof buf, "%s_max", v->name);
|
||||
BIO_snprintf(buf, sizeof(buf), "%s_max", v->name);
|
||||
if (!NCONF_get_number(req_conf, dn_sect, buf, &n_max)) {
|
||||
ERR_clear_error();
|
||||
n_max = -1;
|
||||
@ -1252,7 +1252,7 @@ static int prompt_info(X509_REQ *req,
|
||||
if ((nid = OBJ_txt2nid(type)) == NID_undef)
|
||||
goto start2;
|
||||
|
||||
if (BIO_snprintf(buf, sizeof buf, "%s_default", type)
|
||||
if (BIO_snprintf(buf, sizeof(buf), "%s_default", type)
|
||||
>= (int)sizeof(buf)) {
|
||||
BIO_printf(bio_err, "Name '%s' too long\n", v->name);
|
||||
return 0;
|
||||
@ -1264,20 +1264,20 @@ static int prompt_info(X509_REQ *req,
|
||||
def = "";
|
||||
}
|
||||
|
||||
BIO_snprintf(buf, sizeof buf, "%s_value", type);
|
||||
BIO_snprintf(buf, sizeof(buf), "%s_value", type);
|
||||
if ((value = NCONF_get_string(req_conf, attr_sect, buf))
|
||||
== NULL) {
|
||||
ERR_clear_error();
|
||||
value = NULL;
|
||||
}
|
||||
|
||||
BIO_snprintf(buf, sizeof buf, "%s_min", type);
|
||||
BIO_snprintf(buf, sizeof(buf), "%s_min", type);
|
||||
if (!NCONF_get_number(req_conf, attr_sect, buf, &n_min)) {
|
||||
ERR_clear_error();
|
||||
n_min = -1;
|
||||
}
|
||||
|
||||
BIO_snprintf(buf, sizeof buf, "%s_max", type);
|
||||
BIO_snprintf(buf, sizeof(buf), "%s_max", type);
|
||||
if (!NCONF_get_number(req_conf, attr_sect, buf, &n_max)) {
|
||||
ERR_clear_error();
|
||||
n_max = -1;
|
||||
@ -1372,13 +1372,13 @@ static int add_DN_object(X509_NAME *n, char *text, const char *def,
|
||||
BIO_printf(bio_err, "%s [%s]:", text, def);
|
||||
(void)BIO_flush(bio_err);
|
||||
if (value != NULL) {
|
||||
BUF_strlcpy(buf, value, sizeof buf);
|
||||
BUF_strlcat(buf, "\n", sizeof buf);
|
||||
BUF_strlcpy(buf, value, sizeof(buf));
|
||||
BUF_strlcat(buf, "\n", sizeof(buf));
|
||||
BIO_printf(bio_err, "%s\n", value);
|
||||
} else {
|
||||
buf[0] = '\0';
|
||||
if (!batch) {
|
||||
if (!fgets(buf, sizeof buf, stdin))
|
||||
if (!fgets(buf, sizeof(buf), stdin))
|
||||
return 0;
|
||||
} else {
|
||||
buf[0] = '\n';
|
||||
@ -1391,8 +1391,8 @@ static int add_DN_object(X509_NAME *n, char *text, const char *def,
|
||||
else if (buf[0] == '\n') {
|
||||
if ((def == NULL) || (def[0] == '\0'))
|
||||
return (1);
|
||||
BUF_strlcpy(buf, def, sizeof buf);
|
||||
BUF_strlcat(buf, "\n", sizeof buf);
|
||||
BUF_strlcpy(buf, def, sizeof(buf));
|
||||
BUF_strlcat(buf, "\n", sizeof(buf));
|
||||
} else if ((buf[0] == '.') && (buf[1] == '\n'))
|
||||
return (1);
|
||||
|
||||
@ -1431,13 +1431,13 @@ static int add_attribute_object(X509_REQ *req, char *text, const char *def,
|
||||
BIO_printf(bio_err, "%s [%s]:", text, def);
|
||||
(void)BIO_flush(bio_err);
|
||||
if (value != NULL) {
|
||||
BUF_strlcpy(buf, value, sizeof buf);
|
||||
BUF_strlcat(buf, "\n", sizeof buf);
|
||||
BUF_strlcpy(buf, value, sizeof(buf));
|
||||
BUF_strlcat(buf, "\n", sizeof(buf));
|
||||
BIO_printf(bio_err, "%s\n", value);
|
||||
} else {
|
||||
buf[0] = '\0';
|
||||
if (!batch) {
|
||||
if (!fgets(buf, sizeof buf, stdin))
|
||||
if (!fgets(buf, sizeof(buf), stdin))
|
||||
return 0;
|
||||
} else {
|
||||
buf[0] = '\n';
|
||||
@ -1450,8 +1450,8 @@ static int add_attribute_object(X509_REQ *req, char *text, const char *def,
|
||||
else if (buf[0] == '\n') {
|
||||
if ((def == NULL) || (def[0] == '\0'))
|
||||
return (1);
|
||||
BUF_strlcpy(buf, def, sizeof buf);
|
||||
BUF_strlcat(buf, "\n", sizeof buf);
|
||||
BUF_strlcpy(buf, def, sizeof(buf));
|
||||
BUF_strlcat(buf, "\n", sizeof(buf));
|
||||
} else if ((buf[0] == '.') && (buf[1] == '\n'))
|
||||
return (1);
|
||||
|
||||
|
@ -2166,10 +2166,10 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
||||
BIO_printf(bio, "---\nCertificate chain\n");
|
||||
for (i = 0; i < sk_X509_num(sk); i++) {
|
||||
X509_NAME_oneline(X509_get_subject_name(sk_X509_value(sk, i)),
|
||||
buf, sizeof buf);
|
||||
buf, sizeof(buf));
|
||||
BIO_printf(bio, "%2d s:%s\n", i, buf);
|
||||
X509_NAME_oneline(X509_get_issuer_name(sk_X509_value(sk, i)),
|
||||
buf, sizeof buf);
|
||||
buf, sizeof(buf));
|
||||
BIO_printf(bio, " i:%s\n", buf);
|
||||
if (c_showcerts)
|
||||
PEM_write_bio_X509(bio, sk_X509_value(sk, i));
|
||||
@ -2184,9 +2184,9 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
||||
/* Redundant if we showed the whole chain */
|
||||
if (!(c_showcerts && got_a_chain))
|
||||
PEM_write_bio_X509(bio, peer);
|
||||
X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
|
||||
X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof(buf));
|
||||
BIO_printf(bio, "subject=%s\n", buf);
|
||||
X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
|
||||
X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof(buf));
|
||||
BIO_printf(bio, "issuer=%s\n", buf);
|
||||
} else
|
||||
BIO_printf(bio, "no peer certificate available\n");
|
||||
@ -2203,7 +2203,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
|
||||
} else {
|
||||
BIO_printf(bio, "---\nNo client certificate CA names sent\n");
|
||||
}
|
||||
p = SSL_get_shared_ciphers(s, buf, sizeof buf);
|
||||
p = SSL_get_shared_ciphers(s, buf, sizeof(buf));
|
||||
if (p != NULL) {
|
||||
/*
|
||||
* This works only for SSL 2. In later protocol versions, the
|
||||
|
@ -2008,7 +2008,7 @@ int MAIN(int argc, char *argv[])
|
||||
|
||||
SSL_CTX_set_verify(ctx, s_server_verify, verify_callback);
|
||||
SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context,
|
||||
sizeof s_server_session_id_context);
|
||||
sizeof(s_server_session_id_context));
|
||||
|
||||
/* Set DTLS cookie generation and verification callbacks */
|
||||
SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
|
||||
@ -2019,7 +2019,7 @@ int MAIN(int argc, char *argv[])
|
||||
SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback);
|
||||
SSL_CTX_set_session_id_context(ctx2,
|
||||
(void *)&s_server_session_id_context,
|
||||
sizeof s_server_session_id_context);
|
||||
sizeof(s_server_session_id_context));
|
||||
|
||||
tlsextcbp.biodebug = bio_s_out;
|
||||
SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
|
||||
@ -2666,14 +2666,14 @@ static int init_ssl_connection(SSL *con)
|
||||
if (peer != NULL) {
|
||||
BIO_printf(bio_s_out, "Client certificate\n");
|
||||
PEM_write_bio_X509(bio_s_out, peer);
|
||||
X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
|
||||
X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof(buf));
|
||||
BIO_printf(bio_s_out, "subject=%s\n", buf);
|
||||
X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
|
||||
X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof(buf));
|
||||
BIO_printf(bio_s_out, "issuer=%s\n", buf);
|
||||
X509_free(peer);
|
||||
}
|
||||
|
||||
if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL)
|
||||
if (SSL_get_shared_ciphers(con, buf, sizeof(buf)) != NULL)
|
||||
BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
|
||||
str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
|
||||
ssl_print_sigalgs(bio_s_out, con);
|
||||
|
@ -235,7 +235,7 @@ int init_client(int *sock, char *host, int port, int type)
|
||||
{
|
||||
unsigned char ip[4];
|
||||
|
||||
memset(ip, '\0', sizeof ip);
|
||||
memset(ip, '\0', sizeof(ip));
|
||||
if (!host_ip(host, &(ip[0])))
|
||||
return 0;
|
||||
return init_client_ip(sock, ip, port, type);
|
||||
@ -360,7 +360,7 @@ static int init_server_long(int *sock, int port, char *ip, int type)
|
||||
# if defined SOL_SOCKET && defined SO_REUSEADDR
|
||||
{
|
||||
int j = 1;
|
||||
setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j);
|
||||
setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof(j));
|
||||
}
|
||||
# endif
|
||||
if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) {
|
||||
@ -595,7 +595,7 @@ static struct hostent *GetHostByName(char *name)
|
||||
if (ret == NULL)
|
||||
return (NULL);
|
||||
/* else add to cache */
|
||||
if (strlen(name) < sizeof ghbn_cache[0].name) {
|
||||
if (strlen(name) < sizeof(ghbn_cache[0].name)) {
|
||||
strcpy(ghbn_cache[lowi].name, name);
|
||||
memcpy((char *)&(ghbn_cache[lowi].ent), ret,
|
||||
sizeof(struct hostent));
|
||||
|
@ -422,7 +422,7 @@ int MAIN(int argc, char **argv)
|
||||
goto end;
|
||||
|
||||
if (s_www_path != NULL) {
|
||||
BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
|
||||
BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n",
|
||||
s_www_path);
|
||||
SSL_write(scon, buf, strlen(buf));
|
||||
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
|
||||
@ -481,7 +481,7 @@ int MAIN(int argc, char **argv)
|
||||
}
|
||||
|
||||
if (s_www_path != NULL) {
|
||||
BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", s_www_path);
|
||||
BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n", s_www_path);
|
||||
SSL_write(scon, buf, strlen(buf));
|
||||
while (SSL_read(scon, buf, sizeof(buf)) > 0) ;
|
||||
}
|
||||
@ -517,7 +517,7 @@ int MAIN(int argc, char **argv)
|
||||
goto end;
|
||||
|
||||
if (s_www_path) {
|
||||
BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
|
||||
BIO_snprintf(buf, sizeof(buf), "GET %s HTTP/1.0\r\n\r\n",
|
||||
s_www_path);
|
||||
SSL_write(scon, buf, strlen(buf));
|
||||
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
|
||||
|
12
apps/speed.c
12
apps/speed.c
@ -2091,7 +2091,7 @@ int MAIN(int argc, char **argv)
|
||||
RAND_pseudo_bytes(buf, 20);
|
||||
# ifndef OPENSSL_NO_DSA
|
||||
if (RAND_status() != 1) {
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed);
|
||||
RAND_seed(rnd_seed, sizeof(rnd_seed));
|
||||
rnd_fake = 1;
|
||||
}
|
||||
for (j = 0; j < DSA_NUM; j++) {
|
||||
@ -2170,7 +2170,7 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
# ifndef OPENSSL_NO_ECDSA
|
||||
if (RAND_status() != 1) {
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed);
|
||||
RAND_seed(rnd_seed, sizeof(rnd_seed));
|
||||
rnd_fake = 1;
|
||||
}
|
||||
for (j = 0; j < EC_NUM; j++) {
