Date: Thu, 7 Aug 2014 18:56:10 +0000 (UTC) From: Jung-uk Kim <jkim@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r269682 - in head: crypto/openssl crypto/openssl/apps crypto/openssl/crypto crypto/openssl/crypto/asn1 crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/crypto/cms crypt... Message-ID: <53e3cbca.2fc7.2c4ae3a1@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jkim Date: Thu Aug 7 18:56:10 2014 New Revision: 269682 URL: http://svnweb.freebsd.org/changeset/base/269682 Log: Merge OpenSSL 1.0.1i. Added: head/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod - copied unchanged from r269670, vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod head/crypto/openssl/ssl/ssl_utst.c - copied unchanged from r269670, vendor-crypto/openssl/dist/ssl/ssl_utst.c head/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 (contents, props changed) Deleted: head/crypto/openssl/crypto/pkcs7/bio_ber.c head/crypto/openssl/crypto/pkcs7/dec.c head/crypto/openssl/crypto/pkcs7/des.pem head/crypto/openssl/crypto/pkcs7/doc head/crypto/openssl/crypto/pkcs7/enc.c head/crypto/openssl/crypto/pkcs7/es1.pem head/crypto/openssl/crypto/pkcs7/example.c head/crypto/openssl/crypto/pkcs7/example.h head/crypto/openssl/crypto/pkcs7/info.pem head/crypto/openssl/crypto/pkcs7/infokey.pem head/crypto/openssl/crypto/pkcs7/p7/ head/crypto/openssl/crypto/pkcs7/server.pem head/crypto/openssl/crypto/pkcs7/sign.c head/crypto/openssl/crypto/pkcs7/t/ head/crypto/openssl/crypto/pkcs7/verify.c Modified: head/crypto/openssl/CHANGES head/crypto/openssl/Configure head/crypto/openssl/FAQ head/crypto/openssl/Makefile head/crypto/openssl/NEWS head/crypto/openssl/README head/crypto/openssl/apps/apps.c head/crypto/openssl/apps/ca.c head/crypto/openssl/apps/ciphers.c head/crypto/openssl/apps/crl2p7.c head/crypto/openssl/apps/enc.c head/crypto/openssl/apps/ocsp.c head/crypto/openssl/apps/progs.h head/crypto/openssl/apps/progs.pl head/crypto/openssl/apps/s_client.c head/crypto/openssl/apps/s_server.c head/crypto/openssl/crypto/asn1/a_object.c head/crypto/openssl/crypto/asn1/a_utctm.c head/crypto/openssl/crypto/asn1/ameth_lib.c head/crypto/openssl/crypto/asn1/asn1_lib.c head/crypto/openssl/crypto/asn1/asn_mime.c head/crypto/openssl/crypto/asn1/asn_pack.c head/crypto/openssl/crypto/asn1/bio_asn1.c head/crypto/openssl/crypto/asn1/charmap.pl head/crypto/openssl/crypto/asn1/evp_asn1.c head/crypto/openssl/crypto/asn1/t_x509.c head/crypto/openssl/crypto/asn1/tasn_enc.c head/crypto/openssl/crypto/asn1/x_crl.c head/crypto/openssl/crypto/bio/bio_lib.c head/crypto/openssl/crypto/bn/bn_exp.c head/crypto/openssl/crypto/bn/bn_lib.c head/crypto/openssl/crypto/bn/bn_sqr.c head/crypto/openssl/crypto/cms/cms_pwri.c head/crypto/openssl/crypto/conf/conf_def.c head/crypto/openssl/crypto/ec/ec_lib.c head/crypto/openssl/crypto/ec/ecp_smpl.c head/crypto/openssl/crypto/ec/ectest.c head/crypto/openssl/crypto/evp/e_aes.c head/crypto/openssl/crypto/evp/evp_pbe.c head/crypto/openssl/crypto/idea/ideatest.c head/crypto/openssl/crypto/objects/obj_dat.c head/crypto/openssl/crypto/objects/obj_dat.h head/crypto/openssl/crypto/objects/obj_dat.pl head/crypto/openssl/crypto/ocsp/ocsp_ht.c head/crypto/openssl/crypto/ocsp/ocsp_lib.c head/crypto/openssl/crypto/opensslconf.h head/crypto/openssl/crypto/opensslv.h head/crypto/openssl/crypto/pem/pvkfmt.c head/crypto/openssl/crypto/pkcs7/Makefile head/crypto/openssl/crypto/rand/md_rand.c head/crypto/openssl/crypto/rand/rand_lcl.h head/crypto/openssl/crypto/rand/rand_lib.c head/crypto/openssl/crypto/rand/randfile.c head/crypto/openssl/crypto/rsa/rsa_eay.c head/crypto/openssl/crypto/srp/srp_lib.c head/crypto/openssl/crypto/ui/ui_lib.c head/crypto/openssl/doc/apps/asn1parse.pod head/crypto/openssl/doc/apps/ca.pod head/crypto/openssl/doc/apps/ciphers.pod head/crypto/openssl/doc/apps/cms.pod head/crypto/openssl/doc/apps/crl.pod head/crypto/openssl/doc/apps/dhparam.pod head/crypto/openssl/doc/apps/dsa.pod head/crypto/openssl/doc/apps/ecparam.pod head/crypto/openssl/doc/apps/gendsa.pod head/crypto/openssl/doc/apps/genrsa.pod head/crypto/openssl/doc/apps/rsa.pod head/crypto/openssl/doc/apps/s_client.pod head/crypto/openssl/doc/apps/s_server.pod head/crypto/openssl/doc/apps/verify.pod head/crypto/openssl/doc/apps/x509.pod head/crypto/openssl/doc/apps/x509v3_config.pod head/crypto/openssl/doc/crypto/ASN1_generate_nconf.pod head/crypto/openssl/doc/crypto/BIO_f_base64.pod head/crypto/openssl/doc/crypto/BIO_push.pod head/crypto/openssl/doc/crypto/ERR_get_error.pod head/crypto/openssl/doc/crypto/EVP_DigestInit.pod head/crypto/openssl/doc/crypto/EVP_EncryptInit.pod head/crypto/openssl/doc/crypto/EVP_SignInit.pod head/crypto/openssl/doc/crypto/RSA_set_method.pod head/crypto/openssl/doc/crypto/RSA_sign.pod head/crypto/openssl/doc/crypto/des.pod head/crypto/openssl/doc/crypto/err.pod head/crypto/openssl/doc/crypto/pem.pod head/crypto/openssl/doc/crypto/ui.pod head/crypto/openssl/doc/fingerprints.txt head/crypto/openssl/doc/ssl/SSL_CIPHER_get_name.pod head/crypto/openssl/doc/ssl/SSL_CTX_add_extra_chain_cert.pod head/crypto/openssl/doc/ssl/SSL_CTX_add_session.pod head/crypto/openssl/doc/ssl/SSL_CTX_new.pod head/crypto/openssl/doc/ssl/SSL_CTX_set_cipher_list.pod head/crypto/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod head/crypto/openssl/doc/ssl/SSL_CTX_set_client_cert_cb.pod head/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod head/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod head/crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod head/crypto/openssl/doc/ssl/SSL_get_version.pod head/crypto/openssl/doc/ssl/d2i_SSL_SESSION.pod head/crypto/openssl/ssl/Makefile head/crypto/openssl/ssl/d1_both.c head/crypto/openssl/ssl/d1_clnt.c head/crypto/openssl/ssl/d1_srvr.c head/crypto/openssl/ssl/heartbeat_test.c head/crypto/openssl/ssl/s23_lib.c head/crypto/openssl/ssl/s23_srvr.c head/crypto/openssl/ssl/s2_lib.c head/crypto/openssl/ssl/s3_clnt.c head/crypto/openssl/ssl/s3_enc.c head/crypto/openssl/ssl/s3_lib.c head/crypto/openssl/ssl/s3_pkt.c head/crypto/openssl/ssl/s3_srvr.c head/crypto/openssl/ssl/ssl.h head/crypto/openssl/ssl/ssl_ciph.c head/crypto/openssl/ssl/ssl_err.c head/crypto/openssl/ssl/ssl_lib.c head/crypto/openssl/ssl/ssl_locl.h head/crypto/openssl/ssl/ssl_stat.c head/crypto/openssl/ssl/t1_enc.c head/crypto/openssl/ssl/t1_lib.c head/crypto/openssl/ssl/tls_srp.c head/crypto/openssl/util/mk1mf.pl head/crypto/openssl/util/mkdef.pl head/crypto/openssl/util/mkerr.pl head/crypto/openssl/util/ssleay.num head/secure/lib/libcrypto/Makefile.inc head/secure/lib/libcrypto/man/ASN1_OBJECT_new.3 head/secure/lib/libcrypto/man/ASN1_STRING_length.3 head/secure/lib/libcrypto/man/ASN1_STRING_new.3 head/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3 head/secure/lib/libcrypto/man/ASN1_generate_nconf.3 head/secure/lib/libcrypto/man/BIO_ctrl.3 head/secure/lib/libcrypto/man/BIO_f_base64.3 head/secure/lib/libcrypto/man/BIO_f_buffer.3 head/secure/lib/libcrypto/man/BIO_f_cipher.3 head/secure/lib/libcrypto/man/BIO_f_md.3 head/secure/lib/libcrypto/man/BIO_f_null.3 head/secure/lib/libcrypto/man/BIO_f_ssl.3 head/secure/lib/libcrypto/man/BIO_find_type.3 head/secure/lib/libcrypto/man/BIO_new.3 head/secure/lib/libcrypto/man/BIO_new_CMS.3 head/secure/lib/libcrypto/man/BIO_push.3 head/secure/lib/libcrypto/man/BIO_read.3 head/secure/lib/libcrypto/man/BIO_s_accept.3 