[Midnightbsd-cvs] src: crypto/openssl: Migrate to 0.9.8
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Mon Nov 3 13:26:11 EST 2008
Log Message:
-----------
Migrate to 0.9.8
Modified Files:
--------------
src/crypto/openssl/crypto/asn1:
tasn_dec.c (r1.2 -> r1.3)
src/crypto/openssl/crypto/dh:
dh.h (r1.2 -> r1.3)
dh_err.c (r1.2 -> r1.3)
dh_key.c (r1.2 -> r1.3)
src/crypto/openssl/crypto/dsa:
dsa.h (r1.2 -> r1.3)
dsa_err.c (r1.2 -> r1.3)
dsa_ossl.c (r1.2 -> r1.3)
src/crypto/openssl/crypto/rsa:
rsa.h (r1.2 -> r1.3)
rsa_eay.c (r1.2 -> r1.3)
rsa_err.c (r1.2 -> r1.3)
rsa_sign.c (r1.2 -> r1.3)
src/crypto/openssl/ssl:
s2_clnt.c (r1.2 -> r1.3)
s3_srvr.c (r1.2 -> r1.3)
ssl_lib.c (r1.3 -> r1.4)
Removed Files:
-------------
src/crypto/openssl:
FREEBSD-Xlist
comm.txt
comms.txt
src/crypto/openssl/apps:
der_chop
der_chop.in
src/crypto/openssl/bugs:
VC16.bug
src/crypto/openssl/certs:
ICE-CA.pem
ICE-root.pem
ICE-user.pem
ICE.crl
RegTP-4R.pem
ca-cert.pem
dsa-ca.pem
dsa-pca.pem
factory.pem
nortelCA.pem
pca-cert.pem
rsa-cca.pem
timCA.pem
tjhCA.pem
vsign2.pem
vsigntca.pem
src/crypto/openssl/crypto/bn/asm:
alpha.s
alpha.s.works
bn-alpha.pl
ca.pl
co-alpha.pl
mips1.s
pa-risc.s
r3000.s
src/crypto/openssl/crypto/bn/asm/alpha:
add.pl
div.pl
mul.pl
mul_add.pl
mul_c4.pl
mul_c4.works.pl
mul_c8.pl
sqr.pl
sqr_c4.pl
sqr_c8.pl
sub.pl
src/crypto/openssl/crypto/bn/asm/alpha.works:
add.pl
div.pl
mul.pl
mul_add.pl
mul_c4.pl
mul_c4.works.pl
mul_c8.pl
sqr.pl
sqr_c4.pl
sqr_c8.pl
sub.pl
src/crypto/openssl/crypto/ec:
ecp_recp.c
src/crypto/openssl/crypto/engine:
hw.ec
hw_4758_cca.c
hw_4758_cca_err.c
hw_4758_cca_err.h
hw_aep.c
hw_aep_err.c
hw_aep_err.h
hw_atalla.c
hw_atalla_err.c
hw_atalla_err.h
hw_cryptodev.c
hw_cswift.c
hw_cswift_err.c
hw_cswift_err.h
hw_ncipher.c
hw_ncipher_err.c
hw_ncipher_err.h
hw_nuron.c
hw_nuron_err.c
hw_nuron_err.h
hw_sureware.c
hw_sureware_err.c
hw_sureware_err.h
hw_ubsec.c
hw_ubsec_err.c
hw_ubsec_err.h
src/crypto/openssl/crypto/engine/vendor_defns:
aep.h
atalla.h
cswift.h
hw_4758_cca.h
hw_ubsec.h
hwcryptohook.h
sureware.h
src/crypto/openssl/crypto/perlasm:
alpha.pl
src/crypto/openssl/test:
testfipsssl
src/crypto/openssl/util/pl:
BC-16.pl
VC-16.pl
VC-CE.pl
-------------- next part --------------
--- crypto/openssl/apps/der_chop
+++ /dev/null
@@ -1,305 +0,0 @@
-#!/usr/bin/perl
-#
-# der_chop ... this is one total hack that Eric is really not proud of
-# so don't look at it and don't ask for support
-#
-# The "documentation" for this (i.e. all the comments) are my fault --tjh
-#
-# This program takes the "raw" output of derparse/asn1parse and
-# converts it into tokens and then runs regular expression matches
-# to try to figure out what to grab to get the things that are needed
-# and it is possible that this will do the wrong thing as it is a *hack*
-#
-# SSLeay 0.5.2+ should have direct read support for x509 (via -inform NET)
-# [I know ... promises promises :-)]
-#
-# To convert a Netscape Certificate:
-# der_chop < ServerCert.der > cert.pem
-# To convert a Netscape Key (and encrypt it again to protect it)
-# rsa -inform NET -in ServerKey.der -des > key.pem
-#
-# 23-Apr-96 eay Added the extra ASN.1 string types, I still think this
-# is an evil hack. If nothing else the parsing should
-# be relative, not absolute.
-# 19-Apr-96 tjh hacked (with eay) into 0.5.x format
-#
-# Tim Hudson
-# tjh at cryptsoft.com
-#
-
-
-require 'getopts.pl';
-
-$debug=0;
-
-# this was the 0.4.x way of doing things ...
-$cmd="derparse";
-$x509_cmd="x509";
-$crl_cmd="crl";
-$rc4_cmd="rc4";
-$md2_cmd="md2";
-$md4_cmd="md4";
-$rsa_cmd="rsa -des -inform der ";
-
-# this was the 0.5.x way of doing things ...
-$cmd="openssl asn1parse";
-$x509_cmd="openssl x509";
-$crl_cmd="openssl crl";
-$rc4_cmd="openssl rc4";
-$md2_cmd="openssl md2";
-$md4_cmd="openssl md4";
-$rsa_cmd="openssl rsa -des -inform der ";
-
-&Getopts('vd:') || die "usage:$0 [-v] [-d num] file";
-$depth=($opt_d =~ /^\d+$/)?$opt_d:0;
-
-&init_der();
-
-if ($#ARGV != -1)
- {
- foreach $file (@ARGV)
- {
- print STDERR "doing $file\n";
- &dofile($file);
- }
- }
-else
- {
- $file="/tmp/a$$.DER";
- open(OUT,">$file") || die "unable to open $file:$!\n";
- for (;;)
- {
- $i=sysread(STDIN,$b,1024*10);
- last if ($i <= 0);
- $i=syswrite(OUT,$b,$i);
- }
- &dofile($file);
- unlink($file);
- }
-
-sub dofile
- {
- local($file)=@_;
- local(@p);
-
- $b=&load_file($file);
- @p=&load_file_parse($file);
-
- foreach $_ (@p)
- {
- ($off,$d,$hl,$len)=&parse_line($_);
- $d-=$depth;
- next if ($d != 0);
- next if ($len == 0);
-
- $o=substr($b,$off,$len+$hl);
- ($str, at data)=&der_str($o);
- print "$str\n" if ($opt_v);
- if ($str =~ /^$crl/)
- {
- open(OUT,"|$crl_cmd -inform d -hash -issuer") ||
- die "unable to run $crl_cmd:$!\n";
- print OUT $o;
- close(OUT);
- }
- elsif ($str =~ /^$x509/)
- {
- open(OUT,"|$x509_cmd -inform d -hash -subject -issuer")
- || die "unable to run $x509_cmd:$!\n";
- print OUT $o;
- close(OUT);
- }
- elsif ($str =~ /^$rsa/)
- {
- ($type)=($data[3] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
- next unless ($type eq "rsaEncryption");
- ($off,$d,$hl,$len)=&parse_line($data[5]);
- $os=substr($o,$off+$hl,$len);
- open(OUT,"|$rsa_cmd")
- || die "unable to run $rsa_cmd:$!\n";
- print OUT $os;
- close(OUT);
- }
- elsif ($str =~ /^0G-1D-1G/)
- {
- ($off,$d,$hl,$len)=&parse_line($data[1]);
- $os=substr($o,$off+$hl,$len);
- print STDERR "<$os>\n" if $opt_v;
- &do_certificate($o, at data)
- if (($os eq "certificate") &&
- ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
- &do_private_key($o, at data)
- if (($os eq "private-key") &&
- ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
- }
- }
- }
-
-sub der_str
- {
- local($str)=@_;
- local(*OUT,*IN, at a,$t,$d,$ret);
- local($file)="/tmp/b$$.DER";
- local(@ret);
-
- open(OUT,">$file");
- print OUT $str;
- close(OUT);
- open(IN,"$cmd -inform 'd' -in $file |") ||
- die "unable to run $cmd:$!\n";
- $ret="";
- while (<IN>)
- {
- chop;
- push(@ret,$_);
-
- print STDERR "$_\n" if ($debug);
-
- @a=split(/\s*:\s*/);
- ($d)=($a[1] =~ /d=\s*(\d+)/);
- $a[2] =~ s/\s+$//;
- $t=$DER_s2i{$a[2]};
- $ret.="$d$t-";
- }
- close(IN);
- unlink($file);
- chop $ret;
- $ret =~ s/(-3H(-4G-5F-5[IJKMQRS])+)+/-NAME/g;
- $ret =~ s/(-3G-4B-4L)+/-RCERT/g;
- return($ret, at ret);
- }
-
-sub init_der
- {
- $crl= "0G-1G-2G-3F-3E-2G-NAME-2L-2L-2G-RCERT-1G-2F-2E-1C";
- $x509="0G-1G-2B-2G-3F-3E-2G-NAME-2G-3L-3L-2G-NAME-2G-3G-4F-4E-3C-1G-2F-2E-1C";
- $rsa= "0G-1B-1G-2F-2E-1D";
-
- %DER_i2s=(
- # SSLeay 0.4.x has this list
- "A","EOC",
- "B","INTEGER",
- "C","BIT STRING",
- "D","OCTET STRING",
- "E","NULL",
- "F","OBJECT",
- "G","SEQUENCE",
- "H","SET",
- "I","PRINTABLESTRING",
- "J","T61STRING",
- "K","IA5STRING",
- "L","UTCTIME",
- "M","NUMERICSTRING",
- "N","VIDEOTEXSTRING",
- "O","GENERALIZEDTIME",
- "P","GRAPHICSTRING",
- "Q","ISO64STRING",
- "R","GENERALSTRING",
- "S","UNIVERSALSTRING",
-
- # SSLeay 0.5.x changed some things ... and I'm
- # leaving in the old stuff but adding in these
- # to handle the new as well --tjh
- # - Well I've just taken them out and added the extra new
- # ones :-) - eay
- );
-
- foreach (keys %DER_i2s)
- { $DER_s2i{$DER_i2s{$_}}=$_; }
- }
-
-sub parse_line
- {
- local($_)=@_;
-
- return(/\s*(\d+):d=\s*(\d+)\s+hl=\s*(\d+)\s+l=\s*(\d+|inf)\s/);
- }
-
-# 0:d=0 hl=4 l=377 cons: univ: SEQUENCE
-# 4:d=1 hl=2 l= 11 prim: univ: OCTET_STRING
-# 17:d=1 hl=4 l=360 cons: univ: SEQUENCE
-# 21:d=2 hl=2 l= 12 cons: univ: SEQUENCE
-# 23:d=3 hl=2 l= 8 prim: univ: OBJECT_IDENTIFIER :rc4
-# 33:d=3 hl=2 l= 0 prim: univ: NULL
-# 35:d=2 hl=4 l=342 prim: univ: OCTET_STRING
-sub do_private_key
- {
- local($data, at struct)=@_;
- local($file)="/tmp/b$$.DER";
- local($off,$d,$hl,$len,$_,$b, at p,$s);
-
- ($type)=($struct[4] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
- if ($type eq "rc4")
- {
- ($off,$d,$hl,$len)=&parse_line($struct[6]);
- open(OUT,"|$rc4_cmd >$file") ||
- die "unable to run $rc4_cmd:$!\n";
- print OUT substr($data,$off+$hl,$len);
- close(OUT);
-
- $b=&load_file($file);
- unlink($file);
-
- ($s, at p)=&der_str($b);
- die "unknown rsa key type\n$s\n"
- if ($s ne '0G-1B-1G-2F-2E-1D');
- local($off,$d,$hl,$len)=&parse_line($p[5]);
- $b=substr($b,$off+$hl,$len);
- ($s, at p)=&der_str($b);
- open(OUT,"|$rsa_cmd") || die "unable to run $rsa_cmd:$!\n";
- print OUT $b;
- close(OUT);
- }
- else
- {
- print "'$type' is unknown\n";
- exit(1);
- }
- }
-
-sub do_certificate
- {
- local($data, at struct)=@_;
- local($file)="/tmp/b$$.DER";
- local($off,$d,$hl,$len,$_,$b, at p,$s);
-
- ($off,$d,$hl,$len)=&parse_line($struct[2]);
- $b=substr($data,$off,$len+$hl);
-
- open(OUT,"|$x509_cmd -inform d") || die "unable to run $x509_cmd:$!\n";
- print OUT $b;
- close(OUT);
- }
-
-sub load_file
- {
- local($file)=@_;
- local(*IN,$r,$b,$i);
-
- $r="";
- open(IN,"<$file") || die "unable to open $file:$!\n";
- for (;;)
- {
- $i=sysread(IN,$b,10240);
- last if ($i <= 0);
- $r.=$b;
- }
- close(IN);
- return($r);
- }
-
-sub load_file_parse
- {
- local($file)=@_;
- local(*IN,$r, at ret,$_,$i,$n,$b);
-
- open(IN,"$cmd -inform d -in $file|")
- || die "unable to run der_parse\n";
- while (<IN>)
- {
- chop;
- push(@ret,$_);
- }
- return($r, at ret);
- }
-
--- crypto/openssl/apps/der_chop.in
+++ /dev/null
@@ -1,305 +0,0 @@
-#!/usr/local/bin/perl
-#
-# der_chop ... this is one total hack that Eric is really not proud of
-# so don't look at it and don't ask for support
-#
-# The "documentation" for this (i.e. all the comments) are my fault --tjh
-#
-# This program takes the "raw" output of derparse/asn1parse and
-# converts it into tokens and then runs regular expression matches
-# to try to figure out what to grab to get the things that are needed
-# and it is possible that this will do the wrong thing as it is a *hack*
-#
-# SSLeay 0.5.2+ should have direct read support for x509 (via -inform NET)
-# [I know ... promises promises :-)]
-#
-# To convert a Netscape Certificate:
-# der_chop < ServerCert.der > cert.pem
-# To convert a Netscape Key (and encrypt it again to protect it)
-# rsa -inform NET -in ServerKey.der -des > key.pem
-#
-# 23-Apr-96 eay Added the extra ASN.1 string types, I still think this
-# is an evil hack. If nothing else the parsing should
-# be relative, not absolute.
-# 19-Apr-96 tjh hacked (with eay) into 0.5.x format
-#
-# Tim Hudson
-# tjh at cryptsoft.com
-#
-
-
-require 'getopts.pl';
-
-$debug=0;
-
-# this was the 0.4.x way of doing things ...
-$cmd="derparse";
-$x509_cmd="x509";
-$crl_cmd="crl";
-$rc4_cmd="rc4";
-$md2_cmd="md2";
-$md4_cmd="md4";
-$rsa_cmd="rsa -des -inform der ";
-
-# this was the 0.5.x way of doing things ...
-$cmd="openssl asn1parse";
-$x509_cmd="openssl x509";
-$crl_cmd="openssl crl";
-$rc4_cmd="openssl rc4";
-$md2_cmd="openssl md2";
-$md4_cmd="openssl md4";
-$rsa_cmd="openssl rsa -des -inform der ";
-
-&Getopts('vd:') || die "usage:$0 [-v] [-d num] file";
-$depth=($opt_d =~ /^\d+$/)?$opt_d:0;
-
-&init_der();
-
-if ($#ARGV != -1)
- {
- foreach $file (@ARGV)
- {
- print STDERR "doing $file\n";
- &dofile($file);
- }
- }
-else
- {
- $file="/tmp/a$$.DER";
- open(OUT,">$file") || die "unable to open $file:$!\n";
- for (;;)
- {
- $i=sysread(STDIN,$b,1024*10);
- last if ($i <= 0);
- $i=syswrite(OUT,$b,$i);
- }
- &dofile($file);
- unlink($file);
- }
-
-sub dofile
- {
- local($file)=@_;
- local(@p);
-
- $b=&load_file($file);
- @p=&load_file_parse($file);
-
- foreach $_ (@p)
- {
- ($off,$d,$hl,$len)=&parse_line($_);
- $d-=$depth;
- next if ($d != 0);
- next if ($len == 0);
-
- $o=substr($b,$off,$len+$hl);
- ($str, at data)=&der_str($o);
- print "$str\n" if ($opt_v);
- if ($str =~ /^$crl/)
- {
- open(OUT,"|$crl_cmd -inform d -hash -issuer") ||
- die "unable to run $crl_cmd:$!\n";
- print OUT $o;
- close(OUT);
- }
- elsif ($str =~ /^$x509/)
- {
- open(OUT,"|$x509_cmd -inform d -hash -subject -issuer")
- || die "unable to run $x509_cmd:$!\n";
- print OUT $o;
- close(OUT);
- }
- elsif ($str =~ /^$rsa/)
- {
- ($type)=($data[3] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
- next unless ($type eq "rsaEncryption");
- ($off,$d,$hl,$len)=&parse_line($data[5]);
- $os=substr($o,$off+$hl,$len);
- open(OUT,"|$rsa_cmd")
- || die "unable to run $rsa_cmd:$!\n";
- print OUT $os;
- close(OUT);
- }
- elsif ($str =~ /^0G-1D-1G/)
- {
- ($off,$d,$hl,$len)=&parse_line($data[1]);
- $os=substr($o,$off+$hl,$len);
- print STDERR "<$os>\n" if $opt_v;
- &do_certificate($o, at data)
- if (($os eq "certificate") &&
- ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
- &do_private_key($o, at data)
- if (($os eq "private-key") &&
- ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
- }
- }
- }
-
-sub der_str
- {
- local($str)=@_;
- local(*OUT,*IN, at a,$t,$d,$ret);
- local($file)="/tmp/b$$.DER";
- local(@ret);
-
- open(OUT,">$file");
- print OUT $str;
- close(OUT);
- open(IN,"$cmd -inform 'd' -in $file |") ||
- die "unable to run $cmd:$!\n";
- $ret="";
- while (<IN>)
- {
- chop;
- push(@ret,$_);
-
- print STDERR "$_\n" if ($debug);
-
- @a=split(/\s*:\s*/);
- ($d)=($a[1] =~ /d=\s*(\d+)/);
- $a[2] =~ s/\s+$//;
- $t=$DER_s2i{$a[2]};
- $ret.="$d$t-";
- }
- close(IN);
- unlink($file);
- chop $ret;
- $ret =~ s/(-3H(-4G-5F-5[IJKMQRS])+)+/-NAME/g;
- $ret =~ s/(-3G-4B-4L)+/-RCERT/g;
- return($ret, at ret);
- }
-
-sub init_der
- {
- $crl= "0G-1G-2G-3F-3E-2G-NAME-2L-2L-2G-RCERT-1G-2F-2E-1C";
- $x509="0G-1G-2B-2G-3F-3E-2G-NAME-2G-3L-3L-2G-NAME-2G-3G-4F-4E-3C-1G-2F-2E-1C";
- $rsa= "0G-1B-1G-2F-2E-1D";
-
- %DER_i2s=(
- # SSLeay 0.4.x has this list
- "A","EOC",
- "B","INTEGER",
- "C","BIT STRING",
- "D","OCTET STRING",
- "E","NULL",
- "F","OBJECT",
- "G","SEQUENCE",
- "H","SET",
- "I","PRINTABLESTRING",
- "J","T61STRING",
- "K","IA5STRING",
- "L","UTCTIME",
- "M","NUMERICSTRING",
- "N","VIDEOTEXSTRING",
- "O","GENERALIZEDTIME",
- "P","GRAPHICSTRING",
- "Q","ISO64STRING",
- "R","GENERALSTRING",
- "S","UNIVERSALSTRING",
-
- # SSLeay 0.5.x changed some things ... and I'm
- # leaving in the old stuff but adding in these
- # to handle the new as well --tjh
- # - Well I've just taken them out and added the extra new
- # ones :-) - eay
- );
-
- foreach (keys %DER_i2s)
- { $DER_s2i{$DER_i2s{$_}}=$_; }
- }
-
-sub parse_line
- {
- local($_)=@_;
-
- return(/\s*(\d+):d=\s*(\d+)\s+hl=\s*(\d+)\s+l=\s*(\d+|inf)\s/);
- }
-
-# 0:d=0 hl=4 l=377 cons: univ: SEQUENCE
-# 4:d=1 hl=2 l= 11 prim: univ: OCTET_STRING
-# 17:d=1 hl=4 l=360 cons: univ: SEQUENCE
-# 21:d=2 hl=2 l= 12 cons: univ: SEQUENCE
-# 23:d=3 hl=2 l= 8 prim: univ: OBJECT_IDENTIFIER :rc4
-# 33:d=3 hl=2 l= 0 prim: univ: NULL
-# 35:d=2 hl=4 l=342 prim: univ: OCTET_STRING
-sub do_private_key
- {
- local($data, at struct)=@_;
- local($file)="/tmp/b$$.DER";
- local($off,$d,$hl,$len,$_,$b, at p,$s);
-
- ($type)=($struct[4] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
- if ($type eq "rc4")
- {
- ($off,$d,$hl,$len)=&parse_line($struct[6]);
- open(OUT,"|$rc4_cmd >$file") ||
- die "unable to run $rc4_cmd:$!\n";
- print OUT substr($data,$off+$hl,$len);
- close(OUT);
-
- $b=&load_file($file);
- unlink($file);
-
- ($s, at p)=&der_str($b);
- die "unknown rsa key type\n$s\n"
- if ($s ne '0G-1B-1G-2F-2E-1D');
- local($off,$d,$hl,$len)=&parse_line($p[5]);
- $b=substr($b,$off+$hl,$len);
- ($s, at p)=&der_str($b);
- open(OUT,"|$rsa_cmd") || die "unable to run $rsa_cmd:$!\n";
- print OUT $b;
- close(OUT);
- }
- else
- {
- print "'$type' is unknown\n";
- exit(1);
- }
- }
-
-sub do_certificate
- {
- local($data, at struct)=@_;
- local($file)="/tmp/b$$.DER";
- local($off,$d,$hl,$len,$_,$b, at p,$s);
-
- ($off,$d,$hl,$len)=&parse_line($struct[2]);
- $b=substr($data,$off,$len+$hl);
-
- open(OUT,"|$x509_cmd -inform d") || die "unable to run $x509_cmd:$!\n";
- print OUT $b;
- close(OUT);
- }
-
-sub load_file
- {
- local($file)=@_;
- local(*IN,$r,$b,$i);
-
- $r="";
- open(IN,"<$file") || die "unable to open $file:$!\n";
- for (;;)
- {
- $i=sysread(IN,$b,10240);
- last if ($i <= 0);
- $r.=$b;
- }
- close(IN);
- return($r);
- }
-
-sub load_file_parse
- {
- local($file)=@_;
- local(*IN,$r, at ret,$_,$i,$n,$b);
-
- open(IN,"$cmd -inform d -in $file|")
- || die "unable to run der_parse\n";
- while (<IN>)
- {
- chop;
- push(@ret,$_);
- }
- return($r, at ret);
- }
-
Index: tasn_dec.c
===================================================================
RCS file: /home/cvs/src/crypto/openssl/crypto/asn1/tasn_dec.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/crypto/asn1/tasn_dec.c -L crypto/openssl/crypto/asn1/tasn_dec.c -u -r1.2 -r1.3
--- crypto/openssl/crypto/asn1/tasn_dec.c
+++ crypto/openssl/crypto/asn1/tasn_dec.c
@@ -3,7 +3,7 @@
* project 2000.
*/
/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -65,23 +65,40 @@
#include <openssl/buffer.h>
#include <openssl/err.h>
-static int asn1_check_eoc(unsigned char **in, long len);
-static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass);
-static int collect_data(BUF_MEM *buf, unsigned char **p, long plen);
-static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst,
- unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx);
-static int asn1_template_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
-static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
-static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long len,
- const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx);
+static int asn1_check_eoc(const unsigned char **in, long len);
+static int asn1_find_end(const unsigned char **in, long len, char inf);
+
+static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
+ char inf, int tag, int aclass);
+
+static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
+
+static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
+ char *inf, char *cst,
+ const unsigned char **in, long len,
+ int exptag, int expclass, char opt,
+ ASN1_TLC *ctx);
+
+static int asn1_template_ex_d2i(ASN1_VALUE **pval,
+ const unsigned char **in, long len,
+ const ASN1_TEMPLATE *tt, char opt,
+ ASN1_TLC *ctx);
+static int asn1_template_noexp_d2i(ASN1_VALUE **val,
+ const unsigned char **in, long len,
+ const ASN1_TEMPLATE *tt, char opt,
+ ASN1_TLC *ctx);
+static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
+ const unsigned char **in, long len,
+ const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx);
/* Table to convert tags to bit values, used for MSTRING type */
-static unsigned long tag2bit[32]={
+static const unsigned long tag2bit[32] = {
0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */
B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */
B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
-0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */
+B_ASN1_SEQUENCE,0,B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */
B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING, /* tags 20-22 */
B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME, /* tags 23-24 */
B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, /* tags 25-27 */
@@ -89,14 +106,14 @@
};
unsigned long ASN1_tag2bit(int tag)
-{
- if((tag < 0) || (tag > 30)) return 0;
+ {
+ if ((tag < 0) || (tag > 30)) return 0;
return tag2bit[tag];
-}
+ }
/* Macro to initialize and invalidate the cache */
-#define asn1_tlc_clear(c) if(c) (c)->valid = 0
+#define asn1_tlc_clear(c) if (c) (c)->valid = 0
/* Decode an ASN1 item, this currently behaves just
* like a standard 'd2i' function. 'in' points to
@@ -106,113 +123,147 @@
* case.
*/
-ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it)
-{
+ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
+ const unsigned char **in, long len, const ASN1_ITEM *it)
+ {
ASN1_TLC c;
ASN1_VALUE *ptmpval = NULL;
- if(!pval) pval = &ptmpval;
+ if (!pval)
+ pval = &ptmpval;
asn1_tlc_clear(&c);
- if(ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
+ if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
return *pval;
return NULL;
-}
+ }
-int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt)
-{
+int ASN1_template_d2i(ASN1_VALUE **pval,
+ const unsigned char **in, long len, const ASN1_TEMPLATE *tt)
+ {
ASN1_TLC c;
asn1_tlc_clear(&c);
return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
-}
+ }
/* Decode an item, taking care of IMPLICIT tagging, if any.
* If 'opt' set and tag mismatch return -1 to handle OPTIONAL
*/
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+ const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx)
+ {
const ASN1_TEMPLATE *tt, *errtt = NULL;
const ASN1_COMPAT_FUNCS *cf;
const ASN1_EXTERN_FUNCS *ef;
const ASN1_AUX *aux = it->funcs;
ASN1_aux_cb *asn1_cb;
- unsigned char *p, *q, imphack = 0, oclass;
+ const unsigned char *p = NULL, *q;
+ unsigned char *wp=NULL; /* BIG FAT WARNING! BREAKS CONST WHERE USED */
+ unsigned char imphack = 0, oclass;
char seq_eoc, seq_nolen, cst, isopt;
long tmplen;
int i;
int otag;
int ret = 0;
ASN1_VALUE *pchval, **pchptr, *ptmpval;
- if(!pval) return 0;
- if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
+ if (!pval)
+ return 0;
+ if (aux && aux->asn1_cb)
+ asn1_cb = aux->asn1_cb;
else asn1_cb = 0;
- switch(it->itype) {
-
+ switch(it->itype)
+ {
case ASN1_ITYPE_PRIMITIVE:
- if(it->templates) {
- /* tagging or OPTIONAL is currently illegal on an item template
- * because the flags can't get passed down. In practice this isn't
- * a problem: we include the relevant flags from the item template
- * in the template itself.
+ if (it->templates)
+ {
+ /* tagging or OPTIONAL is currently illegal on an item
+ * template because the flags can't get passed down.
+ * In practice this isn't a problem: we include the
+ * relevant flags from the item template in the
+ * template itself.
*/
- if ((tag != -1) || opt) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
+ if ((tag != -1) || opt)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
goto err;
- }
- return asn1_template_ex_d2i(pval, in, len, it->templates, opt, ctx);
+ }
+ return asn1_template_ex_d2i(pval, in, len,
+ it->templates, opt, ctx);
}
- return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt, ctx);
+ return asn1_d2i_ex_primitive(pval, in, len, it,
+ tag, aclass, opt, ctx);
break;
case ASN1_ITYPE_MSTRING:
p = *in;
/* Just read in tag and class */
- ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, &p, len, -1, 0, 1, ctx);
- if(!ret) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
+ &p, len, -1, 0, 1, ctx);
+ if (!ret)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
goto err;
- }
+ }
+
/* Must be UNIVERSAL class */
- if(oclass != V_ASN1_UNIVERSAL) {
+ if (oclass != V_ASN1_UNIVERSAL)
+ {
/* If OPTIONAL, assume this is OK */
- if(opt) return -1;
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
+ if (opt) return -1;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ASN1_R_MSTRING_NOT_UNIVERSAL);
goto err;
- }
+ }
/* Check tag matches bit map */
- if(!(ASN1_tag2bit(otag) & it->utype)) {
+ if (!(ASN1_tag2bit(otag) & it->utype))
+ {
/* If OPTIONAL, assume this is OK */
- if(opt) return -1;
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG);
+ if (opt)
+ return -1;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ASN1_R_MSTRING_WRONG_TAG);
goto err;
- }
- return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx);
+ }
+ return asn1_d2i_ex_primitive(pval, in, len,
+ it, otag, 0, 0, ctx);
case ASN1_ITYPE_EXTERN:
/* Use new style d2i */
ef = it->funcs;
- return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx);
+ return ef->asn1_ex_d2i(pval, in, len,
+ it, tag, aclass, opt, ctx);
case ASN1_ITYPE_COMPAT:
/* we must resort to old style evil hackery */
cf = it->funcs;
/* If OPTIONAL see if it is there */
- if(opt) {
+ if (opt)
+ {
int exptag;
p = *in;
- if(tag == -1) exptag = it->utype;
+ if (tag == -1)
+ exptag = it->utype;
else exptag = tag;
- /* Don't care about anything other than presence of expected tag */
- ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, &p, len, exptag, aclass, 1, ctx);
- if(!ret) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ /* Don't care about anything other than presence
+ * of expected tag */
+
+ ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL,
+ &p, len, exptag, aclass, 1, ctx);
+ if (!ret)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
goto err;
+ }
+ if (ret == -1)
+ return -1;
}
- if(ret == -1) return -1;
- }
+
/* This is the old style evil hack IMPLICIT handling:
* since the underlying code is expecting a tag and
* class other than the one present we change the
@@ -228,245 +279,332 @@
* buffer.
*/
- if(tag != -1) {
- p = *in;
- imphack = *p;
- *p = (unsigned char)((*p & V_ASN1_CONSTRUCTED) | it->utype);
- }
+ if (tag != -1)
+ {
+ wp = *(unsigned char **)in;
+ imphack = *wp;
+ if (p == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+ *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED)
+ | it->utype);
+ }
ptmpval = cf->asn1_d2i(pval, in, len);
- if(tag != -1) *p = imphack;
+ if (tag != -1)
+ *wp = imphack;
+
+ if (ptmpval)
+ return 1;
- if(ptmpval) return 1;
ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
case ASN1_ITYPE_CHOICE:
- if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
goto auxerr;
/* Allocate structure */
- if(!*pval) {
- if(!ASN1_item_ex_new(pval, it)) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
+ if (!*pval && !ASN1_item_ex_new(pval, it))
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
+ goto err;
}
- }
/* CHOICE type, try each possibility in turn */
pchval = NULL;
p = *in;
- for(i = 0, tt=it->templates; i < it->tcount; i++, tt++) {
+ for (i = 0, tt=it->templates; i < it->tcount; i++, tt++)
+ {
pchptr = asn1_get_field_ptr(pval, tt);
/* We mark field as OPTIONAL so its absence
* can be recognised.
*/
ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
/* If field not present, try the next one */
- if(ret == -1) continue;
+ if (ret == -1)
+ continue;
/* If positive return, read OK, break loop */
- if(ret > 0) break;
+ if (ret > 0)
+ break;
/* Otherwise must be an ASN1 parsing error */
errtt = tt;
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
goto err;
- }
+ }
+
/* Did we fall off the end without reading anything? */
- if(i == it->tcount) {
+ if (i == it->tcount)
+ {
/* If OPTIONAL, this is OK */
- if(opt) {
+ if (opt)
+ {
/* Free and zero it */
ASN1_item_ex_free(pval, it);
return -1;
- }
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE);
+ }
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ASN1_R_NO_MATCHING_CHOICE_TYPE);
goto err;
- }
+ }
+
asn1_set_choice_selector(pval, i, it);
*in = p;
- if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
goto auxerr;
return 1;
+ case ASN1_ITYPE_NDEF_SEQUENCE:
case ASN1_ITYPE_SEQUENCE:
p = *in;
tmplen = len;
/* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
- if(tag == -1) {
+ if (tag == -1)
+ {
tag = V_ASN1_SEQUENCE;
aclass = V_ASN1_UNIVERSAL;
- }
+ }
/* Get SEQUENCE length and update len, p */
- ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, &p, len, tag, aclass, opt, ctx);
- if(!ret) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst,
+ &p, len, tag, aclass, opt, ctx);
+ if (!ret)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
goto err;
- } else if(ret == -1) return -1;
- if(aux && (aux->flags & ASN1_AFLG_BROKEN)) {
+ }
+ else if (ret == -1)
+ return -1;
+ if (aux && (aux->flags & ASN1_AFLG_BROKEN))
+ {
len = tmplen - (p - *in);
seq_nolen = 1;
- } else seq_nolen = seq_eoc; /* If indefinite we don't do a length check */
- if(!cst) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
+ }
+ /* If indefinite we don't do a length check */
+ else seq_nolen = seq_eoc;
+ if (!cst)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
goto err;
- }
+ }
- if(!*pval) {
- if(!ASN1_item_ex_new(pval, it)) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
+ if (!*pval && !ASN1_item_ex_new(pval, it))
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
+ goto err;
}
- }
- if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
+
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
goto auxerr;
/* Get each field entry */
- for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+ for (i = 0, tt = it->templates; i < it->tcount; i++, tt++)
+ {
const ASN1_TEMPLATE *seqtt;
ASN1_VALUE **pseqval;
seqtt = asn1_do_adb(pval, tt, 1);
- if(!seqtt) goto err;
+ if (!seqtt)
+ goto err;
pseqval = asn1_get_field_ptr(pval, seqtt);
/* Have we ran out of data? */
- if(!len) break;
+ if (!len)
+ break;
q = p;
- if(asn1_check_eoc(&p, len)) {
- if(!seq_eoc) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC);
+ if (asn1_check_eoc(&p, len))
+ {
+ if (!seq_eoc)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ASN1_R_UNEXPECTED_EOC);
goto err;
- }
+ }
len -= p - q;
seq_eoc = 0;
q = p;
break;
- }
- /* This determines the OPTIONAL flag value. The field cannot
- * be omitted if it is the last of a SEQUENCE and there is
- * still data to be read. This isn't strictly necessary but
- * it increases efficiency in some cases.
+ }
+ /* This determines the OPTIONAL flag value. The field
+ * cannot be omitted if it is the last of a SEQUENCE
+ * and there is still data to be read. This isn't
+ * strictly necessary but it increases efficiency in
+ * some cases.
*/
- if(i == (it->tcount - 1)) isopt = 0;
+ if (i == (it->tcount - 1))
+ isopt = 0;
else isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL);
- /* attempt to read in field, allowing each to be OPTIONAL */
- ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
- if(!ret) {
+ /* attempt to read in field, allowing each to be
+ * OPTIONAL */
+
+ ret = asn1_template_ex_d2i(pseqval, &p, len,
+ seqtt, isopt, ctx);
+ if (!ret)
+ {
errtt = seqtt;
goto err;
- } else if(ret == -1) {
- /* OPTIONAL component absent. Free and zero the field
+ }
+ else if (ret == -1)
+ {
+ /* OPTIONAL component absent.
+ * Free and zero the field.
*/
ASN1_template_free(pseqval, seqtt);
continue;
- }
+ }
/* Update length */
len -= p - q;
- }
+ }
+
/* Check for EOC if expecting one */
- if(seq_eoc && !asn1_check_eoc(&p, len)) {
+ if (seq_eoc && !asn1_check_eoc(&p, len))
+ {
ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
goto err;
- }
+ }
/* Check all data read */
- if(!seq_nolen && len) {
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH);
+ if (!seq_nolen && len)
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ASN1_R_SEQUENCE_LENGTH_MISMATCH);
goto err;
- }
+ }
/* If we get here we've got no more data in the SEQUENCE,
* however we may not have read all fields so check all
* remaining are OPTIONAL and clear any that are.
*/
- for(; i < it->tcount; tt++, i++) {
+ for (; i < it->tcount; tt++, i++)
+ {
const ASN1_TEMPLATE *seqtt;
seqtt = asn1_do_adb(pval, tt, 1);
- if(!seqtt) goto err;
- if(seqtt->flags & ASN1_TFLG_OPTIONAL) {
+ if (!seqtt)
+ goto err;
+ if (seqtt->flags & ASN1_TFLG_OPTIONAL)
+ {
ASN1_VALUE **pseqval;
pseqval = asn1_get_field_ptr(pval, seqtt);
ASN1_template_free(pseqval, seqtt);
- } else {
+ }
+ else
+ {
errtt = seqtt;
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING);
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+ ASN1_R_FIELD_MISSING);
goto err;
+ }
}
- }
/* Save encoding */
- if(!asn1_enc_save(pval, *in, p - *in, it)) goto auxerr;
+ if (!asn1_enc_save(pval, *in, p - *in, it))
+ goto auxerr;
*in = p;
- if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
+ if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
goto auxerr;
return 1;
default:
return 0;
- }
+ }
auxerr:
ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
err:
ASN1_item_ex_free(pval, it);
- if(errtt) ERR_add_error_data(4, "Field=", errtt->field_name, ", Type=", it->sname);
- else ERR_add_error_data(2, "Type=", it->sname);
+ if (errtt)
+ ERR_add_error_data(4, "Field=", errtt->field_name,
+ ", Type=", it->sname);
+ else
+ ERR_add_error_data(2, "Type=", it->sname);
return 0;
-}
+ }
-/* Templates are handled with two separate functions. One handles any EXPLICIT tag and the other handles the
- * rest.
+/* Templates are handled with two separate functions.
+ * One handles any EXPLICIT tag and the other handles the rest.
*/
-static int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
-{
+static int asn1_template_ex_d2i(ASN1_VALUE **val,
+ const unsigned char **in, long inlen,
+ const ASN1_TEMPLATE *tt, char opt,
+ ASN1_TLC *ctx)
+ {
int flags, aclass;
int ret;
long len;
- unsigned char *p, *q;
+ const unsigned char *p, *q;
char exp_eoc;
- if(!val) return 0;
+ if (!val)
+ return 0;
flags = tt->flags;
aclass = flags & ASN1_TFLG_TAG_CLASS;
p = *in;
/* Check if EXPLICIT tag expected */
- if(flags & ASN1_TFLG_EXPTAG) {
+ if (flags & ASN1_TFLG_EXPTAG)
+ {
char cst;
- /* Need to work out amount of data available to the inner content and where it
- * starts: so read in EXPLICIT header to get the info.
+ /* Need to work out amount of data available to the inner
+ * content and where it starts: so read in EXPLICIT header to
+ * get the info.
*/
- ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, &p, inlen, tt->tag, aclass, opt, ctx);
+ ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst,
+ &p, inlen, tt->tag, aclass, opt, ctx);
q = p;
- if(!ret) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ if (!ret)
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
return 0;
- } else if(ret == -1) return -1;
- if(!cst) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
+ }
+ else if (ret == -1)
+ return -1;
+ if (!cst)
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
+ ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
return 0;
- }
+ }
/* We've found the field so it can't be OPTIONAL now */
ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
- if(!ret) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ if (!ret)
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
return 0;
- }
+ }
/* We read the field in OK so update length */
len -= p - q;
- if(exp_eoc) {
+ if (exp_eoc)
+ {
/* If NDEF we must have an EOC here */
- if(!asn1_check_eoc(&p, len)) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC);
+ if (!asn1_check_eoc(&p, len))
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
+ ASN1_R_MISSING_EOC);
goto err;
+ }
}
- } else {
- /* Otherwise we must hit the EXPLICIT tag end or its an error */
- if(len) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_EXPLICIT_LENGTH_MISMATCH);
+ else
+ {
+ /* Otherwise we must hit the EXPLICIT tag end or its
+ * an error */
+ if (len)
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
+ ASN1_R_EXPLICIT_LENGTH_MISMATCH);
goto err;
+ }
}
}
- } else
- return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
+ else
+ return asn1_template_noexp_d2i(val, in, inlen,
+ tt, opt, ctx);
*in = p;
return 1;
@@ -475,98 +613,145 @@
ASN1_template_free(val, tt);
*val = NULL;
return 0;
-}
+ }
-static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
-{
+static int asn1_template_noexp_d2i(ASN1_VALUE **val,
+ const unsigned char **in, long len,
+ const ASN1_TEMPLATE *tt, char opt,
+ ASN1_TLC *ctx)
+ {
int flags, aclass;
int ret;
- unsigned char *p, *q;
- if(!val) return 0;
+ const unsigned char *p, *q;
+ if (!val)
+ return 0;
flags = tt->flags;
aclass = flags & ASN1_TFLG_TAG_CLASS;
p = *in;
q = p;
- if(flags & ASN1_TFLG_SK_MASK) {
+ if (flags & ASN1_TFLG_SK_MASK)
+ {
/* SET OF, SEQUENCE OF */
int sktag, skaclass;
char sk_eoc;
/* First work out expected inner tag value */
- if(flags & ASN1_TFLG_IMPTAG) {
+ if (flags & ASN1_TFLG_IMPTAG)
+ {
sktag = tt->tag;
skaclass = aclass;
- } else {
+ }
+ else
+ {
skaclass = V_ASN1_UNIVERSAL;
- if(flags & ASN1_TFLG_SET_OF) sktag = V_ASN1_SET;
- else sktag = V_ASN1_SEQUENCE;
- }
+ if (flags & ASN1_TFLG_SET_OF)
+ sktag = V_ASN1_SET;
+ else
+ sktag = V_ASN1_SEQUENCE;
+ }
/* Get the tag */
- ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, &p, len, sktag, skaclass, opt, ctx);
- if(!ret) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
- return 0;
- } else if(ret == -1) return -1;
- if(!*val) *val = (ASN1_VALUE *)sk_new_null();
- else {
+ ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
+ &p, len, sktag, skaclass, opt, ctx);
+ if (!ret)
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ }
+ else if (ret == -1)
+ return -1;
+ if (!*val)
+ *val = (ASN1_VALUE *)sk_new_null();
+ else
+ {
/* We've got a valid STACK: free up any items present */
STACK *sktmp = (STACK *)*val;
ASN1_VALUE *vtmp;
- while(sk_num(sktmp) > 0) {
+ while(sk_num(sktmp) > 0)
+ {
vtmp = (ASN1_VALUE *)sk_pop(sktmp);
- ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item));
+ ASN1_item_ex_free(&vtmp,
+ ASN1_ITEM_ptr(tt->item));
+ }
}
- }
- if(!*val) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_MALLOC_FAILURE);
+ if (!*val)
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
+ ERR_R_MALLOC_FAILURE);
goto err;
- }
+ }
+
/* Read as many items as we can */
- while(len > 0) {
+ while(len > 0)
+ {
ASN1_VALUE *skfield;
q = p;
/* See if EOC found */
- if(asn1_check_eoc(&p, len)) {
- if(!sk_eoc) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_UNEXPECTED_EOC);
+ if (asn1_check_eoc(&p, len))
+ {
+ if (!sk_eoc)
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
+ ASN1_R_UNEXPECTED_EOC);
goto err;
- }
+ }
len -= p - q;
sk_eoc = 0;
break;
- }
+ }
skfield = NULL;
- if(!ASN1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
+ if (!ASN1_item_ex_d2i(&skfield, &p, len,
+ ASN1_ITEM_ptr(tt->item),
+ -1, 0, 0, ctx))
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
goto err;
- }
+ }
len -= p - q;
- if(!sk_push((STACK *)*val, (char *)skfield)) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_MALLOC_FAILURE);
+ if (!sk_push((STACK *)*val, (char *)skfield))
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
+ ERR_R_MALLOC_FAILURE);
goto err;
+ }
}
- }
- if(sk_eoc) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC);
+ if (sk_eoc)
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC);
goto err;
+ }
}
- } else if(flags & ASN1_TFLG_IMPTAG) {
+ else if (flags & ASN1_TFLG_IMPTAG)
+ {
/* IMPLICIT tagging */
- ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx);
- if(!ret) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
+ ret = ASN1_item_ex_d2i(val, &p, len,
+ ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx);
+ if (!ret)
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
goto err;
- } else if(ret == -1) return -1;
- } else {
+ }
+ else if (ret == -1)
+ return -1;
+ }
+ else
+ {
/* Nothing special */
- ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, opt, ctx);
- if(!ret) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
+ ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
+ -1, 0, opt, ctx);
+ if (!ret)
+ {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
+ ERR_R_NESTED_ASN1_ERROR);
goto err;
- } else if(ret == -1) return -1;
- }
+ }
+ else if (ret == -1)
+ return -1;
+ }
*in = p;
return 1;
@@ -575,86 +760,115 @@
ASN1_template_free(val, tt);
*val = NULL;
return 0;
-}
+ }
-static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inlen,
- const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
+static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
+ const unsigned char **in, long inlen,
+ const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx)
+ {
int ret = 0, utype;
long plen;
char cst, inf, free_cont = 0;
- unsigned char *p;
+ const unsigned char *p;
BUF_MEM buf;
- unsigned char *cont = NULL;
+ const unsigned char *cont = NULL;
long len;
- if(!pval) {
+ if (!pval)
+ {
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
return 0; /* Should never happen */
- }
+ }
- if(it->itype == ASN1_ITYPE_MSTRING) {
+ if (it->itype == ASN1_ITYPE_MSTRING)
+ {
utype = tag;
tag = -1;
- } else utype = it->utype;
+ }
+ else
+ utype = it->utype;
- if(utype == V_ASN1_ANY) {
+ if (utype == V_ASN1_ANY)
+ {
/* If type is ANY need to figure out type from tag */
unsigned char oclass;
- if(tag >= 0) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY);
+ if (tag >= 0)
+ {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+ ASN1_R_ILLEGAL_TAGGED_ANY);
return 0;
- }
- if(opt) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_OPTIONAL_ANY);
+ }
+ if (opt)
+ {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+ ASN1_R_ILLEGAL_OPTIONAL_ANY);
return 0;
- }
+ }
p = *in;
- ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, &p, inlen, -1, 0, 0, ctx);
- if(!ret) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
+ ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL,
+ &p, inlen, -1, 0, 0, ctx);
+ if (!ret)
+ {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+ ERR_R_NESTED_ASN1_ERROR);
return 0;
+ }
+ if (oclass != V_ASN1_UNIVERSAL)
+ utype = V_ASN1_OTHER;
}
- if(oclass != V_ASN1_UNIVERSAL) utype = V_ASN1_OTHER;
- }
- if(tag == -1) {
+ if (tag == -1)
+ {
tag = utype;
aclass = V_ASN1_UNIVERSAL;
- }
+ }
p = *in;
/* Check header */
- ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, &p, inlen, tag, aclass, opt, ctx);
- if(!ret) {
+ ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst,
+ &p, inlen, tag, aclass, opt, ctx);
+ if (!ret)
+ {
ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
return 0;
- } else if(ret == -1) return -1;
-
- ret = 0;
-
+ }
+ else if (ret == -1)
+ return -1;
+ ret = 0;
/* SEQUENCE, SET and "OTHER" are left in encoded form */
- if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
- /* Clear context cache for type OTHER because the auto clear when
- * we have a exact match wont work
+ if ((utype == V_ASN1_SEQUENCE)
+ || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER))
+ {
+ /* Clear context cache for type OTHER because the auto clear
+ * when we have a exact match wont work
*/
- if(utype == V_ASN1_OTHER) {
+ if (utype == V_ASN1_OTHER)
+ {
asn1_tlc_clear(ctx);
+ }
/* SEQUENCE and SET must be constructed */
- } else if(!cst) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED);
+ else if (!cst)
+ {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+ ASN1_R_TYPE_NOT_CONSTRUCTED);
return 0;
- }
+ }
cont = *in;
/* If indefinite length constructed find the real end */
- if(inf) {
- if(!asn1_collect(NULL, &p, plen, inf, -1, -1)) goto err;
+ if (inf)
+ {
+ if (!asn1_find_end(&p, plen, inf))
+ goto err;
len = p - cont;
- } else {
+ }
+ else
+ {
len = p - cont + plen;
p += plen;
buf.data = NULL;
+ }
}
- } else if(cst) {
+ else if (cst)
+ {
buf.length = 0;
buf.max = 0;
buf.data = NULL;
@@ -664,36 +878,46 @@
* internally irrespective of the type. So instead just check
* for UNIVERSAL class and ignore the tag.
*/
- if(!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) goto err;
+ if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL))
+ {
+ free_cont = 1;
+ goto err;
+ }
len = buf.length;
/* Append a final null to string */
- if(!BUF_MEM_grow_clean(&buf, len + 1)) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
+ if (!BUF_MEM_grow_clean(&buf, len + 1))
+ {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+ ERR_R_MALLOC_FAILURE);
return 0;
- }
+ }
buf.data[len] = 0;
- cont = (unsigned char *)buf.data;
+ cont = (const unsigned char *)buf.data;
free_cont = 1;
- } else {
+ }
+ else
+ {
cont = p;
len = plen;
p += plen;
- }
+ }
/* We now have content length and type: translate into a structure */
- if(!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) goto err;
+ if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it))
+ goto err;
*in = p;
ret = 1;
err:
- if(free_cont && buf.data) OPENSSL_free(buf.data);
+ if (free_cont && buf.data) OPENSSL_free(buf.data);
return ret;
-}
+ }
/* Translate ASN1 content octets into a structure */
-int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
-{
+int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+ int utype, char *free_cont, const ASN1_ITEM *it)
+ {
ASN1_VALUE **opval = NULL;
ASN1_STRING *stmp;
ASN1_TYPE *typ = NULL;
@@ -701,43 +925,62 @@
const ASN1_PRIMITIVE_FUNCS *pf;
ASN1_INTEGER **tint;
pf = it->funcs;
- if(pf && pf->prim_c2i) return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
+
+ if (pf && pf->prim_c2i)
+ return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
/* If ANY type clear type and set pointer to internal value */
- if(it->utype == V_ASN1_ANY) {
- if(!*pval) {
+ if (it->utype == V_ASN1_ANY)
+ {
+ if (!*pval)
+ {
typ = ASN1_TYPE_new();
+ if (typ == NULL)
+ goto err;
*pval = (ASN1_VALUE *)typ;
- } else typ = (ASN1_TYPE *)*pval;
- if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL);
+ }
+ else
+ typ = (ASN1_TYPE *)*pval;
+
+ if (utype != typ->type)
+ ASN1_TYPE_set(typ, utype, NULL);
opval = pval;
pval = (ASN1_VALUE **)&typ->value.ptr;
- }
- switch(utype) {
+ }
+ switch(utype)
+ {
case V_ASN1_OBJECT:
- if(!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) goto err;
+ if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len))
+ goto err;
break;
case V_ASN1_NULL:
- if(len) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_NULL_IS_WRONG_LENGTH);
+ if (len)
+ {
+ ASN1err(ASN1_F_ASN1_EX_C2I,
+ ASN1_R_NULL_IS_WRONG_LENGTH);
goto err;
- }
+ }
*pval = (ASN1_VALUE *)1;
break;
case V_ASN1_BOOLEAN:
- if(len != 1) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
+ if (len != 1)
+ {
+ ASN1err(ASN1_F_ASN1_EX_C2I,
+ ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
goto err;
- } else {
+ }
+ else
+ {
ASN1_BOOLEAN *tbool;
tbool = (ASN1_BOOLEAN *)pval;
*tbool = *cont;
- }
+ }
break;
case V_ASN1_BIT_STRING:
- if(!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) goto err;
+ if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len))
+ goto err;
break;
case V_ASN1_INTEGER:
@@ -745,7 +988,8 @@
case V_ASN1_ENUMERATED:
case V_ASN1_NEG_ENUMERATED:
tint = (ASN1_INTEGER **)pval;
- if(!c2i_ASN1_INTEGER(tint, &cont, len)) goto err;
+ if (!c2i_ASN1_INTEGER(tint, &cont, len))
+ goto err;
/* Fixup type to match the expected form */
(*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
break;
@@ -769,127 +1013,216 @@
case V_ASN1_SEQUENCE:
default:
/* All based on ASN1_STRING and handled the same */
- if(!*pval) {
+ if (!*pval)
+ {
stmp = ASN1_STRING_type_new(utype);
- if(!stmp) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
+ if (!stmp)
+ {
+ ASN1err(ASN1_F_ASN1_EX_C2I,
+ ERR_R_MALLOC_FAILURE);
goto err;
- }
+ }
*pval = (ASN1_VALUE *)stmp;
- } else {
+ }
+ else
+ {
stmp = (ASN1_STRING *)*pval;
stmp->type = utype;
- }
+ }
/* If we've already allocated a buffer use it */
- if(*free_cont) {
- if(stmp->data) OPENSSL_free(stmp->data);
- stmp->data = cont;
+ if (*free_cont)
+ {
+ if (stmp->data)
+ OPENSSL_free(stmp->data);
+ stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */
stmp->length = len;
*free_cont = 0;
- } else {
- if(!ASN1_STRING_set(stmp, cont, len)) {
- ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
+ }
+ else
+ {
+ if (!ASN1_STRING_set(stmp, cont, len))
+ {
+ ASN1err(ASN1_F_ASN1_EX_C2I,
+ ERR_R_MALLOC_FAILURE);
ASN1_STRING_free(stmp);
*pval = NULL;
goto err;
+ }
}
- }
break;
- }
+ }
/* If ASN1_ANY and NULL type fix up value */
- if(typ && utype==V_ASN1_NULL) typ->value.ptr = NULL;
+ if (typ && (utype == V_ASN1_NULL))
+ typ->value.ptr = NULL;
ret = 1;
err:
- if(!ret)
+ if (!ret)
{
ASN1_TYPE_free(typ);
if (opval)
*opval = NULL;
}
return ret;
-}
+ }
+
+
+/* This function finds the end of an ASN1 structure when passed its maximum
+ * length, whether it is indefinite length and a pointer to the content.
+ * This is more efficient than calling asn1_collect because it does not
+ * recurse on each indefinite length header.
+ */
+static int asn1_find_end(const unsigned char **in, long len, char inf)
+ {
+ int expected_eoc;
+ long plen;
+ const unsigned char *p = *in, *q;
+ /* If not indefinite length constructed just add length */
+ if (inf == 0)
+ {
+ *in += len;
+ return 1;
+ }
+ expected_eoc = 1;
+ /* Indefinite length constructed form. Find the end when enough EOCs
+ * are found. If more indefinite length constructed headers
+ * are encountered increment the expected eoc count otherwise just
+ * skip to the end of the data.
+ */
+ while (len > 0)
+ {
+ if(asn1_check_eoc(&p, len))
+ {
+ expected_eoc--;
+ if (expected_eoc == 0)
+ break;
+ len -= 2;
+ continue;
+ }
+ q = p;
+ /* Just read in a header: only care about the length */
+ if(!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
+ -1, 0, 0, NULL))
+ {
+ ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ }
+ if (inf)
+ expected_eoc++;
+ else
+ p += plen;
+ len -= p - q;
+ }
+ if (expected_eoc)
+ {
+ ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
+ return 0;
+ }
+ *in = p;
+ return 1;
+ }
/* This function collects the asn1 data from a constructred string
* type into a buffer. The values of 'in' and 'len' should refer
* to the contents of the constructed type and 'inf' should be set
- * if it is indefinite length. If 'buf' is NULL then we just want
- * to find the end of the current structure: useful for indefinite
- * length constructed stuff.
+ * if it is indefinite length.
*/
-static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass)
-{
- unsigned char *p, *q;
+static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
+ char inf, int tag, int aclass)
+ {
+ const unsigned char *p, *q;
long plen;
char cst, ininf;
p = *in;
inf &= 1;
- /* If no buffer and not indefinite length constructed just pass over the encoded data */
- if(!buf && !inf) {
+ /* If no buffer and not indefinite length constructed just pass over
+ * the encoded data */
+ if (!buf && !inf)
+ {
*in += len;
return 1;
- }
- while(len > 0) {
+ }
+ while(len > 0)
+ {
q = p;
/* Check for EOC */
- if(asn1_check_eoc(&p, len)) {
- /* EOC is illegal outside indefinite length constructed form */
- if(!inf) {
- ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC);
+ if (asn1_check_eoc(&p, len))
+ {
+ /* EOC is illegal outside indefinite length
+ * constructed form */
+ if (!inf)
+ {
+ ASN1err(ASN1_F_ASN1_COLLECT,
+ ASN1_R_UNEXPECTED_EOC);
return 0;
- }
+ }
inf = 0;
break;
- }
- if(!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) {
+ }
+
+ if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
+ len, tag, aclass, 0, NULL))
+ {
ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
return 0;
- }
+ }
+
/* If indefinite length constructed update max length */
- if(cst) {
- if(!asn1_collect(buf, &p, plen, ininf, tag, aclass)) return 0;
- } else {
- if(!collect_data(buf, &p, plen)) return 0;
- }
+ if (cst)
+ {
+#ifdef OPENSSL_ALLOW_NESTED_ASN1_STRINGS
+ if (!asn1_collect(buf, &p, plen, ininf, tag, aclass))
+ return 0;
+#else
+ ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING);
+ return 0;
+#endif
+ }
+ else if (plen && !collect_data(buf, &p, plen))
+ return 0;
len -= p - q;
- }
- if(inf) {
+ }
+ if (inf)
+ {
ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
return 0;
- }
+ }
*in = p;
return 1;
-}
+ }
-static int collect_data(BUF_MEM *buf, unsigned char **p, long plen)
-{
- int len;
- if(buf) {
- len = buf->length;
- if(!BUF_MEM_grow_clean(buf, len + plen)) {
- ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
- return 0;
+static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen)
+ {
+ int len;
+ if (buf)
+ {
+ len = buf->length;
+ if (!BUF_MEM_grow_clean(buf, len + plen))
+ {
+ ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
+ return 0;
}
- memcpy(buf->data + len, *p, plen);
+ memcpy(buf->data + len, *p, plen);
}
- *p += plen;
- return 1;
-}
+ *p += plen;
+ return 1;
+ }
/* Check for ASN1 EOC and swallow it if found */
-static int asn1_check_eoc(unsigned char **in, long len)
-{
- unsigned char *p;
- if(len < 2) return 0;
+static int asn1_check_eoc(const unsigned char **in, long len)
+ {
+ const unsigned char *p;
+ if (len < 2) return 0;
p = *in;
- if(!p[0] && !p[1]) {
+ if (!p[0] && !p[1])
+ {
*in += 2;
return 1;
- }
+ }
return 0;
-}
+ }
/* Check an ASN1 tag and length: a bit like ASN1_get_object
* but it sets the length for indefinite length constructed
@@ -898,25 +1231,32 @@
* header length just read.
*/
-static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst,
- unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx)
-{
+static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
+ char *inf, char *cst,
+ const unsigned char **in, long len,
+ int exptag, int expclass, char opt,
+ ASN1_TLC *ctx)
+ {
int i;
int ptag, pclass;
long plen;
- unsigned char *p, *q;
+ const unsigned char *p, *q;
p = *in;
q = p;
- if(ctx && ctx->valid) {
+ if (ctx && ctx->valid)
+ {
i = ctx->ret;
plen = ctx->plen;
pclass = ctx->pclass;
ptag = ctx->ptag;
p += ctx->hdrlen;
- } else {
+ }
+ else
+ {
i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
- if(ctx) {
+ if (ctx)
+ {
ctx->ret = i;
ctx->plen = plen;
ctx->pclass = pclass;
@@ -926,43 +1266,57 @@
/* If definite length, and no error, length +
* header can't exceed total amount of data available.
*/
- if(!(i & 0x81) && ((plen + ctx->hdrlen) > len)) {
- ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG);
+ if (!(i & 0x81) && ((plen + ctx->hdrlen) > len))
+ {
+ ASN1err(ASN1_F_ASN1_CHECK_TLEN,
+ ASN1_R_TOO_LONG);
asn1_tlc_clear(ctx);
return 0;
+ }
}
}
- }
- if(i & 0x80) {
+ if (i & 0x80)
+ {
ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
asn1_tlc_clear(ctx);
return 0;
- }
- if(exptag >= 0) {
- if((exptag != ptag) || (expclass != pclass)) {
- /* If type is OPTIONAL, not an error, but indicate missing
- * type.
+ }
+ if (exptag >= 0)
+ {
+ if ((exptag != ptag) || (expclass != pclass))
+ {
+ /* If type is OPTIONAL, not an error:
+ * indicate missing type.