|
||||
@ -2265,7 +2265,7 @@ int MAIN(int argc, char **argv)
|
||||
|
||||
# ifndef OPENSSL_NO_ECDH
|
||||
if (RAND_status() != 1) {
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed);
|
||||
RAND_seed(rnd_seed, sizeof(rnd_seed));
|
||||
rnd_fake = 1;
|
||||
}
|
||||
for (j = 0; j < EC_NUM; j++) {
|
||||
@ -2588,7 +2588,7 @@ static char *sstrsep(char **string, const char *delim)
|
||||
if (**string == 0)
|
||||
return NULL;
|
||||
|
||||
memset(isdelim, 0, sizeof isdelim);
|
||||
memset(isdelim, 0, sizeof(isdelim));
|
||||
isdelim[0] = 1;
|
||||
|
||||
while (*delim) {
|
||||
@ -2615,7 +2615,7 @@ static int do_multi(int multi)
|
||||
int *fds;
|
||||
static char sep[] = ":";
|
||||
|
||||
fds = malloc(multi * sizeof *fds);
|
||||
fds = malloc(multi * sizeof(*fds));
|
||||
if (fds == NULL) {
|
||||
fprintf(stderr, "Out of memory in speed (do_multi)\n");
|
||||
exit(1);
|
||||
@ -2653,7 +2653,7 @@ static int do_multi(int multi)
|
||||
char *p;
|
||||
|
||||
f = fdopen(fds[n], "r");
|
||||
while (fgets(buf, sizeof buf, f)) {
|
||||
while (fgets(buf, sizeof(buf), f)) {
|
||||
p = strchr(buf, '\n');
|
||||
if (p)
|
||||
*p = '\0';
|
||||
|
@ -817,10 +817,10 @@ int MAIN(int argc, char **argv)
|
||||
char *m;
|
||||
int y, z;
|
||||
|
||||
X509_NAME_oneline(X509_get_subject_name(x), buf, sizeof buf);
|
||||
X509_NAME_oneline(X509_get_subject_name(x), buf, sizeof(buf));
|
||||
BIO_printf(STDout, "/* subject:%s */\n", buf);
|
||||
m = X509_NAME_oneline(X509_get_issuer_name(x), buf,
|
||||
sizeof buf);
|
||||
sizeof(buf));
|
||||
BIO_printf(STDout, "/* issuer :%s */\n", buf);
|
||||
|
||||
z = i2d_X509(x, NULL);
|
||||
|
@ -78,7 +78,7 @@ int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
|
||||
ASN1_STRING tmpstr = *(ASN1_STRING *)a;
|
||||
|
||||
len = tmpstr.length;
|
||||
ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
|
||||
ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len);
|
||||
tmpstr.data = tmp;
|
||||
|
||||
a = (ASN1_GENERALIZEDTIME *)&tmpstr;
|
||||
|
@ -149,14 +149,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
|
||||
|
||||
if ((minsize > 0) && (nchar < minsize)) {
|
||||
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
|
||||
BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
|
||||
BIO_snprintf(strbuf, sizeof(strbuf), "%ld", minsize);
|
||||
ERR_add_error_data(2, "minsize=", strbuf);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if ((maxsize > 0) && (nchar > maxsize)) {
|
||||
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
|
||||
BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
|
||||
BIO_snprintf(strbuf, sizeof(strbuf), "%ld", maxsize);
|
||||
ERR_add_error_data(2, "maxsize=", strbuf);
|
||||
return -1;
|
||||
}
|
||||
|
@ -89,7 +89,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
|
||||
{
|
||||
int i, first, len = 0, c, use_bn;
|
||||
char ftmp[24], *tmp = ftmp;
|
||||
int tmpsize = sizeof ftmp;
|
||||
int tmpsize = sizeof(ftmp);
|
||||
const char *p;
|
||||
unsigned long l;
|
||||
BIGNUM *bl = NULL;
|
||||
@ -226,7 +226,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
|
||||
|
||||
if ((a == NULL) || (a->data == NULL))
|
||||
return (BIO_write(bp, "NULL", 4));
|
||||
i = i2t_ASN1_OBJECT(buf, sizeof buf, a);
|
||||
i = i2t_ASN1_OBJECT(buf, sizeof(buf), a);
|
||||
if (i > (int)(sizeof(buf) - 1)) {
|
||||
p = OPENSSL_malloc(i + 1);
|
||||
if (!p)
|
||||
|
@ -130,13 +130,13 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
|
||||
if (c > 0xffffffffL)
|
||||
return -1;
|
||||
if (c > 0xffff) {
|
||||
BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c);
|
||||
BIO_snprintf(tmphex, sizeof(tmphex), "\\W%08lX", c);
|
||||
if (!io_ch(arg, tmphex, 10))
|
||||
return -1;
|
||||
return 10;
|
||||
}
|
||||
if (c > 0xff) {
|
||||
BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c);
|
||||
BIO_snprintf(tmphex, sizeof(tmphex), "\\U%04lX", c);
|
||||
if (!io_ch(arg, tmphex, 6))
|
||||
return -1;
|
||||
return 6;
|
||||
@ -236,7 +236,7 @@ static int do_buf(unsigned char *buf, int buflen,
|
||||
if (type & BUF_TYPE_CONVUTF8) {
|
||||
unsigned char utfbuf[6];
|
||||
int utflen;
|
||||
utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
|
||||
utflen = UTF8_putc(utfbuf, sizeof(utfbuf), c);
|
||||
for (i = 0; i < utflen; i++) {
|
||||
/*
|
||||
* We don't need to worry about setting orflags correctly
|
||||
@ -533,7 +533,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
|
||||
if (fn_opt != XN_FLAG_FN_NONE) {
|
||||
int objlen, fld_len;
|
||||
if ((fn_opt == XN_FLAG_FN_OID) || (fn_nid == NID_undef)) {
|
||||
OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
|
||||
OBJ_obj2txt(objtmp, sizeof(objtmp), fn, 1);
|
||||
fld_len = 0; /* XXX: what should this be? */
|
||||
objbuf = objtmp;
|
||||
} else {
|
||||
|
@ -86,7 +86,7 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
|
||||
tmpstr = *(ASN1_STRING *)a;
|
||||
len = tmpstr.length;
|
||||
ebcdic2ascii(tmp, tmpstr.data,
|
||||
(len >= sizeof tmp) ? sizeof tmp : len);
|
||||
(len >= sizeof(tmp)) ? sizeof(tmp) : len);
|
||||
tmpstr.data = tmp;
|
||||
a = (ASN1_GENERALIZEDTIME *)&tmpstr;
|
||||
}
|
||||
|
@ -76,7 +76,7 @@ int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
|
||||
ASN1_STRING x = *(ASN1_STRING *)a;
|
||||
|
||||
len = x.length;
|
||||
ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len);
|
||||
ebcdic2ascii(tmp, x.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len);
|
||||
x.data = tmp;
|
||||
return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
|
||||
# endif
|
||||
@ -317,7 +317,7 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
|
||||
struct tm tm;
|
||||
int offset;
|
||||
|
||||
memset(&tm, '\0', sizeof tm);
|
||||
memset(&tm, '\0', sizeof(tm));
|
||||
|
||||
# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
|
||||
tm.tm_year = g2(s->data);
|
||||
|
@ -1365,6 +1365,7 @@ void ERR_load_ASN1_strings(void);
|
||||
# define ASN1_R_MSTRING_NOT_UNIVERSAL 139
|
||||
# define ASN1_R_MSTRING_WRONG_TAG 140
|
||||
# define ASN1_R_NESTED_ASN1_STRING 197
|
||||
# define ASN1_R_NESTED_TOO_DEEP 219
|
||||
# define ASN1_R_NON_HEX_CHARACTERS 141
|
||||
# define ASN1_R_NOT_ASCII_FORMAT 190
|
||||
# define ASN1_R_NOT_ENOUGH_DATA 142
|
||||
|
@ -1,6 +1,6 @@
|
||||
/* crypto/asn1/asn1_err.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -279,6 +279,7 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
|
||||
{ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"},
|
||||
{ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"},
|
||||
{ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"},
|
||||
{ERR_REASON(ASN1_R_NESTED_TOO_DEEP), "nested too deep"},
|
||||
{ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"},
|
||||
{ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
|
||||
{ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},
|
||||
|
@ -456,8 +456,8 @@ void asn1_add_error(const unsigned char *address, int offset)
|
||||
{
|
||||
char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1];
|
||||
|
||||
BIO_snprintf(buf1, sizeof buf1, "%lu", (unsigned long)address);
|
||||
BIO_snprintf(buf2, sizeof buf2, "%d", offset);
|
||||
BIO_snprintf(buf1, sizeof(buf1), "%lu", (unsigned long)address);
|
||||
BIO_snprintf(buf2, sizeof(buf2), "%d", offset);
|
||||
ERR_add_error_data(4, "address=", buf1, " offset=", buf2);
|
||||
}
|
||||
|
||||
|
@ -87,13 +87,13 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
|
||||
|
||||
p = str;
|
||||
if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
|
||||
BIO_snprintf(str, sizeof str, "priv [ %d ] ", tag);
|
||||
BIO_snprintf(str, sizeof(str), "priv [ %d ] ", tag);
|
||||
else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
|
||||
BIO_snprintf(str, sizeof str, "cont [ %d ]", tag);
|
||||
BIO_snprintf(str, sizeof(str), "cont [ %d ]", tag);
|
||||
else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
|
||||
BIO_snprintf(str, sizeof str, "appl [ %d ]", tag);
|
||||
BIO_snprintf(str, sizeof(str), "appl [ %d ]", tag);
|
||||
else if (tag > 30)
|
||||
BIO_snprintf(str, sizeof str, "<ASN1 %d>", tag);
|
||||
BIO_snprintf(str, sizeof(str), "<ASN1 %d>", tag);
|
||||
else
|
||||
p = ASN1_tag2str(tag);
|
||||
|
||||
|
@ -4,7 +4,7 @@
|
||||
* project.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -473,6 +473,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
|
||||
if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
|
||||
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
|
||||
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
|
||||
sk_BIO_pop_free(parts, BIO_vfree);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
@ -81,7 +81,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
|
||||
BIO_puts(out, ", ");
|
||||
else
|
||||
first = 0;
|
||||
OBJ_obj2txt(oidstr, sizeof oidstr,
|
||||
OBJ_obj2txt(oidstr, sizeof(oidstr),
|
||||
sk_ASN1_OBJECT_value(aux->trust, i), 0);
|
||||
BIO_puts(out, oidstr);
|
||||
}
|
||||
@ -96,7 +96,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
|
||||
BIO_puts(out, ", ");
|
||||
else
|
||||
first = 0;
|
||||
OBJ_obj2txt(oidstr, sizeof oidstr,
|
||||
OBJ_obj2txt(oidstr, sizeof(oidstr),
|
||||
sk_ASN1_OBJECT_value(aux->reject, i), 0);
|
||||
BIO_puts(out, oidstr);
|
||||
}
|
||||
|
@ -4,7 +4,7 @@
|
||||
* 2000.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 2000-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -65,6 +65,14 @@
|
||||
#include <openssl/buffer.h>
|
||||
#include <openssl/err.h>
|
||||
|
||||
/*
|
||||
* Constructed types with a recursive definition (such as can be found in PKCS7)
|
||||
* could eventually exceed the stack given malicious input with excessive
|
||||
* recursion. Therefore we limit the stack depth. This is the maximum number of
|
||||
* recursive invocations of asn1_item_embed_d2i().
