[openssl-commits] [openssl] OpenSSL source code branch master updated. 02a62d1a4ab711e935defb6e61c2564130ff8627
Matt Caswell
matt at openssl.org
Mon Dec 8 16:43:10 EST 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSSL source code".
The branch, master has been updated
via 02a62d1a4ab711e935defb6e61c2564130ff8627 (commit)
via e35af275d592188cb0adf3a4cc6641e302acd9a7 (commit)
via 1939187922a8240b3dd18c455da3636ac754983d (commit)
via 348d0d148a0698c687b16c72869401bd4caa8bd4 (commit)
via 29e7a56d54e5a4e9b7cd1fdf95a2bf42dbf71a76 (commit)
via 2cbc8d7de5265aa86f739a5f7806d95eb8c31c87 (commit)
via aeb556f8317cb5affcadafe17cf59242f1822a2a (commit)
via 18125f7f554034d95c64851bee23fb058a23bfd9 (commit)
via 68c29f61a404db3d620278878d77ca90ad853b8d (commit)
via 5784a52145d0062d42724d4d0fab3b4c82de35ee (commit)
via c0d439019460def565bb115ecef749833eb4c299 (commit)
via 829ccf6ab6aab03a3f60f644027b43a5d2035bf8 (commit)
via 76b2a0227433af6c100aadf9a3df78ea4d52803a (commit)
via 7a5233118ca655ab69387423e26ffb9de20dbaa5 (commit)
via 85bcf27cccd8f5f569886479ad96a0c33444404c (commit)
via dd703de02205dd9d88878cd5a48a15dbf2dd569e (commit)
from e52a3c3d1401fb917df3aa80a19575521cabe4f4 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 02a62d1a4ab711e935defb6e61c2564130ff8627
Author: Matt Caswell <matt at openssl.org>
Date: Sun Nov 2 20:16:59 2014 +0000
Move bn internal functions into bn_int.h and bn_lcl.h
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit e35af275d592188cb0adf3a4cc6641e302acd9a7
Author: Matt Caswell <matt at openssl.org>
Date: Sun Nov 2 19:45:04 2014 +0000
Update documentation following BN opaquify
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 1939187922a8240b3dd18c455da3636ac754983d
Author: Matt Caswell <matt at openssl.org>
Date: Tue Oct 28 23:16:06 2014 +0000
Make bn opaque
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 348d0d148a0698c687b16c72869401bd4caa8bd4
Author: Matt Caswell <matt at openssl.org>
Date: Tue Oct 28 23:36:27 2014 +0000
Update apps for bn opaque change
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 29e7a56d54e5a4e9b7cd1fdf95a2bf42dbf71a76
Author: Matt Caswell <matt at openssl.org>
Date: Tue Oct 28 23:04:39 2014 +0000
Disable engines that will fail to build when bn is made opaque
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 2cbc8d7de5265aa86f739a5f7806d95eb8c31c87
Author: Matt Caswell <matt at openssl.org>
Date: Tue Oct 28 23:04:10 2014 +0000
Implement internally opaque bn access from ts
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit aeb556f8317cb5affcadafe17cf59242f1822a2a
Author: Matt Caswell <matt at openssl.org>
Date: Thu Oct 30 23:21:39 2014 +0000
Implement internally opaque bn access from srp
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 18125f7f554034d95c64851bee23fb058a23bfd9
Author: Matt Caswell <matt at openssl.org>
Date: Tue Oct 28 23:00:29 2014 +0000
Implement internally opaque bn access from rsa
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 68c29f61a404db3d620278878d77ca90ad853b8d
Author: Matt Caswell <matt at openssl.org>
Date: Tue Oct 28 22:59:34 2014 +0000
Implement internally opaque bn access from evp
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 5784a52145d0062d42724d4d0fab3b4c82de35ee
Author: Matt Caswell <matt at openssl.org>
Date: Tue Oct 28 22:58:56 2014 +0000
Implement internally opaque bn access from ec
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit c0d439019460def565bb115ecef749833eb4c299
Author: Matt Caswell <matt at openssl.org>
Date: Tue Oct 28 22:56:18 2014 +0000
Implement internally opaque bn access from dsa
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 829ccf6ab6aab03a3f60f644027b43a5d2035bf8
Author: Matt Caswell <matt at openssl.org>
Date: Thu Oct 30 23:58:19 2014 +0000
Implement internally opaque bn access from dh
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 76b2a0227433af6c100aadf9a3df78ea4d52803a
Author: Matt Caswell <matt at openssl.org>
Date: Fri Oct 31 00:01:18 2014 +0000
Implement internally opaque bn access from asn1
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 7a5233118ca655ab69387423e26ffb9de20dbaa5
Author: Matt Caswell <matt at openssl.org>
Date: Mon Nov 24 10:36:27 2014 +0000
Prepare exptest for bn opaquify
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit 85bcf27cccd8f5f569886479ad96a0c33444404c
Author: Matt Caswell <matt at openssl.org>
Date: Mon Nov 24 10:06:20 2014 +0000
Prepare for bn opaquify. Implement internal helper functions.
Reviewed-by: Tim Hudson <tjh at openssl.org>
commit dd703de02205dd9d88878cd5a48a15dbf2dd569e
Author: Matt Caswell <matt at openssl.org>
Date: Mon Nov 24 10:05:04 2014 +0000
Remove internal bn dependancies from speed.c
Reviewed-by: Tim Hudson <tjh at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/Makefile | 53 ++--
apps/dhparam.c | 23 +-
apps/dsaparam.c | 17 +-
apps/gendh.c | 16 +-
apps/genrsa.c | 36 +--
apps/speed.c | 116 +------
crypto/Makefile | 2 +-
crypto/asn1/Makefile | 2 +-
crypto/asn1/t_pkey.c | 6 +-
crypto/bn/Makefile | 105 +++++--
crypto/bn/bn.h | 242 ++-------------
crypto/{dh/dh_rfc5114.c => bn/bn_dh.c} | 50 +--
crypto/bn/bn_err.c | 4 +-
crypto/bn/bn_intern.c | 248 +++++++++++++++
crypto/bn/bn_lcl.h | 153 ++++++++-
crypto/bn/bn_lib.c | 183 +++++++----
crypto/{srp/srp_grps.h => bn/bn_srp.c} | 51 +--
crypto/bn/bn_x931p.c | 1 +
crypto/bn/exptest.c | 37 ++-
crypto/dh/Makefile | 3 +-
crypto/dh/dh_depr.c | 16 +-
crypto/dh/dh_key.c | 18 +-
crypto/dh/dh_pmeth.c | 10 +-
crypto/dh/dh_rfc5114.c | 191 +-----------
crypto/dh/dhtest.c | 16 +-
crypto/dsa/dsa_depr.c | 16 +-
crypto/dsa/dsa_key.c | 13 +-
crypto/dsa/dsa_ossl.c | 86 +++---
crypto/dsa/dsa_pmeth.c | 9 +-
crypto/dsa/dsatest.c | 14 +-
crypto/ec/Makefile | 11 +-
crypto/ec/ec2_mult.c | 43 +--
crypto/ec/ec2_oct.c | 10 +-
crypto/ec/ec2_smpl.c | 160 +++++-----
crypto/ec/ec_key.c | 6 +-
crypto/ec/ec_lcl.h | 12 +-
crypto/ec/ec_lib.c | 46 +--
crypto/ec/ec_mult.c | 145 +--------
crypto/ec/ec_pmeth.c | 2 +-
crypto/ec/ecp_nist.c | 4 +-
crypto/ec/ecp_nistz256.c | 105 +++----
crypto/ec/ecp_oct.c | 40 +--
crypto/ec/ecp_smpl.c | 324 ++++++++++----------
crypto/ec/ectest.c | 11 +-
crypto/engine/eng_all.c | 3 +
crypto/evp/Makefile | 4 +-
crypto/evp/pmeth_gn.c | 6 +-
.../include/internal/bn_int.h | 99 +++---
crypto/include/internal/bn_srp.h | 35 +++
crypto/rsa/Makefile | 8 +-
crypto/rsa/rsa_crpt.c | 17 +-
crypto/rsa/rsa_depr.c | 10 +-
crypto/rsa/rsa_eay.c | 105 +++++--
crypto/rsa/rsa_gen.c | 17 +-
crypto/rsa/rsa_lib.c | 18 +-
crypto/rsa/rsa_pmeth.c | 10 +-
crypto/srp/Makefile | 2 +-
crypto/srp/srp_lib.c | 18 +-
crypto/ts/ts_lib.c | 11 +-
doc/crypto/BN_CTX_new.pod | 26 +-
doc/crypto/BN_generate_prime.pod | 46 ++-
doc/crypto/BN_mod_mul_montgomery.pod | 40 +--
doc/crypto/BN_mod_mul_reciprocal.pod | 36 ++-
doc/crypto/BN_new.pod | 28 +-
doc/crypto/bn.pod | 22 +-
engines/Makefile | 136 +-------
test/Makefile | 32 +-
util/libeay.num | 43 ++-
68 files changed, 1762 insertions(+), 1666 deletions(-)
copy crypto/{dh/dh_rfc5114.c => bn/bn_dh.c} (93%)
create mode 100644 crypto/bn/bn_intern.c
rename crypto/{srp/srp_grps.h => bn/bn_srp.c} (94%)
copy demos/engines/ibmca/hw_ibmca_err.h => crypto/include/internal/bn_int.h (59%)
create mode 100644 crypto/include/internal/bn_srp.h
diff --git a/apps/Makefile b/apps/Makefile
index 37e35e5..fd53f7c 100644
--- a/apps/Makefile
+++ b/apps/Makefile
@@ -927,33 +927,32 @@ smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
smime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
smime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
smime.o: smime.c
-speed.o: ../crypto/bn/bn_lcl.h ../e_os.h ../include/openssl/aes.h
-speed.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-speed.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
-speed.o: ../include/openssl/buffer.h ../include/openssl/camellia.h
-speed.o: ../include/openssl/cast.h ../include/openssl/conf.h
-speed.o: ../include/openssl/crypto.h ../include/openssl/des.h
-speed.o: ../include/openssl/des_old.h ../include/openssl/dsa.h
-speed.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-speed.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-speed.o: ../include/openssl/engine.h ../include/openssl/err.h
-speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h
-speed.o: ../include/openssl/idea.h ../include/openssl/lhash.h
-speed.o: ../include/openssl/md4.h ../include/openssl/md5.h
-speed.o: ../include/openssl/mdc2.h ../include/openssl/modes.h
-speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-speed.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
-speed.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h
-speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h
-speed.o: ../include/openssl/safestack.h ../include/openssl/seed.h
-speed.o: ../include/openssl/sha.h ../include/openssl/stack.h
-speed.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
-speed.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h
-speed.o: ../include/openssl/whrlpool.h ../include/openssl/x509.h
-speed.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
-speed.o: speed.c testdsa.h testrsa.h
+speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+speed.o: ../include/openssl/camellia.h ../include/openssl/cast.h
+speed.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+speed.o: ../include/openssl/des.h ../include/openssl/des_old.h
+speed.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+speed.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+speed.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+speed.o: ../include/openssl/err.h ../include/openssl/evp.h
+speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h
+speed.o: ../include/openssl/lhash.h ../include/openssl/md4.h
+speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+speed.o: ../include/openssl/modes.h ../include/openssl/obj_mac.h
+speed.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+speed.o: ../include/openssl/rc4.h ../include/openssl/ripemd.h
+speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+speed.o: ../include/openssl/seed.h ../include/openssl/sha.h
+speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+speed.o: ../include/openssl/ui_compat.h ../include/openssl/whrlpool.h
+speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+speed.o: ../include/openssl/x509v3.h apps.h speed.c testdsa.h testrsa.h
spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h
spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
diff --git a/apps/dhparam.c b/apps/dhparam.c
index 606365e..c4cf168 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -292,8 +292,15 @@ bad:
if(num) {
- BN_GENCB cb;
- BN_GENCB_set(&cb, dh_cb, bio_err);
+ BN_GENCB *cb;
+ cb = BN_GENCB_new();
+ if(!cb)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ BN_GENCB_set(cb, dh_cb, bio_err);
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
@@ -309,9 +316,10 @@ bad:
BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
if(!dsa || !DSA_generate_parameters_ex(dsa, num,
- NULL, 0, NULL, NULL, &cb))
+ NULL, 0, NULL, NULL, cb))
{
if(dsa) DSA_free(dsa);
+ BN_GENCB_free(cb);
ERR_print_errors(bio_err);
goto end;
}
@@ -320,6 +328,7 @@ bad:
DSA_free(dsa);
if (dh == NULL)
{
+ BN_GENCB_free(cb);
ERR_print_errors(bio_err);
goto end;
}
@@ -330,13 +339,15 @@ bad:
dh = DH_new();
BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
BIO_printf(bio_err,"This is going to take a long time\n");
- if(!dh || !DH_generate_parameters_ex(dh, num, g, &cb))
+ if(!dh || !DH_generate_parameters_ex(dh, num, g, cb))
{
+ BN_GENCB_free(cb);
ERR_print_errors(bio_err);
goto end;
}
}
+ BN_GENCB_free(cb);
app_RAND_write_file(NULL, bio_err);
} else {
@@ -547,8 +558,8 @@ static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write(cb->arg,&c,1);
- (void)BIO_flush(cb->arg);
+ BIO_write(BN_GENCB_get_arg(cb),&c,1);
+ (void)BIO_flush(BN_GENCB_get_arg(cb));
#ifdef LINT
p=n;
#endif
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index 03e33f9..e51f502 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -119,6 +119,7 @@ int MAIN(int argc, char **argv)
int numbits= -1,num,genkey=0;
int need_rand=0;
int non_fips_allow = 0;
+ BN_GENCB *cb = NULL;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
@@ -291,8 +292,13 @@ bad:
if (numbits > 0)
{
- BN_GENCB cb;
- BN_GENCB_set(&cb, dsa_cb, bio_err);
+ cb = BN_GENCB_new();
+ if(!cb)
+ {
+ BIO_printf(bio_err,"Error allocating BN_GENCB object\n");
+ goto end;
+ }
+ BN_GENCB_set(cb, dsa_cb, bio_err);
assert(need_rand);
dsa = DSA_new();
if(!dsa)
@@ -320,7 +326,7 @@ bad:
alarm(timebomb);
}
#endif
- if(!DSA_generate_parameters_ex(dsa,num,NULL,0,NULL,NULL, &cb))
+ if(!DSA_generate_parameters_ex(dsa,num,NULL,0,NULL,NULL, cb))
{
#ifdef GENCB_TEST
if(stop_keygen_flag)
@@ -458,6 +464,7 @@ bad:
app_RAND_write_file(NULL, bio_err);
ret=0;
end:
+ if (cb != NULL) BN_GENCB_free(cb);
if (in != NULL) BIO_free(in);
if (out != NULL) BIO_free_all(out);
if (dsa != NULL) DSA_free(dsa);
@@ -473,8 +480,8 @@ static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb)
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write(cb->arg,&c,1);
- (void)BIO_flush(cb->arg);
+ BIO_write(BN_GENCB_get_arg(cb),&c,1);
+ (void)BIO_flush(BN_GENCB_get_arg(cb));
#ifdef LINT
p=n;
#endif
diff --git a/apps/gendh.c b/apps/gendh.c
index 8df8c62..1536cbf 100644
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -88,7 +88,7 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
- BN_GENCB cb;
+ BN_GENCB *cb=NULL;
DH *dh=NULL;
int ret=1,num=DEFBITS;
int g=2;
@@ -101,11 +101,16 @@ int MAIN(int argc, char **argv)
apps_startup();
- BN_GENCB_set(&cb, dh_cb, bio_err);
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+ cb = BN_GENCB_new();
+ if(!cb)
+ goto end;
+
+ BN_GENCB_set(cb, dh_cb, bio_err);
+
if (!load_config(bio_err, NULL))
goto end;
@@ -200,7 +205,7 @@ bad:
BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
BIO_printf(bio_err,"This is going to take a long time\n");
- if(((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, &cb))
+ if(((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, cb))
goto end;
app_RAND_write_file(NULL, bio_err);
@@ -213,6 +218,7 @@ end:
ERR_print_errors(bio_err);
if (out != NULL) BIO_free_all(out);
if (dh != NULL) DH_free(dh);
+ if (cb != NULL) BN_GENCB_free(cb);
apps_shutdown();
OPENSSL_EXIT(ret);
}
@@ -225,8 +231,8 @@ static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write(cb->arg,&c,1);
- (void)BIO_flush(cb->arg);
+ BIO_write(BN_GENCB_get_arg(cb),&c,1);
+ (void)BIO_flush(BN_GENCB_get_arg(cb));
#ifdef LINT
p=n;
#endif
diff --git a/apps/genrsa.c b/apps/genrsa.c
index 6b835c0..7b0bcc2 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -88,18 +88,18 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
- BN_GENCB cb;
+ BN_GENCB *cb = NULL;
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
#endif
int ret=1;
int non_fips_allow = 0;
- int i,num=DEFBITS;
- long l;
+ int num=DEFBITS;
const EVP_CIPHER *enc=NULL;
unsigned long f4=RSA_F4;
char *outfile=NULL;
char *passargout = NULL, *passout = NULL;
+ char *hexe, *dece;
#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
#endif
@@ -107,11 +107,14 @@ int MAIN(int argc, char **argv)
BIO *out=NULL;
BIGNUM *bn = BN_new();
RSA *rsa = NULL;
-
if(!bn) goto err;
+ cb = BN_GENCB_new();
+ if(!cb) goto err;
+
apps_startup();
- BN_GENCB_set(&cb, genrsa_cb, bio_err);
+
+ BN_GENCB_set(cb, genrsa_cb, bio_err);
if (bio_err == NULL)
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
@@ -279,23 +282,19 @@ bad:
if (non_fips_allow)
rsa->flags |= RSA_FLAG_NON_FIPS_ALLOW;
- if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
+ if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, cb))
goto err;
app_RAND_write_file(NULL, bio_err);
- /* We need to do the following for when the base number size is <
- * long, esp windows 3.1 :-(. */
- l=0L;
- for (i=0; i<rsa->e->top; i++)
+ hexe = BN_bn2hex(rsa->e);
+ dece = BN_bn2dec(rsa->e);
+ if(hexe && dece)
{
-#ifndef SIXTY_FOUR_BIT
- l<<=BN_BITS4;
- l<<=BN_BITS4;
-#endif
- l+=rsa->e->d[i];
+ BIO_printf(bio_err,"e is %s (0x%s)\n",dece, hexe);
}
- BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
+ if(hexe) OPENSSL_free(hexe);
+ if(dece) OPENSSL_free(dece);
{
PW_CB_DATA cb_data;
cb_data.password = passout;
@@ -308,6 +307,7 @@ bad:
ret=0;
err:
if (bn) BN_free(bn);
+ if (cb) BN_GENCB_free(cb);
if (rsa) RSA_free(rsa);
if (out) BIO_free_all(out);
if(passout) OPENSSL_free(passout);
@@ -325,8 +325,8 @@ static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb)
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write(cb->arg,&c,1);
- (void)BIO_flush(cb->arg);
+ BIO_write(BN_GENCB_get_arg(cb),&c,1);
+ (void)BIO_flush(BN_GENCB_get_arg(cb));
#ifdef LINT
p=n;
#endif
diff --git a/apps/speed.c b/apps/speed.c
index c99c786..b5d7921 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -189,7 +189,7 @@
#endif
#include <openssl/modes.h>
-#include "../crypto/bn/bn_lcl.h"
+#include <openssl/bn.h>
#ifndef HAVE_FORK
# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
@@ -216,11 +216,9 @@ static int usertime=1;
static double Time_F(int s);
static void print_message(const char *s,long num,int length);
-static void prime_print_message(const char *s, long num);
static void pkey_print_message(const char *str, const char *str2,
long num, int bits, int sec);
static void print_result(int alg,int run_no,int count,double time_used);
-static void prime_print_result(int alg, int count, double time_used);
#ifndef NO_FORK
static int do_multi(int multi);
#endif
@@ -244,8 +242,6 @@ static const char *names[ALGOR_NUM]={
"aes-128 ige","aes-192 ige","aes-256 ige","ghash" };
static double results[ALGOR_NUM][SIZE_NUM];
static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
-static const char *prime_names[PRIME_NUM]={
- "prime trial division", "prime trial division retry", "prime coprime" };
#ifndef OPENSSL_NO_RSA
static double rsa_results[RSA_NUM][2];
#endif
@@ -502,11 +498,7 @@ int MAIN(int argc, char **argv)
double d=0.0;
long c[ALGOR_NUM][SIZE_NUM];
-#define D_PRIME_TRIAL_DIVISION 0
-#define D_PRIME_TRIAL_DIVISION_RETRY 1
-#define D_PRIME_COPRIME 2
#ifndef OPENSSL_SYS_WIN32
- long prime_c[PRIME_NUM];
#endif
#define R_DSA_512 0
#define R_DSA_1024 1
@@ -626,7 +618,6 @@ int MAIN(int argc, char **argv)
long ecdh_c[EC_NUM][2];
#endif
- int prime_doit[PRIME_NUM];
int rsa_doit[RSA_NUM];
int dsa_doit[DSA_NUM];
#ifndef OPENSSL_NO_ECDSA
@@ -713,9 +704,6 @@ int MAIN(int argc, char **argv)
for (i=0; i<EC_NUM; i++)
ecdh_doit[i]=0;
#endif
- for (i=0; i<PRIME_NUM; i++)
- prime_doit[i]=0;
-
j=0;
argc--;
@@ -1057,18 +1045,6 @@ int MAIN(int argc, char **argv)
}
else
#endif
- if (strcmp(*argv,"prime-trial-division") == 0)
- prime_doit[D_PRIME_TRIAL_DIVISION] = 1;
- else if (strcmp(*argv,"prime-trial-division-retry") == 0)
- prime_doit[D_PRIME_TRIAL_DIVISION_RETRY] = 1;
- else if (strcmp(*argv,"prime-coprime") == 0)
- prime_doit[D_PRIME_COPRIME] = 1;
- else if (strcmp(*argv,"prime") == 0)
- {
- for (i=0; i < PRIME_NUM; i++)
- prime_doit[i]=1;
- }
- else
{
BIO_printf(bio_err,"Error: bad option or value\n");
BIO_printf(bio_err,"\n");
@@ -1196,7 +1172,6 @@ int MAIN(int argc, char **argv)
!defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA)
BIO_printf(bio_err,"\n");
#endif
- BIO_printf(bio_err,"prime-trial-division prime-coprime\n");
BIO_printf(bio_err,"\n");
BIO_printf(bio_err,"Available options:\n");
@@ -1406,10 +1381,7 @@ int MAIN(int argc, char **argv)
c[D_IGE_192_AES][i]=c[D_IGE_192_AES][i-1]*l0/l1;
c[D_IGE_256_AES][i]=c[D_IGE_256_AES][i-1]*l0/l1;
}
-
- prime_c[D_PRIME_TRIAL_DIVISION]=count;
- prime_c[D_PRIME_TRIAL_DIVISION_RETRY]=count;
- prime_c[D_PRIME_COPRIME]=count;
+
#ifndef OPENSSL_NO_RSA
rsa_c[R_RSA_512][0]=count/2000;
@@ -2091,65 +2063,6 @@ int MAIN(int argc, char **argv)
}
}
#ifndef OPENSSL_SYS_WIN32
- if (prime_doit[D_PRIME_TRIAL_DIVISION])
- {
- BIGNUM *rnd = BN_new();
- BIGNUM *add = BN_new();
- BN_CTX *ctx = BN_CTX_new();
-
- BN_set_word(add, 2);
- prime_print_message(prime_names[D_PRIME_TRIAL_DIVISION],
- prime_c[D_PRIME_TRIAL_DIVISION]);
-
- Time_F(START);
- for (count=0, run=1; COND(prime_c[D_PRIME_TRIAL_DIVISION]); count++)
- if (!bn_probable_prime_dh(rnd, 1024, add, NULL, ctx)) count--;
-
- d=Time_F(STOP);
- prime_print_result(D_PRIME_TRIAL_DIVISION, count, d);
-
- BN_CTX_free(ctx);
- BN_free(add);
- BN_free(rnd);
- }
-
- if (prime_doit[D_PRIME_TRIAL_DIVISION_RETRY])
- {
- BIGNUM *rnd = BN_new();
- BN_CTX *ctx = BN_CTX_new();
-
- prime_print_message(prime_names[D_PRIME_TRIAL_DIVISION_RETRY],
- prime_c[D_PRIME_TRIAL_DIVISION_RETRY]);
-
- Time_F(START);
- for (count=0, run=1; COND(prime_c[D_PRIME_TRIAL_DIVISION_RETRY]); count++)
- if (!bn_probable_prime_dh_retry(rnd, 1024, ctx)) count--;
-
- d=Time_F(STOP);
- prime_print_result(D_PRIME_TRIAL_DIVISION_RETRY, count, d);
-
- BN_CTX_free(ctx);
- BN_free(rnd);
- }
-
- if (prime_doit[D_PRIME_COPRIME])
- {
- BIGNUM *rnd = BN_new();
- BN_CTX *ctx = BN_CTX_new();
-
- prime_print_message(prime_names[D_PRIME_COPRIME],
- prime_c[D_PRIME_COPRIME]);
-
- Time_F(START);
- for (count=0, run=1; COND(prime_c[D_PRIME_COPRIME]); count++)
- if (!bn_probable_prime_dh_coprime(rnd, 1024, ctx)) count--;
-
- d=Time_F(STOP);
- prime_print_result(D_PRIME_COPRIME, count, d);
-
- BN_CTX_free(ctx);
- BN_free(rnd);
- }
#endif
RAND_pseudo_bytes(buf,36);
#ifndef OPENSSL_NO_RSA
@@ -2741,23 +2654,6 @@ static void print_message(const char *s, long num, int length)
#endif
}
-static void prime_print_message(const char *s, long num)
- {
-#ifdef SIGALRM
- BIO_printf(bio_err,mr ? "+DT:%s:%d\n"
- : "Doing %s for %ds: ", s, PRIME_SECONDS);
- (void)BIO_flush(bio_err);
- alarm(PRIME_SECONDS);
-#else
- BIO_printf(bio_err,mr ? "+DN:%s:%ld\n"
- : "Doing %s %ld times: ", s, num);
- (void)BIO_flush(bio_err);
-#endif
-#ifdef LINT
- num=num;
-#endif
- }
-
static void pkey_print_message(const char *str, const char *str2, long num,
int bits, int tm)
{
@@ -2783,14 +2679,6 @@ static void print_result(int alg,int run_no,int count,double time_used)
results[alg][run_no]=((double)count)/time_used*lengths[run_no];
}
-static void prime_print_result(int alg, int count, double time_used)
- {
- BIO_printf(bio_err,
- mr ? "+R:%d:%s:%f:%f\n" : "%d %s's in %.2fs (%.2f microseconds / run)\n",
- count, prime_names[alg], time_used,
- time_used / ((double)count) * 1000000);
- }
-
#ifndef NO_FORK
static char *sstrsep(char **string, const char *delim)
{
diff --git a/crypto/Makefile b/crypto/Makefile
index f43edad..12be189 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -7,7 +7,7 @@ TOP= ..
CC= cc
INCLUDE= -I. -I$(TOP) -I../include $(ZLIB_INCLUDE)
# INCLUDES targets sudbirs!
-INCLUDES= -I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include $(ZLIB_INCLUDE)
+INCLUDES= -I.. -I../.. -I../modes -I../asn1 -I../evp -I../include -I../../include $(ZLIB_INCLUDE)
CFLAG= -g
MAKEDEPPROG= makedepend
MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
diff --git a/crypto/asn1/Makefile b/crypto/asn1/Makefile
index 4ea6fb8..a7b6c35 100644
--- a/crypto/asn1/Makefile
+++ b/crypto/asn1/Makefile
@@ -612,7 +612,7 @@ t_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_pkey.o: ../cryptlib.h t_pkey.c
+t_pkey.o: ../cryptlib.h ../include/internal/bn_int.h t_pkey.c
t_req.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c
index 9dd18f6..44f7183 100644
--- a/crypto/asn1/t_pkey.c
+++ b/crypto/asn1/t_pkey.c
@@ -60,7 +60,7 @@
#include "cryptlib.h"
#include <openssl/objects.h>
#include <openssl/buffer.h>
-#include <openssl/bn.h>
+#include "internal/bn_int.h"
int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
unsigned char *buf, int off)
@@ -82,8 +82,8 @@ int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
if (BN_num_bytes(num) <= BN_BYTES)
{
if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg,
- (unsigned long)num->d[0],neg,(unsigned long)num->d[0])
- <= 0) return(0);
+ (unsigned long)bn_get_words(num)[0],neg,
+ (unsigned long)bn_get_words(num)[0])<= 0) return(0);
}
else
{
diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile
index 270af09..f0548ed 100644
--- a/crypto/bn/Makefile
+++ b/crypto/bn/Makefile
@@ -6,7 +6,7 @@ DIR= bn
TOP= ../..