*/
- if(opt) return -1;
+ if (opt) return -1;
asn1_tlc_clear(ctx);
ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
return 0;
- }
- /* We have a tag and class match, so assume we are going to do something with it */
+ }
+ /* We have a tag and class match:
+ * assume we are going to do something with it */
asn1_tlc_clear(ctx);
- }
+ }
- if(i & 1) plen = len - (p - q);
+ if (i & 1)
+ plen = len - (p - q);
- if(inf) *inf = i & 1;
+ if (inf)
+ *inf = i & 1;
- if(cst) *cst = i & V_ASN1_CONSTRUCTED;
+ if (cst)
+ *cst = i & V_ASN1_CONSTRUCTED;
- if(olen) *olen = plen;
- if(oclass) *oclass = pclass;
- if(otag) *otag = ptag;
+ if (olen)
+ *olen = plen;
+
+ if (oclass)
+ *oclass = pclass;
+
+ if (otag)
+ *otag = ptag;
*in = p;
return 1;
-}
+ }
--- crypto/openssl/comm.txt
+++ /dev/null
@@ -1 +0,0 @@
-New dev version.
--- crypto/openssl/FREEBSD-Xlist
+++ /dev/null
@@ -1,46 +0,0 @@
-$FreeBSD: src/crypto/openssl/FREEBSD-Xlist,v 1.6 2005/02/25 05:31:23 nectar Exp $
-INSTALL.DJGPP
-INSTALL.MacOS
-INSTALL.OS2
-INSTALL.VMS
-INSTALL.W32
-INSTALL.WCE
-MacOS/
-VMS/
-*.com
-*.bak
-*.def
-*.mak
-*/*.bat
-*/*.com
-*/*/*.bat
-*/*/*.com
-apps/openssl-vms.cnf
-crypto/bn/asm/pa-risc2.s.old
-crypto/bn/asm/vms.mar
-crypto/bn/vms-helper.c
-crypto/buildinf.h
-crypto/dso/dso_vms.c
-crypto/dso/dso_win32.c
-crypto/threads/solaris.sh
-diffs.*
-do_patch.sh
-fips/
-ms/
-op
-os2/
-rsaref/
-shlib/Makefile.hpux10-cc
-shlib/hpux10-cc.sh
-shlib/irix.sh
-shlib/solaris-sc4.sh
-shlib/solaris.sh
-shlib/sun.sh
-shlib/sco5-shared-installed
-shlib/sco5-shared-gcc.sh
-shlib/sco5-shared.sh
-shlib/svr5-shared-gcc.sh
-shlib/svr5-shared-installed
-shlib/svr5-shared.sh
-test/fips_aes_data
-util/cygwin.sh
--- crypto/openssl/comms.txt
+++ /dev/null
@@ -1 +0,0 @@
-Fix for ASN1 parsing bugs.
--- crypto/openssl/bugs/VC16.bug
+++ /dev/null
@@ -1,18 +0,0 @@
-Microsoft (R) C/C++ Optimizing Compiler Version 8.00c
-
-Compile with /O2 chokes the compiler on these files
-
-crypto\md\md5_dgst.c warning '@(#)reg86.c:1.26', line 1110
-crypto\des\ofb64ede.c warning '@(#)grammar.c:1.147', line 168
-crypto\des\ofb64enc.c warning '@(#)grammar.c:1.147', line 168
-crypto\des\qud_cksm.c warning '@(#)grammar.c:1.147', line 168
-crypto\rc2\rc2ofb64.c warning '@(#)grammar.c:1.147', line 168
-crypto\objects\obj_dat.c warning '@(#)grammar.c:1.147', line 168
- fatal '@(#)grammar.c:1.147', line 168
-crypto\objects\obj_lib.c warning '@(#)grammar.c:1.147', line 168
- fatal '@(#)grammar.c:1.147', line 168
-ssl\ssl_auth.c warning '@(#)grammar.c:1.147', line 168
- fatal '@(#)grammar.c:1.147', line 168
-
-Turning on /G3 with build flags that worked fine for /G2 came up with
-divide by zero errors in 'normal' code in speed.c :-(
--- crypto/openssl/certs/vsign2.pem
+++ /dev/null
@@ -1,18 +0,0 @@
-subject=/C=US/O=VeriSign, Inc./OU=Class 2 Public Primary Certification Authority
-notBefore=Jan 29 00:00:00 1996 GMT
-notAfter=Jan 7 23:59:59 2004 GMT
------BEGIN CERTIFICATE-----
-MIICPTCCAaYCEQC6WslMBTuS1qe2307QU5INMA0GCSqGSIb3DQEBAgUAMF8xCzAJ
-BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xh
-c3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05
-NjAxMjkwMDAwMDBaFw0wNDAxMDcyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYD
-VQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMiBQdWJsaWMgUHJp
-bWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOB
-jQAwgYkCgYEAtlqLow1qI4OAa885h/QhEzMGTCWi7VUSl8WngLn6g8EgoPovFQ18
-oWBrfnks+gYPOq72G2+x0v8vKFJfg31LxHq3+GYfgFT8t8KOWUoUV0bRmpO+QZED
-uxWAk1zr58wIbD8+s0r8/0tsI9VQgiZEGY4jw3HqGSRHBJ51v8imAB8CAwEAATAN
-BgkqhkiG9w0BAQIFAAOBgQC2AB+TV6QHp0DOZUA/VV7t7/pUSaUw1iF8YYfug5ML
-v7Qz8pisnwa/TqjOFIFMywROWMPPX+5815pvy0GKt3+BuP+EYcYnQ2UdDOyxAArd
-G6S7x3ggKLKi3TaVLuFUT79guXdoEZkj6OpS6KoATmdOu5C1RZtG644W78QzWzM9
-1Q==
------END CERTIFICATE-----
--- crypto/openssl/certs/ICE-CA.pem
+++ /dev/null
@@ -1,59 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 1 (0x1)
- Signature Algorithm: md5WithRSAEncryption
- Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
- Validity
- Not Before: Apr 2 17:35:53 1997 GMT
- Not After : Apr 2 17:35:53 1998 GMT
- Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
- Subject Public Key Info:
- Public Key Algorithm: rsa
- RSA Public Key: (512 bit)
- Modulus (512 bit):
- 00:82:75:ba:f6:d1:60:b5:f9:15:b3:6a:dd:29:8f:
- 8b:a4:6f:1a:88:e0:50:43:40:0b:79:41:d5:d3:16:
- 44:7d:74:65:17:42:06:52:0b:e9:50:c8:10:cd:24:
- e2:ae:8d:22:30:73:e6:b4:b7:93:1f:e5:6e:a2:ae:
- 49:11:a5:c9:45
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Authority Key Identifier:
- 0.........z.."p......e..
- X509v3 Subject Key Identifier:
- ..~r..:..B.44fu......3
- X509v3 Key Usage: critical
- ....
- X509v3 Certificate Policies: critical
- 0.0...*...
- X509v3 Subject Alternative Name:
- 0!..secude-support at darmstadt.gmd.de
- X509v3 Issuer Alternative Name:
- 0I..ice-tel-ca at darmstadt.gmd.de.*http://www.darmstadt.gmd.de/ice-tel/euroca
- X509v3 Basic Constraints: critical
- 0....
- X509v3 CRL Distribution Points:
- 0200...,.*http://www.darmstadt.gmd.de/ice-tel/euroca
- Signature Algorithm: md5WithRSAEncryption
- 17:a2:88:b7:99:5a:05:41:e4:13:34:67:e6:1f:3e:26:ec:4b:
- 69:f9:3e:28:22:be:9d:1c:ab:41:6f:0c:00:85:fe:45:74:f6:
- 98:f0:ce:9b:65:53:4a:50:42:c7:d4:92:bd:d7:a2:a8:3d:98:
- 88:73:cd:60:28:79:a3:fc:48:7a
------BEGIN CERTIFICATE-----
-MIICzDCCAnagAwIBAgIBATANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzU1M1oXDTk4MDQwMjE3MzU1M1owXDEhMB8G
-A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTESMBAGA1UEBxMJRGFybXN0YWR0MFkwCgYEVQgB
-AQICAgADSwAwSAJBAIJ1uvbRYLX5FbNq3SmPi6RvGojgUENAC3lB1dMWRH10ZRdC
-BlIL6VDIEM0k4q6NIjBz5rS3kx/lbqKuSRGlyUUCAwEAAaOCATgwggE0MB8GA1Ud
-IwQYMBaAFIr3yNUOx3ro1yJw4AuJ1bbsZbzPMB0GA1UdDgQWBBR+cvL4OoacQog0
-NGZ1w9T80aIRMzAOBgNVHQ8BAf8EBAMCAfYwFAYDVR0gAQH/BAowCDAGBgQqAwQF
-MCoGA1UdEQQjMCGBH3NlY3VkZS1zdXBwb3J0QGRhcm1zdGFkdC5nbWQuZGUwUgYD
-VR0SBEswSYEbaWNlLXRlbC1jYUBkYXJtc3RhZHQuZ21kLmRlhipodHRwOi8vd3d3
-LmRhcm1zdGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2EwDwYDVR0TAQH/BAUwAwEB
-/zA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vd3d3LmRhcm1zdGFkdC5nbWQuZGUv
-aWNlLXRlbC9ldXJvY2EwDQYJKoZIhvcNAQEEBQADQQAXooi3mVoFQeQTNGfmHz4m
-7Etp+T4oIr6dHKtBbwwAhf5FdPaY8M6bZVNKUELH1JK916KoPZiIc81gKHmj/Eh6
------END CERTIFICATE-----
--- crypto/openssl/certs/RegTP-4R.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-issuer= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
-notBefore=Jan 21 16:04:53 1999 GMT
-notAfter=Jan 21 16:04:53 2004 GMT
-subject= CN=4R-CA 1:PN+0.2.262.1.10.7.20=#130131,O=Regulierungsbeh\C3\88orde f\C3\88ur Telekommunikation und Post,C=DE
------BEGIN CERTIFICATE-----
-MIICZzCCAdOgAwIBAgIEOwVn1DAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9
-MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWth
-dGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo0Ui1DQSAxOlBO
-MCIYDzE5OTkwMTIxMTYwNDUzWhgPMjAwNDAxMjExNjA0NTNaMG8xCzAJBgNVBAYT
-AkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21t
-dW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjRSLUNB
-IDE6UE4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGAjzHbq2asUlqeWbXTQHso
-aVF6YIPVH3c/B2cbuy9HJ/lnE6x0asOzM2DGDqi47xkdAxPc0LZ0fxO87rkmz7xs
-jJObnVrMXpyUSDSp5Y0wqKJdsFdr6mGFOQZteIti8AJnr8xMkwnWVyuOlEXsFe1h
-5gxwQXrOcPinE6qu1t/3PmECBMAAAAGjEjAQMA4GA1UdDwEB/wQEAwIBBjAKBgYr
-JAMDAQIFAAOBgQA+RdocBmA2VV9E5aKPBcp01tdZAvvW9Tve3docArVKR/4/yvSX
-Z+wvzzk+uu4qBp49HN3nqPYMrzbTmjBFu4ce5fkZ7dHF0W1sSBL0rox5z36Aq2re
-JjfEOEmSnNe0+opuh4FSVOssXblXTE8lEQU0FhhItgDx2ADnWZibaxLG4w==
------END CERTIFICATE-----
--- crypto/openssl/certs/ICE-user.pem
+++ /dev/null
@@ -1,63 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 1 (0x1)
- Signature Algorithm: md5WithRSAEncryption
- Issuer: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt
- Validity
- Not Before: Apr 2 17:35:59 1997 GMT
- Not After : Apr 2 17:35:59 1998 GMT
- Subject: O=European ICE-TEL project, OU=V3-Certification Authority, L=Darmstadt, CN=USER
- Subject Public Key Info:
- Public Key Algorithm: rsa
- RSA Public Key: (512 bit)
- Modulus (512 bit):
- 00:a8:a8:53:63:49:1b:93:c3:c3:0b:6c:88:11:55:
- de:7e:6a:e2:f9:52:a0:dc:69:25:c4:c8:bf:55:e1:
- 31:a8:ce:e4:a9:29:85:99:8a:15:9a:de:f6:2f:e1:
- b4:50:5f:5e:04:75:a6:f4:76:dc:3c:0e:39:dc:3a:
- be:3e:a4:61:8b
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Authority Key Identifier:
- 0...~r..:..B.44fu......3
- X509v3 Subject Key Identifier:
- ...... .*...1.*.......
- X509v3 Key Usage: critical
- ....
- X509v3 Certificate Policies: critical
- 0.0...*...0.......
- X509v3 Subject Alternative Name:
- 0:..user at darmstadt.gmd.de.!http://www.darmstadt.gmd.de/~user
- X509v3 Issuer Alternative Name:
- 0....gmdca at gmd.de..http://www.gmd.de..saturn.darmstadt.gmd.de.\1!0...U.
-..European ICE-TEL project1#0!..U....V3-Certification Authority1.0...U....Darmstadt..141.12.62.26
- X509v3 Basic Constraints: critical
- 0.
- X509v3 CRL Distribution Points:
- 0.0.......gmdca at gmd.de
- Signature Algorithm: md5WithRSAEncryption
- 69:0c:e1:b7:a7:f2:d8:fb:e8:69:c0:13:cd:37:ad:21:06:22:
- 4d:e8:c6:db:f1:04:0b:b7:e0:b3:d6:0c:81:03:ce:c3:6a:3e:
- c7:e7:24:24:a4:92:64:c2:83:83:06:42:53:0e:6f:09:1e:84:
- 9a:f7:6f:63:9b:94:99:83:d6:a4
------BEGIN CERTIFICATE-----
-MIIDTzCCAvmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHQwHhcNOTcwNDAyMTczNTU5WhcN
-OTgwNDAyMTczNTU5WjBrMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2pl
-Y3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQH
-EwlEYXJtc3RhZHQxDTALBgNVBAMTBFVTRVIwWTAKBgRVCAEBAgICAANLADBIAkEA
-qKhTY0kbk8PDC2yIEVXefmri+VKg3GklxMi/VeExqM7kqSmFmYoVmt72L+G0UF9e
-BHWm9HbcPA453Dq+PqRhiwIDAQABo4IBmDCCAZQwHwYDVR0jBBgwFoAUfnLy+DqG
-nEKINDRmdcPU/NGiETMwHQYDVR0OBBYEFJfc4B8gjSoRmLUx4Sq/ucIYiMrPMA4G
-A1UdDwEB/wQEAwIB8DAcBgNVHSABAf8EEjAQMAYGBCoDBAUwBgYECQgHBjBDBgNV
-HREEPDA6gRV1c2VyQGRhcm1zdGFkdC5nbWQuZGWGIWh0dHA6Ly93d3cuZGFybXN0
-YWR0LmdtZC5kZS9+dXNlcjCBsQYDVR0SBIGpMIGmgQxnbWRjYUBnbWQuZGWGEWh0
-dHA6Ly93d3cuZ21kLmRlghdzYXR1cm4uZGFybXN0YWR0LmdtZC5kZaRcMSEwHwYD
-VQQKExhFdXJvcGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5MRIwEAYDVQQHEwlEYXJtc3RhZHSHDDE0MS4xMi42
-Mi4yNjAMBgNVHRMBAf8EAjAAMB0GA1UdHwQWMBQwEqAQoA6BDGdtZGNhQGdtZC5k
-ZTANBgkqhkiG9w0BAQQFAANBAGkM4ben8tj76GnAE803rSEGIk3oxtvxBAu34LPW
-DIEDzsNqPsfnJCSkkmTCg4MGQlMObwkehJr3b2OblJmD1qQ=
------END CERTIFICATE-----
--- crypto/openssl/certs/dsa-ca.pem
+++ /dev/null
@@ -1,43 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
-
-svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
-Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
-Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
-par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
-zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
-uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
-rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
-1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
-HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
-MVqOsYxGCb+kez0FoDSTgw==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
-ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
-sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
-rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
-cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
-bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
-CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
-F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
-vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
-AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
-3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
-AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
-AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
-ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
-MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
-MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
-C1Q=
------END CERTIFICATE-----
-
--- crypto/openssl/certs/pca-cert.pem
+++ /dev/null
@@ -1,33 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIC5jCCAk+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
-MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
-HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzNTQ4WhcN
-MDUwNzExMjEzNTQ4WjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
-ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENB
-ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ2haT/f5Zwy
-V+MiuSDjSR62adBoSiBB7Usty44lXqsp9RICw+DCCxpsn/CfxPEDXLLd4olsWXc6
-JRcxGynbYmnzk+Z6aIPPJQhK3CTvaqGnWKZsA1m+WaUIUqJCuNTK4N+7hMAGaf6S
-S3e9HVgEQ4a34gXJ7VQFVIBNV1EnZRWHAgMBAAGjgbcwgbQwHQYDVR0OBBYEFE0R
-aEcrj18q1dw+G6nJbsTWR213MIGEBgNVHSMEfTB7gBRNEWhHK49fKtXcPhupyW7E
-1kdtd6FgpF4wXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
-BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
-NCBiaXQpggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAUa8B3pho
-+Mvxeq9HsEzJxHIFQla05S5J/e/V+DQTYoKiRFchKPrDAdrzYSEvP3h4QJEtsNqQ
-JfOxg5M42uLFq7aPGWkF6ZZqZsYS+zA9IVT14g7gNA6Ne+5QtJqQtH9HA24st0T0
-Tga/lZ9M2ovImovaxSL/kRHbpCWcqWVxpOw=
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
-wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
-vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
-AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
-z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
-xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
-HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
-yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
-xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
-7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
-h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
-QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
-hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
------END RSA PRIVATE KEY-----
--- crypto/openssl/certs/ICE.crl
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN X509 CRL-----
-MIIBNDCBnjANBgkqhkiG9w0BAQIFADBFMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0Ut
-VEVMIFByb2plY3QxIDAeBgNVBAsTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05
-NzA2MDkxNDQyNDNaFw05NzA3MDkxNDQyNDNaMCgwEgIBChcNOTcwMzAzMTQ0MjU0
-WjASAgEJFw05NjEwMDIxMjI5MjdaMA0GCSqGSIb3DQEBAgUAA4GBAH4vgWo2Tej/
-i7kbiw4Imd30If91iosjClNpBFwvwUDBclPEeMuYimHbLOk4H8Nofc0fw11+U/IO
-KSNouUDcqG7B64oY7c4SXKn+i1MWOb5OJiWeodX3TehHjBlyWzoNMWCnYA8XqFP1
-mOKp8Jla1BibEZf14+/HqCi2hnZUiEXh
------END X509 CRL-----
--- crypto/openssl/certs/ca-cert.pem
+++ /dev/null
@@ -1,33 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIC5TCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
-MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
-HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzODUxWhcN
-MDUwNzEwMjEzODUxWjBbMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
-ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxGzAZBgNVBAMTElRlc3QgQ0Eg
-KDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo7ujy3XXpU/p
-yDJtOxkMJmGv3mdiVm7JrdoKLUgqjO2rBaeNuYMUiuI6oYU+tlD6agwRML0Pn2JF
-b90VdK/UXrmRr9djaEuH17EIKjte5RwOzndCndsjcCYyoeODMTyg7dqPIkDMmRNM
-5R5xBTabD+Aji0wzQupYxBLuW5PLj7ECAwEAAaOBtzCBtDAdBgNVHQ4EFgQU1WWA
-U42mkhi3ecgey1dsJjU61+UwgYQGA1UdIwR9MHuAFE0RaEcrj18q1dw+G6nJbsTW
-R213oWCkXjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
-A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0
-IGJpdCmCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBb39BRphHL
-6aRAQyymsvBvPSCiG9+kR0R1L23aTpNbhXp2BebyFjbEQYZc2kWGiKKcHkNECA35
-3d4LoqUlVey8DFyafOIJd9hxdZfg+rxlHMxnL7uCJRmx9+xB411Jtsol9/wg1uCK
-sleGpgB4j8cG2SVCz7V2MNZNK+d5QCnR7A==
------END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
-gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
-2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
-AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
-hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
-J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
-HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
-21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
-nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
-MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
-pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
-KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
-XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
------END RSA PRIVATE KEY-----
--- crypto/openssl/certs/tjhCA.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
-IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
-VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
-NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
-EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
-I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
-RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
-KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
-Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
-9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
-WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
------END CERTIFICATE-----
--- crypto/openssl/certs/ICE-root.pem
+++ /dev/null
@@ -1,48 +0,0 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 0 (0x0)
- Signature Algorithm: md5WithRSAEncryption
- Issuer: O=European ICE-TEL project, OU=V3-Certification Authority
- Validity
- Not Before: Apr 2 17:33:36 1997 GMT
- Not After : Apr 2 17:33:36 1998 GMT
- Subject: O=European ICE-TEL project, OU=V3-Certification Authority
- Subject Public Key Info:
- Public Key Algorithm: rsa
- RSA Public Key: (512 bit)
- Modulus (512 bit):
- 00:80:3e:eb:ae:47:a9:fe:10:54:0b:81:8b:9c:2b:
- 82:ab:3a:61:36:65:8b:f3:73:9f:ac:ac:7a:15:a7:
- 13:8f:b4:c4:ba:a3:0f:bc:a5:58:8d:cc:b1:93:31:
- 9e:81:9e:8c:19:61:86:fa:52:73:54:d1:97:76:22:
- e7:c7:9f:41:cd
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- ........z.."p......e..
- X509v3 Key Usage: critical
- ....
- X509v3 Subject Alternative Name:
- 0I.*http://www.darmstadt.gmd.de/ice-tel/euroca..ice-tel-ca@darmstadt.gmd.de
- X509v3 Basic Constraints: critical
- 0....
- Signature Algorithm: md5WithRSAEncryption
- 76:69:61:db:b7:cf:8b:06:9e:d8:8c:96:53:d2:4d:a8:23:a6:
- 03:44:e8:8f:24:a5:c0:84:a8:4b:77:d4:2d:2b:7d:37:91:67:
- f2:2c:ce:02:31:4c:6b:cc:ce:f2:68:a6:11:11:ab:7d:88:b8:
- 7e:22:9f:25:06:60:bd:79:30:3d
------BEGIN CERTIFICATE-----
-MIICFjCCAcCgAwIBAgIBADANBgkqhkiG9w0BAQQFADBIMSEwHwYDVQQKExhFdXJv
-cGVhbiBJQ0UtVEVMIHByb2plY3QxIzAhBgNVBAsTGlYzLUNlcnRpZmljYXRpb24g
-QXV0aG9yaXR5MB4XDTk3MDQwMjE3MzMzNloXDTk4MDQwMjE3MzMzNlowSDEhMB8G
-A1UEChMYRXVyb3BlYW4gSUNFLVRFTCBwcm9qZWN0MSMwIQYDVQQLExpWMy1DZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTBZMAoGBFUIAQECAgIAA0sAMEgCQQCAPuuuR6n+
-EFQLgYucK4KrOmE2ZYvzc5+srHoVpxOPtMS6ow+8pViNzLGTMZ6BnowZYYb6UnNU
-0Zd2IufHn0HNAgMBAAGjgZcwgZQwHQYDVR0OBBYEFIr3yNUOx3ro1yJw4AuJ1bbs
-ZbzPMA4GA1UdDwEB/wQEAwIB9jBSBgNVHREESzBJhipodHRwOi8vd3d3LmRhcm1z
-dGFkdC5nbWQuZGUvaWNlLXRlbC9ldXJvY2GBG2ljZS10ZWwtY2FAZGFybXN0YWR0
-LmdtZC5kZTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA0EAdmlh27fP
-iwae2IyWU9JNqCOmA0TojySlwISoS3fULSt9N5Fn8izOAjFMa8zO8mimERGrfYi4
-fiKfJQZgvXkwPQ==
------END CERTIFICATE-----
--- crypto/openssl/certs/timCA.pem
+++ /dev/null
@@ -1,16 +0,0 @@
-Tims test GCI CA
-
------BEGIN CERTIFICATE-----
-MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
-cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
-cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
-gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
-cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
-dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
-AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
-OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
-AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
-TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
------END CERTIFICATE-----
-
--- crypto/openssl/certs/nortelCA.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
-BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
-HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
-IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
-MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
-aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
-GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
-ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
-zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
-YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
-hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
-cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
-YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
------END CERTIFICATE-----
-
--- crypto/openssl/certs/vsigntca.pem
+++ /dev/null
@@ -1,18 +0,0 @@
-subject=/O=VeriSign, Inc/OU=www.verisign.com/repository/TestCPS Incorp. By Ref. Liab. LTD./OU=For VeriSign authorized testing only. No assurances (C)VS1997
-notBefore=Mar 4 00:00:00 1997 GMT
-notAfter=Mar 4 23:59:59 2025 GMT
------BEGIN CERTIFICATE-----
-MIICTTCCAfcCEEdoCqpuXxnoK27q7d58Qc4wDQYJKoZIhvcNAQEEBQAwgakxFjAU
-BgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52ZXJpc2lnbi5jb20v
-cmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBMaWFiLiBMVEQuMUYw
-RAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0aW5nIG9ubHkuIE5v
-IGFzc3VyYW5jZXMgKEMpVlMxOTk3MB4XDTk3MDMwNDAwMDAwMFoXDTI1MDMwNDIz
-NTk1OVowgakxFjAUBgNVBAoTDVZlcmlTaWduLCBJbmMxRzBFBgNVBAsTPnd3dy52
-ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9UZXN0Q1BTIEluY29ycC4gQnkgUmVmLiBM
-aWFiLiBMVEQuMUYwRAYDVQQLEz1Gb3IgVmVyaVNpZ24gYXV0aG9yaXplZCB0ZXN0
-aW5nIG9ubHkuIE5vIGFzc3VyYW5jZXMgKEMpVlMxOTk3MFwwDQYJKoZIhvcNAQEB
-BQADSwAwSAJBAMak6xImJx44jMKcbkACy5/CyMA2fqXK4PlzTtCxRq5tFkDzne7s
-cI8oFK/J+gFZNE3bjidDxf07O3JOYG9RGx8CAwEAATANBgkqhkiG9w0BAQQFAANB
-ADT523tENOKrEheZFpsJx1UUjPrG7TwYc/C4NBHrZI4gZJcKVFIfNulftVS6UMYW
-ToLEMaUojc3DuNXHG21PDG8=
------END CERTIFICATE-----
--- crypto/openssl/certs/rsa-cca.pem
+++ /dev/null
@@ -1,19 +0,0 @@
-subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
-notBefore=941104185834Z
-notAfter =991103185834Z
------BEGIN X509 CERTIFICATE-----
-
-MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
-HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
-Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
-OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
-ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
-975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
-touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
-7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
-9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
-0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
-MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
------END X509 CERTIFICATE-----
--- crypto/openssl/certs/factory.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
-MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
-DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
-CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
-amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
-iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
-U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
-zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
-BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
-A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
-/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
-lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
-S7ELuYGtmYgYm9NZOIr7yU0=
------END CERTIFICATE-----
--- crypto/openssl/certs/dsa-pca.pem
+++ /dev/null
@@ -1,49 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
-
-GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
-mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
-of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
-FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
-RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
-qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
-diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
-V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
-hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
-dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE REQUEST-----
-MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
-ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
-MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
-lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
-Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
-5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
-aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
-kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
-QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
-6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
-yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
-z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
-nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
------END CERTIFICATE REQUEST-----
------BEGIN CERTIFICATE-----
-MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
-U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
-CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
-CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
-ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
-ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
-R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
-JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
-BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
-mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
-VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
-uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
-umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
-29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
-AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
-5rKUjNBhSg==
------END CERTIFICATE-----
-
Index: dh_key.c
===================================================================
RCS file: /home/cvs/src/crypto/openssl/crypto/dh/dh_key.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/crypto/dh/dh_key.c -L crypto/openssl/crypto/dh/dh_key.c -u -r1.2 -r1.3
--- crypto/openssl/crypto/dh/dh_key.c
+++ crypto/openssl/crypto/dh/dh_key.c
@@ -62,8 +62,6 @@
#include <openssl/rand.h>
#include <openssl/dh.h>
-#ifndef OPENSSL_FIPS
-
static int generate_key(DH *dh);
static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
@@ -91,6 +89,7 @@
dh_init,
dh_finish,
0,
+NULL,
NULL
};
@@ -105,7 +104,7 @@
int generate_new_key=0;
unsigned l;
BN_CTX *ctx;
- BN_MONT_CTX *mont;
+ BN_MONT_CTX *mont=NULL;
BIGNUM *pub_key=NULL,*priv_key=NULL;
ctx = BN_CTX_new();
@@ -128,28 +127,43 @@
else
pub_key=dh->pub_key;
- if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
+
+ if (dh->flags & DH_FLAG_CACHE_MONT_P)
{
- if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
- if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
- dh->p,ctx)) goto err;
+ mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
+ CRYPTO_LOCK_DH, dh->p, ctx);
+ if (!mont)
+ goto err;
}
- mont=(BN_MONT_CTX *)dh->method_mont_p;
if (generate_new_key)
{
l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
if (!BN_rand(priv_key, l, 0, 0)) goto err;
}
- if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont))
- goto err;
+
+ {
+ BIGNUM local_prk;
+ BIGNUM *prk;
+
+ if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
+ {
+ BN_init(&local_prk);
+ prk = &local_prk;
+ BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
+ }
+ else
+ prk = priv_key;
+
+ if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
+ }
dh->pub_key=pub_key;
dh->priv_key=priv_key;
ok=1;
err:
if (ok != 1)
- DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
+ DHerr(DH_F_GENERATE_KEY,ERR_R_BN_LIB);
if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
@@ -159,15 +173,16 @@
static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
{
- BN_CTX *ctx;
- BN_MONT_CTX *mont;
+ BN_CTX *ctx=NULL;
+ BN_MONT_CTX *mont=NULL;
BIGNUM *tmp;
int ret= -1;
+ int check_result;
if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS)
{
- DHerr(DH_F_DH_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
- return -1;
+ DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE);
+ goto err;
}
ctx = BN_CTX_new();
@@ -177,27 +192,42 @@
if (dh->priv_key == NULL)
{
- DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
+ DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
goto err;
}
- if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
+
+ if (dh->flags & DH_FLAG_CACHE_MONT_P)
{
- if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
- if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
- dh->p,ctx)) goto err;
+ mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
+ CRYPTO_LOCK_DH, dh->p, ctx);
+ if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
+ {
+ /* XXX */
+ BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME);
+ }
+ if (!mont)
+ goto err;
+ }
+
+ if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result)
+ {
+ DHerr(DH_F_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
+ goto err;
}
- mont=(BN_MONT_CTX *)dh->method_mont_p;
if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
{
- DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
+ DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB);
goto err;
}
ret=BN_bn2bin(tmp,key);
err:
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
+ if (ctx != NULL)
+ {
+ BN_CTX_end(ctx);
+ BN_CTX_free(ctx);
+ }
return(ret);
}
@@ -206,7 +236,10 @@
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx)
{
- if (a->top == 1)
+ /* If a is only one word long and constant time is false, use the faster
+ * exponenentiation function.
+ */
+ if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
{
BN_ULONG A = a->d[0];
return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
@@ -225,8 +258,6 @@
static int dh_finish(DH *dh)
{
if(dh->method_mont_p)
- BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
+ BN_MONT_CTX_free(dh->method_mont_p);
return(1);
}
-
-#endif
Index: dh_err.c
===================================================================
RCS file: /home/cvs/src/crypto/openssl/crypto/dh/dh_err.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/crypto/dh/dh_err.c -L crypto/openssl/crypto/dh/dh_err.c -u -r1.2 -r1.3
--- crypto/openssl/crypto/dh/dh_err.c
+++ crypto/openssl/crypto/dh/dh_err.c
@@ -1,6 +1,6 @@
/* crypto/dh/dh_err.c */
/* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -64,22 +64,28 @@
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
+
static ERR_STRING_DATA DH_str_functs[]=
{
-{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"},
-{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"},
-{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"},
-{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"},
-{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"},
-{ERR_PACK(0,DH_F_DH_NEW_METHOD,0), "DH_new_method"},
+{ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"},
+{ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"},
+{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
+{ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
+{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
+{ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"},
+{ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"},
{0,NULL}
};
static ERR_STRING_DATA DH_str_reasons[]=
{
-{DH_R_BAD_GENERATOR ,"bad generator"},
-{DH_R_MODULUS_TOO_LARGE ,"modulus too large"},
-{DH_R_NO_PRIVATE_VALUE ,"no private value"},
+{ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"},
+{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"},
+{ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"},
+{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
{0,NULL}
};
@@ -87,15 +93,12 @@
void ERR_load_DH_strings(void)
{
- static int init=1;
-
- if (init)
- {
- init=0;
#ifndef OPENSSL_NO_ERR
- ERR_load_strings(ERR_LIB_DH,DH_str_functs);
- ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
-#endif
+ if (ERR_func_error_string(DH_str_functs[0].error) == NULL)
+ {
+ ERR_load_strings(0,DH_str_functs);
+ ERR_load_strings(0,DH_str_reasons);
}
+#endif
}
Index: dh.h
===================================================================
RCS file: /home/cvs/src/crypto/openssl/crypto/dh/dh.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/crypto/dh/dh.h -L crypto/openssl/crypto/dh/dh.h -u -r1.2 -r1.3
--- crypto/openssl/crypto/dh/dh.h
+++ crypto/openssl/crypto/dh/dh.h
@@ -59,6 +59,8 @@
#ifndef HEADER_DH_H
#define HEADER_DH_H
+#include <openssl/e_os2.h>
+
#ifdef OPENSSL_NO_DH
#error DH is disabled.
#endif
@@ -66,23 +68,34 @@
#ifndef OPENSSL_NO_BIO
#include <openssl/bio.h>
#endif
-#include <openssl/bn.h>
-#include <openssl/crypto.h>
#include <openssl/ossl_typ.h>
+#ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
+#endif
#ifndef OPENSSL_DH_MAX_MODULUS_BITS
# define OPENSSL_DH_MAX_MODULUS_BITS 10000
#endif
-#define DH_FLAG_CACHE_MONT_P 0x01
+#define DH_FLAG_CACHE_MONT_P 0x01
+#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
+ * implementation now uses constant time
+ * modular exponentiation for secret exponents
+ * by default. This flag causes the
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
#ifdef __cplusplus
extern "C" {
#endif
-typedef struct dh_st DH;
+/* Already defined in ossl_typ.h */
+/* typedef struct dh_st DH; */
+/* typedef struct dh_method DH_METHOD; */
-typedef struct dh_method {
+struct dh_method
+ {
const char *name;
/* Methods here */
int (*generate_key)(DH *dh);
@@ -95,7 +108,9 @@
int (*finish)(DH *dh);
int flags;
char *app_data;
-} DH_METHOD;
+ /* If this is non-NULL, it will be used to generate parameters */
+ int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb);
+ };
struct dh_st
{
@@ -110,7 +125,7 @@
BIGNUM *priv_key; /* x */
int flags;
- char *method_mont_p;
+ BN_MONT_CTX *method_mont_p;
/* Place holders if we want to do X9.42 DH */
BIGNUM *q;
BIGNUM *j;
@@ -134,25 +149,21 @@
#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
#define DH_NOT_SUITABLE_GENERATOR 0x08
+/* DH_check_pub_key error codes */
+#define DH_CHECK_PUBKEY_TOO_SMALL 0x01
+#define DH_CHECK_PUBKEY_TOO_LARGE 0x02
+
/* primes p where (p-1)/2 is prime too are called "safe"; we define
this for backward compatibility: */
#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME
-#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
- (char *(*)())d2i_DHparams,(char *)(x))
+#define DHparams_dup(x) ASN1_dup_of_const(DH,i2d_DHparams,d2i_DHparams,x)
#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
(unsigned char *)(x))
-#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \
- (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x))
-#ifdef __cplusplus
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio((int (*)())i2d_DHparams,(bp), \
- (unsigned char *)(x))
-#else
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \
- (unsigned char *)(x))
-#endif
+#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
+#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
const DH_METHOD *DH_OpenSSL(void);
@@ -169,9 +180,18 @@
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int DH_set_ex_data(DH *d, int idx, void *arg);
void *DH_get_ex_data(DH *d, int idx);
+
+/* Deprecated version */
+#ifndef OPENSSL_NO_DEPRECATED
DH * DH_generate_parameters(int prime_len,int generator,
void (*callback)(int,int,void *),void *cb_arg);
+#endif /* !defined(OPENSSL_NO_DEPRECATED) */
+
+/* New version */
+int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
+
int DH_check(const DH *dh,int *codes);
+int DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
int DH_generate_key(DH *dh);
int DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
DH * d2i_DHparams(DH **a,const unsigned char **pp, long length);
@@ -194,17 +214,19 @@
/* Error codes for the DH functions. */
/* Function codes. */
+#define DH_F_COMPUTE_KEY 102
#define DH_F_DHPARAMS_PRINT 100
#define DH_F_DHPARAMS_PRINT_FP 101
-#define DH_F_DH_COMPUTE_KEY 102
-#define DH_F_DH_GENERATE_KEY 103
-#define DH_F_DH_GENERATE_PARAMETERS 104
+#define DH_F_DH_BUILTIN_GENPARAMS 106
#define DH_F_DH_NEW_METHOD 105
+#define DH_F_GENERATE_KEY 103
+#define DH_F_GENERATE_PARAMETERS 104
/* Reason codes. */
#define DH_R_BAD_GENERATOR 101
-#define DH_R_NO_PRIVATE_VALUE 100
+#define DH_R_INVALID_PUBKEY 102
#define DH_R_MODULUS_TOO_LARGE 103
+#define DH_R_NO_PRIVATE_VALUE 100
#ifdef __cplusplus
}
Index: dsa_err.c
===================================================================
RCS file: /home/cvs/src/crypto/openssl/crypto/dsa/dsa_err.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/crypto/dsa/dsa_err.c -L crypto/openssl/crypto/dsa/dsa_err.c -u -r1.2 -r1.3
--- crypto/openssl/crypto/dsa/dsa_err.c
+++ crypto/openssl/crypto/dsa/dsa_err.c
@@ -1,6 +1,6 @@
/* crypto/dsa/dsa_err.c */
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -64,31 +64,35 @@
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSA,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason)
+
static ERR_STRING_DATA DSA_str_functs[]=
{
-{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0), "d2i_DSA_SIG"},
-{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0), "DSAparams_print"},
-{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0), "DSAparams_print_fp"},
-{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0), "DSA_do_sign"},
-{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0), "DSA_do_verify"},
-{ERR_PACK(0,DSA_F_DSA_NEW_METHOD,0), "DSA_new_method"},
-{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"},
-{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0), "DSA_print_fp"},
-{ERR_PACK(0,DSA_F_DSA_SIGN,0), "DSA_sign"},
-{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0), "DSA_sign_setup"},
-{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0), "DSA_SIG_new"},
-{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"},
-{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0), "i2d_DSA_SIG"},
-{ERR_PACK(0,DSA_F_SIG_CB,0), "SIG_CB"},
+{ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"},
+{ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
+{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
+{ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
+{ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
+{ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"},
+{ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"},
+{ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"},
+{ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"},
+{ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"},
+{ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
+{ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"},
+{ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"},
+{ERR_FUNC(DSA_F_SIG_CB), "SIG_CB"},
{0,NULL}
};
static ERR_STRING_DATA DSA_str_reasons[]=
{
-{DSA_R_BAD_Q_VALUE ,"bad q value"},
-{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
-{DSA_R_MISSING_PARAMETERS ,"missing parameters"},
-{DSA_R_MODULUS_TOO_LARGE ,"modulus too large"},
+{ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"},
+{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
+{ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"},
+{ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"},
{0,NULL}
};
@@ -96,15 +100,12 @@
void ERR_load_DSA_strings(void)
{
- static int init=1;
-
- if (init)
- {
- init=0;
#ifndef OPENSSL_NO_ERR
- ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
- ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
-#endif
+ if (ERR_func_error_string(DSA_str_functs[0].error) == NULL)
+ {
+ ERR_load_strings(0,DSA_str_functs);
+ ERR_load_strings(0,DSA_str_reasons);
}
+#endif
}
Index: dsa_ossl.c
===================================================================
RCS file: /home/cvs/src/crypto/openssl/crypto/dsa/dsa_ossl.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/crypto/dsa/dsa_ossl.c -L crypto/openssl/crypto/dsa/dsa_ossl.c -u -r1.2 -r1.3
--- crypto/openssl/crypto/dsa/dsa_ossl.c
+++ crypto/openssl/crypto/dsa/dsa_ossl.c
@@ -65,33 +65,63 @@
#include <openssl/rand.h>
#include <openssl/asn1.h>
-#ifndef OPENSSL_FIPS
static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
DSA *dsa);
static int dsa_init(DSA *dsa);
static int dsa_finish(DSA *dsa);
-static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
- BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont);
-static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
static DSA_METHOD openssl_dsa_meth = {
"OpenSSL DSA method",
dsa_do_sign,
dsa_sign_setup,
dsa_do_verify,
-dsa_mod_exp,
-dsa_bn_mod_exp,
+NULL, /* dsa_mod_exp, */
+NULL, /* dsa_bn_mod_exp, */
dsa_init,
dsa_finish,
0,
+NULL,
+NULL,
NULL
};
+/* These macro wrappers replace attempts to use the dsa_mod_exp() and
+ * bn_mod_exp() handlers in the DSA_METHOD structure. We avoid the problem of
+ * having a the macro work as an expression by bundling an "err_instr". So;
+ *
+ * if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
+ * dsa->method_mont_p)) goto err;
+ *
+ * can be replaced by;
+ *
+ * DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx,
+ * dsa->method_mont_p);
+ */
+
+#define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \
+ do { \
+ int _tmp_res53; \
+ if((dsa)->meth->dsa_mod_exp) \
+ _tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \
+ (a2), (p2), (m), (ctx), (in_mont)); \
+ else \
+ _tmp_res53 = BN_mod_exp2_mont((rr), (a1), (p1), (a2), (p2), \
+ (m), (ctx), (in_mont)); \
+ if(!_tmp_res53) err_instr; \
+ } while(0)
+#define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \
+ do { \
+ int _tmp_res53; \
+ if((dsa)->meth->bn_mod_exp) \
+ _tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \
+ (m), (ctx), (m_ctx)); \
+ else \
+ _tmp_res53 = BN_mod_exp_mont((r), (a), (p), (m), (ctx), (m_ctx)); \
+ if(!_tmp_res53) err_instr; \
+ } while(0)
+
const DSA_METHOD *DSA_OpenSSL(void)
{
return &openssl_dsa_meth;
@@ -172,7 +202,7 @@
static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
{
BN_CTX *ctx;
- BIGNUM k,*kinv=NULL,*r=NULL;
+ BIGNUM k,kq,*K,*kinv=NULL,*r=NULL;
int ret=0;
if (!dsa->p || !dsa->q || !dsa->g)
@@ -182,6 +212,7 @@
}
BN_init(&k);
+ BN_init(&kq);
if (ctx_in == NULL)
{
@@ -191,23 +222,50 @@
ctx=ctx_in;
if ((r=BN_new()) == NULL) goto err;
- kinv=NULL;
/* Get random k */
do
if (!BN_rand_range(&k, dsa->q)) goto err;
while (BN_is_zero(&k));
+ if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
+ {
+ BN_set_flags(&k, BN_FLG_EXP_CONSTTIME);
+ }
- if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
+ if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
{
- if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
- if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
- dsa->p,ctx)) goto err;
+ if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
+ CRYPTO_LOCK_DSA,
+ dsa->p, ctx))
+ goto err;
}
/* Compute r = (g^k mod p) mod q */
- if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
- (BN_MONT_CTX *)dsa->method_mont_p)) goto err;
+
+ if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
+ {
+ if (!BN_copy(&kq, &k)) goto err;
+
+ /* We do not want timing information to leak the length of k,
+ * so we compute g^k using an equivalent exponent of fixed length.
+ *
+ * (This is a kludge that we need because the BN_mod_exp_mont()
+ * does not let us specify the desired timing behaviour.) */
+
+ if (!BN_add(&kq, &kq, dsa->q)) goto err;
+ if (BN_num_bits(&kq) <= BN_num_bits(dsa->q))
+ {
+ if (!BN_add(&kq, &kq, dsa->q)) goto err;
+ }
+
+ K = &kq;
+ }
+ else
+ {
+ K = &k;
+ }
+ DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
+ dsa->method_mont_p);
if (!BN_mod(r,r,dsa->q,ctx)) goto err;
/* Compute part of 's = inv(k) (m + xr) mod q' */
@@ -229,6 +287,7 @@
if (ctx_in == NULL) BN_CTX_free(ctx);
if (kinv != NULL) BN_clear_free(kinv);
BN_clear_free(&k);
+ BN_clear_free(&kq);
return(ret);
}
@@ -263,12 +322,14 @@
if ((ctx=BN_CTX_new()) == NULL) goto err;
- if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
+ if (BN_is_zero(sig->r) || BN_is_negative(sig->r) ||
+ BN_ucmp(sig->r, dsa->q) >= 0)
{
ret = 0;
goto err;
}
- if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
+ if (BN_is_zero(sig->s) || BN_is_negative(sig->s) ||
+ BN_ucmp(sig->s, dsa->q) >= 0)
{
ret = 0;
goto err;
@@ -287,44 +348,28 @@
/* u2 = r * w mod q */
if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
- if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
+
+ if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
{
- if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
- if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
- dsa->p,ctx)) goto err;
+ mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,
+ CRYPTO_LOCK_DSA, dsa->p, ctx);
+ if (!mont)
+ goto err;
}
- mont=(BN_MONT_CTX *)dsa->method_mont_p;
-#if 0
- {
- BIGNUM t2;
- BN_init(&t2);
- /* v = ( g^u1 * y^u2 mod p ) mod q */
- /* let t1 = g ^ u1 mod p */
- if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err;
- /* let t2 = y ^ u2 mod p */
- if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err;
- /* let u1 = t1 * t2 mod p */
- if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn;
- BN_free(&t2);
- }
- /* let u1 = u1 mod q */
- if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
-#else
- {
- if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
- dsa->p,ctx,mont)) goto err;
+ DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p, ctx, mont);
/* BN_copy(&u1,&t1); */
/* let u1 = u1 mod q */
if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;
- }
-#endif
+
/* V is now in u1. If the signature is correct, it will be
* equal to R. */
ret=(BN_ucmp(&u1, sig->r) == 0);
err:
+ /* XXX: surely this is wrong - if ret is 0, it just didn't verify;
+ there is no error in BN. Test should be ret == -1 (Ben) */
if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
if (ctx != NULL) BN_CTX_free(ctx);
BN_free(&u1);
@@ -342,21 +387,7 @@
static int dsa_finish(DSA *dsa)
{
if(dsa->method_mont_p)
- BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p);
+ BN_MONT_CTX_free(dsa->method_mont_p);
return(1);
}
-static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
- BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont)
-{
- return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont);
-}
-
-static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
-}
-#endif
Index: dsa.h
===================================================================
RCS file: /home/cvs/src/crypto/openssl/crypto/dsa/dsa.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/crypto/dsa/dsa.h -L crypto/openssl/crypto/dsa/dsa.h -u -r1.2 -r1.3
--- crypto/openssl/crypto/dsa/dsa.h
+++ crypto/openssl/crypto/dsa/dsa.h
@@ -65,6 +65,8 @@
#ifndef HEADER_DSA_H
#define HEADER_DSA_H
+#include <openssl/e_os2.h>
+
#ifdef OPENSSL_NO_DSA
#error DSA is disabled.
#endif
@@ -72,28 +74,36 @@
#ifndef OPENSSL_NO_BIO
#include <openssl/bio.h>
#endif
-#include <openssl/bn.h>
#include <openssl/crypto.h>
#include <openssl/ossl_typ.h>
+
+#ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
#ifndef OPENSSL_NO_DH
# include <openssl/dh.h>
#endif
+#endif
#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
#endif
#define DSA_FLAG_CACHE_MONT_P 0x01
-
-#if defined(OPENSSL_FIPS)
-#define FIPS_DSA_SIZE_T int
-#endif
+#define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
+ * implementation now uses constant time
+ * modular exponentiation for secret exponents
+ * by default. This flag causes the
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
#ifdef __cplusplus
extern "C" {
#endif
-typedef struct dsa_st DSA;
+/* Already defined in ossl_typ.h */
+/* typedef struct dsa_st DSA; */
+/* typedef struct dsa_method DSA_METHOD; */
typedef struct DSA_SIG_st
{
@@ -101,7 +111,8 @@
BIGNUM *s;
} DSA_SIG;
-typedef struct dsa_method {
+struct dsa_method
+ {
const char *name;
DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
@@ -118,7 +129,14 @@
int (*finish)(DSA *dsa);
int flags;
char *app_data;
-} DSA_METHOD;
+ /* If this is non-NULL, it is used to generate DSA parameters */
+ int (*dsa_paramgen)(DSA *dsa, int bits,
+ unsigned char *seed, int seed_len,
+ int *counter_ret, unsigned long *h_ret,
+ BN_GENCB *cb);
+ /* If this is non-NULL, it is used to generate DSA keys */
+ int (*dsa_keygen)(DSA *dsa);
+ };
struct dsa_st
{
@@ -139,7 +157,7 @@
int flags;
/* Normally used to cache montgomery values */
- char *method_mont_p;
+ BN_MONT_CTX *method_mont_p;
int references;
CRYPTO_EX_DATA ex_data;
const DSA_METHOD *meth;
@@ -147,16 +165,13 @@
ENGINE *engine;
};
-#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
- (char *(*)())d2i_DSAparams,(char *)(x))
+#define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x)
#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
(unsigned char *)(x))
-#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
- (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
-#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
- (unsigned char *)(x))
+#define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
+#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
DSA_SIG * DSA_SIG_new(void);
@@ -194,10 +209,20 @@
DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
+
+/* Deprecated version */
+#ifndef OPENSSL_NO_DEPRECATED
DSA * DSA_generate_parameters(int bits,
unsigned char *seed,int seed_len,
int *counter_ret, unsigned long *h_ret,void
(*callback)(int, int, void *),void *cb_arg);
+#endif /* !defined(OPENSSL_NO_DEPRECATED) */
+
+/* New version */
+int DSA_generate_parameters_ex(DSA *dsa, int bits,
+ unsigned char *seed,int seed_len,
+ int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+
int DSA_generate_key(DSA *a);
int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
--- crypto/openssl/crypto/bn/asm/co-alpha.pl
+++ /dev/null
@@ -1,116 +0,0 @@
-#!/usr/local/bin/perl
-# I have this in perl so I can use more usefull register names and then convert
-# them into alpha registers.
-#
-
-push(@INC,"perlasm","../../perlasm");
-require "alpha.pl";
-
-&asm_init($ARGV[0],$0);
-
-print &bn_sub_words("bn_sub_words");
-
-&asm_finish();
-
-sub bn_sub_words
- {
- local($name)=@_;
- local($cc,$a,$b,$r);
-
- $cc="r0";
- $a0="r1"; $b0="r5"; $r0="r9"; $tmp="r13";
- $a1="r2"; $b1="r6"; $r1="r10"; $t1="r14";
- $a2="r3"; $b2="r7"; $r2="r11";
- $a3="r4"; $b3="r8"; $r3="r12"; $t3="r15";
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $bp=&wparam(2);
- $count=&wparam(3);
-
- &function_begin($name,"");
-
- &comment("");
- &sub($count,4,$count);
- &mov("zero",$cc);
- &blt($count,&label("finish"));
-
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
-
-##########################################################
- &set_label("loop");
-
- &ld($a1,&QWPw(1,$ap));
- &cmpult($a0,$b0,$tmp); # will we borrow?
- &ld($b1,&QWPw(1,$bp));
- &sub($a0,$b0,$a0); # do the subtract
- &ld($a2,&QWPw(2,$ap));
- &cmpult($a0,$cc,$b0); # will we borrow?
- &ld($b2,&QWPw(2,$bp));
- &sub($a0,$cc,$a0); # will we borrow?
- &ld($a3,&QWPw(3,$ap));
- &add($b0,$tmp,$cc); # add the borrows
-
- &cmpult($a1,$b1,$t1); # will we borrow?
- &sub($a1,$b1,$a1); # do the subtract
- &ld($b3,&QWPw(3,$bp));
- &cmpult($a1,$cc,$b1); # will we borrow?
- &sub($a1,$cc,$a1); # will we borrow?
- &add($b1,$t1,$cc); # add the borrows
-
- &cmpult($a2,$b2,$tmp); # will we borrow?
- &sub($a2,$b2,$a2); # do the subtract
- &st($a0,&QWPw(0,$rp)); # save
- &cmpult($a2,$cc,$b2); # will we borrow?
- &sub($a2,$cc,$a2); # will we borrow?
- &add($b2,$tmp,$cc); # add the borrows
-
- &cmpult($a3,$b3,$t3); # will we borrow?
- &sub($a3,$b3,$a3); # do the subtract
- &st($a1,&QWPw(1,$rp)); # save
- &cmpult($a3,$cc,$b3); # will we borrow?
- &sub($a3,$cc,$a3); # will we borrow?
- &add($b3,$t3,$cc); # add the borrows
-
- &st($a2,&QWPw(2,$rp)); # save
- &sub($count,4,$count); # count-=4
- &st($a3,&QWPw(3,$rp)); # save
- &add($ap,4*$QWS,$ap); # count+=4
- &add($bp,4*$QWS,$bp); # count+=4
- &add($rp,4*$QWS,$rp); # count+=4
-
- &blt($count,&label("finish"));
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
- &br(&label("loop"));
-##################################################
- # Do the last 0..3 words
-
- &set_label("last_loop");
-
- &ld($a0,&QWPw(0,$ap)); # get a
- &ld($b0,&QWPw(0,$bp)); # get b
- &cmpult($a0,$b0,$tmp); # will we borrow?
- &sub($a0,$b0,$a0); # do the subtract
- &cmpult($a0,$cc,$b0); # will we borrow?
- &sub($a0,$cc,$a0); # will we borrow?
- &st($a0,&QWPw(0,$rp)); # save
- &add($b0,$tmp,$cc); # add the borrows
-
- &add($ap,$QWS,$ap);
- &add($bp,$QWS,$bp);
- &add($rp,$QWS,$rp);
- &sub($count,1,$count);
- &bgt($count,&label("last_loop"));
- &function_end_A($name);
-
-######################################################
- &set_label("finish");
- &add($count,4,$count);
- &bgt($count,&label("last_loop"));
-
- &set_label("end");
- &function_end($name);
- }
-
--- crypto/openssl/crypto/bn/asm/ca.pl
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/usr/local/bin/perl
-# I have this in perl so I can use more usefull register names and then convert
-# them into alpha registers.
-#
-
-push(@INC,"perlasm","../../perlasm");
-require "alpha.pl";
-require "alpha/mul_add.pl";
-require "alpha/mul.pl";
-require "alpha/sqr.pl";
-require "alpha/add.pl";
-require "alpha/sub.pl";
-require "alpha/mul_c8.pl";
-require "alpha/mul_c4.pl";
-require "alpha/sqr_c4.pl";
-require "alpha/sqr_c8.pl";
-require "alpha/div.pl";
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_words("bn_mul_words");
-&bn_sqr_words("bn_sqr_words");
-&bn_mul_add_words("bn_mul_add_words");
-&bn_add_words("bn_add_words");
-&bn_sub_words("bn_sub_words");
-&bn_div_words("bn_div_words");
-&bn_mul_comba8("bn_mul_comba8");
-&bn_mul_comba4("bn_mul_comba4");
-&bn_sqr_comba4("bn_sqr_comba4");
-&bn_sqr_comba8("bn_sqr_comba8");
-
-&asm_finish();
-
--- crypto/openssl/crypto/bn/asm/alpha.s
+++ /dev/null
@@ -1,3199 +0,0 @@
- # DEC Alpha assember
- # The bn_div_words is actually gcc output but the other parts are hand done.
- # Thanks to tzeruch at ceddec.com for sending me the gcc output for
- # bn_div_words.
- # I've gone back and re-done most of routines.
- # The key thing to remeber for the 164 CPU is that while a
- # multiply operation takes 8 cycles, another one can only be issued
- # after 4 cycles have elapsed. I've done modification to help
- # improve this. Also, normally, a ld instruction will not be available
- # for about 3 cycles.
- .file 1 "bn_asm.c"
- .set noat
-gcc2_compiled.:
-__gnu_compiled_c:
- .text
- .align 3
- .globl bn_mul_add_words
- .ent bn_mul_add_words
-bn_mul_add_words:
-bn_mul_add_words..ng:
- .frame $30,0,$26,0
- .prologue 0
- .align 5
- subq $18,4,$18
- bis $31,$31,$0
- blt $18,$43 # if we are -1, -2, -3 or -4 goto tail code
- ldq $20,0($17) # 1 1
- ldq $1,0($16) # 1 1
- .align 3
-$42:
- mulq $20,$19,$5 # 1 2 1 ######
- ldq $21,8($17) # 2 1
- ldq $2,8($16) # 2 1
- umulh $20,$19,$20 # 1 2 ######
- ldq $27,16($17) # 3 1
- ldq $3,16($16) # 3 1
- mulq $21,$19,$6 # 2 2 1 ######
- ldq $28,24($17) # 4 1
- addq $1,$5,$1 # 1 2 2
- ldq $4,24($16) # 4 1
- umulh $21,$19,$21 # 2 2 ######
- cmpult $1,$5,$22 # 1 2 3 1
- addq $20,$22,$20 # 1 3 1
- addq $1,$0,$1 # 1 2 3 1
- mulq $27,$19,$7 # 3 2 1 ######
- cmpult $1,$0,$0 # 1 2 3 2
- addq $2,$6,$2 # 2 2 2
- addq $20,$0,$0 # 1 3 2
- cmpult $2,$6,$23 # 2 2 3 1
- addq $21,$23,$21 # 2 3 1
- umulh $27,$19,$27 # 3 2 ######
- addq $2,$0,$2 # 2 2 3 1
- cmpult $2,$0,$0 # 2 2 3 2
- subq $18,4,$18
- mulq $28,$19,$8 # 4 2 1 ######
- addq $21,$0,$0 # 2 3 2
- addq $3,$7,$3 # 3 2 2
- addq $16,32,$16
- cmpult $3,$7,$24 # 3 2 3 1
- stq $1,-32($16) # 1 2 4
- umulh $28,$19,$28 # 4 2 ######
- addq $27,$24,$27 # 3 3 1
- addq $3,$0,$3 # 3 2 3 1
- stq $2,-24($16) # 2 2 4
- cmpult $3,$0,$0 # 3 2 3 2
- stq $3,-16($16) # 3 2 4
- addq $4,$8,$4 # 4 2 2
- addq $27,$0,$0 # 3 3 2
- cmpult $4,$8,$25 # 4 2 3 1
- addq $17,32,$17
- addq $28,$25,$28 # 4 3 1
- addq $4,$0,$4 # 4 2 3 1
- cmpult $4,$0,$0 # 4 2 3 2
- stq $4,-8($16) # 4 2 4
- addq $28,$0,$0 # 4 3 2
- blt $18,$43
-
- ldq $20,0($17) # 1 1
- ldq $1,0($16) # 1 1
-
- br $42
-
- .align 4
-$45:
- ldq $20,0($17) # 4 1
- ldq $1,0($16) # 4 1
- mulq $20,$19,$5 # 4 2 1
- subq $18,1,$18
- addq $16,8,$16
- addq $17,8,$17
- umulh $20,$19,$20 # 4 2
- addq $1,$5,$1 # 4 2 2
- cmpult $1,$5,$22 # 4 2 3 1
- addq $20,$22,$20 # 4 3 1
- addq $1,$0,$1 # 4 2 3 1
- cmpult $1,$0,$0 # 4 2 3 2
- addq $20,$0,$0 # 4 3 2
- stq $1,-8($16) # 4 2 4
- bgt $18,$45
- ret $31,($26),1 # else exit
-
- .align 4
-$43:
- addq $18,4,$18
- bgt $18,$45 # goto tail code
- ret $31,($26),1 # else exit
-
- .end bn_mul_add_words
- .align 3
- .globl bn_mul_words
- .ent bn_mul_words
-bn_mul_words:
-bn_mul_words..ng:
- .frame $30,0,$26,0
- .prologue 0
- .align 5
- subq $18,4,$18
- bis $31,$31,$0
- blt $18,$143 # if we are -1, -2, -3 or -4 goto tail code
- ldq $20,0($17) # 1 1
- .align 3
-$142:
-
- mulq $20,$19,$5 # 1 2 1 #####
- ldq $21,8($17) # 2 1
- ldq $27,16($17) # 3 1
- umulh $20,$19,$20 # 1 2 #####
- ldq $28,24($17) # 4 1
- mulq $21,$19,$6 # 2 2 1 #####
- addq $5,$0,$5 # 1 2 3 1
- subq $18,4,$18
- cmpult $5,$0,$0 # 1 2 3 2
- umulh $21,$19,$21 # 2 2 #####
- addq $20,$0,$0 # 1 3 2
- addq $17,32,$17
- addq $6,$0,$6 # 2 2 3 1
- mulq $27,$19,$7 # 3 2 1 #####
- cmpult $6,$0,$0 # 2 2 3 2
- addq $21,$0,$0 # 2 3 2
- addq $16,32,$16
- umulh $27,$19,$27 # 3 2 #####
- stq $5,-32($16) # 1 2 4
- mulq $28,$19,$8 # 4 2 1 #####
- addq $7,$0,$7 # 3 2 3 1
- stq $6,-24($16) # 2 2 4
- cmpult $7,$0,$0 # 3 2 3 2
- umulh $28,$19,$28 # 4 2 #####
- addq $27,$0,$0 # 3 3 2
- stq $7,-16($16) # 3 2 4
- addq $8,$0,$8 # 4 2 3 1
- cmpult $8,$0,$0 # 4 2 3 2
-
- addq $28,$0,$0 # 4 3 2
-
- stq $8,-8($16) # 4 2 4
-
- blt $18,$143
-
- ldq $20,0($17) # 1 1
-
- br $142
-
- .align 4
-$145:
- ldq $20,0($17) # 4 1
- mulq $20,$19,$5 # 4 2 1
- subq $18,1,$18
- umulh $20,$19,$20 # 4 2
- addq $5,$0,$5 # 4 2 3 1
- addq $16,8,$16
- cmpult $5,$0,$0 # 4 2 3 2
- addq $17,8,$17
- addq $20,$0,$0 # 4 3 2
- stq $5,-8($16) # 4 2 4
-
- bgt $18,$145
- ret $31,($26),1 # else exit
-
- .align 4
-$143:
- addq $18,4,$18
- bgt $18,$145 # goto tail code
- ret $31,($26),1 # else exit
-
- .end bn_mul_words
- .align 3
- .globl bn_sqr_words
- .ent bn_sqr_words
-bn_sqr_words:
-bn_sqr_words..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- subq $18,4,$18
- blt $18,$543 # if we are -1, -2, -3 or -4 goto tail code
- ldq $20,0($17) # 1 1
- .align 3
-$542:
- mulq $20,$20,$5 ######
- ldq $21,8($17) # 1 1
- subq $18,4
- umulh $20,$20,$1 ######
- ldq $27,16($17) # 1 1
- mulq $21,$21,$6 ######
- ldq $28,24($17) # 1 1
- stq $5,0($16) # r[0]
- umulh $21,$21,$2 ######
- stq $1,8($16) # r[1]
- mulq $27,$27,$7 ######
- stq $6,16($16) # r[0]
- umulh $27,$27,$3 ######
- stq $2,24($16) # r[1]
- mulq $28,$28,$8 ######
- stq $7,32($16) # r[0]
- umulh $28,$28,$4 ######
- stq $3,40($16) # r[1]
-
- addq $16,64,$16
- addq $17,32,$17
- stq $8,-16($16) # r[0]
- stq $4,-8($16) # r[1]
-
- blt $18,$543
- ldq $20,0($17) # 1 1
- br $542
-
-$442:
- ldq $20,0($17) # a[0]
- mulq $20,$20,$5 # a[0]*w low part r2
- addq $16,16,$16
- addq $17,8,$17
- subq $18,1,$18
- umulh $20,$20,$1 # a[0]*w high part r3
- stq $5,-16($16) # r[0]
- stq $1,-8($16) # r[1]
-
- bgt $18,$442
- ret $31,($26),1 # else exit
-
- .align 4
-$543:
- addq $18,4,$18
- bgt $18,$442 # goto tail code
- ret $31,($26),1 # else exit
- .end bn_sqr_words
-
- .align 3
- .globl bn_add_words
- .ent bn_add_words
-bn_add_words:
-bn_add_words..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- subq $19,4,$19
- bis $31,$31,$0 # carry = 0
- blt $19,$900
- ldq $5,0($17) # a[0]
- ldq $1,0($18) # b[1]
- .align 3
-$901:
- addq $1,$5,$1 # r=a+b;
- ldq $6,8($17) # a[1]
- cmpult $1,$5,$22 # did we overflow?