|
||||
*/
|
||||
#define ASN1_MAX_CONSTRUCTED_NEST 30
|
||||
|
||||
static int asn1_check_eoc(const unsigned char **in, long len);
|
||||
static int asn1_find_end(const unsigned char **in, long len, char inf);
|
||||
|
||||
@ -81,11 +89,11 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
|
||||
static int asn1_template_ex_d2i(ASN1_VALUE **pval,
|
||||
const unsigned char **in, long len,
|
||||
const ASN1_TEMPLATE *tt, char opt,
|
||||
ASN1_TLC *ctx);
|
||||
ASN1_TLC *ctx, int depth);
|
||||
static int asn1_template_noexp_d2i(ASN1_VALUE **val,
|
||||
const unsigned char **in, long len,
|
||||
const ASN1_TEMPLATE *tt, char opt,
|
||||
ASN1_TLC *ctx);
|
||||
ASN1_TLC *ctx, int depth);
|
||||
static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
|
||||
const unsigned char **in, long len,
|
||||
const ASN1_ITEM *it,
|
||||
@ -154,17 +162,16 @@ int ASN1_template_d2i(ASN1_VALUE **pval,
|
||||
{
|
||||
ASN1_TLC c;
|
||||
asn1_tlc_clear_nc(&c);
|
||||
return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
|
||||
return asn1_template_ex_d2i(pval, in, len, tt, 0, &c, 0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and
|
||||
* tag mismatch return -1 to handle OPTIONAL
|
||||
*/
|
||||
|
||||
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
||||
const ASN1_ITEM *it,
|
||||
int tag, int aclass, char opt, ASN1_TLC *ctx)
|
||||
static int asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in,
|
||||
long len, const ASN1_ITEM *it, int tag, int aclass,
|
||||
char opt, ASN1_TLC *ctx, int depth)
|
||||
{
|
||||
const ASN1_TEMPLATE *tt, *errtt = NULL;
|
||||
const ASN1_COMPAT_FUNCS *cf;
|
||||
@ -189,6 +196,11 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
||||
else
|
||||
asn1_cb = 0;
|
||||
|
||||
if (++depth > ASN1_MAX_CONSTRUCTED_NEST) {
|
||||
ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NESTED_TOO_DEEP);
|
||||
goto err;
|
||||
}
|
||||
|
||||
switch (it->itype) {
|
||||
case ASN1_ITYPE_PRIMITIVE:
|
||||
if (it->templates) {
|
||||
@ -204,7 +216,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
||||
goto err;
|
||||
}
|
||||
return asn1_template_ex_d2i(pval, in, len,
|
||||
it->templates, opt, ctx);
|
||||
it->templates, opt, ctx, depth);
|
||||
}
|
||||
return asn1_d2i_ex_primitive(pval, in, len, it,
|
||||
tag, aclass, opt, ctx);
|
||||
@ -326,7 +338,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
||||
/*
|
||||
* We mark field as OPTIONAL so its absence can be recognised.
|
||||
*/
|
||||
ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
|
||||
ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx, depth);
|
||||
/* If field not present, try the next one */
|
||||
if (ret == -1)
|
||||
continue;
|
||||
@ -444,7 +456,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
||||
* attempt to read in field, allowing each to be OPTIONAL
|
||||
*/
|
||||
|
||||
ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
|
||||
ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx,
|
||||
depth);
|
||||
if (!ret) {
|
||||
errtt = seqtt;
|
||||
goto err;
|
||||
@ -514,6 +527,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
||||
return 0;
|
||||
}
|
||||
|
||||
int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
||||
const ASN1_ITEM *it,
|
||||
int tag, int aclass, char opt, ASN1_TLC *ctx)
|
||||
{
|
||||
return asn1_item_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx, 0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Templates are handled with two separate functions. One handles any
|
||||
* EXPLICIT tag and the other handles the rest.
|
||||
@ -522,7 +542,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
|
||||
static int asn1_template_ex_d2i(ASN1_VALUE **val,
|
||||
const unsigned char **in, long inlen,
|
||||
const ASN1_TEMPLATE *tt, char opt,
|
||||
ASN1_TLC *ctx)
|
||||
ASN1_TLC *ctx, int depth)
|
||||
{
|
||||
int flags, aclass;
|
||||
int ret;
|
||||
@ -557,7 +577,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
|
||||
return 0;
|
||||
}
|
||||
/* We've found the field so it can't be OPTIONAL now */
|
||||
ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
|
||||
ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx, depth);
|
||||
if (!ret) {
|
||||
ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
|
||||
return 0;
|
||||
@ -581,7 +601,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
|
||||
}
|
||||
}
|
||||
} else
|
||||
return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
|
||||
return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx, depth);
|
||||
|
||||
*in = p;
|
||||
return 1;
|
||||
@ -594,7 +614,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
|
||||
static int asn1_template_noexp_d2i(ASN1_VALUE **val,
|
||||
const unsigned char **in, long len,
|
||||
const ASN1_TEMPLATE *tt, char opt,
|
||||
ASN1_TLC *ctx)
|
||||
ASN1_TLC *ctx, int depth)
|
||||
{
|
||||
int flags, aclass;
|
||||
int ret;
|
||||
@ -665,8 +685,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
|
||||
break;
|
||||
}
|
||||
skfield = NULL;
|
||||
if (!ASN1_item_ex_d2i(&skfield, &p, len,
|
||||
ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
|
||||
if (!asn1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item),
|
||||
-1, 0, 0, ctx, depth)) {
|
||||
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
|
||||
ERR_R_NESTED_ASN1_ERROR);
|
||||
goto err;
|
||||
@ -684,9 +704,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
|
||||
}
|
||||
} else if (flags & ASN1_TFLG_IMPTAG) {
|
||||
/* IMPLICIT tagging */
|
||||
ret = ASN1_item_ex_d2i(val, &p, len,
|
||||
ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt,
|
||||
ctx);
|
||||
ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag,
|
||||
aclass, opt, ctx, depth);
|
||||
if (!ret) {
|
||||
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
|
||||
goto err;
|
||||
@ -694,8 +713,9 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
|
||||
return -1;
|
||||
} else {
|
||||
/* Nothing special */
|
||||
ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
|
||||
-1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
|
||||
ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
|
||||
-1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx,
|
||||
depth);
|
||||
if (!ret) {
|
||||
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
|
||||
goto err;
|
||||
|
@ -463,7 +463,7 @@ static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
|
||||
ln = OBJ_nid2ln(OBJ_obj2nid(oid));
|
||||
if (!ln)
|
||||
ln = "";
|
||||
OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
|
||||
OBJ_obj2txt(objbuf, sizeof(objbuf), oid, 1);
|
||||
if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
|
||||
return 0;
|
||||
return 1;
|
||||
|
@ -462,9 +462,9 @@ static int test(void)
|
||||
len = strlen(cbc_data) + 1;
|
||||
|
||||
BF_set_key(&key, 16, cbc_key);
|
||||
memset(cbc_in, 0, sizeof cbc_in);
|
||||
memset(cbc_out, 0, sizeof cbc_out);
|
||||
memcpy(iv, cbc_iv, sizeof iv);
|
||||
memset(cbc_in, 0, sizeof(cbc_in));
|
||||
memset(cbc_out, 0, sizeof(cbc_out));
|
||||
memcpy(iv, cbc_iv, sizeof(iv));
|
||||
BF_cbc_encrypt((unsigned char *)cbc_data, cbc_out, len,
|
||||
&key, iv, BF_ENCRYPT);
|
||||
if (memcmp(cbc_out, cbc_ok, 32) != 0) {
|
||||
|
@ -64,7 +64,6 @@
|
||||
#include "cryptlib.h"
|
||||
#include "bio_lcl.h"
|
||||
|
||||
#define TRUNCATE
|
||||
#define DUMP_WIDTH 16
|
||||
#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4))
|
||||
|
||||
@ -79,17 +78,10 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
|
||||
{
|
||||
int ret = 0;
|
||||
char buf[288 + 1], tmp[20], str[128 + 1];
|
||||
int i, j, rows, trc;
|
||||
int i, j, rows;
|
||||
unsigned char ch;
|
||||
int dump_width;
|
||||
|
||||
trc = 0;
|
||||
|
||||
#ifdef TRUNCATE
|
||||
for (; (len > 0) && ((s[len - 1] == ' ') || (s[len - 1] == '\0')); len--)
|
||||
trc++;
|
||||
#endif
|
||||
|
||||
if (indent < 0)
|
||||
indent = 0;
|
||||
if (indent) {
|
||||
@ -104,50 +96,43 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
|
||||
if ((rows * dump_width) < len)
|
||||
rows++;
|
||||
for (i = 0; i < rows; i++) {
|
||||
BUF_strlcpy(buf, str, sizeof buf);
|
||||
BIO_snprintf(tmp, sizeof tmp, "%04x - ", i * dump_width);
|
||||
BUF_strlcat(buf, tmp, sizeof buf);
|
||||
BUF_strlcpy(buf, str, sizeof(buf));
|
||||
BIO_snprintf(tmp, sizeof(tmp), "%04x - ", i * dump_width);
|
||||
BUF_strlcat(buf, tmp, sizeof(buf));
|
||||
for (j = 0; j < dump_width; j++) {
|
||||
if (((i * dump_width) + j) >= len) {
|
||||
BUF_strlcat(buf, " ", sizeof buf);
|
||||
BUF_strlcat(buf, " ", sizeof(buf));
|
||||
} else {
|
||||
ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
|
||||
BIO_snprintf(tmp, sizeof tmp, "%02x%c", ch,
|
||||
BIO_snprintf(tmp, sizeof(tmp), "%02x%c", ch,
|
||||
j == 7 ? '-' : ' ');
|
||||
BUF_strlcat(buf, tmp, sizeof buf);
|
||||
BUF_strlcat(buf, tmp, sizeof(buf));
|
||||
}
|
||||
}
|
||||
BUF_strlcat(buf, " ", sizeof buf);
|
||||
BUF_strlcat(buf, " ", sizeof(buf));
|
||||
for (j = 0; j < dump_width; j++) {
|
||||
if (((i * dump_width) + j) >= len)
|
||||
break;
|
||||
ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
|
||||
#ifndef CHARSET_EBCDIC
|
||||
BIO_snprintf(tmp, sizeof tmp, "%c",
|
||||
BIO_snprintf(tmp, sizeof(tmp), "%c",
|
||||
((ch >= ' ') && (ch <= '~')) ? ch : '.');
|
||||
#else
|
||||
BIO_snprintf(tmp, sizeof tmp, "%c",
|
||||
BIO_snprintf(tmp, sizeof(tmp), "%c",
|
||||
((ch >= os_toascii[' ']) && (ch <= os_toascii['~']))
|
||||
? os_toebcdic[ch]
|
||||
: '.');
|
||||
#endif
|
||||
BUF_strlcat(buf, tmp, sizeof buf);
|
||||
BUF_strlcat(buf, tmp, sizeof(buf));
|
||||
}
|
||||
BUF_strlcat(buf, "\n", sizeof buf);
|
||||
BUF_strlcat(buf, "\n", sizeof(buf));
|
||||
/*
|
||||
* if this is the last call then update the ddt_dump thing so that we
|
||||
* will move the selection point in the debug window
|
||||
*/
|
||||
ret += cb((void *)buf, strlen(buf), u);
|
||||
}
|
||||
#ifdef TRUNCATE
|
||||
if (trc > 0) {
|
||||
BIO_snprintf(buf, sizeof buf, "%s%04x - <SPACES/NULS>\n", str,
|
||||
len + trc);
|
||||
ret += cb((void *)buf, strlen(buf), u);
|
||||
}
|
||||
#endif
|
||||
return (ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_FP_API
|
||||
|
@ -663,7 +663,7 @@ fmtfp(char **sbuffer,
|
||||
iconvert[iplace++] = "0123456789"[intpart % 10];
|
||||
intpart = (intpart / 10);
|
||||
} while (intpart && (iplace < (int)sizeof(iconvert)));
|
||||
if (iplace == sizeof iconvert)
|
||||
if (iplace == sizeof(iconvert))
|
||||
iplace--;
|
||||
iconvert[iplace] = 0;
|
||||
|
||||
@ -672,7 +672,7 @@ fmtfp(char **sbuffer,
|
||||
fconvert[fplace++] = "0123456789"[fracpart % 10];
|
||||
fracpart = (fracpart / 10);
|
||||
} while (fplace < max);
|
||||
if (fplace == sizeof fconvert)
|
||||
if (fplace == sizeof(fconvert))
|
||||
fplace--;
|
||||
fconvert[fplace] = 0;
|
||||
|
||||
|
@ -76,7 +76,7 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
|
||||
if (BIO_CB_RETURN & cmd)
|
||||
r = ret;
|
||||
|
||||
len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio);
|
||||
len = BIO_snprintf(buf,sizeof(buf),"BIO[%p]: ",(void *)bio);
|
||||
|
||||
/* Ignore errors and continue printing the other information. */
|
||||
if (len < 0)
|
||||
|
@ -144,7 +144,7 @@ static int bio_new(BIO *bio)
|
||||
{
|
||||
struct bio_bio_st *b;
|
||||
|
||||
b = OPENSSL_malloc(sizeof *b);
|
||||
b = OPENSSL_malloc(sizeof(*b));
|
||||
if (b == NULL)
|
||||
return 0;
|
||||
|
||||
|
@ -481,7 +481,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
char buf[16];
|
||||
unsigned char *p = ptr;
|
||||
|
||||
BIO_snprintf(buf, sizeof buf, "%d.%d.%d.%d",
|
||||
BIO_snprintf(buf, sizeof(buf), "%d.%d.%d.%d",
|
||||
p[0], p[1], p[2], p[3]);
|
||||
if (data->param_hostname != NULL)
|
||||
OPENSSL_free(data->param_hostname);
|
||||
@ -490,7 +490,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
} else if (num == 3) {
|
||||
char buf[DECIMAL_SIZE(int) + 1];
|
||||
|
||||
BIO_snprintf(buf, sizeof buf, "%d", *(int *)ptr);
|
||||
BIO_snprintf(buf, sizeof(buf), "%d", *(int *)ptr);
|
||||
if (data->param_port != NULL)
|
||||
OPENSSL_free(data->param_port);
|
||||
data->param_port = BUF_strdup(buf);
|
||||
|
@ -375,15 +375,15 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
|
||||
b->shutdown = (int)num & BIO_CLOSE;
|
||||
if (num & BIO_FP_APPEND) {
|
||||
if (num & BIO_FP_READ)
|
||||
BUF_strlcpy(p, "a+", sizeof p);
|
||||
BUF_strlcpy(p, "a+", sizeof(p));
|
||||
else
|
||||
BUF_strlcpy(p, "a", sizeof p);
|
||||
BUF_strlcpy(p, "a", sizeof(p));
|
||||
} else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
|
||||
BUF_strlcpy(p, "r+", sizeof p);
|
||||
BUF_strlcpy(p, "r+", sizeof(p));
|
||||
else if (num & BIO_FP_WRITE)
|
||||
BUF_strlcpy(p, "w", sizeof p);
|
||||
BUF_strlcpy(p, "w", sizeof(p));
|
||||
else if (num & BIO_FP_READ)
|
||||
BUF_strlcpy(p, "r", sizeof p);
|
||||
BUF_strlcpy(p, "r", sizeof(p));
|
||||
else {
|
||||
BIOerr(BIO_F_FILE_CTRL, BIO_R_BAD_FOPEN_MODE);
|
||||
ret = 0;
|
||||
|
@ -56,7 +56,7 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -727,7 +727,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
|
||||
|
||||
top = m->top;
|
||||
|
||||
bits = BN_num_bits(p);
|
||||
/*
|
||||
* Use all bits stored in |p|, rather than |BN_num_bits|, so we do not leak
|
||||
* whether the top bits are zero.