head/secure/lib/libcrypto/man/BIO_s_bio.3 head/secure/lib/libcrypto/man/BIO_s_connect.3 head/secure/lib/libcrypto/man/BIO_s_fd.3 head/secure/lib/libcrypto/man/BIO_s_file.3 head/secure/lib/libcrypto/man/BIO_s_mem.3 head/secure/lib/libcrypto/man/BIO_s_null.3 head/secure/lib/libcrypto/man/BIO_s_socket.3 head/secure/lib/libcrypto/man/BIO_set_callback.3 head/secure/lib/libcrypto/man/BIO_should_retry.3 head/secure/lib/libcrypto/man/BN_BLINDING_new.3 head/secure/lib/libcrypto/man/BN_CTX_new.3 head/secure/lib/libcrypto/man/BN_CTX_start.3 head/secure/lib/libcrypto/man/BN_add.3 head/secure/lib/libcrypto/man/BN_add_word.3 head/secure/lib/libcrypto/man/BN_bn2bin.3 head/secure/lib/libcrypto/man/BN_cmp.3 head/secure/lib/libcrypto/man/BN_copy.3 head/secure/lib/libcrypto/man/BN_generate_prime.3 head/secure/lib/libcrypto/man/BN_mod_inverse.3 head/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3 head/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3 head/secure/lib/libcrypto/man/BN_new.3 head/secure/lib/libcrypto/man/BN_num_bytes.3 head/secure/lib/libcrypto/man/BN_rand.3 head/secure/lib/libcrypto/man/BN_set_bit.3 head/secure/lib/libcrypto/man/BN_swap.3 head/secure/lib/libcrypto/man/BN_zero.3 head/secure/lib/libcrypto/man/CMS_add0_cert.3 head/secure/lib/libcrypto/man/CMS_add1_recipient_cert.3 head/secure/lib/libcrypto/man/CMS_compress.3 head/secure/lib/libcrypto/man/CMS_decrypt.3 head/secure/lib/libcrypto/man/CMS_encrypt.3 head/secure/lib/libcrypto/man/CMS_final.3 head/secure/lib/libcrypto/man/CMS_get0_RecipientInfos.3 head/secure/lib/libcrypto/man/CMS_get0_SignerInfos.3 head/secure/lib/libcrypto/man/CMS_get0_type.3 head/secure/lib/libcrypto/man/CMS_get1_ReceiptRequest.3 head/secure/lib/libcrypto/man/CMS_sign.3 head/secure/lib/libcrypto/man/CMS_sign_add1_signer.3 head/secure/lib/libcrypto/man/CMS_sign_receipt.3 head/secure/lib/libcrypto/man/CMS_uncompress.3 head/secure/lib/libcrypto/man/CMS_verify.3 head/secure/lib/libcrypto/man/CMS_verify_receipt.3 head/secure/lib/libcrypto/man/CONF_modules_free.3 head/secure/lib/libcrypto/man/CONF_modules_load_file.3 head/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3 head/secure/lib/libcrypto/man/DH_generate_key.3 head/secure/lib/libcrypto/man/DH_generate_parameters.3 head/secure/lib/libcrypto/man/DH_get_ex_new_index.3 head/secure/lib/libcrypto/man/DH_new.3 head/secure/lib/libcrypto/man/DH_set_method.3 head/secure/lib/libcrypto/man/DH_size.3 head/secure/lib/libcrypto/man/DSA_SIG_new.3 head/secure/lib/libcrypto/man/DSA_do_sign.3 head/secure/lib/libcrypto/man/DSA_dup_DH.3 head/secure/lib/libcrypto/man/DSA_generate_key.3 head/secure/lib/libcrypto/man/DSA_generate_parameters.3 head/secure/lib/libcrypto/man/DSA_get_ex_new_index.3 head/secure/lib/libcrypto/man/DSA_new.3 head/secure/lib/libcrypto/man/DSA_set_method.3 head/secure/lib/libcrypto/man/DSA_sign.3 head/secure/lib/libcrypto/man/DSA_size.3 head/secure/lib/libcrypto/man/ERR_GET_LIB.3 head/secure/lib/libcrypto/man/ERR_clear_error.3 head/secure/lib/libcrypto/man/ERR_error_string.3 head/secure/lib/libcrypto/man/ERR_get_error.3 head/secure/lib/libcrypto/man/ERR_load_crypto_strings.3 head/secure/lib/libcrypto/man/ERR_load_strings.3 head/secure/lib/libcrypto/man/ERR_print_errors.3 head/secure/lib/libcrypto/man/ERR_put_error.3 head/secure/lib/libcrypto/man/ERR_remove_state.3 head/secure/lib/libcrypto/man/ERR_set_mark.3 head/secure/lib/libcrypto/man/EVP_BytesToKey.3 head/secure/lib/libcrypto/man/EVP_DigestInit.3 head/secure/lib/libcrypto/man/EVP_DigestSignInit.3 head/secure/lib/libcrypto/man/EVP_DigestVerifyInit.3 head/secure/lib/libcrypto/man/EVP_EncryptInit.3 head/secure/lib/libcrypto/man/EVP_OpenInit.3 head/secure/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 head/secure/lib/libcrypto/man/EVP_PKEY_CTX_new.3 head/secure/lib/libcrypto/man/EVP_PKEY_cmp.3 head/secure/lib/libcrypto/man/EVP_PKEY_decrypt.3 head/secure/lib/libcrypto/man/EVP_PKEY_derive.3 head/secure/lib/libcrypto/man/EVP_PKEY_encrypt.3 head/secure/lib/libcrypto/man/EVP_PKEY_get_default_digest.3 head/secure/lib/libcrypto/man/EVP_PKEY_keygen.3 head/secure/lib/libcrypto/man/EVP_PKEY_new.3 head/secure/lib/libcrypto/man/EVP_PKEY_print_private.3 head/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 head/secure/lib/libcrypto/man/EVP_PKEY_sign.3 head/secure/lib/libcrypto/man/EVP_PKEY_verify.3 head/secure/lib/libcrypto/man/EVP_PKEY_verify_recover.3 head/secure/lib/libcrypto/man/EVP_SealInit.3 head/secure/lib/libcrypto/man/EVP_SignInit.3 head/secure/lib/libcrypto/man/EVP_VerifyInit.3 head/secure/lib/libcrypto/man/OBJ_nid2obj.3 head/secure/lib/libcrypto/man/OPENSSL_Applink.3 head/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 head/secure/lib/libcrypto/man/OPENSSL_config.3 head/secure/lib/libcrypto/man/OPENSSL_ia32cap.3 head/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 head/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 head/secure/lib/libcrypto/man/PEM_write_bio_CMS_stream.3 head/secure/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 head/secure/lib/libcrypto/man/PKCS12_create.3 head/secure/lib/libcrypto/man/PKCS12_parse.3 head/secure/lib/libcrypto/man/PKCS7_decrypt.3 head/secure/lib/libcrypto/man/PKCS7_encrypt.3 head/secure/lib/libcrypto/man/PKCS7_sign.3 head/secure/lib/libcrypto/man/PKCS7_sign_add_signer.3 head/secure/lib/libcrypto/man/PKCS7_verify.3 head/secure/lib/libcrypto/man/RAND_add.3 head/secure/lib/libcrypto/man/RAND_bytes.3 head/secure/lib/libcrypto/man/RAND_cleanup.3 head/secure/lib/libcrypto/man/RAND_egd.3 head/secure/lib/libcrypto/man/RAND_load_file.3 head/secure/lib/libcrypto/man/RAND_set_rand_method.3 head/secure/lib/libcrypto/man/RSA_blinding_on.3 head/secure/lib/libcrypto/man/RSA_check_key.3 head/secure/lib/libcrypto/man/RSA_generate_key.3 head/secure/lib/libcrypto/man/RSA_get_ex_new_index.3 head/secure/lib/libcrypto/man/RSA_new.3 head/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 head/secure/lib/libcrypto/man/RSA_print.3 head/secure/lib/libcrypto/man/RSA_private_encrypt.3 head/secure/lib/libcrypto/man/RSA_public_encrypt.3 head/secure/lib/libcrypto/man/RSA_set_method.3 head/secure/lib/libcrypto/man/RSA_sign.3 head/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 head/secure/lib/libcrypto/man/RSA_size.3 head/secure/lib/libcrypto/man/SMIME_read_CMS.3 head/secure/lib/libcrypto/man/SMIME_read_PKCS7.3 head/secure/lib/libcrypto/man/SMIME_write_CMS.3 head/secure/lib/libcrypto/man/SMIME_write_PKCS7.3 head/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 head/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 head/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 head/secure/lib/libcrypto/man/X509_NAME_print_ex.3 head/secure/lib/libcrypto/man/X509_STORE_CTX_get_error.3 head/secure/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3 head/secure/lib/libcrypto/man/X509_STORE_CTX_new.3 head/secure/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3 head/secure/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3 head/secure/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 head/secure/lib/libcrypto/man/X509_new.3 head/secure/lib/libcrypto/man/X509_verify_cert.3 head/secure/lib/libcrypto/man/bio.3 head/secure/lib/libcrypto/man/blowfish.3 head/secure/lib/libcrypto/man/bn.3 head/secure/lib/libcrypto/man/bn_internal.3 head/secure/lib/libcrypto/man/buffer.3 head/secure/lib/libcrypto/man/crypto.3 