CC= cc
CPP= $(CC) -E
-INCLUDES= -I.. -I$(TOP) -I../../include
+INCLUDES= -I.. -I$(TOP) -I../include -I../../include
CFLAG=-g
MAKEFILE= Makefile
AR= ar r
@@ -26,13 +26,13 @@ LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
- bn_depr.c bn_const.c bn_x931p.c
+ bn_depr.c bn_const.c bn_x931p.c bn_intern.c bn_dh.c bn_srp.c
LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
- bn_depr.o bn_const.o bn_x931p.o
+ bn_depr.o bn_const.o bn_x931p.o bn_intern.o bn_dh.o bn_srp.o
SRC= $(LIBSRC)
@@ -194,21 +194,24 @@ bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h
+bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_add.o: ../include/internal/bn_int.h bn_add.c bn_lcl.h
bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h
+bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_asm.o: ../include/internal/bn_int.h bn_asm.c bn_lcl.h
bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
+bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_blind.o: ../include/internal/bn_int.h bn_blind.c bn_lcl.h
bn_const.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
bn_const.o: ../../include/openssl/opensslconf.h
bn_const.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -220,7 +223,8 @@ bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h
+bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_ctx.o: ../include/internal/bn_int.h bn_ctx.c bn_lcl.h
bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -228,14 +232,21 @@ bn_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h
+bn_depr.o: ../cryptlib.h ../include/internal/bn_int.h bn_depr.c bn_lcl.h
+bn_dh.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+bn_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bn_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_dh.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_dh.o: ../../include/openssl/symhacks.h ../include/internal/bn_int.h bn_dh.c
+bn_dh.o: bn_lcl.h
bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h
+bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_div.o: ../include/internal/bn_int.h bn_div.c bn_lcl.h
bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
@@ -249,78 +260,97 @@ bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp.c bn_lcl.h
-bn_exp.o: rsaz_exp.h
+bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_exp.o: ../include/internal/bn_int.h bn_exp.c bn_lcl.h rsaz_exp.h
bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h
+bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_exp2.o: ../include/internal/bn_int.h bn_exp2.c bn_lcl.h
bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h
+bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_gcd.o: ../include/internal/bn_int.h bn_gcd.c bn_lcl.h
bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h
+bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_gf2m.o: ../include/internal/bn_int.h bn_gf2m.c bn_lcl.h
+bn_intern.o: ../../e_os.h ../../include/openssl/bio.h
+bn_intern.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+bn_intern.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bn_intern.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+bn_intern.o: ../../include/openssl/opensslconf.h
+bn_intern.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_intern.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_intern.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_intern.o: ../include/internal/bn_int.h bn_intern.c bn_lcl.h
bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h
+bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_kron.o: ../include/internal/bn_int.h bn_kron.c bn_lcl.h
bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c
+bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_lib.o: ../include/internal/bn_int.h bn_lcl.h bn_lib.c
bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c
+bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_mod.o: ../include/internal/bn_int.h bn_lcl.h bn_mod.c
bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c
+bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_mont.o: ../include/internal/bn_int.h bn_lcl.h bn_mont.c
bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mpi.c
+bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_mpi.o: ../include/internal/bn_int.h bn_lcl.h bn_mpi.c
bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mul.c
+bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_mul.o: ../include/internal/bn_int.h bn_lcl.h bn_mul.c
bn_nist.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_nist.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c
+bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_nist.o: ../include/internal/bn_int.h bn_lcl.h bn_nist.c
bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -328,14 +358,16 @@ bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h
+bn_prime.o: ../cryptlib.h ../include/internal/bn_int.h bn_lcl.h bn_prime.c
+bn_prime.o: bn_prime.h
bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c
+bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_print.o: ../include/internal/bn_int.h bn_lcl.h bn_print.c
bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -343,44 +375,57 @@ bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
bn_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-bn_rand.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_rand.c
+bn_rand.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_rand.o: ../include/internal/bn_int.h bn_lcl.h bn_rand.c
bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c
+bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_recp.o: ../include/internal/bn_int.h bn_lcl.h bn_recp.c
bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_shift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_shift.c
+bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_shift.o: ../include/internal/bn_int.h bn_lcl.h bn_shift.c
bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqr.c
+bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_sqr.o: ../include/internal/bn_int.h bn_lcl.h bn_sqr.c
bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqrt.c
+bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_sqrt.o: ../include/internal/bn_int.h bn_lcl.h bn_sqrt.c
+bn_srp.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+bn_srp.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bn_srp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_srp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_srp.o: ../../include/openssl/symhacks.h ../include/internal/bn_int.h
+bn_srp.o: bn_lcl.h bn_srp.c
bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
+bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h
+bn_word.o: ../include/internal/bn_int.h bn_lcl.h bn_word.c
bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
bn_x931p.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
bn_x931p.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_x931p.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_x931p.o: ../../include/openssl/symhacks.h bn_x931p.c
+bn_x931p.o: ../../include/openssl/symhacks.h ../include/internal/bn_int.h
+bn_x931p.o: bn_lcl.h bn_x931p.c
diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
index f4c8cc0..6bccbfe 100644
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -272,19 +272,14 @@ extern "C" {
#ifndef OPENSSL_NO_DEPRECATED
#define BN_FLG_FREE 0x8000 /* used for debuging */
#endif
-#define BN_set_flags(b,n) ((b)->flags|=(n))
-#define BN_get_flags(b,n) ((b)->flags&(n))
+
+void BN_set_flags(BIGNUM *b, int n);
+int BN_get_flags(const BIGNUM *b, int n);
/* get a clone of a BIGNUM with changed flags, for *temporary* use only
* (the two BIGNUMs cannot not be used in parallel!) */
-#define BN_with_flags(dest,b,n) ((dest)->d=(b)->d, \
- (dest)->top=(b)->top, \
- (dest)->dmax=(b)->dmax, \
- (dest)->neg=(b)->neg, \
- (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
- | ((b)->flags & ~BN_FLG_MALLOCED) \
- | BN_FLG_STATIC_DATA \
- | (n)))
+void BN_with_flags(BIGNUM *dest, const BIGNUM *b, int n);
+
/* Already declared in ossl_typ.h */
#if 0
@@ -297,68 +292,20 @@ typedef struct bn_recp_ctx_st BN_RECP_CTX;
typedef struct bn_gencb_st BN_GENCB;
#endif
-struct bignum_st
- {
- BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
- int top; /* Index of last used d +1. */
- /* The next are internal book keeping for bn_expand. */
- int dmax; /* Size of the d array. */
- int neg; /* one if the number is negative */
- int flags;
- };
-
-/* Used for montgomery multiplication */
-struct bn_mont_ctx_st
- {
- int ri; /* number of bits in R */
- BIGNUM RR; /* used to convert to montgomery form */
- BIGNUM N; /* The modulus */
- BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1
- * (Ni is only stored for bignum algorithm) */
- BN_ULONG n0[2];/* least significant word(s) of Ni;
- (type changed with 0.9.9, was "BN_ULONG n0;" before) */
- int flags;
- };
-
-/* Used for reciprocal division/mod functions
- * It cannot be shared between threads
- */
-struct bn_recp_ctx_st
- {
- BIGNUM N; /* the divisor */
- BIGNUM Nr; /* the reciprocal */
- int num_bits;
- int shift;
- int flags;
- };
-
-/* Used for slow "generation" functions. */
-struct bn_gencb_st
- {
- unsigned int ver; /* To handle binary (in)compatibility */
- void *arg; /* callback-specific data */
- union
- {
- /* if(ver==1) - handles old style callbacks */
- void (*cb_1)(int, int, void *);
- /* if(ver==2) - new callback style */
- int (*cb_2)(int, int, BN_GENCB *);
- } cb;
- };
/* Wrapper function to make using BN_GENCB easier, */
int BN_GENCB_call(BN_GENCB *cb, int a, int b);
-/* Macro to populate a BN_GENCB structure with an "old"-style callback */
-#define BN_GENCB_set_old(gencb, callback, cb_arg) { \
- BN_GENCB *tmp_gencb = (gencb); \
- tmp_gencb->ver = 1; \
- tmp_gencb->arg = (cb_arg); \
- tmp_gencb->cb.cb_1 = (callback); }
-/* Macro to populate a BN_GENCB structure with a "new"-style callback */
-#define BN_GENCB_set(gencb, callback, cb_arg) { \
- BN_GENCB *tmp_gencb = (gencb); \
- tmp_gencb->ver = 2; \
- tmp_gencb->arg = (cb_arg); \
- tmp_gencb->cb.cb_2 = (callback); }
+
+BN_GENCB *BN_GENCB_new(void);
+void BN_GENCB_free(BN_GENCB *cb);
+
+/* Populate a BN_GENCB structure with an "old"-style callback */
+void BN_GENCB_set_old(BN_GENCB *gencb, void (*callback)(int, int, void *), void *cb_arg);
+
+/* Populate a BN_GENCB structure with a "new"-style callback */
+void BN_GENCB_set(BN_GENCB *gencb, int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+
+void *BN_GENCB_get_arg(BN_GENCB *cb);
#define BN_prime_checks 0 /* default: select number of iterations
based on the size of the number */
@@ -383,21 +330,18 @@ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
#define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
-/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
-#define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
- (((w) == 0) && ((a)->top == 0)))
-#define BN_is_zero(a) ((a)->top == 0)
-#define BN_is_one(a) (BN_abs_is_word((a),1) && !(a)->neg)
-#define BN_is_word(a,w) (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
-#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1))
+
+int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w);
+int BN_is_zero(const BIGNUM *a);
+int BN_is_one(const BIGNUM *a);
+int BN_is_word(const BIGNUM *a, const BN_ULONG w);
+int BN_is_odd(const BIGNUM *a);
+
#define BN_one(a) (BN_set_word((a),1))
-#define BN_zero_ex(a) \
- do { \
- BIGNUM *_tmp_bn = (a); \
- _tmp_bn->top = 0; \
- _tmp_bn->neg = 0; \
- } while(0)
+
+void BN_zero_ex(BIGNUM *a);
+
#ifdef OPENSSL_NO_DEPRECATED
#define BN_zero(a) BN_zero_ex(a)
#else
@@ -407,9 +351,6 @@ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
const BIGNUM *BN_value_one(void);
char * BN_options(void);
BN_CTX *BN_CTX_new(void);
-#ifndef OPENSSL_NO_DEPRECATED
-void BN_CTX_init(BN_CTX *c);
-#endif
void BN_CTX_free(BN_CTX *c);
void BN_CTX_start(BN_CTX *ctx);
BIGNUM *BN_CTX_get(BN_CTX *ctx);
@@ -422,7 +363,6 @@ int BN_num_bits(const BIGNUM *a);
int BN_num_bits_word(BN_ULONG l);
int BN_security_bits(int L, int N);
BIGNUM *BN_new(void);
-void BN_init(BIGNUM *);
void BN_clear_free(BIGNUM *a);
BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
void BN_swap(BIGNUM *a, BIGNUM *b);
@@ -445,7 +385,7 @@ void BN_set_negative(BIGNUM *b, int n);
* \param a pointer to the BIGNUM object
* \return 1 if a < 0 and 0 otherwise
*/
-#define BN_is_negative(a) ((a)->neg != 0)
+int BN_is_negative(const BIGNUM *b);
int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
BN_CTX *ctx);
@@ -555,11 +495,9 @@ int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
BN_GENCB *cb);
BN_MONT_CTX *BN_MONT_CTX_new(void );
-void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
BN_MONT_CTX *mont, BN_CTX *ctx);
-#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
- (r),(a),&((mont)->RR),(mont),(ctx))
+int BN_to_montgomery(BIGNUM *r,const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx);
int BN_from_montgomery(BIGNUM *r,const BIGNUM *a,
BN_MONT_CTX *mont, BN_CTX *ctx);
void BN_MONT_CTX_free(BN_MONT_CTX *mont);
@@ -597,7 +535,6 @@ void BN_set_params(int mul,int high,int low,int mont);
int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
#endif
-void BN_RECP_CTX_init(BN_RECP_CTX *recp);
BN_RECP_CTX *BN_RECP_CTX_new(void);
void BN_RECP_CTX_free(BN_RECP_CTX *recp);
int BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx);
@@ -683,124 +620,6 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, const BIGNUM *priv,
const unsigned char *message, size_t message_len,
BN_CTX *ctx);
-/* library internal functions */
-
-#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
- (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
-#define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
-#endif
-
-/* Bignum consistency macros
- * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
- * bignum data after direct manipulations on the data. There is also an
- * "internal" macro, bn_check_top(), for verifying that there are no leading
- * zeroes. Unfortunately, some auditing is required due to the fact that
- * bn_fix_top() has become an overabused duct-tape because bignum data is
- * occasionally passed around in an inconsistent state. So the following
- * changes have been made to sort this out;
- * - bn_fix_top()s implementation has been moved to bn_correct_top()
- * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
- * bn_check_top() is as before.
- * - if BN_DEBUG *is* defined;
- * - bn_check_top() tries to pollute unused words even if the bignum 'top' is
- * consistent. (ed: only if BN_DEBUG_RAND is defined)
- * - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
- * The idea is to have debug builds flag up inconsistent bignums when they
- * occur. If that occurs in a bn_fix_top(), we examine the code in question; if
- * the use of bn_fix_top() was appropriate (ie. it follows directly after code
- * that manipulates the bignum) it is converted to bn_correct_top(), and if it
- * was not appropriate, we convert it permanently to bn_check_top() and track
- * down the cause of the bug. Eventually, no internal code should be using the
- * bn_fix_top() macro. External applications and libraries should try this with
- * their own code too, both in terms of building against the openssl headers
- * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
- * defined. This not only improves external code, it provides more test
- * coverage for openssl's own code.
- */
-
-#ifdef BN_DEBUG
-
-/* We only need assert() when debugging */
-#include <assert.h>
-
-#ifdef BN_DEBUG_RAND
-/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
-#ifndef RAND_pseudo_bytes
-int RAND_pseudo_bytes(unsigned char *buf,int num);
-#define BN_DEBUG_TRIX
-#endif
-#define bn_pollute(a) \
- do { \
- const BIGNUM *_bnum1 = (a); \
- if(_bnum1->top < _bnum1->dmax) { \
- unsigned char _tmp_char; \
- /* We cast away const without the compiler knowing, any \
- * *genuinely* constant variables that aren't mutable \
- * wouldn't be constructed with top!=dmax. */ \
- BN_ULONG *_not_const; \
- memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
- RAND_pseudo_bytes(&_tmp_char, 1); \
- memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
- (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
- } \
- } while(0)
-#ifdef BN_DEBUG_TRIX
-#undef RAND_pseudo_bytes
-#endif
-#else
-#define bn_pollute(a)
-#endif
-#define bn_check_top(a) \
- do { \
- const BIGNUM *_bnum2 = (a); \
- if (_bnum2 != NULL) { \
- assert((_bnum2->top == 0) || \
- (_bnum2->d[_bnum2->top - 1] != 0)); \
- bn_pollute(_bnum2); \
- } \
- } while(0)
-
-#define bn_fix_top(a) bn_check_top(a)
-
-#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
-#define bn_wcheck_size(bn, words) \
- do { \
- const BIGNUM *_bnum2 = (bn); \
- assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \
- } while(0)
-
-#else /* !BN_DEBUG */
-
-#define bn_pollute(a)
-#define bn_check_top(a)
-#define bn_fix_top(a) bn_correct_top(a)
-#define bn_check_size(bn, bits)
-#define bn_wcheck_size(bn, words)
-
-#endif
-
-#define bn_correct_top(a) \
- { \
- BN_ULONG *ftl; \
- int tmp_top = (a)->top; \
- if (tmp_top > 0) \
- { \
- for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
- if (*(ftl--)) break; \
- (a)->top = tmp_top; \
- } \
- bn_pollute(a); \
- }
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
-BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
-BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
/* Primes from RFC 2409 */
BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
@@ -816,6 +635,7 @@ BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
int BN_bntest_rand(BIGNUM *rnd, int bits, int top,int bottom);
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@@ -833,6 +653,7 @@ void ERR_load_BN_strings(void);
#define BN_F_BN_BLINDING_UPDATE 103
#define BN_F_BN_BN2DEC 104
#define BN_F_BN_BN2HEX 105
+#define BN_F_BN_COMPUTE_WNAF 142
#define BN_F_BN_CTX_GET 116
#define BN_F_BN_CTX_NEW 106
#define BN_F_BN_CTX_START 129
@@ -842,6 +663,7 @@ void ERR_load_BN_strings(void);
#define BN_F_BN_EXP 123
#define BN_F_BN_EXPAND2 108
#define BN_F_BN_EXPAND_INTERNAL 120
+#define BN_F_BN_GENCB_NEW 143
#define BN_F_BN_GENERATE_DSA_NONCE 140
#define BN_F_BN_GENERATE_PRIME_EX 141
#define BN_F_BN_GF2M_MOD 131
diff --git a/crypto/dh/dh_rfc5114.c b/crypto/bn/bn_dh.c
similarity index 93%
copy from crypto/dh/dh_rfc5114.c
copy to crypto/bn/bn_dh.c
index ced7fce..3658d0a 100644
--- a/crypto/dh/dh_rfc5114.c
+++ b/crypto/bn/bn_dh.c
@@ -55,11 +55,9 @@
*
*/
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/dh.h>
-#include <openssl/bn.h>
+#include "bn_lcl.h"
+#ifndef OPENSSL_NO_DH
/* DH parameters from RFC5114 */
#if BN_BITS2 == 64
@@ -235,40 +233,20 @@ static const BN_ULONG dh2048_256_q[] = {
/* Macro to make a BIGNUM from static data */
-#define make_dh_bn(x) static const BIGNUM _bignum_##x = { (BN_ULONG *) x, \
+#define make_dh_bn(x) const BIGNUM _bignum_##x = { (BN_ULONG *) x, \
sizeof(x)/sizeof(BN_ULONG),\
sizeof(x)/sizeof(BN_ULONG),\
- 0, BN_FLG_STATIC_DATA }
-
-/* Macro to make a DH structure from BIGNUM data. NB: although just copying
- * the BIGNUM static pointers would be more efficient we can't as they get
- * wiped using BN_clear_free() when DH_free() is called.
- */
-
-#define make_dh(x) \
-DH * DH_get_##x(void) \
- { \
- DH *dh; \
- make_dh_bn(dh##x##_p); \
- make_dh_bn(dh##x##_q); \
- make_dh_bn(dh##x##_g); \
- dh = DH_new(); \
- if (!dh) \
- return NULL; \
- dh->p = BN_dup(&_bignum_dh##x##_p); \
- dh->g = BN_dup(&_bignum_dh##x##_g); \
- dh->q = BN_dup(&_bignum_dh##x##_q); \
- if (!dh->p || !dh->q || !dh->g) \
- { \
- DH_free(dh); \
- return NULL; \
- } \
- return dh; \
- }
-
-make_dh(1024_160)
-make_dh(2048_224)
-make_dh(2048_256)
+ 0, BN_FLG_STATIC_DATA };
+make_dh_bn(dh1024_160_p)
+make_dh_bn(dh1024_160_g)
+make_dh_bn(dh1024_160_q)
+make_dh_bn(dh2048_224_p)
+make_dh_bn(dh2048_224_g)
+make_dh_bn(dh2048_224_q)
+make_dh_bn(dh2048_256_p)
+make_dh_bn(dh2048_256_g)
+make_dh_bn(dh2048_256_q)
+#endif
diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c
index 18a28ec..f2580b3 100644
--- a/crypto/bn/bn_err.c
+++ b/crypto/bn/bn_err.c
@@ -1,6 +1,6 @@
/* crypto/bn/bn_err.c */
/* ====================================================================
- * Copyright (c) 1999-2013 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -78,6 +78,7 @@ static ERR_STRING_DATA BN_str_functs[]=
{ERR_FUNC(BN_F_BN_BLINDING_UPDATE), "BN_BLINDING_update"},
{ERR_FUNC(BN_F_BN_BN2DEC), "BN_bn2dec"},
{ERR_FUNC(BN_F_BN_BN2HEX), "BN_bn2hex"},
+{ERR_FUNC(BN_F_BN_COMPUTE_WNAF), "bn_compute_wNAF"},
{ERR_FUNC(BN_F_BN_CTX_GET), "BN_CTX_get"},
{ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"},
{ERR_FUNC(BN_F_BN_CTX_START), "BN_CTX_start"},
@@ -87,6 +88,7 @@ static ERR_STRING_DATA BN_str_functs[]=
{ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
{ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"},
{ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"},
+{ERR_FUNC(BN_F_BN_GENCB_NEW), "BN_GENCB_new"},
{ERR_FUNC(BN_F_BN_GENERATE_DSA_NONCE), "BN_generate_dsa_nonce"},
{ERR_FUNC(BN_F_BN_GENERATE_PRIME_EX), "BN_generate_prime_ex"},
{ERR_FUNC(BN_F_BN_GF2M_MOD), "BN_GF2m_mod"},
diff --git a/crypto/bn/bn_intern.c b/crypto/bn/bn_intern.c
new file mode 100644
index 0000000..a0cfcff
--- /dev/null
+++ b/crypto/bn/bn_intern.c
@@ -0,0 +1,248 @@
+/* ====================================================================
+ * Copyright (c) 1998-2014 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/*
+ * Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
+ * This is an array r[] of values that are either zero or odd with an
+ * absolute value less than 2^w satisfying
+ * scalar = \sum_j r[j]*2^j
+ * where at most one of any w+1 consecutive digits is non-zero
+ * with the exception that the most significant digit may be only
+ * w-1 zeros away from that next non-zero digit.
+ */
+signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len)
+{
+ int window_val;
+ int ok = 0;
+ signed char *r = NULL;
+ int sign = 1;
+ int bit, next_bit, mask;
+ size_t len = 0, j;
+
+ if (BN_is_zero(scalar)) {
+ r = OPENSSL_malloc(1);
+ if (!r) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ r[0] = 0;
+ *ret_len = 1;
+ return r;
+ }
+
+ if (w <= 0 || w > 7) { /* 'signed char' can represent integers with absolute values less than 2^7 */
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ bit = 1 << w; /* at most 128 */
+ next_bit = bit << 1; /* at most 256 */
+ mask = next_bit - 1; /* at most 255 */
+
+ if (BN_is_negative(scalar)) {
+ sign = -1;
+ }
+
+ if (scalar->d == NULL || scalar->top == 0) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ len = BN_num_bits(scalar);
+ r = OPENSSL_malloc(len + 1); /*
+ * Modified wNAF may be one digit longer than binary representation
+ * (*ret_len will be set to the actual length, i.e. at most
+ * BN_num_bits(scalar) + 1)
+ */
+ if (r == NULL) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ window_val = scalar->d[0] & mask;
+ j = 0;
+ while ((window_val != 0) || (j + w + 1 < len)) { /* if j+w+1 >= len, window_val will not increase */
+ int digit = 0;
+
+ /* 0 <= window_val <= 2^(w+1) */
+
+ if (window_val & 1) {
+ /* 0 < window_val < 2^(w+1) */
+
+ if (window_val & bit) {
+ digit = window_val - next_bit; /* -2^w < digit < 0 */
+
+#if 1 /* modified wNAF */
+ if (j + w + 1 >= len) {
+ /*
+ * Special case for generating modified wNAFs:
+ * no new bits will be added into window_val,
+ * so using a positive digit here will decrease
+ * the total length of the representation
+ */
+
+ digit = window_val & (mask >> 1); /* 0 < digit < 2^w */
+ }
+#endif
+ } else {
+ digit = window_val; /* 0 < digit < 2^w */
+ }
+
+ if (digit <= -bit || digit >= bit || !(digit & 1)) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ window_val -= digit;
+
+ /* now window_val is 0 or 2^(w+1) in standard wNAF generation;
+ * for modified window NAFs, it may also be 2^w
+ */
+ if (window_val != 0 && window_val != next_bit && window_val != bit) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+
+ r[j++] = sign * digit;
+
+ window_val >>= 1;
+ window_val += bit * BN_is_bit_set(scalar, j + w);
+
+ if (window_val > next_bit) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+
+ if (j > len + 1) {
+ BNerr(BN_F_BN_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+ len = j;
+ ok = 1;
+
+ err:
+ if (!ok) {
+ OPENSSL_free(r);
+ r = NULL;
+ }
+ if (ok)
+ *ret_len = len;
+ return r;
+}
+
+int bn_get_top(const BIGNUM *a)
+{
+ return a->top;
+}
+
+void bn_set_top(BIGNUM *a, int top)
+{
+ a->top = top;
+}
+
+int bn_get_dmax(const BIGNUM *a)
+{
+ return a->dmax;
+}
+
+void bn_set_all_zero(BIGNUM *a)
+{
+ int i;
+
+ for (i = a->top; i < a->dmax; i++) a->d[i] = 0;
+}
+
+int bn_copy_words(BN_ULONG *out, const BIGNUM *in, int size)
+{
+ if (in->top > size)
+ return 0;
+
+ memset(out, 0, sizeof(BN_ULONG) * size);
+ memcpy(out, in->d, sizeof(BN_ULONG) * in->top);
+ return 1;
+}
+
+BN_ULONG *bn_get_words(const BIGNUM *a)
+{
+ return a->d;
+}
+
+void bn_set_static_words(BIGNUM *a, BN_ULONG *words, int size)
+{
+ a->d = words;
+ a->dmax = a->top = size;
+ a->neg = 0;
+ a->flags |= BN_FLG_STATIC_DATA;
+}
+
+void bn_set_data(BIGNUM *a, const void *data, size_t size)
+{
+ memcpy(a->d, data, size);
+}
+
+size_t bn_sizeof_BIGNUM(void)
+{
+ return sizeof(BIGNUM);
+}
+
+BIGNUM *bn_array_el(BIGNUM *base, int el)
+{
+ return &base[el];
+}
+
+
+
diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h
index 3de1d4c..c072ee7 100644
--- a/crypto/bn/bn_lcl.h
+++ b/crypto/bn/bn_lcl.h
@@ -112,12 +112,159 @@
#ifndef HEADER_BN_LCL_H
#define HEADER_BN_LCL_H
-#include <openssl/bn.h>
+#include "internal/bn_int.h"
#ifdef __cplusplus
extern "C" {
#endif
+/* Bignum consistency macros
+ * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
+ * bignum data after direct manipulations on the data. There is also an
+ * "internal" macro, bn_check_top(), for verifying that there are no leading
+ * zeroes. Unfortunately, some auditing is required due to the fact that
+ * bn_fix_top() has become an overabused duct-tape because bignum data is
+ * occasionally passed around in an inconsistent state. So the following
+ * changes have been made to sort this out;
+ * - bn_fix_top()s implementation has been moved to bn_correct_top()
+ * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
+ * bn_check_top() is as before.
+ * - if BN_DEBUG *is* defined;
+ * - bn_check_top() tries to pollute unused words even if the bignum 'top' is
+ * consistent. (ed: only if BN_DEBUG_RAND is defined)
+ * - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
+ * The idea is to have debug builds flag up inconsistent bignums when they
+ * occur. If that occurs in a bn_fix_top(), we examine the code in question; if
+ * the use of bn_fix_top() was appropriate (ie. it follows directly after code
+ * that manipulates the bignum) it is converted to bn_correct_top(), and if it
+ * was not appropriate, we convert it permanently to bn_check_top() and track
+ * down the cause of the bug. Eventually, no internal code should be using the
+ * bn_fix_top() macro. External applications and libraries should try this with
+ * their own code too, both in terms of building against the openssl headers
+ * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
+ * defined. This not only improves external code, it provides more test
+ * coverage for openssl's own code.
+ */
+
+#ifdef BN_DEBUG
+
+/* We only need assert() when debugging */
+#include <assert.h>
+
+#ifdef BN_DEBUG_RAND
+/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
+#ifndef RAND_pseudo_bytes
+int RAND_pseudo_bytes(unsigned char *buf,int num);
+#define BN_DEBUG_TRIX
+#endif
+#define bn_pollute(a) \
+ do { \
+ const BIGNUM *_bnum1 = (a); \
+ if(_bnum1->top < _bnum1->dmax) { \
+ unsigned char _tmp_char; \
+ /* We cast away const without the compiler knowing, any \
+ * *genuinely* constant variables that aren't mutable \
+ * wouldn't be constructed with top!=dmax. */ \
+ BN_ULONG *_not_const; \
+ memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
+ RAND_pseudo_bytes(&_tmp_char, 1); \
+ memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
+ (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
+ } \
+ } while(0)
+#ifdef BN_DEBUG_TRIX
+#undef RAND_pseudo_bytes
+#endif
+#else
+#define bn_pollute(a)
+#endif
+#define bn_check_top(a) \
+ do { \
+ const BIGNUM *_bnum2 = (a); \
+ if (_bnum2 != NULL) { \
+ assert((_bnum2->top == 0) || \
+ (_bnum2->d[_bnum2->top - 1] != 0)); \
+ bn_pollute(_bnum2); \
+ } \
+ } while(0)
+
+#define bn_fix_top(a) bn_check_top(a)
+
+#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
+#define bn_wcheck_size(bn, words) \
+ do { \
+ const BIGNUM *_bnum2 = (bn); \
+ assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \
+ } while(0)
+
+#else /* !BN_DEBUG */
+
+#define bn_pollute(a)
+#define bn_check_top(a)
+#define bn_fix_top(a) bn_correct_top(a)
+#define bn_check_size(bn, bits)
+#define bn_wcheck_size(bn, words)
+
+#endif
+
+
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
+void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
+BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
+BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int num);
+
+
+struct bignum_st
+ {
+ BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
+ int top; /* Index of last used d +1. */
+ /* The next are internal book keeping for bn_expand. */
+ int dmax; /* Size of the d array. */
+ int neg; /* one if the number is negative */
+ int flags;
+ };
+
+/* Used for montgomery multiplication */
+struct bn_mont_ctx_st
+ {
+ int ri; /* number of bits in R */
+ BIGNUM RR; /* used to convert to montgomery form */
+ BIGNUM N; /* The modulus */
+ BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1
+ * (Ni is only stored for bignum algorithm) */
+ BN_ULONG n0[2];/* least significant word(s) of Ni;
+ (type changed with 0.9.9, was "BN_ULONG n0;" before) */
+ int flags;
+ };
+
+/* Used for reciprocal division/mod functions
+ * It cannot be shared between threads
+ */
+struct bn_recp_ctx_st
+ {
+ BIGNUM N; /* the divisor */
+ BIGNUM Nr; /* the reciprocal */
+ int num_bits;
+ int shift;
+ int flags;
+ };
+
+/* Used for slow "generation" functions. */
+struct bn_gencb_st
+ {
+ unsigned int ver; /* To handle binary (in)compatibility */
+ void *arg; /* callback-specific data */
+ union
+ {
+ /* if(ver==1) - handles old style callbacks */
+ void (*cb_1)(int, int, void *);
+ /* if(ver==2) - new callback style */
+ int (*cb_2)(int, int, BN_GENCB *);
+ } cb;
+ };
+
/*
* BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
@@ -506,6 +653,10 @@ extern "C" {
}
#endif /* !BN_LLONG */
+void BN_init(BIGNUM *a);
+void BN_RECP_CTX_init(BN_RECP_CTX *recp);
+void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
+
void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb);
void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
void bn_mul_comba4(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b);
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 0305a19..f0b449d 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -370,63 +370,6 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
return(a);
}
-/* This is an internal function that can be used instead of bn_expand2()
- * when there is a need to copy BIGNUMs instead of only expanding the
- * data part, while still expanding them.
- * Especially useful when needing to expand BIGNUMs that are declared
- * 'const' and should therefore not be changed.
- * The reason to use this instead of a BN_dup() followed by a bn_expand2()
- * is memory allocation overhead. A BN_dup() followed by a bn_expand2()
- * will allocate new memory for the BIGNUM data twice, and free it once,
- * while bn_dup_expand() makes sure allocation is made only once.
- */
-
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
- {
- BIGNUM *r = NULL;
-
- bn_check_top(b);
-
- /* This function does not work if
- * words <= b->dmax && top < words
- * because BN_dup() does not preserve 'dmax'!
- * (But bn_dup_expand() is not used anywhere yet.)
- */
-
- if (words > b->dmax)
- {
- BN_ULONG *a = bn_expand_internal(b, words);
-
- if (a)
- {
- r = BN_new();
- if (r)
- {
- r->top = b->top;
- r->dmax = words;
- r->neg = b->neg;
- r->d = a;
- }
- else
- {
- /* r == NULL, BN_new failure */
- OPENSSL_free(a);
- }
- }
- /* If a == NULL, there was an error in allocation in
- bn_expand_internal(), and NULL should be returned */
- }
- else
- {
- r = BN_dup(b);
- }
-
- bn_check_top(r);
- return r;
- }
-#endif
-
/* This is an internal function that should not be used in applications.