|
||||
*/
|
||||
bits = p->top * BN_BITS2;
|
||||
if (bits == 0) {
|
||||
/* x**0 mod 1 is still zero. */
|
||||
if (BN_is_one(m)) {
|
||||
|
@ -144,74 +144,47 @@ const BIGNUM *BN_value_one(void)
|
||||
|
||||
int BN_num_bits_word(BN_ULONG l)
|
||||
{
|
||||
static const unsigned char bits[256] = {
|
||||
0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
|
||||
5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
|
||||
6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
|
||||
6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
|
||||
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
|
||||
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
|
||||
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
|
||||
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
|
||||
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
|
||||
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
|
||||
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
|
||||
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
|
||||
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
|
||||
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
|
||||
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
|
||||
8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
|
||||
};
|
||||
BN_ULONG x, mask;
|
||||
int bits = (l != 0);
|
||||
|
||||
#if defined(SIXTY_FOUR_BIT_LONG)
|
||||
if (l & 0xffffffff00000000L) {
|
||||
if (l & 0xffff000000000000L) {
|
||||
if (l & 0xff00000000000000L) {
|
||||
return (bits[(int)(l >> 56)] + 56);
|
||||
} else
|
||||
return (bits[(int)(l >> 48)] + 48);
|
||||
} else {
|
||||
if (l & 0x0000ff0000000000L) {
|
||||
return (bits[(int)(l >> 40)] + 40);
|
||||
} else
|
||||
return (bits[(int)(l >> 32)] + 32);
|
||||
}
|
||||
} else
|
||||
#else
|
||||
# ifdef SIXTY_FOUR_BIT
|
||||
if (l & 0xffffffff00000000LL) {
|
||||
if (l & 0xffff000000000000LL) {
|
||||
if (l & 0xff00000000000000LL) {
|
||||
return (bits[(int)(l >> 56)] + 56);
|
||||
} else
|
||||
return (bits[(int)(l >> 48)] + 48);
|
||||
} else {
|
||||
if (l & 0x0000ff0000000000LL) {
|
||||
return (bits[(int)(l >> 40)] + 40);
|
||||
} else
|
||||
return (bits[(int)(l >> 32)] + 32);
|
||||
}
|
||||
} else
|
||||
# endif
|
||||
#if BN_BITS2 > 32
|
||||
x = l >> 32;
|
||||
mask = (0 - x) & BN_MASK2;
|
||||
mask = (0 - (mask >> (BN_BITS2 - 1)));
|
||||
bits += 32 & mask;
|
||||
l ^= (x ^ l) & mask;
|
||||
#endif
|
||||
{
|
||||
#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
|
||||
if (l & 0xffff0000L) {
|
||||
if (l & 0xff000000L)
|
||||
return (bits[(int)(l >> 24L)] + 24);
|
||||
else
|
||||
return (bits[(int)(l >> 16L)] + 16);
|
||||
} else
|
||||
#endif
|
||||
{
|
||||
#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
|
||||
if (l & 0xff00L)
|
||||
return (bits[(int)(l >> 8)] + 8);
|
||||
else
|
||||
#endif
|
||||
return (bits[(int)(l)]);
|
||||
}
|
||||
}
|
||||
|
||||
x = l >> 16;
|
||||
mask = (0 - x) & BN_MASK2;
|
||||
mask = (0 - (mask >> (BN_BITS2 - 1)));
|
||||
bits += 16 & mask;
|
||||
l ^= (x ^ l) & mask;
|
||||
|
||||
x = l >> 8;
|
||||
mask = (0 - x) & BN_MASK2;
|
||||
mask = (0 - (mask >> (BN_BITS2 - 1)));
|
||||
bits += 8 & mask;
|
||||
l ^= (x ^ l) & mask;
|
||||
|
||||
x = l >> 4;
|
||||
mask = (0 - x) & BN_MASK2;
|
||||
mask = (0 - (mask >> (BN_BITS2 - 1)));
|
||||
bits += 4 & mask;
|
||||
l ^= (x ^ l) & mask;
|
||||
|
||||
x = l >> 2;
|
||||
mask = (0 - x) & BN_MASK2;
|
||||
mask = (0 - (mask >> (BN_BITS2 - 1)));
|
||||
bits += 2 & mask;
|
||||
l ^= (x ^ l) & mask;
|
||||
|
||||
x = l >> 1;
|
||||
mask = (0 - x) & BN_MASK2;
|
||||
mask = (0 - (mask >> (BN_BITS2 - 1)));
|
||||
bits += 1 & mask;
|
||||
|
||||
return bits;
|
||||
}
|
||||
|
||||
int BN_num_bits(const BIGNUM *a)
|
||||
@ -524,9 +497,6 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
|
||||
memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
|
||||
#endif
|
||||
|
||||
if (BN_get_flags(b, BN_FLG_CONSTTIME) != 0)
|
||||
BN_set_flags(a, BN_FLG_CONSTTIME);
|
||||
|
||||
a->top = b->top;
|
||||
a->neg = b->neg;
|
||||
bn_check_top(a);
|
||||
|
@ -56,7 +56,7 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -207,26 +207,13 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
|
||||
r->top = max;
|
||||
n0 = mont->n0[0];
|
||||
|
||||
# ifdef BN_COUNT
|
||||
fprintf(stderr, "word BN_from_montgomery_word %d * %d\n", nl, nl);
|
||||
# endif
|
||||
/*
|
||||
* Add multiples of |n| to |r| until R = 2^(nl * BN_BITS2) divides it. On
|
||||
* input, we had |r| < |n| * R, so now |r| < 2 * |n| * R. Note that |r|
|
||||
* includes |carry| which is stored separately.
|
||||
*/
|
||||
for (carry = 0, i = 0; i < nl; i++, rp++) {
|
||||
# ifdef __TANDEM
|
||||
{
|
||||
long long t1;
|
||||
long long t2;
|
||||
long long t3;
|
||||
t1 = rp[0] * (n0 & 0177777);
|
||||
t2 = 037777600000l;
|
||||
t2 = n0 & t2;
|
||||
t3 = rp[0] & 0177777;
|
||||
t2 = (t3 * t2) & BN_MASK2;
|
||||
t1 = t1 + t2;
|
||||
v = bn_mul_add_words(rp, np, nl, (BN_ULONG)t1);
|
||||
}
|
||||
# else
|
||||
v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
|
||||
# endif
|
||||
v = (v + carry + rp[nl]) & BN_MASK2;
|
||||
carry |= (v != rp[nl]);
|
||||
carry &= (v <= rp[nl]);
|
||||
@ -239,46 +226,24 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
|
||||
ret->neg = r->neg;
|
||||
|
||||
rp = ret->d;
|
||||
|
||||
/*
|
||||
* Shift |nl| words to divide by R. We have |ap| < 2 * |n|. Note that |ap|
|
||||
* includes |carry| which is stored separately.
|
||||
*/
|
||||
ap = &(r->d[nl]);
|
||||
|
||||
# define BRANCH_FREE 1
|
||||
# if BRANCH_FREE
|
||||
{
|
||||
BN_ULONG *nrp;
|
||||
size_t m;
|
||||
|
||||
v = bn_sub_words(rp, ap, np, nl) - carry;
|
||||
/*
|
||||
* if subtraction result is real, then trick unconditional memcpy
|
||||
* below to perform in-place "refresh" instead of actual copy.
|
||||
*/
|
||||
m = (0 - (size_t)v);
|
||||
nrp =
|
||||
(BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m));
|
||||
|
||||
for (i = 0, nl -= 4; i < nl; i += 4) {
|
||||
BN_ULONG t1, t2, t3, t4;
|
||||
|
||||
t1 = nrp[i + 0];
|
||||
t2 = nrp[i + 1];
|
||||
t3 = nrp[i + 2];
|
||||
ap[i + 0] = 0;
|
||||
t4 = nrp[i + 3];
|
||||
ap[i + 1] = 0;
|
||||
rp[i + 0] = t1;
|
||||
ap[i + 2] = 0;
|
||||
rp[i + 1] = t2;
|
||||
ap[i + 3] = 0;
|
||||
rp[i + 2] = t3;
|
||||
rp[i + 3] = t4;
|
||||
}
|
||||
for (nl += 4; i < nl; i++)
|
||||
rp[i] = nrp[i], ap[i] = 0;
|
||||
/*
|
||||
* |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v|
|
||||
* cannot be -1. That would imply the subtraction did not fit in |nl| words,
|
||||
* and we know at most one subtraction is needed.