head/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3 head/secure/lib/libcrypto/man/d2i_DHparams.3 head/secure/lib/libcrypto/man/d2i_DSAPublicKey.3 head/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3 head/secure/lib/libcrypto/man/d2i_RSAPublicKey.3 head/secure/lib/libcrypto/man/d2i_X509.3 head/secure/lib/libcrypto/man/d2i_X509_ALGOR.3 head/secure/lib/libcrypto/man/d2i_X509_CRL.3 head/secure/lib/libcrypto/man/d2i_X509_NAME.3 head/secure/lib/libcrypto/man/d2i_X509_REQ.3 head/secure/lib/libcrypto/man/d2i_X509_SIG.3 head/secure/lib/libcrypto/man/des.3 head/secure/lib/libcrypto/man/dh.3 head/secure/lib/libcrypto/man/dsa.3 head/secure/lib/libcrypto/man/ecdsa.3 head/secure/lib/libcrypto/man/engine.3 head/secure/lib/libcrypto/man/err.3 head/secure/lib/libcrypto/man/evp.3 head/secure/lib/libcrypto/man/hmac.3 head/secure/lib/libcrypto/man/i2d_CMS_bio_stream.3 head/secure/lib/libcrypto/man/i2d_PKCS7_bio_stream.3 head/secure/lib/libcrypto/man/lh_stats.3 head/secure/lib/libcrypto/man/lhash.3 head/secure/lib/libcrypto/man/md5.3 head/secure/lib/libcrypto/man/mdc2.3 head/secure/lib/libcrypto/man/pem.3 head/secure/lib/libcrypto/man/rand.3 head/secure/lib/libcrypto/man/rc4.3 head/secure/lib/libcrypto/man/ripemd.3 head/secure/lib/libcrypto/man/rsa.3 head/secure/lib/libcrypto/man/sha.3 head/secure/lib/libcrypto/man/threads.3 head/secure/lib/libcrypto/man/ui.3 head/secure/lib/libcrypto/man/ui_compat.3 head/secure/lib/libcrypto/man/x509.3 head/secure/lib/libssl/Makefile.man head/secure/lib/libssl/man/SSL_CIPHER_get_name.3 head/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 head/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 head/secure/lib/libssl/man/SSL_CTX_add_session.3 head/secure/lib/libssl/man/SSL_CTX_ctrl.3 head/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 head/secure/lib/libssl/man/SSL_CTX_free.3 head/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 head/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 head/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 head/secure/lib/libssl/man/SSL_CTX_new.3 head/secure/lib/libssl/man/SSL_CTX_sess_number.3 head/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 head/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 head/secure/lib/libssl/man/SSL_CTX_sessions.3 head/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 head/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 head/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 head/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 head/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 head/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 head/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 head/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 head/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 head/secure/lib/libssl/man/SSL_CTX_set_mode.3 head/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 head/secure/lib/libssl/man/SSL_CTX_set_options.3 head/secure/lib/libssl/man/SSL_CTX_set_psk_client_callback.3 head/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 head/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 head/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 head/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 head/secure/lib/libssl/man/SSL_CTX_set_timeout.3 head/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 head/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 head/secure/lib/libssl/man/SSL_CTX_set_verify.3 head/secure/lib/libssl/man/SSL_CTX_use_certificate.3 head/secure/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3 head/secure/lib/libssl/man/SSL_SESSION_free.3 head/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 head/secure/lib/libssl/man/SSL_SESSION_get_time.3 head/secure/lib/libssl/man/SSL_accept.3 head/secure/lib/libssl/man/SSL_alert_type_string.3 head/secure/lib/libssl/man/SSL_clear.3 head/secure/lib/libssl/man/SSL_connect.3 head/secure/lib/libssl/man/SSL_do_handshake.3 head/secure/lib/libssl/man/SSL_free.3 head/secure/lib/libssl/man/SSL_get_SSL_CTX.3 head/secure/lib/libssl/man/SSL_get_ciphers.3 head/secure/lib/libssl/man/SSL_get_client_CA_list.3 head/secure/lib/libssl/man/SSL_get_current_cipher.3 head/secure/lib/libssl/man/SSL_get_default_timeout.3 head/secure/lib/libssl/man/SSL_get_error.3 head/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 head/secure/lib/libssl/man/SSL_get_ex_new_index.3 head/secure/lib/libssl/man/SSL_get_fd.3 head/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 head/secure/lib/libssl/man/SSL_get_peer_certificate.3 head/secure/lib/libssl/man/SSL_get_psk_identity.3 head/secure/lib/libssl/man/SSL_get_rbio.3 head/secure/lib/libssl/man/SSL_get_session.3 head/secure/lib/libssl/man/SSL_get_verify_result.3 head/secure/lib/libssl/man/SSL_get_version.3 head/secure/lib/libssl/man/SSL_library_init.3 head/secure/lib/libssl/man/SSL_load_client_CA_file.3 head/secure/lib/libssl/man/SSL_new.3 head/secure/lib/libssl/man/SSL_pending.3 head/secure/lib/libssl/man/SSL_read.3 head/secure/lib/libssl/man/SSL_rstate_string.3 head/secure/lib/libssl/man/SSL_session_reused.3 head/secure/lib/libssl/man/SSL_set_bio.3 head/secure/lib/libssl/man/SSL_set_connect_state.3 head/secure/lib/libssl/man/SSL_set_fd.3 head/secure/lib/libssl/man/SSL_set_session.3 head/secure/lib/libssl/man/SSL_set_shutdown.3 head/secure/lib/libssl/man/SSL_set_verify_result.3 head/secure/lib/libssl/man/SSL_shutdown.3 head/secure/lib/libssl/man/SSL_state_string.3 head/secure/lib/libssl/man/SSL_want.3 head/secure/lib/libssl/man/SSL_write.3 head/secure/lib/libssl/man/d2i_SSL_SESSION.3 head/secure/lib/libssl/man/ssl.3 head/secure/usr.bin/openssl/man/CA.pl.1 head/secure/usr.bin/openssl/man/asn1parse.1 head/secure/usr.bin/openssl/man/ca.1 head/secure/usr.bin/openssl/man/ciphers.1 head/secure/usr.bin/openssl/man/cms.1 head/secure/usr.bin/openssl/man/crl.1 head/secure/usr.bin/openssl/man/crl2pkcs7.1 head/secure/usr.bin/openssl/man/dgst.1 head/secure/usr.bin/openssl/man/dhparam.1 head/secure/usr.bin/openssl/man/dsa.1 head/secure/usr.bin/openssl/man/dsaparam.1 head/secure/usr.bin/openssl/man/ec.1 head/secure/usr.bin/openssl/man/ecparam.1 head/secure/usr.bin/openssl/man/enc.1 head/secure/usr.bin/openssl/man/errstr.1 head/secure/usr.bin/openssl/man/gendsa.1 head/secure/usr.bin/openssl/man/genpkey.1 head/secure/usr.bin/openssl/man/genrsa.1 head/secure/usr.bin/openssl/man/nseq.1 head/secure/usr.bin/openssl/man/ocsp.1 head/secure/usr.bin/openssl/man/openssl.1 head/secure/usr.bin/openssl/man/passwd.1 head/secure/usr.bin/openssl/man/pkcs12.1 head/secure/usr.bin/openssl/man/pkcs7.1 head/secure/usr.bin/openssl/man/pkcs8.1 head/secure/usr.bin/openssl/man/pkey.1 head/secure/usr.bin/openssl/man/pkeyparam.1 head/secure/usr.bin/openssl/man/pkeyutl.1 head/secure/usr.bin/openssl/man/rand.1 head/secure/usr.bin/openssl/man/req.1 head/secure/usr.bin/openssl/man/rsa.1 head/secure/usr.bin/openssl/man/rsautl.1 head/secure/usr.bin/openssl/man/s_client.1 head/secure/usr.bin/openssl/man/s_server.1 head/secure/usr.bin/openssl/man/s_time.1 head/secure/usr.bin/openssl/man/sess_id.1 head/secure/usr.bin/openssl/man/smime.1 head/secure/usr.bin/openssl/man/speed.1 head/secure/usr.bin/openssl/man/spkac.1 head/secure/usr.bin/openssl/man/ts.1 head/secure/usr.bin/openssl/man/tsget.1 head/secure/usr.bin/openssl/man/verify.1 head/secure/usr.bin/openssl/man/version.1 head/secure/usr.bin/openssl/man/x509.1 