* It ensures that 'b' has enough room for a 'words' word number
* and initialises any unused part of b->d with leading zeros.
@@ -911,3 +854,129 @@ int BN_security_bits(int L, int N)
return 0;
return bits >= secbits ? secbits : bits;
}
+
+
+void BN_zero_ex(BIGNUM *a)
+ {
+ a->top = 0;
+ a->neg = 0;
+ }
+
+int BN_abs_is_word(const BIGNUM *a, const BN_ULONG w)
+ {
+ return ((a->top == 1) && (a->d[0] == w)) || ((w == 0) && (a->top == 0));
+ }
+
+int BN_is_zero(const BIGNUM *a)
+ {
+ return a->top == 0;
+ }
+
+int BN_is_one(const BIGNUM *a)
+ {
+ return BN_abs_is_word(a, 1) && !a->neg;
+ }
+
+int BN_is_word(const BIGNUM *a, const BN_ULONG w)
+ {
+ return BN_abs_is_word(a, w) && (!w || !a->neg);
+ }
+
+int BN_is_odd(const BIGNUM *a)
+ {
+ return (a->top > 0) && (a->d[0] & 1);
+ }
+
+int BN_is_negative(const BIGNUM *a)
+ {
+ return (a->neg != 0);
+ }
+
+int BN_to_montgomery(BIGNUM *r,const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx)
+ {
+ return BN_mod_mul_montgomery(r,a,&(mont->RR),mont,ctx);
+ }
+
+void BN_with_flags(BIGNUM *dest, const BIGNUM *b, int n)
+ {
+ dest->d=b->d;
+ dest->top=b->top;
+ dest->dmax=b->dmax;
+ dest->neg=b->neg;
+ dest->flags=((dest->flags & BN_FLG_MALLOCED)
+ | (b->flags & ~BN_FLG_MALLOCED)
+ | BN_FLG_STATIC_DATA
+ | n);
+ }
+
+BN_GENCB *BN_GENCB_new(void)
+ {
+ BN_GENCB *ret;
+
+ if ((ret=(BN_GENCB *)OPENSSL_malloc(sizeof(BN_GENCB))) == NULL)
+ {
+ BNerr(BN_F_BN_GENCB_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+ return ret;
+ }
+
+void BN_GENCB_free(BN_GENCB *cb)
+ {
+ if (cb == NULL) return;
+ OPENSSL_free(cb);
+ }
+
+void BN_set_flags(BIGNUM *b, int n)
+ {
+ b->flags|=n;
+ }
+
+int BN_get_flags(const BIGNUM *b, int n)
+ {
+ return b->flags&n;
+ }
+
+/* Populate a BN_GENCB structure with an "old"-style callback */
+void BN_GENCB_set_old(BN_GENCB *gencb, void (*callback)(int, int, void *), void *cb_arg)
+ {
+ BN_GENCB *tmp_gencb = gencb;
+ tmp_gencb->ver = 1;
+ tmp_gencb->arg = cb_arg;
+ tmp_gencb->cb.cb_1 = callback;
+ }
+
+/* Populate a BN_GENCB structure with a "new"-style callback */
+void BN_GENCB_set(BN_GENCB *gencb, int (*callback)(int, int, BN_GENCB *), void *cb_arg)
+ {
+ BN_GENCB *tmp_gencb = gencb;
+ tmp_gencb->ver = 2;
+ tmp_gencb->arg = cb_arg;
+ tmp_gencb->cb.cb_2 = callback;
+ }
+
+void *BN_GENCB_get_arg(BN_GENCB *cb)
+ {
+ return cb->arg;
+ }
+
+
+BIGNUM *bn_wexpand(BIGNUM *a, int words)
+ {
+ return (words <= a->dmax)?a:bn_expand2(a,words);
+ }
+
+void bn_correct_top(BIGNUM *a)
+ {
+ BN_ULONG *ftl;
+ int tmp_top = a->top;
+
+ if (tmp_top > 0)
+ {
+ for (ftl= &(a->d[tmp_top-1]); tmp_top > 0; tmp_top--)
+ if (*(ftl--)) break;
+ a->top = tmp_top;
+ }
+ bn_pollute(a);
+ }
diff --git a/crypto/srp/srp_grps.h b/crypto/bn/bn_srp.c
similarity index 94%
rename from crypto/srp/srp_grps.h
rename to crypto/bn/bn_srp.c
index 5babc40..0a9c2fd 100644
--- a/crypto/srp/srp_grps.h
+++ b/crypto/bn/bn_srp.c
@@ -1,4 +1,20 @@
-/* start of generated data */
+#include "bn_lcl.h"
+
+#ifndef OPENSSL_NO_SRP
+
+#if (BN_BYTES == 8)
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
+# elif defined(__arch64__)
+# define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
+# else
+# define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
+# endif
+#elif (BN_BYTES == 4)
+# define bn_pack4(a1,a2,a3,a4) ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
+#else
+# error "unsupported BN_BYTES"
+#endif
static const BN_ULONG bn_group_1024_value[] = {
bn_pack4(0x9FC6,0x1D2F,0xC0EB,0x06E3),
@@ -18,7 +34,7 @@ static const BN_ULONG bn_group_1024_value[] = {
bn_pack4(0x9C33,0xF80A,0xFA8F,0xC5E8),
bn_pack4(0xEEAF,0x0AB9,0xADB3,0x8DD6)
};
-static const BIGNUM bn_group_1024 = {
+const BIGNUM bn_group_1024 = {
(BN_ULONG*)bn_group_1024_value,
(sizeof bn_group_1024_value)/sizeof(BN_ULONG),
(sizeof bn_group_1024_value)/sizeof(BN_ULONG),
@@ -52,7 +68,7 @@ static const BN_ULONG bn_group_1536_value[] = {
bn_pack4(0xB1F1,0x2A86,0x17A4,0x7BBB),
bn_pack4(0x9DEF,0x3CAF,0xB939,0x277A)
};
-static const BIGNUM bn_group_1536 = {
+const BIGNUM bn_group_1536 = {
(BN_ULONG*)bn_group_1536_value,
(sizeof bn_group_1536_value)/sizeof(BN_ULONG),
(sizeof bn_group_1536_value)/sizeof(BN_ULONG),
@@ -94,7 +110,7 @@ static const BN_ULONG bn_group_2048_value[] = {
bn_pack4(0xF166,0xDE5E,0x1389,0x582F),
bn_pack4(0xAC6B,0xDB41,0x324A,0x9A9B)
};
-static const BIGNUM bn_group_2048 = {
+const BIGNUM bn_group_2048 = {
(BN_ULONG*)bn_group_2048_value,
(sizeof bn_group_2048_value)/sizeof(BN_ULONG),
(sizeof bn_group_2048_value)/sizeof(BN_ULONG),
@@ -152,7 +168,7 @@ static const BN_ULONG bn_group_3072_value[] = {
bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
};
-static const BIGNUM bn_group_3072 = {
+const BIGNUM bn_group_3072 = {
(BN_ULONG*)bn_group_3072_value,
(sizeof bn_group_3072_value)/sizeof(BN_ULONG),
(sizeof bn_group_3072_value)/sizeof(BN_ULONG),
@@ -226,7 +242,7 @@ static const BN_ULONG bn_group_4096_value[] = {
bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
};
-static const BIGNUM bn_group_4096 = {
+const BIGNUM bn_group_4096 = {
(BN_ULONG*)bn_group_4096_value,
(sizeof bn_group_4096_value)/sizeof(BN_ULONG),
(sizeof bn_group_4096_value)/sizeof(BN_ULONG),
@@ -332,7 +348,7 @@ static const BN_ULONG bn_group_6144_value[] = {
bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
};
-static const BIGNUM bn_group_6144 = {
+const BIGNUM bn_group_6144 = {
(BN_ULONG*)bn_group_6144_value,
(sizeof bn_group_6144_value)/sizeof(BN_ULONG),
(sizeof bn_group_6144_value)/sizeof(BN_ULONG),
@@ -470,7 +486,7 @@ static const BN_ULONG bn_group_8192_value[] = {
bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
};
-static const BIGNUM bn_group_8192 = {
+const BIGNUM bn_group_8192 = {
(BN_ULONG*)bn_group_8192_value,
(sizeof bn_group_8192_value)/sizeof(BN_ULONG),
(sizeof bn_group_8192_value)/sizeof(BN_ULONG),
@@ -479,7 +495,7 @@ static const BIGNUM bn_group_8192 = {
};
static const BN_ULONG bn_generator_19_value[] = {19} ;
-static const BIGNUM bn_generator_19 = {
+const BIGNUM bn_generator_19 = {
(BN_ULONG*)bn_generator_19_value,
1,
1,
@@ -487,7 +503,7 @@ static const BIGNUM bn_generator_19 = {
BN_FLG_STATIC_DATA
};
static const BN_ULONG bn_generator_5_value[] = {5} ;
-static const BIGNUM bn_generator_5 = {
+const BIGNUM bn_generator_5 = {
(BN_ULONG*)bn_generator_5_value,
1,
1,
@@ -495,7 +511,7 @@ static const BIGNUM bn_generator_5 = {
BN_FLG_STATIC_DATA
};
static const BN_ULONG bn_generator_2_value[] = {2} ;
-static const BIGNUM bn_generator_2 = {
+const BIGNUM bn_generator_2 = {
(BN_ULONG*)bn_generator_2_value,
1,
1,
@@ -503,15 +519,4 @@ static const BIGNUM bn_generator_2 = {
BN_FLG_STATIC_DATA
};
-static SRP_gN knowngN[] = {
- {"8192",(BIGNUM*)&bn_generator_19 , (BIGNUM*)&bn_group_8192},
- {"6144",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_6144},
- {"4096",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_4096},
- {"3072",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_3072},
- {"2048",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_2048},
- {"1536",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1536},
- {"1024",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1024},
-};
-#define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN)
-
-/* end of generated data */
+#endif
diff --git a/crypto/bn/bn_x931p.c b/crypto/bn/bn_x931p.c
index eb4662f..7330ab5 100644
--- a/crypto/bn/bn_x931p.c
+++ b/crypto/bn/bn_x931p.c
@@ -58,6 +58,7 @@
#include <stdio.h>
#include <openssl/bn.h>
+#include "bn_lcl.h"
/* X9.31 routines for prime derivation */
diff --git a/crypto/bn/exptest.c b/crypto/bn/exptest.c
index 5fa02a1..739c665 100644
--- a/crypto/bn/exptest.c
+++ b/crypto/bn/exptest.c
@@ -73,37 +73,42 @@ static const char rnd_seed[] = "string to make the random number generator think
/* test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success. */
static int test_exp_mod_zero() {
- BIGNUM a, p, m;
- BIGNUM r;
+ BIGNUM *a = NULL, *p = NULL, *m = NULL;
+ BIGNUM *r = NULL;
BN_CTX *ctx = BN_CTX_new();
int ret = 1;
- BN_init(&m);
- BN_one(&m);
+ m = BN_new();
+ if(!m) goto err;
+ BN_one(m);
- BN_init(&a);
- BN_one(&a);
+ a = BN_new();
+ if(!a) goto err;
+ BN_one(a);
- BN_init(&p);
- BN_zero(&p);
+ p = BN_new();
+ if(!p) goto err;
+ BN_zero(p);
- BN_init(&r);
- BN_mod_exp(&r, &a, &p, &m, ctx);
+ r = BN_new();
+ if(!r) goto err;
+ BN_mod_exp(r, a, p, m, ctx);
BN_CTX_free(ctx);
- if (BN_is_zero(&r))
+ if (BN_is_zero(r))
ret = 0;
else
{
printf("1**0 mod 1 = ");
- BN_print_fp(stdout, &r);
+ BN_print_fp(stdout, r);
printf(", should be 0\n");
}
- BN_free(&r);
- BN_free(&a);
- BN_free(&p);
- BN_free(&m);
+err:
+ BN_free(r);
+ BN_free(a);
+ BN_free(p);
+ BN_free(m);
return ret;
}
diff --git a/crypto/dh/Makefile b/crypto/dh/Makefile
index f447907..943e7c6 100644
--- a/crypto/dh/Makefile
+++ b/crypto/dh/Makefile
@@ -152,7 +152,8 @@ dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c
+dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h
+dh_key.o: ../include/internal/bn_int.h dh_key.c
dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
diff --git a/crypto/dh/dh_depr.c b/crypto/dh/dh_depr.c
index acc05f2..bff3b59 100644
--- a/crypto/dh/dh_depr.c
+++ b/crypto/dh/dh_depr.c
@@ -67,16 +67,26 @@ static void *dummy=&dummy;
DH *DH_generate_parameters(int prime_len, int generator,
void (*callback)(int,int,void *), void *cb_arg)
{
- BN_GENCB cb;
+ BN_GENCB *cb;
DH *ret=NULL;
if((ret=DH_new()) == NULL)
return NULL;
+ cb = BN_GENCB_new();
+ if(!cb)
+ {
+ DH_free(ret);
+ return NULL;
+ }
- BN_GENCB_set_old(&cb, callback, cb_arg);
+ BN_GENCB_set_old(cb, callback, cb_arg);
- if(DH_generate_parameters_ex(ret, prime_len, generator, &cb))
+ if(DH_generate_parameters_ex(ret, prime_len, generator, cb))
+ {
+ BN_GENCB_free(cb);
return ret;
+ }
+ BN_GENCB_free(cb);
DH_free(ret);
return NULL;
}
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index 584a33f..d8eecde 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -60,9 +60,9 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/bn.h>
#include <openssl/rand.h>
#include <openssl/dh.h>
+#include "internal/bn_int.h"
static int generate_key(DH *dh);
static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
@@ -173,19 +173,23 @@ static int generate_key(DH *dh)
}
{
- BIGNUM local_prk;
+ BIGNUM *local_prk = NULL;
BIGNUM *prk;
if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
{
- BN_init(&local_prk);
- prk = &local_prk;
+ local_prk = prk = BN_new();
BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
}
else
prk = priv_key;
- if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
+ if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont))
+ {
+ if(local_prk) BN_free(local_prk);
+ goto err;
+ }
+ if(local_prk) BN_free(local_prk);
}
dh->pub_key=pub_key;
@@ -269,9 +273,9 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
/* If a is only one word long and constant time is false, use the faster
* exponenentiation function.
*/
- if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
+ if (bn_get_top(a) == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
{
- BN_ULONG A = a->d[0];
+ BN_ULONG A = bn_get_words(a)[0];
return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
}
else
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
index 941801d..85e743b 100644
--- a/crypto/dh/dh_pmeth.c
+++ b/crypto/dh/dh_pmeth.c
@@ -363,7 +363,7 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
DH *dh = NULL;
DH_PKEY_CTX *dctx = ctx->data;
- BN_GENCB *pcb, cb;
+ BN_GENCB *pcb;
int ret;
if (dctx->rfc5114_param)
{
@@ -390,7 +390,7 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
if (ctx->pkey_gencb)
{
- pcb = &cb;
+ pcb = BN_GENCB_new();
evp_pkey_set_cb_translate(pcb, ctx);
}
else
@@ -400,6 +400,7 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
DSA *dsa_dh;
dsa_dh = dsa_dh_generate(dctx, pcb);
+ if(pcb) BN_GENCB_free(pcb);
if (!dsa_dh)
return 0;
dh = DSA_dup_DH(dsa_dh);
@@ -412,10 +413,13 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
#endif
dh = DH_new();
if (!dh)
+ {
+ if(pcb) BN_GENCB_free(pcb);
return 0;
+ }
ret = DH_generate_parameters_ex(dh,
dctx->prime_len, dctx->generator, pcb);
-
+ if(pcb) BN_GENCB_free(pcb);
if (ret)
EVP_PKEY_assign_DH(pkey, dh);
else
diff --git a/crypto/dh/dh_rfc5114.c b/crypto/dh/dh_rfc5114.c
index ced7fce..0d04a6a 100644
--- a/crypto/dh/dh_rfc5114.c
+++ b/crypto/dh/dh_rfc5114.c
@@ -60,185 +60,10 @@
#include <openssl/dh.h>
#include <openssl/bn.h>
-/* DH parameters from RFC5114 */
-
-#if BN_BITS2 == 64
-static const BN_ULONG dh1024_160_p[] = {
- 0xDF1FB2BC2E4A4371ULL,0xE68CFDA76D4DA708ULL,0x45BF37DF365C1A65ULL,
- 0xA151AF5F0DC8B4BDULL,0xFAA31A4FF55BCCC0ULL,0x4EFFD6FAE5644738ULL,
- 0x98488E9C219A7372ULL,0xACCBDD7D90C4BD70ULL,0x24975C3CD49B83BFULL,
- 0x13ECB4AEA9061123ULL,0x9838EF1E2EE652C0ULL,0x6073E28675A23D18ULL,
- 0x9A6A9DCA52D23B61ULL,0x52C99FBCFB06A3C6ULL,0xDE92DE5EAE5D54ECULL,
- 0xB10B8F96A080E01DULL
-};
-static const BN_ULONG dh1024_160_g[] = {
- 0x855E6EEB22B3B2E5ULL,0x858F4DCEF97C2A24ULL,0x2D779D5918D08BC8ULL,
- 0xD662A4D18E73AFA3ULL,0x1DBF0A0169B6A28AULL,0xA6A24C087A091F53ULL,
- 0x909D0D2263F80A76ULL,0xD7FBD7D3B9A92EE1ULL,0x5E91547F9E2749F4ULL,
- 0x160217B4B01B886AULL,0x777E690F5504F213ULL,0x266FEA1E5C41564BULL,
- 0xD6406CFF14266D31ULL,0xF8104DD258AC507FULL,0x6765A442EFB99905ULL,
- 0xA4D1CBD5C3FD3412ULL
-};
-static const BN_ULONG dh1024_160_q[] = {
- 0x64B7CB9D49462353ULL,0x81A8DF278ABA4E7DULL,0x00000000F518AA87ULL
-};
-
-static const BN_ULONG dh2048_224_p[] = {
- 0x0AC4DFFE0C10E64FULL,0xCF9DE5384E71B81CULL,0x7EF363E2FFA31F71ULL,
- 0xE3FB73C16B8E75B9ULL,0xC9B53DCF4BA80A29ULL,0x23F10B0E16E79763ULL,
- 0xC52172E413042E9BULL,0xBE60E69CC928B2B9ULL,0x80CD86A1B9E587E8ULL,
- 0x315D75E198C641A4ULL,0xCDF93ACC44328387ULL,0x15987D9ADC0A486DULL,
- 0x7310F7121FD5A074ULL,0x278273C7DE31EFDCULL,0x1602E714415D9330ULL,
- 0x81286130BC8985DBULL,0xB3BF8A3170918836ULL,0x6A00E0A0B9C49708ULL,
- 0xC6BA0B2C8BBC27BEULL,0xC9F98D11ED34DBF6ULL,0x7AD5B7D0B6C12207ULL,
- 0xD91E8FEF55B7394BULL,0x9037C9EDEFDA4DF8ULL,0x6D3F8152AD6AC212ULL,
- 0x1DE6B85A1274A0A6ULL,0xEB3D688A309C180EULL,0xAF9A3C407BA1DF15ULL,
- 0xE6FA141DF95A56DBULL,0xB54B1597B61D0A75ULL,0xA20D64E5683B9FD1ULL,
- 0xD660FAA79559C51FULL,0xAD107E1E9123A9D0ULL
-};
-static const BN_ULONG dh2048_224_g[] = {
- 0x84B890D3191F2BFAULL,0x81BC087F2A7065B3ULL,0x19C418E1F6EC0179ULL,
- 0x7B5A0F1C71CFFF4CULL,0xEDFE72FE9B6AA4BDULL,0x81E1BCFE94B30269ULL,
- 0x566AFBB48D6C0191ULL,0xB539CCE3409D13CDULL,0x6AA21E7F5F2FF381ULL,
- 0xD9E263E4770589EFULL,0x10E183EDD19963DDULL,0xB70A8137150B8EEBULL,
- 0x051AE3D428C8F8ACULL,0xBB77A86F0C1AB15BULL,0x6E3025E316A330EFULL,
- 0x19529A45D6F83456ULL,0xF180EB34118E98D1ULL,0xB5F6C6B250717CBEULL,
- 0x09939D54DA7460CDULL,0xE247150422EA1ED4ULL,0xB8A762D0521BC98AULL,
- 0xF4D027275AC1348BULL,0xC17669101999024AULL,0xBE5E9001A8D66AD7ULL,
- 0xC57DB17C620A8652ULL,0xAB739D7700C29F52ULL,0xDD921F01A70C4AFAULL,
- 0xA6824A4E10B9A6F0ULL,0x74866A08CFE4FFE3ULL,0x6CDEBE7B89998CAFULL,
- 0x9DF30B5C8FFDAC50ULL,0xAC4032EF4F2D9AE3ULL
-};
-static const BN_ULONG dh2048_224_q[] = {
- 0xBF389A99B36371EBULL,0x1F80535A4738CEBCULL,0xC58D93FE99717710ULL,
- 0x00000000801C0D34ULL
-};
-
-static const BN_ULONG dh2048_256_p[] = {
- 0xDB094AE91E1A1597ULL,0x693877FAD7EF09CAULL,0x6116D2276E11715FULL,
- 0xA4B54330C198AF12ULL,0x75F26375D7014103ULL,0xC3A3960A54E710C3ULL,
- 0xDED4010ABD0BE621ULL,0xC0B857F689962856ULL,0xB3CA3F7971506026ULL,
- 0x1CCACB83E6B486F6ULL,0x67E144E514056425ULL,0xF6A167B5A41825D9ULL,
- 0x3AD8347796524D8EULL,0xF13C6D9A51BFA4ABULL,0x2D52526735488A0EULL,
- 0xB63ACAE1CAA6B790ULL,0x4FDB70C581B23F76ULL,0xBC39A0BF12307F5CULL,
- 0xB941F54EB1E59BB8ULL,0x6C5BFC11D45F9088ULL,0x22E0B1EF4275BF7BULL,
- 0x91F9E6725B4758C0ULL,0x5A8A9D306BCF67EDULL,0x209E0C6497517ABDULL,
- 0x3BF4296D830E9A7CULL,0x16C3D91134096FAAULL,0xFAF7DF4561B2AA30ULL,
- 0xE00DF8F1D61957D4ULL,0x5D2CEED4435E3B00ULL,0x8CEEF608660DD0F2ULL,
- 0xFFBBD19C65195999ULL,0x87A8E61DB4B6663CULL
-};
-static const BN_ULONG dh2048_256_g[] = {
- 0x664B4C0F6CC41659ULL,0x5E2327CFEF98C582ULL,0xD647D148D4795451ULL,
- 0x2F63078490F00EF8ULL,0x184B523D1DB246C3ULL,0xC7891428CDC67EB6ULL,
- 0x7FD028370DF92B52ULL,0xB3353BBB64E0EC37ULL,0xECD06E1557CD0915ULL,
- 0xB7D2BBD2DF016199ULL,0xC8484B1E052588B9ULL,0xDB2A3B7313D3FE14ULL,
- 0xD052B985D182EA0AULL,0xA4BD1BFFE83B9C80ULL,0xDFC967C1FB3F2E55ULL,
- 0xB5045AF2767164E1ULL,0x1D14348F6F2F9193ULL,0x64E67982428EBC83ULL,
- 0x8AC376D282D6ED38ULL,0x777DE62AAAB8A862ULL,0xDDF463E5E9EC144BULL,
- 0x0196F931C77A57F2ULL,0xA55AE31341000A65ULL,0x901228F8C28CBB18ULL,
- 0xBC3773BF7E8C6F62ULL,0xBE3A6C1B0C6B47B1ULL,0xFF4FED4AAC0BB555ULL,
- 0x10DBC15077BE463FULL,0x07F4793A1A0BA125ULL,0x4CA7B18F21EF2054ULL,
- 0x2E77506660EDBD48ULL,0x3FB32C9B73134D0BULL
-};
-static const BN_ULONG dh2048_256_q[] = {
- 0xA308B0FE64F5FBD3ULL,0x99B1A47D1EB3750BULL,0xB447997640129DA2ULL,
- 0x8CF83642A709A097ULL
-};
-
-#elif BN_BITS2 == 32
-
-static const BN_ULONG dh1024_160_p[] = {
- 0x2E4A4371,0xDF1FB2BC,0x6D4DA708,0xE68CFDA7,0x365C1A65,0x45BF37DF,
- 0x0DC8B4BD,0xA151AF5F,0xF55BCCC0,0xFAA31A4F,0xE5644738,0x4EFFD6FA,
- 0x219A7372,0x98488E9C,0x90C4BD70,0xACCBDD7D,0xD49B83BF,0x24975C3C,
- 0xA9061123,0x13ECB4AE,0x2EE652C0,0x9838EF1E,0x75A23D18,0x6073E286,
- 0x52D23B61,0x9A6A9DCA,0xFB06A3C6,0x52C99FBC,0xAE5D54EC,0xDE92DE5E,
- 0xA080E01D,0xB10B8F96
-};
-static const BN_ULONG dh1024_160_g[] = {
- 0x22B3B2E5,0x855E6EEB,0xF97C2A24,0x858F4DCE,0x18D08BC8,0x2D779D59,
- 0x8E73AFA3,0xD662A4D1,0x69B6A28A,0x1DBF0A01,0x7A091F53,0xA6A24C08,
- 0x63F80A76,0x909D0D22,0xB9A92EE1,0xD7FBD7D3,0x9E2749F4,0x5E91547F,
- 0xB01B886A,0x160217B4,0x5504F213,0x777E690F,0x5C41564B,0x266FEA1E,
- 0x14266D31,0xD6406CFF,0x58AC507F,0xF8104DD2,0xEFB99905,0x6765A442,
- 0xC3FD3412,0xA4D1CBD5
-};
-static const BN_ULONG dh1024_160_q[] = {
- 0x49462353,0x64B7CB9D,0x8ABA4E7D,0x81A8DF27,0xF518AA87
-};
-
-static const BN_ULONG dh2048_224_p[] = {
- 0x0C10E64F,0x0AC4DFFE,0x4E71B81C,0xCF9DE538,0xFFA31F71,0x7EF363E2,
- 0x6B8E75B9,0xE3FB73C1,0x4BA80A29,0xC9B53DCF,0x16E79763,0x23F10B0E,
- 0x13042E9B,0xC52172E4,0xC928B2B9,0xBE60E69C,0xB9E587E8,0x80CD86A1,
- 0x98C641A4,0x315D75E1,0x44328387,0xCDF93ACC,0xDC0A486D,0x15987D9A,
- 0x1FD5A074,0x7310F712,0xDE31EFDC,0x278273C7,0x415D9330,0x1602E714,
- 0xBC8985DB,0x81286130,0x70918836,0xB3BF8A31,0xB9C49708,0x6A00E0A0,
- 0x8BBC27BE,0xC6BA0B2C,0xED34DBF6,0xC9F98D11,0xB6C12207,0x7AD5B7D0,
- 0x55B7394B,0xD91E8FEF,0xEFDA4DF8,0x9037C9ED,0xAD6AC212,0x6D3F8152,
- 0x1274A0A6,0x1DE6B85A,0x309C180E,0xEB3D688A,0x7BA1DF15,0xAF9A3C40,
- 0xF95A56DB,0xE6FA141D,0xB61D0A75,0xB54B1597,0x683B9FD1,0xA20D64E5,
- 0x9559C51F,0xD660FAA7,0x9123A9D0,0xAD107E1E
-};
-static const BN_ULONG dh2048_224_g[] = {
- 0x191F2BFA,0x84B890D3,0x2A7065B3,0x81BC087F,0xF6EC0179,0x19C418E1,
- 0x71CFFF4C,0x7B5A0F1C,0x9B6AA4BD,0xEDFE72FE,0x94B30269,0x81E1BCFE,
- 0x8D6C0191,0x566AFBB4,0x409D13CD,0xB539CCE3,0x5F2FF381,0x6AA21E7F,
- 0x770589EF,0xD9E263E4,0xD19963DD,0x10E183ED,0x150B8EEB,0xB70A8137,
- 0x28C8F8AC,0x051AE3D4,0x0C1AB15B,0xBB77A86F,0x16A330EF,0x6E3025E3,
- 0xD6F83456,0x19529A45,0x118E98D1,0xF180EB34,0x50717CBE,0xB5F6C6B2,
- 0xDA7460CD,0x09939D54,0x22EA1ED4,0xE2471504,0x521BC98A,0xB8A762D0,
- 0x5AC1348B,0xF4D02727,0x1999024A,0xC1766910,0xA8D66AD7,0xBE5E9001,
- 0x620A8652,0xC57DB17C,0x00C29F52,0xAB739D77,0xA70C4AFA,0xDD921F01,
- 0x10B9A6F0,0xA6824A4E,0xCFE4FFE3,0x74866A08,0x89998CAF,0x6CDEBE7B,
- 0x8FFDAC50,0x9DF30B5C,0x4F2D9AE3,0xAC4032EF
-};
-static const BN_ULONG dh2048_224_q[] = {
- 0xB36371EB,0xBF389A99,0x4738CEBC,0x1F80535A,0x99717710,0xC58D93FE,
- 0x801C0D34
-};
-
-static const BN_ULONG dh2048_256_p[] = {
- 0x1E1A1597,0xDB094AE9,0xD7EF09CA,0x693877FA,0x6E11715F,0x6116D227,
- 0xC198AF12,0xA4B54330,0xD7014103,0x75F26375,0x54E710C3,0xC3A3960A,
- 0xBD0BE621,0xDED4010A,0x89962856,0xC0B857F6,0x71506026,0xB3CA3F79,
- 0xE6B486F6,0x1CCACB83,0x14056425,0x67E144E5,0xA41825D9,0xF6A167B5,
- 0x96524D8E,0x3AD83477,0x51BFA4AB,0xF13C6D9A,0x35488A0E,0x2D525267,
- 0xCAA6B790,0xB63ACAE1,0x81B23F76,0x4FDB70C5,0x12307F5C,0xBC39A0BF,
- 0xB1E59BB8,0xB941F54E,0xD45F9088,0x6C5BFC11,0x4275BF7B,0x22E0B1EF,
- 0x5B4758C0,0x91F9E672,0x6BCF67ED,0x5A8A9D30,0x97517ABD,0x209E0C64,
- 0x830E9A7C,0x3BF4296D,0x34096FAA,0x16C3D911,0x61B2AA30,0xFAF7DF45,
- 0xD61957D4,0xE00DF8F1,0x435E3B00,0x5D2CEED4,0x660DD0F2,0x8CEEF608,
- 0x65195999,0xFFBBD19C,0xB4B6663C,0x87A8E61D
-};
-static const BN_ULONG dh2048_256_g[] = {
- 0x6CC41659,0x664B4C0F,0xEF98C582,0x5E2327CF,0xD4795451,0xD647D148,
- 0x90F00EF8,0x2F630784,0x1DB246C3,0x184B523D,0xCDC67EB6,0xC7891428,
- 0x0DF92B52,0x7FD02837,0x64E0EC37,0xB3353BBB,0x57CD0915,0xECD06E15,
- 0xDF016199,0xB7D2BBD2,0x052588B9,0xC8484B1E,0x13D3FE14,0xDB2A3B73,
- 0xD182EA0A,0xD052B985,0xE83B9C80,0xA4BD1BFF,0xFB3F2E55,0xDFC967C1,
- 0x767164E1,0xB5045AF2,0x6F2F9193,0x1D14348F,0x428EBC83,0x64E67982,
- 0x82D6ED38,0x8AC376D2,0xAAB8A862,0x777DE62A,0xE9EC144B,0xDDF463E5,
- 0xC77A57F2,0x0196F931,0x41000A65,0xA55AE313,0xC28CBB18,0x901228F8,
- 0x7E8C6F62,0xBC3773BF,0x0C6B47B1,0xBE3A6C1B,0xAC0BB555,0xFF4FED4A,
- 0x77BE463F,0x10DBC150,0x1A0BA125,0x07F4793A,0x21EF2054,0x4CA7B18F,
- 0x60EDBD48,0x2E775066,0x73134D0B,0x3FB32C9B
-};
-static const BN_ULONG dh2048_256_q[] = {
- 0x64F5FBD3,0xA308B0FE,0x1EB3750B,0x99B1A47D,0x40129DA2,0xB4479976,
- 0xA709A097,0x8CF83642
-};
-
-#else
-#error "unsupported BN_BITS2"
-#endif
-
-/* Macro to make a BIGNUM from static data */
-
-#define make_dh_bn(x) static const BIGNUM _bignum_##x = { (BN_ULONG *) x, \
- sizeof(x)/sizeof(BN_ULONG),\
- sizeof(x)/sizeof(BN_ULONG),\
- 0, BN_FLG_STATIC_DATA }
+#define make_dh_bn(x) \
+ const extern BIGNUM _bignum_dh##x##_p;\
+ const extern BIGNUM _bignum_dh##x##_g;\
+ const extern BIGNUM _bignum_dh##x##_q;
/* Macro to make a DH structure from BIGNUM data. NB: although just copying
* the BIGNUM static pointers would be more efficient we can't as they get
@@ -249,9 +74,6 @@ static const BN_ULONG dh2048_256_q[] = {
DH * DH_get_##x(void) \
{ \
DH *dh; \
- make_dh_bn(dh##x##_p); \
- make_dh_bn(dh##x##_q); \
- make_dh_bn(dh##x##_g); \
dh = DH_new(); \
if (!dh) \
return NULL; \
@@ -266,9 +88,12 @@ DH * DH_get_##x(void) \
return dh; \
}
+make_dh_bn(1024_160)
+make_dh_bn(2048_224)
+make_dh_bn(2048_256)
+
make_dh(1024_160)
make_dh(2048_224)
make_dh(2048_256)
-
diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c
index 61ac51f..1d49d04 100644
--- a/crypto/dh/dhtest.c
+++ b/crypto/dh/dhtest.c
@@ -97,8 +97,8 @@ static int run_rfc5114_tests(void);
int main(int argc, char *argv[])
{
- BN_GENCB _cb;
- DH *a;
+ BN_GENCB *_cb;
+ DH *a=NULL;
DH *b=NULL;
char buf[12];
unsigned char *abuf=NULL,*bbuf=NULL;
@@ -119,9 +119,12 @@ int main(int argc, char *argv[])
if (out == NULL) EXIT(1);
BIO_set_fp(out,stdout,BIO_NOCLOSE);
- BN_GENCB_set(&_cb, &cb, out);
+ _cb = BN_GENCB_new();
+ if(!_cb)
+ goto err;
+ BN_GENCB_set(_cb, &cb, out);
if(((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64,
- DH_GENERATOR_5, &_cb))
+ DH_GENERATOR_5, _cb))
goto err;
if (!DH_check(a, &i)) goto err;
@@ -204,6 +207,7 @@ err:
if (bbuf != NULL) OPENSSL_free(bbuf);
if(b != NULL) DH_free(b);
if(a != NULL) DH_free(a);
+ if(_cb) BN_GENCB_free(_cb);
BIO_free(out);
#ifdef OPENSSL_SYS_NETWARE
if (ret) printf("ERROR: %d\n", ret);
@@ -220,8 +224,8 @@ static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg)
if (p == 1) c='+';
if (p == 2) c='*';
if (p == 3) c='\n';
- BIO_write(arg->arg,&c,1);
- (void)BIO_flush(arg->arg);
+ BIO_write(BN_GENCB_get_arg(arg),&c,1);
+ (void)BIO_flush(BN_GENCB_get_arg(arg));
#ifdef LINT
p=n;
#endif
diff --git a/crypto/dsa/dsa_depr.c b/crypto/dsa/dsa_depr.c
index f2da680..35c3423 100644
--- a/crypto/dsa/dsa_depr.c
+++ b/crypto/dsa/dsa_depr.c
@@ -89,16 +89,26 @@ DSA *DSA_generate_parameters(int bits,
void (*callback)(int, int, void *),
void *cb_arg)
{
- BN_GENCB cb;
+ BN_GENCB *cb;
DSA *ret;
if ((ret=DSA_new()) == NULL) return NULL;
+ cb = BN_GENCB_new();
+ if(!cb)
+ {
+ DSA_free(ret);
+ return NULL;
+ }
- BN_GENCB_set_old(&cb, callback, cb_arg);
+ BN_GENCB_set_old(cb, callback, cb_arg);
if(DSA_generate_parameters_ex(ret, bits, seed_in, seed_len,
- counter_ret, h_ret, &cb))
+ counter_ret, h_ret, cb))
+ {
+ BN_GENCB_free(cb);
return ret;
+ }
+ BN_GENCB_free(cb);
DSA_free(ret);
return NULL;
}
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index dbf745a..a3adb2f 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -102,19 +102,24 @@ static int dsa_builtin_keygen(DSA *dsa)
pub_key=dsa->pub_key;
{
- BIGNUM local_prk;
+ BIGNUM *local_prk = NULL;
BIGNUM *prk;
if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
{
- BN_init(&local_prk);
- prk = &local_prk;
+ local_prk = prk = BN_new();
+ if(!local_prk) goto err;
BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
}
else
prk = priv_key;
- if (!BN_mod_exp(pub_key,dsa->g,prk,dsa->p,ctx)) goto err;
+ if (!BN_mod_exp(pub_key,dsa->g,prk,dsa->p,ctx))
+ {
+ if (local_prk != NULL) BN_free(local_prk);
+ goto err;
+ }
+ if (local_prk != NULL) BN_free(local_prk);
}
dsa->priv_key=priv_key;
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index fb0030a..ff29e55 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -136,15 +136,16 @@ const DSA_METHOD *DSA_OpenSSL(void)
static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
{
BIGNUM *kinv=NULL,*r=NULL,*s=NULL;
- BIGNUM m;
- BIGNUM xr;
+ BIGNUM *m;
+ BIGNUM *xr;
BN_CTX *ctx=NULL;
int reason=ERR_R_BN_LIB;
DSA_SIG *ret=NULL;
int noredo = 0;
- BN_init(&m);
- BN_init(&xr);
+ m = BN_new();
+ xr = BN_new();
+ if(!m || !xr) goto err;
if (!dsa->p || !dsa->q || !dsa->g)
{
@@ -177,12 +178,12 @@ redo:
* BN_num_bits(dsa->q) leftmost bits of the digest, see
* fips 186-3, 4.2 */
dlen = BN_num_bytes(dsa->q);
- if (BN_bin2bn(dgst,dlen,&m) == NULL)
+ if (BN_bin2bn(dgst,dlen,m) == NULL)
goto err;
/* Compute s = inv(k) (m + xr) mod q */
- if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
- if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */
+ if (!BN_mod_mul(xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */
+ if (!BN_add(s, xr, m)) goto err; /* s = m + xr */
if (BN_cmp(s,dsa->q) > 0)
if (!BN_sub(s,s,dsa->q)) goto err;
if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
@@ -212,8 +213,8 @@ err:
BN_free(s);
}
if (ctx != NULL) BN_CTX_free(ctx);
- BN_clear_free(&m);
- BN_clear_free(&xr);
+ BN_clear_free(m);
+ BN_clear_free(xr);
if (kinv != NULL) /* dsa->kinv is NULL now if we used it */
BN_clear_free(kinv);
return(ret);
@@ -228,8 +229,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
BIGNUM **kinvp, BIGNUM **rp,
const unsigned char *dgst, int dlen)
{
- BN_CTX *ctx;
- BIGNUM k,kq,*K,*kinv=NULL,*r=NULL;
+ BN_CTX *ctx = NULL;
+ BIGNUM *k,*kq,*K,*kinv=NULL,*r=NULL;
int ret=0;
if (!dsa->p || !dsa->q || !dsa->g)
@@ -238,8 +239,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
return 0;
}
- BN_init(&k);
- BN_init(&kq);
+ k = BN_new();
+ kq = BN_new();
+ if(!k || !kq) goto err;
if (ctx_in == NULL)
{
@@ -259,18 +261,18 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
/* We calculate k from SHA512(private_key + H(message)
* + random). This protects the private key from a weak
* PRNG. */
- if (!BN_generate_dsa_nonce(&k, dsa->q, dsa->priv_key, dgst,
+ if (!BN_generate_dsa_nonce(k, dsa->q, dsa->priv_key, dgst,
dlen, ctx))
goto err;
}
else
#endif
- if (!BN_rand_range(&k, dsa->q)) goto err;
- } while (BN_is_zero(&k));
+ if (!BN_rand_range(k, dsa->q)) goto err;
+ } while (BN_is_zero(k));
if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
{
- BN_set_flags(&k, BN_FLG_CONSTTIME);
+ BN_set_flags(k, BN_FLG_CONSTTIME);
}
if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
@@ -285,7 +287,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
{
- if (!BN_copy(&kq, &k)) goto err;
+ if (!BN_copy(kq, k)) goto err;
/* We do not want timing information to leak the length of k,
* so we compute g^k using an equivalent exponent of fixed length.
@@ -293,24 +295,24 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
* (This is a kludge that we need because the BN_mod_exp_mont()
* does not let us specify the desired timing behaviour.) */
- if (!BN_add(&kq, &kq, dsa->q)) goto err;
- if (BN_num_bits(&kq) <= BN_num_bits(dsa->q))
+ if (!BN_add(kq, kq, dsa->q)) goto err;
+ if (BN_num_bits(kq) <= BN_num_bits(dsa->q))
{
- if (!BN_add(&kq, &kq, dsa->q)) goto err;
+ if (!BN_add(kq, kq, dsa->q)) goto err;
}
- K = &kq;
+ K = kq;
}
else
{
- K = &k;
+ K = k;
}
DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
dsa->method_mont_p);
if (!BN_mod(r,r,dsa->q,ctx)) goto err;
/* Compute part of 's = inv(k) (m + xr) mod q' */
- if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err;
+ if ((kinv=BN_mod_inverse(NULL,k,dsa->q,ctx)) == NULL) goto err;
if (*kinvp != NULL) BN_clear_free(*kinvp);
*kinvp=kinv;
@@ -326,8 +328,8 @@ err:
BN_clear_free(r);
}
if (ctx_in == NULL) BN_CTX_free(ctx);
- BN_clear_free(&k);
- BN_clear_free(&kq);
+ BN_clear_free(k);
+ BN_clear_free(kq);
return(ret);
}
@@ -335,7 +337,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
DSA *dsa)
{
BN_CTX *ctx;
- BIGNUM u1,u2,t1;
+ BIGNUM *u1,*u2,*t1;
BN_MONT_CTX *mont=NULL;
int ret = -1, i;
if (!dsa->p || !dsa->q || !dsa->g)
@@ -357,11 +359,11 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE);
return -1;
}
- BN_init(&u1);
- BN_init(&u2);
- BN_init(&t1);
-
- if ((ctx=BN_CTX_new()) == NULL) goto err;
+ u1 = BN_new();
+ u2 = BN_new();
+ t1 = BN_new();
+ ctx=BN_CTX_new();
+ if(!u1 || !u2 || !t1 || !ctx) goto err;
if (BN_is_zero(sig->r) || BN_is_negative(sig->r) ||
BN_ucmp(sig->r, dsa->q) >= 0)
@@ -378,7 +380,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
/* Calculate W = inv(S) mod Q
* save W in u2 */
- if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err;
+ if ((BN_mod_inverse(u2,sig->s,dsa->q,ctx)) == NULL) goto err;
/* save M in u1 */
if (dgst_len > (i >> 3))
@@ -386,13 +388,13 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
* BN_num_bits(dsa->q) leftmost bits of the digest, see
* fips 186-3, 4.2 */
dgst_len = (i >> 3);
- if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err;
+ if (BN_bin2bn(dgst,dgst_len,u1) == NULL) goto err;
/* u1 = M * w mod q */
- if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err;
+ if (!BN_mod_mul(u1,u1,u2,dsa->q,ctx)) goto err;
/* u2 = r * w mod q */
- if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
+ if (!BN_mod_mul(u2,sig->r,u2,dsa->q,ctx)) goto err;
if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
@@ -404,21 +406,21 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
}
- DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p, ctx, mont);
+ DSA_MOD_EXP(goto err, dsa, t1, dsa->g, u1, dsa->pub_key, u2, dsa->p, ctx, mont);
/* BN_copy(&u1,&t1); */
/* let u1 = u1 mod q */
- if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;
+ if (!BN_mod(u1,t1,dsa->q,ctx)) goto err;
/* V is now in u1. If the signature is correct, it will be
* equal to R. */
- ret=(BN_ucmp(&u1, sig->r) == 0);
+ ret=(BN_ucmp(u1, sig->r) == 0);
err:
if (ret < 0) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
if (ctx != NULL) BN_CTX_free(ctx);
- BN_free(&u1);
- BN_free(&u2);
- BN_free(&t1);
+ if(u1) BN_free(u1);
+ if(u2) BN_free(u2);
+ if(t1) BN_free(t1);
return(ret);
}
diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index 4c7a5a8..2f0586a 100644
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -246,20 +246,25 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
DSA *dsa = NULL;
DSA_PKEY_CTX *dctx = ctx->data;
- BN_GENCB *pcb, cb;
+ BN_GENCB *pcb;
int ret;
if (ctx->pkey_gencb)
{
- pcb = &cb;
+ pcb = BN_GENCB_new();
+ if(!pcb) return 0;
evp_pkey_set_cb_translate(pcb, ctx);
}
else
pcb = NULL;
dsa = DSA_new();
if (!dsa)
+ {
+ if(pcb) BN_GENCB_free(pcb);
return 0;
+ }
ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
NULL, 0, NULL, NULL, NULL, pcb);
+ if(pcb) BN_GENCB_free(pcb);
if (ret)
EVP_PKEY_assign_DSA(pkey, dsa);
else
diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c
index edffd24..271a8e0 100644
--- a/crypto/dsa/dsatest.c
+++ b/crypto/dsa/dsatest.c
@@ -136,7 +136,7 @@ static BIO *bio_err=NULL;
int main(int argc, char **argv)
{
- BN_GENCB cb;
+ BN_GENCB *cb;
DSA *dsa=NULL;
int counter,ret=0,i,j;
unsigned char buf[256];
@@ -156,9 +156,12 @@ int main(int argc, char **argv)
BIO_printf(bio_err,"test generation of DSA parameters\n");
- BN_GENCB_set(&cb, dsa_cb, bio_err);
+ cb = BN_GENCB_new();
+ if(!cb) goto end;
+
+ BN_GENCB_set(cb, dsa_cb, bio_err);
if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
- seed, 20, &counter, &h, &cb))
+ seed, 20, &counter, &h, cb))
goto end;
BIO_printf(bio_err,"seed\n");
@@ -221,6 +224,7 @@ end:
if (!ret)
ERR_print_errors(bio_err);
if (dsa != NULL) DSA_free(dsa);
+ if (cb != NULL) BN_GENCB_free(cb);
CRYPTO_cleanup_all_ex_data();
ERR_remove_thread_state(NULL);
ERR_free_strings();
@@ -246,8 +250,8 @@ static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg)
if (p == 1) c='+';
if (p == 2) { c='*'; ok++; }
if (p == 3) c='\n';
- BIO_write(arg->arg,&c,1);
- (void)BIO_flush(arg->arg);
+ BIO_write(BN_GENCB_get_arg(arg),&c,1);
+ (void)BIO_flush(BN_GENCB_get_arg(arg));
if (!ok && (p == 0) && (num > 1))
{
diff --git a/crypto/ec/Makefile b/crypto/ec/Makefile
index 0d9f3ab..852183a 100644
--- a/crypto/ec/Makefile
+++ b/crypto/ec/Makefile
@@ -5,7 +5,7 @@
DIR= ec
TOP= ../..
CC= cc
-INCLUDES= -I.. -I$(TOP) -I../../include
+INCLUDES= -I.. -I$(TOP) -I../include -I../../include
CFLAG=-g
MAKEFILE= Makefile
AR= ar r
@@ -98,7 +98,8 @@ ec2_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ec2_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec2_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec2_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec2_mult.o: ../../include/openssl/symhacks.h ec2_mult.c ec_lcl.h
+ec2_mult.o: ../../include/openssl/symhacks.h ../include/internal/bn_int.h
+ec2_mult.o: ec2_mult.c ec_lcl.h
ec2_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec2_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec2_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
@@ -114,7 +115,8 @@ ec2_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ec2_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec2_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec2_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec2_smpl.o: ../../include/openssl/symhacks.h ec2_smpl.c ec_lcl.h
+ec2_smpl.o: ../../include/openssl/symhacks.h ../include/internal/bn_int.h
+ec2_smpl.o: ec2_smpl.c ec_lcl.h
ec_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
ec_ameth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
ec_ameth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -193,7 +195,8 @@ ec_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
ec_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ec_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-ec_mult.o: ../../include/openssl/symhacks.h ec_lcl.h ec_mult.c
+ec_mult.o: ../../include/openssl/symhacks.h ../include/internal/bn_int.h
+ec_mult.o: ec_lcl.h ec_mult.c
ec_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
diff --git a/crypto/ec/ec2_mult.c b/crypto/ec/ec2_mult.c
index ed46d58..cc3ec83 100644
--- a/crypto/ec/ec2_mult.c
+++ b/crypto/ec/ec2_mult.c
@@ -71,6 +71,7 @@
#include <openssl/err.h>
+#include "internal/bn_int.h"
#include "ec_lcl.h"
#ifndef OPENSSL_NO_EC2M
@@ -98,7 +99,7 @@ static int gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx
if (!group->meth->field_mul(group, z, x, t1, ctx)) goto err;
if (!group->meth->field_sqr(group, x, x, ctx)) goto err;
if (!group->meth->field_sqr(group, t1, t1, ctx)) goto err;
- if (!group->meth->field_mul(group, t1, &group->b, t1, ctx)) goto err;
+ if (!group->meth->field_mul(group, t1, group->b, t1, ctx)) goto err;
if (!BN_GF2m_add(x, x, t1)) goto err;
ret = 1;
@@ -249,24 +250,24 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
z1 = BN_CTX_get(ctx);
if (z1 == NULL) goto err;
- x2 = &r->X;
- z2 = &r->Y;
+ x2 = r->X;
+ z2 = r->Y;
- bn_wexpand(x1, group->field.top);
- bn_wexpand(z1, group->field.top);
- bn_wexpand(x2, group->field.top);
- bn_wexpand(z2, group->field.top);
+ bn_wexpand(x1, bn_get_top(group->field));
+ bn_wexpand(z1, bn_get_top(group->field));
+ bn_wexpand(x2, bn_get_top(group->field));
+ bn_wexpand(z2, bn_get_top(group->field));
- if (!BN_GF2m_mod_arr(x1, &point->X, group->poly)) goto err; /* x1 = x */
+ if (!BN_GF2m_mod_arr(x1, point->X, group->poly)) goto err; /* x1 = x */
if (!BN_one(z1)) goto err; /* z1 = 1 */
if (!group->meth->field_sqr(group, z2, x1, ctx)) goto err; /* z2 = x1^2 = x^2 */
if (!group->meth->field_sqr(group, x2, z2, ctx)) goto err;
- if (!BN_GF2m_add(x2, x2, &group->b)) goto err; /* x2 = x^4 + b */
+ if (!BN_GF2m_add(x2, x2, group->b)) goto err; /* x2 = x^4 + b */
/* find top most bit and go one past it */
- i = scalar->top - 1;
+ i = bn_get_top(scalar) - 1;
mask = BN_TBIT;
- word = scalar->d[i];
+ word = bn_get_words(scalar)[i];
while (!(word & mask)) mask >>= 1;
mask >>= 1;
/* if top most bit was at word break, go to next word */
@@ -278,22 +279,22 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
for (; i >= 0; i--)
{
- word = scalar->d[i];
+ word = bn_get_words(scalar)[i];
while (mask)
{
- BN_consttime_swap(word & mask, x1, x2, group->field.top);
- BN_consttime_swap(word & mask, z1, z2, group->field.top);
- if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx)) goto err;
+ BN_consttime_swap(word & mask, x1, x2, bn_get_top(group->field));
+ BN_consttime_swap(word & mask, z1, z2, bn_get_top(group->field));
+ if (!gf2m_Madd(group, point->X, x2, z2, x1, z1, ctx)) goto err;
if (!gf2m_Mdouble(group, x1, z1, ctx)) goto err;
- BN_consttime_swap(word & mask, x1, x2, group->field.top);
- BN_consttime_swap(word & mask, z1, z2, group->field.top);
+ BN_consttime_swap(word & mask, x1, x2, bn_get_top(group->field));
+ BN_consttime_swap(word & mask, z1, z2, bn_get_top(group->field));
mask >>= 1;
}
mask = BN_TBIT;
}
/* convert out of "projective" coordinates */
- i = gf2m_Mxy(group, &point->X, &point->Y, x1, z1, x2, z2, ctx);
+ i = gf2m_Mxy(group, point->X, point->Y, x1, z1, x2, z2, ctx);
if (i == 0) goto err;
else if (i == 1)
{
@@ -301,13 +302,13 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
}
else
{
- if (!BN_one(&r->Z)) goto err;
+ if (!BN_one(r->Z)) goto err;
r->Z_is_one = 1;
}
/* GF(2^m) field elements should always have BIGNUM::neg = 0 */
- BN_set_negative(&r->X, 0);
- BN_set_negative(&r->Y, 0);
+ BN_set_negative(r->X, 0);
+ BN_set_negative(r->Y, 0);
ret = 1;
diff --git a/crypto/ec/ec2_oct.c b/crypto/ec/ec2_oct.c
index f1d75e5..0b1fbea 100644
--- a/crypto/ec/ec2_oct.c
+++ b/crypto/ec/ec2_oct.c
@@ -117,13 +117,13 @@ int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *p
if (!BN_GF2m_mod_arr(x, x_, group->poly)) goto err;
if (BN_is_zero(x))
{
- if (!BN_GF2m_mod_sqrt_arr(y, &group->b, group->poly, ctx)) goto err;
+ if (!BN_GF2m_mod_sqrt_arr(y, group->b, group->poly, ctx)) goto err;
}
else
{
if (!group->meth->field_sqr(group, tmp, x, ctx)) goto err;
- if (!group->meth->field_div(group, tmp, &group->b, tmp, ctx)) goto err;
- if (!BN_GF2m_add(tmp, &group->a, tmp)) goto err;
+ if (!group->meth->field_div(group, tmp, group->b, tmp, ctx)) goto err;
+ if (!BN_GF2m_add(tmp, group->a, tmp)) goto err;
if (!BN_GF2m_add(tmp, x, tmp)) goto err;
if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx))
{
@@ -359,7 +359,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
if (yxi == NULL) goto err;
if (!BN_bin2bn(buf + 1, field_len, x)) goto err;
- if (BN_ucmp(x, &group->field) >= 0)
+ if (BN_ucmp(x, group->field) >= 0)
{
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
goto err;
@@ -372,7 +372,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
else
{
if (!BN_bin2bn(buf + 1 + field_len, field_len, y)) goto err;
- if (BN_ucmp(y, &group->field) >= 0)
+ if (BN_ucmp(y, group->field) >= 0)
{
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
goto err;
diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c
index 6c81df0..0bf87e6 100644
--- a/crypto/ec/ec2_smpl.c
+++ b/crypto/ec/ec2_smpl.c
@@ -71,6 +71,7 @@
#include <openssl/err.h>
+#include "internal/bn_int.h"
#include "ec_lcl.h"
#ifndef OPENSSL_NO_EC2M
@@ -129,9 +130,17 @@ const EC_METHOD *EC_GF2m_simple_method(void)
*/
int ec_GF2m_simple_group_init(EC_GROUP *group)
{
- BN_init(&group->field);
- BN_init(&group->a);
- BN_init(&group->b);
+ group->field = BN_new();
+ group->a = BN_new();
+ group->b = BN_new();
+
+ if(!group->field || !group->a || !group->b)
+ {
+ if(group->field) BN_free(group->field);
+ if(group->a) BN_free(group->a);
+ if(group->b) BN_free(group->b);
+ return 0;
+ }
return 1;
}
@@ -141,9 +150,9 @@ int ec_GF2m_simple_group_init(EC_GROUP *group)
*/
void ec_GF2m_simple_group_finish(EC_GROUP *group)
{
- BN_free(&group->field);
- BN_free(&group->a);
- BN_free(&group->b);
+ BN_free(group->field);
+ BN_free(group->a);
+ BN_free(group->b);
}
@@ -152,9 +161,9 @@ void ec_GF2m_simple_group_finish(EC_GROUP *group)
*/
void ec_GF2m_simple_group_clear_finish(EC_GROUP *group)
{
- BN_clear_free(&group->field);
- BN_clear_free(&group->a);
- BN_clear_free(&group->b);
+ BN_clear_free(group->field);
+ BN_clear_free(group->a);
+ BN_clear_free(group->b);
group->poly[0] = 0;
group->poly[1] = 0;
group->poly[2] = 0;
@@ -169,20 +178,19 @@ void ec_GF2m_simple_group_clear_finish(EC_GROUP *group)
*/
int ec_GF2m_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
{
- int i;
- if (!BN_copy(&dest->field, &src->field)) return 0;
- if (!BN_copy(&dest->a, &src->a)) return 0;
- if (!BN_copy(&dest->b, &src->b)) return 0;
+ if (!BN_copy(dest->field, src->field)) return 0;
+ if (!BN_copy(dest->a, src->a)) return 0;
+ if (!BN_copy(dest->b, src->b)) return 0;
dest->poly[0] = src->poly[0];
dest->poly[1] = src->poly[1];
dest->poly[2] = src->poly[2];
dest->poly[3] = src->poly[3];
dest->poly[4] = src->poly[4];
dest->poly[5] = src->poly[5];
- if (bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) return 0;
- if (bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) return 0;
- for (i = dest->a.top; i < dest->a.dmax; i++) dest->a.d[i] = 0;
- for (i = dest->b.top; i < dest->b.dmax; i++) dest->b.d[i] = 0;
+ if (bn_wexpand(dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) return 0;
+ if (bn_wexpand(dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) return 0;
+ bn_set_all_zero(dest->a);
+ bn_set_all_zero(dest->b);
return 1;
}
@@ -194,8 +202,8 @@ int ec_GF2m_simple_group_set_curve(EC_GROUP *group,
int ret = 0, i;
/* group->field */
- if (!BN_copy(&group->field, p)) goto err;
- i = BN_GF2m_poly2arr(&group->field, group->poly, 6) - 1;
+ if (!BN_copy(group->field, p)) goto err;
+ i = BN_GF2m_poly2arr(group->field, group->poly, 6) - 1;
if ((i != 5) && (i != 3))
{
ECerr(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
@@ -203,14 +211,14 @@ int ec_GF2m_simple_group_set_curve(EC_GROUP *group,
}
/* group->a */
- if (!BN_GF2m_mod_arr(&group->a, a, group->poly)) goto err;
- if(bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err;
- for (i = group->a.top; i < group->a.dmax; i++) group->a.d[i] = 0;
+ if (!BN_GF2m_mod_arr(group->a, a, group->poly)) goto err;
+ if(bn_wexpand(group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err;
+ bn_set_all_zero(group->a);
/* group->b */
- if (!BN_GF2m_mod_arr(&group->b, b, group->poly)) goto err;
- if(bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err;
- for (i = group->b.top; i < group->b.dmax; i++) group->b.d[i] = 0;
+ if (!BN_GF2m_mod_arr(group->b, b, group->poly)) goto err;
+ if(bn_wexpand(group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err;
+ bn_set_all_zero(group->b);
ret = 1;
err:
@@ -227,17 +235,17 @@ int ec_GF2m_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
if (p != NULL)
{
- if (!BN_copy(p, &group->field)) return 0;
+ if (!BN_copy(p, group->field)) return 0;
}
if (a != NULL)
{
- if (!BN_copy(a, &group->a)) goto err;
+ if (!BN_copy(a, group->a)) goto err;
}
if (b != NULL)
{
- if (!BN_copy(b, &group->b)) goto err;
+ if (!BN_copy(b, group->b)) goto err;
}
ret = 1;
@@ -250,7 +258,7 @@ int ec_GF2m_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
/* Gets the degree of the field. For a curve over GF(2^m) this is the value m. */
int ec_GF2m_simple_group_get_degree(const EC_GROUP *group)
{
- return BN_num_bits(&group->field)-1;
+ return BN_num_bits(group->field)-1;
}
@@ -276,7 +284,7 @@ int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
b = BN_CTX_get(ctx);
if (b == NULL) goto err;
- if (!BN_GF2m_mod_arr(b, &group->b, group->poly)) goto err;
+ if (!BN_GF2m_mod_arr(b, group->b, group->poly)) goto err;
/* check the discriminant:
* y^2 + x*y = x^3 + a*x^2 + b is an elliptic curve <=> b != 0 (mod p)
@@ -297,9 +305,17 @@ err:
/* Initializes an EC_POINT. */
int ec_GF2m_simple_point_init(EC_POINT *point)
{
- BN_init(&point->X);
- BN_init(&point->Y);
- BN_init(&point->Z);
+ point->X = BN_new();
+ point->Y = BN_new();
+ point->Z = BN_new();
+
+ if(!point->X || !point->Y || !point->Z)
+ {
+ if(point->X) BN_free(point->X);
+ if(point->Y) BN_free(point->Y);
+ if(point->Z) BN_free(point->Z);
+ return 0;
+ }
return 1;
}
@@ -307,18 +323,18 @@ int ec_GF2m_simple_point_init(EC_POINT *point)
/* Frees an EC_POINT. */
void ec_GF2m_simple_point_finish(EC_POINT *point)
{
- BN_free(&point->X);
- BN_free(&point->Y);
- BN_free(&point->Z);
+ BN_free(point->X);
+ BN_free(point->Y);
+ BN_free(point->Z);
}
/* Clears and frees an EC_POINT. */
void ec_GF2m_simple_point_clear_finish(EC_POINT *point)
{
- BN_clear_free(&point->X);
- BN_clear_free(&point->Y);
- BN_clear_free(&point->Z);
+ BN_clear_free(point->X);
+ BN_clear_free(point->Y);
+ BN_clear_free(point->Z);
point->Z_is_one = 0;
}
@@ -326,9 +342,9 @@ void ec_GF2m_simple_point_clear_finish(EC_POINT *point)
/* Copy the contents of one EC_POINT into another. Assumes dest is initialized. */
int ec_GF2m_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
{
- if (!BN_copy(&dest->X, &src->X)) return 0;
- if (!BN_copy(&dest->Y, &src->Y)) return 0;
- if (!BN_copy(&dest->Z, &src->Z)) return 0;
+ if (!BN_copy(dest->X, src->X)) return 0;
+ if (!BN_copy(dest->Y, src->Y)) return 0;
+ if (!BN_copy(dest->Z, src->Z)) return 0;
dest->Z_is_one = src->Z_is_one;
return 1;
@@ -341,7 +357,7 @@ int ec_GF2m_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
int ec_GF2m_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
{
point->Z_is_one = 0;
- BN_zero(&point->Z);
+ BN_zero(point->Z);
return 1;
}
@@ -359,12 +375,12 @@ int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *group, EC_POINT
return 0;
}
- if (!BN_copy(&point->X, x)) goto err;
- BN_set_negative(&point->X, 0);
- if (!BN_copy(&point->Y, y)) goto err;
- BN_set_negative(&point->Y, 0);
- if (!BN_copy(&point->Z, BN_value_one())) goto err;
- BN_set_negative(&point->Z, 0);
+ if (!BN_copy(point->X, x)) goto err;
+ BN_set_negative(point->X, 0);
+ if (!BN_copy(point->Y, y)) goto err;
+ BN_set_negative(point->Y, 0);
+ if (!BN_copy(point->Z, BN_value_one())) goto err;
+ BN_set_negative(point->Z, 0);
point->Z_is_one = 1;
ret = 1;
@@ -387,19 +403,19 @@ int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_
return 0;
}
- if (BN_cmp(&point->Z, BN_value_one()))
+ if (BN_cmp(point->Z, BN_value_one()))
{
ECerr(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
if (x != NULL)
{
- if (!BN_copy(x, &point->X)) goto err;
+ if (!BN_copy(x, point->X)) goto err;
BN_set_negative(x, 0);
}
if (y != NULL)
{
- if (!BN_copy(y, &point->Y)) goto err;
+ if (!BN_copy(y, point->Y)) goto err;
BN_set_negative(y, 0);
}
ret = 1;
@@ -449,8 +465,8 @@ int ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, co
if (a->Z_is_one)
{
- if (!BN_copy(x0, &a->X)) goto err;
- if (!BN_copy(y0, &a->Y)) goto err;
+ if (!BN_copy(x0, a->X)) goto err;
+ if (!BN_copy(y0, a->Y)) goto err;
}
else
{
@@ -458,8 +474,8 @@ int ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, co
}
if (b->Z_is_one)
{
- if (!BN_copy(x1, &b->X)) goto err;
- if (!BN_copy(y1, &b->Y)) goto err;
+ if (!BN_copy(x1, b->X)) goto err;
+ if (!BN_copy(y1, b->Y)) goto err;
}
else
{
@@ -473,7 +489,7 @@ int ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, co
if (!BN_GF2m_add(s, y0, y1)) goto err;
if (!group->meth->field_div(group, s, s, t, ctx)) goto err;
if (!group->meth->field_sqr(group, x2, s, ctx)) goto err;
- if (!BN_GF2m_add(x2, x2, &group->a)) goto err;
+ if (!BN_GF2m_add(x2, x2, group->a)) goto err;
if (!BN_GF2m_add(x2, x2, s)) goto err;
if (!BN_GF2m_add(x2, x2, t)) goto err;
}
@@ -490,7 +506,7 @@ int ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, co
if (!group->meth->field_sqr(group, x2, s, ctx)) goto err;
if (!BN_GF2m_add(x2, x2, s)) goto err;
- if (!BN_GF2m_add(x2, x2, &group->a)) goto err;
+ if (!BN_GF2m_add(x2, x2, group->a)) goto err;
}
if (!BN_GF2m_add(y2, x1, x2)) goto err;
@@ -521,19 +537,19 @@ int ec_GF2m_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN
int ec_GF2m_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
{
- if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(&point->Y))
+ if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(point->Y))
/* point is its own inverse */
return 1;
if (!EC_POINT_make_affine(group, point, ctx)) return 0;
- return BN_GF2m_add(&point->Y, &point->X, &point->Y);
+ return BN_GF2m_add(point->Y, point->X, point->Y);
}
/* Indicates whether the given point is the point at infinity. */
int ec_GF2m_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
{
- return BN_is_zero(&point->Z);
+ return BN_is_zero(point->Z);
}
@@ -575,12 +591,12 @@ int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_
* <=> x^3 + a*x^2 + x*y + b + y^2 = 0
* <=> ((x + a) * x + y ) * x + b + y^2 = 0
*/
- if (!BN_GF2m_add(lh, &point->X, &group->a)) goto err;
- if (!field_mul(group, lh, lh, &point->X, ctx)) goto err;
- if (!BN_GF2m_add(lh, lh, &point->Y)) goto err;
- if (!field_mul(group, lh, lh, &point->X, ctx)) goto err;
- if (!BN_GF2m_add(lh, lh, &group->b)) goto err;
- if (!field_sqr(group, y2, &point->Y, ctx)) goto err;
+ if (!BN_GF2m_add(lh, point->X, group->a)) goto err;
+ if (!field_mul(group, lh, lh, point->X, ctx)) goto err;
+ if (!BN_GF2m_add(lh, lh, point->Y)) goto err;
+ if (!field_mul(group, lh, lh, point->X, ctx)) goto err;
+ if (!BN_GF2m_add(lh, lh, group->b)) goto err;
+ if (!field_sqr(group, y2, point->Y, ctx)) goto err;
if (!BN_GF2m_add(lh, lh, y2)) goto err;
ret = BN_is_zero(lh);
err:
@@ -612,7 +628,7 @@ int ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT
if (a->Z_is_one && b->Z_is_one)
{
- return ((BN_cmp(&a->X, &b->X) == 0) && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;
+ return ((BN_cmp(a->X, b->X) == 0) && BN_cmp(a->Y, b->Y) == 0) ? 0 : 1;
}
if (ctx == NULL)
@@ -663,9 +679,9 @@ int ec_GF2m_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *c
if (y == NULL) goto err;
if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err;
- if (!BN_copy(&point->X, x)) goto err;
- if (!BN_copy(&point->Y, y)) goto err;
- if (!BN_one(&point->Z)) goto err;
+ if (!BN_copy(point->X, x)) goto err;
+ if (!BN_copy(point->Y, y)) goto err;
+ if (!BN_one(point->Z)) goto err;
ret = 1;
@@ -707,7 +723,7 @@ int ec_GF2m_simple_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
/* Wrapper to simple binary polynomial field division implementation. */
int ec_GF2m_simple_field_div(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
{
- return BN_GF2m_mod_div(r, a, b, &group->field, ctx);
+ return BN_GF2m_mod_div(r, a, b, group->field, ctx);
}
#endif
diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
index 9be2f32..9ce17ae 100644
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -326,7 +326,7 @@ int EC_KEY_check_key(const EC_KEY *eckey)
goto err;
}
/* testing whether pub_key * order is the point at infinity */
- order = &eckey->group->order;
+ order = eckey->group->order;
if (BN_is_zero(order))
{
ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER);
@@ -427,8 +427,8 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y)
* field order: if not values are out of range.