- ldq $2,8($18) # b[1]
- addq $1,$0,$1 # c+= overflow
- ldq $7,16($17) # a[2]
- cmpult $1,$0,$0 # overflow?
- ldq $3,16($18) # b[2]
- addq $0,$22,$0
- ldq $8,24($17) # a[3]
- addq $2,$6,$2 # r=a+b;
- ldq $4,24($18) # b[3]
- cmpult $2,$6,$23 # did we overflow?
- addq $3,$7,$3 # r=a+b;
- addq $2,$0,$2 # c+= overflow
- cmpult $3,$7,$24 # did we overflow?
- cmpult $2,$0,$0 # overflow?
- addq $4,$8,$4 # r=a+b;
- addq $0,$23,$0
- cmpult $4,$8,$25 # did we overflow?
- addq $3,$0,$3 # c+= overflow
- stq $1,0($16) # r[0]=c
- cmpult $3,$0,$0 # overflow?
- stq $2,8($16) # r[1]=c
- addq $0,$24,$0
- stq $3,16($16) # r[2]=c
- addq $4,$0,$4 # c+= overflow
- subq $19,4,$19 # loop--
- cmpult $4,$0,$0 # overflow?
- addq $17,32,$17 # a++
- addq $0,$25,$0
- stq $4,24($16) # r[3]=c
- addq $18,32,$18 # b++
- addq $16,32,$16 # r++
-
- blt $19,$900
- ldq $5,0($17) # a[0]
- ldq $1,0($18) # b[1]
- br $901
- .align 4
-$945:
- ldq $5,0($17) # a[0]
- ldq $1,0($18) # b[1]
- addq $1,$5,$1 # r=a+b;
- subq $19,1,$19 # loop--
- addq $1,$0,$1 # c+= overflow
- addq $17,8,$17 # a++
- cmpult $1,$5,$22 # did we overflow?
- cmpult $1,$0,$0 # overflow?
- addq $18,8,$18 # b++
- stq $1,0($16) # r[0]=c
- addq $0,$22,$0
- addq $16,8,$16 # r++
-
- bgt $19,$945
- ret $31,($26),1 # else exit
-
-$900:
- addq $19,4,$19
- bgt $19,$945 # goto tail code
- ret $31,($26),1 # else exit
- .end bn_add_words
-
- #
- # What follows was taken directly from the C compiler with a few
- # hacks to redo the lables.
- #
-.text
- .align 3
- .globl bn_div_words
- .ent bn_div_words
-bn_div_words:
- ldgp $29,0($27)
-bn_div_words..ng:
- lda $30,-48($30)
- .frame $30,48,$26,0
- stq $26,0($30)
- stq $9,8($30)
- stq $10,16($30)
- stq $11,24($30)
- stq $12,32($30)
- stq $13,40($30)
- .mask 0x4003e00,-48
- .prologue 1
- bis $16,$16,$9
- bis $17,$17,$10
- bis $18,$18,$11
- bis $31,$31,$13
- bis $31,2,$12
- bne $11,$119
- lda $0,-1
- br $31,$136
- .align 4
-$119:
- bis $11,$11,$16
- jsr $26,BN_num_bits_word
- ldgp $29,0($26)
- subq $0,64,$1
- beq $1,$120
- bis $31,1,$1
- sll $1,$0,$1
- cmpule $9,$1,$1
- bne $1,$120
- # lda $16,_IO_stderr_
- # lda $17,$C32
- # bis $0,$0,$18
- # jsr $26,fprintf
- # ldgp $29,0($26)
- jsr $26,abort
- ldgp $29,0($26)
- .align 4
-$120:
- bis $31,64,$3
- cmpult $9,$11,$2
- subq $3,$0,$1
- addl $1,$31,$0
- subq $9,$11,$1
- cmoveq $2,$1,$9
- beq $0,$122
- zapnot $0,15,$2
- subq $3,$0,$1
- sll $11,$2,$11
- sll $9,$2,$3
- srl $10,$1,$1
- sll $10,$2,$10
- bis $3,$1,$9
-$122:
- srl $11,32,$5
- zapnot $11,15,$6
- lda $7,-1
- .align 5
-$123:
- srl $9,32,$1
- subq $1,$5,$1
- bne $1,$126
- zapnot $7,15,$27
- br $31,$127
- .align 4
-$126:
- bis $9,$9,$24
- bis $5,$5,$25
- divqu $24,$25,$27
-$127:
- srl $10,32,$4
- .align 5
-$128:
- mulq $27,$5,$1
- subq $9,$1,$3
- zapnot $3,240,$1
- bne $1,$129
- mulq $6,$27,$2
- sll $3,32,$1
- addq $1,$4,$1
- cmpule $2,$1,$2
- bne $2,$129
- subq $27,1,$27
- br $31,$128
- .align 4
-$129:
- mulq $27,$6,$1
- mulq $27,$5,$4
- srl $1,32,$3
- sll $1,32,$1
- addq $4,$3,$4
- cmpult $10,$1,$2
- subq $10,$1,$10
- addq $2,$4,$2
- cmpult $9,$2,$1
- bis $2,$2,$4
- beq $1,$134
- addq $9,$11,$9
- subq $27,1,$27
-$134:
- subl $12,1,$12
- subq $9,$4,$9
- beq $12,$124
- sll $27,32,$13
- sll $9,32,$2
- srl $10,32,$1
- sll $10,32,$10
- bis $2,$1,$9
- br $31,$123
- .align 4
-$124:
- bis $13,$27,$0
-$136:
- ldq $26,0($30)
- ldq $9,8($30)
- ldq $10,16($30)
- ldq $11,24($30)
- ldq $12,32($30)
- ldq $13,40($30)
- addq $30,48,$30
- ret $31,($26),1
- .end bn_div_words
-
- .set noat
- .text
- .align 3
- .globl bn_sub_words
- .ent bn_sub_words
-bn_sub_words:
-bn_sub_words..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- subq $19, 4, $19
- bis $31, $31, $0
- blt $19, $100
- ldq $1, 0($17)
- ldq $2, 0($18)
-$101:
- ldq $3, 8($17)
- cmpult $1, $2, $4
- ldq $5, 8($18)
- subq $1, $2, $1
- ldq $6, 16($17)
- cmpult $1, $0, $2
- ldq $7, 16($18)
- subq $1, $0, $23
- ldq $8, 24($17)
- addq $2, $4, $0
- cmpult $3, $5, $24
- subq $3, $5, $3
- ldq $22, 24($18)
- cmpult $3, $0, $5
- subq $3, $0, $25
- addq $5, $24, $0
- cmpult $6, $7, $27
- subq $6, $7, $6
- stq $23, 0($16)
- cmpult $6, $0, $7
- subq $6, $0, $28
- addq $7, $27, $0
- cmpult $8, $22, $21
- subq $8, $22, $8
- stq $25, 8($16)
- cmpult $8, $0, $22
- subq $8, $0, $20
- addq $22, $21, $0
- stq $28, 16($16)
- subq $19, 4, $19
- stq $20, 24($16)
- addq $17, 32, $17
- addq $18, 32, $18
- addq $16, 32, $16
- blt $19, $100
- ldq $1, 0($17)
- ldq $2, 0($18)
- br $101
-$102:
- ldq $1, 0($17)
- ldq $2, 0($18)
- cmpult $1, $2, $27
- subq $1, $2, $1
- cmpult $1, $0, $2
- subq $1, $0, $1
- stq $1, 0($16)
- addq $2, $27, $0
- addq $17, 8, $17
- addq $18, 8, $18
- addq $16, 8, $16
- subq $19, 1, $19
- bgt $19, $102
- ret $31,($26),1
-$100:
- addq $19, 4, $19
- bgt $19, $102
-$103:
- ret $31,($26),1
- .end bn_sub_words
- .text
- .align 3
- .globl bn_mul_comba4
- .ent bn_mul_comba4
-bn_mul_comba4:
-bn_mul_comba4..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- ldq $0, 0($17)
- ldq $1, 0($18)
- ldq $2, 8($17)
- ldq $3, 8($18)
- ldq $4, 16($17)
- ldq $5, 16($18)
- ldq $6, 24($17)
- ldq $7, 24($18)
- bis $31, $31, $23
- mulq $0, $1, $8
- umulh $0, $1, $22
- stq $8, 0($16)
- bis $31, $31, $8
- mulq $0, $3, $24
- umulh $0, $3, $25
- addq $22, $24, $22
- cmpult $22, $24, $27
- addq $27, $25, $25
- addq $23, $25, $23
- cmpult $23, $25, $28
- addq $8, $28, $8
- mulq $2, $1, $21
- umulh $2, $1, $20
- addq $22, $21, $22
- cmpult $22, $21, $19
- addq $19, $20, $20
- addq $23, $20, $23
- cmpult $23, $20, $17
- addq $8, $17, $8
- stq $22, 8($16)
- bis $31, $31, $22
- mulq $2, $3, $18
- umulh $2, $3, $24
- addq $23, $18, $23
- cmpult $23, $18, $27
- addq $27, $24, $24
- addq $8, $24, $8
- cmpult $8, $24, $25
- addq $22, $25, $22
- mulq $0, $5, $28
- umulh $0, $5, $21
- addq $23, $28, $23
- cmpult $23, $28, $19
- addq $19, $21, $21
- addq $8, $21, $8
- cmpult $8, $21, $20
- addq $22, $20, $22
- mulq $4, $1, $17
- umulh $4, $1, $18
- addq $23, $17, $23
- cmpult $23, $17, $27
- addq $27, $18, $18
- addq $8, $18, $8
- cmpult $8, $18, $24
- addq $22, $24, $22
- stq $23, 16($16)
- bis $31, $31, $23
- mulq $0, $7, $25
- umulh $0, $7, $28
- addq $8, $25, $8
- cmpult $8, $25, $19
- addq $19, $28, $28
- addq $22, $28, $22
- cmpult $22, $28, $21
- addq $23, $21, $23
- mulq $2, $5, $20
- umulh $2, $5, $17
- addq $8, $20, $8
- cmpult $8, $20, $27
- addq $27, $17, $17
- addq $22, $17, $22
- cmpult $22, $17, $18
- addq $23, $18, $23
- mulq $4, $3, $24
- umulh $4, $3, $25
- addq $8, $24, $8
- cmpult $8, $24, $19
- addq $19, $25, $25
- addq $22, $25, $22
- cmpult $22, $25, $28
- addq $23, $28, $23
- mulq $6, $1, $21
- umulh $6, $1, $0
- addq $8, $21, $8
- cmpult $8, $21, $20
- addq $20, $0, $0
- addq $22, $0, $22
- cmpult $22, $0, $27
- addq $23, $27, $23
- stq $8, 24($16)
- bis $31, $31, $8
- mulq $2, $7, $17
- umulh $2, $7, $18
- addq $22, $17, $22
- cmpult $22, $17, $24
- addq $24, $18, $18
- addq $23, $18, $23
- cmpult $23, $18, $19
- addq $8, $19, $8
- mulq $4, $5, $25
- umulh $4, $5, $28
- addq $22, $25, $22
- cmpult $22, $25, $21
- addq $21, $28, $28
- addq $23, $28, $23
- cmpult $23, $28, $20
- addq $8, $20, $8
- mulq $6, $3, $0
- umulh $6, $3, $27
- addq $22, $0, $22
- cmpult $22, $0, $1
- addq $1, $27, $27
- addq $23, $27, $23
- cmpult $23, $27, $17
- addq $8, $17, $8
- stq $22, 32($16)
- bis $31, $31, $22
- mulq $4, $7, $24
- umulh $4, $7, $18
- addq $23, $24, $23
- cmpult $23, $24, $19
- addq $19, $18, $18
- addq $8, $18, $8
- cmpult $8, $18, $2
- addq $22, $2, $22
- mulq $6, $5, $25
- umulh $6, $5, $21
- addq $23, $25, $23
- cmpult $23, $25, $28
- addq $28, $21, $21
- addq $8, $21, $8
- cmpult $8, $21, $20
- addq $22, $20, $22
- stq $23, 40($16)
- bis $31, $31, $23
- mulq $6, $7, $0
- umulh $6, $7, $1
- addq $8, $0, $8
- cmpult $8, $0, $27
- addq $27, $1, $1
- addq $22, $1, $22
- cmpult $22, $1, $17
- addq $23, $17, $23
- stq $8, 48($16)
- stq $22, 56($16)
- ret $31,($26),1
- .end bn_mul_comba4
- .text
- .align 3
- .globl bn_mul_comba8
- .ent bn_mul_comba8
-bn_mul_comba8:
-bn_mul_comba8..ng:
- .frame $30,0,$26,0
- .prologue 0
- ldq $1, 0($17)
- ldq $2, 0($18)
- zapnot $1, 15, $7
- srl $2, 32, $8
- mulq $8, $7, $22
- srl $1, 32, $6
- zapnot $2, 15, $5
- mulq $5, $6, $4
- mulq $7, $5, $24
- addq $22, $4, $22
- cmpult $22, $4, $1
- mulq $6, $8, $3
- beq $1, $173
- bis $31, 1, $1
- sll $1, 32, $1
- addq $3, $1, $3
-$173:
- sll $22, 32, $4
- addq $24, $4, $24
- stq $24, 0($16)
- ldq $2, 0($17)
- ldq $1, 8($18)
- zapnot $2, 15, $7
- srl $1, 32, $8
- mulq $8, $7, $25
- zapnot $1, 15, $5
- mulq $7, $5, $0
- srl $2, 32, $6
- mulq $5, $6, $23
- mulq $6, $8, $6
- srl $22, 32, $1
- cmpult $24, $4, $2
- addq $3, $1, $3
- addq $2, $3, $22
- addq $25, $23, $25
- cmpult $25, $23, $1
- bis $31, 1, $2
- beq $1, $177
- sll $2, 32, $1
- addq $6, $1, $6
-$177:
- sll $25, 32, $23
- ldq $1, 0($18)
- addq $0, $23, $0
- bis $0, $0, $7
- ldq $3, 8($17)
- addq $22, $7, $22
- srl $1, 32, $8
- cmpult $22, $7, $4
- zapnot $3, 15, $7
- mulq $8, $7, $28
- zapnot $1, 15, $5
- mulq $7, $5, $21
- srl $25, 32, $1
- cmpult $0, $23, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $4, $6, $24
- srl $3, 32, $6
- mulq $5, $6, $2
- mulq $6, $8, $6
- addq $28, $2, $28
- cmpult $28, $2, $1
- bis $31, 1, $2
- beq $1, $181
- sll $2, 32, $1
- addq $6, $1, $6
-$181:
- sll $28, 32, $2
- addq $21, $2, $21
- bis $21, $21, $7
- addq $22, $7, $22
- stq $22, 8($16)
- ldq $3, 16($17)
- ldq $1, 0($18)
- cmpult $22, $7, $4
- zapnot $3, 15, $7
- srl $1, 32, $8
- mulq $8, $7, $22
- zapnot $1, 15, $5
- mulq $7, $5, $20
- srl $28, 32, $1
- cmpult $21, $2, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $4, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $23
- srl $3, 32, $6
- mulq $5, $6, $2
- mulq $6, $8, $6
- addq $22, $2, $22
- cmpult $22, $2, $1
- bis $31, 1, $2
- beq $1, $185
- sll $2, 32, $1
- addq $6, $1, $6
-$185:
- sll $22, 32, $2
- ldq $1, 8($18)
- addq $20, $2, $20
- bis $20, $20, $7
- ldq $4, 8($17)
- addq $24, $7, $24
- srl $1, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $25
- zapnot $1, 15, $5
- mulq $7, $5, $0
- srl $22, 32, $1
- cmpult $20, $2, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $22
- srl $4, 32, $6
- mulq $5, $6, $5
- bis $31, 1, $21
- addq $25, $5, $25
- cmpult $25, $5, $1
- mulq $6, $8, $6
- beq $1, $189
- sll $21, 32, $1
- addq $6, $1, $6
-$189:
- sll $25, 32, $5
- ldq $2, 16($18)
- addq $0, $5, $0
- bis $0, $0, $7
- ldq $4, 0($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $25, 32, $1
- addq $6, $1, $6
- cmpult $0, $5, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $1, $22, $22
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $193
- sll $21, 32, $1
- addq $6, $1, $6
-$193:
- sll $28, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $24, $7, $24
- stq $24, 16($16)
- ldq $4, 0($17)
- ldq $5, 24($18)
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $0
- srl $28, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $24
- mulq $7, $5, $2
- addq $1, $22, $22
- addq $0, $24, $0
- cmpult $0, $24, $1
- mulq $6, $8, $6
- beq $1, $197
- sll $21, 32, $1
- addq $6, $1, $6
-$197:
- sll $0, 32, $24
- ldq $1, 16($18)
- addq $2, $24, $2
- bis $2, $2, $7
- ldq $4, 8($17)
- addq $23, $7, $23
- srl $1, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $25
- zapnot $1, 15, $5
- mulq $7, $5, $21
- srl $0, 32, $1
- cmpult $2, $24, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $24
- srl $4, 32, $6
- mulq $5, $6, $5
- bis $31, 1, $20
- addq $25, $5, $25
- cmpult $25, $5, $1
- mulq $6, $8, $6
- beq $1, $201
- sll $20, 32, $1
- addq $6, $1, $6
-$201:
- sll $25, 32, $5
- ldq $2, 8($18)
- addq $21, $5, $21
- bis $21, $21, $7
- ldq $4, 16($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $25, 32, $1
- addq $6, $1, $6
- cmpult $21, $5, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $24, $24
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $205
- sll $20, 32, $1
- addq $6, $1, $6
-$205:
- sll $28, 32, $25
- ldq $2, 0($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 24($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $1, $24, $24
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $209
- sll $20, 32, $1
- addq $6, $1, $6
-$209:
- sll $0, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $23, $7, $23
- stq $23, 24($16)
- ldq $4, 32($17)
- ldq $5, 0($18)
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $28
- srl $0, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $23
- mulq $7, $5, $2
- addq $1, $24, $24
- addq $28, $23, $28
- cmpult $28, $23, $1
- mulq $6, $8, $6
- beq $1, $213
- sll $20, 32, $1
- addq $6, $1, $6
-$213:
- sll $28, 32, $23
- ldq $1, 8($18)
- addq $2, $23, $2
- bis $2, $2, $7
- ldq $4, 24($17)
- addq $22, $7, $22
- srl $1, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $25
- zapnot $1, 15, $5
- mulq $7, $5, $0
- srl $28, 32, $1
- cmpult $2, $23, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $23
- srl $4, 32, $6
- mulq $5, $6, $5
- bis $31, 1, $21
- addq $25, $5, $25
- cmpult $25, $5, $1
- mulq $6, $8, $6
- beq $1, $217
- sll $21, 32, $1
- addq $6, $1, $6
-$217:
- sll $25, 32, $5
- ldq $2, 16($18)
- addq $0, $5, $0
- bis $0, $0, $7
- ldq $4, 16($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $25, 32, $1
- addq $6, $1, $6
- cmpult $0, $5, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $23, $23
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $221
- sll $21, 32, $1
- addq $6, $1, $6
-$221:
- sll $28, 32, $25
- ldq $2, 24($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 8($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $23, $23
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $225
- sll $21, 32, $1
- addq $6, $1, $6
-$225:
- sll $0, 32, $25
- ldq $2, 32($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 0($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $0, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $1, $23, $23
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $229
- sll $21, 32, $1
- addq $6, $1, $6
-$229:
- sll $28, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $22, $7, $22
- stq $22, 32($16)
- ldq $4, 0($17)
- ldq $5, 40($18)
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $0
- srl $28, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $22
- mulq $7, $5, $2
- addq $1, $23, $23
- addq $0, $22, $0
- cmpult $0, $22, $1
- mulq $6, $8, $6
- beq $1, $233
- sll $21, 32, $1
- addq $6, $1, $6
-$233:
- sll $0, 32, $22
- ldq $1, 32($18)
- addq $2, $22, $2
- bis $2, $2, $7
- ldq $4, 8($17)
- addq $24, $7, $24
- srl $1, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $25
- zapnot $1, 15, $5
- mulq $7, $5, $21
- srl $0, 32, $1
- cmpult $2, $22, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $22
- srl $4, 32, $6
- mulq $5, $6, $5
- bis $31, 1, $20
- addq $25, $5, $25
- cmpult $25, $5, $1
- mulq $6, $8, $6
- beq $1, $237
- sll $20, 32, $1
- addq $6, $1, $6
-$237:
- sll $25, 32, $5
- ldq $2, 24($18)
- addq $21, $5, $21
- bis $21, $21, $7
- ldq $4, 16($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $25, 32, $1
- addq $6, $1, $6
- cmpult $21, $5, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $22, $22
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $241
- sll $20, 32, $1
- addq $6, $1, $6
-$241:
- sll $28, 32, $25
- ldq $2, 16($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 24($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $22, $22
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $245
- sll $20, 32, $1
- addq $6, $1, $6
-$245:
- sll $0, 32, $25
- ldq $2, 8($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 32($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $0, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $22, $22
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $249
- sll $20, 32, $1
- addq $6, $1, $6
-$249:
- sll $28, 32, $25
- ldq $2, 0($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 40($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $1, $22, $22
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $253
- sll $20, 32, $1
- addq $6, $1, $6
-$253:
- sll $0, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $24, $7, $24
- stq $24, 40($16)
- ldq $4, 48($17)
- ldq $5, 0($18)
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $28
- srl $0, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $24
- mulq $7, $5, $2
- addq $1, $22, $22
- addq $28, $24, $28
- cmpult $28, $24, $1
- mulq $6, $8, $6
- beq $1, $257
- sll $20, 32, $1
- addq $6, $1, $6
-$257:
- sll $28, 32, $24
- ldq $1, 8($18)
- addq $2, $24, $2
- bis $2, $2, $7
- ldq $4, 40($17)
- addq $23, $7, $23
- srl $1, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $25
- zapnot $1, 15, $5
- mulq $7, $5, $0
- srl $28, 32, $1
- cmpult $2, $24, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $24
- srl $4, 32, $6
- mulq $5, $6, $5
- bis $31, 1, $21
- addq $25, $5, $25
- cmpult $25, $5, $1
- mulq $6, $8, $6
- beq $1, $261
- sll $21, 32, $1
- addq $6, $1, $6
-$261:
- sll $25, 32, $5
- ldq $2, 16($18)
- addq $0, $5, $0
- bis $0, $0, $7
- ldq $4, 32($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $25, 32, $1
- addq $6, $1, $6
- cmpult $0, $5, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $24, $24
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $265
- sll $21, 32, $1
- addq $6, $1, $6
-$265:
- sll $28, 32, $25
- ldq $2, 24($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 24($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $24, $24
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $269
- sll $21, 32, $1
- addq $6, $1, $6
-$269:
- sll $0, 32, $25
- ldq $2, 32($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 16($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $0, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $24, $24
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $273
- sll $21, 32, $1
- addq $6, $1, $6
-$273:
- sll $28, 32, $25
- ldq $2, 40($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 8($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $24, $24
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $277
- sll $21, 32, $1
- addq $6, $1, $6
-$277:
- sll $0, 32, $25
- ldq $2, 48($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 0($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $0, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $1, $24, $24
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $281
- sll $21, 32, $1
- addq $6, $1, $6
-$281:
- sll $28, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $23, $7, $23
- stq $23, 48($16)
- ldq $4, 0($17)
- ldq $5, 56($18)
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $0
- srl $28, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $23
- mulq $7, $5, $2
- addq $1, $24, $24
- addq $0, $23, $0
- cmpult $0, $23, $1
- mulq $6, $8, $6
- beq $1, $285
- sll $21, 32, $1
- addq $6, $1, $6
-$285:
- sll $0, 32, $23
- ldq $1, 48($18)
- addq $2, $23, $2
- bis $2, $2, $7
- ldq $4, 8($17)
- addq $22, $7, $22
- srl $1, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $25
- zapnot $1, 15, $5
- mulq $7, $5, $21
- srl $0, 32, $1
- cmpult $2, $23, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $23
- srl $4, 32, $6
- mulq $5, $6, $5
- bis $31, 1, $20
- addq $25, $5, $25
- cmpult $25, $5, $1
- mulq $6, $8, $6
- beq $1, $289
- sll $20, 32, $1
- addq $6, $1, $6
-$289:
- sll $25, 32, $5
- ldq $2, 40($18)
- addq $21, $5, $21
- bis $21, $21, $7
- ldq $4, 16($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $25, 32, $1
- addq $6, $1, $6
- cmpult $21, $5, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $23, $23
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $293
- sll $20, 32, $1
- addq $6, $1, $6
-$293:
- sll $28, 32, $25
- ldq $2, 32($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 24($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $23, $23
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $297
- sll $20, 32, $1
- addq $6, $1, $6
-$297:
- sll $0, 32, $25
- ldq $2, 24($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 32($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $0, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $23, $23
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $301
- sll $20, 32, $1
- addq $6, $1, $6
-$301:
- sll $28, 32, $25
- ldq $2, 16($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 40($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $23, $23
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $305
- sll $20, 32, $1
- addq $6, $1, $6
-$305:
- sll $0, 32, $25
- ldq $2, 8($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 48($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $0, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $23, $23
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $309
- sll $20, 32, $1
- addq $6, $1, $6
-$309:
- sll $28, 32, $25
- ldq $2, 0($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 56($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $1, $23, $23
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $313
- sll $20, 32, $1
- addq $6, $1, $6
-$313:
- sll $0, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $22, $7, $22
- stq $22, 56($16)
- ldq $4, 56($17)
- ldq $5, 8($18)
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $28
- srl $0, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $22
- mulq $7, $5, $2
- addq $1, $23, $23
- addq $28, $22, $28
- cmpult $28, $22, $1
- mulq $6, $8, $6
- beq $1, $317
- sll $20, 32, $1
- addq $6, $1, $6
-$317:
- sll $28, 32, $22
- ldq $1, 16($18)
- addq $2, $22, $2
- bis $2, $2, $7
- ldq $4, 48($17)
- addq $24, $7, $24
- srl $1, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $25
- zapnot $1, 15, $5
- mulq $7, $5, $0
- srl $28, 32, $1
- cmpult $2, $22, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $22
- srl $4, 32, $6
- mulq $5, $6, $5
- bis $31, 1, $21
- addq $25, $5, $25
- cmpult $25, $5, $1
- mulq $6, $8, $6
- beq $1, $321
- sll $21, 32, $1
- addq $6, $1, $6
-$321:
- sll $25, 32, $5
- ldq $2, 24($18)
- addq $0, $5, $0
- bis $0, $0, $7
- ldq $4, 40($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $25, 32, $1
- addq $6, $1, $6
- cmpult $0, $5, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $22, $22
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $325
- sll $21, 32, $1
- addq $6, $1, $6
-$325:
- sll $28, 32, $25
- ldq $2, 32($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 32($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $22, $22
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $329
- sll $21, 32, $1
- addq $6, $1, $6
-$329:
- sll $0, 32, $25
- ldq $2, 40($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 24($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $0, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $22, $22
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $333
- sll $21, 32, $1
- addq $6, $1, $6
-$333:
- sll $28, 32, $25
- ldq $2, 48($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 16($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $22, $22
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $337
- sll $21, 32, $1
- addq $6, $1, $6
-$337:
- sll $0, 32, $25
- ldq $2, 56($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 8($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $0, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $1, $22, $22
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $341
- sll $21, 32, $1
- addq $6, $1, $6
-$341:
- sll $28, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $24, $7, $24
- stq $24, 64($16)
- ldq $4, 16($17)
- ldq $5, 56($18)
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $0
- srl $28, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $24
- mulq $7, $5, $2
- addq $1, $22, $22
- addq $0, $24, $0
- cmpult $0, $24, $1
- mulq $6, $8, $6
- beq $1, $345
- sll $21, 32, $1
- addq $6, $1, $6
-$345:
- sll $0, 32, $24
- ldq $1, 48($18)
- addq $2, $24, $2
- bis $2, $2, $7
- ldq $4, 24($17)
- addq $23, $7, $23
- srl $1, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $25
- zapnot $1, 15, $5
- mulq $7, $5, $21
- srl $0, 32, $1
- cmpult $2, $24, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $24
- srl $4, 32, $6
- mulq $5, $6, $5
- bis $31, 1, $20
- addq $25, $5, $25
- cmpult $25, $5, $1
- mulq $6, $8, $6
- beq $1, $349
- sll $20, 32, $1
- addq $6, $1, $6
-$349:
- sll $25, 32, $5
- ldq $2, 40($18)
- addq $21, $5, $21
- bis $21, $21, $7
- ldq $4, 32($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $25, 32, $1
- addq $6, $1, $6
- cmpult $21, $5, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $24, $24
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $353
- sll $20, 32, $1
- addq $6, $1, $6
-$353:
- sll $28, 32, $25
- ldq $2, 32($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 40($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $24, $24
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $357
- sll $20, 32, $1
- addq $6, $1, $6
-$357:
- sll $0, 32, $25
- ldq $2, 24($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 48($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $0, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $24, $24
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $361
- sll $20, 32, $1
- addq $6, $1, $6
-$361:
- sll $28, 32, $25
- ldq $2, 16($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 56($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $1, $24, $24
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $365
- sll $20, 32, $1
- addq $6, $1, $6
-$365:
- sll $0, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $23, $7, $23
- stq $23, 72($16)
- ldq $4, 56($17)
- ldq $5, 24($18)
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $28
- srl $0, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $23
- mulq $7, $5, $2
- addq $1, $24, $24
- addq $28, $23, $28
- cmpult $28, $23, $1
- mulq $6, $8, $6
- beq $1, $369
- sll $20, 32, $1
- addq $6, $1, $6
-$369:
- sll $28, 32, $23
- ldq $1, 32($18)
- addq $2, $23, $2
- bis $2, $2, $7
- ldq $4, 48($17)
- addq $22, $7, $22
- srl $1, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $25
- zapnot $1, 15, $5
- mulq $7, $5, $0
- srl $28, 32, $1
- cmpult $2, $23, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $23
- srl $4, 32, $6
- mulq $5, $6, $5
- bis $31, 1, $21
- addq $25, $5, $25
- cmpult $25, $5, $1
- mulq $6, $8, $6
- beq $1, $373
- sll $21, 32, $1
- addq $6, $1, $6
-$373:
- sll $25, 32, $5
- ldq $2, 40($18)
- addq $0, $5, $0
- bis $0, $0, $7
- ldq $4, 40($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $25, 32, $1
- addq $6, $1, $6
- cmpult $0, $5, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $23, $23
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $377
- sll $21, 32, $1
- addq $6, $1, $6
-$377:
- sll $28, 32, $25
- ldq $2, 48($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 32($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $23, $23
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $381
- sll $21, 32, $1
- addq $6, $1, $6
-$381:
- sll $0, 32, $25
- ldq $2, 56($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 24($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $0, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $1, $23, $23
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $385
- sll $21, 32, $1
- addq $6, $1, $6
-$385:
- sll $28, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $22, $7, $22
- stq $22, 80($16)
- ldq $4, 32($17)
- ldq $5, 56($18)
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $0
- srl $28, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $22
- mulq $7, $5, $2
- addq $1, $23, $23
- addq $0, $22, $0
- cmpult $0, $22, $1
- mulq $6, $8, $6
- beq $1, $389
- sll $21, 32, $1
- addq $6, $1, $6
-$389:
- sll $0, 32, $22
- ldq $1, 48($18)
- addq $2, $22, $2
- bis $2, $2, $7
- ldq $4, 40($17)
- addq $24, $7, $24
- srl $1, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $25
- zapnot $1, 15, $5
- mulq $7, $5, $21
- srl $0, 32, $1
- cmpult $2, $22, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $22
- srl $4, 32, $6
- mulq $5, $6, $5
- bis $31, 1, $20
- addq $25, $5, $25
- cmpult $25, $5, $1
- mulq $6, $8, $6
- beq $1, $393
- sll $20, 32, $1
- addq $6, $1, $6
-$393:
- sll $25, 32, $5
- ldq $2, 40($18)
- addq $21, $5, $21
- bis $21, $21, $7
- ldq $4, 48($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $25, 32, $1
- addq $6, $1, $6
- cmpult $21, $5, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $1, $22, $22
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $397
- sll $20, 32, $1
- addq $6, $1, $6
-$397:
- sll $28, 32, $25
- ldq $2, 32($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 56($17)
- addq $24, $7, $24
- srl $2, 32, $8
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $21
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $1, $22, $22
- addq $21, $25, $21
- cmpult $21, $25, $1
- mulq $6, $8, $6
- beq $1, $401
- sll $20, 32, $1
- addq $6, $1, $6
-$401:
- sll $21, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $24, $7, $24
- stq $24, 88($16)
- ldq $4, 56($17)
- ldq $5, 40($18)
- cmpult $24, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $0
- srl $21, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $23, $6, $23
- cmpult $23, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $24
- mulq $7, $5, $5
- addq $1, $22, $22
- addq $0, $24, $0
- cmpult $0, $24, $1
- mulq $6, $8, $6
- beq $1, $405
- sll $20, 32, $1
- addq $6, $1, $6
-$405:
- sll $0, 32, $24
- ldq $2, 48($18)
- addq $5, $24, $5
- bis $5, $5, $7
- ldq $4, 48($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $28
- srl $0, 32, $1
- addq $6, $1, $6
- cmpult $5, $24, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $24
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $5
- addq $28, $25, $28
- cmpult $28, $25, $1
- mulq $6, $8, $6
- beq $1, $409
- sll $20, 32, $1
- addq $6, $1, $6
-$409:
- sll $28, 32, $25
- ldq $2, 56($18)
- addq $5, $25, $5
- bis $5, $5, $7
- ldq $4, 40($17)
- addq $23, $7, $23
- srl $2, 32, $8
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $25, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $1, $24, $24
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $413
- sll $20, 32, $1
- addq $6, $1, $6
-$413:
- sll $0, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $23, $7, $23
- stq $23, 96($16)
- ldq $4, 48($17)
- ldq $5, 56($18)
- cmpult $23, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $28
- srl $0, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $22, $6, $22
- cmpult $22, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $23
- mulq $7, $5, $5
- addq $1, $24, $24
- addq $28, $23, $28
- cmpult $28, $23, $1
- mulq $6, $8, $6
- beq $1, $417
- sll $20, 32, $1
- addq $6, $1, $6
-$417:
- sll $28, 32, $23
- ldq $2, 48($18)
- addq $5, $23, $5
- bis $5, $5, $7
- ldq $4, 56($17)
- addq $22, $7, $22
- srl $2, 32, $8
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- mulq $8, $7, $0
- srl $28, 32, $1
- addq $6, $1, $6
- cmpult $5, $23, $1
- zapnot $2, 15, $5
- addq $1, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $23
- srl $4, 32, $6
- mulq $5, $6, $25
- mulq $7, $5, $2
- addq $0, $25, $0
- cmpult $0, $25, $1
- mulq $6, $8, $6
- beq $1, $421
- sll $20, 32, $1
- addq $6, $1, $6
-$421:
- sll $0, 32, $25
- addq $2, $25, $2
- bis $2, $2, $7
- addq $22, $7, $22
- stq $22, 104($16)
- ldq $4, 56($17)
- ldq $5, 56($18)
- cmpult $22, $7, $3
- zapnot $4, 15, $7
- srl $5, 32, $8
- mulq $8, $7, $28
- srl $0, 32, $1
- cmpult $2, $25, $2
- addq $6, $1, $6
- addq $2, $6, $6
- addq $3, $6, $6
- addq $24, $6, $24
- cmpult $24, $6, $1
- srl $4, 32, $6
- zapnot $5, 15, $5
- mulq $5, $6, $22
- mulq $7, $5, $2
- addq $1, $23, $23
- addq $28, $22, $28
- cmpult $28, $22, $1
- mulq $6, $8, $3
- beq $1, $425
- sll $20, 32, $1
- addq $3, $1, $3
-$425:
- sll $28, 32, $22
- srl $28, 32, $1
- addq $2, $22, $2
- addq $3, $1, $3
- bis $2, $2, $7
- addq $24, $7, $24
- cmpult $7, $22, $1
- cmpult $24, $7, $2
- addq $1, $3, $6
- addq $2, $6, $6
- stq $24, 112($16)
- addq $23, $6, $23
- stq $23, 120($16)
- ret $31, ($26), 1
- .end bn_mul_comba8
- .text
- .align 3
- .globl bn_sqr_comba4
- .ent bn_sqr_comba4
-bn_sqr_comba4:
-bn_sqr_comba4..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- ldq $0, 0($17)
- ldq $1, 8($17)
- ldq $2, 16($17)
- ldq $3, 24($17)
- bis $31, $31, $6
- mulq $0, $0, $4
- umulh $0, $0, $5
- stq $4, 0($16)
- bis $31, $31, $4
- mulq $0, $1, $7
- umulh $0, $1, $8
- cmplt $7, $31, $22
- cmplt $8, $31, $23
- addq $7, $7, $7
- addq $8, $8, $8
- addq $8, $22, $8
- addq $4, $23, $4
- addq $5, $7, $5
- addq $6, $8, $6
- cmpult $5, $7, $24
- cmpult $6, $8, $25
- addq $6, $24, $6
- addq $4, $25, $4
- stq $5, 8($16)
- bis $31, $31, $5
- mulq $1, $1, $27
- umulh $1, $1, $28
- addq $6, $27, $6
- addq $4, $28, $4
- cmpult $6, $27, $21
- cmpult $4, $28, $20
- addq $4, $21, $4
- addq $5, $20, $5
- mulq $2, $0, $19
- umulh $2, $0, $18
- cmplt $19, $31, $17
- cmplt $18, $31, $22
- addq $19, $19, $19
- addq $18, $18, $18
- addq $18, $17, $18
- addq $5, $22, $5
- addq $6, $19, $6
- addq $4, $18, $4
- cmpult $6, $19, $23
- cmpult $4, $18, $7
- addq $4, $23, $4
- addq $5, $7, $5
- stq $6, 16($16)
- bis $31, $31, $6
- mulq $3, $0, $8
- umulh $3, $0, $24
- cmplt $8, $31, $25
- cmplt $24, $31, $27
- addq $8, $8, $8
- addq $24, $24, $24
- addq $24, $25, $24
- addq $6, $27, $6
- addq $4, $8, $4
- addq $5, $24, $5
- cmpult $4, $8, $28
- cmpult $5, $24, $21
- addq $5, $28, $5
- addq $6, $21, $6
- mulq $2, $1, $20
- umulh $2, $1, $17
- cmplt $20, $31, $22
- cmplt $17, $31, $19
- addq $20, $20, $20
- addq $17, $17, $17
- addq $17, $22, $17
- addq $6, $19, $6
- addq $4, $20, $4
- addq $5, $17, $5
- cmpult $4, $20, $18
- cmpult $5, $17, $23
- addq $5, $18, $5
- addq $6, $23, $6
- stq $4, 24($16)
- bis $31, $31, $4
- mulq $2, $2, $7
- umulh $2, $2, $25
- addq $5, $7, $5
- addq $6, $25, $6
- cmpult $5, $7, $27
- cmpult $6, $25, $8
- addq $6, $27, $6
- addq $4, $8, $4
- mulq $3, $1, $24
- umulh $3, $1, $28
- cmplt $24, $31, $21
- cmplt $28, $31, $22
- addq $24, $24, $24
- addq $28, $28, $28
- addq $28, $21, $28
- addq $4, $22, $4
- addq $5, $24, $5
- addq $6, $28, $6
- cmpult $5, $24, $19
- cmpult $6, $28, $20
- addq $6, $19, $6
- addq $4, $20, $4
- stq $5, 32($16)
- bis $31, $31, $5
- mulq $3, $2, $17
- umulh $3, $2, $18
- cmplt $17, $31, $23
- cmplt $18, $31, $7
- addq $17, $17, $17
- addq $18, $18, $18
- addq $18, $23, $18
- addq $5, $7, $5
- addq $6, $17, $6
- addq $4, $18, $4
- cmpult $6, $17, $25
- cmpult $4, $18, $27
- addq $4, $25, $4
- addq $5, $27, $5
- stq $6, 40($16)
- bis $31, $31, $6
- mulq $3, $3, $8
- umulh $3, $3, $21
- addq $4, $8, $4
- addq $5, $21, $5
- cmpult $4, $8, $22
- cmpult $5, $21, $24
- addq $5, $22, $5
- addq $6, $24, $6
- stq $4, 48($16)
- stq $5, 56($16)
- ret $31,($26),1
- .end bn_sqr_comba4
- .text
- .align 3
- .globl bn_sqr_comba8
- .ent bn_sqr_comba8
-bn_sqr_comba8:
-bn_sqr_comba8..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- ldq $0, 0($17)
- ldq $1, 8($17)
- ldq $2, 16($17)
- ldq $3, 24($17)
- ldq $4, 32($17)
- ldq $5, 40($17)
- ldq $6, 48($17)
- ldq $7, 56($17)
- bis $31, $31, $23
- mulq $0, $0, $8
- umulh $0, $0, $22
- stq $8, 0($16)
- bis $31, $31, $8
- mulq $1, $0, $24
- umulh $1, $0, $25
- cmplt $24, $31, $27
- cmplt $25, $31, $28
- addq $24, $24, $24
- addq $25, $25, $25
- addq $25, $27, $25
- addq $8, $28, $8
- addq $22, $24, $22
- addq $23, $25, $23
- cmpult $22, $24, $21
- cmpult $23, $25, $20
- addq $23, $21, $23
- addq $8, $20, $8
- stq $22, 8($16)
- bis $31, $31, $22
- mulq $1, $1, $19
- umulh $1, $1, $18
- addq $23, $19, $23
- addq $8, $18, $8
- cmpult $23, $19, $17
- cmpult $8, $18, $27
- addq $8, $17, $8
- addq $22, $27, $22
- mulq $2, $0, $28
- umulh $2, $0, $24
- cmplt $28, $31, $25
- cmplt $24, $31, $21
- addq $28, $28, $28
- addq $24, $24, $24
- addq $24, $25, $24
- addq $22, $21, $22
- addq $23, $28, $23
- addq $8, $24, $8
- cmpult $23, $28, $20
- cmpult $8, $24, $19
- addq $8, $20, $8
- addq $22, $19, $22
- stq $23, 16($16)
- bis $31, $31, $23
- mulq $2, $1, $18
- umulh $2, $1, $17
- cmplt $18, $31, $27
- cmplt $17, $31, $25
- addq $18, $18, $18
- addq $17, $17, $17
- addq $17, $27, $17
- addq $23, $25, $23
- addq $8, $18, $8
- addq $22, $17, $22
- cmpult $8, $18, $21
- cmpult $22, $17, $28
- addq $22, $21, $22
- addq $23, $28, $23
- mulq $3, $0, $24
- umulh $3, $0, $20
- cmplt $24, $31, $19
- cmplt $20, $31, $27
- addq $24, $24, $24
- addq $20, $20, $20
- addq $20, $19, $20
- addq $23, $27, $23
- addq $8, $24, $8
- addq $22, $20, $22
- cmpult $8, $24, $25
- cmpult $22, $20, $18
- addq $22, $25, $22
- addq $23, $18, $23
- stq $8, 24($16)
- bis $31, $31, $8
- mulq $2, $2, $17
- umulh $2, $2, $21
- addq $22, $17, $22
- addq $23, $21, $23
- cmpult $22, $17, $28
- cmpult $23, $21, $19
- addq $23, $28, $23
- addq $8, $19, $8
- mulq $3, $1, $27
- umulh $3, $1, $24
- cmplt $27, $31, $20
- cmplt $24, $31, $25
- addq $27, $27, $27
- addq $24, $24, $24
- addq $24, $20, $24
- addq $8, $25, $8
- addq $22, $27, $22
- addq $23, $24, $23
- cmpult $22, $27, $18
- cmpult $23, $24, $17
- addq $23, $18, $23
- addq $8, $17, $8
- mulq $4, $0, $21
- umulh $4, $0, $28
- cmplt $21, $31, $19
- cmplt $28, $31, $20
- addq $21, $21, $21
- addq $28, $28, $28
- addq $28, $19, $28
- addq $8, $20, $8
- addq $22, $21, $22
- addq $23, $28, $23
- cmpult $22, $21, $25
- cmpult $23, $28, $27
- addq $23, $25, $23
- addq $8, $27, $8
- stq $22, 32($16)
- bis $31, $31, $22
- mulq $3, $2, $24
- umulh $3, $2, $18
- cmplt $24, $31, $17
- cmplt $18, $31, $19
- addq $24, $24, $24
- addq $18, $18, $18
- addq $18, $17, $18
- addq $22, $19, $22
- addq $23, $24, $23
- addq $8, $18, $8
- cmpult $23, $24, $20
- cmpult $8, $18, $21
- addq $8, $20, $8
- addq $22, $21, $22
- mulq $4, $1, $28
- umulh $4, $1, $25
- cmplt $28, $31, $27
- cmplt $25, $31, $17
- addq $28, $28, $28
- addq $25, $25, $25
- addq $25, $27, $25
- addq $22, $17, $22
- addq $23, $28, $23
- addq $8, $25, $8
- cmpult $23, $28, $19
- cmpult $8, $25, $24
- addq $8, $19, $8
- addq $22, $24, $22
- mulq $5, $0, $18
- umulh $5, $0, $20
- cmplt $18, $31, $21
- cmplt $20, $31, $27
- addq $18, $18, $18
- addq $20, $20, $20
- addq $20, $21, $20
- addq $22, $27, $22
- addq $23, $18, $23
- addq $8, $20, $8
- cmpult $23, $18, $17
- cmpult $8, $20, $28
- addq $8, $17, $8
- addq $22, $28, $22
- stq $23, 40($16)
- bis $31, $31, $23
- mulq $3, $3, $25
- umulh $3, $3, $19
- addq $8, $25, $8
- addq $22, $19, $22
- cmpult $8, $25, $24
- cmpult $22, $19, $21
- addq $22, $24, $22
- addq $23, $21, $23
- mulq $4, $2, $27
- umulh $4, $2, $18
- cmplt $27, $31, $20
- cmplt $18, $31, $17
- addq $27, $27, $27
- addq $18, $18, $18
- addq $18, $20, $18
- addq $23, $17, $23
- addq $8, $27, $8
- addq $22, $18, $22
- cmpult $8, $27, $28
- cmpult $22, $18, $25
- addq $22, $28, $22
- addq $23, $25, $23
- mulq $5, $1, $19
- umulh $5, $1, $24
- cmplt $19, $31, $21
- cmplt $24, $31, $20
- addq $19, $19, $19
- addq $24, $24, $24
- addq $24, $21, $24
- addq $23, $20, $23
- addq $8, $19, $8
- addq $22, $24, $22
- cmpult $8, $19, $17
- cmpult $22, $24, $27
- addq $22, $17, $22
- addq $23, $27, $23
- mulq $6, $0, $18
- umulh $6, $0, $28
- cmplt $18, $31, $25
- cmplt $28, $31, $21
- addq $18, $18, $18
- addq $28, $28, $28
- addq $28, $25, $28
- addq $23, $21, $23
- addq $8, $18, $8
- addq $22, $28, $22
- cmpult $8, $18, $20
- cmpult $22, $28, $19
- addq $22, $20, $22
- addq $23, $19, $23
- stq $8, 48($16)
- bis $31, $31, $8
- mulq $4, $3, $24
- umulh $4, $3, $17
- cmplt $24, $31, $27
- cmplt $17, $31, $25
- addq $24, $24, $24
- addq $17, $17, $17
- addq $17, $27, $17
- addq $8, $25, $8
- addq $22, $24, $22
- addq $23, $17, $23
- cmpult $22, $24, $21
- cmpult $23, $17, $18
- addq $23, $21, $23
- addq $8, $18, $8
- mulq $5, $2, $28
- umulh $5, $2, $20
- cmplt $28, $31, $19
- cmplt $20, $31, $27
- addq $28, $28, $28
- addq $20, $20, $20
- addq $20, $19, $20
- addq $8, $27, $8
- addq $22, $28, $22
- addq $23, $20, $23
- cmpult $22, $28, $25
- cmpult $23, $20, $24
- addq $23, $25, $23
- addq $8, $24, $8
- mulq $6, $1, $17
- umulh $6, $1, $21
- cmplt $17, $31, $18
- cmplt $21, $31, $19
- addq $17, $17, $17
- addq $21, $21, $21
- addq $21, $18, $21
- addq $8, $19, $8
- addq $22, $17, $22
- addq $23, $21, $23
- cmpult $22, $17, $27
- cmpult $23, $21, $28
- addq $23, $27, $23
- addq $8, $28, $8
- mulq $7, $0, $20
- umulh $7, $0, $25
- cmplt $20, $31, $24
- cmplt $25, $31, $18
- addq $20, $20, $20
- addq $25, $25, $25
- addq $25, $24, $25
- addq $8, $18, $8
- addq $22, $20, $22
- addq $23, $25, $23
- cmpult $22, $20, $19
- cmpult $23, $25, $17
- addq $23, $19, $23
- addq $8, $17, $8
- stq $22, 56($16)
- bis $31, $31, $22
- mulq $4, $4, $21
- umulh $4, $4, $27
- addq $23, $21, $23
- addq $8, $27, $8
- cmpult $23, $21, $28
- cmpult $8, $27, $24
- addq $8, $28, $8
- addq $22, $24, $22
- mulq $5, $3, $18
- umulh $5, $3, $20
- cmplt $18, $31, $25
- cmplt $20, $31, $19
- addq $18, $18, $18
- addq $20, $20, $20
- addq $20, $25, $20
- addq $22, $19, $22
- addq $23, $18, $23
- addq $8, $20, $8
- cmpult $23, $18, $17
- cmpult $8, $20, $21
- addq $8, $17, $8
- addq $22, $21, $22
- mulq $6, $2, $27
- umulh $6, $2, $28
- cmplt $27, $31, $24
- cmplt $28, $31, $25
- addq $27, $27, $27
- addq $28, $28, $28
- addq $28, $24, $28
- addq $22, $25, $22
- addq $23, $27, $23
- addq $8, $28, $8
- cmpult $23, $27, $19
- cmpult $8, $28, $18
- addq $8, $19, $8
- addq $22, $18, $22
- mulq $7, $1, $20
- umulh $7, $1, $17
- cmplt $20, $31, $21
- cmplt $17, $31, $24
- addq $20, $20, $20
- addq $17, $17, $17
- addq $17, $21, $17
- addq $22, $24, $22
- addq $23, $20, $23
- addq $8, $17, $8
- cmpult $23, $20, $25
- cmpult $8, $17, $27
- addq $8, $25, $8
- addq $22, $27, $22
- stq $23, 64($16)
- bis $31, $31, $23
- mulq $5, $4, $28
- umulh $5, $4, $19
- cmplt $28, $31, $18
- cmplt $19, $31, $21
- addq $28, $28, $28
- addq $19, $19, $19
- addq $19, $18, $19
- addq $23, $21, $23
- addq $8, $28, $8
- addq $22, $19, $22
- cmpult $8, $28, $24
- cmpult $22, $19, $20
- addq $22, $24, $22
- addq $23, $20, $23
- mulq $6, $3, $17
- umulh $6, $3, $25
- cmplt $17, $31, $27
- cmplt $25, $31, $18
- addq $17, $17, $17
- addq $25, $25, $25
- addq $25, $27, $25
- addq $23, $18, $23
- addq $8, $17, $8
- addq $22, $25, $22
- cmpult $8, $17, $21
- cmpult $22, $25, $28
- addq $22, $21, $22
- addq $23, $28, $23
- mulq $7, $2, $19
- umulh $7, $2, $24
- cmplt $19, $31, $20
- cmplt $24, $31, $27
- addq $19, $19, $19
- addq $24, $24, $24
- addq $24, $20, $24
- addq $23, $27, $23
- addq $8, $19, $8
- addq $22, $24, $22
- cmpult $8, $19, $18
- cmpult $22, $24, $17
- addq $22, $18, $22
- addq $23, $17, $23
- stq $8, 72($16)
- bis $31, $31, $8
- mulq $5, $5, $25
- umulh $5, $5, $21
- addq $22, $25, $22
- addq $23, $21, $23
- cmpult $22, $25, $28
- cmpult $23, $21, $20
- addq $23, $28, $23
- addq $8, $20, $8
- mulq $6, $4, $27
- umulh $6, $4, $19
- cmplt $27, $31, $24
- cmplt $19, $31, $18
- addq $27, $27, $27
- addq $19, $19, $19
- addq $19, $24, $19
- addq $8, $18, $8
- addq $22, $27, $22
- addq $23, $19, $23
- cmpult $22, $27, $17
- cmpult $23, $19, $25
- addq $23, $17, $23
- addq $8, $25, $8
- mulq $7, $3, $21
- umulh $7, $3, $28
- cmplt $21, $31, $20
- cmplt $28, $31, $24
- addq $21, $21, $21
- addq $28, $28, $28
- addq $28, $20, $28
- addq $8, $24, $8
- addq $22, $21, $22
- addq $23, $28, $23
- cmpult $22, $21, $18
- cmpult $23, $28, $27
- addq $23, $18, $23
- addq $8, $27, $8
- stq $22, 80($16)
- bis $31, $31, $22
- mulq $6, $5, $19
- umulh $6, $5, $17
- cmplt $19, $31, $25
- cmplt $17, $31, $20
- addq $19, $19, $19
- addq $17, $17, $17
- addq $17, $25, $17
- addq $22, $20, $22
- addq $23, $19, $23
- addq $8, $17, $8
- cmpult $23, $19, $24
- cmpult $8, $17, $21
- addq $8, $24, $8
- addq $22, $21, $22
- mulq $7, $4, $28
- umulh $7, $4, $18
- cmplt $28, $31, $27
- cmplt $18, $31, $25
- addq $28, $28, $28
- addq $18, $18, $18
- addq $18, $27, $18
- addq $22, $25, $22
- addq $23, $28, $23
- addq $8, $18, $8
- cmpult $23, $28, $20
- cmpult $8, $18, $19
- addq $8, $20, $8
- addq $22, $19, $22
- stq $23, 88($16)
- bis $31, $31, $23
- mulq $6, $6, $17
- umulh $6, $6, $24
- addq $8, $17, $8
- addq $22, $24, $22
- cmpult $8, $17, $21
- cmpult $22, $24, $27
- addq $22, $21, $22
- addq $23, $27, $23
- mulq $7, $5, $25
- umulh $7, $5, $28
- cmplt $25, $31, $18
- cmplt $28, $31, $20
- addq $25, $25, $25
- addq $28, $28, $28
- addq $28, $18, $28
- addq $23, $20, $23
- addq $8, $25, $8
- addq $22, $28, $22
- cmpult $8, $25, $19
- cmpult $22, $28, $17
- addq $22, $19, $22
- addq $23, $17, $23
- stq $8, 96($16)
- bis $31, $31, $8
- mulq $7, $6, $24
- umulh $7, $6, $21
- cmplt $24, $31, $27
- cmplt $21, $31, $18
- addq $24, $24, $24
- addq $21, $21, $21
- addq $21, $27, $21
- addq $8, $18, $8
- addq $22, $24, $22
- addq $23, $21, $23
- cmpult $22, $24, $20
- cmpult $23, $21, $25
- addq $23, $20, $23
- addq $8, $25, $8
- stq $22, 104($16)
- bis $31, $31, $22
- mulq $7, $7, $28
- umulh $7, $7, $19
- addq $23, $28, $23
- addq $8, $19, $8
- cmpult $23, $28, $17
- cmpult $8, $19, $27
- addq $8, $17, $8
- addq $22, $27, $22
- stq $23, 112($16)
- stq $8, 120($16)
- ret $31,($26),1
- .end bn_sqr_comba8
--- crypto/openssl/crypto/bn/asm/bn-alpha.pl
+++ /dev/null
@@ -1,571 +0,0 @@
-#!/usr/local/bin/perl
-# I have this in perl so I can use more usefull register names and then convert
-# them into alpha registers.
-#
-
-$d=&data();
-$d =~ s/CC/0/g;
-$d =~ s/R1/1/g;
-$d =~ s/R2/2/g;
-$d =~ s/R3/3/g;
-$d =~ s/R4/4/g;
-$d =~ s/L1/5/g;
-$d =~ s/L2/6/g;
-$d =~ s/L3/7/g;
-$d =~ s/L4/8/g;
-$d =~ s/O1/22/g;
-$d =~ s/O2/23/g;
-$d =~ s/O3/24/g;
-$d =~ s/O4/25/g;
-$d =~ s/A1/20/g;
-$d =~ s/A2/21/g;
-$d =~ s/A3/27/g;
-$d =~ s/A4/28/g;
-if (0){
-}
-
-print $d;
-
-sub data
- {
- local($data)=<<'EOF';
-
- # DEC Alpha assember
- # The bn_div_words is actually gcc output but the other parts are hand done.
- # Thanks to tzeruch at ceddec.com for sending me the gcc output for
- # bn_div_words.
- # I've gone back and re-done most of routines.
- # The key thing to remeber for the 164 CPU is that while a
- # multiply operation takes 8 cycles, another one can only be issued
- # after 4 cycles have elapsed. I've done modification to help
- # improve this. Also, normally, a ld instruction will not be available
- # for about 3 cycles.