head/secure/usr.bin/openssl/man/x509v3_config.1 Directory Properties: head/crypto/openssl/ (props changed) Modified: head/crypto/openssl/CHANGES ============================================================================== --- head/crypto/openssl/CHANGES Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/CHANGES Thu Aug 7 18:56:10 2014 (r269682) @@ -2,6 +2,92 @@ OpenSSL CHANGES _______________ + Changes between 1.0.1h and 1.0.1i [6 Aug 2014] + + *) Fix SRP buffer overrun vulnerability. Invalid parameters passed to the + SRP code can be overrun an internal buffer. Add sanity check that + g, A, B < N to SRP code. + + Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC + Group for discovering this issue. + (CVE-2014-3512) + [Steve Henson] + + *) A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate + TLS 1.0 instead of higher protocol versions when the ClientHello message + is badly fragmented. This allows a man-in-the-middle attacker to force a + downgrade to TLS 1.0 even if both the server and the client support a + higher protocol version, by modifying the client's TLS records. + + Thanks to David Benjamin and Adam Langley (Google) for discovering and + researching this issue. + (CVE-2014-3511) + [David Benjamin] + + *) OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject + to a denial of service attack. A malicious server can crash the client + with a null pointer dereference (read) by specifying an anonymous (EC)DH + ciphersuite and sending carefully crafted handshake messages. + + Thanks to Felix Gröbert (Google) for discovering and researching this + issue. + (CVE-2014-3510) + [Emilia Käsper] + + *) By sending carefully crafted DTLS packets an attacker could cause openssl + to leak memory. This can be exploited through a Denial of Service attack. + Thanks to Adam Langley for discovering and researching this issue. + (CVE-2014-3507) + [Adam Langley] + + *) An attacker can force openssl to consume large amounts of memory whilst + processing DTLS handshake messages. This can be exploited through a + Denial of Service attack. + Thanks to Adam Langley for discovering and researching this issue. + (CVE-2014-3506) + [Adam Langley] + + *) An attacker can force an error condition which causes openssl to crash + whilst processing DTLS packets due to memory being freed twice. This + can be exploited through a Denial of Service attack. + Thanks to Adam Langley and Wan-Teh Chang for discovering and researching + this issue. + (CVE-2014-3505) + [Adam Langley] + + *) If a multithreaded client connects to a malicious server using a resumed + session and the server sends an ec point format extension it could write + up to 255 bytes to freed memory. + + Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this + issue. + (CVE-2014-3509) + [Gabor Tyukasz] + + *) A malicious server can crash an OpenSSL client with a null pointer + dereference (read) by specifying an SRP ciphersuite even though it was not + properly negotiated with the client. This can be exploited through a + Denial of Service attack. + + Thanks to Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for + discovering and researching this issue. + (CVE-2014-5139) + [Steve Henson] + + *) A flaw in OBJ_obj2txt may cause pretty printing functions such as + X509_name_oneline, X509_name_print_ex et al. to leak some information + from the stack. Applications may be affected if they echo pretty printing + output to the attacker. + + Thanks to Ivan Fratric (Google) for discovering this issue. + (CVE-2014-3508) + [Emilia Käsper, and Steve Henson] + + *) Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.) + for corner cases. (Certain input points at infinity could lead to + bogus results, with non-infinity inputs mapped to infinity too.) + [Bodo Moeller] + Changes between 1.0.1g and 1.0.1h [5 Jun 2014] *) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted Modified: head/crypto/openssl/Configure ============================================================================== --- head/crypto/openssl/Configure Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/Configure Thu Aug 7 18:56:10 2014 (r269682) @@ -720,6 +720,7 @@ my %disabled = ( # "what" => "co "sctp" => "default", "shared" => "default", "store" => "experimental", + "unit-test" => "default", "zlib" => "default", "zlib-dynamic" => "default" ); @@ -727,7 +728,7 @@ my @experimental = (); # This is what $depflags will look like with the above defaults # (we need this to see if we should advise the user to run "make depend"): -my $default_depflags = " -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE"; +my $default_depflags = " -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST"; # Explicit "no-..." options will be collected in %disabled along with the defaults. # To remove something from %disabled, use "enable-foo" (unless it's experimental). Modified: head/crypto/openssl/FAQ ============================================================================== --- head/crypto/openssl/FAQ Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/FAQ Thu Aug 7 18:56:10 2014 (r269682) @@ -113,11 +113,6 @@ that came with the version of OpenSSL yo documentation is included in each OpenSSL distribution under the docs directory. -For information on parts of libcrypto that are not yet documented, you -might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's -predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>. Much -of this still applies to OpenSSL. - There is some documentation about certificate extensions and PKCS#12 in doc/openssl.txt Modified: head/crypto/openssl/Makefile ============================================================================== --- head/crypto/openssl/Makefile Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/Makefile Thu Aug 7 18:56:10 2014 (r269682) @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=1.0.1h +VERSION=1.0.1i MAJOR=1 MINOR=0.1 SHLIB_VERSION_NUMBER=1.0.0 @@ -13,7 +13,7 @@ SHLIB_MAJOR=1 SHLIB_MINOR=0.0 SHLIB_EXT= PLATFORM=dist -OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store no-zlib no-zlib-dynamic static-engine +OPTIONS= no-ec_nistp_64_gcc_128 no-gmp no-jpake no-krb5 no-md2 no-rc5 no-rfc3779 no-sctp no-shared no-store no-unit-test no-zlib no-zlib-dynamic static-engine CONFIGURE_ARGS=dist SHLIB_TARGET= @@ -61,7 +61,7 @@ OPENSSLDIR=/usr/local/ssl CC= cc CFLAG= -O -DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE +DEPFLAG= -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST PEX_LIBS= EX_LIBS= EXE_EXT= Modified: head/crypto/openssl/NEWS ============================================================================== --- head/crypto/openssl/NEWS Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/NEWS Thu Aug 7 18:56:10 2014 (r269682) @@ -5,10 +5,23 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014] + + o Fix for CVE-2014-3512 + o Fix for CVE-2014-3511 + o Fix for CVE-2014-3510 + o Fix for CVE-2014-3507 + o Fix for CVE-2014-3506 + o Fix for CVE-2014-3505 + o Fix for CVE-2014-3509 + o Fix for CVE-2014-5139 + o Fix for CVE-2014-3508 + Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014] o Fix for CVE-2014-0224 o Fix for CVE-2014-0221 + o Fix for CVE-2014-0198 o Fix for CVE-2014-0195 o Fix for CVE-2014-3470 o Fix for CVE-2010-5298 Modified: head/crypto/openssl/README ============================================================================== --- head/crypto/openssl/README Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/README Thu Aug 7 18:56:10 2014 (r269682) @@ -1,5 +1,5 @@ - OpenSSL 1.0.1h 5 Jun 2014 + OpenSSL 1.0.1i 6 Aug 2014 Copyright (c) 1998-2011 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Modified: head/crypto/openssl/apps/apps.c ============================================================================== --- head/crypto/openssl/apps/apps.