*/
if (BN_cmp(x, tx) || BN_cmp(y, ty)
- || (BN_cmp(x, &key->group->field) >= 0)
- || (BN_cmp(y, &key->group->field) >= 0))
+ || (BN_cmp(x, key->group->field) >= 0)
+ || (BN_cmp(y, key->group->field) >= 0))
{
ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
EC_R_COORDINATES_OUT_OF_RANGE);
diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h
index 22b53d2..abd73ee 100644
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_lcl.h
@@ -190,7 +190,7 @@ struct ec_group_st {
const EC_METHOD *meth;
EC_POINT *generator; /* optional */
- BIGNUM order, cofactor;
+ BIGNUM *order, *cofactor;
int curve_name;/* optional NID for named curve */
int asn1_flag; /* flag to control the asn1 encoding */
@@ -204,7 +204,7 @@ struct ec_group_st {
/* The following members are handled by the method functions,
* even if they appear generic */
- BIGNUM field; /* Field specification.
+ BIGNUM *field; /* Field specification.
* For curves over GF(p), this is the modulus;
* for curves over GF(2^m), this is the
* irreducible polynomial defining the field.
@@ -219,7 +219,7 @@ struct ec_group_st {
* non-zero terms.
*/
- BIGNUM a, b; /* Curve coefficients.
+ BIGNUM *a, *b; /* Curve coefficients.
* (Here the assumption is that BIGNUMs can be used
* or abused for all kinds of fields, not just GF(p).)
* For characteristic > 3, the curve is defined
@@ -280,9 +280,9 @@ struct ec_point_st {
/* All members except 'meth' are handled by the method functions,
* even if they appear generic */
- BIGNUM X;
- BIGNUM Y;
- BIGNUM Z; /* Jacobian projective coordinates:
+ BIGNUM *X;
+ BIGNUM *Y;
+ BIGNUM *Z; /* Jacobian projective coordinates:
* (X, Y, Z) represents (X/Z^2, Y/Z^3) if Z != 0 */
int Z_is_one; /* enable optimized point arithmetics for special case */
} /* EC_POINT */;
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index ec5892f..8fb8b08 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -103,8 +103,11 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
ret->mont_data = NULL;
ret->generator = NULL;
- BN_init(&ret->order);
- BN_init(&ret->cofactor);
+ ret->order = BN_new();
+ ret->cofactor = NULL;
+ if(!ret->order) goto err;
+ ret->cofactor = BN_new();
+ if(!ret->cofactor) goto err;
ret->curve_name = 0;
ret->asn1_flag = 0;
@@ -113,13 +116,14 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
ret->seed = NULL;
ret->seed_len = 0;
- if (!meth->group_init(ret))
- {
- OPENSSL_free(ret);
- return NULL;
- }
+ if (!meth->group_init(ret)) goto err;
return ret;
+err:
+ if(ret->order) BN_free(ret->order);
+ if(ret->cofactor) BN_free(ret->cofactor);
+ OPENSSL_free(ret);
+ return NULL;
}
@@ -137,8 +141,8 @@ void EC_GROUP_free(EC_GROUP *group)
if (group->generator != NULL)
EC_POINT_free(group->generator);
- BN_free(&group->order);
- BN_free(&group->cofactor);
+ BN_free(group->order);
+ BN_free(group->cofactor);
if (group->seed)
OPENSSL_free(group->seed);
@@ -163,8 +167,8 @@ void EC_GROUP_clear_free(EC_GROUP *group)
if (group->generator != NULL)
EC_POINT_clear_free(group->generator);
- BN_clear_free(&group->order);
- BN_clear_free(&group->cofactor);
+ BN_clear_free(group->order);
+ BN_clear_free(group->cofactor);
if (group->seed)
{
@@ -244,8 +248,8 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
}
}
- if (!BN_copy(&dest->order, &src->order)) return 0;
- if (!BN_copy(&dest->cofactor, &src->cofactor)) return 0;
+ if (!BN_copy(dest->order, src->order)) return 0;
+ if (!BN_copy(dest->cofactor, src->cofactor)) return 0;
dest->curve_name = src->curve_name;
dest->asn1_flag = src->asn1_flag;
@@ -325,14 +329,14 @@ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIG
if (!EC_POINT_copy(group->generator, generator)) return 0;
if (order != NULL)
- { if (!BN_copy(&group->order, order)) return 0; }
+ { if (!BN_copy(group->order, order)) return 0; }
else
- BN_zero(&group->order);
+ BN_zero(group->order);
if (cofactor != NULL)
- { if (!BN_copy(&group->cofactor, cofactor)) return 0; }
+ { if (!BN_copy(group->cofactor, cofactor)) return 0; }
else
- BN_zero(&group->cofactor);
+ BN_zero(group->cofactor);
/* We ignore the return value because some groups have an order with
* factors of two, which makes the Montgomery setup fail.
@@ -355,7 +359,7 @@ BN_MONT_CTX *EC_GROUP_get_mont_data(const EC_GROUP *group)
int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
{
- if (!BN_copy(order, &group->order))
+ if (!BN_copy(order, group->order))
return 0;
return !BN_is_zero(order);
@@ -364,10 +368,10 @@ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
{
- if (!BN_copy(cofactor, &group->cofactor))
+ if (!BN_copy(cofactor, group->cofactor))
return 0;
- return !BN_is_zero(&group->cofactor);
+ return !BN_is_zero(group->cofactor);
}
@@ -1152,7 +1156,7 @@ int ec_precompute_mont_data(EC_GROUP *group)
if (!group->mont_data)
goto err;
- if (!BN_MONT_CTX_set(group->mont_data, &group->order, ctx))
+ if (!BN_MONT_CTX_set(group->mont_data, group->order, ctx))
{
BN_MONT_CTX_free(group->mont_data);
group->mont_data = NULL;
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index b12930d..3b5be30 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -64,9 +64,9 @@
#include <string.h>
-
#include <openssl/err.h>
+#include "internal/bn_int.h"
#include "ec_lcl.h"
@@ -184,146 +184,7 @@ static void ec_pre_comp_clear_free(void *pre_)
-/* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
- * This is an array r[] of values that are either zero or odd with an
- * absolute value less than 2^w satisfying
- * scalar = \sum_j r[j]*2^j
- * where at most one of any w+1 consecutive digits is non-zero
- * with the exception that the most significant digit may be only
- * w-1 zeros away from that next non-zero digit.
- */
-static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len)
- {
- int window_val;
- int ok = 0;
- signed char *r = NULL;
- int sign = 1;
- int bit, next_bit, mask;
- size_t len = 0, j;
-
- if (BN_is_zero(scalar))
- {
- r = OPENSSL_malloc(1);
- if (!r)
- {
- ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- r[0] = 0;
- *ret_len = 1;
- return r;
- }
-
- if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */
- {
- ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- bit = 1 << w; /* at most 128 */
- next_bit = bit << 1; /* at most 256 */
- mask = next_bit - 1; /* at most 255 */
-
- if (BN_is_negative(scalar))
- {
- sign = -1;
- }
-
- if (scalar->d == NULL || scalar->top == 0)
- {
- ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- len = BN_num_bits(scalar);
- r = OPENSSL_malloc(len + 1); /* modified wNAF may be one digit longer than binary representation
- * (*ret_len will be set to the actual length, i.e. at most
- * BN_num_bits(scalar) + 1) */
- if (r == NULL)
- {
- ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
- goto err;
- }
- window_val = scalar->d[0] & mask;
- j = 0;
- while ((window_val != 0) || (j + w + 1 < len)) /* if j+w+1 >= len, window_val will not increase */
- {
- int digit = 0;
-
- /* 0 <= window_val <= 2^(w+1) */
-
- if (window_val & 1)
- {
- /* 0 < window_val < 2^(w+1) */
-
- if (window_val & bit)
- {
- digit = window_val - next_bit; /* -2^w < digit < 0 */
-
-#if 1 /* modified wNAF */
- if (j + w + 1 >= len)
- {
- /* special case for generating modified wNAFs:
- * no new bits will be added into window_val,
- * so using a positive digit here will decrease
- * the total length of the representation */
-
- digit = window_val & (mask >> 1); /* 0 < digit < 2^w */
- }
-#endif
- }
- else
- {
- digit = window_val; /* 0 < digit < 2^w */
- }
-
- if (digit <= -bit || digit >= bit || !(digit & 1))
- {
- ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
- goto err;
- }
-
- window_val -= digit;
-
- /* now window_val is 0 or 2^(w+1) in standard wNAF generation;
- * for modified window NAFs, it may also be 2^w
- */
- if (window_val != 0 && window_val != next_bit && window_val != bit)
- {
- ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- }
-
- r[j++] = sign * digit;
-
- window_val >>= 1;
- window_val += bit * BN_is_bit_set(scalar, j + w);
-
- if (window_val > next_bit)
- {
- ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- }
-
- if (j > len + 1)
- {
- ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- len = j;
- ok = 1;
- err:
- if (!ok)
- {
- OPENSSL_free(r);
- r = NULL;
- }
- if (ok)
- *ret_len = len;
- return r;
- }
/* TODO: table should be optimised for the wNAF-based implementation,
@@ -468,7 +329,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
wsize[i] = EC_window_bits_for_scalar_size(bits);
num_val += (size_t)1 << (wsize[i] - 1);
wNAF[i + 1] = NULL; /* make sure we always have a pivot */
- wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i]);
+ wNAF[i] = bn_compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i]);
if (wNAF[i] == NULL)
goto err;
if (wNAF_len[i] > max_len)
@@ -501,7 +362,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
/* use the window size for which we have precomputation */
wsize[num] = pre_comp->w;
- tmp_wNAF = compute_wNAF(scalar, wsize[num], &tmp_len);
+ tmp_wNAF = bn_compute_wNAF(scalar, wsize[num], &tmp_len);
if (!tmp_wNAF)
goto err;
diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
index e66e690..2975299 100644
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@@ -336,7 +336,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
if (!ec_key->group)
return -2;
/* If cofactor is 1 cofactor mode does nothing */
- if (BN_is_one(&ec_key->group->cofactor))
+ if (BN_is_one(ec_key->group->cofactor))
return 1;
if (!dctx->co_key)
{
diff --git a/crypto/ec/ecp_nist.c b/crypto/ec/ecp_nist.c
index 54735ec..04ebd57 100644
--- a/crypto/ec/ecp_nist.c
+++ b/crypto/ec/ecp_nist.c
@@ -172,7 +172,7 @@ int ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
if ((ctx_new = ctx = BN_CTX_new()) == NULL) goto err;
if (!BN_mul(r, a, b, ctx)) goto err;
- if (!group->field_mod_func(r, r, &group->field, ctx))
+ if (!group->field_mod_func(r, r, group->field, ctx))
goto err;
ret=1;
@@ -198,7 +198,7 @@ int ec_GFp_nist_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
if ((ctx_new = ctx = BN_CTX_new()) == NULL) goto err;
if (!BN_sqr(r, a, ctx)) goto err;
- if (!group->field_mod_func(r, r, &group->field, ctx))
+ if (!group->field_mod_func(r, r, group->field, ctx))
goto err;
ret=1;
diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c
index 1871c45..14cf868 100644
--- a/crypto/ec/ecp_nistz256.c
+++ b/crypto/ec/ecp_nistz256.c
@@ -28,7 +28,7 @@
#include <string.h>
-#include <openssl/bn.h>
+#include "internal/bn_int.h"
#include <openssl/err.h>
#include <openssl/ec.h>
#include "cryptlib.h"
@@ -543,12 +543,7 @@ static void ecp_nistz256_mod_inverse(BN_ULONG r[P256_LIMBS],
static int ecp_nistz256_bignum_to_field_elem(BN_ULONG out[P256_LIMBS],
const BIGNUM * in)
{
- if (in->top > P256_LIMBS)
- return 0;
-
- memset(out, 0, sizeof(BN_ULONG) * P256_LIMBS);
- memcpy(out, in->d, sizeof(BN_ULONG) * in->top);
- return 1;
+ return bn_copy_words(out, in, P256_LIMBS);
}
/* r = sum(scalar[i]*point[i]) */
@@ -589,7 +584,7 @@ static void ecp_nistz256_windowed_mul(const EC_GROUP * group,
if ((mod = BN_CTX_get(ctx)) == NULL)
goto err;
- if (!BN_nnmod(mod, scalar[i], &group->order, ctx)) {
+ if (!BN_nnmod(mod, scalar[i], group->order, ctx)) {
ECerr(EC_F_ECP_NISTZ256_WINDOWED_MUL, ERR_R_BN_LIB);
goto err;
}
@@ -597,8 +592,8 @@ static void ecp_nistz256_windowed_mul(const EC_GROUP * group,
} else
scalars[i] = scalar[i];
- for (j = 0; j < scalars[i]->top * BN_BYTES; j += BN_BYTES) {
- BN_ULONG d = scalars[i]->d[j / BN_BYTES];
+ for (j = 0; j < bn_get_top(scalars[i]) * BN_BYTES; j += BN_BYTES) {
+ BN_ULONG d = bn_get_words(scalars[i])[j / BN_BYTES];
p_str[i][j + 0] = d & 0xff;
p_str[i][j + 1] = (d >> 8) & 0xff;
@@ -615,9 +610,9 @@ static void ecp_nistz256_windowed_mul(const EC_GROUP * group,
for (; j < 33; j++)
p_str[i][j] = 0;
- if (!ecp_nistz256_bignum_to_field_elem(temp[0].X, &point[i]->X)
- || !ecp_nistz256_bignum_to_field_elem(temp[0].Y, &point[i]->Y)
- || !ecp_nistz256_bignum_to_field_elem(temp[0].Z, &point[i]->Z)) {
+ if (!ecp_nistz256_bignum_to_field_elem(temp[0].X, point[i]->X)
+ || !ecp_nistz256_bignum_to_field_elem(temp[0].Y, point[i]->Y)
+ || !ecp_nistz256_bignum_to_field_elem(temp[0].Z, point[i]->Z)) {
ECerr(EC_F_ECP_NISTZ256_WINDOWED_MUL, EC_R_COORDINATES_OUT_OF_RANGE);
goto err;
}
@@ -737,11 +732,12 @@ const static BN_ULONG def_yG[P256_LIMBS] = {
* P-256 generator. */
static int ecp_nistz256_is_affine_G(const EC_POINT * generator)
{
- return (generator->X.top == P256_LIMBS) &&
- (generator->Y.top == P256_LIMBS) &&
- (generator->Z.top == (P256_LIMBS - P256_LIMBS / 8)) &&
- is_equal(generator->X.d, def_xG) &&
- is_equal(generator->Y.d, def_yG) && is_one(generator->Z.d);
+ return (bn_get_top(generator->X) == P256_LIMBS) &&
+ (bn_get_top(generator->Y) == P256_LIMBS) &&
+ (bn_get_top(generator->Z) == (P256_LIMBS - P256_LIMBS / 8)) &&
+ is_equal(bn_get_words(generator->X), def_xG) &&
+ is_equal(bn_get_words(generator->Y), def_yG) &&
+ is_one(bn_get_words(generator->Z));
}
static int ecp_nistz256_mult_precompute(EC_GROUP * group, BN_CTX * ctx)
@@ -825,8 +821,8 @@ static int ecp_nistz256_mult_precompute(EC_GROUP * group, BN_CTX * ctx)
* ec_GFp_simple_points_make_affine and make multiple
* points affine at the same time. */
ec_GFp_simple_make_affine(group, P, ctx);
- ecp_nistz256_bignum_to_field_elem(temp.X, &P->X);
- ecp_nistz256_bignum_to_field_elem(temp.Y, &P->Y);
+ ecp_nistz256_bignum_to_field_elem(temp.X, P->X);
+ ecp_nistz256_bignum_to_field_elem(temp.Y, P->Y);
ecp_nistz256_scatter_w7(preComputedTable[j], &temp, k);
for (i = 0; i < 7; i++)
ec_GFp_simple_dbl(group, P, P, ctx);
@@ -1069,23 +1065,28 @@ static int ecp_nistz256_set_from_affine(EC_POINT * out, const EC_GROUP * group,
const P256_POINT_AFFINE * in,
BN_CTX * ctx)
{
- BIGNUM x, y;
+ BIGNUM *x, *y;
BN_ULONG d_x[P256_LIMBS], d_y[P256_LIMBS];
int ret = 0;
+ x = BN_new();
+ if(!x)
+ return 0;
+ y = BN_new();
+ if(!y) {
+ BN_free(x);
+ return 0;
+ }
memcpy(d_x, in->X, sizeof(d_x));
- x.d = d_x;
- x.dmax = x.top = P256_LIMBS;
- x.neg = 0;
- x.flags = BN_FLG_STATIC_DATA;
+ bn_set_static_words(x, d_x, P256_LIMBS);
memcpy(d_y, in->Y, sizeof(d_y));
- y.d = d_y;
- y.dmax = y.top = P256_LIMBS;
- y.neg = 0;
- y.flags = BN_FLG_STATIC_DATA;
+ bn_set_static_words(y, d_y, P256_LIMBS);
+
+ ret = EC_POINT_set_affine_coordinates_GFp(group, out, x, y, ctx);
- ret = EC_POINT_set_affine_coordinates_GFp(group, out, &x, &y, ctx);
+ if(x) BN_free(x);
+ if(y) BN_free(y);
return ret;
}
@@ -1134,12 +1135,12 @@ static int ecp_nistz256_points_mul(const EC_GROUP * group,
}
/* Need 256 bits for space for all coordinates. */
- bn_wexpand(&r->X, P256_LIMBS);
- bn_wexpand(&r->Y, P256_LIMBS);
- bn_wexpand(&r->Z, P256_LIMBS);
- r->X.top = P256_LIMBS;
- r->Y.top = P256_LIMBS;
- r->Z.top = P256_LIMBS;
+ bn_wexpand(r->X, P256_LIMBS);
+ bn_wexpand(r->Y, P256_LIMBS);
+ bn_wexpand(r->Z, P256_LIMBS);
+ bn_set_top(r->X, P256_LIMBS);
+ bn_set_top(r->Y, P256_LIMBS);
+ bn_set_top(r->Z, P256_LIMBS);
if (scalar) {
generator = EC_GROUP_get0_generator(group);
@@ -1187,15 +1188,15 @@ static int ecp_nistz256_points_mul(const EC_GROUP * group,
if ((tmp_scalar = BN_CTX_get(ctx)) == NULL)
goto err;
- if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
+ if (!BN_nnmod(tmp_scalar, scalar, group->order, ctx)) {
ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, ERR_R_BN_LIB);
goto err;
}
scalar = tmp_scalar;
}
- for (i = 0; i < scalar->top * BN_BYTES; i += BN_BYTES) {
- BN_ULONG d = scalar->d[i / BN_BYTES];
+ for (i = 0; i < bn_get_top(scalar) * BN_BYTES; i += BN_BYTES) {
+ BN_ULONG d = bn_get_words(scalar)[i / BN_BYTES];
p_str[i + 0] = d & 0xff;
p_str[i + 1] = (d >> 8) & 0xff;
@@ -1301,12 +1302,12 @@ static int ecp_nistz256_points_mul(const EC_GROUP * group,
OPENSSL_free(scalars);
}
- memcpy(r->X.d, p.p.X, sizeof(p.p.X));
- memcpy(r->Y.d, p.p.Y, sizeof(p.p.Y));
- memcpy(r->Z.d, p.p.Z, sizeof(p.p.Z));
- bn_correct_top(&r->X);
- bn_correct_top(&r->Y);
- bn_correct_top(&r->Z);
+ bn_set_data(r->X, p.p.X, sizeof(p.p.X));
+ bn_set_data(r->Y, p.p.Y, sizeof(p.p.Y));
+ bn_set_data(r->Z, p.p.Z, sizeof(p.p.Z));
+ bn_correct_top(r->X);
+ bn_correct_top(r->Y);
+ bn_correct_top(r->Z);
ret = 1;
@@ -1329,9 +1330,9 @@ static int ecp_nistz256_get_affine(const EC_GROUP * group,
return 0;
}
- if (!ecp_nistz256_bignum_to_field_elem(point_x, &point->X) ||
- !ecp_nistz256_bignum_to_field_elem(point_y, &point->Y) ||
- !ecp_nistz256_bignum_to_field_elem(point_z, &point->Z)) {
+ if (!ecp_nistz256_bignum_to_field_elem(point_x, point->X) ||
+ !ecp_nistz256_bignum_to_field_elem(point_y, point->Y) ||
+ !ecp_nistz256_bignum_to_field_elem(point_z, point->Z)) {
ECerr(EC_F_ECP_NISTZ256_GET_AFFINE, EC_R_COORDINATES_OUT_OF_RANGE);
return 0;
}
@@ -1342,8 +1343,8 @@ static int ecp_nistz256_get_affine(const EC_GROUP * group,
if (x != NULL) {
bn_wexpand(x, P256_LIMBS);
- x->top = P256_LIMBS;
- ecp_nistz256_from_mont(x->d, x_aff);
+ bn_set_top(x, P256_LIMBS);
+ ecp_nistz256_from_mont(bn_get_words(x), x_aff);
bn_correct_top(x);
}
@@ -1351,8 +1352,8 @@ static int ecp_nistz256_get_affine(const EC_GROUP * group,
ecp_nistz256_mul_mont(z_inv3, z_inv3, z_inv2);
ecp_nistz256_mul_mont(y_aff, z_inv3, point_y);
bn_wexpand(y, P256_LIMBS);
- y->top = P256_LIMBS;
- ecp_nistz256_from_mont(y->d, y_aff);
+ bn_set_top(y, P256_LIMBS);
+ ecp_nistz256_from_mont(bn_get_words(y), y_aff);
bn_correct_top(y);
}
diff --git a/crypto/ec/ecp_oct.c b/crypto/ec/ecp_oct.c
index 374a0ee..980ca97 100644
--- a/crypto/ec/ecp_oct.c
+++ b/crypto/ec/ecp_oct.c
@@ -99,7 +99,7 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *po
*/
/* tmp1 := x^3 */
- if (!BN_nnmod(x, x_, &group->field,ctx)) goto err;
+ if (!BN_nnmod(x, x_, group->field,ctx)) goto err;
if (group->meth->field_decode == 0)
{
/* field_{sqr,mul} work on standard representation */
@@ -108,45 +108,45 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *po
}
else
{
- if (!BN_mod_sqr(tmp2, x_, &group->field, ctx)) goto err;
- if (!BN_mod_mul(tmp1, tmp2, x_, &group->field, ctx)) goto err;
+ if (!BN_mod_sqr(tmp2, x_, group->field, ctx)) goto err;
+ if (!BN_mod_mul(tmp1, tmp2, x_, group->field, ctx)) goto err;
}
/* tmp1 := tmp1 + a*x */
if (group->a_is_minus3)
{
- if (!BN_mod_lshift1_quick(tmp2, x, &group->field)) goto err;
- if (!BN_mod_add_quick(tmp2, tmp2, x, &group->field)) goto err;
- if (!BN_mod_sub_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
+ if (!BN_mod_lshift1_quick(tmp2, x, group->field)) goto err;
+ if (!BN_mod_add_quick(tmp2, tmp2, x, group->field)) goto err;
+ if (!BN_mod_sub_quick(tmp1, tmp1, tmp2, group->field)) goto err;
}
else
{
if (group->meth->field_decode)
{
- if (!group->meth->field_decode(group, tmp2, &group->a, ctx)) goto err;
- if (!BN_mod_mul(tmp2, tmp2, x, &group->field, ctx)) goto err;
+ if (!group->meth->field_decode(group, tmp2, group->a, ctx)) goto err;
+ if (!BN_mod_mul(tmp2, tmp2, x, group->field, ctx)) goto err;
}
else
{
/* field_mul works on standard representation */
- if (!group->meth->field_mul(group, tmp2, &group->a, x, ctx)) goto err;
+ if (!group->meth->field_mul(group, tmp2, group->a, x, ctx)) goto err;
}
- if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
+ if (!BN_mod_add_quick(tmp1, tmp1, tmp2, group->field)) goto err;
}
/* tmp1 := tmp1 + b */
if (group->meth->field_decode)
{
- if (!group->meth->field_decode(group, tmp2, &group->b, ctx)) goto err;
- if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) goto err;
+ if (!group->meth->field_decode(group, tmp2, group->b, ctx)) goto err;
+ if (!BN_mod_add_quick(tmp1, tmp1, tmp2, group->field)) goto err;
}
else
{
- if (!BN_mod_add_quick(tmp1, tmp1, &group->b, &group->field)) goto err;
+ if (!BN_mod_add_quick(tmp1, tmp1, group->b, group->field)) goto err;
}
- if (!BN_mod_sqrt(y, tmp1, &group->field, ctx))
+ if (!BN_mod_sqrt(y, tmp1, group->field, ctx))
{
unsigned long err = ERR_peek_last_error();
@@ -166,7 +166,7 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *po
{
int kron;
- kron = BN_kronecker(x, &group->field, ctx);
+ kron = BN_kronecker(x, group->field, ctx);
if (kron == -2) goto err;
if (kron == 1)
@@ -176,7 +176,7 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *po
ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT);
goto err;
}
- if (!BN_usub(y, &group->field, y)) goto err;
+ if (!BN_usub(y, group->field, y)) goto err;
}
if (y_bit != BN_is_odd(y))
{
@@ -230,7 +230,7 @@ size_t ec_GFp_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, poi
/* ret := required output buffer length */
- field_len = BN_num_bytes(&group->field);
+ field_len = BN_num_bytes(group->field);
ret = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2*field_len;
/* if 'buf' is NULL, just return required length */
@@ -364,7 +364,7 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
return EC_POINT_set_to_infinity(group, point);
}
- field_len = BN_num_bytes(&group->field);
+ field_len = BN_num_bytes(group->field);
enc_len = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2*field_len;
if (len != enc_len)
@@ -386,7 +386,7 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
if (y == NULL) goto err;
if (!BN_bin2bn(buf + 1, field_len, x)) goto err;
- if (BN_ucmp(x, &group->field) >= 0)
+ if (BN_ucmp(x, group->field) >= 0)
{
ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
goto err;
@@ -399,7 +399,7 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
else
{
if (!BN_bin2bn(buf + 1 + field_len, field_len, y)) goto err;
- if (BN_ucmp(y, &group->field) >= 0)
+ if (BN_ucmp(y, group->field) >= 0)
{
ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
goto err;
diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c
index 47570e4..c2192b3 100644
--- a/crypto/ec/ecp_smpl.c
+++ b/crypto/ec/ecp_smpl.c
@@ -130,9 +130,16 @@ const EC_METHOD *EC_GFp_simple_method(void)
int ec_GFp_simple_group_init(EC_GROUP *group)
{
- BN_init(&group->field);
- BN_init(&group->a);
- BN_init(&group->b);
+ group->field = BN_new();
+ group->a = BN_new();
+ group->b = BN_new();
+ if(!group->field || !group->a || !group->b)
+ {
+ if(!group->field) BN_free(group->field);
+ if(!group->a) BN_free(group->a);
+ if(!group->b) BN_free(group->b);
+ return 0;
+ }
group->a_is_minus3 = 0;
return 1;
}
@@ -140,25 +147,25 @@ int ec_GFp_simple_group_init(EC_GROUP *group)
void ec_GFp_simple_group_finish(EC_GROUP *group)
{
- BN_free(&group->field);
- BN_free(&group->a);
- BN_free(&group->b);
+ BN_free(group->field);
+ BN_free(group->a);
+ BN_free(group->b);
}
void ec_GFp_simple_group_clear_finish(EC_GROUP *group)
{
- BN_clear_free(&group->field);
- BN_clear_free(&group->a);
- BN_clear_free(&group->b);
+ BN_clear_free(group->field);
+ BN_clear_free(group->a);
+ BN_clear_free(group->b);
}
int ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
{
- if (!BN_copy(&dest->field, &src->field)) return 0;
- if (!BN_copy(&dest->a, &src->a)) return 0;
- if (!BN_copy(&dest->b, &src->b)) return 0;
+ if (!BN_copy(dest->field, src->field)) return 0;
+ if (!BN_copy(dest->a, src->a)) return 0;
+ if (!BN_copy(dest->b, src->b)) return 0;
dest->a_is_minus3 = src->a_is_minus3;
@@ -192,24 +199,24 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group,
if (tmp_a == NULL) goto err;
/* group->field */
- if (!BN_copy(&group->field, p)) goto err;
- BN_set_negative(&group->field, 0);
+ if (!BN_copy(group->field, p)) goto err;
+ BN_set_negative(group->field, 0);
/* group->a */
if (!BN_nnmod(tmp_a, a, p, ctx)) goto err;