|
||||
*/
|
||||
v = bn_sub_words(rp, ap, np, nl) - carry;
|
||||
v = 0 - v;
|
||||
for (i = 0; i < nl; i++) {
|
||||
rp[i] = (v & ap[i]) | (~v & rp[i]);
|
||||
ap[i] = 0;
|
||||
}
|
||||
# else
|
||||
if (bn_sub_words(rp, ap, np, nl) - carry)
|
||||
memcpy(rp, ap, nl * sizeof(BN_ULONG));
|
||||
# endif
|
||||
bn_correct_top(r);
|
||||
bn_correct_top(ret);
|
||||
bn_check_top(ret);
|
||||
@ -382,6 +347,8 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
|
||||
R = &(mont->RR); /* grab RR as a temp */
|
||||
if (!BN_copy(&(mont->N), mod))
|
||||
goto err; /* Set N */
|
||||
if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
|
||||
BN_set_flags(&(mont->N), BN_FLG_CONSTTIME);
|
||||
mont->N.neg = 0;
|
||||
|
||||
#ifdef MONT_WORD
|
||||
|
@ -391,10 +391,10 @@ char *BN_options(void)
|
||||
if (!init) {
|
||||
init++;
|
||||
#ifdef BN_LLONG
|
||||
BIO_snprintf(data, sizeof data, "bn(%d,%d)",
|
||||
BIO_snprintf(data, sizeof(data), "bn(%d,%d)",
|
||||
(int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
|
||||
#else
|
||||
BIO_snprintf(data, sizeof data, "bn(%d,%d)",
|
||||
BIO_snprintf(data, sizeof(data), "bn(%d,%d)",
|
||||
(int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
|
||||
#endif
|
||||
}
|
||||
|
@ -148,7 +148,7 @@ int main(int argc, char *argv[])
|
||||
|
||||
results = 0;
|
||||
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
|
||||
RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */
|
||||
|
||||
argc--;
|
||||
argv++;
|
||||
|
@ -198,7 +198,7 @@ static int mul_c[NUM_SIZES] =
|
||||
* static int sizes[NUM_SIZES]={59,179,299,419,539};
|
||||
*/
|
||||
|
||||
#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); }
|
||||
#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof(str)); }
|
||||
|
||||
void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx);
|
||||
|
||||
|
@ -183,9 +183,11 @@ int main(int argc, char *argv[])
|
||||
unsigned char c;
|
||||
BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
|
||||
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we
|
||||
* don't even check its return
|
||||
* value (which we should) */
|
||||
/*
|
||||
* Seed or BN_rand may fail, and we don't even check its return
|
||||
* value (which we should)
|
||||
*/
|
||||
RAND_seed(rnd_seed, sizeof(rnd_seed));
|
||||
|
||||
ERR_load_BN_strings();
|
||||
|
||||
|
@ -423,7 +423,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
|
||||
OPENSSL_free(section);
|
||||
if (line != NULL)
|
||||
*line = eline;
|
||||
BIO_snprintf(btmp, sizeof btmp, "%ld", eline);
|
||||
BIO_snprintf(btmp, sizeof(btmp), "%ld", eline);
|
||||
ERR_add_error_data(2, "line ", btmp);
|
||||
if ((h != conf->data) && (conf->data != NULL)) {
|
||||
CONF_free(conf->data);
|
||||
|
@ -221,7 +221,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
|
||||
if (!(flags & CONF_MFLAGS_SILENT)) {
|
||||
char rcode[DECIMAL_SIZE(ret) + 1];
|
||||
CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
|
||||
BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
|
||||
BIO_snprintf(rcode, sizeof(rcode), "%-8d", ret);
|
||||
ERR_add_error_data(6, "module=", name, ", value=", value,
|
||||
", retcode=", rcode);
|
||||
}
|
||||
|
@ -398,7 +398,7 @@ int main(int argc, char *argv[])
|
||||
i = strlen((char *)cbc_data) + 1;
|
||||
/* i=((i+7)/8)*8; */
|
||||
memcpy(iv3, cbc_iv, sizeof(cbc_iv));
|
||||
memset(iv2, '\0', sizeof iv2);
|
||||
memset(iv2, '\0', sizeof(iv2));
|
||||
|
||||
DES_ede3_cbcm_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3, &iv2,
|
||||
DES_ENCRYPT);
|
||||
@ -412,7 +412,7 @@ int main(int argc, char *argv[])
|
||||
}
|
||||
*/
|
||||
memcpy(iv3, cbc_iv, sizeof(cbc_iv));
|
||||
memset(iv2, '\0', sizeof iv2);
|
||||
memset(iv2, '\0', sizeof(iv2));
|
||||
DES_ede3_cbcm_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, &iv2,
|
||||
DES_DECRYPT);
|
||||
if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
|
||||
|
@ -96,7 +96,7 @@ const char *DES_options(void)
|
||||
size = "int";
|
||||
else
|
||||
size = "long";
|
||||
BIO_snprintf(buf, sizeof buf, "des(%s,%s,%s,%s)", ptr, risc, unroll,
|
||||
BIO_snprintf(buf, sizeof(buf), "des(%s,%s,%s,%s)", ptr, risc, unroll,
|
||||
size);
|
||||
init = 0;
|
||||
}
|
||||
|
@ -80,10 +80,10 @@ char *DES_crypt(const char *buf, const char *salt)
|
||||
e_salt[sizeof(e_salt) - 1] = e_buf[sizeof(e_buf) - 1] = '\0';
|
||||
|
||||
/* Convert the e_salt to ASCII, as that's what DES_fcrypt works on */
|
||||
ebcdic2ascii(e_salt, e_salt, sizeof e_salt);
|
||||
ebcdic2ascii(e_salt, e_salt, sizeof(e_salt));
|
||||
|
||||
/* Convert the cleartext password to ASCII */
|
||||
ebcdic2ascii(e_buf, e_buf, sizeof e_buf);
|
||||
ebcdic2ascii(e_buf, e_buf, sizeof(e_buf));
|
||||
|
||||
/* Encrypt it (from/to ASCII) */
|
||||
ret = DES_fcrypt(e_buf, e_salt, buff);
|
||||
|
@ -434,7 +434,7 @@ static void pushsig(void)
|
||||
# ifdef SIGACTION
|
||||
struct sigaction sa;
|
||||
|
||||
memset(&sa, 0, sizeof sa);
|
||||
memset(&sa, 0, sizeof(sa));
|
||||
sa.sa_handler = recsig;
|
||||
# endif
|
||||
|
||||
|
@ -377,7 +377,7 @@ void private_DES_set_key_unchecked(const_DES_cblock *key,
|
||||
register int i;
|
||||
|
||||
#ifdef OPENBSD_DEV_CRYPTO
|
||||
memcpy(schedule->key, key, sizeof schedule->key);
|
||||
memcpy(schedule->key, key, sizeof(schedule->key));
|
||||
schedule->session = NULL;
|
||||
#endif
|
||||
k = &schedule->ks->deslong[0];
|
||||
|
@ -116,7 +116,7 @@ int main(int argc, char *argv[])
|
||||
CRYPTO_malloc_init();
|
||||
# endif
|
||||
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed);
|
||||
RAND_seed(rnd_seed, sizeof(rnd_seed));
|
||||
|
||||
out = BIO_new(BIO_s_file());
|
||||
if (out == NULL)
|
||||
|
@ -157,7 +157,7 @@ int main(int argc, char **argv)
|
||||
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
|
||||
|
||||
ERR_load_crypto_strings();
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed);
|
||||
RAND_seed(rnd_seed, sizeof(rnd_seed));
|
||||
|
||||
BIO_printf(bio_err, "test generation of DSA parameters\n");
|
||||
|
||||
|
@ -85,7 +85,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ret = OPENSSL_malloc(sizeof *ret);
|
||||
ret = OPENSSL_malloc(sizeof(*ret));
|
||||
if (ret == NULL) {
|
||||
ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
|
||||
return NULL;
|
||||
@ -164,7 +164,7 @@ void EC_GROUP_clear_free(EC_GROUP *group)
|
||||
OPENSSL_free(group->seed);
|
||||
}
|
||||
|
||||
OPENSSL_cleanse(group, sizeof *group);
|
||||
OPENSSL_cleanse(group, sizeof(*group));
|
||||
OPENSSL_free(group);
|
||||
}
|
||||
|
||||
@ -575,7 +575,7 @@ int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data,
|
||||
/* no explicit entry needed */
|
||||
return 1;
|
||||
|
||||
d = OPENSSL_malloc(sizeof *d);
|
||||
d = OPENSSL_malloc(sizeof(*d));
|
||||
if (d == NULL)
|
||||
return 0;
|
||||
|
||||
@ -712,7 +712,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ret = OPENSSL_malloc(sizeof *ret);
|
||||
ret = OPENSSL_malloc(sizeof(*ret));
|
||||
if (ret == NULL) {
|
||||
ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE);
|
||||
return NULL;
|
||||
@ -747,7 +747,7 @@ void EC_POINT_clear_free(EC_POINT *point)
|
||||
point->meth->point_clear_finish(point);
|
||||
else if (point->meth->point_finish != 0)
|
||||
point->meth->point_finish(point);
|
||||
OPENSSL_cleanse(point, sizeof *point);
|
||||
OPENSSL_cleanse(point, sizeof(*point));
|
||||
OPENSSL_free(point);
|
||||
}
|
||||
|
||||
|
@ -169,11 +169,11 @@ static void ec_pre_comp_clear_free(void *pre_)
|
||||
|
||||
for (p = pre->points; *p != NULL; p++) {
|
||||
EC_POINT_clear_free(*p);
|
||||
OPENSSL_cleanse(p, sizeof *p);
|
||||
OPENSSL_cleanse(p, sizeof(*p));
|
||||
}
|
||||
OPENSSL_free(pre->points);
|
||||
}
|
||||
OPENSSL_cleanse(pre, sizeof *pre);
|
||||
OPENSSL_cleanse(pre, sizeof(*pre));
|
||||
OPENSSL_free(pre);
|
||||
}
|
||||
|
||||
@ -430,11 +430,11 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
|
||||
|
||||
totalnum = num + numblocks;
|
||||
|
||||
wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]);
|
||||
wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]);
|
||||
wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space
|
||||
* for pivot */
|
||||
val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]);
|
||||
wsize = OPENSSL_malloc(totalnum * sizeof(wsize[0]));
|
||||
wNAF_len = OPENSSL_malloc(totalnum * sizeof(wNAF_len[0]));
|
||||
/* include space for pivot */
|
||||
wNAF = OPENSSL_malloc((totalnum + 1) * sizeof(wNAF[0]));
|
||||
val_sub = OPENSSL_malloc(totalnum * sizeof(val_sub[0]));
|
||||
|
||||
/* Ensure wNAF is initialised in case we end up going to err */
|
||||
if (wNAF)
|
||||
@ -580,7 +580,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
|
||||
* 'val_sub[i]' is a pointer to the subarray for the i-th point, or to a
|
||||
* subarray of 'pre_comp->points' if we already have precomputation.