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/apps/apps.c Thu Aug 7 18:56:10 2014 (r269682) @@ -390,6 +390,8 @@ int chopup_args(ARGS *arg, char *buf, in { arg->count=20; arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count); + if (arg->data == NULL) + return 0; } for (i=0; i<arg->count; i++) arg->data[i]=NULL; @@ -1542,6 +1544,8 @@ char *make_config_name() len=strlen(t)+strlen(OPENSSL_CONF)+2; p=OPENSSL_malloc(len); + if (p == NULL) + return NULL; BUF_strlcpy(p,t,len); #ifndef OPENSSL_SYS_VMS BUF_strlcat(p,"/",len); Modified: head/crypto/openssl/apps/ca.c ============================================================================== --- head/crypto/openssl/apps/ca.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/apps/ca.c Thu Aug 7 18:56:10 2014 (r269682) @@ -1620,12 +1620,14 @@ static int certify(X509 **xret, char *in { ok=0; BIO_printf(bio_err,"Signature verification problems....\n"); + ERR_print_errors(bio_err); goto err; } if (i == 0) { ok=0; BIO_printf(bio_err,"Signature did not match the certificate request\n"); + ERR_print_errors(bio_err); goto err; } else @@ -2777,6 +2779,9 @@ char *make_revocation_str(int rev_type, revtm = X509_gmtime_adj(NULL, 0); + if (!revtm) + return NULL; + i = revtm->length + 1; if (reason) i += strlen(reason) + 1; Modified: head/crypto/openssl/apps/ciphers.c ============================================================================== --- head/crypto/openssl/apps/ciphers.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/apps/ciphers.c Thu Aug 7 18:56:10 2014 (r269682) @@ -96,13 +96,7 @@ int MAIN(int argc, char **argv) char buf[512]; BIO *STDout=NULL; -#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) meth=SSLv23_server_method(); -#elif !defined(OPENSSL_NO_SSL3) - meth=SSLv3_server_method(); -#elif !defined(OPENSSL_NO_SSL2) - meth=SSLv2_server_method(); -#endif apps_startup(); Modified: head/crypto/openssl/apps/crl2p7.c ============================================================================== --- head/crypto/openssl/apps/crl2p7.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/apps/crl2p7.c Thu Aug 7 18:56:10 2014 (r269682) @@ -141,7 +141,13 @@ int MAIN(int argc, char **argv) { if (--argc < 1) goto bad; if(!certflst) certflst = sk_OPENSSL_STRING_new_null(); - sk_OPENSSL_STRING_push(certflst,*(++argv)); + if (!certflst) + goto end; + if (!sk_OPENSSL_STRING_push(certflst,*(++argv))) + { + sk_OPENSSL_STRING_free(certflst); + goto end; + } } else { Modified: head/crypto/openssl/apps/enc.c ============================================================================== --- head/crypto/openssl/apps/enc.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/apps/enc.c Thu Aug 7 18:56:10 2014 (r269682) @@ -67,7 +67,9 @@ #include <openssl/x509.h> #include <openssl/rand.h> #include <openssl/pem.h> +#ifndef OPENSSL_NO_COMP #include <openssl/comp.h> +#endif #include <ctype.h> int set_hex(char *in,unsigned char *out,int size); @@ -337,6 +339,12 @@ bad: goto end; } + if (cipher && (EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)) + { + BIO_printf(bio_err, "Ciphers in XTS mode are not supported by the enc utility\n"); + goto end; + } + if (md && (dgst=EVP_get_digestbyname(md)) == NULL) { BIO_printf(bio_err,"%s is an unsupported message digest type\n",md); Modified: head/crypto/openssl/apps/ocsp.c ============================================================================== --- head/crypto/openssl/apps/ocsp.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/apps/ocsp.c Thu Aug 7 18:56:10 2014 (r269682) @@ -1419,7 +1419,7 @@ OCSP_RESPONSE *process_responder(BIO *er } resp = query_responder(err, cbio, path, headers, req, req_timeout); if (!resp) - BIO_printf(bio_err, "Error querying OCSP responsder\n"); + BIO_printf(bio_err, "Error querying OCSP responder\n"); end: if (cbio) BIO_free_all(cbio); Modified: head/crypto/openssl/apps/progs.h ============================================================================== --- head/crypto/openssl/apps/progs.h Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/apps/progs.h Thu Aug 7 18:56:10 2014 (r269682) @@ -107,16 +107,16 @@ FUNCTION functions[] = { {FUNC_TYPE_GENERAL,"gendsa",gendsa_main}, #endif {FUNC_TYPE_GENERAL,"genpkey",genpkey_main}, -#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) +#if !defined(OPENSSL_NO_SOCK) {FUNC_TYPE_GENERAL,"s_server",s_server_main}, #endif -#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) +#if !defined(OPENSSL_NO_SOCK) {FUNC_TYPE_GENERAL,"s_client",s_client_main}, #endif #ifndef OPENSSL_NO_SPEED {FUNC_TYPE_GENERAL,"speed",speed_main}, #endif -#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) +#if !defined(OPENSSL_NO_SOCK) {FUNC_TYPE_GENERAL,"s_time",s_time_main}, #endif {FUNC_TYPE_GENERAL,"version",version_main}, @@ -126,7 +126,7 @@ FUNCTION functions[] = { #endif {FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main}, {FUNC_TYPE_GENERAL,"sess_id",sess_id_main}, -#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3)) +#if !defined(OPENSSL_NO_SOCK) {FUNC_TYPE_GENERAL,"ciphers",ciphers_main}, #endif {FUNC_TYPE_GENERAL,"nseq",nseq_main}, Modified: head/crypto/openssl/apps/progs.pl ============================================================================== --- head/crypto/openssl/apps/progs.pl Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/apps/progs.pl Thu Aug 7 18:56:10 2014 (r269682) @@ -32,7 +32,7 @@ foreach (@ARGV) push(@files,$_); $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n"; if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/)) - { print "#if !defined(OPENSSL_NO_SOCK) && !(defined(OPENSSL_NO_SSL2) && defined(OPENSSL_NO_SSL3))\n${str}#endif\n"; } + { print "#if !defined(OPENSSL_NO_SOCK)\n${str}#endif\n"; } elsif ( ($_ =~ /^speed$/)) { print "#ifndef OPENSSL_NO_SPEED\n${str}#endif\n"; } elsif ( ($_ =~ /^engine$/)) Modified: head/crypto/openssl/apps/s_client.c ============================================================================== --- head/crypto/openssl/apps/s_client.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/apps/s_client.c Thu Aug 7 18:56:10 2014 (r269682) @@ -290,6 +290,7 @@ static void sc_usage(void) BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR); BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); + BIO_printf(bio_err," -verify_return_error - return verification errors\n"); BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n"); BIO_printf(bio_err," -certform arg - certificate format (PEM or DER) PEM default\n"); BIO_printf(bio_err," -key arg - Private key file to use, in cert file if\n"); @@ -300,6 +301,7 @@ static void sc_usage(void) BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n"); BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n"); BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n"); + BIO_printf(bio_err," -prexit - print session information even on connection failure\n"); BIO_printf(bio_err," -showcerts - show all certificates in the chain\n"); BIO_printf(bio_err," -debug - extra output\n"); #ifdef WATT32 Modified: head/crypto/openssl/apps/s_server.c ============================================================================== --- head/crypto/openssl/apps/s_server.