- .file 1 "bn_asm.c"
- .set noat
-gcc2_compiled.:
-__gnu_compiled_c:
- .text
- .align 3
- .globl bn_mul_add_words
- .ent bn_mul_add_words
-bn_mul_add_words:
-bn_mul_add_words..ng:
- .frame $30,0,$26,0
- .prologue 0
- .align 5
- subq $18,4,$18
- bis $31,$31,$CC
- blt $18,$43 # if we are -1, -2, -3 or -4 goto tail code
- ldq $A1,0($17) # 1 1
- ldq $R1,0($16) # 1 1
- .align 3
-$42:
- mulq $A1,$19,$L1 # 1 2 1 ######
- ldq $A2,8($17) # 2 1
- ldq $R2,8($16) # 2 1
- umulh $A1,$19,$A1 # 1 2 ######
- ldq $A3,16($17) # 3 1
- ldq $R3,16($16) # 3 1
- mulq $A2,$19,$L2 # 2 2 1 ######
- ldq $A4,24($17) # 4 1
- addq $R1,$L1,$R1 # 1 2 2
- ldq $R4,24($16) # 4 1
- umulh $A2,$19,$A2 # 2 2 ######
- cmpult $R1,$L1,$O1 # 1 2 3 1
- addq $A1,$O1,$A1 # 1 3 1
- addq $R1,$CC,$R1 # 1 2 3 1
- mulq $A3,$19,$L3 # 3 2 1 ######
- cmpult $R1,$CC,$CC # 1 2 3 2
- addq $R2,$L2,$R2 # 2 2 2
- addq $A1,$CC,$CC # 1 3 2
- cmpult $R2,$L2,$O2 # 2 2 3 1
- addq $A2,$O2,$A2 # 2 3 1
- umulh $A3,$19,$A3 # 3 2 ######
- addq $R2,$CC,$R2 # 2 2 3 1
- cmpult $R2,$CC,$CC # 2 2 3 2
- subq $18,4,$18
- mulq $A4,$19,$L4 # 4 2 1 ######
- addq $A2,$CC,$CC # 2 3 2
- addq $R3,$L3,$R3 # 3 2 2
- addq $16,32,$16
- cmpult $R3,$L3,$O3 # 3 2 3 1
- stq $R1,-32($16) # 1 2 4
- umulh $A4,$19,$A4 # 4 2 ######
- addq $A3,$O3,$A3 # 3 3 1
- addq $R3,$CC,$R3 # 3 2 3 1
- stq $R2,-24($16) # 2 2 4
- cmpult $R3,$CC,$CC # 3 2 3 2
- stq $R3,-16($16) # 3 2 4
- addq $R4,$L4,$R4 # 4 2 2
- addq $A3,$CC,$CC # 3 3 2
- cmpult $R4,$L4,$O4 # 4 2 3 1
- addq $17,32,$17
- addq $A4,$O4,$A4 # 4 3 1
- addq $R4,$CC,$R4 # 4 2 3 1
- cmpult $R4,$CC,$CC # 4 2 3 2
- stq $R4,-8($16) # 4 2 4
- addq $A4,$CC,$CC # 4 3 2
- blt $18,$43
-
- ldq $A1,0($17) # 1 1
- ldq $R1,0($16) # 1 1
-
- br $42
-
- .align 4
-$45:
- ldq $A1,0($17) # 4 1
- ldq $R1,0($16) # 4 1
- mulq $A1,$19,$L1 # 4 2 1
- subq $18,1,$18
- addq $16,8,$16
- addq $17,8,$17
- umulh $A1,$19,$A1 # 4 2
- addq $R1,$L1,$R1 # 4 2 2
- cmpult $R1,$L1,$O1 # 4 2 3 1
- addq $A1,$O1,$A1 # 4 3 1
- addq $R1,$CC,$R1 # 4 2 3 1
- cmpult $R1,$CC,$CC # 4 2 3 2
- addq $A1,$CC,$CC # 4 3 2
- stq $R1,-8($16) # 4 2 4
- bgt $18,$45
- ret $31,($26),1 # else exit
-
- .align 4
-$43:
- addq $18,4,$18
- bgt $18,$45 # goto tail code
- ret $31,($26),1 # else exit
-
- .end bn_mul_add_words
- .align 3
- .globl bn_mul_words
- .ent bn_mul_words
-bn_mul_words:
-bn_mul_words..ng:
- .frame $30,0,$26,0
- .prologue 0
- .align 5
- subq $18,4,$18
- bis $31,$31,$CC
- blt $18,$143 # if we are -1, -2, -3 or -4 goto tail code
- ldq $A1,0($17) # 1 1
- .align 3
-$142:
-
- mulq $A1,$19,$L1 # 1 2 1 #####
- ldq $A2,8($17) # 2 1
- ldq $A3,16($17) # 3 1
- umulh $A1,$19,$A1 # 1 2 #####
- ldq $A4,24($17) # 4 1
- mulq $A2,$19,$L2 # 2 2 1 #####
- addq $L1,$CC,$L1 # 1 2 3 1
- subq $18,4,$18
- cmpult $L1,$CC,$CC # 1 2 3 2
- umulh $A2,$19,$A2 # 2 2 #####
- addq $A1,$CC,$CC # 1 3 2
- addq $17,32,$17
- addq $L2,$CC,$L2 # 2 2 3 1
- mulq $A3,$19,$L3 # 3 2 1 #####
- cmpult $L2,$CC,$CC # 2 2 3 2
- addq $A2,$CC,$CC # 2 3 2
- addq $16,32,$16
- umulh $A3,$19,$A3 # 3 2 #####
- stq $L1,-32($16) # 1 2 4
- mulq $A4,$19,$L4 # 4 2 1 #####
- addq $L3,$CC,$L3 # 3 2 3 1
- stq $L2,-24($16) # 2 2 4
- cmpult $L3,$CC,$CC # 3 2 3 2
- umulh $A4,$19,$A4 # 4 2 #####
- addq $A3,$CC,$CC # 3 3 2
- stq $L3,-16($16) # 3 2 4
- addq $L4,$CC,$L4 # 4 2 3 1
- cmpult $L4,$CC,$CC # 4 2 3 2
-
- addq $A4,$CC,$CC # 4 3 2
-
- stq $L4,-8($16) # 4 2 4
-
- blt $18,$143
-
- ldq $A1,0($17) # 1 1
-
- br $142
-
- .align 4
-$145:
- ldq $A1,0($17) # 4 1
- mulq $A1,$19,$L1 # 4 2 1
- subq $18,1,$18
- umulh $A1,$19,$A1 # 4 2
- addq $L1,$CC,$L1 # 4 2 3 1
- addq $16,8,$16
- cmpult $L1,$CC,$CC # 4 2 3 2
- addq $17,8,$17
- addq $A1,$CC,$CC # 4 3 2
- stq $L1,-8($16) # 4 2 4
-
- bgt $18,$145
- ret $31,($26),1 # else exit
-
- .align 4
-$143:
- addq $18,4,$18
- bgt $18,$145 # goto tail code
- ret $31,($26),1 # else exit
-
- .end bn_mul_words
- .align 3
- .globl bn_sqr_words
- .ent bn_sqr_words
-bn_sqr_words:
-bn_sqr_words..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- subq $18,4,$18
- blt $18,$543 # if we are -1, -2, -3 or -4 goto tail code
- ldq $A1,0($17) # 1 1
- .align 3
-$542:
- mulq $A1,$A1,$L1 ######
- ldq $A2,8($17) # 1 1
- subq $18,4
- umulh $A1,$A1,$R1 ######
- ldq $A3,16($17) # 1 1
- mulq $A2,$A2,$L2 ######
- ldq $A4,24($17) # 1 1
- stq $L1,0($16) # r[0]
- umulh $A2,$A2,$R2 ######
- stq $R1,8($16) # r[1]
- mulq $A3,$A3,$L3 ######
- stq $L2,16($16) # r[0]
- umulh $A3,$A3,$R3 ######
- stq $R2,24($16) # r[1]
- mulq $A4,$A4,$L4 ######
- stq $L3,32($16) # r[0]
- umulh $A4,$A4,$R4 ######
- stq $R3,40($16) # r[1]
-
- addq $16,64,$16
- addq $17,32,$17
- stq $L4,-16($16) # r[0]
- stq $R4,-8($16) # r[1]
-
- blt $18,$543
- ldq $A1,0($17) # 1 1
- br $542
-
-$442:
- ldq $A1,0($17) # a[0]
- mulq $A1,$A1,$L1 # a[0]*w low part r2
- addq $16,16,$16
- addq $17,8,$17
- subq $18,1,$18
- umulh $A1,$A1,$R1 # a[0]*w high part r3
- stq $L1,-16($16) # r[0]
- stq $R1,-8($16) # r[1]
-
- bgt $18,$442
- ret $31,($26),1 # else exit
-
- .align 4
-$543:
- addq $18,4,$18
- bgt $18,$442 # goto tail code
- ret $31,($26),1 # else exit
- .end bn_sqr_words
-
- .align 3
- .globl bn_add_words
- .ent bn_add_words
-bn_add_words:
-bn_add_words..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- subq $19,4,$19
- bis $31,$31,$CC # carry = 0
- blt $19,$900
- ldq $L1,0($17) # a[0]
- ldq $R1,0($18) # b[1]
- .align 3
-$901:
- addq $R1,$L1,$R1 # r=a+b;
- ldq $L2,8($17) # a[1]
- cmpult $R1,$L1,$O1 # did we overflow?
- ldq $R2,8($18) # b[1]
- addq $R1,$CC,$R1 # c+= overflow
- ldq $L3,16($17) # a[2]
- cmpult $R1,$CC,$CC # overflow?
- ldq $R3,16($18) # b[2]
- addq $CC,$O1,$CC
- ldq $L4,24($17) # a[3]
- addq $R2,$L2,$R2 # r=a+b;
- ldq $R4,24($18) # b[3]
- cmpult $R2,$L2,$O2 # did we overflow?
- addq $R3,$L3,$R3 # r=a+b;
- addq $R2,$CC,$R2 # c+= overflow
- cmpult $R3,$L3,$O3 # did we overflow?
- cmpult $R2,$CC,$CC # overflow?
- addq $R4,$L4,$R4 # r=a+b;
- addq $CC,$O2,$CC
- cmpult $R4,$L4,$O4 # did we overflow?
- addq $R3,$CC,$R3 # c+= overflow
- stq $R1,0($16) # r[0]=c
- cmpult $R3,$CC,$CC # overflow?
- stq $R2,8($16) # r[1]=c
- addq $CC,$O3,$CC
- stq $R3,16($16) # r[2]=c
- addq $R4,$CC,$R4 # c+= overflow
- subq $19,4,$19 # loop--
- cmpult $R4,$CC,$CC # overflow?
- addq $17,32,$17 # a++
- addq $CC,$O4,$CC
- stq $R4,24($16) # r[3]=c
- addq $18,32,$18 # b++
- addq $16,32,$16 # r++
-
- blt $19,$900
- ldq $L1,0($17) # a[0]
- ldq $R1,0($18) # b[1]
- br $901
- .align 4
-$945:
- ldq $L1,0($17) # a[0]
- ldq $R1,0($18) # b[1]
- addq $R1,$L1,$R1 # r=a+b;
- subq $19,1,$19 # loop--
- addq $R1,$CC,$R1 # c+= overflow
- addq $17,8,$17 # a++
- cmpult $R1,$L1,$O1 # did we overflow?
- cmpult $R1,$CC,$CC # overflow?
- addq $18,8,$18 # b++
- stq $R1,0($16) # r[0]=c
- addq $CC,$O1,$CC
- addq $16,8,$16 # r++
-
- bgt $19,$945
- ret $31,($26),1 # else exit
-
-$900:
- addq $19,4,$19
- bgt $19,$945 # goto tail code
- ret $31,($26),1 # else exit
- .end bn_add_words
-
- .align 3
- .globl bn_sub_words
- .ent bn_sub_words
-bn_sub_words:
-bn_sub_words..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- subq $19,4,$19
- bis $31,$31,$CC # carry = 0
- br $800
- blt $19,$800
- ldq $L1,0($17) # a[0]
- ldq $R1,0($18) # b[1]
- .align 3
-$801:
- addq $R1,$L1,$R1 # r=a+b;
- ldq $L2,8($17) # a[1]
- cmpult $R1,$L1,$O1 # did we overflow?
- ldq $R2,8($18) # b[1]
- addq $R1,$CC,$R1 # c+= overflow
- ldq $L3,16($17) # a[2]
- cmpult $R1,$CC,$CC # overflow?
- ldq $R3,16($18) # b[2]
- addq $CC,$O1,$CC
- ldq $L4,24($17) # a[3]
- addq $R2,$L2,$R2 # r=a+b;
- ldq $R4,24($18) # b[3]
- cmpult $R2,$L2,$O2 # did we overflow?
- addq $R3,$L3,$R3 # r=a+b;
- addq $R2,$CC,$R2 # c+= overflow
- cmpult $R3,$L3,$O3 # did we overflow?
- cmpult $R2,$CC,$CC # overflow?
- addq $R4,$L4,$R4 # r=a+b;
- addq $CC,$O2,$CC
- cmpult $R4,$L4,$O4 # did we overflow?
- addq $R3,$CC,$R3 # c+= overflow
- stq $R1,0($16) # r[0]=c
- cmpult $R3,$CC,$CC # overflow?
- stq $R2,8($16) # r[1]=c
- addq $CC,$O3,$CC
- stq $R3,16($16) # r[2]=c
- addq $R4,$CC,$R4 # c+= overflow
- subq $19,4,$19 # loop--
- cmpult $R4,$CC,$CC # overflow?
- addq $17,32,$17 # a++
- addq $CC,$O4,$CC
- stq $R4,24($16) # r[3]=c
- addq $18,32,$18 # b++
- addq $16,32,$16 # r++
-
- blt $19,$800
- ldq $L1,0($17) # a[0]
- ldq $R1,0($18) # b[1]
- br $801
- .align 4
-$845:
- ldq $L1,0($17) # a[0]
- ldq $R1,0($18) # b[1]
- cmpult $L1,$R1,$O1 # will we borrow?
- subq $L1,$R1,$R1 # r=a-b;
- subq $19,1,$19 # loop--
- cmpult $R1,$CC,$O2 # will we borrow?
- subq $R1,$CC,$R1 # c+= overflow
- addq $17,8,$17 # a++
- addq $18,8,$18 # b++
- stq $R1,0($16) # r[0]=c
- addq $O2,$O1,$CC
- addq $16,8,$16 # r++
-
- bgt $19,$845
- ret $31,($26),1 # else exit
-
-$800:
- addq $19,4,$19
- bgt $19,$845 # goto tail code
- ret $31,($26),1 # else exit
- .end bn_sub_words
-
- #
- # What follows was taken directly from the C compiler with a few
- # hacks to redo the lables.
- #
-.text
- .align 3
- .globl bn_div_words
- .ent bn_div_words
-bn_div_words:
- ldgp $29,0($27)
-bn_div_words..ng:
- lda $30,-48($30)
- .frame $30,48,$26,0
- stq $26,0($30)
- stq $9,8($30)
- stq $10,16($30)
- stq $11,24($30)
- stq $12,32($30)
- stq $13,40($30)
- .mask 0x4003e00,-48
- .prologue 1
- bis $16,$16,$9
- bis $17,$17,$10
- bis $18,$18,$11
- bis $31,$31,$13
- bis $31,2,$12
- bne $11,$119
- lda $0,-1
- br $31,$136
- .align 4
-$119:
- bis $11,$11,$16
- jsr $26,BN_num_bits_word
- ldgp $29,0($26)
- subq $0,64,$1
- beq $1,$120
- bis $31,1,$1
- sll $1,$0,$1
- cmpule $9,$1,$1
- bne $1,$120
- # lda $16,_IO_stderr_
- # lda $17,$C32
- # bis $0,$0,$18
- # jsr $26,fprintf
- # ldgp $29,0($26)
- jsr $26,abort
- ldgp $29,0($26)
- .align 4
-$120:
- bis $31,64,$3
- cmpult $9,$11,$2
- subq $3,$0,$1
- addl $1,$31,$0
- subq $9,$11,$1
- cmoveq $2,$1,$9
- beq $0,$122
- zapnot $0,15,$2
- subq $3,$0,$1
- sll $11,$2,$11
- sll $9,$2,$3
- srl $10,$1,$1
- sll $10,$2,$10
- bis $3,$1,$9
-$122:
- srl $11,32,$5
- zapnot $11,15,$6
- lda $7,-1
- .align 5
-$123:
- srl $9,32,$1
- subq $1,$5,$1
- bne $1,$126
- zapnot $7,15,$27
- br $31,$127
- .align 4
-$126:
- bis $9,$9,$24
- bis $5,$5,$25
- divqu $24,$25,$27
-$127:
- srl $10,32,$4
- .align 5
-$128:
- mulq $27,$5,$1
- subq $9,$1,$3
- zapnot $3,240,$1
- bne $1,$129
- mulq $6,$27,$2
- sll $3,32,$1
- addq $1,$4,$1
- cmpule $2,$1,$2
- bne $2,$129
- subq $27,1,$27
- br $31,$128
- .align 4
-$129:
- mulq $27,$6,$1
- mulq $27,$5,$4
- srl $1,32,$3
- sll $1,32,$1
- addq $4,$3,$4
- cmpult $10,$1,$2
- subq $10,$1,$10
- addq $2,$4,$2
- cmpult $9,$2,$1
- bis $2,$2,$4
- beq $1,$134
- addq $9,$11,$9
- subq $27,1,$27
-$134:
- subl $12,1,$12
- subq $9,$4,$9
- beq $12,$124
- sll $27,32,$13
- sll $9,32,$2
- srl $10,32,$1
- sll $10,32,$10
- bis $2,$1,$9
- br $31,$123
- .align 4
-$124:
- bis $13,$27,$0
-$136:
- ldq $26,0($30)
- ldq $9,8($30)
- ldq $10,16($30)
- ldq $11,24($30)
- ldq $12,32($30)
- ldq $13,40($30)
- addq $30,48,$30
- ret $31,($26),1
- .end bn_div_words
-EOF
- return($data);
- }
-
--- crypto/openssl/crypto/bn/asm/alpha.s.works
+++ /dev/null
@@ -1,533 +0,0 @@
-
- # DEC Alpha assember
- # The bn_div64 is actually gcc output but the other parts are hand done.
- # Thanks to tzeruch at ceddec.com for sending me the gcc output for
- # bn_div64.
- # I've gone back and re-done most of routines.
- # The key thing to remeber for the 164 CPU is that while a
- # multiply operation takes 8 cycles, another one can only be issued
- # after 4 cycles have elapsed. I've done modification to help
- # improve this. Also, normally, a ld instruction will not be available
- # for about 3 cycles.
- .file 1 "bn_asm.c"
- .set noat
-gcc2_compiled.:
-__gnu_compiled_c:
- .text
- .align 3
- .globl bn_mul_add_words
- .ent bn_mul_add_words
-bn_mul_add_words:
-bn_mul_add_words..ng:
- .frame $30,0,$26,0
- .prologue 0
- .align 5
- subq $18,4,$18
- bis $31,$31,$0
- blt $18,$43 # if we are -1, -2, -3 or -4 goto tail code
- ldq $20,0($17) # 1 1
- ldq $1,0($16) # 1 1
- .align 3
-$42:
- mulq $20,$19,$5 # 1 2 1 ######
- ldq $21,8($17) # 2 1
- ldq $2,8($16) # 2 1
- umulh $20,$19,$20 # 1 2 ######
- ldq $27,16($17) # 3 1
- ldq $3,16($16) # 3 1
- mulq $21,$19,$6 # 2 2 1 ######
- ldq $28,24($17) # 4 1
- addq $1,$5,$1 # 1 2 2
- ldq $4,24($16) # 4 1
- umulh $21,$19,$21 # 2 2 ######
- cmpult $1,$5,$22 # 1 2 3 1
- addq $20,$22,$20 # 1 3 1
- addq $1,$0,$1 # 1 2 3 1
- mulq $27,$19,$7 # 3 2 1 ######
- cmpult $1,$0,$0 # 1 2 3 2
- addq $2,$6,$2 # 2 2 2
- addq $20,$0,$0 # 1 3 2
- cmpult $2,$6,$23 # 2 2 3 1
- addq $21,$23,$21 # 2 3 1
- umulh $27,$19,$27 # 3 2 ######
- addq $2,$0,$2 # 2 2 3 1
- cmpult $2,$0,$0 # 2 2 3 2
- subq $18,4,$18
- mulq $28,$19,$8 # 4 2 1 ######
- addq $21,$0,$0 # 2 3 2
- addq $3,$7,$3 # 3 2 2
- addq $16,32,$16
- cmpult $3,$7,$24 # 3 2 3 1
- stq $1,-32($16) # 1 2 4
- umulh $28,$19,$28 # 4 2 ######
- addq $27,$24,$27 # 3 3 1
- addq $3,$0,$3 # 3 2 3 1
- stq $2,-24($16) # 2 2 4
- cmpult $3,$0,$0 # 3 2 3 2
- stq $3,-16($16) # 3 2 4
- addq $4,$8,$4 # 4 2 2
- addq $27,$0,$0 # 3 3 2
- cmpult $4,$8,$25 # 4 2 3 1
- addq $17,32,$17
- addq $28,$25,$28 # 4 3 1
- addq $4,$0,$4 # 4 2 3 1
- cmpult $4,$0,$0 # 4 2 3 2
- stq $4,-8($16) # 4 2 4
- addq $28,$0,$0 # 4 3 2
- blt $18,$43
-
- ldq $20,0($17) # 1 1
- ldq $1,0($16) # 1 1
-
- br $42
-
- .align 4
-$45:
- ldq $20,0($17) # 4 1
- ldq $1,0($16) # 4 1
- mulq $20,$19,$5 # 4 2 1
- subq $18,1,$18
- addq $16,8,$16
- addq $17,8,$17
- umulh $20,$19,$20 # 4 2
- addq $1,$5,$1 # 4 2 2
- cmpult $1,$5,$22 # 4 2 3 1
- addq $20,$22,$20 # 4 3 1
- addq $1,$0,$1 # 4 2 3 1
- cmpult $1,$0,$0 # 4 2 3 2
- addq $20,$0,$0 # 4 3 2
- stq $1,-8($16) # 4 2 4
- bgt $18,$45
- ret $31,($26),1 # else exit
-
- .align 4
-$43:
- addq $18,4,$18
- bgt $18,$45 # goto tail code
- ret $31,($26),1 # else exit
-
- .end bn_mul_add_words
- .align 3
- .globl bn_mul_words
- .ent bn_mul_words
-bn_mul_words:
-bn_mul_words..ng:
- .frame $30,0,$26,0
- .prologue 0
- .align 5
- subq $18,4,$18
- bis $31,$31,$0
- blt $18,$143 # if we are -1, -2, -3 or -4 goto tail code
- ldq $20,0($17) # 1 1
- .align 3
-$142:
-
- mulq $20,$19,$5 # 1 2 1 #####
- ldq $21,8($17) # 2 1
- ldq $27,16($17) # 3 1
- umulh $20,$19,$20 # 1 2 #####
- ldq $28,24($17) # 4 1
- mulq $21,$19,$6 # 2 2 1 #####
- addq $5,$0,$5 # 1 2 3 1
- subq $18,4,$18
- cmpult $5,$0,$0 # 1 2 3 2
- umulh $21,$19,$21 # 2 2 #####
- addq $20,$0,$0 # 1 3 2
- addq $17,32,$17
- addq $6,$0,$6 # 2 2 3 1
- mulq $27,$19,$7 # 3 2 1 #####
- cmpult $6,$0,$0 # 2 2 3 2
- addq $21,$0,$0 # 2 3 2
- addq $16,32,$16
- umulh $27,$19,$27 # 3 2 #####
- stq $5,-32($16) # 1 2 4
- mulq $28,$19,$8 # 4 2 1 #####
- addq $7,$0,$7 # 3 2 3 1
- stq $6,-24($16) # 2 2 4
- cmpult $7,$0,$0 # 3 2 3 2
- umulh $28,$19,$28 # 4 2 #####
- addq $27,$0,$0 # 3 3 2
- stq $7,-16($16) # 3 2 4
- addq $8,$0,$8 # 4 2 3 1
- cmpult $8,$0,$0 # 4 2 3 2
-
- addq $28,$0,$0 # 4 3 2
-
- stq $8,-8($16) # 4 2 4
-
- blt $18,$143
-
- ldq $20,0($17) # 1 1
-
- br $142
-
- .align 4
-$145:
- ldq $20,0($17) # 4 1
- mulq $20,$19,$5 # 4 2 1
- subq $18,1,$18
- umulh $20,$19,$20 # 4 2
- addq $5,$0,$5 # 4 2 3 1
- addq $16,8,$16
- cmpult $5,$0,$0 # 4 2 3 2
- addq $17,8,$17
- addq $20,$0,$0 # 4 3 2
- stq $5,-8($16) # 4 2 4
-
- bgt $18,$145
- ret $31,($26),1 # else exit
-
- .align 4
-$143:
- addq $18,4,$18
- bgt $18,$145 # goto tail code
- ret $31,($26),1 # else exit
-
- .end bn_mul_words
- .align 3
- .globl bn_sqr_words
- .ent bn_sqr_words
-bn_sqr_words:
-bn_sqr_words..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- subq $18,4,$18
- blt $18,$543 # if we are -1, -2, -3 or -4 goto tail code
- ldq $20,0($17) # 1 1
- .align 3
-$542:
- mulq $20,$20,$5 ######
- ldq $21,8($17) # 1 1
- subq $18,4
- umulh $20,$20,$1 ######
- ldq $27,16($17) # 1 1
- mulq $21,$21,$6 ######
- ldq $28,24($17) # 1 1
- stq $5,0($16) # r[0]
- umulh $21,$21,$2 ######
- stq $1,8($16) # r[1]
- mulq $27,$27,$7 ######
- stq $6,16($16) # r[0]
- umulh $27,$27,$3 ######
- stq $2,24($16) # r[1]
- mulq $28,$28,$8 ######
- stq $7,32($16) # r[0]
- umulh $28,$28,$4 ######
- stq $3,40($16) # r[1]
-
- addq $16,64,$16
- addq $17,32,$17
- stq $8,-16($16) # r[0]
- stq $4,-8($16) # r[1]
-
- blt $18,$543
- ldq $20,0($17) # 1 1
- br $542
-
-$442:
- ldq $20,0($17) # a[0]
- mulq $20,$20,$5 # a[0]*w low part r2
- addq $16,16,$16
- addq $17,8,$17
- subq $18,1,$18
- umulh $20,$20,$1 # a[0]*w high part r3
- stq $5,-16($16) # r[0]
- stq $1,-8($16) # r[1]
-
- bgt $18,$442
- ret $31,($26),1 # else exit
-
- .align 4
-$543:
- addq $18,4,$18
- bgt $18,$442 # goto tail code
- ret $31,($26),1 # else exit
- .end bn_sqr_words
-
- .align 3
- .globl bn_add_words
- .ent bn_add_words
-bn_add_words:
-bn_add_words..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- subq $19,4,$19
- bis $31,$31,$0 # carry = 0
- blt $19,$900
- ldq $5,0($17) # a[0]
- ldq $1,0($18) # b[1]
- .align 3
-$901:
- addq $1,$5,$1 # r=a+b;
- ldq $6,8($17) # a[1]
- cmpult $1,$5,$22 # did we overflow?
- ldq $2,8($18) # b[1]
- addq $1,$0,$1 # c+= overflow
- ldq $7,16($17) # a[2]
- cmpult $1,$0,$0 # overflow?
- ldq $3,16($18) # b[2]
- addq $0,$22,$0
- ldq $8,24($17) # a[3]
- addq $2,$6,$2 # r=a+b;
- ldq $4,24($18) # b[3]
- cmpult $2,$6,$23 # did we overflow?
- addq $3,$7,$3 # r=a+b;
- addq $2,$0,$2 # c+= overflow
- cmpult $3,$7,$24 # did we overflow?
- cmpult $2,$0,$0 # overflow?
- addq $4,$8,$4 # r=a+b;
- addq $0,$23,$0
- cmpult $4,$8,$25 # did we overflow?
- addq $3,$0,$3 # c+= overflow
- stq $1,0($16) # r[0]=c
- cmpult $3,$0,$0 # overflow?
- stq $2,8($16) # r[1]=c
- addq $0,$24,$0
- stq $3,16($16) # r[2]=c
- addq $4,$0,$4 # c+= overflow
- subq $19,4,$19 # loop--
- cmpult $4,$0,$0 # overflow?
- addq $17,32,$17 # a++
- addq $0,$25,$0
- stq $4,24($16) # r[3]=c
- addq $18,32,$18 # b++
- addq $16,32,$16 # r++
-
- blt $19,$900
- ldq $5,0($17) # a[0]
- ldq $1,0($18) # b[1]
- br $901
- .align 4
-$945:
- ldq $5,0($17) # a[0]
- ldq $1,0($18) # b[1]
- addq $1,$5,$1 # r=a+b;
- subq $19,1,$19 # loop--
- addq $1,$0,$1 # c+= overflow
- addq $17,8,$17 # a++
- cmpult $1,$5,$22 # did we overflow?
- cmpult $1,$0,$0 # overflow?
- addq $18,8,$18 # b++
- stq $1,0($16) # r[0]=c
- addq $0,$22,$0
- addq $16,8,$16 # r++
-
- bgt $19,$945
- ret $31,($26),1 # else exit
-
-$900:
- addq $19,4,$19
- bgt $19,$945 # goto tail code
- ret $31,($26),1 # else exit
- .end bn_add_words
-
- #
- # What follows was taken directly from the C compiler with a few
- # hacks to redo the lables.
- #
-.text
- .align 3
- .globl bn_div64
- .ent bn_div64
-bn_div64:
- ldgp $29,0($27)
-bn_div64..ng:
- lda $30,-48($30)
- .frame $30,48,$26,0
- stq $26,0($30)
- stq $9,8($30)
- stq $10,16($30)
- stq $11,24($30)
- stq $12,32($30)
- stq $13,40($30)
- .mask 0x4003e00,-48
- .prologue 1
- bis $16,$16,$9
- bis $17,$17,$10
- bis $18,$18,$11
- bis $31,$31,$13
- bis $31,2,$12
- bne $11,$119
- lda $0,-1
- br $31,$136
- .align 4
-$119:
- bis $11,$11,$16
- jsr $26,BN_num_bits_word
- ldgp $29,0($26)
- subq $0,64,$1
- beq $1,$120
- bis $31,1,$1
- sll $1,$0,$1
- cmpule $9,$1,$1
- bne $1,$120
- # lda $16,_IO_stderr_
- # lda $17,$C32
- # bis $0,$0,$18
- # jsr $26,fprintf
- # ldgp $29,0($26)
- jsr $26,abort
- ldgp $29,0($26)
- .align 4
-$120:
- bis $31,64,$3
- cmpult $9,$11,$2
- subq $3,$0,$1
- addl $1,$31,$0
- subq $9,$11,$1
- cmoveq $2,$1,$9
- beq $0,$122
- zapnot $0,15,$2
- subq $3,$0,$1
- sll $11,$2,$11
- sll $9,$2,$3
- srl $10,$1,$1
- sll $10,$2,$10
- bis $3,$1,$9
-$122:
- srl $11,32,$5
- zapnot $11,15,$6
- lda $7,-1
- .align 5
-$123:
- srl $9,32,$1
- subq $1,$5,$1
- bne $1,$126
- zapnot $7,15,$27
- br $31,$127
- .align 4
-$126:
- bis $9,$9,$24
- bis $5,$5,$25
- divqu $24,$25,$27
-$127:
- srl $10,32,$4
- .align 5
-$128:
- mulq $27,$5,$1
- subq $9,$1,$3
- zapnot $3,240,$1
- bne $1,$129
- mulq $6,$27,$2
- sll $3,32,$1
- addq $1,$4,$1
- cmpule $2,$1,$2
- bne $2,$129
- subq $27,1,$27
- br $31,$128
- .align 4
-$129:
- mulq $27,$6,$1
- mulq $27,$5,$4
- srl $1,32,$3
- sll $1,32,$1
- addq $4,$3,$4
- cmpult $10,$1,$2
- subq $10,$1,$10
- addq $2,$4,$2
- cmpult $9,$2,$1
- bis $2,$2,$4
- beq $1,$134
- addq $9,$11,$9
- subq $27,1,$27
-$134:
- subl $12,1,$12
- subq $9,$4,$9
- beq $12,$124
- sll $27,32,$13
- sll $9,32,$2
- srl $10,32,$1
- sll $10,32,$10
- bis $2,$1,$9
- br $31,$123
- .align 4
-$124:
- bis $13,$27,$0
-$136:
- ldq $26,0($30)
- ldq $9,8($30)
- ldq $10,16($30)
- ldq $11,24($30)
- ldq $12,32($30)
- ldq $13,40($30)
- addq $30,48,$30
- ret $31,($26),1
- .end bn_div64
-
- .set noat
- .text
- .align 3
- .globl bn_sub_words
- .ent bn_sub_words
-bn_sub_words:
-bn_sub_words..ng:
- .frame $30,0,$26,0
- .prologue 0
-
- subq $19, 4, $19
- bis $31, $31, $0
- blt $19, $100
- ldq $1, 0($17)
- ldq $2, 0($18)
-$101:
- ldq $3, 8($17)
- cmpult $1, $2, $4
- ldq $5, 8($18)
- subq $1, $2, $1
- ldq $6, 16($17)
- cmpult $1, $0, $2
- ldq $7, 16($18)
- subq $1, $0, $23
- ldq $8, 24($17)
- addq $2, $4, $0
- cmpult $3, $5, $24
- subq $3, $5, $3
- ldq $22, 24($18)
- cmpult $3, $0, $5
- subq $3, $0, $25
- addq $5, $24, $0
- cmpult $6, $7, $27
- subq $6, $7, $6
- stq $23, 0($16)
- cmpult $6, $0, $7
- subq $6, $0, $28
- addq $7, $27, $0
- cmpult $8, $22, $21
- subq $8, $22, $8
- stq $25, 8($16)
- cmpult $8, $0, $22
- subq $8, $0, $20
- addq $22, $21, $0
- stq $28, 16($16)
- subq $19, 4, $19
- stq $20, 24($16)
- addq $17, 32, $17
- addq $18, 32, $18
- addq $16, 32, $16
- blt $19, $100
- ldq $1, 0($17)
- ldq $2, 0($18)
- br $101
-$102:
- ldq $1, 0($17)
- ldq $2, 0($18)
- cmpult $1, $2, $27
- subq $1, $2, $1
- cmpult $1, $0, $2
- subq $1, $0, $1
- stq $1, 0($16)
- addq $2, $27, $0
- addq $17, 8, $17
- addq $18, 8, $18
- addq $16, 8, $16
- subq $19, 1, $19
- bgt $19, $102
- ret $31,($26),1
-$100:
- addq $19, 4, $19
- bgt $19, $102
-$103:
- ret $31,($26),1
- .end bn_sub_words
--- crypto/openssl/crypto/bn/asm/pa-risc.s
+++ /dev/null
@@ -1,710 +0,0 @@
- .SPACE $PRIVATE$
- .SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
- .SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
- .SPACE $TEXT$
- .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
- .SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
- .IMPORT $global$,DATA
- .IMPORT $$dyncall,MILLICODE
-; gcc_compiled.:
- .SPACE $TEXT$
- .SUBSPA $CODE$
-
- .align 4
- .EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
-bn_mul_add_words
- .PROC
- .CALLINFO FRAME=0,CALLS,SAVE_RP
- .ENTRY
- stw %r2,-20(0,%r30)
- ldi 0,%r28
- extru %r23,31,16,%r2
- stw %r2,-16(0,%r30)
- extru %r23,15,16,%r23
- ldil L'65536,%r31
- fldws -16(0,%r30),%fr11R
- stw %r23,-16(0,%r30)
- ldo 12(%r25),%r29
- ldo 12(%r26),%r23
- fldws -16(0,%r30),%fr11L
-L$0002
- ldw 0(0,%r25),%r19
- extru %r19,31,16,%r20
- stw %r20,-16(0,%r30)
- extru %r19,15,16,%r19
- fldws -16(0,%r30),%fr22L
- stw %r19,-16(0,%r30)
- xmpyu %fr22L,%fr11R,%fr8
- fldws -16(0,%r30),%fr22L
- fstws %fr8R,-16(0,%r30)
- xmpyu %fr11R,%fr22L,%fr10
- ldw -16(0,%r30),%r2
- stw %r20,-16(0,%r30)
- xmpyu %fr22L,%fr11L,%fr9
- fldws -16(0,%r30),%fr22L
- fstws %fr10R,-16(0,%r30)
- copy %r2,%r22
- ldw -16(0,%r30),%r2
- fstws %fr9R,-16(0,%r30)
- xmpyu %fr11L,%fr22L,%fr8
- copy %r2,%r19
- ldw -16(0,%r30),%r2
- fstws %fr8R,-16(0,%r30)
- copy %r2,%r20
- ldw -16(0,%r30),%r2
- addl %r2,%r19,%r21
- comclr,<<= %r19,%r21,0
- addl %r20,%r31,%r20
-L$0005
- extru %r21,15,16,%r19
- addl %r20,%r19,%r20
- zdep %r21,15,16,%r19
- addl %r22,%r19,%r22
- comclr,<<= %r19,%r22,0
- addi,tr 1,%r20,%r19
- copy %r20,%r19
- addl %r22,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi 1,%r19,%r19
- ldw 0(0,%r26),%r28
- addl %r20,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi,tr 1,%r19,%r28
- copy %r19,%r28
- addib,= -1,%r24,L$0003
- stw %r20,0(0,%r26)
- ldw -8(0,%r29),%r19
- extru %r19,31,16,%r20
- stw %r20,-16(0,%r30)
- extru %r19,15,16,%r19
- fldws -16(0,%r30),%fr22L
- stw %r19,-16(0,%r30)
- xmpyu %fr22L,%fr11R,%fr8
- fldws -16(0,%r30),%fr22L
- fstws %fr8R,-16(0,%r30)
- xmpyu %fr11R,%fr22L,%fr10
- ldw -16(0,%r30),%r2
- stw %r20,-16(0,%r30)
- xmpyu %fr22L,%fr11L,%fr9
- fldws -16(0,%r30),%fr22L
- fstws %fr10R,-16(0,%r30)
- copy %r2,%r22
- ldw -16(0,%r30),%r2
- fstws %fr9R,-16(0,%r30)
- xmpyu %fr11L,%fr22L,%fr8
- copy %r2,%r19
- ldw -16(0,%r30),%r2
- fstws %fr8R,-16(0,%r30)
- copy %r2,%r20
- ldw -16(0,%r30),%r2
- addl %r2,%r19,%r21
- comclr,<<= %r19,%r21,0
- addl %r20,%r31,%r20
-L$0010
- extru %r21,15,16,%r19
- addl %r20,%r19,%r20
- zdep %r21,15,16,%r19
- addl %r22,%r19,%r22
- comclr,<<= %r19,%r22,0
- addi,tr 1,%r20,%r19
- copy %r20,%r19
- addl %r22,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi 1,%r19,%r19
- ldw -8(0,%r23),%r28
- addl %r20,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi,tr 1,%r19,%r28
- copy %r19,%r28
- addib,= -1,%r24,L$0003
- stw %r20,-8(0,%r23)
- ldw -4(0,%r29),%r19
- extru %r19,31,16,%r20
- stw %r20,-16(0,%r30)
- extru %r19,15,16,%r19
- fldws -16(0,%r30),%fr22L
- stw %r19,-16(0,%r30)
- xmpyu %fr22L,%fr11R,%fr8
- fldws -16(0,%r30),%fr22L
- fstws %fr8R,-16(0,%r30)
- xmpyu %fr11R,%fr22L,%fr10
- ldw -16(0,%r30),%r2
- stw %r20,-16(0,%r30)
- xmpyu %fr22L,%fr11L,%fr9
- fldws -16(0,%r30),%fr22L
- fstws %fr10R,-16(0,%r30)
- copy %r2,%r22
- ldw -16(0,%r30),%r2
- fstws %fr9R,-16(0,%r30)
- xmpyu %fr11L,%fr22L,%fr8
- copy %r2,%r19
- ldw -16(0,%r30),%r2
- fstws %fr8R,-16(0,%r30)
- copy %r2,%r20
- ldw -16(0,%r30),%r2
- addl %r2,%r19,%r21
- comclr,<<= %r19,%r21,0
- addl %r20,%r31,%r20
-L$0015
- extru %r21,15,16,%r19
- addl %r20,%r19,%r20
- zdep %r21,15,16,%r19
- addl %r22,%r19,%r22
- comclr,<<= %r19,%r22,0
- addi,tr 1,%r20,%r19
- copy %r20,%r19
- addl %r22,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi 1,%r19,%r19
- ldw -4(0,%r23),%r28
- addl %r20,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi,tr 1,%r19,%r28
- copy %r19,%r28
- addib,= -1,%r24,L$0003
- stw %r20,-4(0,%r23)
- ldw 0(0,%r29),%r19
- extru %r19,31,16,%r20
- stw %r20,-16(0,%r30)
- extru %r19,15,16,%r19
- fldws -16(0,%r30),%fr22L
- stw %r19,-16(0,%r30)
- xmpyu %fr22L,%fr11R,%fr8
- fldws -16(0,%r30),%fr22L
- fstws %fr8R,-16(0,%r30)
- xmpyu %fr11R,%fr22L,%fr10
- ldw -16(0,%r30),%r2
- stw %r20,-16(0,%r30)
- xmpyu %fr22L,%fr11L,%fr9
- fldws -16(0,%r30),%fr22L
- fstws %fr10R,-16(0,%r30)
- copy %r2,%r22
- ldw -16(0,%r30),%r2
- fstws %fr9R,-16(0,%r30)
- xmpyu %fr11L,%fr22L,%fr8
- copy %r2,%r19
- ldw -16(0,%r30),%r2
- fstws %fr8R,-16(0,%r30)
- copy %r2,%r20
- ldw -16(0,%r30),%r2
- addl %r2,%r19,%r21
- comclr,<<= %r19,%r21,0
- addl %r20,%r31,%r20
-L$0020
- extru %r21,15,16,%r19
- addl %r20,%r19,%r20
- zdep %r21,15,16,%r19
- addl %r22,%r19,%r22
- comclr,<<= %r19,%r22,0
- addi,tr 1,%r20,%r19
- copy %r20,%r19
- addl %r22,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi 1,%r19,%r19
- ldw 0(0,%r23),%r28
- addl %r20,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi,tr 1,%r19,%r28
- copy %r19,%r28
- addib,= -1,%r24,L$0003
- stw %r20,0(0,%r23)
- ldo 16(%r29),%r29
- ldo 16(%r25),%r25
- ldo 16(%r23),%r23
- bl L$0002,0
- ldo 16(%r26),%r26
-L$0003
- ldw -20(0,%r30),%r2
- bv,n 0(%r2)
- .EXIT
- .PROCEND
- .align 4
- .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
-bn_mul_words
- .PROC
- .CALLINFO FRAME=0,CALLS,SAVE_RP
- .ENTRY
- stw %r2,-20(0,%r30)
- ldi 0,%r28
- extru %r23,31,16,%r2
- stw %r2,-16(0,%r30)
- extru %r23,15,16,%r23
- ldil L'65536,%r31
- fldws -16(0,%r30),%fr11R
- stw %r23,-16(0,%r30)
- ldo 12(%r26),%r29
- ldo 12(%r25),%r23
- fldws -16(0,%r30),%fr11L
-L$0026
- ldw 0(0,%r25),%r19
- extru %r19,31,16,%r20
- stw %r20,-16(0,%r30)
- extru %r19,15,16,%r19
- fldws -16(0,%r30),%fr22L
- stw %r19,-16(0,%r30)
- xmpyu %fr22L,%fr11R,%fr8
- fldws -16(0,%r30),%fr22L
- fstws %fr8R,-16(0,%r30)
- xmpyu %fr11R,%fr22L,%fr10
- ldw -16(0,%r30),%r2
- stw %r20,-16(0,%r30)
- xmpyu %fr22L,%fr11L,%fr9
- fldws -16(0,%r30),%fr22L
- fstws %fr10R,-16(0,%r30)
- copy %r2,%r22
- ldw -16(0,%r30),%r2
- fstws %fr9R,-16(0,%r30)
- xmpyu %fr11L,%fr22L,%fr8
- copy %r2,%r19
- ldw -16(0,%r30),%r2
- fstws %fr8R,-16(0,%r30)
- copy %r2,%r20
- ldw -16(0,%r30),%r2
- addl %r2,%r19,%r21
- comclr,<<= %r19,%r21,0
- addl %r20,%r31,%r20
-L$0029
- extru %r21,15,16,%r19
- addl %r20,%r19,%r20
- zdep %r21,15,16,%r19
- addl %r22,%r19,%r22
- comclr,<<= %r19,%r22,0
- addi,tr 1,%r20,%r19
- copy %r20,%r19
- addl %r22,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi,tr 1,%r19,%r28
- copy %r19,%r28
- addib,= -1,%r24,L$0027
- stw %r20,0(0,%r26)
- ldw -8(0,%r23),%r19
- extru %r19,31,16,%r20
- stw %r20,-16(0,%r30)
- extru %r19,15,16,%r19
- fldws -16(0,%r30),%fr22L
- stw %r19,-16(0,%r30)
- xmpyu %fr22L,%fr11R,%fr8
- fldws -16(0,%r30),%fr22L
- fstws %fr8R,-16(0,%r30)
- xmpyu %fr11R,%fr22L,%fr10
- ldw -16(0,%r30),%r2
- stw %r20,-16(0,%r30)
- xmpyu %fr22L,%fr11L,%fr9
- fldws -16(0,%r30),%fr22L
- fstws %fr10R,-16(0,%r30)
- copy %r2,%r22
- ldw -16(0,%r30),%r2
- fstws %fr9R,-16(0,%r30)
- xmpyu %fr11L,%fr22L,%fr8
- copy %r2,%r19
- ldw -16(0,%r30),%r2
- fstws %fr8R,-16(0,%r30)
- copy %r2,%r20
- ldw -16(0,%r30),%r2
- addl %r2,%r19,%r21
- comclr,<<= %r19,%r21,0
- addl %r20,%r31,%r20
-L$0033
- extru %r21,15,16,%r19
- addl %r20,%r19,%r20
- zdep %r21,15,16,%r19
- addl %r22,%r19,%r22
- comclr,<<= %r19,%r22,0
- addi,tr 1,%r20,%r19
- copy %r20,%r19
- addl %r22,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi,tr 1,%r19,%r28
- copy %r19,%r28
- addib,= -1,%r24,L$0027
- stw %r20,-8(0,%r29)
- ldw -4(0,%r23),%r19
- extru %r19,31,16,%r20
- stw %r20,-16(0,%r30)
- extru %r19,15,16,%r19
- fldws -16(0,%r30),%fr22L
- stw %r19,-16(0,%r30)
- xmpyu %fr22L,%fr11R,%fr8
- fldws -16(0,%r30),%fr22L
- fstws %fr8R,-16(0,%r30)
- xmpyu %fr11R,%fr22L,%fr10
- ldw -16(0,%r30),%r2
- stw %r20,-16(0,%r30)
- xmpyu %fr22L,%fr11L,%fr9
- fldws -16(0,%r30),%fr22L
- fstws %fr10R,-16(0,%r30)
- copy %r2,%r22
- ldw -16(0,%r30),%r2
- fstws %fr9R,-16(0,%r30)
- xmpyu %fr11L,%fr22L,%fr8
- copy %r2,%r19
- ldw -16(0,%r30),%r2
- fstws %fr8R,-16(0,%r30)
- copy %r2,%r20
- ldw -16(0,%r30),%r2
- addl %r2,%r19,%r21
- comclr,<<= %r19,%r21,0
- addl %r20,%r31,%r20
-L$0037
- extru %r21,15,16,%r19
- addl %r20,%r19,%r20
- zdep %r21,15,16,%r19
- addl %r22,%r19,%r22
- comclr,<<= %r19,%r22,0
- addi,tr 1,%r20,%r19
- copy %r20,%r19
- addl %r22,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi,tr 1,%r19,%r28
- copy %r19,%r28
- addib,= -1,%r24,L$0027
- stw %r20,-4(0,%r29)
- ldw 0(0,%r23),%r19
- extru %r19,31,16,%r20
- stw %r20,-16(0,%r30)
- extru %r19,15,16,%r19
- fldws -16(0,%r30),%fr22L
- stw %r19,-16(0,%r30)
- xmpyu %fr22L,%fr11R,%fr8
- fldws -16(0,%r30),%fr22L
- fstws %fr8R,-16(0,%r30)
- xmpyu %fr11R,%fr22L,%fr10
- ldw -16(0,%r30),%r2
- stw %r20,-16(0,%r30)
- xmpyu %fr22L,%fr11L,%fr9
- fldws -16(0,%r30),%fr22L
- fstws %fr10R,-16(0,%r30)
- copy %r2,%r22
- ldw -16(0,%r30),%r2
- fstws %fr9R,-16(0,%r30)
- xmpyu %fr11L,%fr22L,%fr8
- copy %r2,%r19
- ldw -16(0,%r30),%r2
- fstws %fr8R,-16(0,%r30)
- copy %r2,%r20
- ldw -16(0,%r30),%r2
- addl %r2,%r19,%r21
- comclr,<<= %r19,%r21,0
- addl %r20,%r31,%r20
-L$0041
- extru %r21,15,16,%r19
- addl %r20,%r19,%r20
- zdep %r21,15,16,%r19
- addl %r22,%r19,%r22
- comclr,<<= %r19,%r22,0
- addi,tr 1,%r20,%r19
- copy %r20,%r19
- addl %r22,%r28,%r20
- comclr,<<= %r28,%r20,0
- addi,tr 1,%r19,%r28
- copy %r19,%r28
- addib,= -1,%r24,L$0027
- stw %r20,0(0,%r29)
- ldo 16(%r23),%r23
- ldo 16(%r25),%r25
- ldo 16(%r29),%r29
- bl L$0026,0
- ldo 16(%r26),%r26
-L$0027
- ldw -20(0,%r30),%r2
- bv,n 0(%r2)
- .EXIT
- .PROCEND
- .align 4
- .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
-bn_sqr_words
- .PROC
- .CALLINFO FRAME=0,NO_CALLS
- .ENTRY
- ldo 28(%r26),%r23
- ldo 12(%r25),%r28
-L$0046
- ldw 0(0,%r25),%r21
- extru %r21,31,16,%r22
- stw %r22,-16(0,%r30)
- extru %r21,15,16,%r21
- fldws -16(0,%r30),%fr10L
- stw %r21,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- xmpyu %fr10L,%fr10R,%fr8
- fstws %fr8R,-16(0,%r30)
- ldw -16(0,%r30),%r29
- stw %r22,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- stw %r21,-16(0,%r30)
- copy %r29,%r19
- xmpyu %fr10L,%fr10R,%fr8
- fldws -16(0,%r30),%fr10L
- stw %r21,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- fstws %fr8R,-16(0,%r30)
- extru %r19,16,17,%r20
- zdep %r19,14,15,%r19
- ldw -16(0,%r30),%r29
- xmpyu %fr10L,%fr10R,%fr9
- addl %r29,%r19,%r22
- stw %r22,0(0,%r26)
- fstws %fr9R,-16(0,%r30)
- ldw -16(0,%r30),%r29
- addl %r29,%r20,%r21
- comclr,<<= %r19,%r22,0
- addi 1,%r21,%r21
- addib,= -1,%r24,L$0057
- stw %r21,-24(0,%r23)
- ldw -8(0,%r28),%r21
- extru %r21,31,16,%r22
- stw %r22,-16(0,%r30)
- extru %r21,15,16,%r21
- fldws -16(0,%r30),%fr10L
- stw %r21,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- xmpyu %fr10L,%fr10R,%fr8
- fstws %fr8R,-16(0,%r30)
- ldw -16(0,%r30),%r29
- stw %r22,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- stw %r21,-16(0,%r30)
- copy %r29,%r19
- xmpyu %fr10L,%fr10R,%fr8
- fldws -16(0,%r30),%fr10L
- stw %r21,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- fstws %fr8R,-16(0,%r30)
- extru %r19,16,17,%r20
- zdep %r19,14,15,%r19
- ldw -16(0,%r30),%r29
- xmpyu %fr10L,%fr10R,%fr9
- addl %r29,%r19,%r22
- stw %r22,-20(0,%r23)
- fstws %fr9R,-16(0,%r30)
- ldw -16(0,%r30),%r29
- addl %r29,%r20,%r21
- comclr,<<= %r19,%r22,0
- addi 1,%r21,%r21
- addib,= -1,%r24,L$0057
- stw %r21,-16(0,%r23)
- ldw -4(0,%r28),%r21
- extru %r21,31,16,%r22
- stw %r22,-16(0,%r30)
- extru %r21,15,16,%r21
- fldws -16(0,%r30),%fr10L
- stw %r21,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- xmpyu %fr10L,%fr10R,%fr8
- fstws %fr8R,-16(0,%r30)
- ldw -16(0,%r30),%r29
- stw %r22,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- stw %r21,-16(0,%r30)
- copy %r29,%r19
- xmpyu %fr10L,%fr10R,%fr8
- fldws -16(0,%r30),%fr10L
- stw %r21,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- fstws %fr8R,-16(0,%r30)
- extru %r19,16,17,%r20
- zdep %r19,14,15,%r19
- ldw -16(0,%r30),%r29
- xmpyu %fr10L,%fr10R,%fr9
- addl %r29,%r19,%r22
- stw %r22,-12(0,%r23)
- fstws %fr9R,-16(0,%r30)
- ldw -16(0,%r30),%r29
- addl %r29,%r20,%r21
- comclr,<<= %r19,%r22,0
- addi 1,%r21,%r21
- addib,= -1,%r24,L$0057
- stw %r21,-8(0,%r23)
- ldw 0(0,%r28),%r21
- extru %r21,31,16,%r22
- stw %r22,-16(0,%r30)
- extru %r21,15,16,%r21
- fldws -16(0,%r30),%fr10L
- stw %r21,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- xmpyu %fr10L,%fr10R,%fr8
- fstws %fr8R,-16(0,%r30)
- ldw -16(0,%r30),%r29
- stw %r22,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- stw %r21,-16(0,%r30)
- copy %r29,%r19
- xmpyu %fr10L,%fr10R,%fr8
- fldws -16(0,%r30),%fr10L
- stw %r21,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- fstws %fr8R,-16(0,%r30)
- extru %r19,16,17,%r20
- zdep %r19,14,15,%r19
- ldw -16(0,%r30),%r29
- xmpyu %fr10L,%fr10R,%fr9
- addl %r29,%r19,%r22
- stw %r22,-4(0,%r23)
- fstws %fr9R,-16(0,%r30)
- ldw -16(0,%r30),%r29
- addl %r29,%r20,%r21
- comclr,<<= %r19,%r22,0
- addi 1,%r21,%r21
- addib,= -1,%r24,L$0057
- stw %r21,0(0,%r23)
- ldo 16(%r28),%r28
- ldo 16(%r25),%r25
- ldo 32(%r23),%r23
- bl L$0046,0
- ldo 32(%r26),%r26
-L$0057
- bv,n 0(%r2)
- .EXIT
- .PROCEND
- .IMPORT BN_num_bits_word,CODE
- .IMPORT fprintf,CODE
- .IMPORT __iob,DATA
- .SPACE $TEXT$
- .SUBSPA $LIT$
-
- .align 4
-L$C0000
- .STRING "Division would overflow\x0a\x00"
- .IMPORT abort,CODE
- .SPACE $TEXT$
- .SUBSPA $CODE$
-
- .align 4
- .EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
-bn_div64
- .PROC
- .CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
- .ENTRY
- stw %r2,-20(0,%r30)
- stwm %r8,128(0,%r30)
- stw %r7,-124(0,%r30)
- stw %r4,-112(0,%r30)
- stw %r3,-108(0,%r30)
- copy %r26,%r3
- copy %r25,%r4
- stw %r6,-120(0,%r30)
- ldi 0,%r7
- stw %r5,-116(0,%r30)
- movb,<> %r24,%r5,L$0059
- ldi 2,%r6
- bl L$0076,0
- ldi -1,%r28
-L$0059
- .CALL ARGW0=GR
- bl BN_num_bits_word,%r2
- copy %r5,%r26
- ldi 32,%r19
- comb,= %r19,%r28,L$0060
- subi 31,%r28,%r19
- mtsar %r19
- zvdepi 1,32,%r19
- comb,>>= %r19,%r3,L$0060
- addil LR'__iob-$global$+32,%r27
- ldo RR'__iob-$global$+32(%r1),%r26
- ldil LR'L$C0000,%r25
- .CALL ARGW0=GR,ARGW1=GR
- bl fprintf,%r2
- ldo RR'L$C0000(%r25),%r25
- .CALL
- bl abort,%r2
- nop
-L$0060
- comb,>> %r5,%r3,L$0061
- subi 32,%r28,%r28
- sub %r3,%r5,%r3
-L$0061
- comib,= 0,%r28,L$0062
- subi 31,%r28,%r19
- mtsar %r19
- zvdep %r5,32,%r5
- zvdep %r3,32,%r21
- subi 32,%r28,%r20
- mtsar %r20
- vshd 0,%r4,%r20
- or %r21,%r20,%r3
- mtsar %r19
- zvdep %r4,32,%r4
-L$0062
- extru %r5,15,16,%r23
- extru %r5,31,16,%r28
-L$0063
- extru %r3,15,16,%r19
- comb,<> %r23,%r19,L$0066
- copy %r3,%r26
- bl L$0067,0
- zdepi -1,31,16,%r29
-L$0066
- .IMPORT $$divU,MILLICODE
- bl $$divU,%r31
- copy %r23,%r25
-L$0067
- stw %r29,-16(0,%r30)
- fldws -16(0,%r30),%fr10L
- stw %r28,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- stw %r23,-16(0,%r30)
- xmpyu %fr10L,%fr10R,%fr8
- fldws -16(0,%r30),%fr10R
- fstws %fr8R,-16(0,%r30)
- xmpyu %fr10L,%fr10R,%fr9
- ldw -16(0,%r30),%r8
- fstws %fr9R,-16(0,%r30)
- copy %r8,%r22
- ldw -16(0,%r30),%r8
- extru %r4,15,16,%r24
- copy %r8,%r21
-L$0068
- sub %r3,%r21,%r20
- copy %r20,%r19
- depi 0,31,16,%r19
- comib,<> 0,%r19,L$0069
- zdep %r20,15,16,%r19
- addl %r19,%r24,%r19
- comb,>>= %r19,%r22,L$0069
- sub %r22,%r28,%r22
- sub %r21,%r23,%r21
- bl L$0068,0
- ldo -1(%r29),%r29
-L$0069
- stw %r29,-16(0,%r30)
- fldws -16(0,%r30),%fr10L
- stw %r28,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- xmpyu %fr10L,%fr10R,%fr8
- fstws %fr8R,-16(0,%r30)
- ldw -16(0,%r30),%r8
- stw %r23,-16(0,%r30)
- fldws -16(0,%r30),%fr10R
- copy %r8,%r19
- xmpyu %fr10L,%fr10R,%fr8
- fstws %fr8R,-16(0,%r30)
- extru %r19,15,16,%r20
- ldw -16(0,%r30),%r8
- zdep %r19,15,16,%r19
- addl %r8,%r20,%r20
- comclr,<<= %r19,%r4,0
- addi 1,%r20,%r20
- comb,<<= %r20,%r3,L$0074
- sub %r4,%r19,%r4
- addl %r3,%r5,%r3
- ldo -1(%r29),%r29
-L$0074
- addib,= -1,%r6,L$0064
- sub %r3,%r20,%r3
- zdep %r29,15,16,%r7
- shd %r3,%r4,16,%r3
- bl L$0063,0
- zdep %r4,15,16,%r4
-L$0064
- or %r7,%r29,%r28
-L$0076
- ldw -148(0,%r30),%r2
- ldw -124(0,%r30),%r7
- ldw -120(0,%r30),%r6
- ldw -116(0,%r30),%r5
- ldw -112(0,%r30),%r4
- ldw -108(0,%r30),%r3
- bv 0(%r2)
- ldwm -128(0,%r30),%r8
- .EXIT
- .PROCEND
--- crypto/openssl/crypto/bn/asm/mips1.s
+++ /dev/null
@@ -1,539 +0,0 @@
-/* This assember is for R2000/R3000 machines, or higher ones that do
- * no want to do any 64 bit arithmatic.
- * Make sure that the SSLeay bignum library is compiled with
- * THIRTY_TWO_BIT set.