if (group->meth->field_encode)
- { if (!group->meth->field_encode(group, &group->a, tmp_a, ctx)) goto err; }
+ { if (!group->meth->field_encode(group, group->a, tmp_a, ctx)) goto err; }
else
- if (!BN_copy(&group->a, tmp_a)) goto err;
+ if (!BN_copy(group->a, tmp_a)) goto err;
/* group->b */
- if (!BN_nnmod(&group->b, b, p, ctx)) goto err;
+ if (!BN_nnmod(group->b, b, p, ctx)) goto err;
if (group->meth->field_encode)
- if (!group->meth->field_encode(group, &group->b, &group->b, ctx)) goto err;
+ if (!group->meth->field_encode(group, group->b, group->b, ctx)) goto err;
/* group->a_is_minus3 */
if (!BN_add_word(tmp_a, 3)) goto err;
- group->a_is_minus3 = (0 == BN_cmp(tmp_a, &group->field));
+ group->a_is_minus3 = (0 == BN_cmp(tmp_a, group->field));
ret = 1;
@@ -228,7 +235,7 @@ int ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, B
if (p != NULL)
{
- if (!BN_copy(p, &group->field)) return 0;
+ if (!BN_copy(p, group->field)) return 0;
}
if (a != NULL || b != NULL)
@@ -243,22 +250,22 @@ int ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, B
}
if (a != NULL)
{
- if (!group->meth->field_decode(group, a, &group->a, ctx)) goto err;
+ if (!group->meth->field_decode(group, a, group->a, ctx)) goto err;
}
if (b != NULL)
{
- if (!group->meth->field_decode(group, b, &group->b, ctx)) goto err;
+ if (!group->meth->field_decode(group, b, group->b, ctx)) goto err;
}
}
else
{
if (a != NULL)
{
- if (!BN_copy(a, &group->a)) goto err;
+ if (!BN_copy(a, group->a)) goto err;
}
if (b != NULL)
{
- if (!BN_copy(b, &group->b)) goto err;
+ if (!BN_copy(b, group->b)) goto err;
}
}
}
@@ -274,7 +281,7 @@ int ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, B
int ec_GFp_simple_group_get_degree(const EC_GROUP *group)
{
- return BN_num_bits(&group->field);
+ return BN_num_bits(group->field);
}
@@ -282,7 +289,7 @@ int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
{
int ret = 0;
BIGNUM *a,*b,*order,*tmp_1,*tmp_2;
- const BIGNUM *p = &group->field;
+ const BIGNUM *p = group->field;
BN_CTX *new_ctx = NULL;
if (ctx == NULL)
@@ -304,13 +311,13 @@ int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
if (group->meth->field_decode)
{
- if (!group->meth->field_decode(group, a, &group->a, ctx)) goto err;
- if (!group->meth->field_decode(group, b, &group->b, ctx)) goto err;
+ if (!group->meth->field_decode(group, a, group->a, ctx)) goto err;
+ if (!group->meth->field_decode(group, b, group->b, ctx)) goto err;
}
else
{
- if (!BN_copy(a, &group->a)) goto err;
- if (!BN_copy(b, &group->b)) goto err;
+ if (!BN_copy(a, group->a)) goto err;
+ if (!BN_copy(b, group->b)) goto err;
}
/* check the discriminant:
@@ -347,37 +354,44 @@ err:
int ec_GFp_simple_point_init(EC_POINT *point)
{
- BN_init(&point->X);
- BN_init(&point->Y);
- BN_init(&point->Z);
+ point->X = BN_new();
+ point->Y = BN_new();
+ point->Z = BN_new();
point->Z_is_one = 0;
+ if(!point->X || !point->Y || !point->Z)
+ {
+ if(point->X) BN_free(point->X);
+ if(point->Y) BN_free(point->Y);
+ if(point->Z) BN_free(point->Z);
+ return 0;
+ }
return 1;
}
void ec_GFp_simple_point_finish(EC_POINT *point)
{
- BN_free(&point->X);
- BN_free(&point->Y);
- BN_free(&point->Z);
+ BN_free(point->X);
+ BN_free(point->Y);
+ BN_free(point->Z);
}
void ec_GFp_simple_point_clear_finish(EC_POINT *point)
{
- BN_clear_free(&point->X);
- BN_clear_free(&point->Y);
- BN_clear_free(&point->Z);
+ BN_clear_free(point->X);
+ BN_clear_free(point->Y);
+ BN_clear_free(point->Z);
point->Z_is_one = 0;
}
int ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
{
- if (!BN_copy(&dest->X, &src->X)) return 0;
- if (!BN_copy(&dest->Y, &src->Y)) return 0;
- if (!BN_copy(&dest->Z, &src->Z)) return 0;
+ if (!BN_copy(dest->X, src->X)) return 0;
+ if (!BN_copy(dest->Y, src->Y)) return 0;
+ if (!BN_copy(dest->Z, src->Z)) return 0;
dest->Z_is_one = src->Z_is_one;
return 1;
@@ -387,7 +401,7 @@ int ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
{
point->Z_is_one = 0;
- BN_zero(&point->Z);
+ BN_zero(point->Z);
return 1;
}
@@ -407,19 +421,19 @@ int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POIN
if (x != NULL)
{
- if (!BN_nnmod(&point->X, x, &group->field, ctx)) goto err;
+ if (!BN_nnmod(point->X, x, group->field, ctx)) goto err;
if (group->meth->field_encode)
{
- if (!group->meth->field_encode(group, &point->X, &point->X, ctx)) goto err;
+ if (!group->meth->field_encode(group, point->X, point->X, ctx)) goto err;
}
}
if (y != NULL)
{
- if (!BN_nnmod(&point->Y, y, &group->field, ctx)) goto err;
+ if (!BN_nnmod(point->Y, y, group->field, ctx)) goto err;
if (group->meth->field_encode)
{
- if (!group->meth->field_encode(group, &point->Y, &point->Y, ctx)) goto err;
+ if (!group->meth->field_encode(group, point->Y, point->Y, ctx)) goto err;
}
}
@@ -427,17 +441,17 @@ int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POIN
{
int Z_is_one;
- if (!BN_nnmod(&point->Z, z, &group->field, ctx)) goto err;
- Z_is_one = BN_is_one(&point->Z);
+ if (!BN_nnmod(point->Z, z, group->field, ctx)) goto err;
+ Z_is_one = BN_is_one(point->Z);
if (group->meth->field_encode)
{
if (Z_is_one && (group->meth->field_set_to_one != 0))
{
- if (!group->meth->field_set_to_one(group, &point->Z, ctx)) goto err;
+ if (!group->meth->field_set_to_one(group, point->Z, ctx)) goto err;
}
else
{
- if (!group->meth->field_encode(group, &point->Z, &point->Z, ctx)) goto err;
+ if (!group->meth->field_encode(group, point->Z, point->Z, ctx)) goto err;
}
}
point->Z_is_one = Z_is_one;
@@ -469,30 +483,30 @@ int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *group, const E
if (x != NULL)
{
- if (!group->meth->field_decode(group, x, &point->X, ctx)) goto err;
+ if (!group->meth->field_decode(group, x, point->X, ctx)) goto err;
}
if (y != NULL)
{
- if (!group->meth->field_decode(group, y, &point->Y, ctx)) goto err;
+ if (!group->meth->field_decode(group, y, point->Y, ctx)) goto err;
}
if (z != NULL)
{
- if (!group->meth->field_decode(group, z, &point->Z, ctx)) goto err;
+ if (!group->meth->field_decode(group, z, point->Z, ctx)) goto err;
}
}
else
{
if (x != NULL)
{
- if (!BN_copy(x, &point->X)) goto err;
+ if (!BN_copy(x, point->X)) goto err;
}
if (y != NULL)
{
- if (!BN_copy(y, &point->Y)) goto err;
+ if (!BN_copy(y, point->Y)) goto err;
}
if (z != NULL)
{
- if (!BN_copy(z, &point->Z)) goto err;
+ if (!BN_copy(z, point->Z)) goto err;
}
}
@@ -551,12 +565,12 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_P
if (group->meth->field_decode)
{
- if (!group->meth->field_decode(group, Z, &point->Z, ctx)) goto err;
+ if (!group->meth->field_decode(group, Z, point->Z, ctx)) goto err;
Z_ = Z;
}
else
{
- Z_ = &point->Z;
+ Z_ = point->Z;
}
if (BN_is_one(Z_))
@@ -565,28 +579,28 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_P
{
if (x != NULL)
{
- if (!group->meth->field_decode(group, x, &point->X, ctx)) goto err;
+ if (!group->meth->field_decode(group, x, point->X, ctx)) goto err;
}
if (y != NULL)
{
- if (!group->meth->field_decode(group, y, &point->Y, ctx)) goto err;
+ if (!group->meth->field_decode(group, y, point->Y, ctx)) goto err;
}
}
else
{
if (x != NULL)
{
- if (!BN_copy(x, &point->X)) goto err;
+ if (!BN_copy(x, point->X)) goto err;
}
if (y != NULL)
{
- if (!BN_copy(y, &point->Y)) goto err;
+ if (!BN_copy(y, point->Y)) goto err;
}
}
}
else
{
- if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx))
+ if (!BN_mod_inverse(Z_1, Z_, group->field, ctx))
{
ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES, ERR_R_BN_LIB);
goto err;
@@ -599,13 +613,13 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_P
}
else
{
- if (!BN_mod_sqr(Z_2, Z_1, &group->field, ctx)) goto err;
+ if (!BN_mod_sqr(Z_2, Z_1, group->field, ctx)) goto err;
}
if (x != NULL)
{
/* in the Montgomery case, field_mul will cancel out Montgomery factor in X: */
- if (!group->meth->field_mul(group, x, &point->X, Z_2, ctx)) goto err;
+ if (!group->meth->field_mul(group, x, point->X, Z_2, ctx)) goto err;
}
if (y != NULL)
@@ -617,11 +631,11 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_P
}
else
{
- if (!BN_mod_mul(Z_3, Z_2, Z_1, &group->field, ctx)) goto err;
+ if (!BN_mod_mul(Z_3, Z_2, Z_1, group->field, ctx)) goto err;
}
/* in the Montgomery case, field_mul will cancel out Montgomery factor in Y: */
- if (!group->meth->field_mul(group, y, &point->Y, Z_3, ctx)) goto err;
+ if (!group->meth->field_mul(group, y, point->Y, Z_3, ctx)) goto err;
}
}
@@ -652,7 +666,7 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, con
field_mul = group->meth->field_mul;
field_sqr = group->meth->field_sqr;
- p = &group->field;
+ p = group->field;
if (ctx == NULL)
{
@@ -679,38 +693,38 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, con
/* n1, n2 */
if (b->Z_is_one)
{
- if (!BN_copy(n1, &a->X)) goto end;
- if (!BN_copy(n2, &a->Y)) goto end;
+ if (!BN_copy(n1, a->X)) goto end;
+ if (!BN_copy(n2, a->Y)) goto end;
/* n1 = X_a */
/* n2 = Y_a */
}
else
{
- if (!field_sqr(group, n0, &b->Z, ctx)) goto end;
- if (!field_mul(group, n1, &a->X, n0, ctx)) goto end;
+ if (!field_sqr(group, n0, b->Z, ctx)) goto end;
+ if (!field_mul(group, n1, a->X, n0, ctx)) goto end;
/* n1 = X_a * Z_b^2 */
- if (!field_mul(group, n0, n0, &b->Z, ctx)) goto end;
- if (!field_mul(group, n2, &a->Y, n0, ctx)) goto end;
+ if (!field_mul(group, n0, n0, b->Z, ctx)) goto end;
+ if (!field_mul(group, n2, a->Y, n0, ctx)) goto end;
/* n2 = Y_a * Z_b^3 */
}
/* n3, n4 */
if (a->Z_is_one)
{
- if (!BN_copy(n3, &b->X)) goto end;
- if (!BN_copy(n4, &b->Y)) goto end;
+ if (!BN_copy(n3, b->X)) goto end;
+ if (!BN_copy(n4, b->Y)) goto end;
/* n3 = X_b */
/* n4 = Y_b */
}
else
{
- if (!field_sqr(group, n0, &a->Z, ctx)) goto end;
- if (!field_mul(group, n3, &b->X, n0, ctx)) goto end;
+ if (!field_sqr(group, n0, a->Z, ctx)) goto end;
+ if (!field_mul(group, n3, b->X, n0, ctx)) goto end;
/* n3 = X_b * Z_a^2 */
- if (!field_mul(group, n0, n0, &a->Z, ctx)) goto end;
- if (!field_mul(group, n4, &b->Y, n0, ctx)) goto end;
+ if (!field_mul(group, n0, n0, a->Z, ctx)) goto end;
+ if (!field_mul(group, n4, b->Y, n0, ctx)) goto end;
/* n4 = Y_b * Z_a^3 */
}
@@ -733,7 +747,7 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, con
else
{
/* a is the inverse of b */
- BN_zero(&r->Z);
+ BN_zero(r->Z);
r->Z_is_one = 0;
ret = 1;
goto end;
@@ -749,17 +763,17 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, con
/* Z_r */
if (a->Z_is_one && b->Z_is_one)
{
- if (!BN_copy(&r->Z, n5)) goto end;
+ if (!BN_copy(r->Z, n5)) goto end;
}
else
{
if (a->Z_is_one)
- { if (!BN_copy(n0, &b->Z)) goto end; }
+ { if (!BN_copy(n0, b->Z)) goto end; }
else if (b->Z_is_one)
- { if (!BN_copy(n0, &a->Z)) goto end; }
+ { if (!BN_copy(n0, a->Z)) goto end; }
else
- { if (!field_mul(group, n0, &a->Z, &b->Z, ctx)) goto end; }
- if (!field_mul(group, &r->Z, n0, n5, ctx)) goto end;
+ { if (!field_mul(group, n0, a->Z, b->Z, ctx)) goto end; }
+ if (!field_mul(group, r->Z, n0, n5, ctx)) goto end;
}
r->Z_is_one = 0;
/* Z_r = Z_a * Z_b * n5 */
@@ -768,11 +782,11 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, con
if (!field_sqr(group, n0, n6, ctx)) goto end;
if (!field_sqr(group, n4, n5, ctx)) goto end;
if (!field_mul(group, n3, n1, n4, ctx)) goto end;
- if (!BN_mod_sub_quick(&r->X, n0, n3, p)) goto end;
+ if (!BN_mod_sub_quick(r->X, n0, n3, p)) goto end;
/* X_r = n6^2 - n5^2 * 'n7' */
/* 'n9' */
- if (!BN_mod_lshift1_quick(n0, &r->X, p)) goto end;
+ if (!BN_mod_lshift1_quick(n0, r->X, p)) goto end;
if (!BN_mod_sub_quick(n0, n3, n0, p)) goto end;
/* n9 = n5^2 * 'n7' - 2 * X_r */
@@ -784,7 +798,7 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, con
if (BN_is_odd(n0))
if (!BN_add(n0, n0, p)) goto end;
/* now 0 <= n0 < 2*p, and n0 is even */
- if (!BN_rshift1(&r->Y, n0)) goto end;
+ if (!BN_rshift1(r->Y, n0)) goto end;
/* Y_r = (n6 * 'n9' - 'n8' * 'n5^3') / 2 */
ret = 1;
@@ -809,14 +823,14 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_
if (EC_POINT_is_at_infinity(group, a))
{
- BN_zero(&r->Z);
+ BN_zero(r->Z);
r->Z_is_one = 0;
return 1;
}
field_mul = group->meth->field_mul;
field_sqr = group->meth->field_sqr;
- p = &group->field;
+ p = group->field;
if (ctx == NULL)
{
@@ -840,17 +854,17 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_
/* n1 */
if (a->Z_is_one)
{
- if (!field_sqr(group, n0, &a->X, ctx)) goto err;
+ if (!field_sqr(group, n0, a->X, ctx)) goto err;
if (!BN_mod_lshift1_quick(n1, n0, p)) goto err;
if (!BN_mod_add_quick(n0, n0, n1, p)) goto err;
- if (!BN_mod_add_quick(n1, n0, &group->a, p)) goto err;
+ if (!BN_mod_add_quick(n1, n0, group->a, p)) goto err;
/* n1 = 3 * X_a^2 + a_curve */
}
else if (group->a_is_minus3)
{
- if (!field_sqr(group, n1, &a->Z, ctx)) goto err;
- if (!BN_mod_add_quick(n0, &a->X, n1, p)) goto err;
- if (!BN_mod_sub_quick(n2, &a->X, n1, p)) goto err;
+ if (!field_sqr(group, n1, a->Z, ctx)) goto err;
+ if (!BN_mod_add_quick(n0, a->X, n1, p)) goto err;
+ if (!BN_mod_sub_quick(n2, a->X, n1, p)) goto err;
if (!field_mul(group, n1, n0, n2, ctx)) goto err;
if (!BN_mod_lshift1_quick(n0, n1, p)) goto err;
if (!BN_mod_add_quick(n1, n0, n1, p)) goto err;
@@ -859,12 +873,12 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_
}
else
{
- if (!field_sqr(group, n0, &a->X, ctx)) goto err;
+ if (!field_sqr(group, n0, a->X, ctx)) goto err;
if (!BN_mod_lshift1_quick(n1, n0, p)) goto err;
if (!BN_mod_add_quick(n0, n0, n1, p)) goto err;
- if (!field_sqr(group, n1, &a->Z, ctx)) goto err;
+ if (!field_sqr(group, n1, a->Z, ctx)) goto err;
if (!field_sqr(group, n1, n1, ctx)) goto err;
- if (!field_mul(group, n1, n1, &group->a, ctx)) goto err;
+ if (!field_mul(group, n1, n1, group->a, ctx)) goto err;
if (!BN_mod_add_quick(n1, n1, n0, p)) goto err;
/* n1 = 3 * X_a^2 + a_curve * Z_a^4 */
}
@@ -872,26 +886,26 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_
/* Z_r */
if (a->Z_is_one)
{
- if (!BN_copy(n0, &a->Y)) goto err;
+ if (!BN_copy(n0, a->Y)) goto err;
}
else
{
- if (!field_mul(group, n0, &a->Y, &a->Z, ctx)) goto err;
+ if (!field_mul(group, n0, a->Y, a->Z, ctx)) goto err;
}
- if (!BN_mod_lshift1_quick(&r->Z, n0, p)) goto err;
+ if (!BN_mod_lshift1_quick(r->Z, n0, p)) goto err;
r->Z_is_one = 0;
/* Z_r = 2 * Y_a * Z_a */
/* n2 */
- if (!field_sqr(group, n3, &a->Y, ctx)) goto err;
- if (!field_mul(group, n2, &a->X, n3, ctx)) goto err;
+ if (!field_sqr(group, n3, a->Y, ctx)) goto err;
+ if (!field_mul(group, n2, a->X, n3, ctx)) goto err;
if (!BN_mod_lshift_quick(n2, n2, 2, p)) goto err;
/* n2 = 4 * X_a * Y_a^2 */
/* X_r */
if (!BN_mod_lshift1_quick(n0, n2, p)) goto err;
- if (!field_sqr(group, &r->X, n1, ctx)) goto err;
- if (!BN_mod_sub_quick(&r->X, &r->X, n0, p)) goto err;
+ if (!field_sqr(group, r->X, n1, ctx)) goto err;
+ if (!BN_mod_sub_quick(r->X, r->X, n0, p)) goto err;
/* X_r = n1^2 - 2 * n2 */
/* n3 */
@@ -900,9 +914,9 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_
/* n3 = 8 * Y_a^4 */
/* Y_r */
- if (!BN_mod_sub_quick(n0, n2, &r->X, p)) goto err;
+ if (!BN_mod_sub_quick(n0, n2, r->X, p)) goto err;
if (!field_mul(group, n0, n1, n0, ctx)) goto err;
- if (!BN_mod_sub_quick(&r->Y, n0, n3, p)) goto err;
+ if (!BN_mod_sub_quick(r->Y, n0, n3, p)) goto err;
/* Y_r = n1 * (n2 - X_r) - n3 */
ret = 1;
@@ -917,17 +931,17 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_
int ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
{
- if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(&point->Y))
+ if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(point->Y))
/* point is its own inverse */
return 1;
- return BN_usub(&point->Y, &group->field, &point->Y);
+ return BN_usub(point->Y, group->field, point->Y);
}
int ec_GFp_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
{
- return BN_is_zero(&point->Z);
+ return BN_is_zero(point->Z);
}
@@ -945,7 +959,7 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C
field_mul = group->meth->field_mul;
field_sqr = group->meth->field_sqr;
- p = &group->field;
+ p = group->field;
if (ctx == NULL)
{
@@ -971,11 +985,11 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C
*/
/* rh := X^2 */
- if (!field_sqr(group, rh, &point->X, ctx)) goto err;
+ if (!field_sqr(group, rh, point->X, ctx)) goto err;
if (!point->Z_is_one)
{
- if (!field_sqr(group, tmp, &point->Z, ctx)) goto err;
+ if (!field_sqr(group, tmp, point->Z, ctx)) goto err;
if (!field_sqr(group, Z4, tmp, ctx)) goto err;
if (!field_mul(group, Z6, Z4, tmp, ctx)) goto err;
@@ -985,17 +999,17 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C
if (!BN_mod_lshift1_quick(tmp, Z4, p)) goto err;
if (!BN_mod_add_quick(tmp, tmp, Z4, p)) goto err;
if (!BN_mod_sub_quick(rh, rh, tmp, p)) goto err;
- if (!field_mul(group, rh, rh, &point->X, ctx)) goto err;
+ if (!field_mul(group, rh, rh, point->X, ctx)) goto err;
}
else
{
- if (!field_mul(group, tmp, Z4, &group->a, ctx)) goto err;
+ if (!field_mul(group, tmp, Z4, group->a, ctx)) goto err;
if (!BN_mod_add_quick(rh, rh, tmp, p)) goto err;
- if (!field_mul(group, rh, rh, &point->X, ctx)) goto err;
+ if (!field_mul(group, rh, rh, point->X, ctx)) goto err;
}
/* rh := rh + b*Z^6 */
- if (!field_mul(group, tmp, &group->b, Z6, ctx)) goto err;
+ if (!field_mul(group, tmp, group->b, Z6, ctx)) goto err;
if (!BN_mod_add_quick(rh, rh, tmp, p)) goto err;
}
else
@@ -1003,14 +1017,14 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_C
/* point->Z_is_one */
/* rh := (rh + a)*X */
- if (!BN_mod_add_quick(rh, rh, &group->a, p)) goto err;
- if (!field_mul(group, rh, rh, &point->X, ctx)) goto err;
+ if (!BN_mod_add_quick(rh, rh, group->a, p)) goto err;
+ if (!field_mul(group, rh, rh, point->X, ctx)) goto err;
/* rh := rh + b */
- if (!BN_mod_add_quick(rh, rh, &group->b, p)) goto err;
+ if (!BN_mod_add_quick(rh, rh, group->b, p)) goto err;
}
/* 'lh' := Y^2 */
- if (!field_sqr(group, tmp, &point->Y, ctx)) goto err;
+ if (!field_sqr(group, tmp, point->Y, ctx)) goto err;
ret = (0 == BN_ucmp(tmp, rh));
@@ -1047,7 +1061,7 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *
if (a->Z_is_one && b->Z_is_one)
{
- return ((BN_cmp(&a->X, &b->X) == 0) && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;
+ return ((BN_cmp(a->X, b->X) == 0) && BN_cmp(a->Y, b->Y) == 0) ? 0 : 1;
}
field_mul = group->meth->field_mul;
@@ -1075,20 +1089,20 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *
if (!b->Z_is_one)
{
- if (!field_sqr(group, Zb23, &b->Z, ctx)) goto end;
- if (!field_mul(group, tmp1, &a->X, Zb23, ctx)) goto end;
+ if (!field_sqr(group, Zb23, b->Z, ctx)) goto end;
+ if (!field_mul(group, tmp1, a->X, Zb23, ctx)) goto end;
tmp1_ = tmp1;
}
else
- tmp1_ = &a->X;
+ tmp1_ = a->X;
if (!a->Z_is_one)
{
- if (!field_sqr(group, Za23, &a->Z, ctx)) goto end;
- if (!field_mul(group, tmp2, &b->X, Za23, ctx)) goto end;
+ if (!field_sqr(group, Za23, a->Z, ctx)) goto end;
+ if (!field_mul(group, tmp2, b->X, Za23, ctx)) goto end;
tmp2_ = tmp2;
}
else
- tmp2_ = &b->X;
+ tmp2_ = b->X;
/* compare X_a*Z_b^2 with X_b*Z_a^2 */
if (BN_cmp(tmp1_, tmp2_) != 0)
@@ -1100,20 +1114,20 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *
if (!b->Z_is_one)
{
- if (!field_mul(group, Zb23, Zb23, &b->Z, ctx)) goto end;
- if (!field_mul(group, tmp1, &a->Y, Zb23, ctx)) goto end;
+ if (!field_mul(group, Zb23, Zb23, b->Z, ctx)) goto end;
+ if (!field_mul(group, tmp1, a->Y, Zb23, ctx)) goto end;
/* tmp1_ = tmp1 */
}
else
- tmp1_ = &a->Y;
+ tmp1_ = a->Y;
if (!a->Z_is_one)
{
- if (!field_mul(group, Za23, Za23, &a->Z, ctx)) goto end;
- if (!field_mul(group, tmp2, &b->Y, Za23, ctx)) goto end;
+ if (!field_mul(group, Za23, Za23, a->Z, ctx)) goto end;
+ if (!field_mul(group, tmp2, b->Y, Za23, ctx)) goto end;
/* tmp2_ = tmp2 */
}
else
- tmp2_ = &b->Y;
+ tmp2_ = b->Y;
/* compare Y_a*Z_b^3 with Y_b*Z_a^3 */
if (BN_cmp(tmp1_, tmp2_) != 0)
@@ -1206,9 +1220,9 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT
/* Set each prod_Z[i] to the product of points[0]->Z .. points[i]->Z,
* skipping any zero-valued inputs (pretend that they're 1). */
- if (!BN_is_zero(&points[0]->Z))
+ if (!BN_is_zero(points[0]->Z))
{
- if (!BN_copy(prod_Z[0], &points[0]->Z)) goto err;
+ if (!BN_copy(prod_Z[0], points[0]->Z)) goto err;
}
else
{
@@ -1224,9 +1238,9 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT
for (i = 1; i < num; i++)
{
- if (!BN_is_zero(&points[i]->Z))
+ if (!BN_is_zero(points[i]->Z))
{
- if (!group->meth->field_mul(group, prod_Z[i], prod_Z[i - 1], &points[i]->Z, ctx)) goto err;
+ if (!group->meth->field_mul(group, prod_Z[i], prod_Z[i - 1], points[i]->Z, ctx)) goto err;
}
else
{
@@ -1237,7 +1251,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT
/* Now use a single explicit inversion to replace every
* non-zero points[i]->Z by its inverse. */
- if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx))
+ if (!BN_mod_inverse(tmp, prod_Z[num - 1], group->field, ctx))
{
ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB);
goto err;
@@ -1255,22 +1269,22 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT
{
/* Loop invariant: tmp is the product of the inverses of
* points[0]->Z .. points[i]->Z (zero-valued inputs skipped). */
- if (!BN_is_zero(&points[i]->Z))
+ if (!BN_is_zero(points[i]->Z))
{
/* Set tmp_Z to the inverse of points[i]->Z (as product
* of Z inverses 0 .. i, Z values 0 .. i - 1). */
if (!group->meth->field_mul(group, tmp_Z, prod_Z[i - 1], tmp, ctx)) goto err;
/* Update tmp to satisfy the loop invariant for i - 1. */
- if (!group->meth->field_mul(group, tmp, tmp, &points[i]->Z, ctx)) goto err;
+ if (!group->meth->field_mul(group, tmp, tmp, points[i]->Z, ctx)) goto err;
/* Replace points[i]->Z by its inverse. */
- if (!BN_copy(&points[i]->Z, tmp_Z)) goto err;
+ if (!BN_copy(points[i]->Z, tmp_Z)) goto err;
}
}
- if (!BN_is_zero(&points[0]->Z))
+ if (!BN_is_zero(points[0]->Z))
{
/* Replace points[0]->Z by its inverse. */
- if (!BN_copy(&points[0]->Z, tmp)) goto err;
+ if (!BN_copy(points[0]->Z, tmp)) goto err;
}
/* Finally, fix up the X and Y coordinates for all points. */
@@ -1279,23 +1293,23 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT
{
EC_POINT *p = points[i];
- if (!BN_is_zero(&p->Z))
+ if (!BN_is_zero(p->Z))
{
/* turn (X, Y, 1/Z) into (X/Z^2, Y/Z^3, 1) */
- if (!group->meth->field_sqr(group, tmp, &p->Z, ctx)) goto err;
- if (!group->meth->field_mul(group, &p->X, &p->X, tmp, ctx)) goto err;
+ if (!group->meth->field_sqr(group, tmp, p->Z, ctx)) goto err;
+ if (!group->meth->field_mul(group, p->X, p->X, tmp, ctx)) goto err;
- if (!group->meth->field_mul(group, tmp, tmp, &p->Z, ctx)) goto err;
- if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp, ctx)) goto err;
+ if (!group->meth->field_mul(group, tmp, tmp, p->Z, ctx)) goto err;
+ if (!group->meth->field_mul(group, p->Y, p->Y, tmp, ctx)) goto err;
if (group->meth->field_set_to_one != 0)
{
- if (!group->meth->field_set_to_one(group, &p->Z, ctx)) goto err;
+ if (!group->meth->field_set_to_one(group, p->Z, ctx)) goto err;
}
else
{
- if (!BN_one(&p->Z)) goto err;
+ if (!BN_one(p->Z)) goto err;
}
p->Z_is_one = 1;
}
@@ -1322,11 +1336,11 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT
int ec_GFp_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
{
- return BN_mod_mul(r, a, b, &group->field, ctx);
+ return BN_mod_mul(r, a, b, group->field, ctx);
}
int ec_GFp_simple_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
{
- return BN_mod_sqr(r, a, &group->field, ctx);
+ return BN_mod_sqr(r, a, group->field, ctx);
}
diff --git a/crypto/ec/ectest.c b/crypto/ec/ectest.c
index d1bf980..22f7ea0 100644
--- a/crypto/ec/ectest.c