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/apps/s_server.c Thu Aug 7 18:56:10 2014 (r269682) @@ -463,6 +463,7 @@ static void sv_usage(void) BIO_printf(bio_err," -context arg - set session ID context\n"); BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n"); BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n"); + BIO_printf(bio_err," -verify_return_error - return verification errors\n"); BIO_printf(bio_err," -cert arg - certificate file to use\n"); BIO_printf(bio_err," (default is %s)\n",TEST_CERT); BIO_printf(bio_err," -crl_check - check the peer certificate has not been revoked by its CA.\n" \ @@ -534,6 +535,7 @@ static void sv_usage(void) BIO_printf(bio_err," -no_ecdhe - Disable ephemeral ECDH\n"); #endif BIO_printf(bio_err," -bugs - Turn on SSL bug compatibility\n"); + BIO_printf(bio_err," -hack - workaround for early Netscape code\n"); BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n"); BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n"); @@ -562,6 +564,10 @@ static void sv_usage(void) #endif BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); + BIO_printf(bio_err," -status - respond to certificate status requests\n"); + BIO_printf(bio_err," -status_verbose - enable status request verbose printout\n"); + BIO_printf(bio_err," -status_timeout n - status request responder timeout\n"); + BIO_printf(bio_err," -status_url URL - status request fallback URL\n"); } static int local_argc=0; @@ -739,7 +745,7 @@ static int MS_CALLBACK ssl_servername_cb if (servername) { - if (strcmp(servername,p->servername)) + if (strcasecmp(servername,p->servername)) return p->extension_error; if (ctx2) { @@ -1356,6 +1362,14 @@ bad: sv_usage(); goto end; } +#ifndef OPENSSL_NO_DTLS1 + if (www && socket_type == SOCK_DGRAM) + { + BIO_printf(bio_err, + "Can't use -HTTP, -www or -WWW with DTLS\n"); + goto end; + } +#endif #if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK) if (jpake_secret) Modified: head/crypto/openssl/crypto/asn1/a_object.c ============================================================================== --- head/crypto/openssl/crypto/asn1/a_object.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/a_object.c Thu Aug 7 18:56:10 2014 (r269682) @@ -283,17 +283,29 @@ err: ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); return(NULL); } + ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long len) { ASN1_OBJECT *ret=NULL; const unsigned char *p; unsigned char *data; - int i; - /* Sanity check OID encoding: can't have leading 0x80 in - * subidentifiers, see: X.690 8.19.2 + int i, length; + + /* Sanity check OID encoding. + * Need at least one content octet. + * MSB must be clear in the last octet. + * can't have leading 0x80 in subidentifiers, see: X.690 8.19.2 */ - for (i = 0, p = *pp; i < len; i++, p++) + if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL || + p[len - 1] & 0x80) + { + ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING); + return NULL; + } + /* Now 0 < len <= INT_MAX, so the cast is safe. */ + length = (int)len; + for (i = 0; i < length; i++, p++) { if (*p == 0x80 && (!i || !(p[-1] & 0x80))) { @@ -316,23 +328,23 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT data = (unsigned char *)ret->data; ret->data = NULL; /* once detached we can change it */ - if ((data == NULL) || (ret->length < len)) + if ((data == NULL) || (ret->length < length)) { ret->length=0; if (data != NULL) OPENSSL_free(data); - data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1); + data=(unsigned char *)OPENSSL_malloc(length); if (data == NULL) { i=ERR_R_MALLOC_FAILURE; goto err; } ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; } - memcpy(data,p,(int)len); + memcpy(data,p,length); /* reattach data to object, after which it remains const */ ret->data =data; - ret->length=(int)len; + ret->length=length; ret->sn=NULL; ret->ln=NULL; /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */ - p+=len; + p+=length; if (a != NULL) (*a)=ret; *pp=p; Modified: head/crypto/openssl/crypto/asn1/a_utctm.c ============================================================================== --- head/crypto/openssl/crypto/asn1/a_utctm.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/a_utctm.c Thu Aug 7 18:56:10 2014 (r269682) @@ -196,24 +196,29 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCT struct tm *ts; struct tm data; size_t len = 20; + int free_s = 0; if (s == NULL) + { + free_s = 1; s=M_ASN1_UTCTIME_new(); + } if (s == NULL) - return(NULL); + goto err; + ts=OPENSSL_gmtime(&t, &data); if (ts == NULL) - return(NULL); + goto err; if (offset_day || offset_sec) { if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) - return NULL; + goto err; } if((ts->tm_year < 50) || (ts->tm_year >= 150)) - return NULL; + goto err; p=(char *)s->data; if ((p == NULL) || ((size_t)s->length < len)) @@ -222,7 +227,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCT if (p == NULL) { ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE); - return(NULL); + goto err; } if (s->data != NULL) OPENSSL_free(s->data); @@ -237,6 +242,10 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCT ebcdic2ascii(s->data, s->data, s->length); #endif return(s); + err: + if (free_s && s) + M_ASN1_UTCTIME_free(s); + return NULL; } @@ -261,6 +270,11 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_U t -= offset*60; /* FIXME: may overflow in extreme cases */ tm = OPENSSL_gmtime(&t, &data); + /* NB: -1, 0, 1 already valid return values so use -2 to + * indicate error. + */ + if (tm == NULL) + return -2; #define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1 year = g2(s->data); Modified: head/crypto/openssl/crypto/asn1/ameth_lib.c ============================================================================== --- head/crypto/openssl/crypto/asn1/ameth_lib.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/ameth_lib.c Thu Aug 7 18:56:10 2014 (r269682) @@ -258,7 +258,12 @@ int EVP_PKEY_asn1_add_alias(int to, int if (!ameth) return 0; ameth->pkey_base_id = to; - return EVP_PKEY_asn1_add0(ameth); + if (!EVP_PKEY_asn1_add0(ameth)) + { + EVP_PKEY_asn1_free(ameth); + return 0; + } + return 1; } int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, int *ppkey_flags, Modified: head/crypto/openssl/crypto/asn1/asn1_lib.c ============================================================================== --- head/crypto/openssl/crypto/asn1/asn1_lib.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/asn1_lib.c Thu Aug 7 18:56:10 2014 (r269682) @@ -131,6 +131,9 @@ int ASN1_get_object(const unsigned char *pclass=xclass; if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err; + if (inf && !(ret & V_ASN1_CONSTRUCTED)) + goto err; + #if 0 fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n", (int)p,*plength,omax,(int)*pp,(int)(p+ *plength), Modified: head/crypto/openssl/crypto/asn1/asn_mime.c ============================================================================== --- head/crypto/openssl/crypto/asn1/asn_mime.