- * This must either be compiled with the system CC, or, if you use GNU gas,
- * cc -E mips1.s|gas -o mips1.o
- */
- .set reorder
- .set noat
-
-#define R1 $1
-#define CC $2
-#define R2 $3
-#define R3 $8
-#define R4 $9
-#define L1 $10
-#define L2 $11
-#define L3 $12
-#define L4 $13
-#define H1 $14
-#define H2 $15
-#define H3 $24
-#define H4 $25
-
-#define P1 $4
-#define P2 $5
-#define P3 $6
-#define P4 $7
-
- .align 2
- .ent bn_mul_add_words
- .globl bn_mul_add_words
-.text
-bn_mul_add_words:
- .frame $sp,0,$31
- .mask 0x00000000,0
- .fmask 0x00000000,0
-
- #blt P3,4,$lab34
-
- subu R1,P3,4
- move CC,$0
- bltz R1,$lab34
-$lab2:
- lw R1,0(P1)
- lw L1,0(P2)
- lw R2,4(P1)
- lw L2,4(P2)
- lw R3,8(P1)
- lw L3,8(P2)
- lw R4,12(P1)
- lw L4,12(P2)
- multu L1,P4
- addu R1,R1,CC
- mflo L1
- sltu CC,R1,CC
- addu R1,R1,L1
- mfhi H1
- sltu L1,R1,L1
- sw R1,0(P1)
- addu CC,CC,L1
- multu L2,P4
- addu CC,H1,CC
- mflo L2
- addu R2,R2,CC
- sltu CC,R2,CC
- mfhi H2
- addu R2,R2,L2
- addu P2,P2,16
- sltu L2,R2,L2
- sw R2,4(P1)
- addu CC,CC,L2
- multu L3,P4
- addu CC,H2,CC
- mflo L3
- addu R3,R3,CC
- sltu CC,R3,CC
- mfhi H3
- addu R3,R3,L3
- addu P1,P1,16
- sltu L3,R3,L3
- sw R3,-8(P1)
- addu CC,CC,L3
- multu L4,P4
- addu CC,H3,CC
- mflo L4
- addu R4,R4,CC
- sltu CC,R4,CC
- mfhi H4
- addu R4,R4,L4
- subu P3,P3,4
- sltu L4,R4,L4
- addu CC,CC,L4
- addu CC,H4,CC
-
- subu R1,P3,4
- sw R4,-4(P1) # delay slot
- bgez R1,$lab2
-
- bleu P3,0,$lab3
- .align 2
-$lab33:
- lw L1,0(P2)
- lw R1,0(P1)
- multu L1,P4
- addu R1,R1,CC
- sltu CC,R1,CC
- addu P1,P1,4
- mflo L1
- mfhi H1
- addu R1,R1,L1
- addu P2,P2,4
- sltu L1,R1,L1
- subu P3,P3,1
- addu CC,CC,L1
- sw R1,-4(P1)
- addu CC,H1,CC
- bgtz P3,$lab33
- j $31
- .align 2
-$lab3:
- j $31
- .align 2
-$lab34:
- bgt P3,0,$lab33
- j $31
- .end bn_mul_add_words
-
- .align 2
- # Program Unit: bn_mul_words
- .ent bn_mul_words
- .globl bn_mul_words
-.text
-bn_mul_words:
- .frame $sp,0,$31
- .mask 0x00000000,0
- .fmask 0x00000000,0
-
- subu P3,P3,4
- move CC,$0
- bltz P3,$lab45
-$lab44:
- lw L1,0(P2)
- lw L2,4(P2)
- lw L3,8(P2)
- lw L4,12(P2)
- multu L1,P4
- subu P3,P3,4
- mflo L1
- mfhi H1
- addu L1,L1,CC
- multu L2,P4
- sltu CC,L1,CC
- sw L1,0(P1)
- addu CC,H1,CC
- mflo L2
- mfhi H2
- addu L2,L2,CC
- multu L3,P4
- sltu CC,L2,CC
- sw L2,4(P1)
- addu CC,H2,CC
- mflo L3
- mfhi H3
- addu L3,L3,CC
- multu L4,P4
- sltu CC,L3,CC
- sw L3,8(P1)
- addu CC,H3,CC
- mflo L4
- mfhi H4
- addu L4,L4,CC
- addu P1,P1,16
- sltu CC,L4,CC
- addu P2,P2,16
- addu CC,H4,CC
- sw L4,-4(P1)
-
- bgez P3,$lab44
- b $lab45
-$lab46:
- lw L1,0(P2)
- addu P1,P1,4
- multu L1,P4
- addu P2,P2,4
- mflo L1
- mfhi H1
- addu L1,L1,CC
- subu P3,P3,1
- sltu CC,L1,CC
- sw L1,-4(P1)
- addu CC,H1,CC
- bgtz P3,$lab46
- j $31
-$lab45:
- addu P3,P3,4
- bgtz P3,$lab46
- j $31
- .align 2
- .end bn_mul_words
-
- # Program Unit: bn_sqr_words
- .ent bn_sqr_words
- .globl bn_sqr_words
-.text
-bn_sqr_words:
- .frame $sp,0,$31
- .mask 0x00000000,0
- .fmask 0x00000000,0
-
- subu P3,P3,4
- bltz P3,$lab55
-$lab54:
- lw L1,0(P2)
- lw L2,4(P2)
- lw L3,8(P2)
- lw L4,12(P2)
-
- multu L1,L1
- subu P3,P3,4
- mflo L1
- mfhi H1
- sw L1,0(P1)
- sw H1,4(P1)
-
- multu L2,L2
- addu P1,P1,32
- mflo L2
- mfhi H2
- sw L2,-24(P1)
- sw H2,-20(P1)
-
- multu L3,L3
- addu P2,P2,16
- mflo L3
- mfhi H3
- sw L3,-16(P1)
- sw H3,-12(P1)
-
- multu L4,L4
-
- mflo L4
- mfhi H4
- sw L4,-8(P1)
- sw H4,-4(P1)
-
- bgtz P3,$lab54
- b $lab55
-$lab56:
- lw L1,0(P2)
- addu P1,P1,8
- multu L1,L1
- addu P2,P2,4
- subu P3,P3,1
- mflo L1
- mfhi H1
- sw L1,-8(P1)
- sw H1,-4(P1)
-
- bgtz P3,$lab56
- j $31
-$lab55:
- addu P3,P3,4
- bgtz P3,$lab56
- j $31
- .align 2
- .end bn_sqr_words
-
- # Program Unit: bn_add_words
- .ent bn_add_words
- .globl bn_add_words
-.text
-bn_add_words: # 0x590
- .frame $sp,0,$31
- .mask 0x00000000,0
- .fmask 0x00000000,0
-
- subu P4,P4,4
- move CC,$0
- bltz P4,$lab65
-$lab64:
- lw L1,0(P2)
- lw R1,0(P3)
- lw L2,4(P2)
- lw R2,4(P3)
-
- addu L1,L1,CC
- lw L3,8(P2)
- sltu CC,L1,CC
- addu L1,L1,R1
- sltu R1,L1,R1
- lw R3,8(P3)
- addu CC,CC,R1
- lw L4,12(P2)
-
- addu L2,L2,CC
- lw R4,12(P3)
- sltu CC,L2,CC
- addu L2,L2,R2
- sltu R2,L2,R2
- sw L1,0(P1)
- addu CC,CC,R2
- addu P1,P1,16
- addu L3,L3,CC
- sw L2,-12(P1)
-
- sltu CC,L3,CC
- addu L3,L3,R3
- sltu R3,L3,R3
- addu P2,P2,16
- addu CC,CC,R3
-
- addu L4,L4,CC
- addu P3,P3,16
- sltu CC,L4,CC
- addu L4,L4,R4
- subu P4,P4,4
- sltu R4,L4,R4
- sw L3,-8(P1)
- addu CC,CC,R4
- sw L4,-4(P1)
-
- bgtz P4,$lab64
- b $lab65
-$lab66:
- lw L1,0(P2)
- lw R1,0(P3)
- addu L1,L1,CC
- addu P1,P1,4
- sltu CC,L1,CC
- addu P2,P2,4
- addu P3,P3,4
- addu L1,L1,R1
- subu P4,P4,1
- sltu R1,L1,R1
- sw L1,-4(P1)
- addu CC,CC,R1
-
- bgtz P4,$lab66
- j $31
-$lab65:
- addu P4,P4,4
- bgtz P4,$lab66
- j $31
- .end bn_add_words
-
- # Program Unit: bn_div64
- .set at
- .set reorder
- .text
- .align 2
- .globl bn_div64
- # 321 {
- .ent bn_div64 2
-bn_div64:
- subu $sp, 64
- sw $31, 56($sp)
- sw $16, 48($sp)
- .mask 0x80010000, -56
- .frame $sp, 64, $31
- move $9, $4
- move $12, $5
- move $16, $6
- # 322 BN_ULONG dh,dl,q,ret=0,th,tl,t;
- move $31, $0
- # 323 int i,count=2;
- li $13, 2
- # 324
- # 325 if (d == 0) return(BN_MASK2);
- bne $16, 0, $80
- li $2, -1
- b $93
-$80:
- # 326
- # 327 i=BN_num_bits_word(d);
- move $4, $16
- sw $31, 16($sp)
- sw $9, 24($sp)
- sw $12, 32($sp)
- sw $13, 40($sp)
- .livereg 0x800ff0e,0xfff
- jal BN_num_bits_word
- li $4, 32
- lw $31, 16($sp)
- lw $9, 24($sp)
- lw $12, 32($sp)
- lw $13, 40($sp)
- move $3, $2
- # 328 if ((i != BN_BITS2) && (h > (BN_ULONG)1<<i))
- beq $2, $4, $81
- li $14, 1
- sll $15, $14, $2
- bleu $9, $15, $81
- # 329 {
- # 330 #if !defined(NO_STDIO) && !defined(WIN16)
- # 331 fprintf(stderr,"Division would overflow (%d)\n",i);
- # 332 #endif
- # 333 abort();
- sw $3, 8($sp)
- sw $9, 24($sp)
- sw $12, 32($sp)
- sw $13, 40($sp)
- sw $31, 26($sp)
- .livereg 0xff0e,0xfff
- jal abort
- lw $3, 8($sp)
- li $4, 32
- lw $9, 24($sp)
- lw $12, 32($sp)
- lw $13, 40($sp)
- lw $31, 26($sp)
- # 334 }
-$81:
- # 335 i=BN_BITS2-i;
- subu $3, $4, $3
- # 336 if (h >= d) h-=d;
- bltu $9, $16, $82
- subu $9, $9, $16
-$82:
- # 337
- # 338 if (i)
- beq $3, 0, $83
- # 339 {
- # 340 d<<=i;
- sll $16, $16, $3
- # 341 h=(h<<i)|(l>>(BN_BITS2-i));
- sll $24, $9, $3
- subu $25, $4, $3
- srl $14, $12, $25
- or $9, $24, $14
- # 342 l<<=i;
- sll $12, $12, $3
- # 343 }
-$83:
- # 344 dh=(d&BN_MASK2h)>>BN_BITS4;
- # 345 dl=(d&BN_MASK2l);
- and $8, $16, -65536
- srl $8, $8, 16
- and $10, $16, 65535
- li $6, -65536
-$84:
- # 346 for (;;)
- # 347 {
- # 348 if ((h>>BN_BITS4) == dh)
- srl $15, $9, 16
- bne $8, $15, $85
- # 349 q=BN_MASK2l;
- li $5, 65535
- b $86
-$85:
- # 350 else
- # 351 q=h/dh;
- divu $5, $9, $8
-$86:
- # 352
- # 353 for (;;)
- # 354 {
- # 355 t=(h-q*dh);
- mul $4, $5, $8
- subu $2, $9, $4
- move $3, $2
- # 356 if ((t&BN_MASK2h) ||
- # 357 ((dl*q) <= (
- # 358 (t<<BN_BITS4)+
- # 359 ((l&BN_MASK2h)>>BN_BITS4))))
- and $25, $2, $6
- bne $25, $0, $87
- mul $24, $10, $5
- sll $14, $3, 16
- and $15, $12, $6
- srl $25, $15, 16
- addu $15, $14, $25
- bgtu $24, $15, $88
-$87:
- # 360 break;
- mul $3, $10, $5
- b $89
-$88:
- # 361 q--;
- addu $5, $5, -1
- # 362 }
- b $86
-$89:
- # 363 th=q*dh;
- # 364 tl=q*dl;
- # 365 t=(tl>>BN_BITS4);
- # 366 tl=(tl<<BN_BITS4)&BN_MASK2h;
- sll $14, $3, 16
- and $2, $14, $6
- move $11, $2
- # 367 th+=t;
- srl $25, $3, 16
- addu $7, $4, $25
- # 368
- # 369 if (l < tl) th++;
- bgeu $12, $2, $90
- addu $7, $7, 1
-$90:
- # 370 l-=tl;
- subu $12, $12, $11
- # 371 if (h < th)
- bgeu $9, $7, $91
- # 372 {
- # 373 h+=d;
- addu $9, $9, $16
- # 374 q--;
- addu $5, $5, -1
- # 375 }
-$91:
- # 376 h-=th;
- subu $9, $9, $7
- # 377
- # 378 if (--count == 0) break;
- addu $13, $13, -1
- beq $13, 0, $92
- # 379
- # 380 ret=q<<BN_BITS4;
- sll $31, $5, 16
- # 381 h=((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2;
- sll $24, $9, 16
- srl $15, $12, 16
- or $9, $24, $15
- # 382 l=(l&BN_MASK2l)<<BN_BITS4;
- and $12, $12, 65535
- sll $12, $12, 16
- # 383 }
- b $84
-$92:
- # 384 ret|=q;
- or $31, $31, $5
- # 385 return(ret);
- move $2, $31
-$93:
- lw $16, 48($sp)
- lw $31, 56($sp)
- addu $sp, 64
- j $31
- .end bn_div64
-
--- crypto/openssl/crypto/bn/asm/r3000.s
+++ /dev/null
@@ -1,646 +0,0 @@
- .file 1 "../bn_mulw.c"
- .set nobopt
- .option pic2
-
- # GNU C 2.6.3 [AL 1.1, MM 40] SGI running IRIX 5.0 compiled by GNU C
-
- # Cc1 defaults:
- # -mabicalls
-
- # Cc1 arguments (-G value = 0, Cpu = 3000, ISA = 1):
- # -quiet -dumpbase -O2 -o
-
-gcc2_compiled.:
-__gnu_compiled_c:
- .rdata
-
- .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
- .byte 0x6e,0x3a,0x20,0x31,0x2e,0x34,0x39,0x20
- .byte 0x24,0x0
-
- .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
- .byte 0x6e,0x3a,0x20,0x31,0x2e,0x33,0x34,0x20
- .byte 0x24,0x0
-
- .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
- .byte 0x6e,0x3a,0x20,0x31,0x2e,0x35,0x20,0x24
- .byte 0x0
-
- .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
- .byte 0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
- .byte 0x0
-
- .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
- .byte 0x6e,0x3a,0x20,0x31,0x2e,0x32,0x33,0x20
- .byte 0x24,0x0
-
- .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
- .byte 0x6e,0x3a,0x20,0x31,0x2e,0x37,0x38,0x20
- .byte 0x24,0x0
-
- .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
- .byte 0x6e,0x3a,0x20,0x33,0x2e,0x37,0x30,0x20
- .byte 0x24,0x0
-
- .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
- .byte 0x6e,0x3a,0x20,0x31,0x2e,0x32,0x20,0x24
- .byte 0x0
-
- .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
- .byte 0x6e,0x3a,0x20,0x31,0x2e,0x34,0x20,0x24
- .byte 0x0
-
- .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
- .byte 0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
- .byte 0x0
- .text
- .align 2
- .globl bn_mul_add_words
- .ent bn_mul_add_words
-bn_mul_add_words:
- .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
- .mask 0x00000000,0
- .fmask 0x00000000,0
- .set noreorder
- .cpload $25
- .set reorder
- move $12,$4
- move $14,$5
- move $9,$6
- move $13,$7
- move $8,$0
- addu $10,$12,12
- addu $11,$14,12
-$L2:
- lw $6,0($14)
- #nop
- multu $13,$6
- mfhi $6
- mflo $7
- #nop
- move $5,$8
- move $4,$0
- lw $3,0($12)
- addu $9,$9,-1
- move $2,$0
- addu $7,$7,$3
- sltu $8,$7,$3
- addu $6,$6,$2
- addu $6,$6,$8
- addu $7,$7,$5
- sltu $2,$7,$5
- addu $6,$6,$4
- addu $6,$6,$2
- srl $3,$6,0
- move $2,$0
- move $8,$3
- .set noreorder
- .set nomacro
- beq $9,$0,$L3
- sw $7,0($12)
- .set macro
- .set reorder
-
- lw $6,-8($11)
- #nop
- multu $13,$6
- mfhi $6
- mflo $7
- #nop
- move $5,$8
- move $4,$0
- lw $3,-8($10)
- addu $9,$9,-1
- move $2,$0
- addu $7,$7,$3
- sltu $8,$7,$3
- addu $6,$6,$2
- addu $6,$6,$8
- addu $7,$7,$5
- sltu $2,$7,$5
- addu $6,$6,$4
- addu $6,$6,$2
- srl $3,$6,0
- move $2,$0
- move $8,$3
- .set noreorder
- .set nomacro
- beq $9,$0,$L3
- sw $7,-8($10)
- .set macro
- .set reorder
-
- lw $6,-4($11)
- #nop
- multu $13,$6
- mfhi $6
- mflo $7
- #nop
- move $5,$8
- move $4,$0
- lw $3,-4($10)
- addu $9,$9,-1
- move $2,$0
- addu $7,$7,$3
- sltu $8,$7,$3
- addu $6,$6,$2
- addu $6,$6,$8
- addu $7,$7,$5
- sltu $2,$7,$5
- addu $6,$6,$4
- addu $6,$6,$2
- srl $3,$6,0
- move $2,$0
- move $8,$3
- .set noreorder
- .set nomacro
- beq $9,$0,$L3
- sw $7,-4($10)
- .set macro
- .set reorder
-
- lw $6,0($11)
- #nop
- multu $13,$6
- mfhi $6
- mflo $7
- #nop
- move $5,$8
- move $4,$0
- lw $3,0($10)
- addu $9,$9,-1
- move $2,$0
- addu $7,$7,$3
- sltu $8,$7,$3
- addu $6,$6,$2
- addu $6,$6,$8
- addu $7,$7,$5
- sltu $2,$7,$5
- addu $6,$6,$4
- addu $6,$6,$2
- srl $3,$6,0
- move $2,$0
- move $8,$3
- .set noreorder
- .set nomacro
- beq $9,$0,$L3
- sw $7,0($10)
- .set macro
- .set reorder
-
- addu $11,$11,16
- addu $14,$14,16
- addu $10,$10,16
- .set noreorder
- .set nomacro
- j $L2
- addu $12,$12,16
- .set macro
- .set reorder
-
-$L3:
- .set noreorder
- .set nomacro
- j $31
- move $2,$8
- .set macro
- .set reorder
-
- .end bn_mul_add_words
- .align 2
- .globl bn_mul_words
- .ent bn_mul_words
-bn_mul_words:
- .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
- .mask 0x00000000,0
- .fmask 0x00000000,0
- .set noreorder
- .cpload $25
- .set reorder
- move $11,$4
- move $12,$5
- move $8,$6
- move $6,$0
- addu $10,$11,12
- addu $9,$12,12
-$L10:
- lw $4,0($12)
- #nop
- multu $7,$4
- mfhi $4
- mflo $5
- #nop
- move $3,$6
- move $2,$0
- addu $8,$8,-1
- addu $5,$5,$3
- sltu $6,$5,$3
- addu $4,$4,$2
- addu $4,$4,$6
- srl $3,$4,0
- move $2,$0
- move $6,$3
- .set noreorder
- .set nomacro
- beq $8,$0,$L11
- sw $5,0($11)
- .set macro
- .set reorder
-
- lw $4,-8($9)
- #nop
- multu $7,$4
- mfhi $4
- mflo $5
- #nop
- move $3,$6
- move $2,$0
- addu $8,$8,-1
- addu $5,$5,$3
- sltu $6,$5,$3
- addu $4,$4,$2
- addu $4,$4,$6
- srl $3,$4,0
- move $2,$0
- move $6,$3
- .set noreorder
- .set nomacro
- beq $8,$0,$L11
- sw $5,-8($10)
- .set macro
- .set reorder
-
- lw $4,-4($9)
- #nop
- multu $7,$4
- mfhi $4
- mflo $5
- #nop
- move $3,$6
- move $2,$0
- addu $8,$8,-1
- addu $5,$5,$3
- sltu $6,$5,$3
- addu $4,$4,$2
- addu $4,$4,$6
- srl $3,$4,0
- move $2,$0
- move $6,$3
- .set noreorder
- .set nomacro
- beq $8,$0,$L11
- sw $5,-4($10)
- .set macro
- .set reorder
-
- lw $4,0($9)
- #nop
- multu $7,$4
- mfhi $4
- mflo $5
- #nop
- move $3,$6
- move $2,$0
- addu $8,$8,-1
- addu $5,$5,$3
- sltu $6,$5,$3
- addu $4,$4,$2
- addu $4,$4,$6
- srl $3,$4,0
- move $2,$0
- move $6,$3
- .set noreorder
- .set nomacro
- beq $8,$0,$L11
- sw $5,0($10)
- .set macro
- .set reorder
-
- addu $9,$9,16
- addu $12,$12,16
- addu $10,$10,16
- .set noreorder
- .set nomacro
- j $L10
- addu $11,$11,16
- .set macro
- .set reorder
-
-$L11:
- .set noreorder
- .set nomacro
- j $31
- move $2,$6
- .set macro
- .set reorder
-
- .end bn_mul_words
- .align 2
- .globl bn_sqr_words
- .ent bn_sqr_words
-bn_sqr_words:
- .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
- .mask 0x00000000,0
- .fmask 0x00000000,0
- .set noreorder
- .cpload $25
- .set reorder
- move $9,$4
- addu $7,$9,28
- addu $8,$5,12
-$L18:
- lw $2,0($5)
- #nop
- multu $2,$2
- mfhi $2
- mflo $3
- #nop
- addu $6,$6,-1
- sw $3,0($9)
- srl $3,$2,0
- move $2,$0
- .set noreorder
- .set nomacro
- beq $6,$0,$L19
- sw $3,-24($7)
- .set macro
- .set reorder
-
- lw $2,-8($8)
- #nop
- multu $2,$2
- mfhi $2
- mflo $3
- #nop
- addu $6,$6,-1
- sw $3,-20($7)
- srl $3,$2,0
- move $2,$0
- .set noreorder
- .set nomacro
- beq $6,$0,$L19
- sw $3,-16($7)
- .set macro
- .set reorder
-
- lw $2,-4($8)
- #nop
- multu $2,$2
- mfhi $2
- mflo $3
- #nop
- addu $6,$6,-1
- sw $3,-12($7)
- srl $3,$2,0
- move $2,$0
- .set noreorder
- .set nomacro
- beq $6,$0,$L19
- sw $3,-8($7)
- .set macro
- .set reorder
-
- lw $2,0($8)
- #nop
- multu $2,$2
- mfhi $2
- mflo $3
- #nop
- addu $6,$6,-1
- sw $3,-4($7)
- srl $3,$2,0
- move $2,$0
- .set noreorder
- .set nomacro
- beq $6,$0,$L19
- sw $3,0($7)
- .set macro
- .set reorder
-
- addu $8,$8,16
- addu $5,$5,16
- addu $7,$7,32
- .set noreorder
- .set nomacro
- j $L18
- addu $9,$9,32
- .set macro
- .set reorder
-
-$L19:
- j $31
- .end bn_sqr_words
- .rdata
- .align 2
-$LC0:
-
- .byte 0x44,0x69,0x76,0x69,0x73,0x69,0x6f,0x6e
- .byte 0x20,0x77,0x6f,0x75,0x6c,0x64,0x20,0x6f
- .byte 0x76,0x65,0x72,0x66,0x6c,0x6f,0x77,0xa
- .byte 0x0
- .text
- .align 2
- .globl bn_div64
- .ent bn_div64
-bn_div64:
- .frame $sp,56,$31 # vars= 0, regs= 7/0, args= 16, extra= 8
- .mask 0x901f0000,-8
- .fmask 0x00000000,0
- .set noreorder
- .cpload $25
- .set reorder
- subu $sp,$sp,56
- .cprestore 16
- sw $16,24($sp)
- move $16,$4
- sw $17,28($sp)
- move $17,$5
- sw $18,32($sp)
- move $18,$6
- sw $20,40($sp)
- move $20,$0
- sw $19,36($sp)
- li $19,0x00000002 # 2
- sw $31,48($sp)
- .set noreorder
- .set nomacro
- bne $18,$0,$L26
- sw $28,44($sp)
- .set macro
- .set reorder
-
- .set noreorder
- .set nomacro
- j $L43
- li $2,-1 # 0xffffffff
- .set macro
- .set reorder
-
-$L26:
- move $4,$18
- jal BN_num_bits_word
- move $4,$2
- li $2,0x00000020 # 32
- .set noreorder
- .set nomacro
- beq $4,$2,$L27
- li $2,0x00000001 # 1
- .set macro
- .set reorder
-
- sll $2,$2,$4
- sltu $2,$2,$16
- .set noreorder
- .set nomacro
- beq $2,$0,$L44
- li $5,0x00000020 # 32
- .set macro
- .set reorder
-
- la $4,__iob+32
- la $5,$LC0
- jal fprintf
- jal abort
-$L27:
- li $5,0x00000020 # 32
-$L44:
- sltu $2,$16,$18
- .set noreorder
- .set nomacro
- bne $2,$0,$L28
- subu $4,$5,$4
- .set macro
- .set reorder
-
- subu $16,$16,$18
-$L28:
- .set noreorder
- .set nomacro
- beq $4,$0,$L29
- li $10,-65536 # 0xffff0000
- .set macro
- .set reorder
-
- sll $18,$18,$4
- sll $3,$16,$4
- subu $2,$5,$4
- srl $2,$17,$2
- or $16,$3,$2
- sll $17,$17,$4
-$L29:
- srl $7,$18,16
- andi $9,$18,0xffff
-$L30:
- srl $2,$16,16
- .set noreorder
- .set nomacro
- beq $2,$7,$L34
- li $6,0x0000ffff # 65535
- .set macro
- .set reorder
-
- divu $6,$16,$7
-$L34:
- mult $6,$9
- mflo $5
- #nop
- #nop
- mult $6,$7
- and $2,$17,$10
- srl $8,$2,16
- mflo $4
-$L35:
- subu $3,$16,$4
- and $2,$3,$10
- .set noreorder
- .set nomacro
- bne $2,$0,$L36
- sll $2,$3,16
- .set macro
- .set reorder
-
- addu $2,$2,$8
- sltu $2,$2,$5
- .set noreorder
- .set nomacro
- beq $2,$0,$L36
- subu $5,$5,$9
- .set macro
- .set reorder
-
- subu $4,$4,$7
- .set noreorder
- .set nomacro
- j $L35
- addu $6,$6,-1
- .set macro
- .set reorder
-
-$L36:
- mult $6,$7
- mflo $5
- #nop
- #nop
- mult $6,$9
- mflo $4
- #nop
- #nop
- srl $3,$4,16
- sll $2,$4,16
- and $4,$2,$10
- sltu $2,$17,$4
- .set noreorder
- .set nomacro
- beq $2,$0,$L40
- addu $5,$5,$3
- .set macro
- .set reorder
-
- addu $5,$5,1
-$L40:
- sltu $2,$16,$5
- .set noreorder
- .set nomacro
- beq $2,$0,$L41
- subu $17,$17,$4
- .set macro
- .set reorder
-
- addu $16,$16,$18
- addu $6,$6,-1
-$L41:
- addu $19,$19,-1
- .set noreorder
- .set nomacro
- beq $19,$0,$L31
- subu $16,$16,$5
- .set macro
- .set reorder
-
- sll $20,$6,16
- sll $3,$16,16
- srl $2,$17,16
- or $16,$3,$2
- .set noreorder
- .set nomacro
- j $L30
- sll $17,$17,16
- .set macro
- .set reorder
-
-$L31:
- or $2,$20,$6
-$L43:
- lw $31,48($sp)
- lw $20,40($sp)
- lw $19,36($sp)
- lw $18,32($sp)
- lw $17,28($sp)
- lw $16,24($sp)
- addu $sp,$sp,56
- j $31
- .end bn_div64
-
- .globl abort .text
- .globl fprintf .text
- .globl BN_num_bits_word .text
--- crypto/openssl/crypto/bn/asm/alpha/sub.pl
+++ /dev/null
@@ -1,108 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_sub_words
- {
- local($name)=@_;
- local($cc,$a,$b,$r);
-
- &init_pool(4);
- ($cc)=GR("r0");
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $bp=&wparam(2);
- $count=&wparam(3);
-
- &function_begin($name,"");
-
- &comment("");
- &sub($count,4,$count);
- &mov("zero",$cc);
- &blt($count,&label("finish"));
-
- ($a0,$b0)=&NR(2);
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
-
-##########################################################
- &set_label("loop");
-
- ($a1,$tmp,$b1,$a2,$b2,$a3,$b3,$o0)=&NR(8);
- &ld($a1,&QWPw(1,$ap));
- &cmpult($a0,$b0,$tmp); # will we borrow?
- &ld($b1,&QWPw(1,$bp));
- &sub($a0,$b0,$a0); # do the subtract
- &ld($a2,&QWPw(2,$ap));
- &cmpult($a0,$cc,$b0); # will we borrow?
- &ld($b2,&QWPw(2,$bp));
- &sub($a0,$cc,$o0); # will we borrow?
- &ld($a3,&QWPw(3,$ap));
- &add($b0,$tmp,$cc); ($t1,$o1)=&NR(2); &FR($tmp);
-
- &cmpult($a1,$b1,$t1); # will we borrow?
- &sub($a1,$b1,$a1); # do the subtract
- &ld($b3,&QWPw(3,$bp));
- &cmpult($a1,$cc,$b1); # will we borrow?
- &sub($a1,$cc,$o1); # will we borrow?
- &add($b1,$t1,$cc); ($tmp,$o2)=&NR(2); &FR($t1,$a1,$b1);
-
- &cmpult($a2,$b2,$tmp); # will we borrow?
- &sub($a2,$b2,$a2); # do the subtract
- &st($o0,&QWPw(0,$rp)); &FR($o0); # save
- &cmpult($a2,$cc,$b2); # will we borrow?
- &sub($a2,$cc,$o2); # will we borrow?
- &add($b2,$tmp,$cc); ($t3,$o3)=&NR(2); &FR($tmp,$a2,$b2);
-
- &cmpult($a3,$b3,$t3); # will we borrow?
- &sub($a3,$b3,$a3); # do the subtract
- &st($o1,&QWPw(1,$rp)); &FR($o1);
- &cmpult($a3,$cc,$b3); # will we borrow?
- &sub($a3,$cc,$o3); # will we borrow?
- &add($b3,$t3,$cc); &FR($t3,$a3,$b3);
-
- &st($o2,&QWPw(2,$rp)); &FR($o2);
- &sub($count,4,$count); # count-=4
- &st($o3,&QWPw(3,$rp)); &FR($o3);
- &add($ap,4*$QWS,$ap); # count+=4
- &add($bp,4*$QWS,$bp); # count+=4
- &add($rp,4*$QWS,$rp); # count+=4
-
- &blt($count,&label("finish"));
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
- &br(&label("loop"));
-##################################################
- # Do the last 0..3 words
-
- &set_label("last_loop");
-
- &ld($a0,&QWPw(0,$ap)); # get a
- &ld($b0,&QWPw(0,$bp)); # get b
- &cmpult($a0,$b0,$tmp); # will we borrow?
- &sub($a0,$b0,$a0); # do the subtract
- &cmpult($a0,$cc,$b0); # will we borrow?
- &sub($a0,$cc,$a0); # will we borrow?
- &st($a0,&QWPw(0,$rp)); # save
- &add($b0,$tmp,$cc); # add the borrows
-
- &add($ap,$QWS,$ap);
- &add($bp,$QWS,$bp);
- &add($rp,$QWS,$rp);
- &sub($count,1,$count);
- &bgt($count,&label("last_loop"));
- &function_end_A($name);
-
-######################################################
- &set_label("finish");
- &add($count,4,$count);
- &bgt($count,&label("last_loop"));
-
- &FR($a0,$b0);
- &set_label("end");
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha/mul_c8.pl
+++ /dev/null
@@ -1,177 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_mul_comba8
- {
- local($name)=@_;
- local(@a, at b,$r,$c0,$c1,$c2);
-
- $cnt=1;
- &init_pool(3);
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $bp=&wparam(2);
-
- &function_begin($name,"");
-
- &comment("");
-
- &stack_push(2);
- &ld(($a[0])=&NR(1),&QWPw(0,$ap));
- &ld(($b[0])=&NR(1),&QWPw(0,$bp));
- &st($reg_s0,&swtmp(0)); &FR($reg_s0);
- &st($reg_s1,&swtmp(1)); &FR($reg_s1);
- &ld(($a[1])=&NR(1),&QWPw(1,$ap));
- &ld(($b[1])=&NR(1),&QWPw(1,$bp));
- &ld(($a[2])=&NR(1),&QWPw(2,$ap));
- &ld(($b[2])=&NR(1),&QWPw(2,$bp));
- &ld(($a[3])=&NR(1),&QWPw(3,$ap));
- &ld(($b[3])=&NR(1),&QWPw(3,$bp));
- &ld(($a[4])=&NR(1),&QWPw(1,$ap));
- &ld(($b[4])=&NR(1),&QWPw(1,$bp));
- &ld(($a[5])=&NR(1),&QWPw(1,$ap));
- &ld(($b[5])=&NR(1),&QWPw(1,$bp));
- &ld(($a[6])=&NR(1),&QWPw(1,$ap));
- &ld(($b[6])=&NR(1),&QWPw(1,$bp));
- &ld(($a[7])=&NR(1),&QWPw(1,$ap)); &FR($ap);
- &ld(($b[7])=&NR(1),&QWPw(1,$bp)); &FR($bp);
-
- ($c0,$c1,$c2)=&NR(3);
- &mov("zero",$c2);
- &mul($a[0],$b[0],$c0);
- &muh($a[0],$b[0],$c1);
- &st($c0,&QWPw(0,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(1,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(2,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(3,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(4,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(5,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(6,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[7],$c0,$c1,$c2); &FR($a[0]);
- &mul_add_c($a[1],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[0],$c0,$c1,$c2); &FR($b[0]);
- &st($c0,&QWPw(7,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[1],$b[7],$c0,$c1,$c2); &FR($a[1]);
- &mul_add_c($a[2],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[1],$c0,$c1,$c2); &FR($b[1]);
- &st($c0,&QWPw(8,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[2],$b[7],$c0,$c1,$c2); &FR($a[2]);
- &mul_add_c($a[3],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[2],$c0,$c1,$c2); &FR($b[2]);
- &st($c0,&QWPw(9,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[3],$b[7],$c0,$c1,$c2); &FR($a[3]);
- &mul_add_c($a[4],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[3],$c0,$c1,$c2); &FR($b[3]);
- &st($c0,&QWPw(10,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[4],$b[7],$c0,$c1,$c2); &FR($a[4]);
- &mul_add_c($a[5],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[4],$c0,$c1,$c2); &FR($b[4]);
- &st($c0,&QWPw(11,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[5],$b[7],$c0,$c1,$c2); &FR($a[5]);
- &mul_add_c($a[6],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[5],$c0,$c1,$c2); &FR($b[5]);
- &st($c0,&QWPw(12,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[6],$b[7],$c0,$c1,$c2); &FR($a[6]);
- &mul_add_c($a[7],$b[6],$c0,$c1,$c2); &FR($b[6]);
- &st($c0,&QWPw(13,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[7],$b[7],$c0,$c1,$c2); &FR($a[7],$b[7]);
- &st($c0,&QWPw(14,$rp));
- &st($c1,&QWPw(15,$rp));
-
- &FR($c0,$c1,$c2);
-
- &ld($reg_s0,&swtmp(0));
- &ld($reg_s1,&swtmp(1));
- &stack_pop(2);
-
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha/mul_c4.pl
+++ /dev/null
@@ -1,215 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-# upto
-
-sub mul_add_c
- {
- local($a,$b,$c0,$c1,$c2)=@_;
- local($l1,$h1,$t1,$t2);
-
- &mul($a,$b,($l1)=&NR(1));
- &muh($a,$b,($h1)=&NR(1));
- &add($c0,$l1,$c0);
- &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1);
- &add($t1,$h1,$h1); &FR($t1);
- &add($c1,$h1,$c1);
- &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1);
- &add($c2,$t2,$c2); &FR($t2);
- }
-
-sub bn_mul_comba4
- {
- local($name)=@_;
- local(@a, at b,$r,$c0,$c1,$c2);
-
- $cnt=1;
- &init_pool(3);
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $bp=&wparam(2);
-
- &function_begin($name,"");
-
- &comment("");
-
- &ld(($a[0])=&NR(1),&QWPw(0,$ap));
- &ld(($b[0])=&NR(1),&QWPw(0,$bp));
- &ld(($a[1])=&NR(1),&QWPw(1,$ap));
- &ld(($b[1])=&NR(1),&QWPw(1,$bp));
- &mul($a[0],$b[0],($r00)=&NR(1));
- &ld(($a[2])=&NR(1),&QWPw(2,$ap));
- &ld(($b[2])=&NR(1),&QWPw(2,$bp));
- &muh($a[0],$b[0],($r01)=&NR(1));
- &FR($ap); &ld(($a[3])=&NR(1),&QWPw(3,$ap));
- &FR($bp); &ld(($b[3])=&NR(1),&QWPw(3,$bp));
- &mul($a[0],$b[1],($r02)=&NR(1));
-
- ($R,$H1,$H2)=&NR(3);
-
- &st($r00,&QWPw(0,$rp)); &FR($r00);
-
- &mov("zero",$R);
- &mul($a[1],$b[0],($r03)=&NR(1));
-
- &mov("zero",$H1);
- &mov("zero",$H0);
- &add($R,$r01,$R);
- &muh($a[0],$b[1],($r04)=&NR(1));
- &cmpult($R,$r01,($t01)=&NR(1)); &FR($r01);
- &add($R,$r02,$R);
- &add($H1,$t01,$H1) &FR($t01);
- &muh($a[1],$b[0],($r05)=&NR(1));
- &cmpult($R,$r02,($t02)=&NR(1)); &FR($r02);
- &add($R,$r03,$R);
- &add($H2,$t02,$H2) &FR($t02);
- &mul($a[0],$b[2],($r06)=&NR(1));
- &cmpult($R,$r03,($t03)=&NR(1)); &FR($r03);
- &add($H1,$t03,$H1) &FR($t03);
- &st($R,&QWPw(1,$rp));
- &add($H1,$H2,$R);
-
- &mov("zero",$H1);
- &add($R,$r04,$R);
- &mov("zero",$H2);
- &mul($a[1],$b[1],($r07)=&NR(1));
- &cmpult($R,$r04,($t04)=&NR(1)); &FR($r04);
- &add($R,$r05,$R);
- &add($H1,$t04,$H1) &FR($t04);
- &mul($a[2],$b[0],($r08)=&NR(1));
- &cmpult($R,$r05,($t05)=&NR(1)); &FR($r05);
- &add($R,$r01,$R);
- &add($H2,$t05,$H2) &FR($t05);
- &muh($a[0],$b[2],($r09)=&NR(1));
- &cmpult($R,$r06,($t06)=&NR(1)); &FR($r06);
- &add($R,$r07,$R);
- &add($H1,$t06,$H1) &FR($t06);
- &muh($a[1],$b[1],($r10)=&NR(1));
- &cmpult($R,$r07,($t07)=&NR(1)); &FR($r07);
- &add($R,$r08,$R);
- &add($H2,$t07,$H2) &FR($t07);
- &muh($a[2],$b[0],($r11)=&NR(1));
- &cmpult($R,$r08,($t08)=&NR(1)); &FR($r08);
- &add($H1,$t08,$H1) &FR($t08);
- &st($R,&QWPw(2,$rp));
- &add($H1,$H2,$R);
-
- &mov("zero",$H1);
- &add($R,$r09,$R);
- &mov("zero",$H2);
- &mul($a[0],$b[3],($r12)=&NR(1));
- &cmpult($R,$r09,($t09)=&NR(1)); &FR($r09);
- &add($R,$r10,$R);
- &add($H1,$t09,$H1) &FR($t09);
- &mul($a[1],$b[2],($r13)=&NR(1));
- &cmpult($R,$r10,($t10)=&NR(1)); &FR($r10);
- &add($R,$r11,$R);
- &add($H1,$t10,$H1) &FR($t10);
- &mul($a[2],$b[1],($r14)=&NR(1));
- &cmpult($R,$r11,($t11)=&NR(1)); &FR($r11);
- &add($R,$r12,$R);
- &add($H1,$t11,$H1) &FR($t11);
- &mul($a[3],$b[0],($r15)=&NR(1));
- &cmpult($R,$r12,($t12)=&NR(1)); &FR($r12);
- &add($R,$r13,$R);
- &add($H1,$t12,$H1) &FR($t12);
- &muh($a[0],$b[3],($r16)=&NR(1));
- &cmpult($R,$r13,($t13)=&NR(1)); &FR($r13);
- &add($R,$r14,$R);
- &add($H1,$t13,$H1) &FR($t13);
- &muh($a[1],$b[2],($r17)=&NR(1));
- &cmpult($R,$r14,($t14)=&NR(1)); &FR($r14);
- &add($R,$r15,$R);
- &add($H1,$t14,$H1) &FR($t14);
- &muh($a[2],$b[1],($r18)=&NR(1));
- &cmpult($R,$r15,($t15)=&NR(1)); &FR($r15);
- &add($H1,$t15,$H1) &FR($t15);
- &st($R,&QWPw(3,$rp));
- &add($H1,$H2,$R);
-
- &mov("zero",$H1);
- &add($R,$r16,$R);
- &mov("zero",$H2);
- &muh($a[3],$b[0],($r19)=&NR(1));
- &cmpult($R,$r16,($t16)=&NR(1)); &FR($r16);
- &add($R,$r17,$R);
- &add($H1,$t16,$H1) &FR($t16);
- &mul($a[1],$b[3],($r20)=&NR(1));
- &cmpult($R,$r17,($t17)=&NR(1)); &FR($r17);
- &add($R,$r18,$R);
- &add($H1,$t17,$H1) &FR($t17);
- &mul($a[2],$b[2],($r21)=&NR(1));
- &cmpult($R,$r18,($t18)=&NR(1)); &FR($r18);
- &add($R,$r19,$R);
- &add($H1,$t18,$H1) &FR($t18);
- &mul($a[3],$b[1],($r22)=&NR(1));
- &cmpult($R,$r19,($t19)=&NR(1)); &FR($r19);
- &add($R,$r20,$R);
- &add($H1,$t19,$H1) &FR($t19);
- &muh($a[1],$b[3],($r23)=&NR(1));
- &cmpult($R,$r20,($t20)=&NR(1)); &FR($r20);
- &add($R,$r21,$R);
- &add($H1,$t20,$H1) &FR($t20);
- &muh($a[2],$b[2],($r24)=&NR(1));
- &cmpult($R,$r21,($t21)=&NR(1)); &FR($r21);
- &add($R,$r22,$R);
- &add($H1,$t21,$H1) &FR($t21);
- &muh($a[3],$b[1],($r25)=&NR(1));
- &cmpult($R,$r22,($t22)=&NR(1)); &FR($r22);
- &add($H1,$t22,$H1) &FR($t22);
- &st($R,&QWPw(4,$rp));
- &add($H1,$H2,$R);
-
- &mov("zero",$H1);
- &add($R,$r23,$R);
- &mov("zero",$H2);
- &mul($a[2],$b[3],($r26)=&NR(1));
- &cmpult($R,$r23,($t23)=&NR(1)); &FR($r23);
- &add($R,$r24,$R);
- &add($H1,$t23,$H1) &FR($t23);
- &mul($a[3],$b[2],($r27)=&NR(1));
- &cmpult($R,$r24,($t24)=&NR(1)); &FR($r24);
- &add($R,$r25,$R);
- &add($H1,$t24,$H1) &FR($t24);
- &muh($a[2],$b[3],($r28)=&NR(1));
- &cmpult($R,$r25,($t25)=&NR(1)); &FR($r25);
- &add($R,$r26,$R);
- &add($H1,$t25,$H1) &FR($t25);
- &muh($a[3],$b[2],($r29)=&NR(1));
- &cmpult($R,$r26,($t26)=&NR(1)); &FR($r26);
- &add($R,$r27,$R);
- &add($H1,$t26,$H1) &FR($t26);
- &mul($a[3],$b[3],($r30)=&NR(1));
- &cmpult($R,$r27,($t27)=&NR(1)); &FR($r27);
- &add($H1,$t27,$H1) &FR($t27);
- &st($R,&QWPw(5,$rp));
- &add($H1,$H2,$R);
-
- &mov("zero",$H1);
- &add($R,$r28,$R);
- &mov("zero",$H2);
- &muh($a[3],$b[3],($r31)=&NR(1));
- &cmpult($R,$r28,($t28)=&NR(1)); &FR($r28);
- &add($R,$r29,$R);
- &add($H1,$t28,$H1) &FR($t28);
- ############
- &cmpult($R,$r29,($t29)=&NR(1)); &FR($r29);
- &add($R,$r30,$R);
- &add($H1,$t29,$H1) &FR($t29);
- ############
- &cmpult($R,$r30,($t30)=&NR(1)); &FR($r30);
- &add($H1,$t30,$H1) &FR($t30);
- &st($R,&QWPw(6,$rp));
- &add($H1,$H2,$R);
-
- &add($R,$r31,$R); &FR($r31);
- &st($R,&QWPw(7,$rp));
-
- &FR($R,$H1,$H2);
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha/sqr_c8.pl
+++ /dev/null
@@ -1,132 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_sqr_comba8
- {
- local($name)=@_;
- local(@a, at b,$r,$c0,$c1,$c2);
-
- $cnt=1;
- &init_pool(2);
-
- $rp=&wparam(0);
- $ap=&wparam(1);
-
- &function_begin($name,"");
-
- &comment("");
-
- &ld(($a[0])=&NR(1),&QWPw(0,$ap));
- &ld(($a[1])=&NR(1),&QWPw(1,$ap));
- &ld(($a[2])=&NR(1),&QWPw(2,$ap));
- &ld(($a[3])=&NR(1),&QWPw(3,$ap));
- &ld(($a[4])=&NR(1),&QWPw(4,$ap));
- &ld(($a[5])=&NR(1),&QWPw(5,$ap));
- &ld(($a[6])=&NR(1),&QWPw(6,$ap));
- &ld(($a[7])=&NR(1),&QWPw(7,$ap)); &FR($ap);
-
- ($c0,$c1,$c2)=&NR(3);
-
- &mov("zero",$c2);
- &mul($a[0],$a[0],$c0);
- &muh($a[0],$a[0],$c1);
- &st($c0,&QWPw(0,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[1],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(1,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(2,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(3,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[4],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(4,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[4],$a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[5],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(5,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[3],$c0,$c1,$c2);
- &sqr_add_c2($a[4],$a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[5],$a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[6],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(6,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[4],$a[3],$c0,$c1,$c2);
- &sqr_add_c2($a[5],$a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[6],$a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(7,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[4],$c0,$c1,$c2);
- &sqr_add_c2($a[5],$a[3],$c0,$c1,$c2);
- &sqr_add_c2($a[6],$a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[1],$c0,$c1,$c2);
- &st($c0,&QWPw(8,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[5],$a[4],$c0,$c1,$c2);
- &sqr_add_c2($a[6],$a[3],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[2],$c0,$c1,$c2);
- &st($c0,&QWPw(9,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[5],$c0,$c1,$c2);
- &sqr_add_c2($a[6],$a[4],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[3],$c0,$c1,$c2);
- &st($c0,&QWPw(10,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[6],$a[5],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[4],$c0,$c1,$c2);
- &st($c0,&QWPw(11,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[6],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[5],$c0,$c1,$c2);
- &st($c0,&QWPw(12,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[7],$a[6],$c0,$c1,$c2);
- &st($c0,&QWPw(13,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[7],$c0,$c1,$c2);
- &st($c0,&QWPw(14,$rp));
- &st($c1,&QWPw(15,$rp));
-
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha/mul_c4.works.pl
+++ /dev/null
@@ -1,98 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub mul_add_c
- {
- local($a,$b,$c0,$c1,$c2)=@_;
- local($l1,$h1,$t1,$t2);
-
-print STDERR "count=$cnt\n"; $cnt++;
- &mul($a,$b,($l1)=&NR(1));
- &muh($a,$b,($h1)=&NR(1));
- &add($c0,$l1,$c0);
- &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1);
- &add($t1,$h1,$h1); &FR($t1);
- &add($c1,$h1,$c1);
- &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1);
- &add($c2,$t2,$c2); &FR($t2);
- }
-
-sub bn_mul_comba4
- {
- local($name)=@_;
- local(@a, at b,$r,$c0,$c1,$c2);
-
- $cnt=1;
- &init_pool(3);
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $bp=&wparam(2);
-
- &function_begin($name,"");
-
- &comment("");
-
- &ld(($a[0])=&NR(1),&QWPw(0,$ap));
- &ld(($b[0])=&NR(1),&QWPw(0,$bp));
- &ld(($a[1])=&NR(1),&QWPw(1,$ap));
- &ld(($b[1])=&NR(1),&QWPw(1,$bp));
- &ld(($a[2])=&NR(1),&QWPw(2,$ap));
- &ld(($b[2])=&NR(1),&QWPw(2,$bp));
- &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap);
- &ld(($b[3])=&NR(1),&QWPw(3,$bp)); &FR($bp);
-
- ($c0,$c1,$c2)=&NR(3);
- &mov("zero",$c2);
- &mul($a[0],$b[0],$c0);
- &muh($a[0],$b[0],$c1);
- &st($c0,&QWPw(0,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(1,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[1],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[0],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(2,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[3],$c0,$c1,$c2); &FR($a[0]);
- &mul_add_c($a[1],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[0],$c0,$c1,$c2); &FR($b[0]);
- &st($c0,&QWPw(3,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[1],$b[3],$c0,$c1,$c2); &FR($a[1]);
- &mul_add_c($a[2],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[1],$c0,$c1,$c2); &FR($b[1]);
- &st($c0,&QWPw(4,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[2],$b[3],$c0,$c1,$c2); &FR($a[2]);
- &mul_add_c($a[3],$b[2],$c0,$c1,$c2); &FR($b[2]);
- &st($c0,&QWPw(5,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[3],$b[3],$c0,$c1,$c2); &FR($a[3],$b[3]);
- &st($c0,&QWPw(6,$rp));
- &st($c1,&QWPw(7,$rp));
-
- &FR($c0,$c1,$c2);
-
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha/add.pl
+++ /dev/null
@@ -1,118 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_add_words
- {
- local($name)=@_;
- local($cc,$a,$b,$r);
-
- &init_pool(4);
- ($cc)=GR("r0");
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $bp=&wparam(2);
- $count=&wparam(3);
-
- &function_begin($name,"");
-
- &comment("");
- &sub($count,4,$count);
- &mov("zero",$cc);
- &blt($count,&label("finish"));
-
- ($a0,$b0)=&NR(2);
-
-##########################################################
- &set_label("loop");
-
- &ld(($a0)=&NR(1),&QWPw(0,$ap));
- &ld(($b0)=&NR(1),&QWPw(0,$bp));
- &ld(($a1)=&NR(1),&QWPw(1,$ap));
- &ld(($b1)=&NR(1),&QWPw(1,$bp));
-
- ($o0,$t0)=&NR(2);
- &add($a0,$b0,$o0);
- &ld(($a2)=&NR(1),&QWPw(2,$ap));
- &cmpult($o0,$b0,$t0);
- &add($o0,$cc,$o0);
- &cmpult($o0,$cc,$cc);
- &ld(($b2)=&NR(1),&QWPw(2,$bp));
- &add($cc,$t0,$cc); &FR($t0);
-
- ($t1,$o1)=&NR(2);
-
- &add($a1,$b1,$o1); &FR($a1);
- &cmpult($o1,$b1,$t1); &FR($b1);
- &add($o1,$cc,$o1);
- &cmpult($o1,$cc,$cc);
- &ld(($a3)=&NR(1),&QWPw(3,$ap));
- &add($cc,$t1,$cc); &FR($t1);
-
- ($t2,$o2)=&NR(2);
-
- &add($a2,$b2,$o2); &FR($a2);
- &cmpult($o2,$b2,$t2); &FR($b2);
- &add($o2,$cc,$o2);
- &cmpult($o2,$cc,$cc);
- &ld(($b3)=&NR(1),&QWPw(3,$bp));
- &st($o0,&QWPw(0,$rp)); &FR($o0);
- &add($cc,$t2,$cc); &FR($t2);
-
- ($t3,$o3)=&NR(2);
-
- &st($o1,&QWPw(0,$rp)); &FR($o1);
- &add($a3,$b3,$o3); &FR($a3);
- &cmpult($o3,$b3,$t3); &FR($b3);
- &add($o3,$cc,$o3);
- &st($o2,&QWPw(0,$rp)); &FR($o2);
- &cmpult($o3,$cc,$cc);
- &st($o3,&QWPw(0,$rp)); &FR($o3);
- &add($cc,$t3,$cc); &FR($t3);
-
-
- &sub($count,4,$count); # count-=4
- &add($ap,4*$QWS,$ap); # count+=4
- &add($bp,4*$QWS,$bp); # count+=4
- &add($rp,4*$QWS,$rp); # count+=4
-
- ###
- &bge($count,&label("loop"));
- ###
- &br(&label("finish"));
-##################################################
- # Do the last 0..3 words
-
- ($t0,$o0)=&NR(2);
- &set_label("last_loop");
-
- &ld($a0,&QWPw(0,$ap)); # get a
- &ld($b0,&QWPw(0,$bp)); # get b
- &add($ap,$QWS,$ap);
- &add($bp,$QWS,$bp);
- &add($a0,$b0,$o0);
- &sub($count,1,$count);
- &cmpult($o0,$b0,$t0); # will we borrow?
- &add($o0,$cc,$o0); # will we borrow?
- &cmpult($o0,$cc,$cc); # will we borrow?
- &add($rp,$QWS,$rp);
- &st($o0,&QWPw(-1,$rp)); # save
- &add($cc,$t0,$cc); # add the borrows
-
- ###
- &bgt($count,&label("last_loop"));
- &function_end_A($name);
-
-######################################################
- &set_label("finish");
- &add($count,4,$count);
- &bgt($count,&label("last_loop"));
-
- &FR($o0,$t0,$a0,$b0);
- &set_label("end");
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha/mul_add.pl
+++ /dev/null
@@ -1,123 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_mul_add_words
- {
- local($name)=@_;
- local($cc,$a,$b,$r,$couny);
-
- &init_pool(4);
- ($cc)=GR("r0");
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $count=&wparam(2);
- $word=&wparam(3);
-
- &function_begin($name,"");
-
- &comment("");
- &sub($count,4,$count);
- &mov("zero",$cc);
- ###
- &blt($count,&label("finish"));
-
- &ld(($a0)=&NR(1),&QWPw(0,$ap));
-
-$a=<<'EOF';
-##########################################################
- &set_label("loop");
-
- &ld(($r0)=&NR(1),&QWPw(0,$rp));
- &ld(($a1)=&NR(1),&QWPw(1,$ap));
- &muh($a0,$word,($h0)=&NR(1));
- &ld(($r1)=&NR(1),&QWPw(1,$rp));
- &ld(($a2)=&NR(1),&QWPw(2,$ap));
- ###
- &mul($a0,$word,($l0)=&NR(1)); &FR($a0);
- &ld(($r2)=&NR(1),&QWPw(2,$rp));
- &muh($a1,$word,($h1)=&NR(1));
- &ld(($a3)=&NR(1),&QWPw(3,$ap));
- &mul($a1,$word,($l1)=&NR(1)); &FR($a1);
- &ld(($r3)=&NR(1),&QWPw(3,$rp));
- &add($r0,$l0,$r0);
- &add($r1,$l1,$r1);
- &cmpult($r0,$l0,($t0)=&NR(1)); &FR($l0);
- &cmpult($r1,$l1,($t1)=&NR(1)); &FR($l1);
- &muh($a2,$word,($h2)=&NR(1));
- &add($r0,$cc,$r0);
- &add($h0,$t0,$h0); &FR($t0);
- &cmpult($r0,$cc,$cc);
- &add($h1,$t1,$h1); &FR($t1);
- &add($h0,$cc,$cc); &FR($h0);
- &mul($a2,$word,($l2)=&NR(1)); &FR($a2);
- &add($r1,$cc,$r1);
- &cmpult($r1,$cc,$cc);
- &add($r2,$l2,$r2);
- &add($h1,$cc,$cc); &FR($h1);
- &cmpult($r2,$l2,($t2)=&NR(1)); &FR($l2);
- &muh($a3,$word,($h3)=&NR(1));
- &add($r2,$cc,$r2);
- &st($r0,&QWPw(0,$rp)); &FR($r0);
- &add($h2,$t2,$h2); &FR($t2);
- &st($r1,&QWPw(1,$rp)); &FR($r1);
- &cmpult($r2,$cc,$cc);
- &mul($a3,$word,($l3)=&NR(1)); &FR($a3);
- &add($h2,$cc,$cc); &FR($h2);
- &st($r2,&QWPw(2,$rp)); &FR($r2);
- &sub($count,4,$count); # count-=4
- &add($rp,4*$QWS,$rp); # count+=4
- &add($r3,$l3,$r3);
- &add($ap,4*$QWS,$ap); # count+=4
- &cmpult($r3,$l3,($t3)=&NR(1)); &FR($l3);
- &add($r3,$cc,$r3);
- &add($h3,$t3,$h3); &FR($t3);
- &cmpult($r3,$cc,$cc);
- &st($r3,&QWPw(-1,$rp)); &FR($r3);
- &add($h3,$cc,$cc); &FR($h3);
-
- ###
- &blt($count,&label("finish"));
- &ld(($a0)=&NR(1),&QWPw(0,$ap));
- &br(&label("loop"));
-EOF
-##################################################
- # Do the last 0..3 words
-
- &set_label("last_loop");
-
- &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
- &ld(($r0)=&NR(1),&QWPw(0,$rp)); # get b
- ###
- ###
- &muh($a0,$word,($h0)=&NR(1)); &FR($a0);
- ### wait 8
- &mul($a0,$word,($l0)=&NR(1)); &FR($a0);
- &add($rp,$QWS,$rp);
- &add($ap,$QWS,$ap);
- &sub($count,1,$count);
- ### wait 3 until l0 is available
- &add($r0,$l0,$r0);
- ###
- &cmpult($r0,$l0,($t0)=&NR(1)); &FR($l0);
- &add($r0,$cc,$r0);
- &add($h0,$t0,$h0); &FR($t0);
- &cmpult($r0,$cc,$cc);
- &add($h0,$cc,$cc); &FR($h0);
-
- &st($r0,&QWPw(-1,$rp)); &FR($r0);
- &bgt($count,&label("last_loop"));
- &function_end_A($name);
-
-######################################################
- &set_label("finish");
- &add($count,4,$count);
- &bgt($count,&label("last_loop"));
-
- &set_label("end");
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha/div.pl
+++ /dev/null
@@ -1,144 +0,0 @@
-#!/usr/local/bin/perl
-
-sub bn_div_words
- {
- local($data)=<<'EOF';
- #
- # What follows was taken directly from the C compiler with a few
- # hacks to redo the lables.