|
||||
*/
|
||||
val = OPENSSL_malloc((num_val + 1) * sizeof val[0]);
|
||||
val = OPENSSL_malloc((num_val + 1) * sizeof(val[0]));
|
||||
if (val == NULL) {
|
||||
ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
|
||||
goto err;
|
||||
|
@ -48,7 +48,6 @@ typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit
|
||||
|
||||
typedef uint8_t u8;
|
||||
typedef uint64_t u64;
|
||||
typedef int64_t s64;
|
||||
|
||||
/******************************************************************************/
|
||||
/*-
|
||||
@ -351,9 +350,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
|
||||
unsigned num_bytes;
|
||||
|
||||
/* BN_bn2bin eats leading zeroes */
|
||||
memset(b_out, 0, sizeof b_out);
|
||||
memset(b_out, 0, sizeof(b_out));
|
||||
num_bytes = BN_num_bytes(bn);
|
||||
if (num_bytes > sizeof b_out) {
|
||||
if (num_bytes > sizeof(b_out)) {
|
||||
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
|
||||
return 0;
|
||||
}
|
||||
@ -372,8 +371,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
|
||||
{
|
||||
felem_bytearray b_in, b_out;
|
||||
felem_to_bin28(b_in, in);
|
||||
flip_endian(b_out, b_in, sizeof b_out);
|
||||
return BN_bin2bn(b_out, sizeof b_out, out);
|
||||
flip_endian(b_out, b_in, sizeof(b_out));
|
||||
return BN_bin2bn(b_out, sizeof(b_out), out);
|
||||
}
|
||||
|
||||
/******************************************************************************/
|
||||
@ -1234,7 +1233,7 @@ static void batch_mul(felem x_out, felem y_out, felem z_out,
|
||||
static NISTP224_PRE_COMP *nistp224_pre_comp_new()
|
||||
{
|
||||
NISTP224_PRE_COMP *ret = NULL;
|
||||
ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
|
||||
ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof(*ret));
|
||||
if (!ret) {
|
||||
ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
|
||||
return ret;
|
||||
@ -1281,7 +1280,7 @@ static void nistp224_pre_comp_clear_free(void *pre_)
|
||||
if (i > 0)
|
||||
return;
|
||||
|
||||
OPENSSL_cleanse(pre, sizeof *pre);
|
||||
OPENSSL_cleanse(pre, sizeof(*pre));
|
||||
OPENSSL_free(pre);
|
||||
}
|
||||
|
||||
@ -1568,7 +1567,7 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
|
||||
|
||||
/* the scalar for the generator */
|
||||
if ((scalar != NULL) && (have_pre_comp)) {
|
||||
memset(g_secret, 0, sizeof g_secret);
|
||||
memset(g_secret, 0, sizeof(g_secret));
|
||||
/* reduce scalar to 0 <= scalar < 2^224 */
|
||||
if ((BN_num_bits(scalar) > 224) || (BN_is_negative(scalar))) {
|
||||
/*
|
||||
|
@ -51,7 +51,6 @@ typedef __int128_t int128_t;
|
||||
typedef uint8_t u8;
|
||||
typedef uint32_t u32;
|
||||
typedef uint64_t u64;
|
||||
typedef int64_t s64;
|
||||
|
||||
/*
|
||||
* The underlying field. P256 operates over GF(2^256-2^224+2^192+2^96-1). We
|
||||
@ -161,9 +160,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
|
||||
unsigned num_bytes;
|
||||
|
||||
/* BN_bn2bin eats leading zeroes */
|
||||
memset(b_out, 0, sizeof b_out);
|
||||
memset(b_out, 0, sizeof(b_out));
|
||||
num_bytes = BN_num_bytes(bn);
|
||||
if (num_bytes > sizeof b_out) {
|
||||
if (num_bytes > sizeof(b_out)) {
|
||||
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
|
||||
return 0;
|
||||
}
|
||||
@ -182,8 +181,8 @@ static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in)
|
||||
{
|
||||
felem_bytearray b_in, b_out;
|
||||
smallfelem_to_bin32(b_in, in);
|
||||
flip_endian(b_out, b_in, sizeof b_out);
|
||||
return BN_bin2bn(b_out, sizeof b_out, out);
|
||||
flip_endian(b_out, b_in, sizeof(b_out));
|
||||
return BN_bin2bn(b_out, sizeof(b_out), out);
|
||||
}
|
||||
|
||||
/*-
|
||||
@ -392,7 +391,7 @@ static void felem_shrink(smallfelem out, const felem in)
|
||||
{
|
||||
felem tmp;
|
||||
u64 a, b, mask;
|
||||
s64 high, low;
|
||||
u64 high, low;
|
||||
static const u64 kPrime3Test = 0x7fffffff00000001ul; /* 2^63 - 2^32 + 1 */
|
||||
|
||||
/* Carry 2->3 */
|
||||
@ -433,29 +432,31 @@ static void felem_shrink(smallfelem out, const felem in)
|
||||
* In order to make space in tmp[3] for the carry from 2 -> 3, we
|
||||
* conditionally subtract kPrime if tmp[3] is large enough.
|
||||
*/
|
||||
high = tmp[3] >> 64;
|
||||
high = (u64)(tmp[3] >> 64);
|
||||
/* As tmp[3] < 2^65, high is either 1 or 0 */
|
||||
high <<= 63;
|
||||
high >>= 63;
|
||||
high = 0 - high;
|
||||
/*-
|
||||
* high is:
|
||||
* all ones if the high word of tmp[3] is 1
|
||||
* all zeros if the high word of tmp[3] if 0 */
|
||||
low = tmp[3];
|
||||
mask = low >> 63;
|
||||
* all zeros if the high word of tmp[3] if 0
|
||||
*/
|
||||
low = (u64)tmp[3];
|
||||
mask = 0 - (low >> 63);
|
||||
/*-
|
||||
* mask is:
|
||||
* all ones if the MSB of low is 1
|
||||
* all zeros if the MSB of low if 0 */
|
||||
* all zeros if the MSB of low if 0
|
||||
*/
|
||||
low &= bottom63bits;
|
||||
low -= kPrime3Test;
|
||||
/* if low was greater than kPrime3Test then the MSB is zero */
|
||||
low = ~low;
|
||||
low >>= 63;
|
||||
low = 0 - (low >> 63);
|
||||
/*-
|
||||
* low is:
|
||||
* all ones if low was > kPrime3Test
|
||||
* all zeros if low was <= kPrime3Test */
|
||||
* all zeros if low was <= kPrime3Test
|
||||
*/
|
||||
mask = (mask & low) | high;
|
||||
tmp[0] -= mask & kPrime[0];
|
||||
tmp[1] -= mask & kPrime[1];
|
||||
@ -889,7 +890,7 @@ static void felem_contract(smallfelem out, const felem in)
|
||||
equal &= equal << 4;
|
||||
equal &= equal << 2;
|
||||
equal &= equal << 1;
|
||||
equal = ((s64) equal) >> 63;
|
||||
equal = 0 - (equal >> 63);
|
||||
|
||||
all_equal_so_far &= equal;
|
||||
}
|
||||
@ -956,7 +957,7 @@ static limb smallfelem_is_zero(const smallfelem small)
|
||||
is_zero &= is_zero << 4;
|
||||
is_zero &= is_zero << 2;
|
||||
is_zero &= is_zero << 1;
|
||||
is_zero = ((s64) is_zero) >> 63;
|
||||
is_zero = 0 - (is_zero >> 63);
|
||||
|
||||
is_p = (small[0] ^ kPrime[0]) |
|
||||
(small[1] ^ kPrime[1]) |
|
||||
@ -968,7 +969,7 @@ static limb smallfelem_is_zero(const smallfelem small)
|
||||
is_p &= is_p << 4;
|
||||
is_p &= is_p << 2;
|
||||
is_p &= is_p << 1;
|
||||
is_p = ((s64) is_p) >> 63;
|
||||
is_p = 0 - (is_p >> 63);
|
||||
|
||||
is_zero |= is_p;
|
||||
|
||||
@ -1820,7 +1821,7 @@ const EC_METHOD *EC_GFp_nistp256_method(void)
|
||||
static NISTP256_PRE_COMP *nistp256_pre_comp_new()
|
||||
{
|
||||
NISTP256_PRE_COMP *ret = NULL;
|
||||
ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
|
||||
ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof(*ret));
|
||||
if (!ret) {
|
||||
ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
|
||||
return ret;
|
||||
@ -1867,7 +1868,7 @@ static void nistp256_pre_comp_clear_free(void *pre_)
|
||||
if (i > 0)
|
||||
return;
|
||||
|
||||
OPENSSL_cleanse(pre, sizeof *pre);
|
||||
OPENSSL_cleanse(pre, sizeof(*pre));
|
||||
OPENSSL_free(pre);
|
||||
}
|
||||
|
||||
|
@ -49,7 +49,6 @@ typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit
|
||||
|
||||
typedef uint8_t u8;
|
||||
typedef uint64_t u64;
|
||||
typedef int64_t s64;
|
||||
|
||||
/*
|
||||
* The underlying field. P521 operates over GF(2^521-1). We can serialise an
|
||||
@ -185,9 +184,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
|
||||
unsigned num_bytes;
|
||||
|
||||
/* BN_bn2bin eats leading zeroes */
|
||||
memset(b_out, 0, sizeof b_out);
|
||||
memset(b_out, 0, sizeof(b_out));
|
||||
num_bytes = BN_num_bytes(bn);
|
||||
if (num_bytes > sizeof b_out) {
|
||||
if (num_bytes > sizeof(b_out)) {
|
||||
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
|
||||
return 0;
|
||||
}
|
||||
@ -206,8 +205,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
|
||||
{
|
||||
felem_bytearray b_in, b_out;
|
||||
felem_to_bin66(b_in, in);
|
||||
flip_endian(b_out, b_in, sizeof b_out);
|
||||
return BN_bin2bn(b_out, sizeof b_out, out);
|
||||
flip_endian(b_out, b_in, sizeof(b_out));
|
||||
return BN_bin2bn(b_out, sizeof(b_out), out);
|
||||
}
|
||||
|
||||
/*-
|
||||
@ -852,7 +851,7 @@ static limb felem_is_zero(const felem in)
|
||||
* We know that ftmp[i] < 2^63, therefore the only way that the top bit
|
||||
* can be set is if is_zero was 0 before the decrement.
|
||||
*/
|
||||
is_zero = ((s64) is_zero) >> 63;
|
||||
is_zero = 0 - (is_zero >> 63);
|
||||
|
||||
is_p = ftmp[0] ^ kPrime[0];
|
||||
is_p |= ftmp[1] ^ kPrime[1];
|
||||
@ -865,7 +864,7 @@ static limb felem_is_zero(const felem in)
|
||||
is_p |= ftmp[8] ^ kPrime[8];
|
||||
|
||||
is_p--;
|
||||
is_p = ((s64) is_p) >> 63;
|
||||
is_p = 0 - (is_p >> 63);
|
||||
|
||||
is_zero |= is_p;
|
||||
return is_zero;
|
||||
@ -936,7 +935,7 @@ static void felem_contract(felem out, const felem in)
|
||||
is_p &= is_p << 4;
|
||||
is_p &= is_p << 2;
|
||||
is_p &= is_p << 1;
|
||||
is_p = ((s64) is_p) >> 63;
|
||||
is_p = 0 - (is_p >> 63);
|
||||
is_p = ~is_p;
|
||||
|
||||
/* is_p is 0 iff |out| == 2^521-1 and all ones otherwise */
|
||||
@ -962,7 +961,7 @@ static void felem_contract(felem out, const felem in)
|
||||
is_greater |= is_greater << 4;
|
||||
is_greater |= is_greater << 2;
|
||||
is_greater |= is_greater << 1;
|
||||
is_greater = ((s64) is_greater) >> 63;
|
||||
is_greater = 0 - (is_greater >> 63);
|
||||
|
||||
out[0] -= kPrime[0] & is_greater;
|
||||
out[1] -= kPrime[1] & is_greater;
|
||||
|
@ -1504,7 +1504,7 @@ static void ecp_nistz256_pre_comp_clear_free(void *pre_)
|
||||
32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37);
|
||||
OPENSSL_free(pre->precomp_storage);
|
||||
}
|
||||
OPENSSL_cleanse(pre, sizeof *pre);
|
||||
OPENSSL_cleanse(pre, sizeof(*pre));
|
||||
OPENSSL_free(pre);
|
||||
}
|
||||
|
||||
|