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/asn_mime.c Thu Aug 7 18:56:10 2014 (r269682) @@ -667,6 +667,8 @@ static STACK_OF(MIME_HEADER) *mime_parse int len, state, save_state = 0; headers = sk_MIME_HEADER_new(mime_hdr_cmp); + if (!headers) + return NULL; while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { /* If whitespace at line start then continuation line */ if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME; Modified: head/crypto/openssl/crypto/asn1/asn_pack.c ============================================================================== --- head/crypto/openssl/crypto/asn1/asn_pack.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/asn_pack.c Thu Aug 7 18:56:10 2014 (r269682) @@ -134,15 +134,23 @@ ASN1_STRING *ASN1_pack_string(void *obj, if (!(octmp->length = i2d(obj, NULL))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); - return NULL; + goto err; } if (!(p = OPENSSL_malloc (octmp->length))) { ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } octmp->data = p; i2d (obj, &p); return octmp; + err: + if (!oct || !*oct) + { + ASN1_STRING_free(octmp); + if (oct) + *oct = NULL; + } + return NULL; } #endif Modified: head/crypto/openssl/crypto/asn1/bio_asn1.c ============================================================================== --- head/crypto/openssl/crypto/asn1/bio_asn1.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/bio_asn1.c Thu Aug 7 18:56:10 2014 (r269682) @@ -154,7 +154,10 @@ static int asn1_bio_new(BIO *b) if (!ctx) return 0; if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) + { + OPENSSL_free(ctx); return 0; + } b->init = 1; b->ptr = (char *)ctx; b->flags = 0; Modified: head/crypto/openssl/crypto/asn1/charmap.pl ============================================================================== --- head/crypto/openssl/crypto/asn1/charmap.pl Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/charmap.pl Thu Aug 7 18:56:10 2014 (r269682) @@ -1,5 +1,8 @@ #!/usr/local/bin/perl -w +# Written by Dr Stephen N Henson (steve@openssl.org). +# Licensed under the terms of the OpenSSL license. + use strict; my ($i, @arr); Modified: head/crypto/openssl/crypto/asn1/evp_asn1.c ============================================================================== --- head/crypto/openssl/crypto/asn1/evp_asn1.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/evp_asn1.c Thu Aug 7 18:56:10 2014 (r269682) @@ -66,7 +66,11 @@ int ASN1_TYPE_set_octetstring(ASN1_TYPE ASN1_STRING *os; if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0); - if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0); + if (!M_ASN1_OCTET_STRING_set(os,data,len)) + { + M_ASN1_OCTET_STRING_free(os); + return 0; + } ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os); return(1); } Modified: head/crypto/openssl/crypto/asn1/t_x509.c ============================================================================== --- head/crypto/openssl/crypto/asn1/t_x509.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/t_x509.c Thu Aug 7 18:56:10 2014 (r269682) @@ -475,6 +475,8 @@ int X509_NAME_print(BIO *bp, X509_NAME * l=80-2-obase; b=X509_NAME_oneline(name,NULL,0); + if (!b) + return 0; if (!*b) { OPENSSL_free(b); Modified: head/crypto/openssl/crypto/asn1/tasn_enc.c ============================================================================== --- head/crypto/openssl/crypto/asn1/tasn_enc.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/tasn_enc.c Thu Aug 7 18:56:10 2014 (r269682) @@ -453,9 +453,14 @@ static int asn1_set_seq_out(STACK_OF(ASN { derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst)); + if (!derlst) + return 0; tmpdat = OPENSSL_malloc(skcontlen); - if (!derlst || !tmpdat) + if (!tmpdat) + { + OPENSSL_free(derlst); return 0; + } } } /* If not sorting just output each item */ Modified: head/crypto/openssl/crypto/asn1/x_crl.c ============================================================================== --- head/crypto/openssl/crypto/asn1/x_crl.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/asn1/x_crl.c Thu Aug 7 18:56:10 2014 (r269682) @@ -270,6 +270,7 @@ static int crl_cb(int operation, ASN1_VA { /* We handle IDP and deltas */ if ((nid == NID_issuing_distribution_point) + || (nid == NID_authority_key_identifier) || (nid == NID_delta_crl)) break;; crl->flags |= EXFLAG_CRITICAL; Modified: head/crypto/openssl/crypto/bio/bio_lib.c ============================================================================== --- head/crypto/openssl/crypto/bio/bio_lib.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/bio/bio_lib.c Thu Aug 7 18:56:10 2014 (r269682) @@ -132,8 +132,8 @@ int BIO_free(BIO *a) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data); - if ((a->method == NULL) || (a->method->destroy == NULL)) return(1); - a->method->destroy(a); + if ((a->method != NULL) && (a->method->destroy != NULL)) + a->method->destroy(a); OPENSSL_free(a); return(1); } Modified: head/crypto/openssl/crypto/bn/bn_exp.c ============================================================================== --- head/crypto/openssl/crypto/bn/bn_exp.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/bn/bn_exp.c Thu Aug 7 18:56:10 2014 (r269682) @@ -680,7 +680,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr /* Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as * 512-bit RSA is hardly relevant, we omit it to spare size... */ - if (window==5) + if (window==5 && top>1) { void bn_mul_mont_gather5(BN_ULONG *rp,const BN_ULONG *ap, const void *table,const BN_ULONG *np, Modified: head/crypto/openssl/crypto/bn/bn_lib.c ============================================================================== --- head/crypto/openssl/crypto/bn/bn_lib.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/bn/bn_lib.c Thu Aug 7 18:56:10 2014 (r269682) @@ -320,6 +320,15 @@ static BN_ULONG *bn_expand_internal(cons BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); return(NULL); } +#ifdef PURIFY + /* Valgrind complains in BN_consttime_swap because we process the whole + * array even if it's not initialised yet. This doesn't matter in that + * function - what's important is constant time operation (we're not + * actually going to use the data) + */ + memset(a, 0, sizeof(BN_ULONG)*words); +#endif + #if 1 B=b->d; /* Check if the previous number needs to be copied */ Modified: head/crypto/openssl/crypto/bn/bn_sqr.c ============================================================================== --- head/crypto/openssl/crypto/bn/bn_sqr.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/bn/bn_sqr.c Thu Aug 7 18:56:10 2014 (r269682) @@ -77,6 +77,7 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, B if (al <= 0) { r->top=0; + r->neg = 0; return 1; } Modified: head/crypto/openssl/crypto/cms/cms_pwri.c ============================================================================== --- head/crypto/openssl/crypto/cms/cms_pwri.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/cms/cms_pwri.c Thu Aug 7 18:56:10 2014 (r269682) @@ -93,9 +93,10 @@ CMS_RecipientInfo *CMS_add0_recipient_pa X509_ALGOR *encalg = NULL; unsigned char iv[EVP_MAX_IV_LENGTH]; int ivlen; + env = cms_get0_enveloped(cms); if (!env) - goto err; + return NULL; if (wrap_nid <= 0) wrap_nid = NID_id_alg_PWRI_KEK; Modified: head/crypto/openssl/crypto/conf/conf_def.c ============================================================================== --- head/crypto/openssl/crypto/conf/conf_def.