summaryrefslogtreecommitdiffstats
path: root/crypto/openssl
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2005-02-25 05:49:44 +0000
committernectar <nectar@FreeBSD.org>2005-02-25 05:49:44 +0000
commitced877b043d77d97f1ad196f15b25ed720c1fcdc (patch)
treea843375628b8f7847c8a433651d5c12a4660558c /crypto/openssl
parent52bc459a40672bffc62b2ff9c2578dbe8832a0b8 (diff)
downloadFreeBSD-src-ced877b043d77d97f1ad196f15b25ed720c1fcdc.zip
FreeBSD-src-ced877b043d77d97f1ad196f15b25ed720c1fcdc.tar.gz
Resolve conflicts after import of OpenSSL 0.9.7e.
Diffstat (limited to 'crypto/openssl')
-rw-r--r--crypto/openssl/apps/openssl.cnf4
-rw-r--r--crypto/openssl/apps/speed.c1
-rw-r--r--crypto/openssl/crypto/des/des.h6
-rw-r--r--crypto/openssl/crypto/err/err_all.c4
-rw-r--r--crypto/openssl/crypto/evp/evp.h50
-rw-r--r--crypto/openssl/crypto/rsa/rsa.h4
-rw-r--r--crypto/openssl/crypto/rsa/rsa_eay.c2
-rw-r--r--crypto/openssl/ssl/s23_clnt.c7
-rw-r--r--crypto/openssl/ssl/s2_clnt.c7
-rw-r--r--crypto/openssl/ssl/s2_srvr.c9
-rw-r--r--crypto/openssl/util/pl/Mingw32.pl11
11 files changed, 80 insertions, 25 deletions
diff --git a/crypto/openssl/apps/openssl.cnf b/crypto/openssl/apps/openssl.cnf
index 9256b4d..79fd471 100644
--- a/crypto/openssl/apps/openssl.cnf
+++ b/crypto/openssl/apps/openssl.cnf
@@ -45,8 +45,8 @@ new_certs_dir = $dir/newcerts # default place for new certs.
certificate = $dir/cacert.pem # The CA certificate
serial = $dir/serial # The current serial number
-#crlnumber = $dir/crlnumber # the current crl number
- # must be commented out to leave a V1 CRL
+#crlnumber = $dir/crlnumber # the current crl number must be
+ # commented out to leave a V1 CRL
crl = $dir/crl.pem # The current CRL
private_key = $dir/private/cakey.pem# The private key
RANDFILE = $dir/private/.rand # private random number file
diff --git a/crypto/openssl/apps/speed.c b/crypto/openssl/apps/speed.c
index 2412200..5ed510c 100644
--- a/crypto/openssl/apps/speed.c
+++ b/crypto/openssl/apps/speed.c
@@ -1395,6 +1395,7 @@ int MAIN(int argc, char **argv)
EVP_DecryptInit_ex(&ctx,evp_cipher,NULL,key16,iv);
else
EVP_EncryptInit_ex(&ctx,evp_cipher,NULL,key16,iv);
+ EVP_CIPHER_CTX_set_padding(&ctx, 0);
Time_F(START);
if(decrypt)
diff --git a/crypto/openssl/crypto/des/des.h b/crypto/openssl/crypto/des/des.h
index daaf239..c5df1c9 100644
--- a/crypto/openssl/crypto/des/des.h
+++ b/crypto/openssl/crypto/des/des.h
@@ -128,7 +128,7 @@ OPENSSL_DECLARE_GLOBAL(int,DES_rw_mode); /* defaults to DES_PCBC_MODE */
#define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
const char *DES_options(void);
-void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+void DES_ecb3_encrypt(const unsigned char *input, unsigned char *output,
DES_key_schedule *ks1,DES_key_schedule *ks2,
DES_key_schedule *ks3, int enc);
DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output,