@ -1270,7 +1270,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num,
|
||||
if (tmp == NULL || tmp_Z == NULL)
|
||||
goto err;
|
||||
|
||||
prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]);
|
||||
prod_Z = OPENSSL_malloc(num * sizeof(prod_Z[0]));
|
||||
if (prod_Z == NULL)
|
||||
goto err;
|
||||
for (i = 0; i < num; i++) {
|
||||
|
@ -469,7 +469,7 @@ static void prime_field_tests(void)
|
||||
|
||||
len =
|
||||
EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
|
||||
sizeof buf, ctx);
|
||||
sizeof(buf), ctx);
|
||||
if (len == 0)
|
||||
ABORT;
|
||||
if (!EC_POINT_oct2point(group, P, buf, len, ctx))
|
||||
@ -482,7 +482,7 @@ static void prime_field_tests(void)
|
||||
|
||||
len =
|
||||
EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
|
||||
sizeof buf, ctx);
|
||||
sizeof(buf), ctx);
|
||||
if (len == 0)
|
||||
ABORT;
|
||||
if (!EC_POINT_oct2point(group, P, buf, len, ctx))
|
||||
@ -494,7 +494,7 @@ static void prime_field_tests(void)
|
||||
fprintf(stdout, "%02X", buf[i]);
|
||||
|
||||
len =
|
||||
EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
|
||||
EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof(buf),
|
||||
ctx);
|
||||
if (len == 0)
|
||||
ABORT;
|
||||
@ -1206,7 +1206,7 @@ static void char2_field_tests(void)
|
||||
# ifdef OPENSSL_EC_BIN_PT_COMP
|
||||
len =
|
||||
EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
|
||||
sizeof buf, ctx);
|
||||
sizeof(buf), ctx);
|
||||
if (len == 0)
|
||||
ABORT;
|
||||
if (!EC_POINT_oct2point(group, P, buf, len, ctx))
|
||||
@ -1220,7 +1220,7 @@ static void char2_field_tests(void)
|
||||
|
||||
len =
|
||||
EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
|
||||
sizeof buf, ctx);
|
||||
sizeof(buf), ctx);
|
||||
if (len == 0)
|
||||
ABORT;
|
||||
if (!EC_POINT_oct2point(group, P, buf, len, ctx))
|
||||
@ -1234,7 +1234,7 @@ static void char2_field_tests(void)
|
||||
/* Change test based on whether binary point compression is enabled or not. */
|
||||
# ifdef OPENSSL_EC_BIN_PT_COMP
|
||||
len =
|
||||
EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
|
||||
EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof(buf),
|
||||
ctx);
|
||||
if (len == 0)
|
||||
ABORT;
|
||||
@ -1844,7 +1844,7 @@ int main(int argc, char *argv[])
|
||||
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
|
||||
ERR_load_crypto_strings();
|
||||
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
|
||||
RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */
|
||||
|
||||
prime_field_tests();
|
||||
puts("");
|
||||
|
@ -490,7 +490,7 @@ int main(int argc, char *argv[])
|
||||
CRYPTO_malloc_init();
|
||||
# endif
|
||||
|
||||
RAND_seed(rnd_seed, sizeof rnd_seed);
|
||||
RAND_seed(rnd_seed, sizeof(rnd_seed));
|
||||
|
||||
out = BIO_new(BIO_s_file());
|
||||
if (out == NULL)
|
||||
|
@ -1057,7 +1057,7 @@ static int crparam2bn(struct crparam *crp, BIGNUM *a)
|
||||
return (-1);
|
||||
|
||||
for (i = 0; i < bytes; i++)
|
||||
pd[i] = crp->crp_p[bytes - i - 1];
|
||||
pd[i] = ((char *)crp->crp_p)[bytes - i - 1];
|
||||
|
||||
BN_bin2bn(pd, bytes, a);
|
||||
free(pd);
|
||||
@ -1133,7 +1133,7 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
|
||||
return (ret);
|
||||
}
|
||||
|
||||
memset(&kop, 0, sizeof kop);
|
||||
memset(&kop, 0, sizeof(kop));
|
||||
kop.crk_op = CRK_MOD_EXP;
|
||||
|
||||
/* inputs: a^p % m */
|
||||
@ -1184,7 +1184,7 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
|
||||
return (0);
|
||||
}
|
||||
|
||||
memset(&kop, 0, sizeof kop);
|
||||
memset(&kop, 0, sizeof(kop));
|
||||
kop.crk_op = CRK_MOD_EXP_CRT;
|
||||
/* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
|
||||
if (bn2crparam(rsa->p, &kop.crk_param[0]))
|
||||
@ -1287,7 +1287,7 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
|
||||
goto err;
|
||||
}
|
||||
|
||||
memset(&kop, 0, sizeof kop);
|
||||
memset(&kop, 0, sizeof(kop));
|
||||
kop.crk_op = CRK_DSA_SIGN;
|
||||
|
||||
/* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
|
||||
@ -1330,7 +1330,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
|
||||
struct crypt_kop kop;
|
||||
int dsaret = 1;
|
||||
|
||||
memset(&kop, 0, sizeof kop);
|
||||
memset(&kop, 0, sizeof(kop));
|
||||
kop.crk_op = CRK_DSA_VERIFY;
|
||||
|
||||
/* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
|
||||
@ -1403,7 +1403,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
|
||||
|
||||
keylen = BN_num_bits(dh->p);
|
||||
|
||||
memset(&kop, 0, sizeof kop);
|
||||
memset(&kop, 0, sizeof(kop));
|
||||
kop.crk_op = CRK_DH_COMPUTE_KEY;
|
||||
|
||||
/* inputs: dh->priv_key pub_key dh->p key */
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -159,6 +159,11 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
|
||||
}
|
||||
fnd->funct = NULL;
|
||||
(void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
|
||||
if (lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate) != fnd) {
|
||||
sk_ENGINE_free(fnd->sk);
|
||||
OPENSSL_free(fnd);
|
||||
goto end;
|
||||
}
|
||||
}
|
||||
/* A registration shouldn't add duplciate entries */
|
||||
(void)sk_ENGINE_delete_ptr(fnd->sk, e);
|
||||
|
@ -602,8 +602,8 @@ static void build_SYS_str_reasons(void)
|
||||
char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
|
||||
char *src = strerror(i);
|
||||
if (src != NULL) {
|
||||
strncpy(*dest, src, sizeof *dest);
|
||||
(*dest)[sizeof *dest - 1] = '\0';
|
||||
strncpy(*dest, src, sizeof(*dest));
|
||||
(*dest)[sizeof(*dest) - 1] = '\0';
|
||||
str->string = *dest;
|
||||
}
|
||||
}
|
||||
|
@ -77,7 +77,7 @@ void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
|
||||
CRYPTO_THREADID_current(&cur);
|
||||
es = CRYPTO_THREADID_hash(&cur);
|
||||
while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
|
||||
ERR_error_string_n(l, buf, sizeof buf);
|
||||
ERR_error_string_n(l, buf, sizeof(buf));
|
||||
BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf,
|
||||
file, line, (flags & ERR_TXT_STRING) ? data : "");
|
||||
if (cb(buf2, strlen(buf2), u) <= 0)
|
||||
|
@ -330,6 +330,14 @@ static int b64_read(BIO *b, char *out, int outl)
|
||||
(unsigned char *)ctx->tmp, i);
|
||||
ctx->tmp_len = 0;
|
||||
}
|
||||
/*
|
||||
* If eof or an error was signalled, then the condition
|
||||
* 'ctx->cont <= 0' will prevent b64_read() from reading
|
||||
* more data on subsequent calls. This assignment was
|
||||
* deleted accidentally in commit 5562cfaca4f3.
|
||||
*/
|
||||
ctx->cont = i;
|
||||
|
||||
ctx->buf_off = 0;
|
||||
if (i < 0) {
|
||||
ret_code = 0;
|
||||
|
@ -124,12 +124,12 @@
|
||||
|
||||
void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
|
||||
{
|
||||
memset(ctx, '\0', sizeof *ctx);
|
||||
memset(ctx, '\0', sizeof(*ctx));
|
||||
}
|
||||
|
||||
EVP_MD_CTX *EVP_MD_CTX_create(void)
|
||||
{
|
||||
EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
|
||||
EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
|
||||
|
||||
if (ctx)
|
||||
EVP_MD_CTX_init(ctx);
|
||||
@ -316,7 +316,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
|
||||
} else
|
||||
tmp_buf = NULL;
|
||||
EVP_MD_CTX_cleanup(out);
|
||||
memcpy(out, in, sizeof *out);
|
||||
memcpy(out, in, sizeof(*out));
|
||||
|
||||
if (in->md_data && out->digest->ctx_size) {
|
||||
if (tmp_buf)
|
||||
@ -402,7 +402,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
|
||||
#ifdef OPENSSL_FIPS
|
||||
FIPS_md_ctx_cleanup(ctx);
|
||||
#endif
|
||||
memset(ctx, '\0', sizeof *ctx);
|
||||
memset(ctx, '\0', sizeof(*ctx));
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -1089,6 +1089,8 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
|
||||
ctx->iv, &ctx->num, ctx->encrypt, dat->block);
|
||||
len -= MAXBITCHUNK;
|
||||
out += MAXBITCHUNK;
|
||||
in += MAXBITCHUNK;
|
||||
}
|
||||
if (len)
|
||||
CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
|
||||
|
@ -1,6 +1,6 @@
|
||||
/* crypto/evp/e_camellia.c */
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -356,6 +356,8 @@ static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
|
||||
ctx->iv, &ctx->num, ctx->encrypt, dat->block);
|
||||
len -= MAXBITCHUNK;
|
||||
out += MAXBITCHUNK;
|
||||
in += MAXBITCHUNK;
|
||||
}
|
||||
if (len)
|
||||
CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
|
||||
|
@ -85,7 +85,7 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
|
||||
|
||||
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
|
||||
{
|
||||
EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
|
||||
EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
|
||||
if (ctx)
|
||||
EVP_CIPHER_CTX_init(ctx);
|
||||
return ctx;
|
||||
@ -402,7 +402,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
|
||||
}
|
||||
|
||||
b = ctx->cipher->block_size;
|
||||
OPENSSL_assert(b <= sizeof ctx->buf);
|
||||
OPENSSL_assert(b <= sizeof(ctx->buf));
|
||||
if (b == 1) {
|
||||
*outl = 0;
|
||||
return 1;
|
||||
@ -454,7 +454,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
|
||||
return EVP_EncryptUpdate(ctx, out, outl, in, inl);
|
||||
|
||||
b = ctx->cipher->block_size;
|
||||
OPENSSL_assert(b <= sizeof ctx->final);
|
||||
OPENSSL_assert(b <= sizeof(ctx->final));
|
||||
|
||||
if (ctx->final_used) {
|
||||
memcpy(out, ctx->final, b);
|
||||
@ -520,7 +520,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
|
||||
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH);
|
||||
return (0);
|
||||
}
|
||||
OPENSSL_assert(b <= sizeof ctx->final);
|
||||
OPENSSL_assert(b <= sizeof(ctx->final));
|
||||
|
||||
/*
|
||||
* The following assumes that the ciphertext has been authenticated.