+++ b/crypto/ec/ectest.c
@@ -667,7 +667,7 @@ static void prime_field_tests(void)
{
const EC_POINT *points[4];
const BIGNUM *scalars[4];
- BIGNUM scalar3;
+ BIGNUM *scalar3;
if (EC_POINT_is_at_infinity(group, Q)) ABORT;
points[0] = Q;
@@ -713,16 +713,17 @@ static void prime_field_tests(void)
scalars[1] = y;
scalars[2] = z; /* z = -(x+y) */
- BN_init(&scalar3);
- BN_zero(&scalar3);
- scalars[3] = &scalar3;
+ scalar3 = BN_new();
+ if(!scalar3) ABORT;
+ BN_zero(scalar3);
+ scalars[3] = scalar3;
if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, P)) ABORT;
fprintf(stdout, " ok\n\n");
- BN_free(&scalar3);
+ BN_free(scalar3);
}
diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c
index 37ddcf9..63bd1f5 100644
--- a/crypto/engine/eng_all.c
+++ b/crypto/engine/eng_all.c
@@ -82,6 +82,8 @@ void ENGINE_load_builtin_engines(void)
#ifndef OPENSSL_NO_HW_4758_CCA
ENGINE_load_4758cca();
#endif
+/*
+ * These engines have been disabled as they do not currently build
#ifndef OPENSSL_NO_HW_AEP
ENGINE_load_aep();
#endif
@@ -103,6 +105,7 @@ void ENGINE_load_builtin_engines(void)
#ifndef OPENSSL_NO_HW_UBSEC
ENGINE_load_ubsec();
#endif
+*/
#ifndef OPENSSL_NO_HW_PADLOCK
ENGINE_load_padlock();
#endif
diff --git a/crypto/evp/Makefile b/crypto/evp/Makefile
index 7f44688..1062afc 100644
--- a/crypto/evp/Makefile
+++ b/crypto/evp/Makefile
@@ -769,8 +769,8 @@ pmeth_gn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
pmeth_gn.o: ../../include/openssl/opensslconf.h
pmeth_gn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
pmeth_gn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-pmeth_gn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
-pmeth_gn.o: pmeth_gn.c
+pmeth_gn.o: ../../include/openssl/symhacks.h ../cryptlib.h
+pmeth_gn.o: ../include/internal/bn_int.h evp_locl.h pmeth_gn.c
pmeth_lib.o: ../../e_os.h ../../include/openssl/asn1.h
pmeth_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
pmeth_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
index 4651c81..ab46e5a 100644
--- a/crypto/evp/pmeth_gn.c
+++ b/crypto/evp/pmeth_gn.c
@@ -61,7 +61,7 @@
#include "cryptlib.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
-#include <openssl/bn.h>
+#include "internal/bn_int.h"
#include "evp_locl.h"
int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
@@ -178,7 +178,7 @@ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
static int trans_cb(int a, int b, BN_GENCB *gcb)
{
- EVP_PKEY_CTX *ctx = gcb->arg;
+ EVP_PKEY_CTX *ctx = BN_GENCB_get_arg(gcb);
ctx->keygen_info[0] = a;
ctx->keygen_info[1] = b;
return ctx->pkey_gencb(ctx);
@@ -186,7 +186,7 @@ static int trans_cb(int a, int b, BN_GENCB *gcb)
void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
{
- BN_GENCB_set(cb, trans_cb, ctx)
+ BN_GENCB_set(cb, trans_cb, ctx);
}
int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
diff --git a/demos/engines/ibmca/hw_ibmca_err.h b/crypto/include/internal/bn_int.h
similarity index 59%
copy from demos/engines/ibmca/hw_ibmca_err.h
copy to crypto/include/internal/bn_int.h
index 2070f95..d3e9def 100644
--- a/demos/engines/ibmca/hw_ibmca_err.h
+++ b/crypto/include/internal/bn_int.h
@@ -1,5 +1,5 @@
/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2014 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -52,51 +52,74 @@
*
*/
-#ifndef HEADER_IBMCA_ERR_H
-#define HEADER_IBMCA_ERR_H
+#ifndef HEADER_BN_INT_H
+#define HEADER_BN_INT_H
+
+
+#include <openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
+#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
+ (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
+BIGNUM *bn_wexpand(BIGNUM *a, int words);
+BIGNUM *bn_expand2(BIGNUM *a, int words);
+
+void bn_correct_top(BIGNUM *a);
+
+/* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
+ * This is an array r[] of values that are either zero or odd with an
+ * absolute value less than 2^w satisfying
+ * scalar = \sum_j r[j]*2^j
+ * where at most one of any w+1 consecutive digits is non-zero
+ * with the exception that the most significant digit may be only
+ * w-1 zeros away from that next non-zero digit.
*/
-static void ERR_load_IBMCA_strings(void);
-static void ERR_unload_IBMCA_strings(void);
-static void ERR_IBMCA_error(int function, int reason, char *file, int line);
-#define IBMCAerr(f,r) ERR_IBMCA_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the IBMCA functions. */
-
-/* Function codes. */
-#define IBMCA_F_IBMCA_CTRL 100
-#define IBMCA_F_IBMCA_FINISH 101
-#define IBMCA_F_IBMCA_INIT 102
-#define IBMCA_F_IBMCA_MOD_EXP 103
-#define IBMCA_F_IBMCA_MOD_EXP_CRT 104
-#define IBMCA_F_IBMCA_RAND_BYTES 105
-#define IBMCA_F_IBMCA_RSA_MOD_EXP 106
-
-/* Reason codes. */
-#define IBMCA_R_ALREADY_LOADED 100
-#define IBMCA_R_BN_CTX_FULL 101
-#define IBMCA_R_BN_EXPAND_FAIL 102
-#define IBMCA_R_CTRL_COMMAND_NOT_IMPLEMENTED 103
-#define IBMCA_R_DSO_FAILURE 104
-#define IBMCA_R_MEXP_LENGTH_TO_LARGE 105
-#define IBMCA_R_MISSING_KEY_COMPONENTS 106
-#define IBMCA_R_NOT_INITIALISED 107
-#define IBMCA_R_NOT_LOADED 108
-#define IBMCA_R_OPERANDS_TO_LARGE 109
-#define IBMCA_R_OUTLEN_TO_LARGE 110
-#define IBMCA_R_REQUEST_FAILED 111
-#define IBMCA_R_UNDERFLOW_CONDITION 112
-#define IBMCA_R_UNDERFLOW_KEYRECORD 113
-#define IBMCA_R_UNIT_FAILURE 114
+signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len);
+
+int bn_get_top(const BIGNUM *a);
+
+void bn_set_top(BIGNUM *a, int top);
+
+int bn_get_dmax(const BIGNUM *a);
+
+/* Set all words to zero */
+void bn_set_all_zero(BIGNUM *a);
+
+/*
+ * Copy the internal BIGNUM words into out which holds size elements (and size
+ * must be bigger than top)
+ */
+int bn_copy_words(BN_ULONG *out, const BIGNUM *in, int size);
+
+BN_ULONG *bn_get_words(const BIGNUM *a);
+
+/*
+ * Set the internal data words in a to point to words which contains size
+ * elements. The BN_FLG_STATIC_DATA flag is set
+ */
+void bn_set_static_words(BIGNUM *a, BN_ULONG *words, int size);
+
+/*
+ * Copy data into the BIGNUM. The caller must check that dmax is sufficient to
+ * hold the data
+ */
+void bn_set_data(BIGNUM *a, const void *data, size_t size);
+
+size_t bn_sizeof_BIGNUM(void);
+
+/*
+ * Return element el from an array of BIGNUMs starting at base (required
+ * because callers do not know the size of BIGNUM at compilation time)
+ */
+BIGNUM *bn_array_el(BIGNUM *base, int el);
+
#ifdef __cplusplus
}
#endif
+
#endif
+
diff --git a/crypto/include/internal/bn_srp.h b/crypto/include/internal/bn_srp.h
new file mode 100644
index 0000000..e15038a
--- /dev/null
+++ b/crypto/include/internal/bn_srp.h
@@ -0,0 +1,35 @@
+
+#ifndef OPENSSL_NO_SRP
+
+extern const BIGNUM bn_group_1024;
+
+extern const BIGNUM bn_group_1536;
+
+extern const BIGNUM bn_group_2048;
+
+extern const BIGNUM bn_group_3072;
+
+extern const BIGNUM bn_group_4096;
+
+extern const BIGNUM bn_group_6144;
+
+extern const BIGNUM bn_group_8192;
+
+extern const BIGNUM bn_generator_19;
+
+extern const BIGNUM bn_generator_5;
+
+extern const BIGNUM bn_generator_2;
+
+static SRP_gN knowngN[] = {
+ {"8192",(BIGNUM*)&bn_generator_19 , (BIGNUM*)&bn_group_8192},
+ {"6144",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_6144},
+ {"4096",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_4096},
+ {"3072",(BIGNUM*)&bn_generator_5 , (BIGNUM*)&bn_group_3072},
+ {"2048",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_2048},
+ {"1536",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1536},
+ {"1024",(BIGNUM*)&bn_generator_2 , (BIGNUM*)&bn_group_1024},
+};
+#define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN)
+
+#endif
diff --git a/crypto/rsa/Makefile b/crypto/rsa/Makefile
index bcf753c..18b172c 100644
--- a/crypto/rsa/Makefile
+++ b/crypto/rsa/Makefile
@@ -127,7 +127,8 @@ rsa_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
rsa_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_crpt.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_crpt.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_crpt.c
+rsa_crpt.o: ../../include/openssl/symhacks.h ../cryptlib.h
+rsa_crpt.o: ../include/internal/bn_int.h rsa_crpt.c
rsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -145,7 +146,8 @@ rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c
+rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h
+rsa_eay.o: ../include/internal/bn_int.h rsa_eay.c
rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
@@ -176,7 +178,7 @@ rsa_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
rsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
rsa_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-rsa_lib.o: ../cryptlib.h rsa_lib.c
+rsa_lib.o: ../cryptlib.h ../include/internal/bn_int.h rsa_lib.c
rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
diff --git a/crypto/rsa/rsa_crpt.c b/crypto/rsa/rsa_crpt.c
index 78b8fce..bd58b20 100644
--- a/crypto/rsa/rsa_crpt.c
+++ b/crypto/rsa/rsa_crpt.c
@@ -62,7 +62,7 @@
#include <openssl/crypto.h>
#include "cryptlib.h"
#include <openssl/lhash.h>
-#include <openssl/bn.h>
+#include "internal/bn_int.h"
#include <openssl/rsa.h>
#include <openssl/rand.h>
@@ -156,7 +156,7 @@ err:
BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
{
- BIGNUM local_n;
+ BIGNUM *local_n = NULL;
BIGNUM *e,*n;
BN_CTX *ctx;
BN_BLINDING *ret = NULL;
@@ -189,17 +189,22 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
e = rsa->e;
- if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL)
+ if ((RAND_status() == 0) && rsa->d != NULL && bn_get_words(rsa->d) != NULL)
{
/* if PRNG is not properly seeded, resort to secret
* exponent as unpredictable seed */
- RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
+ RAND_add(bn_get_words(rsa->d), bn_get_dmax(rsa->d) * sizeof(BN_ULONG), 0.0);
}
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
/* Set BN_FLG_CONSTTIME flag */
- n = &local_n;
+ local_n = n = BN_new();
+ if(!local_n)
+ {
+ RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME);
}
else
@@ -219,6 +224,8 @@ err:
BN_CTX_free(ctx);
if(rsa->e == NULL)
BN_free(e);
+ if(local_n)
+ BN_free(local_n);
return ret;
}
diff --git a/crypto/rsa/rsa_depr.c b/crypto/rsa/rsa_depr.c
index a859ded..cd57086 100644
--- a/crypto/rsa/rsa_depr.c
+++ b/crypto/rsa/rsa_depr.c
@@ -71,12 +71,12 @@ static void *dummy=&dummy;
RSA *RSA_generate_key(int bits, unsigned long e_value,
void (*callback)(int,int,void *), void *cb_arg)
{
- BN_GENCB cb;
int i;
+ BN_GENCB *cb = BN_GENCB_new();
RSA *rsa = RSA_new();
BIGNUM *e = BN_new();
- if(!rsa || !e) goto err;
+ if(!cb || !rsa || !e) goto err;
/* The problem is when building with 8, 16, or 32 BN_ULONG,
* unsigned long can be larger */
@@ -87,15 +87,17 @@ RSA *RSA_generate_key(int bits, unsigned long e_value,
goto err;
}
- BN_GENCB_set_old(&cb, callback, cb_arg);
+ BN_GENCB_set_old(cb, callback, cb_arg);
- if(RSA_generate_key_ex(rsa, bits, e, &cb)) {
+ if(RSA_generate_key_ex(rsa, bits, e, cb)) {
BN_free(e);
+ BN_GENCB_free(cb);
return rsa;
}
err:
if(e) BN_free(e);
if(rsa) RSA_free(rsa);
+ if(cb) BN_GENCB_free(cb);
return 0;
}
#endif
diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c
index 80dab8a..3e08fe7 100644
--- a/crypto/rsa/rsa_eay.c
+++ b/crypto/rsa/rsa_eay.c
@@ -112,7 +112,7 @@
#include "cryptlib.h"
-#include <openssl/bn.h>
+#include "internal/bn_int.h"
#include <openssl/rsa.h>
#include <openssl/rand.h>
@@ -433,13 +433,16 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
}
else
{
- BIGNUM local_d;
- BIGNUM *d = NULL;
+ BIGNUM *d = NULL, *local_d = NULL;
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- BN_init(&local_d);
- d = &local_d;
+ local_d = d = BN_new();
+ if(!d)
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
}
else
@@ -447,10 +450,18 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
if(!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+ {
+ if(local_d) BN_free(local_d);
goto err;
+ }
if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx,
- rsa->_method_mod_n)) goto err;
+ rsa->_method_mod_n))
+ {
+ if(local_d) BN_free(local_d);
+ goto err;
+ }
+ if(local_d) BN_free(local_d);
}
if (blinding)
@@ -567,12 +578,16 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
}
else
{
- BIGNUM local_d;
- BIGNUM *d = NULL;
+ BIGNUM *d = NULL, *local_d = NULL;
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- d = &local_d;
+ local_d = d = BN_new();
+ if(!d)
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
}
else
@@ -580,10 +595,17 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+ {
+ if(local_d) BN_free(local_d);
goto err;
+ }
if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx,
rsa->_method_mod_n))
- goto err;
+ {
+ if(local_d) BN_free(local_d);
+ goto err;
+ }
+ if(local_d) BN_free(local_d);
}
if (blinding)
@@ -697,7 +719,7 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
rsa->_method_mod_n)) goto err;
- if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12))
+ if ((padding == RSA_X931_PADDING) && ((bn_get_words(ret)[0] & 0xf) != 12))
if (!BN_sub(ret, rsa->n, ret)) goto err;
p=buf;
@@ -738,17 +760,25 @@ err:
static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
{
BIGNUM *r1,*m1,*vrfy;
- BIGNUM local_dmp1,local_dmq1,local_c,local_r1;
+ BIGNUM *local_dmp1, *local_dmq1, *local_c, *local_r1;
BIGNUM *dmp1,*dmq1,*c,*pr1;
int ret=0;
+
+ local_dmp1 = BN_new();
+ local_dmq1 = BN_new();
+ local_c = BN_new();
+ local_r1 = BN_new();
+ if(!local_dmp1 || !local_dmq1 || !local_c || !local_r1)
+ goto err;
+
BN_CTX_start(ctx);
r1 = BN_CTX_get(ctx);
m1 = BN_CTX_get(ctx);
vrfy = BN_CTX_get(ctx);
{
- BIGNUM local_p, local_q;
+ BIGNUM *local_p = NULL, *local_q = NULL;
BIGNUM *p = NULL, *q = NULL;
/* Make sure BN_mod_inverse in Montgomery intialization uses the
@@ -756,12 +786,16 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
*/
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- BN_init(&local_p);
- p = &local_p;
+ local_p = p = BN_new();
+ if(!p) goto err;
BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
- BN_init(&local_q);
- q = &local_q;
+ local_q = q = BN_new();
+ if(!q)
+ {
+ BN_free(local_p);
+ goto err;
+ }
BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
}
else
@@ -772,11 +806,15 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
{
- if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx))
- goto err;
- if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx))
+ if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx) || !BN_MONT_CTX_set_locked(&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx))
+ {
+ if(local_p) BN_free(local_p);
+ if(local_q) BN_free(local_q);
goto err;
+ }
}
+ if(local_p) BN_free(local_p);
+ if(local_q) BN_free(local_q);
}
if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
@@ -786,7 +824,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
/* compute I mod q */
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- c = &local_c;
+ c = local_c;
BN_with_flags(c, I, BN_FLG_CONSTTIME);
if (!BN_mod(r1,c,rsa->q,ctx)) goto err;
}
@@ -798,7 +836,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
/* compute r1^dmq1 mod q */
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- dmq1 = &local_dmq1;
+ dmq1 = local_dmq1;
BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
}
else
@@ -809,7 +847,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
/* compute I mod p */
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- c = &local_c;
+ c = local_c;
BN_with_flags(c, I, BN_FLG_CONSTTIME);
if (!BN_mod(r1,c,rsa->p,ctx)) goto err;
}
@@ -821,7 +859,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
/* compute r1^dmp1 mod p */
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- dmp1 = &local_dmp1;
+ dmp1 = local_dmp1;
BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
}
else
@@ -840,7 +878,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
/* Turn BN_FLG_CONSTTIME flag on before division operation */
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- pr1 = &local_r1;
+ pr1 = local_r1;
BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
}
else
@@ -876,22 +914,33 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
* miscalculated CRT output, just do a raw (slower)
* mod_exp and return that instead. */
- BIGNUM local_d;
+ BIGNUM *local_d = NULL;
BIGNUM *d = NULL;
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- d = &local_d;
+ local_d = d = BN_new();
+ if(!d) goto err;
BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
}
else
d = rsa->d;
if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx,
- rsa->_method_mod_n)) goto err;
+ rsa->_method_mod_n))
+ {
+ if(local_d) BN_free(local_d);
+ goto err;
+ }
+
+ if(local_d) BN_free(local_d);
}
}
ret=1;
err:
+ if(local_dmp1) BN_free(local_dmp1);
+ if(local_dmq1) BN_free(local_dmq1);
+ if(local_c) BN_free(local_c);
+ if(local_r1) BN_free(local_r1);
BN_CTX_end(ctx);
return(ret);
}
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index bf7ac34..2a716ae 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -87,11 +87,17 @@ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
{
BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
- BIGNUM local_r0,local_d,local_p;
+ BIGNUM *local_r0, *local_d, *local_p;
BIGNUM *pr0,*d,*p;
int bitsp,bitsq,ok= -1,n=0;
BN_CTX *ctx=NULL;
+ local_r0 = BN_new();
+ local_d = BN_new();
+ local_p = BN_new();
+ if(!local_r0 || !local_d || !local_p)
+ goto err;
+
ctx=BN_CTX_new();
if (ctx == NULL) goto err;
BN_CTX_start(ctx);
@@ -171,7 +177,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- pr0 = &local_r0;
+ pr0 = local_r0;
BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
}
else
@@ -181,7 +187,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
/* set up d for correct BN_FLG_CONSTTIME flag */
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- d = &local_d;
+ d = local_d;
BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
}
else
@@ -196,7 +202,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
/* calculate inverse of q mod p */
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
{
- p = &local_p;
+ p = local_p;
BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
}
else
@@ -205,6 +211,9 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
ok=1;
err:
+ if(local_r0) BN_free(local_r0);
+ if(local_d) BN_free(local_d);
+ if(local_p) BN_free(local_p);
if (ok == -1)
{
RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,ERR_LIB_BN);
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index ba277ca..37c0f4e 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -60,7 +60,7 @@
#include <openssl/crypto.h>
#include "cryptlib.h"
#include <openssl/lhash.h>
-#include <openssl/bn.h>
+#include "internal/bn_int.h"
#include <openssl/rsa.h>
#include <openssl/rand.h>
#ifndef OPENSSL_NO_ENGINE
@@ -290,27 +290,27 @@ int RSA_memory_lock(RSA *r)
t[3]= &r->dmp1;
t[4]= &r->dmq1;
t[5]= &r->iqmp;
- k=sizeof(BIGNUM)*6;
+ k=bn_sizeof_BIGNUM()*6;
off=k/sizeof(BN_ULONG)+1;
j=1;
for (i=0; i<6; i++)
- j+= (*t[i])->top;
+ j+= bn_get_top(*t[i]);
if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL)
{
RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
return(0);
}
+ memset(p, 0, (off+j)*sizeof(BN_ULONG));
bn=(BIGNUM *)p;
ul=(BN_ULONG *)&(p[off]);
for (i=0; i<6; i++)
{
b= *(t[i]);
- *(t[i])= &(bn[i]);
- memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM));
- bn[i].flags=BN_FLG_STATIC_DATA;
- bn[i].d=ul;
- memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top);
- ul+=b->top;
+ *(t[i])= bn_array_el(bn, i);
+ memcpy((char *)bn_array_el(bn, i),(char *)b,bn_sizeof_BIGNUM());
+ memcpy((char *)ul,bn_get_words(b),sizeof(BN_ULONG)*bn_get_top(b));
+ bn_set_static_words(bn_array_el(bn, i), ul, bn_get_top(b));
+ ul+=bn_get_top(b);
BN_clear_free(b);
}
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index 6511278..868be91 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -716,7 +716,7 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
{
RSA *rsa = NULL;
RSA_PKEY_CTX *rctx = ctx->data;
- BN_GENCB *pcb, cb;
+ BN_GENCB *pcb;
int ret;
if (!rctx->pub_exp)
{
@@ -729,12 +729,18 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
return 0;
if (ctx->pkey_gencb)
{
- pcb = &cb;
+ pcb = BN_GENCB_new();
+ if(!pcb)
+ {
+ RSA_free(rsa);
+ return 0;
+ }
evp_pkey_set_cb_translate(pcb, ctx);
}
else
pcb = NULL;
ret = RSA_generate_key_ex(rsa, rctx->nbits, rctx->pub_exp, pcb);
+ BN_GENCB_free(pcb);
if (ret > 0)
EVP_PKEY_assign_RSA(pkey, rsa);
else
diff --git a/crypto/srp/Makefile b/crypto/srp/Makefile
index 9e1d8fe..0c37ec7 100644
--- a/crypto/srp/Makefile
+++ b/crypto/srp/Makefile
@@ -82,7 +82,7 @@ srp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
srp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
srp_lib.o: ../../include/openssl/sha.h ../../include/openssl/srp.h
srp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-srp_lib.o: ../cryptlib.h srp_grps.h srp_lcl.h srp_lib.c
+srp_lib.o: ../cryptlib.h ../include/internal/bn_srp.h srp_lcl.h srp_lib.c
srp_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
srp_vfy.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
srp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
index d2c237e..71492f3 100644
--- a/crypto/srp/srp_lib.c
+++ b/crypto/srp/srp_lib.c
@@ -61,23 +61,7 @@
#include "srp_lcl.h"
#include <openssl/srp.h>
#include <openssl/evp.h>
-
-#if (BN_BYTES == 8)
-# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
-# define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
-# elif defined(__arch64__)
-# define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
-# else
-# define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
-# endif
-#elif (BN_BYTES == 4)
-# define bn_pack4(a1,a2,a3,a4) ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
-#else
-# error "unsupported BN_BYTES"
-#endif
-
-
-#include "srp_grps.h"
+#include "internal/bn_srp.h"
static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
{
diff --git a/crypto/ts/ts_lib.c b/crypto/ts/ts_lib.c
index ca51026..c8f41f6 100644
--- a/crypto/ts/ts_lib.c
+++ b/crypto/ts/ts_lib.c
@@ -69,19 +69,20 @@
int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num)
{
- BIGNUM num_bn;
+ BIGNUM *num_bn;
int result = 0;
char *hex;
- BN_init(&num_bn);
- ASN1_INTEGER_to_BN(num, &num_bn);
- if ((hex = BN_bn2hex(&num_bn)))
+ num_bn = BN_new();
+ if(!num_bn) return -1;
+ ASN1_INTEGER_to_BN(num, num_bn);
+ if ((hex = BN_bn2hex(num_bn)))
{
result = BIO_write(bio, "0x", 2) > 0;
result = result && BIO_write(bio, hex, strlen(hex)) > 0;
OPENSSL_free(hex);
}
- BN_free(&num_bn);
+ BN_free(num_bn);
return result;
}
diff --git a/doc/crypto/BN_CTX_new.pod b/doc/crypto/BN_CTX_new.pod
index bbedbb1..e86a72a 100644
--- a/doc/crypto/BN_CTX_new.pod
+++ b/doc/crypto/BN_CTX_new.pod
@@ -12,11 +12,6 @@ BN_CTX_new, BN_CTX_init, BN_CTX_free - allocate and free BN_CTX structures
void BN_CTX_free(BN_CTX *c);
-Deprecated:
-
- void BN_CTX_init(BN_CTX *c);
-
-
=head1 DESCRIPTION
A B<BN_CTX> is a structure that holds B<BIGNUM> temporary variables used by
@@ -33,16 +28,26 @@ If L<BN_CTX_start(3)|BN_CTX_start(3)> has been used on the B<BN_CTX>,
L<BN_CTX_end(3)|BN_CTX_end(3)> must be called before the B<BN_CTX>
may be freed by BN_CTX_free().
-BN_CTX_init() (deprecated) initializes an existing uninitialized B<BN_CTX>.
-This should not be used for new programs. Use BN_CTX_new() instead.
-
=head1 RETURN VALUES
BN_CTX_new() returns a pointer to the B<BN_CTX>. If the allocation fails,
it returns B<NULL> and sets an error code that can be obtained by
L<ERR_get_error(3)|ERR_get_error(3)>.