- #
-.text
- .set noreorder
- .set volatile
- .align 3
- .globl bn_div_words
- .ent bn_div_words
-bn_div_words
- ldgp $29,0($27)
-bn_div_words.ng:
- lda $30,-48($30)
- .frame $30,48,$26,0
- stq $26,0($30)
- stq $9,8($30)
- stq $10,16($30)
- stq $11,24($30)
- stq $12,32($30)
- stq $13,40($30)
- .mask 0x4003e00,-48
- .prologue 1
- bis $16,$16,$9
- bis $17,$17,$10
- bis $18,$18,$11
- bis $31,$31,$13
- bis $31,2,$12
- bne $11,$9119
- lda $0,-1
- br $31,$9136
- .align 4
-$9119:
- bis $11,$11,$16
- jsr $26,BN_num_bits_word
- ldgp $29,0($26)
- subq $0,64,$1
- beq $1,$9120
- bis $31,1,$1
- sll $1,$0,$1
- cmpule $9,$1,$1
- bne $1,$9120
- # lda $16,_IO_stderr_
- # lda $17,$C32
- # bis $0,$0,$18
- # jsr $26,fprintf
- # ldgp $29,0($26)
- jsr $26,abort
- ldgp $29,0($26)
- .align 4
-$9120:
- bis $31,64,$3
- cmpult $9,$11,$2
- subq $3,$0,$1
- addl $1,$31,$0
- subq $9,$11,$1
- cmoveq $2,$1,$9
- beq $0,$9122
- zapnot $0,15,$2
- subq $3,$0,$1
- sll $11,$2,$11
- sll $9,$2,$3
- srl $10,$1,$1
- sll $10,$2,$10
- bis $3,$1,$9
-$9122:
- srl $11,32,$5
- zapnot $11,15,$6
- lda $7,-1
- .align 5
-$9123:
- srl $9,32,$1
- subq $1,$5,$1
- bne $1,$9126
- zapnot $7,15,$27
- br $31,$9127
- .align 4
-$9126:
- bis $9,$9,$24
- bis $5,$5,$25
- divqu $24,$25,$27
-$9127:
- srl $10,32,$4
- .align 5
-$9128:
- mulq $27,$5,$1
- subq $9,$1,$3
- zapnot $3,240,$1
- bne $1,$9129
- mulq $6,$27,$2
- sll $3,32,$1
- addq $1,$4,$1
- cmpule $2,$1,$2
- bne $2,$9129
- subq $27,1,$27
- br $31,$9128
- .align 4
-$9129:
- mulq $27,$6,$1
- mulq $27,$5,$4
- srl $1,32,$3
- sll $1,32,$1
- addq $4,$3,$4
- cmpult $10,$1,$2
- subq $10,$1,$10
- addq $2,$4,$2
- cmpult $9,$2,$1
- bis $2,$2,$4
- beq $1,$9134
- addq $9,$11,$9
- subq $27,1,$27
-$9134:
- subl $12,1,$12
- subq $9,$4,$9
- beq $12,$9124
- sll $27,32,$13
- sll $9,32,$2
- srl $10,32,$1
- sll $10,32,$10
- bis $2,$1,$9
- br $31,$9123
- .align 4
-$9124:
- bis $13,$27,$0
-$9136:
- ldq $26,0($30)
- ldq $9,8($30)
- ldq $10,16($30)
- ldq $11,24($30)
- ldq $12,32($30)
- ldq $13,40($30)
- addq $30,48,$30
- ret $31,($26),1
- .end bn_div_words
-EOF
- &asm_add($data);
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha/mul.pl
+++ /dev/null
@@ -1,104 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_mul_words
- {
- local($name)=@_;
- local($cc,$a,$b,$r,$couny);
-
- &init_pool(4);
- ($cc)=GR("r0");
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $count=&wparam(2);
- $word=&wparam(3);
-
- &function_begin($name,"");
-
- &comment("");
- &sub($count,4,$count);
- &mov("zero",$cc);
- ###
- &blt($count,&label("finish"));
-
- ($a0)=&NR(1); &ld($a0,&QWPw(0,$ap));
-
- &set_label("loop");
-
- ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
- ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
-
- &muh($a0,$word,($h0)=&NR(1)); &FR($a0);
- ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
- ### wait 8
- &mul($a0,$word,($l0)=&NR(1)); &FR($a0);
- ### wait 8
- &muh($a1,$word,($h1)=&NR(1)); &FR($a1);
- &add($l0,$cc,$l0); ### wait 8
- &mul($a1,$word,($l1)=&NR(1)); &FR($a1);
- &cmpult($l0,$cc,$cc); ### wait 8
- &muh($a2,$word,($h2)=&NR(1)); &FR($a2);
- &add($h0,$cc,$cc); &FR($h0); ### wait 8
- &mul($a2,$word,($l2)=&NR(1)); &FR($a2);
- &add($l1,$cc,$l1); ### wait 8
- &st($l0,&QWPw(0,$rp)); &FR($l0);
- &cmpult($l1,$cc,$cc); ### wait 8
- &muh($a3,$word,($h3)=&NR(1)); &FR($a3);
- &add($h1,$cc,$cc); &FR($h1);
- &mul($a3,$word,($l3)=&NR(1)); &FR($a3);
- &add($l2,$cc,$l2);
- &st($l1,&QWPw(1,$rp)); &FR($l1);
- &cmpult($l2,$cc,$cc);
- &add($h2,$cc,$cc); &FR($h2);
- &sub($count,4,$count); # count-=4
- &st($l2,&QWPw(2,$rp)); &FR($l2);
- &add($l3,$cc,$l3);
- &cmpult($l3,$cc,$cc);
- &add($bp,4*$QWS,$bp); # count+=4
- &add($h3,$cc,$cc); &FR($h3);
- &add($ap,4*$QWS,$ap); # count+=4
- &st($l3,&QWPw(3,$rp)); &FR($l3);
- &add($rp,4*$QWS,$rp); # count+=4
- ###
- &blt($count,&label("finish"));
- ($a0)=&NR(1); &ld($a0,&QWPw(0,$ap));
- &br(&label("finish"));
-##################################################
-
-##################################################
- # Do the last 0..3 words
-
- &set_label("last_loop");
-
- &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
- ###
- ###
- ###
- &muh($a0,$word,($h0)=&NR(1));
- ### Wait 8 for next mul issue
- &mul($a0,$word,($l0)=&NR(1)); &FR($a0)
- &add($ap,$QWS,$ap);
- ### Loose 12 until result is available
- &add($rp,$QWS,$rp);
- &sub($count,1,$count);
- &add($l0,$cc,$l0);
- ###
- &st($l0,&QWPw(-1,$rp)); &FR($l0);
- &cmpult($l0,$cc,$cc);
- &add($h0,$cc,$cc); &FR($h0);
- &bgt($count,&label("last_loop"));
- &function_end_A($name);
-
-######################################################
- &set_label("finish");
- &add($count,4,$count);
- &bgt($count,&label("last_loop"));
-
- &set_label("end");
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha/sqr_c4.pl
+++ /dev/null
@@ -1,109 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub sqr_add_c
- {
- local($a,$c0,$c1,$c2)=@_;
- local($l1,$h1,$t1,$t2);
-
- &mul($a,$a,($l1)=&NR(1));
- &muh($a,$a,($h1)=&NR(1));
- &add($c0,$l1,$c0);
- &add($c1,$h1,$c1);
- &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1);
- &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1);
- &add($c1,$t1,$c1); &FR($t1);
- &add($c2,$t2,$c2); &FR($t2);
- }
-
-sub sqr_add_c2
- {
- local($a,$b,$c0,$c1,$c2)=@_;
- local($l1,$h1,$t1,$t2);
-
- &mul($a,$b,($l1)=&NR(1));
- &muh($a,$b,($h1)=&NR(1));
- &cmplt($l1,"zero",($lc1)=&NR(1));
- &cmplt($h1,"zero",($hc1)=&NR(1));
- &add($l1,$l1,$l1);
- &add($h1,$h1,$h1);
- &add($h1,$lc1,$h1); &FR($lc1);
- &add($c2,$hc1,$c2); &FR($hc1);
-
- &add($c0,$l1,$c0);
- &add($c1,$h1,$c1);
- &cmpult($c0,$l1,($lc1)=&NR(1)); &FR($l1);
- &cmpult($c1,$h1,($hc1)=&NR(1)); &FR($h1);
-
- &add($c1,$lc1,$c1); &FR($lc1);
- &add($c2,$hc1,$c2); &FR($hc1);
- }
-
-
-sub bn_sqr_comba4
- {
- local($name)=@_;
- local(@a, at b,$r,$c0,$c1,$c2);
-
- $cnt=1;
- &init_pool(2);
-
- $rp=&wparam(0);
- $ap=&wparam(1);
-
- &function_begin($name,"");
-
- &comment("");
-
- &ld(($a[0])=&NR(1),&QWPw(0,$ap));
- &ld(($a[1])=&NR(1),&QWPw(1,$ap));
- &ld(($a[2])=&NR(1),&QWPw(2,$ap));
- &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap);
-
- ($c0,$c1,$c2)=&NR(3);
-
- &mov("zero",$c2);
- &mul($a[0],$a[0],$c0);
- &muh($a[0],$a[0],$c1);
- &st($c0,&QWPw(0,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[0],$a[1],$c0,$c1,$c2);
- &st($c0,&QWPw(1,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(2,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
- &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
- &st($c0,&QWPw(3,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
- &st($c0,&QWPw(4,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
- &st($c0,&QWPw(5,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[3],$c0,$c1,$c2);
- &st($c0,&QWPw(6,$rp));
- &st($c1,&QWPw(7,$rp));
-
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha/sqr.pl
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_sqr_words
- {
- local($name)=@_;
- local($cc,$a,$b,$r,$couny);
-
- &init_pool(3);
- ($cc)=GR("r0");
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $count=&wparam(2);
-
- &function_begin($name,"");
-
- &comment("");
- &sub($count,4,$count);
- &mov("zero",$cc);
- &br(&label("finish"));
- &blt($count,&label("finish"));
-
- ($a0,$r0)=&NR(2);
- &ld($a0,&QWPw(0,$ap));
- &ld($r0,&QWPw(0,$rp));
-
-$a=<<'EOF';
-##########################################################
- &set_label("loop");
-
- ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
- ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
- ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
- ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
- ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
- ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
-
- ($o0,$t0)=&NR(2);
- &add($a0,$b0,$o0);
- &cmpult($o0,$b0,$t0);
- &add($o0,$cc,$o0);
- &cmpult($o0,$cc,$cc);
- &add($cc,$t0,$cc); &FR($t0);
-
- ($t1,$o1)=&NR(2);
-
- &add($a1,$b1,$o1); &FR($a1);
- &cmpult($o1,$b1,$t1); &FR($b1);
- &add($o1,$cc,$o1);
- &cmpult($o1,$cc,$cc);
- &add($cc,$t1,$cc); &FR($t1);
-
- ($t2,$o2)=&NR(2);
-
- &add($a2,$b2,$o2); &FR($a2);
- &cmpult($o2,$b2,$t2); &FR($b2);
- &add($o2,$cc,$o2);
- &cmpult($o2,$cc,$cc);
- &add($cc,$t2,$cc); &FR($t2);
-
- ($t3,$o3)=&NR(2);
-
- &add($a3,$b3,$o3); &FR($a3);
- &cmpult($o3,$b3,$t3); &FR($b3);
- &add($o3,$cc,$o3);
- &cmpult($o3,$cc,$cc);
- &add($cc,$t3,$cc); &FR($t3);
-
- &st($o0,&QWPw(0,$rp)); &FR($o0);
- &st($o1,&QWPw(0,$rp)); &FR($o1);
- &st($o2,&QWPw(0,$rp)); &FR($o2);
- &st($o3,&QWPw(0,$rp)); &FR($o3);
-
- &sub($count,4,$count); # count-=4
- &add($ap,4*$QWS,$ap); # count+=4
- &add($bp,4*$QWS,$bp); # count+=4
- &add($rp,4*$QWS,$rp); # count+=4
-
- &blt($count,&label("finish"));
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
- &br(&label("loop"));
-EOF
-##################################################
- # Do the last 0..3 words
-
- &set_label("last_loop");
-
- &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
- &mul($a0,$a0,($l0)=&NR(1));
- &add($ap,$QWS,$ap);
- &add($rp,2*$QWS,$rp);
- &sub($count,1,$count);
- &muh($a0,$a0,($h0)=&NR(1)); &FR($a0);
- &st($l0,&QWPw(-2,$rp)); &FR($l0);
- &st($h0,&QWPw(-1,$rp)); &FR($h0);
-
- &bgt($count,&label("last_loop"));
- &function_end_A($name);
-
-######################################################
- &set_label("finish");
- &add($count,4,$count);
- &bgt($count,&label("last_loop"));
-
- &set_label("end");
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha.works/sub.pl
+++ /dev/null
@@ -1,108 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_sub_words
- {
- local($name)=@_;
- local($cc,$a,$b,$r);
-
- &init_pool(4);
- ($cc)=GR("r0");
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $bp=&wparam(2);
- $count=&wparam(3);
-
- &function_begin($name,"");
-
- &comment("");
- &sub($count,4,$count);
- &mov("zero",$cc);
- &blt($count,&label("finish"));
-
- ($a0,$b0)=&NR(2);
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
-
-##########################################################
- &set_label("loop");
-
- ($a1,$tmp,$b1,$a2,$b2,$a3,$b3,$o0)=&NR(8);
- &ld($a1,&QWPw(1,$ap));
- &cmpult($a0,$b0,$tmp); # will we borrow?
- &ld($b1,&QWPw(1,$bp));
- &sub($a0,$b0,$a0); # do the subtract
- &ld($a2,&QWPw(2,$ap));
- &cmpult($a0,$cc,$b0); # will we borrow?
- &ld($b2,&QWPw(2,$bp));
- &sub($a0,$cc,$o0); # will we borrow?
- &ld($a3,&QWPw(3,$ap));
- &add($b0,$tmp,$cc); ($t1,$o1)=&NR(2); &FR($tmp);
-
- &cmpult($a1,$b1,$t1); # will we borrow?
- &sub($a1,$b1,$a1); # do the subtract
- &ld($b3,&QWPw(3,$bp));
- &cmpult($a1,$cc,$b1); # will we borrow?
- &sub($a1,$cc,$o1); # will we borrow?
- &add($b1,$t1,$cc); ($tmp,$o2)=&NR(2); &FR($t1,$a1,$b1);
-
- &cmpult($a2,$b2,$tmp); # will we borrow?
- &sub($a2,$b2,$a2); # do the subtract
- &st($o0,&QWPw(0,$rp)); &FR($o0); # save
- &cmpult($a2,$cc,$b2); # will we borrow?
- &sub($a2,$cc,$o2); # will we borrow?
- &add($b2,$tmp,$cc); ($t3,$o3)=&NR(2); &FR($tmp,$a2,$b2);
-
- &cmpult($a3,$b3,$t3); # will we borrow?
- &sub($a3,$b3,$a3); # do the subtract
- &st($o1,&QWPw(1,$rp)); &FR($o1);
- &cmpult($a3,$cc,$b3); # will we borrow?
- &sub($a3,$cc,$o3); # will we borrow?
- &add($b3,$t3,$cc); &FR($t3,$a3,$b3);
-
- &st($o2,&QWPw(2,$rp)); &FR($o2);
- &sub($count,4,$count); # count-=4
- &st($o3,&QWPw(3,$rp)); &FR($o3);
- &add($ap,4*$QWS,$ap); # count+=4
- &add($bp,4*$QWS,$bp); # count+=4
- &add($rp,4*$QWS,$rp); # count+=4
-
- &blt($count,&label("finish"));
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
- &br(&label("loop"));
-##################################################
- # Do the last 0..3 words
-
- &set_label("last_loop");
-
- &ld($a0,&QWPw(0,$ap)); # get a
- &ld($b0,&QWPw(0,$bp)); # get b
- &cmpult($a0,$b0,$tmp); # will we borrow?
- &sub($a0,$b0,$a0); # do the subtract
- &cmpult($a0,$cc,$b0); # will we borrow?
- &sub($a0,$cc,$a0); # will we borrow?
- &st($a0,&QWPw(0,$rp)); # save
- &add($b0,$tmp,$cc); # add the borrows
-
- &add($ap,$QWS,$ap);
- &add($bp,$QWS,$bp);
- &add($rp,$QWS,$rp);
- &sub($count,1,$count);
- &bgt($count,&label("last_loop"));
- &function_end_A($name);
-
-######################################################
- &set_label("finish");
- &add($count,4,$count);
- &bgt($count,&label("last_loop"));
-
- &FR($a0,$b0);
- &set_label("end");
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha.works/mul_c8.pl
+++ /dev/null
@@ -1,177 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_mul_comba8
- {
- local($name)=@_;
- local(@a, at b,$r,$c0,$c1,$c2);
-
- $cnt=1;
- &init_pool(3);
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $bp=&wparam(2);
-
- &function_begin($name,"");
-
- &comment("");
-
- &stack_push(2);
- &ld(($a[0])=&NR(1),&QWPw(0,$ap));
- &ld(($b[0])=&NR(1),&QWPw(0,$bp));
- &st($reg_s0,&swtmp(0)); &FR($reg_s0);
- &st($reg_s1,&swtmp(1)); &FR($reg_s1);
- &ld(($a[1])=&NR(1),&QWPw(1,$ap));
- &ld(($b[1])=&NR(1),&QWPw(1,$bp));
- &ld(($a[2])=&NR(1),&QWPw(2,$ap));
- &ld(($b[2])=&NR(1),&QWPw(2,$bp));
- &ld(($a[3])=&NR(1),&QWPw(3,$ap));
- &ld(($b[3])=&NR(1),&QWPw(3,$bp));
- &ld(($a[4])=&NR(1),&QWPw(1,$ap));
- &ld(($b[4])=&NR(1),&QWPw(1,$bp));
- &ld(($a[5])=&NR(1),&QWPw(1,$ap));
- &ld(($b[5])=&NR(1),&QWPw(1,$bp));
- &ld(($a[6])=&NR(1),&QWPw(1,$ap));
- &ld(($b[6])=&NR(1),&QWPw(1,$bp));
- &ld(($a[7])=&NR(1),&QWPw(1,$ap)); &FR($ap);
- &ld(($b[7])=&NR(1),&QWPw(1,$bp)); &FR($bp);
-
- ($c0,$c1,$c2)=&NR(3);
- &mov("zero",$c2);
- &mul($a[0],$b[0],$c0);
- &muh($a[0],$b[0],$c1);
- &st($c0,&QWPw(0,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(1,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(2,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(3,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(4,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(5,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(6,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[7],$c0,$c1,$c2); &FR($a[0]);
- &mul_add_c($a[1],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[0],$c0,$c1,$c2); &FR($b[0]);
- &st($c0,&QWPw(7,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[1],$b[7],$c0,$c1,$c2); &FR($a[1]);
- &mul_add_c($a[2],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[1],$c0,$c1,$c2); &FR($b[1]);
- &st($c0,&QWPw(8,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[2],$b[7],$c0,$c1,$c2); &FR($a[2]);
- &mul_add_c($a[3],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[4],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[3],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[2],$c0,$c1,$c2); &FR($b[2]);
- &st($c0,&QWPw(9,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[3],$b[7],$c0,$c1,$c2); &FR($a[3]);
- &mul_add_c($a[4],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[5],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[4],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[3],$c0,$c1,$c2); &FR($b[3]);
- &st($c0,&QWPw(10,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[4],$b[7],$c0,$c1,$c2); &FR($a[4]);
- &mul_add_c($a[5],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[6],$b[5],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[4],$c0,$c1,$c2); &FR($b[4]);
- &st($c0,&QWPw(11,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[5],$b[7],$c0,$c1,$c2); &FR($a[5]);
- &mul_add_c($a[6],$b[6],$c0,$c1,$c2);
- &mul_add_c($a[7],$b[5],$c0,$c1,$c2); &FR($b[5]);
- &st($c0,&QWPw(12,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[6],$b[7],$c0,$c1,$c2); &FR($a[6]);
- &mul_add_c($a[7],$b[6],$c0,$c1,$c2); &FR($b[6]);
- &st($c0,&QWPw(13,$rp)); &FR($c0); ($c0)=&NR(1);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[7],$b[7],$c0,$c1,$c2); &FR($a[7],$b[7]);
- &st($c0,&QWPw(14,$rp));
- &st($c1,&QWPw(15,$rp));
-
- &FR($c0,$c1,$c2);
-
- &ld($reg_s0,&swtmp(0));
- &ld($reg_s1,&swtmp(1));
- &stack_pop(2);
-
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha.works/mul_c4.pl
+++ /dev/null
@@ -1,213 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub mul_add_c
- {
- local($a,$b,$c0,$c1,$c2)=@_;
- local($l1,$h1,$t1,$t2);
-
- &mul($a,$b,($l1)=&NR(1));
- &muh($a,$b,($h1)=&NR(1));
- &add($c0,$l1,$c0);
- &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1);
- &add($t1,$h1,$h1); &FR($t1);
- &add($c1,$h1,$c1);
- &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1);
- &add($c2,$t2,$c2); &FR($t2);
- }
-
-sub bn_mul_comba4
- {
- local($name)=@_;
- local(@a, at b,$r,$c0,$c1,$c2);
-
- $cnt=1;
- &init_pool(3);
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $bp=&wparam(2);
-
- &function_begin($name,"");
-
- &comment("");
-
- &ld(($a[0])=&NR(1),&QWPw(0,$ap));
- &ld(($b[0])=&NR(1),&QWPw(0,$bp));
- &ld(($a[1])=&NR(1),&QWPw(1,$ap));
- &ld(($b[1])=&NR(1),&QWPw(1,$bp));
- &mul($a[0],$b[0],($r00)=&NR(1));
- &ld(($a[2])=&NR(1),&QWPw(2,$ap));
- &ld(($b[2])=&NR(1),&QWPw(2,$bp));
- &muh($a[0],$b[0],($r01)=&NR(1));
- &FR($ap); &ld(($a[3])=&NR(1),&QWPw(3,$ap));
- &FR($bp); &ld(($b[3])=&NR(1),&QWPw(3,$bp));
- &mul($a[0],$b[1],($r02)=&NR(1));
-
- ($R,$H1,$H2)=&NR(3);
-
- &st($r00,&QWPw(0,$rp)); &FR($r00);
-
- &mov("zero",$R);
- &mul($a[1],$b[0],($r03)=&NR(1));
-
- &mov("zero",$H1);
- &mov("zero",$H0);
- &add($R,$r01,$R);
- &muh($a[0],$b[1],($r04)=&NR(1));
- &cmpult($R,$r01,($t01)=&NR(1)); &FR($r01);
- &add($R,$r02,$R);
- &add($H1,$t01,$H1) &FR($t01);
- &muh($a[1],$b[0],($r05)=&NR(1));
- &cmpult($R,$r02,($t02)=&NR(1)); &FR($r02);
- &add($R,$r03,$R);
- &add($H2,$t02,$H2) &FR($t02);
- &mul($a[0],$b[2],($r06)=&NR(1));
- &cmpult($R,$r03,($t03)=&NR(1)); &FR($r03);
- &add($H1,$t03,$H1) &FR($t03);
- &st($R,&QWPw(1,$rp));
- &add($H1,$H2,$R);
-
- &mov("zero",$H1);
- &add($R,$r04,$R);
- &mov("zero",$H2);
- &mul($a[1],$b[1],($r07)=&NR(1));
- &cmpult($R,$r04,($t04)=&NR(1)); &FR($r04);
- &add($R,$r05,$R);
- &add($H1,$t04,$H1) &FR($t04);
- &mul($a[2],$b[0],($r08)=&NR(1));
- &cmpult($R,$r05,($t05)=&NR(1)); &FR($r05);
- &add($R,$r01,$R);
- &add($H2,$t05,$H2) &FR($t05);
- &muh($a[0],$b[2],($r09)=&NR(1));
- &cmpult($R,$r06,($t06)=&NR(1)); &FR($r06);
- &add($R,$r07,$R);
- &add($H1,$t06,$H1) &FR($t06);
- &muh($a[1],$b[1],($r10)=&NR(1));
- &cmpult($R,$r07,($t07)=&NR(1)); &FR($r07);
- &add($R,$r08,$R);
- &add($H2,$t07,$H2) &FR($t07);
- &muh($a[2],$b[0],($r11)=&NR(1));
- &cmpult($R,$r08,($t08)=&NR(1)); &FR($r08);
- &add($H1,$t08,$H1) &FR($t08);
- &st($R,&QWPw(2,$rp));
- &add($H1,$H2,$R);
-
- &mov("zero",$H1);
- &add($R,$r09,$R);
- &mov("zero",$H2);
- &mul($a[0],$b[3],($r12)=&NR(1));
- &cmpult($R,$r09,($t09)=&NR(1)); &FR($r09);
- &add($R,$r10,$R);
- &add($H1,$t09,$H1) &FR($t09);
- &mul($a[1],$b[2],($r13)=&NR(1));
- &cmpult($R,$r10,($t10)=&NR(1)); &FR($r10);
- &add($R,$r11,$R);
- &add($H1,$t10,$H1) &FR($t10);
- &mul($a[2],$b[1],($r14)=&NR(1));
- &cmpult($R,$r11,($t11)=&NR(1)); &FR($r11);
- &add($R,$r12,$R);
- &add($H1,$t11,$H1) &FR($t11);
- &mul($a[3],$b[0],($r15)=&NR(1));
- &cmpult($R,$r12,($t12)=&NR(1)); &FR($r12);
- &add($R,$r13,$R);
- &add($H1,$t12,$H1) &FR($t12);
- &muh($a[0],$b[3],($r16)=&NR(1));
- &cmpult($R,$r13,($t13)=&NR(1)); &FR($r13);
- &add($R,$r14,$R);
- &add($H1,$t13,$H1) &FR($t13);
- &muh($a[1],$b[2],($r17)=&NR(1));
- &cmpult($R,$r14,($t14)=&NR(1)); &FR($r14);
- &add($R,$r15,$R);
- &add($H1,$t14,$H1) &FR($t14);
- &muh($a[2],$b[1],($r18)=&NR(1));
- &cmpult($R,$r15,($t15)=&NR(1)); &FR($r15);
- &add($H1,$t15,$H1) &FR($t15);
- &st($R,&QWPw(3,$rp));
- &add($H1,$H2,$R);
-
- &mov("zero",$H1);
- &add($R,$r16,$R);
- &mov("zero",$H2);
- &muh($a[3],$b[0],($r19)=&NR(1));
- &cmpult($R,$r16,($t16)=&NR(1)); &FR($r16);
- &add($R,$r17,$R);
- &add($H1,$t16,$H1) &FR($t16);
- &mul($a[1],$b[3],($r20)=&NR(1));
- &cmpult($R,$r17,($t17)=&NR(1)); &FR($r17);
- &add($R,$r18,$R);
- &add($H1,$t17,$H1) &FR($t17);
- &mul($a[2],$b[2],($r21)=&NR(1));
- &cmpult($R,$r18,($t18)=&NR(1)); &FR($r18);
- &add($R,$r19,$R);
- &add($H1,$t18,$H1) &FR($t18);
- &mul($a[3],$b[1],($r22)=&NR(1));
- &cmpult($R,$r19,($t19)=&NR(1)); &FR($r19);
- &add($R,$r20,$R);
- &add($H1,$t19,$H1) &FR($t19);
- &muh($a[1],$b[3],($r23)=&NR(1));
- &cmpult($R,$r20,($t20)=&NR(1)); &FR($r20);
- &add($R,$r21,$R);
- &add($H1,$t20,$H1) &FR($t20);
- &muh($a[2],$b[2],($r24)=&NR(1));
- &cmpult($R,$r21,($t21)=&NR(1)); &FR($r21);
- &add($R,$r22,$R);
- &add($H1,$t21,$H1) &FR($t21);
- &muh($a[3],$b[1],($r25)=&NR(1));
- &cmpult($R,$r22,($t22)=&NR(1)); &FR($r22);
- &add($H1,$t22,$H1) &FR($t22);
- &st($R,&QWPw(4,$rp));
- &add($H1,$H2,$R);
-
- &mov("zero",$H1);
- &add($R,$r23,$R);
- &mov("zero",$H2);
- &mul($a[2],$b[3],($r26)=&NR(1));
- &cmpult($R,$r23,($t23)=&NR(1)); &FR($r23);
- &add($R,$r24,$R);
- &add($H1,$t23,$H1) &FR($t23);
- &mul($a[3],$b[2],($r27)=&NR(1));
- &cmpult($R,$r24,($t24)=&NR(1)); &FR($r24);
- &add($R,$r25,$R);
- &add($H1,$t24,$H1) &FR($t24);
- &muh($a[2],$b[3],($r28)=&NR(1));
- &cmpult($R,$r25,($t25)=&NR(1)); &FR($r25);
- &add($R,$r26,$R);
- &add($H1,$t25,$H1) &FR($t25);
- &muh($a[3],$b[2],($r29)=&NR(1));
- &cmpult($R,$r26,($t26)=&NR(1)); &FR($r26);
- &add($R,$r27,$R);
- &add($H1,$t26,$H1) &FR($t26);
- &mul($a[3],$b[3],($r30)=&NR(1));
- &cmpult($R,$r27,($t27)=&NR(1)); &FR($r27);
- &add($H1,$t27,$H1) &FR($t27);
- &st($R,&QWPw(5,$rp));
- &add($H1,$H2,$R);
-
- &mov("zero",$H1);
- &add($R,$r28,$R);
- &mov("zero",$H2);
- &muh($a[3],$b[3],($r31)=&NR(1));
- &cmpult($R,$r28,($t28)=&NR(1)); &FR($r28);
- &add($R,$r29,$R);
- &add($H1,$t28,$H1) &FR($t28);
- ############
- &cmpult($R,$r29,($t29)=&NR(1)); &FR($r29);
- &add($R,$r30,$R);
- &add($H1,$t29,$H1) &FR($t29);
- ############
- &cmpult($R,$r30,($t30)=&NR(1)); &FR($r30);
- &add($H1,$t30,$H1) &FR($t30);
- &st($R,&QWPw(6,$rp));
- &add($H1,$H2,$R);
-
- &add($R,$r31,$R); &FR($r31);
- &st($R,&QWPw(7,$rp));
-
- &FR($R,$H1,$H2);
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha.works/sqr_c8.pl
+++ /dev/null
@@ -1,132 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_sqr_comba8
- {
- local($name)=@_;
- local(@a, at b,$r,$c0,$c1,$c2);
-
- $cnt=1;
- &init_pool(2);
-
- $rp=&wparam(0);
- $ap=&wparam(1);
-
- &function_begin($name,"");
-
- &comment("");
-
- &ld(($a[0])=&NR(1),&QWPw(0,$ap));
- &ld(($a[1])=&NR(1),&QWPw(1,$ap));
- &ld(($a[2])=&NR(1),&QWPw(2,$ap));
- &ld(($a[3])=&NR(1),&QWPw(3,$ap));
- &ld(($a[4])=&NR(1),&QWPw(4,$ap));
- &ld(($a[5])=&NR(1),&QWPw(5,$ap));
- &ld(($a[6])=&NR(1),&QWPw(6,$ap));
- &ld(($a[7])=&NR(1),&QWPw(7,$ap)); &FR($ap);
-
- ($c0,$c1,$c2)=&NR(3);
-
- &mov("zero",$c2);
- &mul($a[0],$a[0],$c0);
- &muh($a[0],$a[0],$c1);
- &st($c0,&QWPw(0,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[1],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(1,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(2,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(3,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[4],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(4,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[4],$a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[5],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(5,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[3],$c0,$c1,$c2);
- &sqr_add_c2($a[4],$a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[5],$a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[6],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(6,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[4],$a[3],$c0,$c1,$c2);
- &sqr_add_c2($a[5],$a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[6],$a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(7,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[4],$c0,$c1,$c2);
- &sqr_add_c2($a[5],$a[3],$c0,$c1,$c2);
- &sqr_add_c2($a[6],$a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[1],$c0,$c1,$c2);
- &st($c0,&QWPw(8,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[5],$a[4],$c0,$c1,$c2);
- &sqr_add_c2($a[6],$a[3],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[2],$c0,$c1,$c2);
- &st($c0,&QWPw(9,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[5],$c0,$c1,$c2);
- &sqr_add_c2($a[6],$a[4],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[3],$c0,$c1,$c2);
- &st($c0,&QWPw(10,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[6],$a[5],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[4],$c0,$c1,$c2);
- &st($c0,&QWPw(11,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[6],$c0,$c1,$c2);
- &sqr_add_c2($a[7],$a[5],$c0,$c1,$c2);
- &st($c0,&QWPw(12,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[7],$a[6],$c0,$c1,$c2);
- &st($c0,&QWPw(13,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[7],$c0,$c1,$c2);
- &st($c0,&QWPw(14,$rp));
- &st($c1,&QWPw(15,$rp));
-
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha.works/mul_c4.works.pl
+++ /dev/null
@@ -1,98 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub mul_add_c
- {
- local($a,$b,$c0,$c1,$c2)=@_;
- local($l1,$h1,$t1,$t2);
-
-print STDERR "count=$cnt\n"; $cnt++;
- &mul($a,$b,($l1)=&NR(1));
- &muh($a,$b,($h1)=&NR(1));
- &add($c0,$l1,$c0);
- &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1);
- &add($t1,$h1,$h1); &FR($t1);
- &add($c1,$h1,$c1);
- &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1);
- &add($c2,$t2,$c2); &FR($t2);
- }
-
-sub bn_mul_comba4
- {
- local($name)=@_;
- local(@a, at b,$r,$c0,$c1,$c2);
-
- $cnt=1;
- &init_pool(3);
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $bp=&wparam(2);
-
- &function_begin($name,"");
-
- &comment("");
-
- &ld(($a[0])=&NR(1),&QWPw(0,$ap));
- &ld(($b[0])=&NR(1),&QWPw(0,$bp));
- &ld(($a[1])=&NR(1),&QWPw(1,$ap));
- &ld(($b[1])=&NR(1),&QWPw(1,$bp));
- &ld(($a[2])=&NR(1),&QWPw(2,$ap));
- &ld(($b[2])=&NR(1),&QWPw(2,$bp));
- &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap);
- &ld(($b[3])=&NR(1),&QWPw(3,$bp)); &FR($bp);
-
- ($c0,$c1,$c2)=&NR(3);
- &mov("zero",$c2);
- &mul($a[0],$b[0],$c0);
- &muh($a[0],$b[0],$c1);
- &st($c0,&QWPw(0,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[1],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(1,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[1],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[0],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[0],$c0,$c1,$c2);
- &st($c0,&QWPw(2,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[0],$b[3],$c0,$c1,$c2); &FR($a[0]);
- &mul_add_c($a[1],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[2],$b[1],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[0],$c0,$c1,$c2); &FR($b[0]);
- &st($c0,&QWPw(3,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[1],$b[3],$c0,$c1,$c2); &FR($a[1]);
- &mul_add_c($a[2],$b[2],$c0,$c1,$c2);
- &mul_add_c($a[3],$b[1],$c0,$c1,$c2); &FR($b[1]);
- &st($c0,&QWPw(4,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[2],$b[3],$c0,$c1,$c2); &FR($a[2]);
- &mul_add_c($a[3],$b[2],$c0,$c1,$c2); &FR($b[2]);
- &st($c0,&QWPw(5,$rp)); &FR($c0); ($c0)=&NR($c0);
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &mul_add_c($a[3],$b[3],$c0,$c1,$c2); &FR($a[3],$b[3]);
- &st($c0,&QWPw(6,$rp));
- &st($c1,&QWPw(7,$rp));
-
- &FR($c0,$c1,$c2);
-
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha.works/add.pl
+++ /dev/null
@@ -1,119 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_add_words
- {
- local($name)=@_;
- local($cc,$a,$b,$r);
-
- &init_pool(4);
- ($cc)=GR("r0");
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $bp=&wparam(2);
- $count=&wparam(3);
-
- &function_begin($name,"");
-
- &comment("");
- &sub($count,4,$count);
- &mov("zero",$cc);
- &br(&label("finish"));
- &blt($count,&label("finish"));
-
- ($a0,$b0)=&NR(2);
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
-
-##########################################################
- &set_label("loop");
-
- ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
- ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
- ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
- ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
- ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
- ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
-
- ($o0,$t0)=&NR(2);
- &add($a0,$b0,$o0);
- &cmpult($o0,$b0,$t0);
- &add($o0,$cc,$o0);
- &cmpult($o0,$cc,$cc);
- &add($cc,$t0,$cc); &FR($t0);
-
- ($t1,$o1)=&NR(2);
-
- &add($a1,$b1,$o1); &FR($a1);
- &cmpult($o1,$b1,$t1); &FR($b1);
- &add($o1,$cc,$o1);
- &cmpult($o1,$cc,$cc);
- &add($cc,$t1,$cc); &FR($t1);
-
- ($t2,$o2)=&NR(2);
-
- &add($a2,$b2,$o2); &FR($a2);
- &cmpult($o2,$b2,$t2); &FR($b2);
- &add($o2,$cc,$o2);
- &cmpult($o2,$cc,$cc);
- &add($cc,$t2,$cc); &FR($t2);
-
- ($t3,$o3)=&NR(2);
-
- &add($a3,$b3,$o3); &FR($a3);
- &cmpult($o3,$b3,$t3); &FR($b3);
- &add($o3,$cc,$o3);
- &cmpult($o3,$cc,$cc);
- &add($cc,$t3,$cc); &FR($t3);
-
- &st($o0,&QWPw(0,$rp)); &FR($o0);
- &st($o1,&QWPw(0,$rp)); &FR($o1);
- &st($o2,&QWPw(0,$rp)); &FR($o2);
- &st($o3,&QWPw(0,$rp)); &FR($o3);
-
- &sub($count,4,$count); # count-=4
- &add($ap,4*$QWS,$ap); # count+=4
- &add($bp,4*$QWS,$bp); # count+=4
- &add($rp,4*$QWS,$rp); # count+=4
-
- &blt($count,&label("finish"));
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
- &br(&label("loop"));
-##################################################
- # Do the last 0..3 words
-
- ($t0,$o0)=&NR(2);
- &set_label("last_loop");
-
- &ld($a0,&QWPw(0,$ap)); # get a
- &ld($b0,&QWPw(0,$bp)); # get b
-
- &add($a0,$b0,$o0);
- &cmpult($o0,$b0,$t0); # will we borrow?
- &add($o0,$cc,$o0); # will we borrow?
- &cmpult($o0,$cc,$cc); # will we borrow?
- &add($cc,$t0,$cc); # add the borrows
- &st($o0,&QWPw(0,$rp)); # save
-
- &add($ap,$QWS,$ap);
- &add($bp,$QWS,$bp);
- &add($rp,$QWS,$rp);
- &sub($count,1,$count);
- &bgt($count,&label("last_loop"));
- &function_end_A($name);
-
-######################################################
- &set_label("finish");
- &add($count,4,$count);
- &bgt($count,&label("last_loop"));
-
- &FR($o0,$t0,$a0,$b0);
- &set_label("end");
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha.works/mul_add.pl
+++ /dev/null
@@ -1,120 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_mul_add_words
- {
- local($name)=@_;
- local($cc,$a,$b,$r,$couny);
-
- &init_pool(4);
- ($cc)=GR("r0");
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $count=&wparam(2);
- $word=&wparam(3);
-
- &function_begin($name,"");
-
- &comment("");
- &sub($count,4,$count);
- &mov("zero",$cc);
- &br(&label("finish"));
- &blt($count,&label("finish"));
-
- ($a0,$r0)=&NR(2);
- &ld($a0,&QWPw(0,$ap));
- &ld($r0,&QWPw(0,$rp));
-
-$a=<<'EOF';
-##########################################################
- &set_label("loop");
-
- ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
- ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
- ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
- ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
- ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
- ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
-
- ($o0,$t0)=&NR(2);
- &add($a0,$b0,$o0);
- &cmpult($o0,$b0,$t0);
- &add($o0,$cc,$o0);
- &cmpult($o0,$cc,$cc);
- &add($cc,$t0,$cc); &FR($t0);
-
- ($t1,$o1)=&NR(2);
-
- &add($a1,$b1,$o1); &FR($a1);
- &cmpult($o1,$b1,$t1); &FR($b1);
- &add($o1,$cc,$o1);
- &cmpult($o1,$cc,$cc);
- &add($cc,$t1,$cc); &FR($t1);
-
- ($t2,$o2)=&NR(2);
-
- &add($a2,$b2,$o2); &FR($a2);
- &cmpult($o2,$b2,$t2); &FR($b2);
- &add($o2,$cc,$o2);
- &cmpult($o2,$cc,$cc);
- &add($cc,$t2,$cc); &FR($t2);
-
- ($t3,$o3)=&NR(2);
-
- &add($a3,$b3,$o3); &FR($a3);
- &cmpult($o3,$b3,$t3); &FR($b3);
- &add($o3,$cc,$o3);
- &cmpult($o3,$cc,$cc);
- &add($cc,$t3,$cc); &FR($t3);
-
- &st($o0,&QWPw(0,$rp)); &FR($o0);
- &st($o1,&QWPw(0,$rp)); &FR($o1);
- &st($o2,&QWPw(0,$rp)); &FR($o2);
- &st($o3,&QWPw(0,$rp)); &FR($o3);
-
- &sub($count,4,$count); # count-=4
- &add($ap,4*$QWS,$ap); # count+=4
- &add($bp,4*$QWS,$bp); # count+=4
- &add($rp,4*$QWS,$rp); # count+=4
-
- &blt($count,&label("finish"));
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
- &br(&label("loop"));
-EOF
-##################################################
- # Do the last 0..3 words
-
- &set_label("last_loop");
-
- &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
- &ld(($r0)=&NR(1),&QWPw(0,$rp)); # get b
- &mul($a0,$word,($l0)=&NR(1));
- &sub($count,1,$count);
- &add($ap,$QWS,$ap);
- &muh($a0,$word,($h0)=&NR(1)); &FR($a0);
- &add($r0,$l0,$r0);
- &add($rp,$QWS,$rp);
- &cmpult($r0,$l0,($t0)=&NR(1)); &FR($l0);
- &add($r0,$cc,$r0);
- &add($h0,$t0,$h0); &FR($t0);
- &cmpult($r0,$cc,$cc);
- &st($r0,&QWPw(-1,$rp)); &FR($r0);
- &add($h0,$cc,$cc); &FR($h0);
-
- &bgt($count,&label("last_loop"));
- &function_end_A($name);
-
-######################################################
- &set_label("finish");
- &add($count,4,$count);
- &bgt($count,&label("last_loop"));
-
- &set_label("end");
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha.works/div.pl
+++ /dev/null
@@ -1,144 +0,0 @@
-#!/usr/local/bin/perl
-
-sub bn_div64
- {
- local($data)=<<'EOF';
- #
- # What follows was taken directly from the C compiler with a few
- # hacks to redo the lables.
- #
-.text
- .set noreorder
- .set volatile
- .align 3
- .globl bn_div64
- .ent bn_div64
-bn_div64:
- ldgp $29,0($27)
-bn_div64..ng:
- lda $30,-48($30)
- .frame $30,48,$26,0
- stq $26,0($30)
- stq $9,8($30)
- stq $10,16($30)
- stq $11,24($30)
- stq $12,32($30)
- stq $13,40($30)
- .mask 0x4003e00,-48
- .prologue 1
- bis $16,$16,$9
- bis $17,$17,$10
- bis $18,$18,$11
- bis $31,$31,$13
- bis $31,2,$12
- bne $11,$9119
- lda $0,-1
- br $31,$9136
- .align 4
-$9119:
- bis $11,$11,$16
- jsr $26,BN_num_bits_word
- ldgp $29,0($26)
- subq $0,64,$1
- beq $1,$9120
- bis $31,1,$1
- sll $1,$0,$1
- cmpule $9,$1,$1
- bne $1,$9120
- # lda $16,_IO_stderr_
- # lda $17,$C32
- # bis $0,$0,$18
- # jsr $26,fprintf
- # ldgp $29,0($26)
- jsr $26,abort
- ldgp $29,0($26)
- .align 4
-$9120:
- bis $31,64,$3
- cmpult $9,$11,$2
- subq $3,$0,$1
- addl $1,$31,$0
- subq $9,$11,$1
- cmoveq $2,$1,$9
- beq $0,$9122
- zapnot $0,15,$2
- subq $3,$0,$1
- sll $11,$2,$11
- sll $9,$2,$3
- srl $10,$1,$1
- sll $10,$2,$10
- bis $3,$1,$9
-$9122:
- srl $11,32,$5
- zapnot $11,15,$6
- lda $7,-1
- .align 5
-$9123:
- srl $9,32,$1
- subq $1,$5,$1
- bne $1,$9126
- zapnot $7,15,$27
- br $31,$9127
- .align 4
-$9126:
- bis $9,$9,$24
- bis $5,$5,$25
- divqu $24,$25,$27
-$9127:
- srl $10,32,$4
- .align 5
-$9128:
- mulq $27,$5,$1
- subq $9,$1,$3
- zapnot $3,240,$1
- bne $1,$9129
- mulq $6,$27,$2
- sll $3,32,$1
- addq $1,$4,$1
- cmpule $2,$1,$2
- bne $2,$9129
- subq $27,1,$27
- br $31,$9128
- .align 4
-$9129:
- mulq $27,$6,$1
- mulq $27,$5,$4
- srl $1,32,$3
- sll $1,32,$1
- addq $4,$3,$4
- cmpult $10,$1,$2
- subq $10,$1,$10
- addq $2,$4,$2
- cmpult $9,$2,$1
- bis $2,$2,$4
- beq $1,$9134
- addq $9,$11,$9
- subq $27,1,$27
-$9134:
- subl $12,1,$12
- subq $9,$4,$9
- beq $12,$9124
- sll $27,32,$13
- sll $9,32,$2
- srl $10,32,$1
- sll $10,32,$10
- bis $2,$1,$9
- br $31,$9123
- .align 4
-$9124:
- bis $13,$27,$0
-$9136:
- ldq $26,0($30)
- ldq $9,8($30)
- ldq $10,16($30)
- ldq $11,24($30)
- ldq $12,32($30)
- ldq $13,40($30)
- addq $30,48,$30
- ret $31,($26),1
- .end bn_div64
-EOF
- &asm_add($data);
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha.works/mul.pl
+++ /dev/null
@@ -1,116 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_mul_words
- {
- local($name)=@_;
- local($cc,$a,$b,$r,$couny);
-
- &init_pool(4);
- ($cc)=GR("r0");
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $count=&wparam(2);
- $word=&wparam(3);
-
- &function_begin($name,"");
-
- &comment("");
- &sub($count,4,$count);
- &mov("zero",$cc);
- &br(&label("finish"));
- &blt($count,&label("finish"));
-
- ($a0,$r0)=&NR(2);
- &ld($a0,&QWPw(0,$ap));
- &ld($r0,&QWPw(0,$rp));
-
-$a=<<'EOF';
-##########################################################
- &set_label("loop");
-
- ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
- ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
- ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
- ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
- ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
- ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
-
- ($o0,$t0)=&NR(2);
- &add($a0,$b0,$o0);
- &cmpult($o0,$b0,$t0);
- &add($o0,$cc,$o0);
- &cmpult($o0,$cc,$cc);
- &add($cc,$t0,$cc); &FR($t0);
-
- ($t1,$o1)=&NR(2);
-
- &add($a1,$b1,$o1); &FR($a1);
- &cmpult($o1,$b1,$t1); &FR($b1);
- &add($o1,$cc,$o1);
- &cmpult($o1,$cc,$cc);
- &add($cc,$t1,$cc); &FR($t1);
-
- ($t2,$o2)=&NR(2);
-
- &add($a2,$b2,$o2); &FR($a2);
- &cmpult($o2,$b2,$t2); &FR($b2);
- &add($o2,$cc,$o2);
- &cmpult($o2,$cc,$cc);
- &add($cc,$t2,$cc); &FR($t2);
-
- ($t3,$o3)=&NR(2);
-
- &add($a3,$b3,$o3); &FR($a3);
- &cmpult($o3,$b3,$t3); &FR($b3);
- &add($o3,$cc,$o3);
- &cmpult($o3,$cc,$cc);
- &add($cc,$t3,$cc); &FR($t3);
-
- &st($o0,&QWPw(0,$rp)); &FR($o0);
- &st($o1,&QWPw(0,$rp)); &FR($o1);
- &st($o2,&QWPw(0,$rp)); &FR($o2);
- &st($o3,&QWPw(0,$rp)); &FR($o3);
-
- &sub($count,4,$count); # count-=4
- &add($ap,4*$QWS,$ap); # count+=4
- &add($bp,4*$QWS,$bp); # count+=4
- &add($rp,4*$QWS,$rp); # count+=4
-
- &blt($count,&label("finish"));
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
- &br(&label("loop"));
-EOF
-##################################################
- # Do the last 0..3 words
-
- &set_label("last_loop");
-
- &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
- &mul($a0,$word,($l0)=&NR(1));
- &add($ap,$QWS,$ap);
- &muh($a0,$word,($h0)=&NR(1)); &FR($a0);
- &add($l0,$cc,$l0);
- &add($rp,$QWS,$rp);
- &sub($count,1,$count);
- &cmpult($l0,$cc,$cc);
- &st($l0,&QWPw(-1,$rp)); &FR($l0);
- &add($h0,$cc,$cc); &FR($h0);
-
- &bgt($count,&label("last_loop"));
- &function_end_A($name);
-
-######################################################
- &set_label("finish");
- &add($count,4,$count);
- &bgt($count,&label("last_loop"));
-
- &set_label("end");
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha.works/sqr_c4.pl
+++ /dev/null
@@ -1,109 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub sqr_add_c
- {
- local($a,$c0,$c1,$c2)=@_;
- local($l1,$h1,$t1,$t2);
-
- &mul($a,$a,($l1)=&NR(1));
- &muh($a,$a,($h1)=&NR(1));
- &add($c0,$l1,$c0);
- &add($c1,$h1,$c1);
- &cmpult($c0,$l1,($t1)=&NR(1)); &FR($l1);
- &cmpult($c1,$h1,($t2)=&NR(1)); &FR($h1);
- &add($c1,$t1,$c1); &FR($t1);
- &add($c2,$t2,$c2); &FR($t2);
- }
-
-sub sqr_add_c2
- {
- local($a,$b,$c0,$c1,$c2)=@_;
- local($l1,$h1,$t1,$t2);
-
- &mul($a,$b,($l1)=&NR(1));
- &muh($a,$b,($h1)=&NR(1));
- &cmplt($l1,"zero",($lc1)=&NR(1));
- &cmplt($h1,"zero",($hc1)=&NR(1));
- &add($l1,$l1,$l1);
- &add($h1,$h1,$h1);
- &add($h1,$lc1,$h1); &FR($lc1);
- &add($c2,$hc1,$c2); &FR($hc1);
-
- &add($c0,$l1,$c0);
- &add($c1,$h1,$c1);
- &cmpult($c0,$l1,($lc1)=&NR(1)); &FR($l1);
- &cmpult($c1,$h1,($hc1)=&NR(1)); &FR($h1);
-
- &add($c1,$lc1,$c1); &FR($lc1);
- &add($c2,$hc1,$c2); &FR($hc1);
- }
-
-
-sub bn_sqr_comba4
- {
- local($name)=@_;
- local(@a, at b,$r,$c0,$c1,$c2);
-
- $cnt=1;
- &init_pool(2);
-
- $rp=&wparam(0);
- $ap=&wparam(1);
-
- &function_begin($name,"");
-
- &comment("");
-
- &ld(($a[0])=&NR(1),&QWPw(0,$ap));
- &ld(($a[1])=&NR(1),&QWPw(1,$ap));
- &ld(($a[2])=&NR(1),&QWPw(2,$ap));
- &ld(($a[3])=&NR(1),&QWPw(3,$ap)); &FR($ap);
-
- ($c0,$c1,$c2)=&NR(3);
-
- &mov("zero",$c2);
- &mul($a[0],$a[0],$c0);
- &muh($a[0],$a[0],$c1);
- &st($c0,&QWPw(0,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[0],$a[1],$c0,$c1,$c2);
- &st($c0,&QWPw(1,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[1],$c0,$c1,$c2);
- &sqr_add_c2($a[2],$a[0],$c0,$c1,$c2);
- &st($c0,&QWPw(2,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[3],$a[0],$c0,$c1,$c2);
- &sqr_add_c2($a[2],$a[1],$c0,$c1,$c2);
- &st($c0,&QWPw(3,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[2],$c0,$c1,$c2);
- &sqr_add_c2($a[3],$a[1],$c0,$c1,$c2);
- &st($c0,&QWPw(4,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c2($a[3],$a[2],$c0,$c1,$c2);
- &st($c0,&QWPw(5,$rp));
- ($c0,$c1,$c2)=($c1,$c2,$c0);
- &mov("zero",$c2);
-
- &sqr_add_c($a[3],$c0,$c1,$c2);
- &st($c0,&QWPw(6,$rp));
- &st($c1,&QWPw(7,$rp));
-
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/bn/asm/alpha.works/sqr.pl
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/usr/local/bin/perl
-# alpha assember
-
-sub bn_sqr_words
- {
- local($name)=@_;
- local($cc,$a,$b,$r,$couny);
-
- &init_pool(3);
- ($cc)=GR("r0");
-
- $rp=&wparam(0);
- $ap=&wparam(1);
- $count=&wparam(2);
-
- &function_begin($name,"");
-
- &comment("");
- &sub($count,4,$count);
- &mov("zero",$cc);
- &br(&label("finish"));
- &blt($count,&label("finish"));
-
- ($a0,$r0)=&NR(2);
- &ld($a0,&QWPw(0,$ap));
- &ld($r0,&QWPw(0,$rp));
-
-$a=<<'EOF';
-##########################################################
- &set_label("loop");
-
- ($a1)=&NR(1); &ld($a1,&QWPw(1,$ap));
- ($b1)=&NR(1); &ld($b1,&QWPw(1,$bp));
- ($a2)=&NR(1); &ld($a2,&QWPw(2,$ap));
- ($b2)=&NR(1); &ld($b2,&QWPw(2,$bp));
- ($a3)=&NR(1); &ld($a3,&QWPw(3,$ap));
- ($b3)=&NR(1); &ld($b3,&QWPw(3,$bp));
-
- ($o0,$t0)=&NR(2);
- &add($a0,$b0,$o0);
- &cmpult($o0,$b0,$t0);
- &add($o0,$cc,$o0);
- &cmpult($o0,$cc,$cc);
- &add($cc,$t0,$cc); &FR($t0);
-
- ($t1,$o1)=&NR(2);
-
- &add($a1,$b1,$o1); &FR($a1);
- &cmpult($o1,$b1,$t1); &FR($b1);
- &add($o1,$cc,$o1);
- &cmpult($o1,$cc,$cc);
- &add($cc,$t1,$cc); &FR($t1);
-
- ($t2,$o2)=&NR(2);
-
- &add($a2,$b2,$o2); &FR($a2);
- &cmpult($o2,$b2,$t2); &FR($b2);
- &add($o2,$cc,$o2);
- &cmpult($o2,$cc,$cc);
- &add($cc,$t2,$cc); &FR($t2);
-
- ($t3,$o3)=&NR(2);
-
- &add($a3,$b3,$o3); &FR($a3);
- &cmpult($o3,$b3,$t3); &FR($b3);
- &add($o3,$cc,$o3);
- &cmpult($o3,$cc,$cc);
- &add($cc,$t3,$cc); &FR($t3);
-
- &st($o0,&QWPw(0,$rp)); &FR($o0);
- &st($o1,&QWPw(0,$rp)); &FR($o1);
- &st($o2,&QWPw(0,$rp)); &FR($o2);
- &st($o3,&QWPw(0,$rp)); &FR($o3);
-
- &sub($count,4,$count); # count-=4
- &add($ap,4*$QWS,$ap); # count+=4
- &add($bp,4*$QWS,$bp); # count+=4
- &add($rp,4*$QWS,$rp); # count+=4
-
- &blt($count,&label("finish"));
- &ld($a0,&QWPw(0,$ap));
- &ld($b0,&QWPw(0,$bp));
- &br(&label("loop"));
-EOF
-##################################################
- # Do the last 0..3 words
-
- &set_label("last_loop");
-
- &ld(($a0)=&NR(1),&QWPw(0,$ap)); # get a
- &mul($a0,$a0,($l0)=&NR(1));
- &add($ap,$QWS,$ap);
- &add($rp,2*$QWS,$rp);
- &sub($count,1,$count);
- &muh($a0,$a0,($h0)=&NR(1)); &FR($a0);
- &st($l0,&QWPw(-2,$rp)); &FR($l0);
- &st($h0,&QWPw(-1,$rp)); &FR($h0);
-
- &bgt($count,&label("last_loop"));
- &function_end_A($name);
-
-######################################################
- &set_label("finish");
- &add($count,4,$count);
- &bgt($count,&label("last_loop"));
-
- &set_label("end");
- &function_end($name);
-
- &fin_pool;
- }
-
-1;
--- crypto/openssl/crypto/engine/hw_ubsec_err.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* hw_ubsec_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_ubsec_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA UBSEC_str_functs[]=
- {
-{ERR_PACK(0,UBSEC_F_UBSEC_CTRL,0), "UBSEC_CTRL"},
-{ERR_PACK(0,UBSEC_F_UBSEC_DH_COMPUTE_KEY,0), "UBSEC_DH_COMPUTE_KEY"},
-{ERR_PACK(0,UBSEC_F_UBSEC_DSA_SIGN,0), "UBSEC_DSA_SIGN"},
-{ERR_PACK(0,UBSEC_F_UBSEC_DSA_VERIFY,0), "UBSEC_DSA_VERIFY"},
-{ERR_PACK(0,UBSEC_F_UBSEC_FINISH,0), "UBSEC_FINISH"},
-{ERR_PACK(0,UBSEC_F_UBSEC_INIT,0), "UBSEC_INIT"},
-{ERR_PACK(0,UBSEC_F_UBSEC_MOD_EXP,0), "UBSEC_MOD_EXP"},
-{ERR_PACK(0,UBSEC_F_UBSEC_RNG_BYTES,0), "UBSEC_RNG_BYTES"},
-{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP,0), "UBSEC_RSA_MOD_EXP"},
-{ERR_PACK(0,UBSEC_F_UBSEC_RSA_MOD_EXP_CRT,0), "UBSEC_RSA_MOD_EXP_CRT"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA UBSEC_str_reasons[]=
- {
-{UBSEC_R_ALREADY_LOADED ,"already loaded"},
-{UBSEC_R_BN_EXPAND_FAIL ,"bn expand fail"},
-{UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"},
-{UBSEC_R_DSO_FAILURE ,"dso failure"},
-{UBSEC_R_MISSING_KEY_COMPONENTS ,"missing key components"},
-{UBSEC_R_NOT_LOADED ,"not loaded"},
-{UBSEC_R_REQUEST_FAILED ,"request failed"},
-{UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL ,"size too large or too small"},
-{UBSEC_R_UNIT_FAILURE ,"unit failure"},
-{0,NULL}
- };
-
-#endif
-
-#ifdef UBSEC_LIB_NAME
-static ERR_STRING_DATA UBSEC_lib_name[]=
- {
-{0 ,UBSEC_LIB_NAME},
-{0,NULL}
- };
-#endif
-
-
-static int UBSEC_lib_error_code=0;
-static int UBSEC_error_init=1;
-
-static void ERR_load_UBSEC_strings(void)
- {
- if (UBSEC_lib_error_code == 0)
- UBSEC_lib_error_code=ERR_get_next_error_library();
-
- if (UBSEC_error_init)
- {
- UBSEC_error_init=0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(UBSEC_lib_error_code,UBSEC_str_functs);
- ERR_load_strings(UBSEC_lib_error_code,UBSEC_str_reasons);
-#endif
-
-#ifdef UBSEC_LIB_NAME
- UBSEC_lib_name->error = ERR_PACK(UBSEC_lib_error_code,0,0);
- ERR_load_strings(0,UBSEC_lib_name);
-#endif
- }
- }
-
-static void ERR_unload_UBSEC_strings(void)
- {
- if (UBSEC_error_init == 0)
- {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(UBSEC_lib_error_code,UBSEC_str_functs);
- ERR_unload_strings(UBSEC_lib_error_code,UBSEC_str_reasons);
-#endif
-
-#ifdef UBSEC_LIB_NAME
- ERR_unload_strings(0,UBSEC_lib_name);
-#endif
- UBSEC_error_init=1;
- }
- }
-
-static void ERR_UBSEC_error(int function, int reason, char *file, int line)
- {
- if (UBSEC_lib_error_code == 0)
- UBSEC_lib_error_code=ERR_get_next_error_library();
- ERR_PUT_error(UBSEC_lib_error_code,function,reason,file,line);
- }
--- crypto/openssl/crypto/engine/hw_atalla_err.h
+++ /dev/null
@@ -1,89 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ATALLA_ERR_H
-#define HEADER_ATALLA_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_ATALLA_strings(void);
-static void ERR_unload_ATALLA_strings(void);
-static void ERR_ATALLA_error(int function, int reason, char *file, int line);
-#define ATALLAerr(f,r) ERR_ATALLA_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the ATALLA functions. */
-
-/* Function codes. */
-#define ATALLA_F_ATALLA_CTRL 100
-#define ATALLA_F_ATALLA_FINISH 101
-#define ATALLA_F_ATALLA_INIT 102
-#define ATALLA_F_ATALLA_MOD_EXP 103
-#define ATALLA_F_ATALLA_RSA_MOD_EXP 104
-
-/* Reason codes. */
-#define ATALLA_R_ALREADY_LOADED 100
-#define ATALLA_R_BN_CTX_FULL 101
-#define ATALLA_R_BN_EXPAND_FAIL 102
-#define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED 103
-#define ATALLA_R_MISSING_KEY_COMPONENTS 104
-#define ATALLA_R_NOT_LOADED 105
-#define ATALLA_R_REQUEST_FAILED 106
-#define ATALLA_R_UNIT_FAILURE 107
-
-#ifdef __cplusplus
-}
-#endif
-#endif
--- crypto/openssl/crypto/engine/hw_4758_cca.c
+++ /dev/null
@@ -1,969 +0,0 @@
-/* Author: Maurice Gittens <maurice at gittens.nl> */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-/* #include <openssl/pem.h> */
-#include "cryptlib.h"
-#include <openssl/dso.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_4758_CCA
-
-#ifdef FLAT_INC
-#include "hw_4758_cca.h"
-#else
-#include "vendor_defns/hw_4758_cca.h"
-#endif
-
-#include "hw_4758_cca_err.c"
-
-static int ibm_4758_cca_destroy(ENGINE *e);
-static int ibm_4758_cca_init(ENGINE *e);
-static int ibm_4758_cca_finish(ENGINE *e);
-static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-
-/* rsa functions */
-/*---------------*/
-#ifndef OPENSSL_NO_RSA
-static int cca_rsa_pub_enc(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-static int cca_rsa_priv_dec(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa,int padding);
-static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
-static int cca_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
-
-/* utility functions */
-/*-----------------------*/
-static EVP_PKEY *ibm_4758_load_privkey(ENGINE*, const char*,
- UI_METHOD *ui_method, void *callback_data);
-static EVP_PKEY *ibm_4758_load_pubkey(ENGINE*, const char*,
- UI_METHOD *ui_method, void *callback_data);
-
-static int getModulusAndExponent(const unsigned char *token, long *exponentLength,
- unsigned char *exponent, long *modulusLength,
- long *modulusFieldLength, unsigned char *modulus);
-#endif
-
-/* RAND number functions */
-/*-----------------------*/
-static int cca_get_random_bytes(unsigned char*, int );
-static int cca_random_status(void);
-
-static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int idx,long argl, void *argp);
-
-/* Function pointers for CCA verbs */
-/*---------------------------------*/
-#ifndef OPENSSL_NO_RSA
-static F_KEYRECORDREAD keyRecordRead;
-static F_DIGITALSIGNATUREGENERATE digitalSignatureGenerate;
-static F_DIGITALSIGNATUREVERIFY digitalSignatureVerify;
-static F_PUBLICKEYEXTRACT publicKeyExtract;
-static F_PKAENCRYPT pkaEncrypt;
-static F_PKADECRYPT pkaDecrypt;
-#endif
-static F_RANDOMNUMBERGENERATE randomNumberGenerate;
-
-/* static variables */
-/*------------------*/
-static const char *CCA4758_LIB_NAME = NULL;
-static const char *get_CCA4758_LIB_NAME(void)
- {
- if(CCA4758_LIB_NAME)
- return CCA4758_LIB_NAME;
- return CCA_LIB_NAME;
- }
-static void free_CCA4758_LIB_NAME(void)
- {
- if(CCA4758_LIB_NAME)
- OPENSSL_free((void*)CCA4758_LIB_NAME);
- CCA4758_LIB_NAME = NULL;
- }
-static long set_CCA4758_LIB_NAME(const char *name)
- {
- free_CCA4758_LIB_NAME();
- return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0);
- }
-#ifndef OPENSSL_NO_RSA
-static const char* n_keyRecordRead = CSNDKRR;
-static const char* n_digitalSignatureGenerate = CSNDDSG;
-static const char* n_digitalSignatureVerify = CSNDDSV;
-static const char* n_publicKeyExtract = CSNDPKX;
-static const char* n_pkaEncrypt = CSNDPKE;
-static const char* n_pkaDecrypt = CSNDPKD;
-#endif
-static const char* n_randomNumberGenerate = CSNBRNG;
-
-static int hndidx = -1;
-static DSO *dso = NULL;
-
-/* openssl engine initialization structures */
-/*------------------------------------------*/
-
-#define CCA4758_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN cca4758_cmd_defns[] = {
- {CCA4758_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the '4758cca' shared library",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
- };
-
-#ifndef OPENSSL_NO_RSA
-static RSA_METHOD ibm_4758_cca_rsa =
- {
- "IBM 4758 CCA RSA method",
- cca_rsa_pub_enc,
- NULL,
- NULL,
- cca_rsa_priv_dec,
- NULL, /*rsa_mod_exp,*/
- NULL, /*mod_exp_mont,*/
- NULL, /* init */
- NULL, /* finish */
- RSA_FLAG_SIGN_VER, /* flags */
- NULL, /* app_data */
- cca_rsa_sign, /* rsa_sign */
- cca_rsa_verify /* rsa_verify */
- };
-#endif
-
-static RAND_METHOD ibm_4758_cca_rand =
- {
- /* "IBM 4758 RAND method", */
- NULL, /* seed */
- cca_get_random_bytes, /* get random bytes from the card */
- NULL, /* cleanup */
- NULL, /* add */
- cca_get_random_bytes, /* pseudo rand */
- cca_random_status, /* status */
- };
-
-static const char *engine_4758_cca_id = "4758cca";
-static const char *engine_4758_cca_name = "IBM 4758 CCA hardware engine support";
-
-/* engine implementation */
-/*-----------------------*/
-static int bind_helper(ENGINE *e)
- {
- if(!ENGINE_set_id(e, engine_4758_cca_id) ||
- !ENGINE_set_name(e, engine_4758_cca_name) ||
-#ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &ibm_4758_cca_rsa) ||
-#endif
- !ENGINE_set_RAND(e, &ibm_4758_cca_rand) ||
- !ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) ||
- !ENGINE_set_init_function(e, ibm_4758_cca_init) ||
- !ENGINE_set_finish_function(e, ibm_4758_cca_finish) ||
- !ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) ||
- !ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) ||
- !ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) ||
- !ENGINE_set_cmd_defns(e, cca4758_cmd_defns))
- return 0;
- /* Ensure the error handling is set up */
- ERR_load_CCA4758_strings();
- return 1;
- }
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_4758_cca(void)
- {
- ENGINE *ret = ENGINE_new();
- if(!ret)
- return NULL;
- if(!bind_helper(ret))
- {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
- }
-
-void ENGINE_load_4758cca(void)
- {
- ENGINE *e_4758 = engine_4758_cca();
- if (!e_4758) return;
- ENGINE_add(e_4758);
- ENGINE_free(e_4758);
- ERR_clear_error();
- }
-#endif
-
-static int ibm_4758_cca_destroy(ENGINE *e)
- {
- ERR_unload_CCA4758_strings();
- free_CCA4758_LIB_NAME();
- return 1;
- }
-
-static int ibm_4758_cca_init(ENGINE *e)
- {
- if(dso)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_ALREADY_LOADED);
- goto err;
- }
-
- dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0);
- if(!dso)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
- goto err;
- }
-
-#ifndef OPENSSL_NO_RSA
- if(!(keyRecordRead = (F_KEYRECORDREAD)
- DSO_bind_func(dso, n_keyRecordRead)) ||
- !(randomNumberGenerate = (F_RANDOMNUMBERGENERATE)
- DSO_bind_func(dso, n_randomNumberGenerate)) ||
- !(digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)
- DSO_bind_func(dso, n_digitalSignatureGenerate)) ||
- !(digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)
- DSO_bind_func(dso, n_digitalSignatureVerify)) ||
- !(publicKeyExtract = (F_PUBLICKEYEXTRACT)
- DSO_bind_func(dso, n_publicKeyExtract)) ||
- !(pkaEncrypt = (F_PKAENCRYPT)
- DSO_bind_func(dso, n_pkaEncrypt)) ||
- !(pkaDecrypt = (F_PKADECRYPT)
- DSO_bind_func(dso, n_pkaDecrypt)))
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
- goto err;
- }
-#else
- if(!(randomNumberGenerate = (F_RANDOMNUMBERGENERATE)
- DSO_bind_func(dso, n_randomNumberGenerate)))
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_INIT,CCA4758_R_DSO_FAILURE);
- goto err;
- }
-#endif
-
- hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle",
- NULL, NULL, cca_ex_free);
-
- return 1;
-err:
- if(dso)
- DSO_free(dso);
- dso = NULL;
-
- keyRecordRead = (F_KEYRECORDREAD)0;
- randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
- digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0;
- digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
- publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
- pkaEncrypt = (F_PKAENCRYPT)0;
- pkaDecrypt = (F_PKADECRYPT)0;
- return 0;
- }
-
-static int ibm_4758_cca_finish(ENGINE *e)
- {
- free_CCA4758_LIB_NAME();
- if(!dso)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH,
- CCA4758_R_NOT_LOADED);
- return 0;
- }
- if(!DSO_free(dso))
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH,
- CCA4758_R_UNIT_FAILURE);
- return 0;
- }
- dso = NULL;
- keyRecordRead = (F_KEYRECORDREAD)0;
- randomNumberGenerate = (F_RANDOMNUMBERGENERATE)0;
- digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)0;
- digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
- publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
- pkaEncrypt = (F_PKAENCRYPT)0;
- pkaDecrypt = (F_PKADECRYPT)0;
- return 1;
- }
-
-static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
- {
- int initialised = ((dso == NULL) ? 0 : 1);
- switch(cmd)
- {
- case CCA4758_CMD_SO_PATH:
- if(p == NULL)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
- ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if(initialised)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
- CCA4758_R_ALREADY_LOADED);
- return 0;
- }
- return set_CCA4758_LIB_NAME((const char *)p);
- default:
- break;
- }
- CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
- CCA4758_R_COMMAND_NOT_IMPLEMENTED);
- return 0;
- }
-
-#ifndef OPENSSL_NO_RSA
-
-#define MAX_CCA_PKA_TOKEN_SIZE 2500
-
-static EVP_PKEY *ibm_4758_load_privkey(ENGINE* e, const char* key_id,
- UI_METHOD *ui_method, void *callback_data)
- {
- RSA *rtmp = NULL;
- EVP_PKEY *res = NULL;
- unsigned char* keyToken = NULL;
- unsigned char pubKeyToken[MAX_CCA_PKA_TOKEN_SIZE];
- long pubKeyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
- long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
- long returnCode;
- long reasonCode;
- long exitDataLength = 0;
- long ruleArrayLength = 0;
- unsigned char exitData[8];
- unsigned char ruleArray[8];
- unsigned char keyLabel[64];
- long keyLabelLength = strlen(key_id);
- unsigned char modulus[256];
- long modulusFieldLength = sizeof(modulus);
- long modulusLength = 0;
- unsigned char exponent[256];
- long exponentLength = sizeof(exponent);
-
- if (keyLabelLength > sizeof(keyLabel))
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return NULL;
- }
-
- memset(keyLabel,' ', sizeof(keyLabel));
- memcpy(keyLabel, key_id, keyLabelLength);
-
- keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
- if (!keyToken)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- keyRecordRead(&returnCode, &reasonCode, &exitDataLength,
- exitData, &ruleArrayLength, ruleArray, keyLabel,
- &keyTokenLength, keyToken+sizeof(long));
-
- if (returnCode)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
- CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
- goto err;
- }
-
- publicKeyExtract(&returnCode, &reasonCode, &exitDataLength,
- exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
- keyToken+sizeof(long), &pubKeyTokenLength, pubKeyToken);
-
- if (returnCode)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
- CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
- goto err;
- }
-
- if (!getModulusAndExponent(pubKeyToken, &exponentLength,
- exponent, &modulusLength, &modulusFieldLength,
- modulus))
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
- CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
- goto err;
- }
-
- (*(long*)keyToken) = keyTokenLength;
- rtmp = RSA_new_method(e);
- RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
-
- rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
- rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
- rtmp->flags |= RSA_FLAG_EXT_PKEY;
-
- res = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(res, rtmp);
-
- return res;
-err:
- if (keyToken)
- OPENSSL_free(keyToken);
- if (res)
- EVP_PKEY_free(res);
- if (rtmp)
- RSA_free(rtmp);
- return NULL;
- }
-
-static EVP_PKEY *ibm_4758_load_pubkey(ENGINE* e, const char* key_id,
- UI_METHOD *ui_method, void *callback_data)
- {
- RSA *rtmp = NULL;
- EVP_PKEY *res = NULL;
- unsigned char* keyToken = NULL;
- long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
- long returnCode;
- long reasonCode;
- long exitDataLength = 0;
- long ruleArrayLength = 0;
- unsigned char exitData[8];
- unsigned char ruleArray[8];