|
||||
@ -651,7 +651,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
|
||||
#endif
|
||||
|
||||
EVP_CIPHER_CTX_cleanup(out);
|
||||
memcpy(out, in, sizeof *out);
|
||||
memcpy(out, in, sizeof(*out));
|
||||
|
||||
if (in->cipher_data && in->cipher->ctx_size) {
|
||||
out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
|
||||
|
@ -4,7 +4,7 @@
|
||||
* 2000.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -116,7 +116,7 @@ static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
if (inl<chunk) chunk=inl;\
|
||||
while(inl && inl>=chunk)\
|
||||
{\
|
||||
cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
|
||||
cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?chunk*8:chunk), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
|
||||
inl-=chunk;\
|
||||
in +=chunk;\
|
||||
out+=chunk;\
|
||||
|
@ -161,9 +161,9 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
|
||||
char obj_tmp[80];
|
||||
EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
|
||||
if (!pbe_obj)
|
||||
BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
|
||||
BUF_strlcpy(obj_tmp, "NULL", sizeof(obj_tmp));
|
||||
else
|
||||
i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
|
||||
i2t_ASN1_OBJECT(obj_tmp, sizeof(obj_tmp), pbe_obj);
|
||||
ERR_add_error_data(2, "TYPE=", obj_tmp);
|
||||
return 0;
|
||||
}
|
||||
|
@ -506,7 +506,7 @@ int main(int argc, char **argv)
|
||||
int an = 0;
|
||||
int tn = 0;
|
||||
|
||||
if (!fgets((char *)line, sizeof line, f))
|
||||
if (!fgets((char *)line, sizeof(line), f))
|
||||
break;
|
||||
if (line[0] == '#' || line[0] == '\n')
|
||||
continue;
|
||||
|
@ -111,7 +111,7 @@ static int dev_crypto_init(session_op *ses)
|
||||
close(cryptodev_fd);
|
||||
}
|
||||
assert(ses);
|
||||
memset(ses, '\0', sizeof *ses);
|
||||
memset(ses, '\0', sizeof(*ses));
|
||||
|
||||
return 1;
|
||||
}
|
||||
@ -164,7 +164,7 @@ static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
||||
assert(CDATA(ctx));
|
||||
assert(!dev_failed);
|
||||
|
||||
memset(&cryp, '\0', sizeof cryp);
|
||||
memset(&cryp, '\0', sizeof(cryp));
|
||||
cryp.ses = CDATA(ctx)->ses;
|
||||
cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
|
||||
cryp.flags = 0;
|
||||
@ -329,7 +329,7 @@ static int do_digest(int ses, unsigned char *md, const void *data, int len)
|
||||
return 1;
|
||||
}
|
||||
|
||||
memset(&cryp, '\0', sizeof cryp);
|
||||
memset(&cryp, '\0', sizeof(cryp));
|
||||
cryp.ses = ses;
|
||||
cryp.op = COP_ENCRYPT; /* required to do the MAC rather than check
|
||||
* it */
|
||||
|
@ -262,7 +262,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
|
||||
goto err;
|
||||
}
|
||||
keylen = EVP_CIPHER_CTX_key_length(ctx);
|
||||
OPENSSL_assert(keylen <= sizeof key);
|
||||
OPENSSL_assert(keylen <= sizeof(key));
|
||||
|
||||
/* Decode parameter */
|
||||
|
||||
|
@ -234,7 +234,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx)
|
||||
EVP_MD_CTX_cleanup(&ctx->i_ctx);
|
||||
EVP_MD_CTX_cleanup(&ctx->o_ctx);
|
||||
EVP_MD_CTX_cleanup(&ctx->md_ctx);
|
||||
OPENSSL_cleanse(ctx, sizeof *ctx);
|
||||
OPENSSL_cleanse(ctx, sizeof(*ctx));
|
||||
}
|
||||
|
||||
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
|
||||
|
@ -108,14 +108,14 @@ static void JPAKE_CTX_release(JPAKE_CTX *ctx)
|
||||
OPENSSL_free(ctx->p.peer_name);
|
||||
OPENSSL_free(ctx->p.name);
|
||||
|
||||
memset(ctx, '\0', sizeof *ctx);
|
||||
memset(ctx, '\0', sizeof(*ctx));
|
||||
}
|
||||
|
||||
JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
|
||||
const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
|
||||
const BIGNUM *secret)
|
||||
{
|
||||
JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
|
||||
JPAKE_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
|
||||
if (ctx == NULL)
|
||||
return NULL;
|
||||
|
||||
@ -460,7 +460,7 @@ void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a)
|
||||
int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx)
|
||||
{
|
||||
quickhashbn(send->hhk, ctx->key);
|
||||
SHA1(send->hhk, sizeof send->hhk, send->hhk);
|
||||
SHA1(send->hhk, sizeof(send->hhk), send->hhk);
|
||||
|
||||
return 1;
|
||||
}
|
||||
@ -470,8 +470,8 @@ int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received)
|
||||
unsigned char hhk[SHA_DIGEST_LENGTH];
|
||||
|
||||
quickhashbn(hhk, ctx->key);
|
||||
SHA1(hhk, sizeof hhk, hhk);
|
||||
if (memcmp(hhk, received->hhk, sizeof hhk)) {
|
||||
SHA1(hhk, sizeof(hhk), hhk);
|
||||
if (memcmp(hhk, received->hhk, sizeof(hhk))) {
|
||||
JPAKEerr(JPAKE_F_JPAKE_STEP3A_PROCESS,
|
||||
JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH);
|
||||
return 0;
|
||||
@ -499,7 +499,7 @@ int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received)
|
||||
unsigned char hk[SHA_DIGEST_LENGTH];
|
||||
|
||||
quickhashbn(hk, ctx->key);
|
||||
if (memcmp(hk, received->hk, sizeof hk)) {
|
||||
if (memcmp(hk, received->hk, sizeof(hk))) {
|
||||
JPAKEerr(JPAKE_F_JPAKE_STEP3B_PROCESS, JPAKE_R_HASH_OF_KEY_MISMATCH);
|
||||
return 0;
|
||||
}
|
||||
|
@ -122,9 +122,9 @@ const char *MD2_options(void)
|
||||
fips_md_init(MD2)
|
||||
{
|
||||
c->num = 0;
|
||||
memset(c->state, 0, sizeof c->state);
|
||||
memset(c->cksm, 0, sizeof c->cksm);
|
||||
memset(c->data, 0, sizeof c->data);
|
||||
memset(c->state, 0, sizeof(c->state));
|
||||
memset(c->cksm, 0, sizeof(c->cksm));
|
||||
memset(c->data, 0, sizeof(c->data));
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -102,7 +102,7 @@ void do_fp(FILE *f)
|
||||
fd = fileno(f);
|
||||
MD4_Init(&c);
|
||||
for (;;) {
|
||||
i = read(fd, buf, sizeof buf);
|
||||
i = read(fd, buf, sizeof(buf));
|
||||
if (i <= 0)
|
||||
break;
|
||||
MD4_Update(&c, buf, (unsigned long)i);
|
||||
|
@ -56,7 +56,7 @@
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -633,16 +633,22 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
|
||||
APP_INFO *amip;
|
||||
int ami_cnt;
|
||||
struct tm *lcl = NULL;
|
||||
struct tm result = {0};
|
||||
CRYPTO_THREADID ti;
|
||||
|
||||
#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf))
|
||||
#define BUF_REMAIN (sizeof(buf) - (size_t)(bufp - buf))
|
||||
|
||||
if (m->addr == (char *)l->bio)
|
||||
return;
|
||||
|
||||
if (options & V_CRYPTO_MDEBUG_TIME) {
|
||||
# if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && \
|
||||
!defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_SUNOS) && \
|
||||
(!defined(OPENSSL_SYS_VMS) || defined(localtime_r))
|
||||
lcl = localtime_r(&m->time, &result);
|
||||
# else
|
||||
lcl = localtime(&m->time);
|
||||
|
||||
# endif
|
||||
BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ",
|
||||
lcl->tm_hour, lcl->tm_min, lcl->tm_sec);
|
||||
bufp += strlen(bufp);
|
||||
@ -679,7 +685,7 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
|
||||
|
||||
ami_cnt++;
|
||||
memset(buf, '>', ami_cnt);
|
||||
BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
|
||||
BIO_snprintf(buf + ami_cnt, sizeof(buf) - ami_cnt,
|
||||
" thread=%lu, file=%s, line=%d, info=\"",
|
||||
CRYPTO_THREADID_hash(&amip->threadid), amip->file,
|
||||
amip->line);
|
||||
@ -689,10 +695,10 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
|
||||
memcpy(buf + buf_len, amip->info, 128 - buf_len - 3);
|
||||
buf_len = 128 - 3;
|
||||
} else {
|
||||
BUF_strlcpy(buf + buf_len, amip->info, sizeof buf - buf_len);
|
||||
BUF_strlcpy(buf + buf_len, amip->info, sizeof(buf) - buf_len);
|
||||
buf_len = strlen(buf);
|
||||
}
|
||||
BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n");
|
||||
BIO_snprintf(buf + buf_len, sizeof(buf) - buf_len, "\"\n");
|
||||
|
||||
BIO_puts(l->bio, buf);
|
||||
|
||||
|
@ -58,6 +58,11 @@
|
||||
#ifdef OPENSSL_FIPS
|
||||
# include <openssl/fips.h>
|
||||
# include <openssl/rand.h>
|
||||
|
||||
# ifndef OPENSSL_NO_DEPRECATED
|
||||
/* the prototype is missing in <openssl/fips.h> */
|
||||
void FIPS_crypto_set_id_callback(unsigned long (*func)(void));
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/*
|
||||
|
@ -8,7 +8,7 @@
|
||||
* 2008.
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
|
||||
* Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -105,7 +105,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
|
||||
{
|
||||
struct tm *ts = NULL;
|
||||
|
||||
#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
|
||||
#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_SUNOS)
|
||||
if (gmtime_r(timer, result) == NULL)
|
||||
return NULL;
|
||||
ts = result;
|
||||
@ -141,14 +141,14 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
|
||||
pitem->ileb_64$w_mbo = 1;
|
||||
pitem->ileb_64$w_code = LNM$_STRING;
|
||||
pitem->ileb_64$l_mbmo = -1;
|
||||
pitem->ileb_64$q_length = sizeof (logvalue);
|
||||
pitem->ileb_64$q_length = sizeof(logvalue);
|
||||
pitem->ileb_64$pq_bufaddr = logvalue;
|
||||
pitem->ileb_64$pq_retlen_addr = (unsigned __int64 *) &reslen;
|
||||
pitem++;
|
||||
/* Last item of the item list is null terminated */
|
||||
pitem->ileb_64$q_length = pitem->ileb_64$w_code = 0;
|
||||
# else
|
||||
pitem->ile3$w_length = sizeof (logvalue);
|
||||
pitem->ile3$w_length = sizeof(logvalue);
|
||||
pitem->ile3$w_code = LNM$_STRING;
|
||||
pitem->ile3$ps_bufaddr = logvalue;
|
||||
pitem->ile3$ps_retlen_addr = (unsigned short int *) &reslen;
|
||||
|
@ -312,13 +312,13 @@ void OBJ_NAME_do_all_sorted(int type,
|
||||
|
||||
d.type = type;
|
||||
d.names =
|
||||
OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names);
|
||||
OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof(*d.names));
|
||||
/* Really should return an error if !d.names...but its a void function! */
|
||||
if (d.names) {
|
||||
d.n = 0;
|
||||
OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
|
||||
|
||||
qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
|
||||
qsort((void *)d.names, d.n, sizeof(*d.names), do_all_sorted_cmp);
|
||||
|
||||
for (n = 0; n < d.n; ++n)
|
||||
fn(d.names[n], arg);
|
||||
|
@ -305,9 +305,8 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
|
||||
for (i = ADDED_DATA; i <= ADDED_NID; i++)
|
||||
if (ao[i] != NULL)
|
||||
OPENSSL_free(ao[i]);
|
||||
if (o != NULL)
|
||||
OPENSSL_free(o);
|
||||
return (NID_undef);
|
||||
ASN1_OBJECT_free(o);
|
||||
return NID_undef;
|
||||
}
|
||||
|
||||
ASN1_OBJECT *OBJ_nid2obj(int n)
|
||||
@ -591,7 +590,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
|
||||
n += i;
|
||||
OPENSSL_free(bndec);
|
||||
} else {
|
||||
BIO_snprintf(tbuf, sizeof tbuf, ".%lu", l);
|
||||
BIO_snprintf(tbuf, sizeof(tbuf), ".%lu", l);
|
||||
i = strlen(tbuf);
|
||||
if (buf && (buf_len > 0)) {
|
||||
BUF_strlcpy(buf, tbuf, buf_len);
|
||||
@ -725,6 +724,10 @@ const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num,
|
||||
return (p);
|
||||
}
|
||||
|
||||
/*
|
||||
* Parse a BIO sink to create some extra oid's objects.
|
||||
* Line format:<OID:isdigit or '.']><isspace><SN><isspace><LN>
|
||||
*/
|
||||
int OBJ_create_objects(BIO *in)
|
||||
{
|
||||
MS_STATIC char buf[512];
|
||||
@ -746,9 +749,9 @@ int OBJ_create_objects(BIO *in)
|
||||
*(s++) = '\0';
|
||||
while (isspace((unsigned char)*s))
|
||||
s++;
|
||||
if (*s == '\0')
|
||||
if (*s == '\0') {
|
||||
s = NULL;
|
||||
else {
|
||||
} else {
|
||||
l = s;
|
||||
while ((*l != '\0') && !isspace((unsigned char)*l))
|
||||
l++;
|
||||
@ -756,15 +759,18 @@ int OBJ_create_objects(BIO *in)
|
||||
*(l++) = '\0';
|
||||
while (isspace((unsigned char)*l))
|
||||
l++;
|
||||
if (*l == '\0')
|
||||
if (*l == '\0') {
|
||||
l = NULL;
|
||||
} else
|
||||
}
|
||||
} else {
|
||||
l = NULL;
|
||||
}
|
||||
}
|
||||
} else
|
||||
} else {
|
||||
s = NULL;
|
||||
if ((o == NULL) || (*o == '\0'))
|
||||
return (num);
|
||||
}
|
||||
if (*o == '\0')
|
||||
return num;
|
||||
if (!OBJ_create(o, s, l))
|
||||
return (num);
|
||||
num++;
|
||||
|
@ -30,11 +30,11 @@ extern "C" {
|
||||
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
||||
* major minor fix final patch/beta)
|
||||
*/
|
||||
# define OPENSSL_VERSION_NUMBER 0x100020efL
|
||||
# define OPENSSL_VERSION_NUMBER 0x100020ffL
|
||||
# ifdef OPENSSL_FIPS
|
||||
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2n-fips 7 Dec 2017"
|
||||
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2o-fips 27 Mar 2018"
|
||||
# else
|
||||
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2n 7 Dec 2017"
|
||||
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2o 27 Mar 2018"
|
||||
# endif
|
||||
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
||||
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user