-BN_CTX_init() and BN_CTX_free() have no return values.
+BN_CTX_free() has no return values.
+
+=head1 REMOVED FUNCTIONALITY
+
+ void BN_CTX_init(BN_CTX *c);
+
+BN_CTX_init() is no longer available as of OpenSSL 1.1.0. Applications should
+replace use of BN_CTX_init with BN_CTX_new instead:
+
+ BN_CTX *ctx;
+ ctx = BN_CTX_new();
+ if(!ctx) /* Handle error */
+ ...
+ BN_CTX_free(ctx);
=head1 SEE ALSO
@@ -52,6 +57,7 @@ L<BN_CTX_start(3)|BN_CTX_start(3)>
=head1 HISTORY
BN_CTX_new() and BN_CTX_free() are available in all versions on SSLeay
-and OpenSSL. BN_CTX_init() was added in SSLeay 0.9.1b.
+and OpenSSL. BN_CTX_init() was added in SSLeay 0.9.1b and removed in OpenSSL
+1.1.0.
=cut
diff --git a/doc/crypto/BN_generate_prime.pod b/doc/crypto/BN_generate_prime.pod
index 4522fa9..f5b05e8 100644
--- a/doc/crypto/BN_generate_prime.pod
+++ b/doc/crypto/BN_generate_prime.pod
@@ -3,8 +3,9 @@
=head1 NAME
BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call,
-BN_GENCB_set_old, BN_GENCB_set, BN_generate_prime, BN_is_prime,
-BN_is_prime_fasttest - generate primes and test for primality
+BN_GENCB_new, BN_GENCB_free, BN_GENCB_set_old, BN_GENCB_set, BN_GENCB_get_arg,
+BN_generate_prime, BN_is_prime, BN_is_prime_fasttest - generate primes and test
+for primality
=head1 SYNOPSIS
@@ -20,10 +21,17 @@ BN_is_prime_fasttest - generate primes and test for primality
int BN_GENCB_call(BN_GENCB *cb, int a, int b);
- #define BN_GENCB_set_old(gencb, callback, cb_arg) ...
+ BN_GENCB *BN_GENCB_new(void);
- #define BN_GENCB_set(gencb, callback, cb_arg) ...
+ void BN_GENCB_free(BN_GENCB *cb);
+ void BN_GENCB_set_old(BN_GENCB *gencb,
+ void (*callback)(int, int, void *), void *cb_arg);
+
+ void BN_GENCB_set(BN_GENCB *gencb,
+ int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+
+ void *BN_GENCB_get_arg(BN_GENCB *cb);
Deprecated:
@@ -103,6 +111,9 @@ B<BN_GENCB> structure that are supported: "new" style and "old" style. New
programs should prefer the "new" style, whilst the "old" style is provided
for backwards compatibility purposes.
+A BN_GENCB structure should be created through a call to BN_GENCB_new, and freed
+through a call to BN_GENCB_free.
+
For "new" style callbacks a BN_GENCB structure should be initialised with a
call to BN_GENCB_set(), where B<gencb> is a B<BN_GENCB *>, B<callback> is of
type B<int (*callback)(int, int, BN_GENCB *)> and B<cb_arg> is a B<void *>.
@@ -114,6 +125,9 @@ A callback is invoked through a call to B<BN_GENCB_call>. This will check
the type of the callback and will invoke B<callback(a, b, gencb)> for new
style callbacks or B<callback(a, b, cb_arg)> for old style.
+It is possible to obtained the argument associated with a BN_GENCB structure
+(set via a call to BN_GENCB_set or BN_GENCB_set_old) using BN_GENCB_get_arg.
+
BN_generate_prime (deprecated) works in the same way as
BN_generate_prime_ex but expects an old style callback function
directly in the B<callback> parameter, and an argument to pass to it in
@@ -132,10 +146,31 @@ prime with an error probability of less than 0.25^B<nchecks>, and
BN_generate_prime() returns the prime number on success, B<NULL> otherwise.
+BN_GENCB_new returns a pointer to a BN_GENCB structure on success, or B<NULL>
+otherwise.
+
+BN_GENCB_get_arg returns the argument previously associated with a BN_GENCB
+structure.
+
Callback functions should return 1 on success or 0 on error.
The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+=head1 REMOVED FUNCTIONALITY
+
+As of OpenSSL 1.1.0 it is no longer possible to create a BN_GENCB structure
+directly, as in:
+
+ BN_GENCB callback;
+
+Instead applications should create a BN_GENCB structure using BN_GENCB_new:
+
+ BN_GENCB *callback;
+ callback = BN_GENCB_new();
+ if(!callback) /* handle error */
+ ...
+ BN_GENCB_free(callback);
+
=head1 SEE ALSO
L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>
@@ -145,6 +180,7 @@ L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>
The B<cb_arg> arguments to BN_generate_prime() and to BN_is_prime()
were added in SSLeay 0.9.0. The B<ret> argument to BN_generate_prime()
was added in SSLeay 0.9.1.
-BN_is_prime_fasttest() was added in OpenSSL 0.9.5.
+BN_is_prime_fasttest() was added in OpenSSL 0.9.5. BN_GENCB_new, BN_GENCB_free
+and BN_GENCB_get_arg were added in OpenSSL 1.1.0
=cut
diff --git a/doc/crypto/BN_mod_mul_montgomery.pod b/doc/crypto/BN_mod_mul_montgomery.pod
index 6b16351..5168748 100644
--- a/doc/crypto/BN_mod_mul_montgomery.pod
+++ b/doc/crypto/BN_mod_mul_montgomery.pod
@@ -11,7 +11,6 @@ BN_from_montgomery, BN_to_montgomery - Montgomery multiplication
#include <openssl/bn.h>
BN_MONT_CTX *BN_MONT_CTX_new(void);
- void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
void BN_MONT_CTX_free(BN_MONT_CTX *mont);
int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
@@ -34,7 +33,6 @@ but they may be useful when several operations are to be performed
using the same modulus.
BN_MONT_CTX_new() allocates and initializes a B<BN_MONT_CTX> structure.
-BN_MONT_CTX_init() initializes an existing uninitialized B<BN_MONT_CTX>.
BN_MONT_CTX_set() sets up the I<mont> structure from the modulus I<m>
by precomputing its inverse and a value R.
@@ -55,27 +53,12 @@ Note that I<a> must be non-negative and smaller than the modulus.
For all functions, I<ctx> is a previously allocated B<BN_CTX> used for
temporary variables.
-The B<BN_MONT_CTX> structure is defined as follows:
-
- typedef struct bn_mont_ctx_st
- {
- int ri; /* number of bits in R */
- BIGNUM RR; /* R^2 (used to convert to Montgomery form) */
- BIGNUM N; /* The modulus */
- BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1
- * (Ni is only stored for bignum algorithm) */
- BN_ULONG n0; /* least significant word of Ni */
- int flags;
- } BN_MONT_CTX;
-
-BN_to_montgomery() is a macro.
-
=head1 RETURN VALUES
BN_MONT_CTX_new() returns the newly allocated B<BN_MONT_CTX>, and NULL
on error.
-BN_MONT_CTX_init() and BN_MONT_CTX_free() have no return values.
+BN_MONT_CTX_free() has no return value.
For the other functions, 1 is returned for success, 0 on error.
The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
@@ -85,6 +68,26 @@ The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
The inputs must be reduced modulo B<m>, otherwise the result will be
outside the expected range.
+=head1 REMOVED FUNCTIONALITY
+
+ void BN_MONT_CTX_init(BN_MONT_CTX *c);
+
+BN_MONT_CTX_init() is no longer available as of OpenSSL 1.1.0. It was used to
+initialize an existing uninitialized B<BN_MONT_CTX>. Typically this would be
+done as follows:
+
+ BN_MONT_CTX ctx;
+ BN_MONT_CTX_init(&ctx);
+
+Instead applications should create a BN_MONT_CTX structure using
+BN_MONT_CTX_new:
+
+ BN_MONT_CTX *ctx;
+ ctx = BN_MONT_CTX_new();
+ if(!ctx) /* handle error */
+ ...
+ BN_MONT_CTX_free(ctx);
+
=head1 SEE ALSO
L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
@@ -97,5 +100,6 @@ BN_mod_mul_montgomery(), BN_from_montgomery() and BN_to_montgomery()
are available in all versions of SSLeay and OpenSSL.
BN_MONT_CTX_init() and BN_MONT_CTX_copy() were added in SSLeay 0.9.1b.
+BN_MONT_CTX_init was removed in OpenSSL 1.1.0
=cut
diff --git a/doc/crypto/BN_mod_mul_reciprocal.pod b/doc/crypto/BN_mod_mul_reciprocal.pod
index 74a216d..cd4b728 100644
--- a/doc/crypto/BN_mod_mul_reciprocal.pod
+++ b/doc/crypto/BN_mod_mul_reciprocal.pod
@@ -11,7 +11,6 @@ reciprocal
#include <openssl/bn.h>
BN_RECP_CTX *BN_RECP_CTX_new(void);
- void BN_RECP_CTX_init(BN_RECP_CTX *recp);
void BN_RECP_CTX_free(BN_RECP_CTX *recp);
int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
@@ -44,18 +43,7 @@ later be stored in B<recp>.
BN_div_recp() divides B<a> by B<m> using B<recp>. It places the quotient
in B<dv> and the remainder in B<rem>.
-The B<BN_RECP_CTX> structure is defined as follows:
-
- typedef struct bn_recp_ctx_st
- {
- BIGNUM N; /* the divisor */
- BIGNUM Nr; /* the reciprocal */
- int num_bits;
- int shift;
- int flags;
- } BN_RECP_CTX;
-
-It cannot be shared between threads.
+The B<BN_RECP_CTX> structure cannot be shared between threads.
=head1 RETURN VALUES
@@ -67,6 +55,26 @@ BN_RECP_CTX_init() and BN_RECP_CTX_free() have no return values.
For the other functions, 1 is returned for success, 0 on error.
The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+=head1 REMOVED FUNCTIONALITY
+
+ void BN_RECP_CTX_init(BN_RECP_CTX *recp);
+
+BN_RECP_CTX_init() is no longer available as of OpenSSL 1.1.0. It was used to
+initialize an existing uninitialized B<BN_RECP_CTX>. Typically this would be
+done as follows:
+
+ BN_RECP_CTX ctx;
+ BN_RECP_CTX_init(&ctx);
+
+Applications should replace use of BN_RECP_CTX_init with BN_RECP_CTX_new
+instead:
+
+ BN_RECP_CTX *ctx;
+ ctx = BN_RECP_CTX_new();
+ if(!ctx) /* Handle error */
+ ...
+ BN_RECP_CTX_free(ctx);
+
=head1 SEE ALSO
L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
@@ -76,6 +84,6 @@ L<BN_CTX_new(3)|BN_CTX_new(3)>
B<BN_RECP_CTX> was added in SSLeay 0.9.0. Before that, the function
BN_reciprocal() was used instead, and the BN_mod_mul_reciprocal()
-arguments were different.
+arguments were different. BN_RECP_CTX_init was removed in OpenSSL 1.1.0
=cut
diff --git a/doc/crypto/BN_new.pod b/doc/crypto/BN_new.pod
index ab7a105..61743e3 100644
--- a/doc/crypto/BN_new.pod
+++ b/doc/crypto/BN_new.pod
@@ -10,8 +10,6 @@ BN_new, BN_init, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs
BIGNUM *BN_new(void);
- void BN_init(BIGNUM *);
-
void BN_clear(BIGNUM *a);
void BN_free(BIGNUM *a);
@@ -20,8 +18,7 @@ BN_new, BN_init, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs
=head1 DESCRIPTION
-BN_new() allocates and initializes a B<BIGNUM> structure. BN_init()
-initializes an existing uninitialized B<BIGNUM>.
+BN_new() allocates and initializes a B<BIGNUM> structure.
BN_clear() is used to destroy sensitive data such as keys when they
are no longer needed. It erases the memory used by B<a> and sets it
@@ -37,8 +34,25 @@ BN_new() returns a pointer to the B<BIGNUM>. If the allocation fails,
it returns B<NULL> and sets an error code that can be obtained
by L<ERR_get_error(3)|ERR_get_error(3)>.
-BN_init(), BN_clear(), BN_free() and BN_clear_free() have no return
-values.
+BN_clear(), BN_free() and BN_clear_free() have no return values.
+
+=head1 REMOVED FUNCTIONALITY
+
+ void BN_init(BIGNUM *);
+
+BN_init() is no longer available as of OpenSSL 1.1.0. It was used to initialize
+an existing uninitialized B<BIGNUM>. Typically this would be done as follows:
+
+ BIGNUM a;
+ BN_init(&a);
+
+Applications should replace use of BN_init with BN_new instead:
+
+ BIGNUM *a;
+ a = BN_new();
+ if(!a) /* Handle error */
+ ...
+ BN_free(a);
=head1 SEE ALSO
@@ -48,6 +62,6 @@ L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
BN_new(), BN_clear(), BN_free() and BN_clear_free() are available in
all versions on SSLeay and OpenSSL. BN_init() was added in SSLeay
-0.9.1b.
+0.9.1b and removed in OpenSSL 1.1.0.
=cut
diff --git a/doc/crypto/bn.pod b/doc/crypto/bn.pod
index cd2f8e5..b52916b 100644
--- a/doc/crypto/bn.pod
+++ b/doc/crypto/bn.pod
@@ -10,12 +10,10 @@ bn - multiprecision integer arithmetics
BIGNUM *BN_new(void);
void BN_free(BIGNUM *a);
- void BN_init(BIGNUM *);
void BN_clear(BIGNUM *a);
void BN_clear_free(BIGNUM *a);
BN_CTX *BN_CTX_new(void);
- void BN_CTX_init(BN_CTX *c);
void BN_CTX_free(BN_CTX *c);
BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
@@ -74,10 +72,20 @@ bn - multiprecision integer arithmetics
int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
- BIGNUM *BN_generate_prime(BIGNUM *ret, int bits,int safe, BIGNUM *add,
- BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
- int BN_is_prime(const BIGNUM *p, int nchecks,
- void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+ int BN_generate_prime_ex(BIGNUM *ret,int bits,int safe, const BIGNUM *add,
+ const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
+ int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+ BN_GENCB *BN_GENCB_new(void);
+ void BN_GENCB_free(BN_GENCB *cb);
+ void BN_GENCB_set_old(BN_GENCB *gencb, void (*callback)(int, int, void *), void *cb_arg);
+ void BN_GENCB_set(BN_GENCB *gencb, int (*callback)(int, int, BN_GENCB *), void *cb_arg);
+ void *BN_GENCB_get_arg(BN_GENCB *cb);
int BN_set_bit(BIGNUM *a, int n);
int BN_clear_bit(BIGNUM *a, int n);
@@ -103,14 +111,12 @@ bn - multiprecision integer arithmetics
BN_CTX *ctx);
BN_RECP_CTX *BN_RECP_CTX_new(void);
- void BN_RECP_CTX_init(BN_RECP_CTX *recp);
void BN_RECP_CTX_free(BN_RECP_CTX *recp);
int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
BN_RECP_CTX *recp, BN_CTX *ctx);
BN_MONT_CTX *BN_MONT_CTX_new(void);
- void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
void BN_MONT_CTX_free(BN_MONT_CTX *mont);
int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
diff --git a/engines/Makefile b/engines/Makefile
index d0881f2..455c1d9 100644
--- a/engines/Makefile
+++ b/engines/Makefile
@@ -2,6 +2,9 @@
# OpenSSL/engines/Makefile
#
+#The following engines have been disabled as they currently do not build
+# aep atalla cswift chil nuron sureware ubsec
+
DIR= engines
TOP= ..
CC= cc
@@ -29,28 +32,14 @@ TEST=
APPS=
LIB=$(TOP)/libcrypto.a
-LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi
+LIBNAMES= 4758cca gmp padlock capi
LIBSRC= e_4758cca.c \
- e_aep.c \
- e_atalla.c \
- e_cswift.c \
e_gmp.c \
- e_chil.c \
- e_nuron.c \
- e_sureware.c \
- e_ubsec.c \
e_padlock.c \
e_capi.c
LIBOBJ= e_4758cca.o \
- e_aep.o \
- e_atalla.o \
- e_cswift.o \
e_gmp.o \
- e_chil.o \
- e_nuron.o \
- e_sureware.o \
- e_ubsec.o \
e_padlock.o \
e_capi.o \
$(ENGINES_ASM_OBJ)
@@ -59,9 +48,6 @@ SRC= $(LIBSRC)
EXHEADER=
HEADER= e_4758cca_err.c e_4758cca_err.h \
- e_aep_err.c e_aep_err.h \
- e_atalla_err.c e_atalla_err.h \
- e_cswift_err.c e_cswift_err.h \
e_gmp_err.c e_gmp_err.h \
e_chil_err.c e_chil_err.h \
e_nuron_err.c e_nuron_err.h \
@@ -189,38 +175,6 @@ e_4758cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
e_4758cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
e_4758cca.o: e_4758cca.c e_4758cca_err.c e_4758cca_err.h
e_4758cca.o: vendor_defns/hw_4758_cca.h
-e_aep.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_aep.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_aep.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_aep.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_aep.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_aep.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_aep.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_aep.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_aep.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_aep.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_aep.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_aep.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_aep.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_aep.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_aep.o: ../include/openssl/x509_vfy.h e_aep.c e_aep_err.c e_aep_err.h
-e_aep.o: vendor_defns/aep.h
-e_atalla.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_atalla.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_atalla.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_atalla.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_atalla.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_atalla.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_atalla.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_atalla.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_atalla.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_atalla.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_atalla.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_atalla.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_atalla.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_atalla.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_atalla.o: ../include/openssl/x509_vfy.h e_atalla.c e_atalla_err.c
-e_atalla.o: e_atalla_err.h vendor_defns/atalla.h
e_capi.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_capi.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
e_capi.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
@@ -233,39 +187,6 @@ e_capi.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
e_capi.o: ../include/openssl/sha.h ../include/openssl/stack.h
e_capi.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
e_capi.o: ../include/openssl/x509_vfy.h e_capi.c
-e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_chil.o: ../include/openssl/dso.h ../include/openssl/e_os2.h
-e_chil.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
-e_chil.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
-e_chil.o: ../include/openssl/err.h ../include/openssl/evp.h
-e_chil.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-e_chil.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-e_chil.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-e_chil.o: ../include/openssl/pem.h ../include/openssl/pem2.h
-e_chil.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-e_chil.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_chil.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_chil.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
-e_chil.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_chil.c
-e_chil.o: e_chil_err.c e_chil_err.h vendor_defns/hwcryptohook.h
-e_cswift.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_cswift.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_cswift.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_cswift.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_cswift.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_cswift.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_cswift.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_cswift.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_cswift.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_cswift.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_cswift.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_cswift.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-e_cswift.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_cswift.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_cswift.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_cswift.c
-e_cswift.o: e_cswift_err.c e_cswift_err.h vendor_defns/cswift.h
e_gmp.o: ../include/openssl/asn1.h ../include/openssl/bio.h
e_gmp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
e_gmp.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
@@ -279,21 +200,6 @@ e_gmp.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
e_gmp.o: ../include/openssl/sha.h ../include/openssl/stack.h
e_gmp.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
e_gmp.o: ../include/openssl/x509_vfy.h e_gmp.c
-e_nuron.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_nuron.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_nuron.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_nuron.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_nuron.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_nuron.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_nuron.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_nuron.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_nuron.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_nuron.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_nuron.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_nuron.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_nuron.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_nuron.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_nuron.o: ../include/openssl/x509_vfy.h e_nuron.c e_nuron_err.c e_nuron_err.h
e_padlock.o: ../include/openssl/aes.h ../include/openssl/asn1.h
e_padlock.o: ../include/openssl/bio.h ../include/openssl/buffer.h
e_padlock.o: ../include/openssl/crypto.h ../include/openssl/dso.h
@@ -309,37 +215,3 @@ e_padlock.o: ../include/openssl/safestack.h ../include/openssl/sha.h
e_padlock.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
e_padlock.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
e_padlock.o: e_padlock.c
-e_sureware.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_sureware.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_sureware.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_sureware.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_sureware.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_sureware.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_sureware.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_sureware.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_sureware.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_sureware.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_sureware.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
-e_sureware.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-e_sureware.o: ../include/openssl/rand.h ../include/openssl/rsa.h
-e_sureware.o: ../include/openssl/safestack.h ../include/openssl/sha.h
-e_sureware.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-e_sureware.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-e_sureware.o: e_sureware.c e_sureware_err.c e_sureware_err.h
-e_sureware.o: vendor_defns/sureware.h
-e_ubsec.o: ../include/openssl/asn1.h ../include/openssl/bio.h
-e_ubsec.o: ../include/openssl/bn.h ../include/openssl/buffer.h
-e_ubsec.o: ../include/openssl/crypto.h ../include/openssl/dh.h
-e_ubsec.o: ../include/openssl/dsa.h ../include/openssl/dso.h
-e_ubsec.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-e_ubsec.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-e_ubsec.o: ../include/openssl/engine.h ../include/openssl/err.h
-e_ubsec.o: ../include/openssl/evp.h ../include/openssl/lhash.h
-e_ubsec.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
-e_ubsec.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
-e_ubsec.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
-e_ubsec.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-e_ubsec.o: ../include/openssl/sha.h ../include/openssl/stack.h
-e_ubsec.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-e_ubsec.o: ../include/openssl/x509_vfy.h e_ubsec.c e_ubsec_err.c e_ubsec_err.h
-e_ubsec.o: vendor_defns/hw_ubsec.h
diff --git a/test/Makefile b/test/Makefile
index 650636c..85ba594 100644
--- a/test/Makefile
+++ b/test/Makefile
@@ -5,7 +5,7 @@
DIR= test
TOP= ..
CC= cc
-INCLUDES= -I$(TOP) -I../include $(KRB5_INCLUDES) -I$(TOP)/fips
+INCLUDES= -I$(TOP) -I../include -I../crypto/include $(KRB5_INCLUDES) -I$(TOP)/fips
CFLAG= -g
MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
PERL= perl
@@ -554,21 +554,21 @@ dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h
bftest.o: ../include/openssl/opensslconf.h bftest.c
-bntest.o: ../crypto/bn/bn_lcl.h ../e_os.h ../include/openssl/asn1.h
-bntest.o: ../include/openssl/bio.h ../include/openssl/bn.h
-bntest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
-bntest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
-bntest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
-bntest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
-bntest.o: ../include/openssl/err.h ../include/openssl/evp.h
-bntest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
-bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
-bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
-bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
-bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
-bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
-bntest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
-bntest.o: ../include/openssl/x509_vfy.h bntest.c
+bntest.o: ../crypto/bn/bn_lcl.h ../crypto/include/internal/bn_int.h ../e_os.h
+bntest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+bntest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+bntest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+bntest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h
+bntest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+bntest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+bntest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+bntest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+bntest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+bntest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+bntest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+bntest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bntest.c
casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h
casttest.o: ../include/openssl/opensslconf.h casttest.c
constant_time_test.o: ../crypto/constant_time_locl.h ../e_os.h
diff --git a/util/libeay.num b/util/libeay.num
index 4d813e8..f29a327 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -694,13 +694,13 @@ a2i_ASN1_INTEGER 700 EXIST::FUNCTION:BIO
a2i_ASN1_STRING 701 EXIST::FUNCTION:BIO
asn1_Finish 702 EXIST::FUNCTION:
asn1_GetSequence 703 EXIST::FUNCTION:
-bn_div_words 704 EXIST::FUNCTION:
-bn_expand2 705 EXIST::FUNCTION:
-bn_mul_add_words 706 EXIST::FUNCTION:
-bn_mul_words 707 EXIST::FUNCTION:
+bn_div_words 704 NOEXIST::FUNCTION:
+bn_expand2 705 NOEXIST::FUNCTION:
+bn_mul_add_words 706 NOEXIST::FUNCTION:
+bn_mul_words 707 NOEXIST::FUNCTION:
BN_uadd 708 EXIST::FUNCTION:
BN_usub 709 EXIST::FUNCTION:
-bn_sqr_words 710 EXIST::FUNCTION:
+bn_sqr_words 710 NOEXIST::FUNCTION:
_ossl_old_crypt 711 EXIST:!NeXT,!PERL5:FUNCTION:DES
d2i_ASN1_BIT_STRING 712 EXIST::FUNCTION:
d2i_ASN1_BOOLEAN 713 EXIST::FUNCTION:
@@ -1013,7 +1013,7 @@ RSA_padding_check_PKCS1_type_1 1035 EXIST::FUNCTION:RSA
RSA_padding_check_PKCS1_type_2 1036 EXIST::FUNCTION:RSA
RSA_padding_check_SSLv23 1037 EXIST::FUNCTION:RSA
RSA_padding_check_none 1038 EXIST::FUNCTION:RSA
-bn_add_words 1039 EXIST::FUNCTION:
+bn_add_words 1039 NOEXIST::FUNCTION:
d2i_Netscape_RSA_2 1040 NOEXIST::FUNCTION:
CRYPTO_get_ex_new_index 1041 EXIST::FUNCTION:
RIPEMD160_Init 1042 EXIST::FUNCTION:RIPEMD
@@ -1064,7 +1064,7 @@ asn1_add_error 1091 EXIST::FUNCTION:
d2i_ASN1_BMPSTRING 1092 EXIST::FUNCTION:
i2d_ASN1_BMPSTRING 1093 EXIST::FUNCTION:
BIO_f_ber 1094 NOEXIST::FUNCTION:
-BN_init 1095 EXIST::FUNCTION:
+BN_init 1095 NOEXIST::FUNCTION:
COMP_CTX_new 1096 EXIST::FUNCTION:
COMP_CTX_free 1097 EXIST::FUNCTION:
COMP_CTX_compress_block 1098 NOEXIST::FUNCTION:
@@ -1085,7 +1085,7 @@ PROXY_set_connect_mode 1112 NOEXIST::FUNCTION:
RAND_SSLeay 1113 EXIST::FUNCTION:
RAND_set_rand_method 1114 EXIST::FUNCTION:
RSA_memory_lock 1115 EXIST::FUNCTION:RSA
-bn_sub_words 1116 EXIST::FUNCTION:
+bn_sub_words 1116 NOEXIST::FUNCTION:
bn_mul_normal 1117 NOEXIST::FUNCTION:
bn_mul_comba8 1118 NOEXIST::FUNCTION:
bn_mul_comba4 1119 NOEXIST::FUNCTION:
@@ -1097,15 +1097,15 @@ bn_mul_recursive 1124 NOEXIST::FUNCTION:
bn_mul_part_recursive 1125 NOEXIST::FUNCTION:
bn_sqr_recursive 1126 NOEXIST::FUNCTION:
bn_mul_low_normal 1127 NOEXIST::FUNCTION:
-BN_RECP_CTX_init 1128 EXIST::FUNCTION:
+BN_RECP_CTX_init 1128 NOEXIST::FUNCTION:
BN_RECP_CTX_new 1129 EXIST::FUNCTION:
BN_RECP_CTX_free 1130 EXIST::FUNCTION:
BN_RECP_CTX_set 1131 EXIST::FUNCTION:
BN_mod_mul_reciprocal 1132 EXIST::FUNCTION:
BN_mod_exp_recp 1133 EXIST::FUNCTION:
BN_div_recp 1134 EXIST::FUNCTION:
-BN_CTX_init 1135 EXIST::FUNCTION:DEPRECATED
-BN_MONT_CTX_init 1136 EXIST::FUNCTION:
+BN_CTX_init 1135 NOEXIST::FUNCTION:
+BN_MONT_CTX_init 1136 NOEXIST::FUNCTION:
RAND_get_rand_method 1137 EXIST::FUNCTION:
PKCS7_add_attribute 1138 EXIST::FUNCTION:
PKCS7_add_signed_attribute 1139 EXIST::FUNCTION:
@@ -2419,7 +2419,7 @@ UI_get_string_type 2916 EXIST::FUNCTION:
ENGINE_unregister_DH 2917 EXIST::FUNCTION:ENGINE
ENGINE_register_all_DSA 2918 EXIST::FUNCTION:ENGINE
OCSP_ONEREQ_get_ext_by_critical 2919 EXIST::FUNCTION:
-bn_dup_expand 2920 EXIST::FUNCTION:DEPRECATED
+bn_dup_expand 2920 NOEXIST::FUNCTION:
OCSP_cert_id_new 2921 EXIST::FUNCTION:
BASIC_CONSTRAINTS_it 2922 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
BASIC_CONSTRAINTS_it 2922 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
@@ -4513,7 +4513,6 @@ RSA_check_key_ex 4872 EXIST::FUNCTION:RSA
i2s_ASN1_IA5STRING 4874 EXIST::FUNCTION:
s2i_ASN1_IA5STRING 4875 EXIST::FUNCTION:
FIPS_dsa_sign_ctx 4876 EXIST:OPENSSL_FIPS:FUNCTION:DSA
-FIPS_ecdsa_sign 4877 EXIST:OPENSSL_FIPS:FUNCTION:ECDSA
CRYPTO_ocb128_release 4878 EXIST::FUNCTION:
CRYPTO_ocb128_new 4879 EXIST::FUNCTION:
CRYPTO_ocb128_finish 4880 EXIST::FUNCTION:
@@ -4526,3 +4525,21 @@ EVP_aes_192_ocb 4886 EXIST::FUNCTION:AES
EVP_aes_128_ocb 4887 EXIST::FUNCTION:AES
CRYPTO_ocb128_init 4888 EXIST::FUNCTION:
CRYPTO_ocb128_encrypt 4889 EXIST::FUNCTION:
+bn_wexpand 4878 NOEXIST::FUNCTION:
+BN_zero_ex 4879 EXIST::FUNCTION:
+BN_is_zero 4880 EXIST::FUNCTION:
+BN_with_flags 4881 EXIST::FUNCTION:
+BN_abs_is_word 4882 EXIST::FUNCTION:
+bn_correct_top 4883 NOEXIST::FUNCTION:
+BN_to_montgomery 4884 EXIST::FUNCTION:
+BN_GENCB_new 4885 EXIST::FUNCTION:
+BN_is_odd 4886 EXIST::FUNCTION:
+BN_is_negative 4887 EXIST::FUNCTION:
+BN_GENCB_get_arg 4888 EXIST::FUNCTION:
+BN_GENCB_set 4889 EXIST::FUNCTION:
+BN_is_word 4890 EXIST::FUNCTION:
+BN_set_flags 4891 EXIST::FUNCTION:
+BN_is_one 4892 EXIST::FUNCTION:
+BN_GENCB_set_old 4893 EXIST::FUNCTION:
+BN_GENCB_free 4894 EXIST::FUNCTION:
+BN_get_flags 4895 EXIST::FUNCTION:
hooks/post-receive
--
OpenSSL source code
More information about the openssl-commits
mailing list