@@ -187,6 +187,10 @@ void DES_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
long length,DES_key_schedule *ks1,
DES_key_schedule *ks2,DES_key_schedule *ks3,
DES_cblock *ivec,int *num,int enc);
+void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out,
+ int numbits,long length,DES_key_schedule *ks1,
+ DES_key_schedule *ks2,DES_key_schedule *ks3,
+ DES_cblock *ivec,int enc);
void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
long length,DES_key_schedule *ks1,
DES_key_schedule *ks2,DES_key_schedule *ks3,
diff --git a/crypto/openssl/crypto/err/err_all.c b/crypto/openssl/crypto/err/err_all.c
index dc505d9..4dc9300 100644
--- a/crypto/openssl/crypto/err/err_all.c
+++ b/crypto/openssl/crypto/err/err_all.c
@@ -87,6 +87,7 @@
#endif
#include <openssl/ocsp.h>
#include <openssl/err.h>
+#include <openssl/fips.h>
void ERR_load_crypto_strings(void)
{
@@ -130,4 +131,7 @@ void ERR_load_crypto_strings(void)
ERR_load_OCSP_strings();
ERR_load_UI_strings();
#endif
+#ifdef OPENSSL_FIPS
+ ERR_load_FIPS_strings();
+#endif
}
diff --git a/crypto/openssl/crypto/evp/evp.h b/crypto/openssl/crypto/evp/evp.h
index 4801d8e..115878f 100644
--- a/crypto/openssl/crypto/evp/evp.h
+++ b/crypto/openssl/crypto/evp/evp.h
@@ -499,6 +499,7 @@ void BIO_set_md(BIO *,const EVP_MD *md);
#endif
#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
+#define BIO_set_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
@@ -640,9 +641,20 @@ const EVP_CIPHER *EVP_des_ede(void);
const EVP_CIPHER *EVP_des_ede3(void);
const EVP_CIPHER *EVP_des_ede_ecb(void);
const EVP_CIPHER *EVP_des_ede3_ecb(void);
-const EVP_CIPHER *EVP_des_cfb(void);
-const EVP_CIPHER *EVP_des_ede_cfb(void);
-const EVP_CIPHER *EVP_des_ede3_cfb(void);
+const EVP_CIPHER *EVP_des_cfb64(void);
+# define EVP_des_cfb EVP_des_cfb64
+const EVP_CIPHER *EVP_des_cfb1(void);
+const EVP_CIPHER *EVP_des_cfb8(void);
+const EVP_CIPHER *EVP_des_ede_cfb64(void);
+# define EVP_des_ede_cfb EVP_des_ede_cfb64
+#if 0
+const EVP_CIPHER *EVP_des_ede_cfb1(void);
+const EVP_CIPHER *EVP_des_ede_cfb8(void);
+#endif
+const EVP_CIPHER *EVP_des_ede3_cfb64(void);
+# define EVP_des_ede3_cfb EVP_des_ede3_cfb64
+const EVP_CIPHER *EVP_des_ede3_cfb1(void);
+const EVP_CIPHER *EVP_des_ede3_cfb8(void);
const EVP_CIPHER *EVP_des_ofb(void);
const EVP_CIPHER *EVP_des_ede_ofb(void);
const EVP_CIPHER *EVP_des_ede3_ofb(void);
@@ -666,7 +678,8 @@ const EVP_CIPHER *EVP_rc4_40(void);
#endif
#ifndef OPENSSL_NO_IDEA
const EVP_CIPHER *EVP_idea_ecb(void);
-const EVP_CIPHER *EVP_idea_cfb(void);
+const EVP_CIPHER *EVP_idea_cfb64(void);
+# define EVP_idea_cfb EVP_idea_cfb64
const EVP_CIPHER *EVP_idea_ofb(void);
const EVP_CIPHER *EVP_idea_cbc(void);
#endif
@@ -675,45 +688,58 @@ const EVP_CIPHER *EVP_rc2_ecb(void);
const EVP_CIPHER *EVP_rc2_cbc(void);
const EVP_CIPHER *EVP_rc2_40_cbc(void);
const EVP_CIPHER *EVP_rc2_64_cbc(void);
