diff options
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/asn1/a_object.c | 6 | ||||
| -rw-r--r-- | crypto/bio/bss_file.c | 4 | ||||
| -rw-r--r-- | crypto/bn/asm/ppc.pl | 2 | ||||
| -rw-r--r-- | crypto/bn/asm/x86_64-gcc.c | 1 | ||||
| -rw-r--r-- | crypto/bn/bn_div.c | 10 | ||||
| -rw-r--r-- | crypto/engine/eng_all.c | 2 | ||||
| -rw-r--r-- | crypto/engine/eng_cryptodev.c | 23 | ||||
| -rw-r--r-- | crypto/evp/digest.c | 1 | ||||
| -rw-r--r-- | crypto/evp/evp_locl.h | 6 | ||||
| -rw-r--r-- | crypto/evp/names.c | 2 | ||||
| -rw-r--r-- | crypto/md32_common.h | 8 | ||||
| -rw-r--r-- | crypto/ocsp/ocsp_prn.c | 1 | ||||
| -rw-r--r-- | crypto/opensslv.h | 6 | ||||
| -rw-r--r-- | crypto/rand/rand_win.c | 2 |
14 files changed, 51 insertions, 23 deletions
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index d169f8c..365e467 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -291,12 +291,12 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, ASN1_OBJECT *ret=NULL; const unsigned char *p; int i; - /* Sanity check OID encoding: can't have 0x80 in subidentifiers, see: - * X.690 8.19.2 + /* Sanity check OID encoding: can't have leading 0x80 in + * subidentifiers, see: X.690 8.19.2 */ for (i = 0, p = *pp + 1; i < len - 1; i++, p++) { - if (*p == 0x80) + if (*p == 0x80 && (!i || !(p[-1] & 0x80))) { ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING); return NULL; diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index 62c1073..47fa266 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -272,9 +272,9 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) BIO_clear_flags(b,BIO_FLAGS_UPLINK); #endif #endif -#ifdef UP_fsetmode +#ifdef UP_fsetmod if (b->flags&BIO_FLAGS_UPLINK) - UP_fsetmode(b->ptr,num&BIO_FP_TEXT?'t':'b'); + UP_fsetmod(b->ptr,(char)((num&BIO_FP_TEXT)?'t':'b')); else #endif { diff --git a/crypto/bn/asm/ppc.pl b/crypto/bn/asm/ppc.pl index 08e0053..806e53a 100644 --- a/crypto/bn/asm/ppc.pl +++ b/crypto/bn/asm/ppc.pl @@ -2074,5 +2074,7 @@ EOF $data =~ s/^(\s*)cmplw(\s+)([^,]+),(.*)/$1cmpl$2$3,0,$4/gm; # assembler X doesn't accept li, load immediate value #$data =~ s/^(\s*)li(\s+)([^,]+),(.*)/$1addi$2$3,0,$4/gm; + # assembler Y chokes on apostrophes in comments + $data =~ s/'//gm; return($data); } diff --git a/crypto/bn/asm/x86_64-gcc.c b/crypto/bn/asm/x86_64-gcc.c index 2b2bc1e..b1b8a11 100644 --- a/crypto/bn/asm/x86_64-gcc.c +++ b/crypto/bn/asm/x86_64-gcc.c @@ -59,6 +59,7 @@ #undef mul #undef mul_add +#undef sqr /* * "m"(a), "+m"(r) is the way to favor DirectPath µ-code; diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c index 7c35545..78c6507 100644 --- a/crypto/bn/bn_div.c +++ b/crypto/bn/bn_div.c @@ -337,7 +337,10 @@ X) -> 0x%08X\n", t2 -= d1; } #else /* !BN_LLONG */ - BN_ULONG t2l,t2h,ql,qh; + BN_ULONG t2l,t2h; +#if !defined(BN_UMULT_LOHI) && !defined(BN_UMULT_HIGH) + BN_ULONG ql,qh; +#endif q=bn_div_words(n0,n1,d0); #ifdef BN_DEBUG_LEVITTE @@ -561,7 +564,10 @@ X) -> 0x%08X\n", t2 -= d1; } #else /* !BN_LLONG */ - BN_ULONG t2l,t2h,ql,qh; + BN_ULONG t2l,t2h; +#if !defined(BN_UMULT_LOHI) && !defined(BN_UMULT_HIGH) + BN_ULONG ql,qh; +#endif q=bn_div_words(n0,n1,d0); #ifdef BN_DEBUG_LEVITTE diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c index d29cd57..f29c167 100644 --- a/crypto/engine/eng_all.c +++ b/crypto/engine/eng_all.c @@ -104,7 +104,7 @@ void ENGINE_load_builtin_engines(void) #endif #endif #ifndef OPENSSL_NO_HW -#if defined(__OpenBSD__) || defined(__FreeBSD__) +#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV) ENGINE_load_cryptodev(); #endif #if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c index 1a1e1c2..eef1e2d 100644 --- a/crypto/engine/eng_cryptodev.c +++ b/crypto/engine/eng_cryptodev.c @@ -755,10 +755,18 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, goto err; kop.crk_iparams = 3; - if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) { + if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL)) { const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + printf("OCF asym process failed, Running in software\n"); + ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); + + } else if (ECANCELED == kop.crk_status) { + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + printf("OCF hardware operation cancelled. Running in Software\n"); ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont); } + /* else cryptodev operation worked ok ==> ret = 1*/ + err: zapparams(&kop); return (ret); @@ -801,10 +809,18 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) goto err; kop.crk_iparams = 6; - if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) { + if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) { const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + printf("OCF asym process failed, running in Software\n"); + ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); + + } else if (ECANCELED == kop.crk_status) { + const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); + printf("OCF hardware operation cancelled. Running in Software\n"); ret = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); } + /* else cryptodev operation worked ok ==> ret = 1*/ + err: zapparams(&kop); return (ret); @@ -940,7 +956,8 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen, kop.crk_iparams = 7; if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) { - dsaret = kop.crk_status; +/*OCF success value is 0, if not zero, change dsaret to fail*/ + if(0 != kop.crk_status) dsaret = 0; } else { const DSA_METHOD *meth = DSA_OpenSSL(); diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 6a8f39b..10a3607 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -235,6 +235,7 @@ static int do_evp_md_engine(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) { /* Same comment from evp_enc.c */ EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_INITIALIZATION_ERROR); + ENGINE_finish(impl); return 0; } /* We'll use the ENGINE's private digest definition */ diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h index 72105b0..ef6c432 100644 --- a/crypto/evp/evp_locl.h +++ b/crypto/evp/evp_locl.h @@ -127,9 +127,9 @@ BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \ #define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \ iv_len, cbits, flags, init_key, cleanup, \ set_asn1, get_asn1, ctrl) \ -BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, \ - (cbits + 7)/8, key_len, iv_len, \ - flags, init_key, cleanup, set_asn1, get_asn1, ctrl) +BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \ + key_len, iv_len, flags, init_key, cleanup, set_asn1, \ + get_asn1, ctrl) #define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \ iv_len, cbits, flags, init_key, cleanup, \ diff --git a/crypto/evp/names.c b/crypto/evp/names.c index e2e04c3..945879d 100644 --- a/crypto/evp/names.c +++ b/crypto/evp/names.c @@ -90,7 +90,7 @@ int EVP_add_digest(const EVP_MD *md) r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(const char *)md); if (r == 0) return(0); - if (md->type != md->pkey_type) + if (md->pkey_type && md->type != md->pkey_type) { r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type), OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name); diff --git a/crypto/md32_common.h b/crypto/md32_common.h index 61bcd97..606aea6 100644 --- a/crypto/md32_common.h +++ b/crypto/md32_common.h @@ -241,11 +241,11 @@ #ifndef PEDANTIC # if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) # if defined(__s390x__) -# define HOST_c2l(c,l) ({ asm ("lrv %0,0(%1)" \ - :"=r"(l) : "r"(c)); \ +# define HOST_c2l(c,l) ({ asm ("lrv %0,%1" \ + :"=d"(l) :"m"(*(const unsigned int *)(c));\ (c)+=4; (l); }) -# define HOST_l2c(l,c) ({ asm ("strv %0,0(%1)" \ - : : "r"(l),"r"(c) : "memory"); \ +# define HOST_l2c(l,c) ({ asm ("strv %1,%0" \ + :"=m"(*(unsigned int *)(c)) :"d"(l));\ (c)+=4; (l); }) # endif # endif diff --git a/crypto/ocsp/ocsp_prn.c b/crypto/ocsp/ocsp_prn.c index 01f81e7..90dd1aa 100644 --- a/crypto/ocsp/ocsp_prn.c +++ b/crypto/ocsp/ocsp_prn.c @@ -275,6 +275,7 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags) } if (!X509V3_extensions_print(bp, "Response Extensions", rd->responseExtensions, flags, 4)) + goto err; if(X509_signature_print(bp, br->signatureAlgorithm, br->signature) <= 0) goto err; diff --git a/crypto/opensslv.h b/crypto/opensslv.h index 3d794d9..9f3981c 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,11 +25,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x009080dfL +#define OPENSSL_VERSION_NUMBER 0x009080efL #ifdef OPENSSL_FIPS -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8m-fips 25 Feb 2010" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8n-fips 24 Mar 2010" #else -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8m 25 Feb 2010" +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8n 24 Mar 2010" #endif #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c index 5198351..5d134e1 100644 --- a/crypto/rand/rand_win.c +++ b/crypto/rand/rand_win.c @@ -750,7 +750,7 @@ static void readscreen(void) int y; /* y-coordinate of screen lines to grab */ int n = 16; /* number of screen lines to grab at a time */ - if (GetVersion() >= 0x80000000 || !OPENSSL_isservice()) + if (GetVersion() < 0x80000000 && OPENSSL_isservice()>0) return; /* Create a screen DC and a memory DC compatible to screen DC */ |