- unsigned char keyLabel[64];
- long keyLabelLength = strlen(key_id);
- unsigned char modulus[512];
- long modulusFieldLength = sizeof(modulus);
- long modulusLength = 0;
- unsigned char exponent[512];
- long exponentLength = sizeof(exponent);
-
- if (keyLabelLength > sizeof(keyLabel))
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return NULL;
- }
-
- memset(keyLabel,' ', sizeof(keyLabel));
- memcpy(keyLabel, key_id, keyLabelLength);
-
- keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
- if (!keyToken)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- keyRecordRead(&returnCode, &reasonCode, &exitDataLength, exitData,
- &ruleArrayLength, ruleArray, keyLabel, &keyTokenLength,
- keyToken+sizeof(long));
-
- if (returnCode)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!getModulusAndExponent(keyToken+sizeof(long), &exponentLength,
- exponent, &modulusLength, &modulusFieldLength, modulus))
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,
- CCA4758_R_FAILED_LOADING_PUBLIC_KEY);
- goto err;
- }
-
- (*(long*)keyToken) = keyTokenLength;
- rtmp = RSA_new_method(e);
- RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
- rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
- rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
- rtmp->flags |= RSA_FLAG_EXT_PKEY;
- res = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(res, rtmp);
-
- return res;
-err:
- if (keyToken)
- OPENSSL_free(keyToken);
- if (res)
- EVP_PKEY_free(res);
- if (rtmp)
- RSA_free(rtmp);
- return NULL;
- }
-
-static int cca_rsa_pub_enc(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa,int padding)
- {
- long returnCode;
- long reasonCode;
- long lflen = flen;
- long exitDataLength = 0;
- unsigned char exitData[8];
- long ruleArrayLength = 1;
- unsigned char ruleArray[8] = "PKCS-1.2";
- long dataStructureLength = 0;
- unsigned char dataStructure[8];
- long outputLength = RSA_size(rsa);
- long keyTokenLength;
- unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
-
- keyTokenLength = *(long*)keyToken;
- keyToken+=sizeof(long);
-
- pkaEncrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
- &ruleArrayLength, ruleArray, &lflen, (unsigned char*)from,
- &dataStructureLength, dataStructure, &keyTokenLength,
- keyToken, &outputLength, to);
-
- if (returnCode || reasonCode)
- return -(returnCode << 16 | reasonCode);
- return outputLength;
- }
-
-static int cca_rsa_priv_dec(int flen, const unsigned char *from,
- unsigned char *to, RSA *rsa,int padding)
- {
- long returnCode;
- long reasonCode;
- long lflen = flen;
- long exitDataLength = 0;
- unsigned char exitData[8];
- long ruleArrayLength = 1;
- unsigned char ruleArray[8] = "PKCS-1.2";
- long dataStructureLength = 0;
- unsigned char dataStructure[8];
- long outputLength = RSA_size(rsa);
- long keyTokenLength;
- unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
-
- keyTokenLength = *(long*)keyToken;
- keyToken+=sizeof(long);
-
- pkaDecrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
- &ruleArrayLength, ruleArray, &lflen, (unsigned char*)from,
- &dataStructureLength, dataStructure, &keyTokenLength,
- keyToken, &outputLength, to);
-
- return (returnCode | reasonCode) ? 0 : 1;
- }
-
-#define SSL_SIG_LEN 36
-
-static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
- unsigned char *sigbuf, unsigned int siglen, const RSA *rsa)
- {
- long returnCode;
- long reasonCode;
- long lsiglen = siglen;
- long exitDataLength = 0;
- unsigned char exitData[8];
- long ruleArrayLength = 1;
- unsigned char ruleArray[8] = "PKCS-1.1";
- long keyTokenLength;
- unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
- long length = SSL_SIG_LEN;
- long keyLength ;
- unsigned char *hashBuffer = NULL;
- X509_SIG sig;
- ASN1_TYPE parameter;
- X509_ALGOR algorithm;
- ASN1_OCTET_STRING digest;
-
- keyTokenLength = *(long*)keyToken;
- keyToken+=sizeof(long);
-
- if (type == NID_md5 || type == NID_sha1)
- {
- sig.algor = &algorithm;
- algorithm.algorithm = OBJ_nid2obj(type);
-
- if (!algorithm.algorithm)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
- CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
- return 0;
- }
-
- if (!algorithm.algorithm->length)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
- CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
- return 0;
- }
-
- parameter.type = V_ASN1_NULL;
- parameter.value.ptr = NULL;
- algorithm.parameter = ¶meter;
-
- sig.digest = &digest;
- sig.digest->data = (unsigned char*)m;
- sig.digest->length = m_len;
-
- length = i2d_X509_SIG(&sig, NULL);
- }
-
- keyLength = RSA_size(rsa);
-
- if (length - RSA_PKCS1_PADDING > keyLength)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return 0;
- }
-
- switch (type)
- {
- case NID_md5_sha1 :
- if (m_len != SSL_SIG_LEN)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return 0;
- }
-
- hashBuffer = (unsigned char *)m;
- length = m_len;
- break;
- case NID_md5 :
- {
- unsigned char *ptr;
- ptr = hashBuffer = OPENSSL_malloc(
- (unsigned int)keyLength+1);
- if (!hashBuffer)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
-
- i2d_X509_SIG(&sig, &ptr);
- }
- break;
- case NID_sha1 :
- {
- unsigned char *ptr;
- ptr = hashBuffer = OPENSSL_malloc(
- (unsigned int)keyLength+1);
- if (!hashBuffer)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- i2d_X509_SIG(&sig, &ptr);
- }
- break;
- default:
- return 0;
- }
-
- digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength,
- exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
- keyToken, &length, hashBuffer, &lsiglen, sigbuf);
-
- if (type == NID_sha1 || type == NID_md5)
- {
- OPENSSL_cleanse(hashBuffer, keyLength+1);
- OPENSSL_free(hashBuffer);
- }
-
- return ((returnCode || reasonCode) ? 0 : 1);
- }
-
-#define SSL_SIG_LEN 36
-
-static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
- unsigned char *sigret, unsigned int *siglen, const RSA *rsa)
- {
- long returnCode;
- long reasonCode;
- long exitDataLength = 0;
- unsigned char exitData[8];
- long ruleArrayLength = 1;
- unsigned char ruleArray[8] = "PKCS-1.1";
- long outputLength=256;
- long outputBitLength;
- long keyTokenLength;
- unsigned char *hashBuffer = NULL;
- unsigned char* keyToken = (unsigned char*)RSA_get_ex_data(rsa, hndidx);
- long length = SSL_SIG_LEN;
- long keyLength ;
- X509_SIG sig;
- ASN1_TYPE parameter;
- X509_ALGOR algorithm;
- ASN1_OCTET_STRING digest;
-
- keyTokenLength = *(long*)keyToken;
- keyToken+=sizeof(long);
-
- if (type == NID_md5 || type == NID_sha1)
- {
- sig.algor = &algorithm;
- algorithm.algorithm = OBJ_nid2obj(type);
-
- if (!algorithm.algorithm)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
- CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
- return 0;
- }
-
- if (!algorithm.algorithm->length)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
- CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
- return 0;
- }
-
- parameter.type = V_ASN1_NULL;
- parameter.value.ptr = NULL;
- algorithm.parameter = ¶meter;
-
- sig.digest = &digest;
- sig.digest->data = (unsigned char*)m;
- sig.digest->length = m_len;
-
- length = i2d_X509_SIG(&sig, NULL);
- }
-
- keyLength = RSA_size(rsa);
-
- if (length - RSA_PKCS1_PADDING > keyLength)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return 0;
- }
-
- switch (type)
- {
- case NID_md5_sha1 :
- if (m_len != SSL_SIG_LEN)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_SIGN,
- CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return 0;
- }
- hashBuffer = (unsigned char*)m;
- length = m_len;
- break;
- case NID_md5 :
- {
- unsigned char *ptr;
- ptr = hashBuffer = OPENSSL_malloc(
- (unsigned int)keyLength+1);
- if (!hashBuffer)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- i2d_X509_SIG(&sig, &ptr);
- }
- break;
- case NID_sha1 :
- {
- unsigned char *ptr;
- ptr = hashBuffer = OPENSSL_malloc(
- (unsigned int)keyLength+1);
- if (!hashBuffer)
- {
- CCA4758err(CCA4758_F_IBM_4758_CCA_VERIFY,
- ERR_R_MALLOC_FAILURE);
- return 0;
- }
- i2d_X509_SIG(&sig, &ptr);
- }
- break;
- default:
- return 0;
- }
-
- digitalSignatureGenerate(&returnCode, &reasonCode, &exitDataLength,
- exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
- keyToken, &length, hashBuffer, &outputLength, &outputBitLength,
- sigret);
-
- if (type == NID_sha1 || type == NID_md5)
- {
- OPENSSL_cleanse(hashBuffer, keyLength+1);
- OPENSSL_free(hashBuffer);
- }
-
- *siglen = outputLength;
-
- return ((returnCode || reasonCode) ? 0 : 1);
- }
-
-static int getModulusAndExponent(const unsigned char*token, long *exponentLength,
- unsigned char *exponent, long *modulusLength, long *modulusFieldLength,
- unsigned char *modulus)
- {
- unsigned long len;
-
- if (*token++ != (char)0x1E) /* internal PKA token? */
- return 0;
-
- if (*token++) /* token version must be zero */
- return 0;
-
- len = *token++;
- len = len << 8;
- len |= (unsigned char)*token++;
-
- token += 4; /* skip reserved bytes */
-
- if (*token++ == (char)0x04)
- {
- if (*token++) /* token version must be zero */
- return 0;
-
- len = *token++;
- len = len << 8;
- len |= (unsigned char)*token++;
-
- token+=2; /* skip reserved section */
-
- len = *token++;
- len = len << 8;
- len |= (unsigned char)*token++;
-
- *exponentLength = len;
-
- len = *token++;
- len = len << 8;
- len |= (unsigned char)*token++;
-
- *modulusLength = len;
-
- len = *token++;
- len = len << 8;
- len |= (unsigned char)*token++;
-
- *modulusFieldLength = len;
-
- memcpy(exponent, token, *exponentLength);
- token+= *exponentLength;
-
- memcpy(modulus, token, *modulusFieldLength);
- return 1;
- }
- return 0;
- }
-
-#endif /* OPENSSL_NO_RSA */
-
-static int cca_random_status(void)
- {
- return 1;
- }
-
-static int cca_get_random_bytes(unsigned char* buf, int num)
- {
- long ret_code;
- long reason_code;
- long exit_data_length;
- unsigned char exit_data[4];
- unsigned char form[] = "RANDOM ";
- unsigned char rand_buf[8];
-
- while(num >= sizeof(rand_buf))
- {
- randomNumberGenerate(&ret_code, &reason_code, &exit_data_length,
- exit_data, form, rand_buf);
- if (ret_code)
- return 0;
- num -= sizeof(rand_buf);
- memcpy(buf, rand_buf, sizeof(rand_buf));
- buf += sizeof(rand_buf);
- }
-
- if (num)
- {
- randomNumberGenerate(&ret_code, &reason_code, NULL, NULL,
- form, rand_buf);
- if (ret_code)
- return 0;
- memcpy(buf, rand_buf, num);
- }
-
- return 1;
- }
-
-static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx,
- long argl, void *argp)
- {
- if (item)
- OPENSSL_free(item);
- }
-
-/* Goo to handle building as a dynamic engine */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
- {
- if(id && (strcmp(id, engine_4758_cca_id) != 0))
- return 0;
- if(!bind_helper(e))
- return 0;
- return 1;
- }
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_4758_CCA */
-#endif /* !OPENSSL_NO_HW */
--- crypto/openssl/crypto/engine/hw_sureware_err.h
+++ /dev/null
@@ -1,94 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SUREWARE_ERR_H
-#define HEADER_SUREWARE_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_SUREWARE_strings(void);
-static void ERR_unload_SUREWARE_strings(void);
-static void ERR_SUREWARE_error(int function, int reason, char *file, int line);
-#define SUREWAREerr(f,r) ERR_SUREWARE_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the SUREWARE functions. */
-
-/* Function codes. */
-#define SUREWARE_F_SUREWAREHK_CTRL 100
-#define SUREWARE_F_SUREWAREHK_DSA_DO_SIGN 101
-#define SUREWARE_F_SUREWAREHK_EX_FREE 102
-#define SUREWARE_F_SUREWAREHK_FINISH 103
-#define SUREWARE_F_SUREWAREHK_INIT 104
-#define SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY 105
-#define SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY 106
-#define SUREWARE_F_SUREWAREHK_MOD_EXP 107
-#define SUREWARE_F_SUREWAREHK_RAND_BYTES 108
-#define SUREWARE_F_SUREWAREHK_RAND_SEED 109
-#define SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC 110
-#define SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC 111
-
-/* Reason codes. */
-#define SUREWARE_R_BIO_WAS_FREED 100
-#define SUREWARE_R_MISSING_KEY_COMPONENTS 105
-#define SUREWARE_R_REQUEST_FAILED 101
-#define SUREWARE_R_REQUEST_FALLBACK 102
-#define SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL 103
-#define SUREWARE_R_UNIT_FAILURE 104
-
-#ifdef __cplusplus
-}
-#endif
-#endif
--- crypto/openssl/crypto/engine/hw_cswift_err.h
+++ /dev/null
@@ -1,93 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_CSWIFT_ERR_H
-#define HEADER_CSWIFT_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_CSWIFT_strings(void);
-static void ERR_unload_CSWIFT_strings(void);
-static void ERR_CSWIFT_error(int function, int reason, char *file, int line);
-#define CSWIFTerr(f,r) ERR_CSWIFT_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the CSWIFT functions. */
-
-/* Function codes. */
-#define CSWIFT_F_CSWIFT_CTRL 100
-#define CSWIFT_F_CSWIFT_DSA_SIGN 101
-#define CSWIFT_F_CSWIFT_DSA_VERIFY 102
-#define CSWIFT_F_CSWIFT_FINISH 103
-#define CSWIFT_F_CSWIFT_INIT 104
-#define CSWIFT_F_CSWIFT_MOD_EXP 105
-#define CSWIFT_F_CSWIFT_MOD_EXP_CRT 106
-#define CSWIFT_F_CSWIFT_RSA_MOD_EXP 107
-
-/* Reason codes. */
-#define CSWIFT_R_ALREADY_LOADED 100
-#define CSWIFT_R_BAD_KEY_SIZE 101
-#define CSWIFT_R_BN_CTX_FULL 102
-#define CSWIFT_R_BN_EXPAND_FAIL 103
-#define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED 104
-#define CSWIFT_R_MISSING_KEY_COMPONENTS 105
-#define CSWIFT_R_NOT_LOADED 106
-#define CSWIFT_R_REQUEST_FAILED 107
-#define CSWIFT_R_UNIT_FAILURE 108
-
-#ifdef __cplusplus
-}
-#endif
-#endif
--- crypto/openssl/crypto/engine/hw_cryptodev.c
+++ /dev/null
@@ -1,1135 +0,0 @@
-/*
- * Copyright (c) 2002 Bob Beck <beck at openbsd.org>
- * Copyright (c) 2002 Theo de Raadt
- * Copyright (c) 2002 Markus Friedl
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include <openssl/objects.h>
-#include <openssl/engine.h>
-#include <openssl/evp.h>
-
-#if (defined(__unix__) || defined(unix)) && !defined(USG)
-#include <sys/param.h>
-# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041)
-# define HAVE_CRYPTODEV
-# endif
-# if (OpenBSD >= 200110)
-# define HAVE_SYSLOG_R
-# endif
-#endif
-
-#ifndef HAVE_CRYPTODEV
-
-void
-ENGINE_load_cryptodev(void)
-{
- /* This is a NOP on platforms without /dev/crypto */
- return;
-}
-
-#else
-
-#include <sys/types.h>
-#include <crypto/cryptodev.h>
-#include <sys/ioctl.h>
-#include <errno.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <stdarg.h>
-#include <syslog.h>
-#include <errno.h>
-#include <string.h>
-
-struct dev_crypto_state {
- struct session_op d_sess;
- int d_fd;
-};
-
-static u_int32_t cryptodev_asymfeat = 0;
-
-static int get_asym_dev_crypto(void);
-static int open_dev_crypto(void);
-static int get_dev_crypto(void);
-static int cryptodev_max_iv(int cipher);
-static int cryptodev_key_length_valid(int cipher, int len);
-static int cipher_nid_to_cryptodev(int nid);
-static int get_cryptodev_ciphers(const int **cnids);
-/*static int get_cryptodev_digests(const int **cnids);*/
-static int cryptodev_usable_ciphers(const int **nids);
-static int cryptodev_usable_digests(const int **nids);
-static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl);
-static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
-static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx);
-static int cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
- const int **nids, int nid);
-static int cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
- const int **nids, int nid);
-static int bn2crparam(const BIGNUM *a, struct crparam *crp);
-static int crparam2bn(struct crparam *crp, BIGNUM *a);
-static void zapparams(struct crypt_kop *kop);
-static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r,
- int slen, BIGNUM *s);
-
-static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I,
- RSA *rsa);
-static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
- BN_CTX *ctx, BN_MONT_CTX *mont);
-static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst,
- int dlen, DSA *dsa);
-static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-static int cryptodev_dh_compute_key(unsigned char *key,
- const BIGNUM *pub_key, DH *dh);
-static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
- void (*f)());
-void ENGINE_load_cryptodev(void);
-
-static const ENGINE_CMD_DEFN cryptodev_defns[] = {
- { 0, NULL, NULL, 0 }
-};
-
-static struct {
- int id;
- int nid;
- int ivmax;
- int keylen;
-} ciphers[] = {
- { CRYPTO_DES_CBC, NID_des_cbc, 8, 8, },
- { CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24, },
- { CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16, },
- { CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16, },
- { CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16, },
- { CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0, },
- { 0, NID_undef, 0, 0, },
-};
-
-#if 0 /* UNUSED */
-static struct {
- int id;
- int nid;
-} digests[] = {
- { CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, },
- { CRYPTO_RIPEMD160_HMAC, NID_ripemd160, },
- { CRYPTO_MD5_KPDK, NID_undef, },
- { CRYPTO_SHA1_KPDK, NID_undef, },
- { CRYPTO_MD5, NID_md5, },
- { CRYPTO_SHA1, NID_undef, },
- { 0, NID_undef, },
-};
-#endif
-
-/*
- * Return a fd if /dev/crypto seems usable, 0 otherwise.
- */
-static int
-open_dev_crypto(void)
-{
- static int fd = -1;
-
- if (fd == -1) {
- if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1)
- return (-1);
- /* close on exec */
- if (fcntl(fd, F_SETFD, 1) == -1) {
- close(fd);
- fd = -1;
- return (-1);
- }
- }
- return (fd);
-}
-
-static int
-get_dev_crypto(void)
-{
- int fd, retfd;
-
- if ((fd = open_dev_crypto()) == -1)
- return (-1);
- if (ioctl(fd, CRIOGET, &retfd) == -1)
- return (-1);
-
- /* close on exec */
- if (fcntl(retfd, F_SETFD, 1) == -1) {
- close(retfd);
- return (-1);
- }
- return (retfd);
-}
-
-/* Caching version for asym operations */
-static int
-get_asym_dev_crypto(void)
-{
- static int fd = -1;
-
- if (fd == -1)
- fd = get_dev_crypto();
- return fd;
-}
-
-/*
- * XXXX this needs to be set for each alg - and determined from
- * a running card.
- */
-static int
-cryptodev_max_iv(int cipher)
-{
- int i;
-
- for (i = 0; ciphers[i].id; i++)
- if (ciphers[i].id == cipher)
- return (ciphers[i].ivmax);
- return (0);
-}
-
-/*
- * XXXX this needs to be set for each alg - and determined from
- * a running card. For now, fake it out - but most of these
- * for real devices should return 1 for the supported key
- * sizes the device can handle.
- */
-static int
-cryptodev_key_length_valid(int cipher, int len)
-{
- int i;
-
- for (i = 0; ciphers[i].id; i++)
- if (ciphers[i].id == cipher)
- return (ciphers[i].keylen == len);
- return (0);
-}
-
-/* convert libcrypto nids to cryptodev */
-static int
-cipher_nid_to_cryptodev(int nid)
-{
- int i;
-
- for (i = 0; ciphers[i].id; i++)
- if (ciphers[i].nid == nid)
- return (ciphers[i].id);
- return (0);
-}
-
-/*
- * Find out what ciphers /dev/crypto will let us have a session for.
- * XXX note, that some of these openssl doesn't deal with yet!
- * returning them here is harmless, as long as we return NULL
- * when asked for a handler in the cryptodev_engine_ciphers routine
- */
-static int
-get_cryptodev_ciphers(const int **cnids)
-{
- static int nids[CRYPTO_ALGORITHM_MAX];
- struct session_op sess;
- int fd, i, count = 0;
-
- if ((fd = get_dev_crypto()) < 0) {
- *cnids = NULL;
- return (0);
- }
- memset(&sess, 0, sizeof(sess));
- sess.key = (caddr_t)"123456781234567812345678";
-
- for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
- if (ciphers[i].nid == NID_undef)
- continue;
- sess.cipher = ciphers[i].id;
- sess.keylen = ciphers[i].keylen;
- sess.mac = 0;
- if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
- ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
- nids[count++] = ciphers[i].nid;
- }
- close(fd);
-
- if (count > 0)
- *cnids = nids;
- else
- *cnids = NULL;
- return (count);
-}
-
-/*
- * Find out what digests /dev/crypto will let us have a session for.
- * XXX note, that some of these openssl doesn't deal with yet!
- * returning them here is harmless, as long as we return NULL
- * when asked for a handler in the cryptodev_engine_digests routine
- */
-#if 0 /* UNUSED */
-static int
-get_cryptodev_digests(const int **cnids)
-{
- static int nids[CRYPTO_ALGORITHM_MAX];
- struct session_op sess;
- int fd, i, count = 0;
-
- if ((fd = get_dev_crypto()) < 0) {
- *cnids = NULL;
- return (0);
- }
- memset(&sess, 0, sizeof(sess));
- for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
- if (digests[i].nid == NID_undef)
- continue;
- sess.mac = digests[i].id;
- sess.cipher = 0;
- if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
- ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
- nids[count++] = digests[i].nid;
- }
- close(fd);
-
- if (count > 0)
- *cnids = nids;
- else
- *cnids = NULL;
- return (count);
-}
-#endif
-
-/*
- * Find the useable ciphers|digests from dev/crypto - this is the first
- * thing called by the engine init crud which determines what it
- * can use for ciphers from this engine. We want to return
- * only what we can do, anythine else is handled by software.
- *
- * If we can't initialize the device to do anything useful for
- * any reason, we want to return a NULL array, and 0 length,
- * which forces everything to be done is software. By putting
- * the initalization of the device in here, we ensure we can
- * use this engine as the default, and if for whatever reason
- * /dev/crypto won't do what we want it will just be done in
- * software
- *
- * This can (should) be greatly expanded to perhaps take into
- * account speed of the device, and what we want to do.
- * (although the disabling of particular alg's could be controlled
- * by the device driver with sysctl's.) - this is where we
- * want most of the decisions made about what we actually want
- * to use from /dev/crypto.
- */
-static int
-cryptodev_usable_ciphers(const int **nids)
-{
- return (get_cryptodev_ciphers(nids));
-}
-
-static int
-cryptodev_usable_digests(const int **nids)
-{
- /*
- * XXXX just disable all digests for now, because it sucks.
- * we need a better way to decide this - i.e. I may not
- * want digests on slow cards like hifn on fast machines,
- * but might want them on slow or loaded machines, etc.
- * will also want them when using crypto cards that don't
- * suck moose gonads - would be nice to be able to decide something
- * as reasonable default without having hackery that's card dependent.
- * of course, the default should probably be just do everything,
- * with perhaps a sysctl to turn algoritms off (or have them off
- * by default) on cards that generally suck like the hifn.
- */
- *nids = NULL;
- return (0);
-}
-
-static int
-cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, unsigned int inl)
-{
- struct crypt_op cryp;
- struct dev_crypto_state *state = ctx->cipher_data;
- struct session_op *sess = &state->d_sess;
- void *iiv;
- unsigned char save_iv[EVP_MAX_IV_LENGTH];
-
- if (state->d_fd < 0)
- return (0);
- if (!inl)
- return (1);
- if ((inl % ctx->cipher->block_size) != 0)
- return (0);
-
- memset(&cryp, 0, sizeof(cryp));
-
- cryp.ses = sess->ses;
- cryp.flags = 0;
- cryp.len = inl;
- cryp.src = (caddr_t) in;
- cryp.dst = (caddr_t) out;
- cryp.mac = 0;
-
- cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
-
- if (ctx->cipher->iv_len) {
- cryp.iv = (caddr_t) ctx->iv;
- if (!ctx->encrypt) {
- iiv = (void *) in + inl - ctx->cipher->iv_len;
- memcpy(save_iv, iiv, ctx->cipher->iv_len);
- }
- } else
- cryp.iv = NULL;
-
- if (ioctl(state->d_fd, CIOCCRYPT, &cryp) == -1) {
- /* XXX need better errror handling
- * this can fail for a number of different reasons.
- */
- return (0);
- }
-
- if (ctx->cipher->iv_len) {
- if (ctx->encrypt)
- iiv = (void *) out + inl - ctx->cipher->iv_len;
- else
- iiv = save_iv;
- memcpy(ctx->iv, iiv, ctx->cipher->iv_len);
- }
- return (1);
-}
-
-static int
-cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc)
-{
- struct dev_crypto_state *state = ctx->cipher_data;
- struct session_op *sess = &state->d_sess;
- int cipher;
-
- if ((cipher = cipher_nid_to_cryptodev(ctx->cipher->nid)) == NID_undef)
- return (0);
-
- if (ctx->cipher->iv_len > cryptodev_max_iv(cipher))
- return (0);
-
- if (!cryptodev_key_length_valid(cipher, ctx->key_len))
- return (0);
-
- memset(sess, 0, sizeof(struct session_op));
-
- if ((state->d_fd = get_dev_crypto()) < 0)
- return (0);
-
- sess->key = (unsigned char *)key;
- sess->keylen = ctx->key_len;
- sess->cipher = cipher;
-
- if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
- close(state->d_fd);
- state->d_fd = -1;
- return (0);
- }
- return (1);
-}
-
-/*
- * free anything we allocated earlier when initting a
- * session, and close the session.
- */
-static int
-cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
-{
- int ret = 0;
- struct dev_crypto_state *state = ctx->cipher_data;
- struct session_op *sess = &state->d_sess;
-
- if (state->d_fd < 0)
- return (0);
-
- /* XXX if this ioctl fails, someting's wrong. the invoker
- * may have called us with a bogus ctx, or we could
- * have a device that for whatever reason just doesn't
- * want to play ball - it's not clear what's right
- * here - should this be an error? should it just
- * increase a counter, hmm. For right now, we return
- * 0 - I don't believe that to be "right". we could
- * call the gorpy openssl lib error handlers that
- * print messages to users of the library. hmm..
- */
-
- if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) == -1) {
- ret = 0;
- } else {
- ret = 1;
- }
- close(state->d_fd);
- state->d_fd = -1;
-
- return (ret);
-}
-
-/*
- * libcrypto EVP stuff - this is how we get wired to EVP so the engine
- * gets called when libcrypto requests a cipher NID.
- */
-
-/* DES CBC EVP */
-const EVP_CIPHER cryptodev_des_cbc = {
- NID_des_cbc,
- 8, 8, 8,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-/* 3DES CBC EVP */
-const EVP_CIPHER cryptodev_3des_cbc = {
- NID_des_ede3_cbc,
- 8, 24, 8,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-const EVP_CIPHER cryptodev_bf_cbc = {
- NID_bf_cbc,
- 8, 16, 8,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-const EVP_CIPHER cryptodev_cast_cbc = {
- NID_cast5_cbc,
- 8, 16, 8,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-const EVP_CIPHER cryptodev_aes_cbc = {
- NID_aes_128_cbc,
- 16, 16, 16,
- EVP_CIPH_CBC_MODE,
- cryptodev_init_key,
- cryptodev_cipher,
- cryptodev_cleanup,
- sizeof(struct dev_crypto_state),
- EVP_CIPHER_set_asn1_iv,
- EVP_CIPHER_get_asn1_iv,
- NULL
-};
-
-/*
- * Registered by the ENGINE when used to find out how to deal with
- * a particular NID in the ENGINE. this says what we'll do at the
- * top level - note, that list is restricted by what we answer with
- */
-static int
-cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
- const int **nids, int nid)
-{
- if (!cipher)
- return (cryptodev_usable_ciphers(nids));
-
- switch (nid) {
- case NID_des_ede3_cbc:
- *cipher = &cryptodev_3des_cbc;
- break;
- case NID_des_cbc:
- *cipher = &cryptodev_des_cbc;
- break;
- case NID_bf_cbc:
- *cipher = &cryptodev_bf_cbc;
- break;
- case NID_cast5_cbc:
- *cipher = &cryptodev_cast_cbc;
- break;
- case NID_aes_128_cbc:
- *cipher = &cryptodev_aes_cbc;
- break;
- default:
- *cipher = NULL;
- break;
- }
- return (*cipher != NULL);
-}
-
-static int
-cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
- const int **nids, int nid)
-{
- if (!digest)
- return (cryptodev_usable_digests(nids));
-
- switch (nid) {
- case NID_md5:
- *digest = NULL; /* need to make a clean md5 critter */
- break;
- default:
- *digest = NULL;
- break;
- }
- return (*digest != NULL);
-}
-
-/*
- * Convert a BIGNUM to the representation that /dev/crypto needs.
- * Upon completion of use, the caller is responsible for freeing
- * crp->crp_p.
- */
-static int
-bn2crparam(const BIGNUM *a, struct crparam *crp)
-{
- int i, j, k;
- ssize_t bytes, bits;
- u_char *b;
-
- crp->crp_p = NULL;
- crp->crp_nbits = 0;
-
- bits = BN_num_bits(a);
- bytes = (bits + 7) / 8;
-
- b = malloc(bytes);
- if (b == NULL)
- return (1);
-
- crp->crp_p = b;
- crp->crp_nbits = bits;
-
- for (i = 0, j = 0; i < a->top; i++) {
- for (k = 0; k < BN_BITS2 / 8; k++) {
- if ((j + k) >= bytes)
- return (0);
- b[j + k] = a->d[i] >> (k * 8);
- }
- j += BN_BITS2 / 8;
- }
- return (0);
-}
-
-/* Convert a /dev/crypto parameter to a BIGNUM */
-static int
-crparam2bn(struct crparam *crp, BIGNUM *a)
-{
- u_int8_t *pd;
- int i, bytes;
-
- bytes = (crp->crp_nbits + 7) / 8;
-
- if (bytes == 0)
- return (-1);
-
- if ((pd = (u_int8_t *) malloc(bytes)) == NULL)
- return (-1);
-
- for (i = 0; i < bytes; i++)
- pd[i] = crp->crp_p[bytes - i - 1];
-
- BN_bin2bn(pd, bytes, a);
- free(pd);
-
- return (0);
-}
-
-static void
-zapparams(struct crypt_kop *kop)
-{
- int i;
-
- for (i = 0; i <= kop->crk_iparams + kop->crk_oparams; i++) {
- if (kop->crk_param[i].crp_p)
- free(kop->crk_param[i].crp_p);
- kop->crk_param[i].crp_p = NULL;
- kop->crk_param[i].crp_nbits = 0;
- }
-}
-
-static int
-cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen, BIGNUM *s)
-{
- int fd, ret = -1;
-
- if ((fd = get_asym_dev_crypto()) < 0)
- return (ret);
-
- if (r) {
- kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char));
- kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
- kop->crk_oparams++;
- }
- if (s) {
- kop->crk_param[kop->crk_iparams+1].crp_p = calloc(slen, sizeof(char));
- kop->crk_param[kop->crk_iparams+1].crp_nbits = slen * 8;
- kop->crk_oparams++;
- }
-
- if (ioctl(fd, CIOCKEY, kop) == 0) {
- if (r)
- crparam2bn(&kop->crk_param[kop->crk_iparams], r);
- if (s)
- crparam2bn(&kop->crk_param[kop->crk_iparams+1], s);
- ret = 0;
- }
-
- return (ret);
-}
-
-static int
-cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
- struct crypt_kop kop;
- int ret = 1;
-
- /* Currently, we know we can do mod exp iff we can do any
- * asymmetric operations at all.
- */
- if (cryptodev_asymfeat == 0) {
- ret = BN_mod_exp(r, a, p, m, ctx);
- return (ret);
- }
-
- memset(&kop, 0, sizeof kop);
- kop.crk_op = CRK_MOD_EXP;
-
- /* inputs: a^p % m */
- if (bn2crparam(a, &kop.crk_param[0]))
- goto err;
- if (bn2crparam(p, &kop.crk_param[1]))
- goto err;
- if (bn2crparam(m, &kop.crk_param[2]))
- goto err;
- kop.crk_iparams = 3;
-
- if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL) == -1) {
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
- }
-err:
- zapparams(&kop);
- return (ret);
-}
-
-static int
-cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
-{
- int r;
- BN_CTX *ctx;
-
- ctx = BN_CTX_new();
- r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
- BN_CTX_free(ctx);
- return (r);
-}
-
-static int
-cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
-{
- struct crypt_kop kop;
- int ret = 1;
-
- if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
- /* XXX 0 means failure?? */
- return (0);
- }
-
- memset(&kop, 0, sizeof kop);
- kop.crk_op = CRK_MOD_EXP_CRT;
- /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
- if (bn2crparam(rsa->p, &kop.crk_param[0]))
- goto err;
- if (bn2crparam(rsa->q, &kop.crk_param[1]))
- goto err;
- if (bn2crparam(I, &kop.crk_param[2]))
- goto err;
- if (bn2crparam(rsa->dmp1, &kop.crk_param[3]))
- goto err;
- if (bn2crparam(rsa->dmq1, &kop.crk_param[4]))
- goto err;
- if (bn2crparam(rsa->iqmp, &kop.crk_param[5]))
- goto err;
- kop.crk_iparams = 6;
-
- if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL) == -1) {
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- ret = (*meth->rsa_mod_exp)(r0, I, rsa);
- }
-err:
- zapparams(&kop);
- return (ret);
-}
-
-static RSA_METHOD cryptodev_rsa = {
- "cryptodev RSA method",
- NULL, /* rsa_pub_enc */
- NULL, /* rsa_pub_dec */
- NULL, /* rsa_priv_enc */
- NULL, /* rsa_priv_dec */
- NULL,
- NULL,
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL, /* app_data */
- NULL, /* rsa_sign */
- NULL /* rsa_verify */
-};
-
-static int
-cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
-}
-
-static int
-cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
- BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
- BN_CTX *ctx, BN_MONT_CTX *mont)
-{
- BIGNUM t2;
- int ret = 0;
-
- BN_init(&t2);
-
- /* v = ( g^u1 * y^u2 mod p ) mod q */
- /* let t1 = g ^ u1 mod p */
- ret = 0;
-
- if (!dsa->meth->bn_mod_exp(dsa,t1,dsa->g,u1,dsa->p,ctx,mont))
- goto err;
-
- /* let t2 = y ^ u2 mod p */
- if (!dsa->meth->bn_mod_exp(dsa,&t2,dsa->pub_key,u2,dsa->p,ctx,mont))
- goto err;
- /* let u1 = t1 * t2 mod p */
- if (!BN_mod_mul(u1,t1,&t2,dsa->p,ctx))
- goto err;
-
- BN_copy(t1,u1);
-
- ret = 1;
-err:
- BN_free(&t2);
- return(ret);
-}
-
-static DSA_SIG *
-cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-{
- struct crypt_kop kop;
- BIGNUM *r = NULL, *s = NULL;
- DSA_SIG *dsaret = NULL;
-
- if ((r = BN_new()) == NULL)
- goto err;
- if ((s = BN_new()) == NULL) {
- BN_free(r);
- goto err;
- }
-
- memset(&kop, 0, sizeof kop);
- kop.crk_op = CRK_DSA_SIGN;
-
- /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
- kop.crk_param[0].crp_p = (caddr_t)dgst;
- kop.crk_param[0].crp_nbits = dlen * 8;
- if (bn2crparam(dsa->p, &kop.crk_param[1]))
- goto err;
- if (bn2crparam(dsa->q, &kop.crk_param[2]))
- goto err;
- if (bn2crparam(dsa->g, &kop.crk_param[3]))
- goto err;
- if (bn2crparam(dsa->priv_key, &kop.crk_param[4]))
- goto err;
- kop.crk_iparams = 5;
-
- if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r,
- BN_num_bytes(dsa->q), s) == 0) {
- dsaret = DSA_SIG_new();
- dsaret->r = r;
- dsaret->s = s;
- } else {
- const DSA_METHOD *meth = DSA_OpenSSL();
- BN_free(r);
- BN_free(s);
- dsaret = (meth->dsa_do_sign)(dgst, dlen, dsa);
- }
-err:
- kop.crk_param[0].crp_p = NULL;
- zapparams(&kop);
- return (dsaret);
-}
-
-static int
-cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
- DSA_SIG *sig, DSA *dsa)
-{
- struct crypt_kop kop;
- int dsaret = 1;
-
- memset(&kop, 0, sizeof kop);
- kop.crk_op = CRK_DSA_VERIFY;
-
- /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
- kop.crk_param[0].crp_p = (caddr_t)dgst;
- kop.crk_param[0].crp_nbits = dlen * 8;
- if (bn2crparam(dsa->p, &kop.crk_param[1]))
- goto err;
- if (bn2crparam(dsa->q, &kop.crk_param[2]))
- goto err;
- if (bn2crparam(dsa->g, &kop.crk_param[3]))
- goto err;
- if (bn2crparam(dsa->pub_key, &kop.crk_param[4]))
- goto err;
- if (bn2crparam(sig->r, &kop.crk_param[5]))
- goto err;
- if (bn2crparam(sig->s, &kop.crk_param[6]))
- goto err;
- kop.crk_iparams = 7;
-
- if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
- dsaret = kop.crk_status;
- } else {
- const DSA_METHOD *meth = DSA_OpenSSL();
-
- dsaret = (meth->dsa_do_verify)(dgst, dlen, sig, dsa);
- }
-err:
- kop.crk_param[0].crp_p = NULL;
- zapparams(&kop);
- return (dsaret);
-}
-
-static DSA_METHOD cryptodev_dsa = {
- "cryptodev DSA method",
- NULL,
- NULL, /* dsa_sign_setup */
- NULL,
- NULL, /* dsa_mod_exp */
- NULL,
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL /* app_data */
-};
-
-static int
-cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
-{
- return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
-}
-
-static int
-cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-{
- struct crypt_kop kop;
- int dhret = 1;
- int fd, keylen;
-
- if ((fd = get_asym_dev_crypto()) < 0) {
- const DH_METHOD *meth = DH_OpenSSL();
-
- return ((meth->compute_key)(key, pub_key, dh));
- }
-
- keylen = BN_num_bits(dh->p);
-
- memset(&kop, 0, sizeof kop);
- kop.crk_op = CRK_DH_COMPUTE_KEY;
-
- /* inputs: dh->priv_key pub_key dh->p key */
- if (bn2crparam(dh->priv_key, &kop.crk_param[0]))
- goto err;
- if (bn2crparam(pub_key, &kop.crk_param[1]))
- goto err;
- if (bn2crparam(dh->p, &kop.crk_param[2]))
- goto err;
- kop.crk_iparams = 3;
-
- kop.crk_param[3].crp_p = key;
- kop.crk_param[3].crp_nbits = keylen * 8;
- kop.crk_oparams = 1;
-
- if (ioctl(fd, CIOCKEY, &kop) == -1) {
- const DH_METHOD *meth = DH_OpenSSL();
-
- dhret = (meth->compute_key)(key, pub_key, dh);
- }
-err:
- kop.crk_param[3].crp_p = NULL;
- zapparams(&kop);
- return (dhret);
-}
-
-static DH_METHOD cryptodev_dh = {
- "cryptodev DH method",
- NULL, /* cryptodev_dh_generate_key */
- NULL,
- NULL,
- NULL,
- NULL,
- 0, /* flags */
- NULL /* app_data */
-};
-
-/*
- * ctrl right now is just a wrapper that doesn't do much
- * but I expect we'll want some options soon.
- */
-static int
-cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-{
-#ifdef HAVE_SYSLOG_R
- struct syslog_data sd = SYSLOG_DATA_INIT;
-#endif
-
- switch (cmd) {
- default:
-#ifdef HAVE_SYSLOG_R
- syslog_r(LOG_ERR, &sd,
- "cryptodev_ctrl: unknown command %d", cmd);
-#else
- syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd);
-#endif
- break;
- }
- return (1);
-}
-
-void
-ENGINE_load_cryptodev(void)
-{
- ENGINE *engine = ENGINE_new();
- int fd;
-
- if (engine == NULL)
- return;
- if ((fd = get_dev_crypto()) < 0) {
- ENGINE_free(engine);
- return;
- }
-
- /*
- * find out what asymmetric crypto algorithms we support
- */
- if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
- close(fd);
- ENGINE_free(engine);
- return;
- }
- close(fd);
-
- if (!ENGINE_set_id(engine, "cryptodev") ||
- !ENGINE_set_name(engine, "BSD cryptodev engine") ||
- !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
- !ENGINE_set_digests(engine, cryptodev_engine_digests) ||
- !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
- !ENGINE_set_cmd_defns(engine, cryptodev_defns)) {
- ENGINE_free(engine);
- return;
- }
-
- if (ENGINE_set_RSA(engine, &cryptodev_rsa)) {
- const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay();
-
- cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp;
- cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp;
- cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc;
- cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec;
- cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc;
- cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec;
- if (cryptodev_asymfeat & CRF_MOD_EXP) {
- cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp;
- if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)
- cryptodev_rsa.rsa_mod_exp =
- cryptodev_rsa_mod_exp;
- else
- cryptodev_rsa.rsa_mod_exp =
- cryptodev_rsa_nocrt_mod_exp;
- }
- }
-
- if (ENGINE_set_DSA(engine, &cryptodev_dsa)) {
- const DSA_METHOD *meth = DSA_OpenSSL();
-
- memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD));
- if (cryptodev_asymfeat & CRF_DSA_SIGN)
- cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign;
- if (cryptodev_asymfeat & CRF_MOD_EXP) {
- cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp;
- cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp;
- }
- if (cryptodev_asymfeat & CRF_DSA_VERIFY)
- cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify;
- }
-
- if (ENGINE_set_DH(engine, &cryptodev_dh)){
- const DH_METHOD *dh_meth = DH_OpenSSL();
-
- cryptodev_dh.generate_key = dh_meth->generate_key;
- cryptodev_dh.compute_key = dh_meth->compute_key;
- cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp;
- if (cryptodev_asymfeat & CRF_MOD_EXP) {
- cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh;
- if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)
- cryptodev_dh.compute_key =
- cryptodev_dh_compute_key;
- }
- }
-
- ENGINE_add(engine);
- ENGINE_free(engine);
- ERR_clear_error();
-}
-
-#endif /* HAVE_CRYPTODEV */
--- crypto/openssl/crypto/engine/hw_ubsec_err.h
+++ /dev/null
@@ -1,95 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UBSEC_ERR_H
-#define HEADER_UBSEC_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_UBSEC_strings(void);
-static void ERR_unload_UBSEC_strings(void);
-static void ERR_UBSEC_error(int function, int reason, char *file, int line);
-#define UBSECerr(f,r) ERR_UBSEC_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the UBSEC functions. */
-
-/* Function codes. */
-#define UBSEC_F_UBSEC_CTRL 100
-#define UBSEC_F_UBSEC_DH_COMPUTE_KEY 101
-#define UBSEC_F_UBSEC_DSA_SIGN 102
-#define UBSEC_F_UBSEC_DSA_VERIFY 103
-#define UBSEC_F_UBSEC_FINISH 104
-#define UBSEC_F_UBSEC_INIT 105
-#define UBSEC_F_UBSEC_MOD_EXP 106
-#define UBSEC_F_UBSEC_RNG_BYTES 107
-#define UBSEC_F_UBSEC_RSA_MOD_EXP 108
-#define UBSEC_F_UBSEC_RSA_MOD_EXP_CRT 109
-
-/* Reason codes. */
-#define UBSEC_R_ALREADY_LOADED 100
-#define UBSEC_R_BN_EXPAND_FAIL 101
-#define UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED 102
-#define UBSEC_R_DSO_FAILURE 103
-#define UBSEC_R_MISSING_KEY_COMPONENTS 104
-#define UBSEC_R_NOT_LOADED 105
-#define UBSEC_R_REQUEST_FAILED 106
-#define UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL 107
-#define UBSEC_R_UNIT_FAILURE 108
-
-#ifdef __cplusplus
-}
-#endif
-#endif
--- crypto/openssl/crypto/engine/hw_cswift_err.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* hw_cswift_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_cswift_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA CSWIFT_str_functs[]=
- {
-{ERR_PACK(0,CSWIFT_F_CSWIFT_CTRL,0), "CSWIFT_CTRL"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_SIGN,0), "CSWIFT_DSA_SIGN"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_DSA_VERIFY,0), "CSWIFT_DSA_VERIFY"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_FINISH,0), "CSWIFT_FINISH"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_INIT,0), "CSWIFT_INIT"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP,0), "CSWIFT_MOD_EXP"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_MOD_EXP_CRT,0), "CSWIFT_MOD_EXP_CRT"},
-{ERR_PACK(0,CSWIFT_F_CSWIFT_RSA_MOD_EXP,0), "CSWIFT_RSA_MOD_EXP"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA CSWIFT_str_reasons[]=
- {
-{CSWIFT_R_ALREADY_LOADED ,"already loaded"},
-{CSWIFT_R_BAD_KEY_SIZE ,"bad key size"},
-{CSWIFT_R_BN_CTX_FULL ,"bn ctx full"},
-{CSWIFT_R_BN_EXPAND_FAIL ,"bn expand fail"},
-{CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"},
-{CSWIFT_R_MISSING_KEY_COMPONENTS ,"missing key components"},
-{CSWIFT_R_NOT_LOADED ,"not loaded"},
-{CSWIFT_R_REQUEST_FAILED ,"request failed"},
-{CSWIFT_R_UNIT_FAILURE ,"unit failure"},
-{0,NULL}
- };
-
-#endif
-
-#ifdef CSWIFT_LIB_NAME
-static ERR_STRING_DATA CSWIFT_lib_name[]=
- {
-{0 ,CSWIFT_LIB_NAME},
-{0,NULL}
- };
-#endif
-
-
-static int CSWIFT_lib_error_code=0;
-static int CSWIFT_error_init=1;
-
-static void ERR_load_CSWIFT_strings(void)
- {
- if (CSWIFT_lib_error_code == 0)
- CSWIFT_lib_error_code=ERR_get_next_error_library();
-
- if (CSWIFT_error_init)
- {
- CSWIFT_error_init=0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(CSWIFT_lib_error_code,CSWIFT_str_functs);
- ERR_load_strings(CSWIFT_lib_error_code,CSWIFT_str_reasons);
-#endif
-
-#ifdef CSWIFT_LIB_NAME
- CSWIFT_lib_name->error = ERR_PACK(CSWIFT_lib_error_code,0,0);
- ERR_load_strings(0,CSWIFT_lib_name);
-#endif
- }
- }
-
-static void ERR_unload_CSWIFT_strings(void)
- {
- if (CSWIFT_error_init == 0)
- {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(CSWIFT_lib_error_code,CSWIFT_str_functs);
- ERR_unload_strings(CSWIFT_lib_error_code,CSWIFT_str_reasons);
-#endif
-
-#ifdef CSWIFT_LIB_NAME
- ERR_unload_strings(0,CSWIFT_lib_name);
-#endif
- CSWIFT_error_init=1;
- }
- }
-
-static void ERR_CSWIFT_error(int function, int reason, char *file, int line)
- {
- if (CSWIFT_lib_error_code == 0)
- CSWIFT_lib_error_code=ERR_get_next_error_library();
- ERR_PUT_error(CSWIFT_lib_error_code,function,reason,file,line);
- }
--- crypto/openssl/crypto/engine/hw_atalla.c
+++ /dev/null
@@ -1,594 +0,0 @@
-/* crypto/engine/hw_atalla.c */
-/* Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_ATALLA
-
-#ifdef FLAT_INC
-#include "atalla.h"
-#else
-#include "vendor_defns/atalla.h"
-#endif
-
-#define ATALLA_LIB_NAME "atalla engine"
-#include "hw_atalla_err.c"
-
-static int atalla_destroy(ENGINE *e);
-static int atalla_init(ENGINE *e);
-static int atalla_finish(ENGINE *e);
-static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-
-/* BIGNUM stuff */
-static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-#ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-#endif
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-#ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont);
-static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#endif
-
-/* The definitions for control commands specific to this engine */
-#define ATALLA_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN atalla_cmd_defns[] = {
- {ATALLA_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'atasi' shared library",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
- };
-
-#ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD atalla_rsa =
- {
- "Atalla RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- atalla_rsa_mod_exp,
- atalla_mod_exp_mont,
- NULL,
- NULL,
- 0,
- NULL,
- NULL,
- NULL
- };
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD atalla_dsa =
- {
- "Atalla DSA method",
- NULL, /* dsa_do_sign */
- NULL, /* dsa_sign_setup */
- NULL, /* dsa_do_verify */
- atalla_dsa_mod_exp, /* dsa_mod_exp */
- atalla_mod_exp_dsa, /* bn_mod_exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL /* app_data */
- };
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD atalla_dh =
- {
- "Atalla DH method",
- NULL,
- NULL,
- atalla_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL
- };
-#endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_atalla_id = "atalla";
-static const char *engine_atalla_name = "Atalla hardware engine support";
-
-/* This internal function is used by ENGINE_atalla() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
- {
-#ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DSA
- const DSA_METHOD *meth2;
-#endif
-#ifndef OPENSSL_NO_DH
- const DH_METHOD *meth3;
-#endif
- if(!ENGINE_set_id(e, engine_atalla_id) ||
- !ENGINE_set_name(e, engine_atalla_name) ||
-#ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &atalla_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &atalla_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &atalla_dh) ||
-#endif
- !ENGINE_set_destroy_function(e, atalla_destroy) ||
- !ENGINE_set_init_function(e, atalla_init) ||
- !ENGINE_set_finish_function(e, atalla_finish) ||
- !ENGINE_set_ctrl_function(e, atalla_ctrl) ||
- !ENGINE_set_cmd_defns(e, atalla_cmd_defns))
- return 0;
-
-#ifndef OPENSSL_NO_RSA
- /* We know that the "PKCS1_SSLeay()" functions hook properly
- * to the atalla-specific mod_exp and mod_exp_crt so we use
- * those functions. NB: We don't use ENGINE_openssl() or
- * anything "more generic" because something like the RSAref
- * code may not hook properly, and if you own one of these
- * cards then you have the right to do RSA operations on it
- * anyway! */
- meth1 = RSA_PKCS1_SSLeay();
- atalla_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#endif
-
-#ifndef OPENSSL_NO_DSA
- /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
- * bits. */
- meth2 = DSA_OpenSSL();
- atalla_dsa.dsa_do_sign = meth2->dsa_do_sign;
- atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
- atalla_dsa.dsa_do_verify = meth2->dsa_do_verify;
-#endif
-
-#ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth3 = DH_OpenSSL();
- atalla_dh.generate_key = meth3->generate_key;
- atalla_dh.compute_key = meth3->compute_key;
-#endif
-
- /* Ensure the atalla error handling is set up */
- ERR_load_ATALLA_strings();
- return 1;
- }
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_atalla(void)
- {
- ENGINE *ret = ENGINE_new();
- if(!ret)
- return NULL;
- if(!bind_helper(ret))
- {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
- }
-
-void ENGINE_load_atalla(void)
- {
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_atalla();
- if(!toadd) return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
- }
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the Atalla library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-static DSO *atalla_dso = NULL;
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-static tfnASI_GetHardwareConfig *p_Atalla_GetHardwareConfig = NULL;
-static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL;
-static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics = NULL;
-
-/* These are the static string constants for the DSO file name and the function
- * symbol names to bind to. Regrettably, the DSO name on *nix appears to be
- * "atasi.so" rather than something more consistent like "libatasi.so". At the
- * time of writing, I'm not sure what the file name on win32 is but clearly
- * native name translation is not possible (eg libatasi.so on *nix, and
- * atasi.dll on win32). For the purposes of testing, I have created a symbollic
- * link called "libatasi.so" so that we can use native name-translation - a
- * better solution will be needed. */
-static const char *ATALLA_LIBNAME = NULL;
-static const char *get_ATALLA_LIBNAME(void)
- {
- if(ATALLA_LIBNAME)
- return ATALLA_LIBNAME;
- return "atasi";
- }
-static void free_ATALLA_LIBNAME(void)
- {
- if(ATALLA_LIBNAME)
- OPENSSL_free((void*)ATALLA_LIBNAME);
- ATALLA_LIBNAME = NULL;
- }
-static long set_ATALLA_LIBNAME(const char *name)
- {
- free_ATALLA_LIBNAME();
- return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
- }
-static const char *ATALLA_F1 = "ASI_GetHardwareConfig";
-static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn";
-static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
-
-/* Destructor (complements the "ENGINE_atalla()" constructor) */
-static int atalla_destroy(ENGINE *e)
- {
- free_ATALLA_LIBNAME();
- /* Unload the atalla error strings so any error state including our
- * functs or reasons won't lead to a segfault (they simply get displayed
- * without corresponding string data because none will be found). */
- ERR_unload_ATALLA_strings();
- return 1;
- }
-
-/* (de)initialisation functions. */
-static int atalla_init(ENGINE *e)
- {
- tfnASI_GetHardwareConfig *p1;
- tfnASI_RSAPrivateKeyOpFn *p2;
- tfnASI_GetPerformanceStatistics *p3;
- /* Not sure of the origin of this magic value, but Ben's code had it
- * and it seemed to have been working for a few people. :-) */
- unsigned int config_buf[1024];
-
- if(atalla_dso != NULL)
- {
- ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_ALREADY_LOADED);
- goto err;
- }
- /* Attempt to load libatasi.so/atasi.dll/whatever. Needs to be
- * changed unfortunately because the Atalla drivers don't have
- * standard library names that can be platform-translated well. */
- /* TODO: Work out how to actually map to the names the Atalla
- * drivers really use - for now a symbollic link needs to be
- * created on the host system from libatasi.so to atasi.so on
- * unix variants. */
- atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0);
- if(atalla_dso == NULL)
- {
- ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED);
- goto err;
- }
- if(!(p1 = (tfnASI_GetHardwareConfig *)DSO_bind_func(
- atalla_dso, ATALLA_F1)) ||
- !(p2 = (tfnASI_RSAPrivateKeyOpFn *)DSO_bind_func(
- atalla_dso, ATALLA_F2)) ||
- !(p3 = (tfnASI_GetPerformanceStatistics *)DSO_bind_func(
- atalla_dso, ATALLA_F3)))
- {
- ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_NOT_LOADED);
- goto err;
- }
- /* Copy the pointers */
- p_Atalla_GetHardwareConfig = p1;
- p_Atalla_RSAPrivateKeyOpFn = p2;
- p_Atalla_GetPerformanceStatistics = p3;
- /* Perform a basic test to see if there's actually any unit
- * running. */
- if(p1(0L, config_buf) != 0)
- {
- ATALLAerr(ATALLA_F_ATALLA_INIT,ATALLA_R_UNIT_FAILURE);
- goto err;
- }
- /* Everything's fine. */
- return 1;
-err:
- if(atalla_dso)
- DSO_free(atalla_dso);
- p_Atalla_GetHardwareConfig = NULL;
- p_Atalla_RSAPrivateKeyOpFn = NULL;
- p_Atalla_GetPerformanceStatistics = NULL;
- return 0;
- }
-
-static int atalla_finish(ENGINE *e)
- {
- free_ATALLA_LIBNAME();
- if(atalla_dso == NULL)
- {
- ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_NOT_LOADED);
- return 0;
- }
- if(!DSO_free(atalla_dso))
- {
- ATALLAerr(ATALLA_F_ATALLA_FINISH,ATALLA_R_UNIT_FAILURE);
- return 0;
- }
- atalla_dso = NULL;
- p_Atalla_GetHardwareConfig = NULL;
- p_Atalla_RSAPrivateKeyOpFn = NULL;
- p_Atalla_GetPerformanceStatistics = NULL;
- return 1;
- }
-
-static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
- {
- int initialised = ((atalla_dso == NULL) ? 0 : 1);
- switch(cmd)
- {
- case ATALLA_CMD_SO_PATH:
- if(p == NULL)
- {
- ATALLAerr(ATALLA_F_ATALLA_CTRL,ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if(initialised)
- {
- ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_ALREADY_LOADED);
- return 0;
- }
- return set_ATALLA_LIBNAME((const char *)p);
- default:
- break;
- }
- ATALLAerr(ATALLA_F_ATALLA_CTRL,ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- return 0;
- }
-
-static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
- {
- /* I need somewhere to store temporary serialised values for
- * use with the Atalla API calls. A neat cheat - I'll use
- * BIGNUMs from the BN_CTX but access their arrays directly as
- * byte arrays <grin>. This way I don't have to clean anything
- * up. */
- BIGNUM *modulus;
- BIGNUM *exponent;
- BIGNUM *argument;
- BIGNUM *result;
- RSAPrivateKey keydata;
- int to_return, numbytes;
-
- modulus = exponent = argument = result = NULL;
- to_return = 0; /* expect failure */
-
- if(!atalla_dso)
- {
- ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_NOT_LOADED);
- goto err;
- }
- /* Prepare the params */
- BN_CTX_start(ctx);
- modulus = BN_CTX_get(ctx);
- exponent = BN_CTX_get(ctx);
- argument = BN_CTX_get(ctx);
- result = BN_CTX_get(ctx);
- if (!result)
- {
- ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_CTX_FULL);
- goto err;
- }
- if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) ||
- !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top))
- {
- ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_BN_EXPAND_FAIL);
- goto err;
- }
- /* Prepare the key-data */
- memset(&keydata, 0,sizeof keydata);
- numbytes = BN_num_bytes(m);
- memset(exponent->d, 0, numbytes);
- memset(modulus->d, 0, numbytes);
- BN_bn2bin(p, (unsigned char *)exponent->d + numbytes - BN_num_bytes(p));
- BN_bn2bin(m, (unsigned char *)modulus->d + numbytes - BN_num_bytes(m));
- keydata.privateExponent.data = (unsigned char *)exponent->d;
- keydata.privateExponent.len = numbytes;
- keydata.modulus.data = (unsigned char *)modulus->d;
- keydata.modulus.len = numbytes;
- /* Prepare the argument */
- memset(argument->d, 0, numbytes);
- memset(result->d, 0, numbytes);
- BN_bn2bin(a, (unsigned char *)argument->d + numbytes - BN_num_bytes(a));
- /* Perform the operation */
- if(p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d,
- (unsigned char *)argument->d,
- keydata.modulus.len) != 0)
- {
- ATALLAerr(ATALLA_F_ATALLA_MOD_EXP,ATALLA_R_REQUEST_FAILED);
- goto err;
- }
- /* Convert the response */
- BN_bin2bn((unsigned char *)result->d, numbytes, r);
- to_return = 1;
-err:
- BN_CTX_end(ctx);
- return to_return;
- }
-
-#ifndef OPENSSL_NO_RSA
-static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
- {
- BN_CTX *ctx = NULL;
- int to_return = 0;
-
- if(!atalla_dso)
- {
- ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_NOT_LOADED);
- goto err;
- }
- if((ctx = BN_CTX_new()) == NULL)
- goto err;
- if(!rsa->d || !rsa->n)
- {
- ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
- to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx);
-err:
- if(ctx)
- BN_CTX_free(ctx);
- return to_return;
- }
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* This code was liberated and adapted from the commented-out code in
- * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration
- * (it doesn't have a CRT form for RSA), this function means that an
- * Atalla system running with a DSA server certificate can handshake
- * around 5 or 6 times faster/more than an equivalent system running with
- * RSA. Just check out the "signs" statistics from the RSA and DSA parts
- * of "openssl speed -engine atalla dsa1024 rsa1024". */
-static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont)
- {
- BIGNUM t;
- int to_return = 0;
-
- BN_init(&t);
- /* let rr = a1 ^ p1 mod m */
- if (!atalla_mod_exp(rr,a1,p1,m,ctx)) goto end;
- /* let t = a2 ^ p2 mod m */
- if (!atalla_mod_exp(&t,a2,p2,m,ctx)) goto end;
- /* let rr = rr * t mod m */
- if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
- to_return = 1;
-end:
- BN_free(&t);
- return to_return;
- }
-
-static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
- {
- return atalla_mod_exp(r, a, p, m, ctx);
- }
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
- {
- return atalla_mod_exp(r, a, p, m, ctx);
- }
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
- {
- return atalla_mod_exp(r, a, p, m, ctx);
- }
-#endif
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
- {
- if(id && (strcmp(id, engine_atalla_id) != 0))
- return 0;
- if(!bind_helper(e))
- return 0;
- return 1;
- }
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_ATALLA */
-#endif /* !OPENSSL_NO_HW */
--- crypto/openssl/crypto/engine/hw_ncipher.c
+++ /dev/null
@@ -1,1388 +0,0 @@
-/* crypto/engine/hw_ncipher.c -*- mode: C; c-file-style: "eay" -*- */
-/* Written by Richard Levitte (richard at levitte.org), Geoff Thorpe
- * (geoff at geoffthorpe.net) and Dr Stephen N Henson (shenson at bigfoot.com)
- * for the OpenSSL project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/pem.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/ui.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_NCIPHER
-
-/* Attribution notice: nCipher have said several times that it's OK for
- * us to implement a general interface to their boxes, and recently declared
- * their HWCryptoHook to be public, and therefore available for us to use.