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/conf/conf_def.c Thu Aug 7 18:56:10 2014 (r269682) @@ -321,7 +321,7 @@ again: p=eat_ws(conf, end); if (*p != ']') { - if (*p != '\0') + if (*p != '\0' && ss != p) { ss=p; goto again; Modified: head/crypto/openssl/crypto/ec/ec_lib.c ============================================================================== --- head/crypto/openssl/crypto/ec/ec_lib.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/ec/ec_lib.c Thu Aug 7 18:56:10 2014 (r269682) @@ -942,7 +942,7 @@ int EC_POINT_dbl(const EC_GROUP *group, int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx) { - if (group->meth->dbl == 0) + if (group->meth->invert == 0) { ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; Modified: head/crypto/openssl/crypto/ec/ecp_smpl.c ============================================================================== --- head/crypto/openssl/crypto/ec/ecp_smpl.c Thu Aug 7 18:37:15 2014 (r269681) +++ head/crypto/openssl/crypto/ec/ecp_smpl.c Thu Aug 7 18:56:10 2014 (r269682) @@ -1181,9 +1181,8 @@ int ec_GFp_simple_make_affine(const EC_G int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx) { BN_CTX *new_ctx = NULL; - BIGNUM *tmp0, *tmp1; - size_t pow2 = 0; - BIGNUM **heap = NULL; + BIGNUM *tmp, *tmp_Z; + BIGNUM **prod_Z = NULL; size_t i; int ret = 0; @@ -1198,124 +1197,104 @@ int ec_GFp_simple_points_make_affine(con } BN_CTX_start(ctx); - tmp0 = BN_CTX_get(ctx); - tmp1 = BN_CTX_get(ctx); - if (tmp0 == NULL || tmp1 == NULL) goto err; - - /* Before converting the individual points, compute inverses of all Z values. - * Modular inversion is rather slow, but luckily we can do with a single - * explicit inversion, plus about 3 multiplications per input value. - */ - - pow2 = 1; - while (num > pow2) - pow2 <<= 1; - /* Now pow2 is the smallest power of 2 satifsying pow2 >= num. - * We need twice that. */ - pow2 <<= 1; - - heap = OPENSSL_malloc(pow2 * sizeof heap[0]); - if (heap == NULL) goto err; - - /* The array is used as a binary tree, exactly as in heapsort: - * - * heap[1] - * heap[2] heap[3] - * heap[4] heap[5] heap[6] heap[7] - * heap[8]heap[9] heap[10]heap[11] heap[12]heap[13] heap[14] heap[15] - * - * We put the Z's in the last line; - * then we set each other node to the product of its two child-nodes (where - * empty or 0 entries are treated as ones); - * then we invert heap[1]; - * then we invert each other node by replacing it by the product of its - * parent (after inversion) and its sibling (before inversion). - */ - heap[0] = NULL; - for (i = pow2/2 - 1; i > 0; i--) - heap[i] = NULL; + tmp = BN_CTX_get(ctx); + tmp_Z = BN_CTX_get(ctx); + if (tmp == NULL || tmp_Z == NULL) goto err; + + prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]); + if (prod_Z == NULL) goto err; for (i = 0; i < num; i++) - heap[pow2/2 + i] = &points[i]->Z; - for (i = pow2/2 + num; i < pow2; i++) - heap[i] = NULL; - - /* set each node to the product of its children */ - for (i = pow2/2 - 1; i > 0; i--) - { - heap[i] = BN_new(); - if (heap[i] == NULL) goto err; - - if (heap[2*i] != NULL) + { + prod_Z[i] = BN_new(); + if (prod_Z[i] == NULL) goto err; + } + + /* Set each prod_Z[i] to the product of points[0]->Z .. points[i]->Z, + * skipping any zero-valued inputs (pretend that they're 1). */ + + if (!BN_is_zero(&points[0]->Z)) + { + if (!BN_copy(prod_Z[0], &points[0]->Z)) goto err; + } + else + { + if (group->meth->field_set_to_one != 0) { - if ((heap[2*i + 1] == NULL) || BN_is_zero(heap[2*i + 1])) - { - if (!BN_copy(heap[i], heap[2*i])) goto err; - } - else - { - if (BN_is_zero(heap[2*i])) - { - if (!BN_copy(heap[i], heap[2*i + 1])) goto err; - } - else - { - if (!group->meth->field_mul(group, heap[i], - heap[2*i], heap[2*i + 1], ctx)) goto err; - } - } + if (!group->meth->field_set_to_one(group, prod_Z[0], ctx)) goto err; + } + else + { + if (!BN_one(prod_Z[0])) goto err; } } - /* invert heap[1] */ - if (!BN_is_zero(heap[1])) + for (i = 1; i < num; i++) { - if (!BN_mod_inverse(heap[1], heap[1], &group->field, ctx)) + if (!BN_is_zero(&points[i]->Z)) { - ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB); - goto err; + if (!group->meth->field_mul(group, prod_Z[i], prod_Z[i - 1], &points[i]->Z, ctx)) goto err; } + else + { + if (!BN_copy(prod_Z[i], prod_Z[i - 1])) goto err; + } + } + + /* Now use a single explicit inversion to replace every + * non-zero points[i]->Z by its inverse. */ + + if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx)) + { + ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB); + goto err; } if (group->meth->field_encode != 0) { - /* in the Montgomery case, we just turned R*H (representing H) + /* In the Montgomery case, we just turned R*H (representing H) * into 1/(R*H), but we need R*(1/H) (representing 1/H); - * i.e. we have need to multiply by the Montgomery factor twice */ - if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err; - if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err; + * i.e. we need to multiply by the Montgomery factor twice. */ + if (!group->meth->field_encode(group, tmp, tmp, ctx)) goto err; + if (!group->meth->field_encode(group, tmp, tmp, ctx)) goto err; } - /* set other heap[i]'s to their inverses */ - for (i = 2; i < pow2/2 + num; i += 2) + for (i = num - 1; i > 0; --i) { - /* i is even */ - if ((heap[i + 1] != NULL) && !BN_is_zero(heap[i + 1])) - { - if (!group->meth->field_mul(group, tmp0, heap[i/2], heap[i + 1], ctx)) goto err; - if (!group->meth->field_mul(group, tmp1, heap[i/2], heap[i], ctx)) goto err; - if (!BN_copy(heap[i], tmp0)) goto err; - if (!BN_copy(heap[i + 1], tmp1)) goto err; - } - else + /* Loop invariant: tmp is the product of the inverses of + * points[0]->Z .. points[i]->Z (zero-valued inputs skipped). */ + if (!BN_is_zero(&points[i]->Z)) { - if (!BN_copy(heap[i], heap[i/2])) goto err; + /* Set tmp_Z to the inverse of points[i]->Z (as product + * of Z inverses 0 .. i, Z values 0 .. i - 1). */ + if (!group->meth->field_mul(group, tmp_Z, prod_Z[i - 1], tmp, ctx)) goto err; + /* Update tmp to satisfy the loop invariant for i - 1. */ + if (!group->meth->field_mul(group, tmp, tmp, &points[i]->Z, ctx)) goto err; + /* Replace points[i]->Z by its inverse. */ + if (!BN_copy(&points[i]->Z, tmp_Z)) goto err; } } - /* we have replaced all non-zero Z's by their inverses, now fix up all the points */ + if (!BN_is_zero(&points[0]->Z)) + { + /* Replace points[0]->Z by its inverse. */ + if (!BN_copy(&points[0]->Z, tmp)) goto err; + } + + /* Finally, fix up the X and Y coordinates for all points. */ + for (i = 0; i < num; i++) { EC_POINT *p = points[i]; - + if (!BN_is_zero(&p->Z)) { /* turn (X, Y, 1/Z) into (X/Z^2, Y/Z^3, 1) */ - if (!group->meth->field_sqr(group, tmp1, &p->Z, ctx)) goto err; - if (!group->meth->field_mul(group, &p->X, &p->X, tmp1, ctx)) goto err; + if (!group->meth->field_sqr(group, tmp, &p->Z, ctx)) goto err; + if (!group->meth->field_mul(group, &p->X, &p->X, tmp, ctx)) goto err; + + if (!group->meth->field_mul(group, tmp, tmp, &p->Z, ctx)) goto err; + if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp, ctx)) goto err; - if (!group->meth->field_mul(group, tmp1, tmp1, &p->Z, ctx)) goto err; - if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp1, ctx)) goto err; - if (group->meth->field_set_to_one != 0) { if (!group->meth->field_set_to_one(group, &p->Z, ctx)) goto err; @@ -1329,20 +1308,19 @@ int ec_GFp_simple_points_make_affine(con } *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53e3cbca.2fc7.2c4ae3a1>