-const EVP_CIPHER *EVP_rc2_cfb(void);
+const EVP_CIPHER *EVP_rc2_cfb64(void);
+# define EVP_rc2_cfb EVP_rc2_cfb64
const EVP_CIPHER *EVP_rc2_ofb(void);
#endif
#ifndef OPENSSL_NO_BF
const EVP_CIPHER *EVP_bf_ecb(void);
const EVP_CIPHER *EVP_bf_cbc(void);
-const EVP_CIPHER *EVP_bf_cfb(void);
+const EVP_CIPHER *EVP_bf_cfb64(void);
+# define EVP_bf_cfb EVP_bf_cfb64
const EVP_CIPHER *EVP_bf_ofb(void);
#endif
#ifndef OPENSSL_NO_CAST
const EVP_CIPHER *EVP_cast5_ecb(void);
const EVP_CIPHER *EVP_cast5_cbc(void);
-const EVP_CIPHER *EVP_cast5_cfb(void);
+const EVP_CIPHER *EVP_cast5_cfb64(void);
+# define EVP_cast5_cfb EVP_cast5_cfb64
const EVP_CIPHER *EVP_cast5_ofb(void);
#endif
#ifndef OPENSSL_NO_RC5
const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
-const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void);
+# define EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64
const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
#endif
#ifndef OPENSSL_NO_AES
const EVP_CIPHER *EVP_aes_128_ecb(void);
const EVP_CIPHER *EVP_aes_128_cbc(void);
-const EVP_CIPHER *EVP_aes_128_cfb(void);
+const EVP_CIPHER *EVP_aes_128_cfb1(void);
+const EVP_CIPHER *EVP_aes_128_cfb8(void);
+const EVP_CIPHER *EVP_aes_128_cfb128(void);
+# define EVP_aes_128_cfb EVP_aes_128_cfb128
const EVP_CIPHER *EVP_aes_128_ofb(void);
#if 0
const EVP_CIPHER *EVP_aes_128_ctr(void);
#endif
const EVP_CIPHER *EVP_aes_192_ecb(void);
const EVP_CIPHER *EVP_aes_192_cbc(void);
-const EVP_CIPHER *EVP_aes_192_cfb(void);
+const EVP_CIPHER *EVP_aes_192_cfb1(void);
+const EVP_CIPHER *EVP_aes_192_cfb8(void);
+const EVP_CIPHER *EVP_aes_192_cfb128(void);
+# define EVP_aes_192_cfb EVP_aes_192_cfb128
const EVP_CIPHER *EVP_aes_192_ofb(void);
#if 0
const EVP_CIPHER *EVP_aes_192_ctr(void);
#endif
const EVP_CIPHER *EVP_aes_256_ecb(void);
const EVP_CIPHER *EVP_aes_256_cbc(void);
-const EVP_CIPHER *EVP_aes_256_cfb(void);
+const EVP_CIPHER *EVP_aes_256_cfb1(void);
+const EVP_CIPHER *EVP_aes_256_cfb8(void);
+const EVP_CIPHER *EVP_aes_256_cfb128(void);
+# define EVP_aes_256_cfb EVP_aes_256_cfb128
const EVP_CIPHER *EVP_aes_256_ofb(void);
#if 0
const EVP_CIPHER *EVP_aes_256_ctr(void);
@@ -825,6 +851,7 @@ void ERR_load_EVP_strings(void);
/* Error codes for the EVP functions. */
/* Function codes. */
+#define EVP_F_AES_INIT_KEY 129
#define EVP_F_D2I_PKEY 100
#define EVP_F_EVP_CIPHERINIT 123
#define EVP_F_EVP_CIPHER_CTX_CTRL 124
@@ -855,6 +882,7 @@ void ERR_load_EVP_strings(void);
#define EVP_F_RC5_CTRL 125
/* Reason codes. */
+#define EVP_R_AES_KEY_SETUP_FAILED 140
#define EVP_R_BAD_BLOCK_LENGTH 136
#define EVP_R_BAD_DECRYPT 100
#define EVP_R_BAD_KEY_LENGTH 137
diff --git a/crypto/openssl/crypto/rsa/rsa.h b/crypto/openssl/crypto/rsa/rsa.h
index 1ea0fe1..c82363e 100644
--- a/crypto/openssl/crypto/rsa/rsa.h
+++ b/crypto/openssl/crypto/rsa/rsa.h
@@ -73,6 +73,10 @@
#error RSA is disabled.
#endif
+#if defined(OPENSSL_FIPS)
+#define FIPS_RSA_SIZE_T int
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
diff --git a/crypto/openssl/crypto/rsa/rsa_eay.c b/crypto/openssl/crypto/rsa/rsa_eay.c
index 5f7a1f2..0d17acb 100644
--- a/crypto/openssl/crypto/rsa/rsa_eay.c
+++ b/crypto/openssl/crypto/rsa/rsa_eay.c
@@ -63,7 +63,7 @@
#include <openssl/rsa.h>
#include <openssl/rand.h>
-#ifndef RSA_NULL
+#if !defined(RSA_NULL) && !defined(OPENSSL_FIPS)
static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
diff --git a/crypto/openssl/ssl/s23_clnt.c b/crypto/openssl/ssl/s23_clnt.c
index 64ee426..b1db0fb 100644
--- a/crypto/openssl/ssl/s23_clnt.c
+++ b/crypto/openssl/ssl/s23_clnt.c
@@ -235,7 +235,8 @@ static int ssl23_client_hello(SSL *s)
#endif
p=s->s3->client_random;
- RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE);
+ if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE) <= 0)
+ return -1;
/* Do the message type and length last */
d= &(buf[2]);
@@ -296,7 +297,9 @@ static int ssl23_client_hello(SSL *s)
i=ch_len;
s2n(i,d);
memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
- RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+ if(RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i) <= 0)
+ return -1;
+
memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
p+=i;
diff --git a/crypto/openssl/ssl/s2_clnt.c b/crypto/openssl/ssl/s2_clnt.c
index 43b32eb..c67829f 100644
--- a/crypto/openssl/ssl/s2_clnt.c
+++ b/crypto/openssl/ssl/s2_clnt.c
@@ -612,7 +612,8 @@ static int client_hello(SSL *s)
s->s2->challenge_length=SSL2_CHALLENGE_LENGTH;
s2n(SSL2_CHALLENGE_LENGTH,p); /* challenge length */
/*challenge id data*/
- RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH);
+ if(RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH) <= 0)
+ return -1;
memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH);
d+=SSL2_CHALLENGE_LENGTH;
@@ -660,7 +661,9 @@ static int client_master_key(SSL *s)
SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
return -1;
}
- if (i > 0) RAND_pseudo_bytes(sess->key_arg,i);
+ if (i > 0)
+ if(RAND_pseudo_bytes(sess->key_arg,i) <= 0)
+ return -1;
/* make a master key */
i=EVP_CIPHER_key_length(c);
diff --git a/crypto/openssl/ssl/s2_srvr.c b/crypto/openssl/ssl/s2_srvr.c
index 5da2a54..853871f 100644
--- a/crypto/openssl/ssl/s2_srvr.c
+++ b/crypto/openssl/ssl/s2_srvr.c
@@ -498,7 +498,8 @@ static int get_client_master_key(SSL *s)
i=ek;
else
i=EVP_CIPHER_key_length(c);
- RAND_pseudo_bytes(p,i);
+ if(RAND_pseudo_bytes(p,i) <= 0)
+ return 0;
}
#else
if (i < 0)
@@ -804,7 +805,8 @@ static int server_hello(SSL *s)
/* make and send conn_id */
s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */
s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH;
- RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length);
+ if(RAND_pseudo_bytes(s->s2->conn_id,(int)s->s2->conn_id_length) <= 0)
+ return -1;
memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH);
d+=SSL2_CONNECTION_ID_LENGTH;
@@ -949,7 +951,8 @@ static int request_certificate(SSL *s)
p=(unsigned char *)s->init_buf->data;
*(p++)=SSL2_MT_REQUEST_CERTIFICATE;
*(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
- RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+ if(RAND_pseudo_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
+ return -1;
memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
diff --git a/crypto/openssl/util/pl/Mingw32.pl b/crypto/openssl/util/pl/Mingw32.pl
index 20a1509..ba00305 100644
--- a/crypto/openssl/util/pl/Mingw32.pl
+++ b/crypto/openssl/util/pl/Mingw32.pl
@@ -22,7 +22,7 @@ if ($debug)
else
{ $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486 -Wall"; }
-if ($gaswin and !$no_asm)
+if ($gaswin and !$no_asm and !$fips)
{
$bn_asm_obj='$(OBJ_D)\bn-win32.o';
$bn_asm_src='crypto/bn/asm/bn-win32.s';
@@ -93,13 +93,18 @@ sub do_lib_rule
sub do_link_rule
{
- local($target,$files,$dep_libs,$libs)=@_;
+ local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_;
local($ret,$_);
$file =~ s/\//$o/g if $o ne '/';
$n=&bname($target);
$ret.="$target: $files $dep_libs\n";
- $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+ $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n";
+ if (defined $sha1file)
+ {
+ $ret.="\t$openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file";
+ }
+ $ret.="\n";
return($ret);
}
1;
OpenPOWER on IntegriCloud