- * Thanks, nCipher.
- *
- * The hwcryptohook.h included here is from May 2000.
- * [Richard Levitte]
- */
-#ifdef FLAT_INC
-#include "hwcryptohook.h"
-#else
-#include "vendor_defns/hwcryptohook.h"
-#endif
-
-#define HWCRHK_LIB_NAME "hwcrhk engine"
-#include "hw_ncipher_err.c"
-
-static int hwcrhk_destroy(ENGINE *e);
-static int hwcrhk_init(ENGINE *e);
-static int hwcrhk_finish(ENGINE *e);
-static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-
-/* Functions to handle mutexes if have dynamic locks */
-static int hwcrhk_mutex_init(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext*);
-static int hwcrhk_mutex_lock(HWCryptoHook_Mutex*);
-static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex*);
-static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex*);
-#if 1 /* This is a HACK which will disappear in 0.9.8 */
-/* Functions to handle mutexes if only have static locks */
-static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m,
- HWCryptoHook_CallerContext *c);
-static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m);
-static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m);
-static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m);
-#endif
-
-/* BIGNUM stuff */
-static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-#ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa);
-#endif
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-#ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#endif
-
-/* RAND stuff */
-static int hwcrhk_rand_bytes(unsigned char *buf, int num);
-static int hwcrhk_rand_status(void);
-
-/* KM stuff */
-static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method, void *callback_data);
-static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method, void *callback_data);
-static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int ind,long argl, void *argp);
-
-/* Interaction stuff */
-static int hwcrhk_insert_card(const char *prompt_info,
- const char *wrong_info,
- HWCryptoHook_PassphraseContext *ppctx,
- HWCryptoHook_CallerContext *cactx);
-static int hwcrhk_get_pass(const char *prompt_info,
- int *len_io, char *buf,
- HWCryptoHook_PassphraseContext *ppctx,
- HWCryptoHook_CallerContext *cactx);
-static void hwcrhk_log_message(void *logstr, const char *message);
-
-/* The definitions for control commands specific to this engine */
-#define HWCRHK_CMD_SO_PATH ENGINE_CMD_BASE
-#define HWCRHK_CMD_FORK_CHECK (ENGINE_CMD_BASE + 1)
-#define HWCRHK_CMD_THREAD_LOCKING (ENGINE_CMD_BASE + 2)
-#define HWCRHK_CMD_SET_USER_INTERFACE (ENGINE_CMD_BASE + 3)
-#define HWCRHK_CMD_SET_CALLBACK_DATA (ENGINE_CMD_BASE + 4)
-static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = {
- {HWCRHK_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'hwcrhk' shared library",
- ENGINE_CMD_FLAG_STRING},
- {HWCRHK_CMD_FORK_CHECK,
- "FORK_CHECK",
- "Turns fork() checking on or off (boolean)",
- ENGINE_CMD_FLAG_NUMERIC},
- {HWCRHK_CMD_THREAD_LOCKING,
- "THREAD_LOCKING",
- "Turns thread-safe locking on or off (boolean)",
- ENGINE_CMD_FLAG_NUMERIC},
- {HWCRHK_CMD_SET_USER_INTERFACE,
- "SET_USER_INTERFACE",
- "Set the global user interface (internal)",
- ENGINE_CMD_FLAG_INTERNAL},
- {HWCRHK_CMD_SET_CALLBACK_DATA,
- "SET_CALLBACK_DATA",
- "Set the global user interface extra data (internal)",
- ENGINE_CMD_FLAG_INTERNAL},
- {0, NULL, NULL, 0}
- };
-
-#ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD hwcrhk_rsa =
- {
- "nCipher RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- hwcrhk_rsa_mod_exp,
- hwcrhk_mod_exp_mont,
- NULL,
- NULL,
- 0,
- NULL,
- NULL,
- NULL
- };
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD hwcrhk_dh =
- {
- "nCipher DH method",
- NULL,
- NULL,
- hwcrhk_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL
- };
-#endif
-
-static RAND_METHOD hwcrhk_rand =
- {
- /* "nCipher RAND method", */
- NULL,
- hwcrhk_rand_bytes,
- NULL,
- NULL,
- hwcrhk_rand_bytes,
- hwcrhk_rand_status,
- };
-
-/* Constants used when creating the ENGINE */
-static const char *engine_hwcrhk_id = "chil";
-static const char *engine_hwcrhk_name = "nCipher hardware engine support";
-
-/* Internal stuff for HWCryptoHook */
-
-/* Some structures needed for proper use of thread locks */
-/* hwcryptohook.h has some typedefs that turn struct HWCryptoHook_MutexValue
- into HWCryptoHook_Mutex */
-struct HWCryptoHook_MutexValue
- {
- int lockid;
- };
-
-/* hwcryptohook.h has some typedefs that turn
- struct HWCryptoHook_PassphraseContextValue
- into HWCryptoHook_PassphraseContext */
-struct HWCryptoHook_PassphraseContextValue
- {
- UI_METHOD *ui_method;
- void *callback_data;
- };
-
-/* hwcryptohook.h has some typedefs that turn
- struct HWCryptoHook_CallerContextValue
- into HWCryptoHook_CallerContext */
-struct HWCryptoHook_CallerContextValue
- {
- pem_password_cb *password_callback; /* Deprecated! Only present for
- backward compatibility! */
- UI_METHOD *ui_method;
- void *callback_data;
- };
-
-/* The MPI structure in HWCryptoHook is pretty compatible with OpenSSL
- BIGNUM's, so lets define a couple of conversion macros */
-#define BN2MPI(mp, bn) \
- {mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
-#define MPI2BN(bn, mp) \
- {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
-
-static BIO *logstream = NULL;
-static int disable_mutex_callbacks = 0;
-
-/* One might wonder why these are needed, since one can pass down at least
- a UI_METHOD and a pointer to callback data to the key-loading functions.
- The thing is that the ModExp and RSAImmed functions can load keys as well,
- if the data they get is in a special, nCipher-defined format (hint: if you
- look at the private exponent of the RSA data as a string, you'll see this
- string: "nCipher KM tool key id", followed by some bytes, followed a key
- identity string, followed by more bytes. This happens when you use "embed"
- keys instead of "hwcrhk" keys). Unfortunately, those functions do not take
- any passphrase or caller context, and our functions can't really take any
- callback data either. Still, the "insert_card" and "get_passphrase"
- callbacks may be called down the line, and will need to know what user
- interface callbacks to call, and having callback data from the application
- may be a nice thing as well, so we need to keep track of that globally. */
-static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL };
-
-/* Stuff to pass to the HWCryptoHook library */
-static HWCryptoHook_InitInfo hwcrhk_globals = {
- HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */
- &logstream, /* logstream */
- sizeof(BN_ULONG), /* limbsize */
- 0, /* mslimb first: false for BNs */
- -1, /* msbyte first: use native */
- 0, /* Max mutexes, 0 = no small limit */
- 0, /* Max simultaneous, 0 = default */
-
- /* The next few are mutex stuff: we write wrapper functions
- around the OS mutex functions. We initialise them to 0
- here, and change that to actual function pointers in hwcrhk_init()
- if dynamic locks are supported (that is, if the application
- programmer has made sure of setting up callbacks bafore starting
- this engine) *and* if disable_mutex_callbacks hasn't been set by
- a call to ENGINE_ctrl(ENGINE_CTRL_CHIL_NO_LOCKING). */
- sizeof(HWCryptoHook_Mutex),
- 0,
- 0,
- 0,
- 0,
-
- /* The next few are condvar stuff: we write wrapper functions
- round the OS functions. Currently not implemented and not
- and absolute necessity even in threaded programs, therefore
- 0'ed. Will hopefully be implemented some day, since it
- enhances the efficiency of HWCryptoHook. */
- 0, /* sizeof(HWCryptoHook_CondVar), */
- 0, /* hwcrhk_cv_init, */
- 0, /* hwcrhk_cv_wait, */
- 0, /* hwcrhk_cv_signal, */
- 0, /* hwcrhk_cv_broadcast, */
- 0, /* hwcrhk_cv_destroy, */
-
- hwcrhk_get_pass, /* pass phrase */
- hwcrhk_insert_card, /* insert a card */
- hwcrhk_log_message /* Log message */
-};
-
-
-/* Now, to our own code */
-
-/* This internal function is used by ENGINE_ncipher() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
- {
-#ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DH
- const DH_METHOD *meth2;
-#endif
- if(!ENGINE_set_id(e, engine_hwcrhk_id) ||
- !ENGINE_set_name(e, engine_hwcrhk_name) ||
-#ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &hwcrhk_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &hwcrhk_dh) ||
-#endif
- !ENGINE_set_RAND(e, &hwcrhk_rand) ||
- !ENGINE_set_destroy_function(e, hwcrhk_destroy) ||
- !ENGINE_set_init_function(e, hwcrhk_init) ||
- !ENGINE_set_finish_function(e, hwcrhk_finish) ||
- !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) ||
- !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) ||
- !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) ||
- !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns))
- return 0;
-
-#ifndef OPENSSL_NO_RSA
- /* We know that the "PKCS1_SSLeay()" functions hook properly
- * to the cswift-specific mod_exp and mod_exp_crt so we use
- * those functions. NB: We don't use ENGINE_openssl() or
- * anything "more generic" because something like the RSAref
- * code may not hook properly, and if you own one of these
- * cards then you have the right to do RSA operations on it
- * anyway! */
- meth1 = RSA_PKCS1_SSLeay();
- hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#endif
-
-#ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth2 = DH_OpenSSL();
- hwcrhk_dh.generate_key = meth2->generate_key;
- hwcrhk_dh.compute_key = meth2->compute_key;
-#endif
-
- /* Ensure the hwcrhk error handling is set up */
- ERR_load_HWCRHK_strings();
- return 1;
- }
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_ncipher(void)
- {
- ENGINE *ret = ENGINE_new();
- if(!ret)
- return NULL;
- if(!bind_helper(ret))
- {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
- }
-
-void ENGINE_load_chil(void)
- {
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_ncipher();
- if(!toadd) return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
- }
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the HWCryptoHook library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-static DSO *hwcrhk_dso = NULL;
-static HWCryptoHook_ContextHandle hwcrhk_context = 0;
-#ifndef OPENSSL_NO_RSA
-static int hndidx_rsa = -1; /* Index for KM handle. Not really used yet. */
-#endif
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL;
-static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL;
-static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL;
-#ifndef OPENSSL_NO_RSA
-static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL;
-#endif
-static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL;
-#ifndef OPENSSL_NO_RSA
-static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL;
-static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL;
-static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL;
-#endif
-static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
-
-/* Used in the DSO operations. */
-static const char *HWCRHK_LIBNAME = NULL;
-static void free_HWCRHK_LIBNAME(void)
- {
- if(HWCRHK_LIBNAME)
- OPENSSL_free((void*)HWCRHK_LIBNAME);
- HWCRHK_LIBNAME = NULL;
- }
-static const char *get_HWCRHK_LIBNAME(void)
- {
- if(HWCRHK_LIBNAME)
- return HWCRHK_LIBNAME;
- return "nfhwcrhk";
- }
-static long set_HWCRHK_LIBNAME(const char *name)
- {
- free_HWCRHK_LIBNAME();
- return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
- }
-static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
-static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
-static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
-#ifndef OPENSSL_NO_RSA
-static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA";
-#endif
-static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes";
-#ifndef OPENSSL_NO_RSA
-static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey";
-static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey";
-static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey";
-#endif
-static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT";
-
-/* HWCryptoHook library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no
- * error checking, take a look lower down where these functions are
- * called, the checking and error handling is probably down there. */
-
-/* utility function to obtain a context */
-static int get_context(HWCryptoHook_ContextHandle *hac,
- HWCryptoHook_CallerContext *cac)
- {
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
-
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg,
- cac);
- if (!*hac)
- return 0;
- return 1;
- }
-
-/* similarly to release one. */
-static void release_context(HWCryptoHook_ContextHandle hac)
- {
- p_hwcrhk_Finish(hac);
- }
-
-/* Destructor (complements the "ENGINE_ncipher()" constructor) */
-static int hwcrhk_destroy(ENGINE *e)
- {
- free_HWCRHK_LIBNAME();
- ERR_unload_HWCRHK_strings();
- return 1;
- }
-
-/* (de)initialisation functions. */
-static int hwcrhk_init(ENGINE *e)
- {
- HWCryptoHook_Init_t *p1;
- HWCryptoHook_Finish_t *p2;
- HWCryptoHook_ModExp_t *p3;
-#ifndef OPENSSL_NO_RSA
- HWCryptoHook_RSA_t *p4;
- HWCryptoHook_RSALoadKey_t *p5;
- HWCryptoHook_RSAGetPublicKey_t *p6;
- HWCryptoHook_RSAUnloadKey_t *p7;
-#endif
- HWCryptoHook_RandomBytes_t *p8;
- HWCryptoHook_ModExpCRT_t *p9;
-
- if(hwcrhk_dso != NULL)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_ALREADY_LOADED);
- goto err;
- }
- /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
- hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0);
- if(hwcrhk_dso == NULL)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
- goto err;
- }
- if(!(p1 = (HWCryptoHook_Init_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) ||
- !(p2 = (HWCryptoHook_Finish_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) ||
- !(p3 = (HWCryptoHook_ModExp_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) ||
-#ifndef OPENSSL_NO_RSA
- !(p4 = (HWCryptoHook_RSA_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) ||
- !(p5 = (HWCryptoHook_RSALoadKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) ||
- !(p6 = (HWCryptoHook_RSAGetPublicKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) ||
- !(p7 = (HWCryptoHook_RSAUnloadKey_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) ||
-#endif
- !(p8 = (HWCryptoHook_RandomBytes_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) ||
- !(p9 = (HWCryptoHook_ModExpCRT_t *)
- DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT)))
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DSO_FAILURE);
- goto err;
- }
- /* Copy the pointers */
- p_hwcrhk_Init = p1;
- p_hwcrhk_Finish = p2;
- p_hwcrhk_ModExp = p3;
-#ifndef OPENSSL_NO_RSA
- p_hwcrhk_RSA = p4;
- p_hwcrhk_RSALoadKey = p5;
- p_hwcrhk_RSAGetPublicKey = p6;
- p_hwcrhk_RSAUnloadKey = p7;
-#endif
- p_hwcrhk_RandomBytes = p8;
- p_hwcrhk_ModExpCRT = p9;
-
- /* Check if the application decided to support dynamic locks,
- and if it does, use them. */
- if (disable_mutex_callbacks == 0)
- {
- if (CRYPTO_get_dynlock_create_callback() != NULL &&
- CRYPTO_get_dynlock_lock_callback() != NULL &&
- CRYPTO_get_dynlock_destroy_callback() != NULL)
- {
- hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
- hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
- hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
- hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
- }
- else if (CRYPTO_get_locking_callback() != NULL)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_DYNAMIC_LOCKING_MISSING);
- ERR_add_error_data(1,"You HAVE to add dynamic locking callbacks via CRYPTO_set_dynlock_{create,lock,destroy}_callback()");
-#if 1 /* This is a HACK which will disappear in 0.9.8 */
- hwcrhk_globals.maxmutexes = 1; /* Only have one lock */
- hwcrhk_globals.mutex_init = hwcrhk_static_mutex_init;
- hwcrhk_globals.mutex_acquire = hwcrhk_static_mutex_lock;
- hwcrhk_globals.mutex_release = hwcrhk_static_mutex_unlock;
- hwcrhk_globals.mutex_destroy = hwcrhk_static_mutex_destroy;
-#else
- goto err;
-#endif
- }
- }
-
- /* Try and get a context - if not, we may have a DSO but no
- * accelerator! */
- if(!get_context(&hwcrhk_context, &password_context))
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_INIT,HWCRHK_R_UNIT_FAILURE);
- goto err;
- }
- /* Everything's fine. */
-#ifndef OPENSSL_NO_RSA
- if (hndidx_rsa == -1)
- hndidx_rsa = RSA_get_ex_new_index(0,
- "nFast HWCryptoHook RSA key handle",
- NULL, NULL, hwcrhk_ex_free);
-#endif
- return 1;
-err:
- if(hwcrhk_dso)
- DSO_free(hwcrhk_dso);
- hwcrhk_dso = NULL;
- p_hwcrhk_Init = NULL;
- p_hwcrhk_Finish = NULL;
- p_hwcrhk_ModExp = NULL;
-#ifndef OPENSSL_NO_RSA
- p_hwcrhk_RSA = NULL;
- p_hwcrhk_RSALoadKey = NULL;
- p_hwcrhk_RSAGetPublicKey = NULL;
- p_hwcrhk_RSAUnloadKey = NULL;
-#endif
- p_hwcrhk_ModExpCRT = NULL;
- p_hwcrhk_RandomBytes = NULL;
- return 0;
- }
-
-static int hwcrhk_finish(ENGINE *e)
- {
- int to_return = 1;
- free_HWCRHK_LIBNAME();
- if(hwcrhk_dso == NULL)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_NOT_LOADED);
- to_return = 0;
- goto err;
- }
- release_context(hwcrhk_context);
- if(!DSO_free(hwcrhk_dso))
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_FINISH,HWCRHK_R_DSO_FAILURE);
- to_return = 0;
- goto err;
- }
- err:
- if (logstream)
- BIO_free(logstream);
- hwcrhk_dso = NULL;
- p_hwcrhk_Init = NULL;
- p_hwcrhk_Finish = NULL;
- p_hwcrhk_ModExp = NULL;
-#ifndef OPENSSL_NO_RSA
- p_hwcrhk_RSA = NULL;
- p_hwcrhk_RSALoadKey = NULL;
- p_hwcrhk_RSAGetPublicKey = NULL;
- p_hwcrhk_RSAUnloadKey = NULL;
-#endif
- p_hwcrhk_ModExpCRT = NULL;
- p_hwcrhk_RandomBytes = NULL;
- return to_return;
- }
-
-static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
- {
- int to_return = 1;
-
- switch(cmd)
- {
- case HWCRHK_CMD_SO_PATH:
- if(hwcrhk_dso)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_ALREADY_LOADED);
- return 0;
- }
- if(p == NULL)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- return set_HWCRHK_LIBNAME((const char *)p);
- case ENGINE_CTRL_SET_LOGSTREAM:
- {
- BIO *bio = (BIO *)p;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (logstream)
- {
- BIO_free(logstream);
- logstream = NULL;
- }
- if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1)
- logstream = bio;
- else
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,HWCRHK_R_BIO_WAS_FREED);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case ENGINE_CTRL_SET_PASSWORD_CALLBACK:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- password_context.password_callback = (pem_password_cb *)f;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case ENGINE_CTRL_SET_USER_INTERFACE:
- case HWCRHK_CMD_SET_USER_INTERFACE:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- password_context.ui_method = (UI_METHOD *)p;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case ENGINE_CTRL_SET_CALLBACK_DATA:
- case HWCRHK_CMD_SET_CALLBACK_DATA:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- password_context.callback_data = p;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- /* this enables or disables the "SimpleForkCheck" flag used in the
- * initialisation structure. */
- case ENGINE_CTRL_CHIL_SET_FORKCHECK:
- case HWCRHK_CMD_FORK_CHECK:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if(i)
- hwcrhk_globals.flags |=
- HWCryptoHook_InitFlags_SimpleForkCheck;
- else
- hwcrhk_globals.flags &=
- ~HWCryptoHook_InitFlags_SimpleForkCheck;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- /* This will prevent the initialisation function from "installing"
- * the mutex-handling callbacks, even if they are available from
- * within the library (or were provided to the library from the
- * calling application). This is to remove any baggage for
- * applications not using multithreading. */
- case ENGINE_CTRL_CHIL_NO_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- disable_mutex_callbacks = 1;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- case HWCRHK_CMD_THREAD_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- disable_mutex_callbacks = ((i == 0) ? 0 : 1);
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
-
- /* The command isn't understood by this engine */
- default:
- HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,
- HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- to_return = 0;
- break;
- }
-
- return to_return;
- }
-
-static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method, void *callback_data)
- {
-#ifndef OPENSSL_NO_RSA
- RSA *rtmp = NULL;
-#endif
- EVP_PKEY *res = NULL;
-#ifndef OPENSSL_NO_RSA
- HWCryptoHook_MPI e, n;
- HWCryptoHook_RSAKeyHandle *hptr;
-#endif
-#if !defined(OPENSSL_NO_RSA)
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
-#endif
- HWCryptoHook_PassphraseContext ppctx;
-
-#if !defined(OPENSSL_NO_RSA)
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-#endif
-
- if(!hwcrhk_context)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
- HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
-#ifndef OPENSSL_NO_RSA
- hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
- if (!hptr)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- ppctx.ui_method = ui_method;
- ppctx.callback_data = callback_data;
- if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr,
- &rmsg, &ppctx))
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
- HWCRHK_R_CHIL_ERROR);
- ERR_add_error_data(1,rmsg.buf);
- goto err;
- }
- if (!*hptr)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
- HWCRHK_R_NO_KEY);
- goto err;
- }
-#endif
-#ifndef OPENSSL_NO_RSA
- rtmp = RSA_new_method(eng);
- RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr);
- rtmp->e = BN_new();
- rtmp->n = BN_new();
- rtmp->flags |= RSA_FLAG_EXT_PKEY;
- MPI2BN(rtmp->e, e);
- MPI2BN(rtmp->n, n);
- if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)
- != HWCRYPTOHOOK_ERROR_MPISIZE)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,HWCRHK_R_CHIL_ERROR);
- ERR_add_error_data(1,rmsg.buf);
- goto err;
- }
-
- bn_expand2(rtmp->e, e.size/sizeof(BN_ULONG));
- bn_expand2(rtmp->n, n.size/sizeof(BN_ULONG));
- MPI2BN(rtmp->e, e);
- MPI2BN(rtmp->n, n);
-
- if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg))
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
- HWCRHK_R_CHIL_ERROR);
- ERR_add_error_data(1,rmsg.buf);
- goto err;
- }
- rtmp->e->top = e.size / sizeof(BN_ULONG);
- bn_fix_top(rtmp->e);
- rtmp->n->top = n.size / sizeof(BN_ULONG);
- bn_fix_top(rtmp->n);
-
- res = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(res, rtmp);
-#endif
-
- if (!res)
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
- HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
-
- return res;
- err:
- if (res)
- EVP_PKEY_free(res);
-#ifndef OPENSSL_NO_RSA
- if (rtmp)
- RSA_free(rtmp);
-#endif
- return NULL;
- }
-
-static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
- UI_METHOD *ui_method, void *callback_data)
- {
- EVP_PKEY *res = NULL;
-
-#ifndef OPENSSL_NO_RSA
- res = hwcrhk_load_privkey(eng, key_id,
- ui_method, callback_data);
-#endif
-
- if (res)
- switch(res->type)
- {
-#ifndef OPENSSL_NO_RSA
- case EVP_PKEY_RSA:
- {
- RSA *rsa = NULL;
-
- CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
- rsa = res->pkey.rsa;
- res->pkey.rsa = RSA_new();
- res->pkey.rsa->n = rsa->n;
- res->pkey.rsa->e = rsa->e;
- rsa->n = NULL;
- rsa->e = NULL;
- CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
- RSA_free(rsa);
- }
- break;
-#endif
- default:
- HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
- HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- goto err;
- }
-
- return res;
- err:
- if (res)
- EVP_PKEY_free(res);
- return NULL;
- }
-
-/* A little mod_exp */
-static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
- {
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
- /* Since HWCryptoHook_MPI is pretty compatible with BIGNUM's,
- we use them directly, plus a little macro magic. We only
- thing we need to make sure of is that enough space is allocated. */
- HWCryptoHook_MPI m_a, m_p, m_n, m_r;
- int to_return, ret;
-
- to_return = 0; /* expect failure */
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- if(!hwcrhk_context)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
- /* Prepare the params */
- bn_expand2(r, m->top); /* Check for error !! */
- BN2MPI(m_a, a);
- BN2MPI(m_p, p);
- BN2MPI(m_n, m);
- MPI2BN(r, m_r);
-
- /* Perform the operation */
- ret = p_hwcrhk_ModExp(hwcrhk_context, m_a, m_p, m_n, &m_r, &rmsg);
-
- /* Convert the response */
- r->top = m_r.size / sizeof(BN_ULONG);
- bn_fix_top(r);
-
- if (ret < 0)
- {
- /* FIXME: When this error is returned, HWCryptoHook is
- telling us that falling back to software computation
- might be a good thing. */
- if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FALLBACK);
- }
- else
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1,rmsg.buf);
- goto err;
- }
-
- to_return = 1;
-err:
- return to_return;
- }
-
-#ifndef OPENSSL_NO_RSA
-static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa)
- {
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
- HWCryptoHook_RSAKeyHandle *hptr;
- int to_return = 0, ret;
-
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- if(!hwcrhk_context)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP,HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
-
- /* This provides support for nForce keys. Since that's opaque data
- all we do is provide a handle to the proper key and let HWCryptoHook
- take care of the rest. */
- if ((hptr = (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa))
- != NULL)
- {
- HWCryptoHook_MPI m_a, m_r;
-
- if(!rsa->n)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
-
- /* Prepare the params */
- bn_expand2(r, rsa->n->top); /* Check for error !! */
- BN2MPI(m_a, I);
- MPI2BN(r, m_r);
-
- /* Perform the operation */
- ret = p_hwcrhk_RSA(m_a, *hptr, &m_r, &rmsg);
-
- /* Convert the response */
- r->top = m_r.size / sizeof(BN_ULONG);
- bn_fix_top(r);
-
- if (ret < 0)
- {
- /* FIXME: When this error is returned, HWCryptoHook is
- telling us that falling back to software computation
- might be a good thing. */
- if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FALLBACK);
- }
- else
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1,rmsg.buf);
- goto err;
- }
- }
- else
- {
- HWCryptoHook_MPI m_a, m_p, m_q, m_dmp1, m_dmq1, m_iqmp, m_r;
-
- if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
-
- /* Prepare the params */
- bn_expand2(r, rsa->n->top); /* Check for error !! */
- BN2MPI(m_a, I);
- BN2MPI(m_p, rsa->p);
- BN2MPI(m_q, rsa->q);
- BN2MPI(m_dmp1, rsa->dmp1);
- BN2MPI(m_dmq1, rsa->dmq1);
- BN2MPI(m_iqmp, rsa->iqmp);
- MPI2BN(r, m_r);
-
- /* Perform the operation */
- ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q,
- m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg);
-
- /* Convert the response */
- r->top = m_r.size / sizeof(BN_ULONG);
- bn_fix_top(r);
-
- if (ret < 0)
- {
- /* FIXME: When this error is returned, HWCryptoHook is
- telling us that falling back to software computation
- might be a good thing. */
- if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FALLBACK);
- }
- else
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
- HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1,rmsg.buf);
- goto err;
- }
- }
- /* If we're here, we must be here with some semblance of success :-) */
- to_return = 1;
-err:
- return to_return;
- }
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
- {
- return hwcrhk_mod_exp(r, a, p, m, ctx);
- }
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
- {
- return hwcrhk_mod_exp(r, a, p, m, ctx);
- }
-#endif
-
-/* Random bytes are good */
-static int hwcrhk_rand_bytes(unsigned char *buf, int num)
- {
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
- int to_return = 0; /* assume failure */
- int ret;
-
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
- if(!hwcrhk_context)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,HWCRHK_R_NOT_INITIALISED);
- goto err;
- }
-
- ret = p_hwcrhk_RandomBytes(hwcrhk_context, buf, num, &rmsg);
- if (ret < 0)
- {
- /* FIXME: When this error is returned, HWCryptoHook is
- telling us that falling back to software computation
- might be a good thing. */
- if(ret == HWCRYPTOHOOK_ERROR_FALLBACK)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,
- HWCRHK_R_REQUEST_FALLBACK);
- }
- else
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES,
- HWCRHK_R_REQUEST_FAILED);
- }
- ERR_add_error_data(1,rmsg.buf);
- goto err;
- }
- to_return = 1;
- err:
- return to_return;
- }
-
-static int hwcrhk_rand_status(void)
- {
- return 1;
- }
-
-/* This cleans up an RSA KM key, called when ex_data is freed */
-
-static void hwcrhk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int ind,long argl, void *argp)
-{
- char tempbuf[1024];
- HWCryptoHook_ErrMsgBuf rmsg;
-#ifndef OPENSSL_NO_RSA
- HWCryptoHook_RSAKeyHandle *hptr;
-#endif
-#if !defined(OPENSSL_NO_RSA)
- int ret;
-#endif
-
- rmsg.buf = tempbuf;
- rmsg.size = sizeof(tempbuf);
-
-#ifndef OPENSSL_NO_RSA
- hptr = (HWCryptoHook_RSAKeyHandle *) item;
- if(hptr)
- {
- ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL);
- OPENSSL_free(hptr);
- }
-#endif
-}
-
-/* Mutex calls: since the HWCryptoHook model closely follows the POSIX model
- * these just wrap the POSIX functions and add some logging.
- */
-
-static int hwcrhk_mutex_init(HWCryptoHook_Mutex* mt,
- HWCryptoHook_CallerContext *cactx)
- {
- mt->lockid = CRYPTO_get_new_dynlockid();
- if (mt->lockid == 0)
- return 1; /* failure */
- return 0; /* success */
- }
-
-static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *mt)
- {
- CRYPTO_w_lock(mt->lockid);
- return 0;
- }
-
-static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
- {
- CRYPTO_w_unlock(mt->lockid);
- }
-
-static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *mt)
- {
- CRYPTO_destroy_dynlockid(mt->lockid);
- }
-
-/* Mutex upcalls to use if the application does not support dynamic locks */
-
-static int hwcrhk_static_mutex_init(HWCryptoHook_Mutex *m,
- HWCryptoHook_CallerContext *c)
- {
- return 0;
- }
-static int hwcrhk_static_mutex_lock(HWCryptoHook_Mutex *m)
- {
- CRYPTO_w_lock(CRYPTO_LOCK_HWCRHK);
- return 0;
- }
-static void hwcrhk_static_mutex_unlock(HWCryptoHook_Mutex *m)
- {
- CRYPTO_w_unlock(CRYPTO_LOCK_HWCRHK);
- }
-static void hwcrhk_static_mutex_destroy(HWCryptoHook_Mutex *m)
- {
- }
-
-static int hwcrhk_get_pass(const char *prompt_info,
- int *len_io, char *buf,
- HWCryptoHook_PassphraseContext *ppctx,
- HWCryptoHook_CallerContext *cactx)
- {
- pem_password_cb *callback = NULL;
- void *callback_data = NULL;
- UI_METHOD *ui_method = NULL;
-
- if (cactx)
- {
- if (cactx->ui_method)
- ui_method = cactx->ui_method;
- if (cactx->password_callback)
- callback = cactx->password_callback;
- if (cactx->callback_data)
- callback_data = cactx->callback_data;
- }
- if (ppctx)
- {
- if (ppctx->ui_method)
- {
- ui_method = ppctx->ui_method;
- callback = NULL;
- }
- if (ppctx->callback_data)
- callback_data = ppctx->callback_data;
- }
- if (callback == NULL && ui_method == NULL)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS,HWCRHK_R_NO_CALLBACK);
- return -1;
- }
-
- if (ui_method)
- {
- UI *ui = UI_new_method(ui_method);
- if (ui)
- {
- int ok;
- char *prompt = UI_construct_prompt(ui,
- "pass phrase", prompt_info);
-
- ok = UI_add_input_string(ui,prompt,
- UI_INPUT_FLAG_DEFAULT_PWD,
- buf,0,(*len_io) - 1);
- UI_add_user_data(ui, callback_data);
- UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
-
- if (ok >= 0)
- do
- {
- ok=UI_process(ui);
- }
- while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
-
- if (ok >= 0)
- *len_io = strlen(buf);
-
- UI_free(ui);
- OPENSSL_free(prompt);
- }
- }
- else
- {
- *len_io = callback(buf, *len_io, 0, callback_data);
- }
- if(!*len_io)
- return -1;
- return 0;
- }
-
-static int hwcrhk_insert_card(const char *prompt_info,
- const char *wrong_info,
- HWCryptoHook_PassphraseContext *ppctx,
- HWCryptoHook_CallerContext *cactx)
- {
- int ok = -1;
- UI *ui;
- void *callback_data = NULL;
- UI_METHOD *ui_method = NULL;
-
- if (cactx)
- {
- if (cactx->ui_method)
- ui_method = cactx->ui_method;
- if (cactx->callback_data)
- callback_data = cactx->callback_data;
- }
- if (ppctx)
- {
- if (ppctx->ui_method)
- ui_method = ppctx->ui_method;
- if (ppctx->callback_data)
- callback_data = ppctx->callback_data;
- }
- if (ui_method == NULL)
- {
- HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD,
- HWCRHK_R_NO_CALLBACK);
- return -1;
- }
-
- ui = UI_new_method(ui_method);
-
- if (ui)
- {
- char answer;
- char buf[BUFSIZ];
-
- if (wrong_info)
- BIO_snprintf(buf, sizeof(buf)-1,
- "Current card: \"%s\"\n", wrong_info);
- ok = UI_dup_info_string(ui, buf);
- if (ok >= 0 && prompt_info)
- {
- BIO_snprintf(buf, sizeof(buf)-1,
- "Insert card \"%s\"", prompt_info);
- ok = UI_dup_input_boolean(ui, buf,
- "\n then hit <enter> or C<enter> to cancel\n",
- "\r\n", "Cc", UI_INPUT_FLAG_ECHO, &answer);
- }
- UI_add_user_data(ui, callback_data);
-
- if (ok >= 0)
- ok = UI_process(ui);
- UI_free(ui);
-
- if (ok == -2 || (ok >= 0 && answer == 'C'))
- ok = 1;
- else if (ok < 0)
- ok = -1;
- else
- ok = 0;
- }
- return ok;
- }
-
-static void hwcrhk_log_message(void *logstr, const char *message)
- {
- BIO *lstream = NULL;
-
- CRYPTO_w_lock(CRYPTO_LOCK_BIO);
- if (logstr)
- lstream=*(BIO **)logstr;
- if (lstream)
- {
- BIO_printf(lstream, "%s\n", message);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
- }
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
- {
- if(id && (strcmp(id, engine_hwcrhk_id) != 0))
- return 0;
- if(!bind_helper(e))
- return 0;
- return 1;
- }
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_NCIPHER */
-#endif /* !OPENSSL_NO_HW */
--- crypto/openssl/crypto/engine/hw_4758_cca_err.h
+++ /dev/null
@@ -1,93 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_CCA4758_ERR_H
-#define HEADER_CCA4758_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_CCA4758_strings(void);
-static void ERR_unload_CCA4758_strings(void);
-static void ERR_CCA4758_error(int function, int reason, char *file, int line);
-#define CCA4758err(f,r) ERR_CCA4758_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the CCA4758 functions. */
-
-/* Function codes. */
-#define CCA4758_F_IBM_4758_CCA_CTRL 100
-#define CCA4758_F_IBM_4758_CCA_FINISH 101
-#define CCA4758_F_IBM_4758_CCA_INIT 102
-#define CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY 103
-#define CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY 104
-#define CCA4758_F_IBM_4758_CCA_SIGN 105
-#define CCA4758_F_IBM_4758_CCA_VERIFY 106
-
-/* Reason codes. */
-#define CCA4758_R_ALREADY_LOADED 100
-#define CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD 101
-#define CCA4758_R_COMMAND_NOT_IMPLEMENTED 102
-#define CCA4758_R_DSO_FAILURE 103
-#define CCA4758_R_FAILED_LOADING_PRIVATE_KEY 104
-#define CCA4758_R_FAILED_LOADING_PUBLIC_KEY 105
-#define CCA4758_R_NOT_LOADED 106
-#define CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL 107
-#define CCA4758_R_UNIT_FAILURE 108
-#define CCA4758_R_UNKNOWN_ALGORITHM_TYPE 109
-
-#ifdef __cplusplus
-}
-#endif
-#endif
--- crypto/openssl/crypto/engine/hw_aep.c
+++ /dev/null
@@ -1,1119 +0,0 @@
-/* crypto/engine/hw_aep.c */
-/*
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-#include <string.h>
-
-#include <openssl/e_os2.h>
-#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
-#include <sys/types.h>
-#include <unistd.h>
-#else
-#include <process.h>
-typedef int pid_t;
-#endif
-
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/buffer.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_AEP
-#ifdef FLAT_INC
-#include "aep.h"
-#else
-#include "vendor_defns/aep.h"
-#endif
-
-#define AEP_LIB_NAME "aep engine"
-#define FAIL_TO_SW 0x10101010
-
-#include "hw_aep_err.c"
-
-static int aep_init(ENGINE *e);
-static int aep_finish(ENGINE *e);
-static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-static int aep_destroy(ENGINE *e);
-
-static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR hConnection);
-static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection);
-static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection);
-static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use);
-
-/* BIGNUM stuff */
-static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-static AEP_RV aep_mod_exp_crt(BIGNUM *r,const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dmp1,const BIGNUM *dmq1,
- const BIGNUM *iqmp, BN_CTX *ctx);
-
-/* RSA stuff */
-#ifndef OPENSSL_NO_RSA
-static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-/* DSA stuff */
-#ifndef OPENSSL_NO_DSA
-static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont);
-
-static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-#endif
-
-/* DH stuff */
-/* This function is aliased to mod_exp (with the DH and mont dropped). */
-#ifndef OPENSSL_NO_DH
-static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#endif
-
-/* rand stuff */
-#ifdef AEPRAND
-static int aep_rand(unsigned char *buf, int num);
-static int aep_rand_status(void);
-#endif
-
-/* Bignum conversion stuff */
-static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32* BigNumSize);
-static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
- unsigned char* AEP_BigNum);
-static AEP_RV ConvertAEPBigNum(void* ArbBigNum, AEP_U32 BigNumSize,
- unsigned char* AEP_BigNum);
-
-/* The definitions for control commands specific to this engine */
-#define AEP_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN aep_cmd_defns[] =
- {
- { AEP_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'aep' shared library",
- ENGINE_CMD_FLAG_STRING
- },
- {0, NULL, NULL, 0}
- };
-
-#ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD aep_rsa =
- {
- "Aep RSA method",
- NULL, /*rsa_pub_encrypt*/
- NULL, /*rsa_pub_decrypt*/
- NULL, /*rsa_priv_encrypt*/
- NULL, /*rsa_priv_encrypt*/
- aep_rsa_mod_exp, /*rsa_mod_exp*/
- aep_mod_exp_mont, /*bn_mod_exp*/
- NULL, /*init*/
- NULL, /*finish*/
- 0, /*flags*/
- NULL, /*app_data*/
- NULL, /*rsa_sign*/
- NULL /*rsa_verify*/
- };
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD aep_dsa =
- {
- "Aep DSA method",
- NULL, /* dsa_do_sign */
- NULL, /* dsa_sign_setup */
- NULL, /* dsa_do_verify */
- aep_dsa_mod_exp, /* dsa_mod_exp */
- aep_mod_exp_dsa, /* bn_mod_exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL /* app_data */
- };
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD aep_dh =
- {
- "Aep DH method",
- NULL,
- NULL,
- aep_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL
- };
-#endif
-
-#ifdef AEPRAND
-/* our internal RAND_method that we provide pointers to */
-static RAND_METHOD aep_random =
- {
- /*"AEP RAND method", */
- NULL,
- aep_rand,
- NULL,
- NULL,
- aep_rand,
- aep_rand_status,
- };
-#endif
-
-/*Define an array of structures to hold connections*/
-static AEP_CONNECTION_ENTRY aep_app_conn_table[MAX_PROCESS_CONNECTIONS];
-
-/*Used to determine if this is a new process*/
-static pid_t recorded_pid = 0;
-
-#ifdef AEPRAND
-static AEP_U8 rand_block[RAND_BLK_SIZE];
-static AEP_U32 rand_block_bytes = 0;
-#endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_aep_id = "aep";
-static const char *engine_aep_name = "Aep hardware engine support";
-
-static int max_key_len = 2176;
-
-
-/* This internal function is used by ENGINE_aep() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_aep(ENGINE *e)
- {
-#ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DSA
- const DSA_METHOD *meth2;
-#endif
-#ifndef OPENSSL_NO_DH
- const DH_METHOD *meth3;
-#endif
-
- if(!ENGINE_set_id(e, engine_aep_id) ||
- !ENGINE_set_name(e, engine_aep_name) ||
-#ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &aep_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &aep_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &aep_dh) ||
-#endif
-#ifdef AEPRAND
- !ENGINE_set_RAND(e, &aep_random) ||
-#endif
- !ENGINE_set_init_function(e, aep_init) ||
- !ENGINE_set_destroy_function(e, aep_destroy) ||
- !ENGINE_set_finish_function(e, aep_finish) ||
- !ENGINE_set_ctrl_function(e, aep_ctrl) ||
- !ENGINE_set_cmd_defns(e, aep_cmd_defns))
- return 0;
-
-#ifndef OPENSSL_NO_RSA
- /* We know that the "PKCS1_SSLeay()" functions hook properly
- * to the aep-specific mod_exp and mod_exp_crt so we use
- * those functions. NB: We don't use ENGINE_openssl() or
- * anything "more generic" because something like the RSAref
- * code may not hook properly, and if you own one of these
- * cards then you have the right to do RSA operations on it
- * anyway! */
- meth1 = RSA_PKCS1_SSLeay();
- aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#endif
-
-
-#ifndef OPENSSL_NO_DSA
- /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
- * bits. */
- meth2 = DSA_OpenSSL();
- aep_dsa.dsa_do_sign = meth2->dsa_do_sign;
- aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
- aep_dsa.dsa_do_verify = meth2->dsa_do_verify;
-
- aep_dsa = *DSA_get_default_method();
- aep_dsa.dsa_mod_exp = aep_dsa_mod_exp;
- aep_dsa.bn_mod_exp = aep_mod_exp_dsa;
-#endif
-
-#ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth3 = DH_OpenSSL();
- aep_dh.generate_key = meth3->generate_key;
- aep_dh.compute_key = meth3->compute_key;
- aep_dh.bn_mod_exp = meth3->bn_mod_exp;
-#endif
-
- /* Ensure the aep error handling is set up */
- ERR_load_AEPHK_strings();
-
- return 1;
-}
-
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_helper(ENGINE *e, const char *id)
- {
- if(id && (strcmp(id, engine_aep_id) != 0))
- return 0;
- if(!bind_aep(e))
- return 0;
- return 1;
- }
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
-#else
-static ENGINE *engine_aep(void)
- {
- ENGINE *ret = ENGINE_new();
- if(!ret)
- return NULL;
- if(!bind_aep(ret))
- {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
- }
-
-void ENGINE_load_aep(void)
- {
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_aep();
- if(!toadd) return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
- }
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the Aep library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-static DSO *aep_dso = NULL;
-
-/* These are the static string constants for the DSO file name and the function
- * symbol names to bind to.
-*/
-static const char *AEP_LIBNAME = NULL;
-static const char *get_AEP_LIBNAME(void)
- {
- if(AEP_LIBNAME)
- return AEP_LIBNAME;
- return "aep";
- }
-static void free_AEP_LIBNAME(void)
- {
- if(AEP_LIBNAME)
- OPENSSL_free((void*)AEP_LIBNAME);
- AEP_LIBNAME = NULL;
- }
-static long set_AEP_LIBNAME(const char *name)
- {
- free_AEP_LIBNAME();
- return ((AEP_LIBNAME = BUF_strdup(name)) != NULL ? 1 : 0);
- }
-
-static const char *AEP_F1 = "AEP_ModExp";
-static const char *AEP_F2 = "AEP_ModExpCrt";
-#ifdef AEPRAND
-static const char *AEP_F3 = "AEP_GenRandom";
-#endif
-static const char *AEP_F4 = "AEP_Finalize";
-static const char *AEP_F5 = "AEP_Initialize";
-static const char *AEP_F6 = "AEP_OpenConnection";
-static const char *AEP_F7 = "AEP_SetBNCallBacks";
-static const char *AEP_F8 = "AEP_CloseConnection";
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-static t_AEP_OpenConnection *p_AEP_OpenConnection = NULL;
-static t_AEP_CloseConnection *p_AEP_CloseConnection = NULL;
-static t_AEP_ModExp *p_AEP_ModExp = NULL;
-static t_AEP_ModExpCrt *p_AEP_ModExpCrt = NULL;
-#ifdef AEPRAND
-static t_AEP_GenRandom *p_AEP_GenRandom = NULL;
-#endif
-static t_AEP_Initialize *p_AEP_Initialize = NULL;
-static t_AEP_Finalize *p_AEP_Finalize = NULL;
-static t_AEP_SetBNCallBacks *p_AEP_SetBNCallBacks = NULL;
-
-/* (de)initialisation functions. */
-static int aep_init(ENGINE *e)
- {
- t_AEP_ModExp *p1;
- t_AEP_ModExpCrt *p2;
-#ifdef AEPRAND
- t_AEP_GenRandom *p3;
-#endif
- t_AEP_Finalize *p4;
- t_AEP_Initialize *p5;
- t_AEP_OpenConnection *p6;
- t_AEP_SetBNCallBacks *p7;
- t_AEP_CloseConnection *p8;
-
- int to_return = 0;
-
- if(aep_dso != NULL)
- {
- AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_ALREADY_LOADED);
- goto err;
- }
- /* Attempt to load libaep.so. */
-
- aep_dso = DSO_load(NULL, get_AEP_LIBNAME(), NULL, 0);
-
- if(aep_dso == NULL)
- {
- AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_NOT_LOADED);
- goto err;
- }
-
- if( !(p1 = (t_AEP_ModExp *) DSO_bind_func( aep_dso,AEP_F1)) ||
- !(p2 = (t_AEP_ModExpCrt*) DSO_bind_func( aep_dso,AEP_F2)) ||
-#ifdef AEPRAND
- !(p3 = (t_AEP_GenRandom*) DSO_bind_func( aep_dso,AEP_F3)) ||
-#endif
- !(p4 = (t_AEP_Finalize*) DSO_bind_func( aep_dso,AEP_F4)) ||
- !(p5 = (t_AEP_Initialize*) DSO_bind_func( aep_dso,AEP_F5)) ||
- !(p6 = (t_AEP_OpenConnection*) DSO_bind_func( aep_dso,AEP_F6)) ||
- !(p7 = (t_AEP_SetBNCallBacks*) DSO_bind_func( aep_dso,AEP_F7)) ||
- !(p8 = (t_AEP_CloseConnection*) DSO_bind_func( aep_dso,AEP_F8)))
- {
- AEPHKerr(AEPHK_F_AEP_INIT,AEPHK_R_NOT_LOADED);
- goto err;
- }
-
- /* Copy the pointers */
-
- p_AEP_ModExp = p1;
- p_AEP_ModExpCrt = p2;
-#ifdef AEPRAND
- p_AEP_GenRandom = p3;
-#endif
- p_AEP_Finalize = p4;
- p_AEP_Initialize = p5;
- p_AEP_OpenConnection = p6;
- p_AEP_SetBNCallBacks = p7;
- p_AEP_CloseConnection = p8;
-
- to_return = 1;
-
- return to_return;
-
- err:
-
- if(aep_dso)
- DSO_free(aep_dso);
-
- p_AEP_OpenConnection = NULL;
- p_AEP_ModExp = NULL;
- p_AEP_ModExpCrt = NULL;
-#ifdef AEPRAND
- p_AEP_GenRandom = NULL;
-#endif
- p_AEP_Initialize = NULL;
- p_AEP_Finalize = NULL;
- p_AEP_SetBNCallBacks = NULL;
- p_AEP_CloseConnection = NULL;
-
- return to_return;
- }
-
-/* Destructor (complements the "ENGINE_aep()" constructor) */
-static int aep_destroy(ENGINE *e)
- {
- free_AEP_LIBNAME();
- ERR_unload_AEPHK_strings();
- return 1;
- }
-
-static int aep_finish(ENGINE *e)
- {
- int to_return = 0, in_use;
- AEP_RV rv;
-
- if(aep_dso == NULL)
- {
- AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_NOT_LOADED);
- goto err;
- }
-
- rv = aep_close_all_connections(0, &in_use);
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_CLOSE_HANDLES_FAILED);
- goto err;
- }
- if (in_use)
- {
- AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_CONNECTIONS_IN_USE);
- goto err;
- }
-
- rv = p_AEP_Finalize();
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_FINALIZE_FAILED);
- goto err;
- }
-
- if(!DSO_free(aep_dso))
- {
- AEPHKerr(AEPHK_F_AEP_FINISH,AEPHK_R_UNIT_FAILURE);
- goto err;
- }
-
- aep_dso = NULL;
- p_AEP_CloseConnection = NULL;
- p_AEP_OpenConnection = NULL;
- p_AEP_ModExp = NULL;
- p_AEP_ModExpCrt = NULL;
-#ifdef AEPRAND
- p_AEP_GenRandom = NULL;
-#endif
- p_AEP_Initialize = NULL;
- p_AEP_Finalize = NULL;
- p_AEP_SetBNCallBacks = NULL;
-
- to_return = 1;
- err:
- return to_return;
- }
-
-static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
- {
- int initialised = ((aep_dso == NULL) ? 0 : 1);
- switch(cmd)
- {
- case AEP_CMD_SO_PATH:
- if(p == NULL)
- {
- AEPHKerr(AEPHK_F_AEP_CTRL,
- ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if(initialised)
- {
- AEPHKerr(AEPHK_F_AEP_CTRL,
- AEPHK_R_ALREADY_LOADED);
- return 0;
- }
- return set_AEP_LIBNAME((const char*)p);
- default:
- break;
- }
- AEPHKerr(AEPHK_F_AEP_CTRL,AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- return 0;
- }
-
-static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
- {
- int to_return = 0;
- int r_len = 0;
- AEP_CONNECTION_HNDL hConnection;
- AEP_RV rv;
-
- r_len = BN_num_bits(m);
-
- /* Perform in software if modulus is too large for hardware. */
-
- if (r_len > max_key_len){
- AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- /*Grab a connection from the pool*/
- rv = aep_get_connection(&hConnection);
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_MOD_EXP,AEPHK_R_GET_HANDLE_FAILED);
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- /*To the card with the mod exp*/
- rv = p_AEP_ModExp(hConnection,(void*)a, (void*)p,(void*)m, (void*)r,NULL);
-
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_MOD_EXP,AEPHK_R_MOD_EXP_FAILED);
- rv = aep_close_connection(hConnection);
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- /*Return the connection to the pool*/
- rv = aep_return_connection(hConnection);
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED);
- goto err;
- }
-
- to_return = 1;
- err:
- return to_return;
- }
-
-static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dmp1,
- const BIGNUM *dmq1,const BIGNUM *iqmp, BN_CTX *ctx)
- {
- AEP_RV rv = AEP_R_OK;
- AEP_CONNECTION_HNDL hConnection;
-
- /*Grab a connection from the pool*/
- rv = aep_get_connection(&hConnection);
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT,AEPHK_R_GET_HANDLE_FAILED);
- return FAIL_TO_SW;
- }
-
- /*To the card with the mod exp*/
- rv = p_AEP_ModExpCrt(hConnection,(void*)a, (void*)p, (void*)q, (void*)dmp1,(void*)dmq1,
- (void*)iqmp,(void*)r,NULL);
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT,AEPHK_R_MOD_EXP_CRT_FAILED);
- rv = aep_close_connection(hConnection);
- return FAIL_TO_SW;
- }
-
- /*Return the connection to the pool*/
- rv = aep_return_connection(hConnection);
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED);
- goto err;
- }
-
- err:
- return rv;
- }
-
-
-#ifdef AEPRAND
-static int aep_rand(unsigned char *buf,int len )
- {
- AEP_RV rv = AEP_R_OK;
- AEP_CONNECTION_HNDL hConnection;
-
- CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
- /*Can the request be serviced with what's already in the buffer?*/
- if (len <= rand_block_bytes)
- {
- memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
- rand_block_bytes -= len;
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
- }
- else
- /*If not the get another block of random bytes*/
- {
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-
- rv = aep_get_connection(&hConnection);
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_HANDLE_FAILED);
- goto err_nounlock;
- }
-
- if (len > RAND_BLK_SIZE)
- {
- rv = p_AEP_GenRandom(hConnection, len, 2, buf, NULL);
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_RANDOM_FAILED);
- goto err_nounlock;
- }
- }
- else
- {
- CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-
- rv = p_AEP_GenRandom(hConnection, RAND_BLK_SIZE, 2, &rand_block[0], NULL);
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_GET_RANDOM_FAILED);
-
- goto err;
- }
-
- rand_block_bytes = RAND_BLK_SIZE;
-
- memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
- rand_block_bytes -= len;
-
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
- }
-
- rv = aep_return_connection(hConnection);
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_RAND,AEPHK_R_RETURN_CONNECTION_FAILED);
-
- goto err_nounlock;
- }
- }
-
- return 1;
- err:
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
- err_nounlock:
- return 0;
- }
-
-static int aep_rand_status(void)
-{
- return 1;
-}
-#endif
-
-#ifndef OPENSSL_NO_RSA
-static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
- {
- BN_CTX *ctx = NULL;
- int to_return = 0;
- AEP_RV rv = AEP_R_OK;
-
- if ((ctx = BN_CTX_new()) == NULL)
- goto err;
-
- if (!aep_dso)
- {
- AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP,AEPHK_R_NOT_LOADED);
- goto err;
- }
-
- /*See if we have all the necessary bits for a crt*/
- if (rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp)
- {
- rv = aep_mod_exp_crt(r0,I,rsa->p,rsa->q, rsa->dmp1,rsa->dmq1,rsa->iqmp,ctx);
-
- if (rv == FAIL_TO_SW){
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- to_return = (*meth->rsa_mod_exp)(r0, I, rsa);
- goto err;
- }
- else if (rv != AEP_R_OK)
- goto err;
- }
- else
- {
- if (!rsa->d || !rsa->n)
- {
- AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP,AEPHK_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
-
- rv = aep_mod_exp(r0,I,rsa->d,rsa->n,ctx);
- if (rv != AEP_R_OK)
- goto err;
-
- }
-
- to_return = 1;
-
- err:
- if(ctx)
- BN_CTX_free(ctx);
- return to_return;
-}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont)
- {
- BIGNUM t;
- int to_return = 0;
- BN_init(&t);
-
- /* let rr = a1 ^ p1 mod m */
- if (!aep_mod_exp(rr,a1,p1,m,ctx)) goto end;
- /* let t = a2 ^ p2 mod m */
- if (!aep_mod_exp(&t,a2,p2,m,ctx)) goto end;
- /* let rr = rr * t mod m */
- if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
- to_return = 1;
- end:
- BN_free(&t);
- return to_return;
- }
-
-static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
- {
- return aep_mod_exp(r, a, p, m, ctx);
- }
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
- {
- return aep_mod_exp(r, a, p, m, ctx);
- }
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
- {
- return aep_mod_exp(r, a, p, m, ctx);
- }
-#endif
-
-static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR phConnection)
- {
- int count;
- AEP_RV rv = AEP_R_OK;
-
- /*Get the current process id*/
- pid_t curr_pid;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
- curr_pid = getpid();
-
- /*Check if this is the first time this is being called from the current
- process*/
- if (recorded_pid != curr_pid)
- {
- /*Remember our pid so we can check if we're in a new process*/
- recorded_pid = curr_pid;
-
- /*Call Finalize to make sure we have not inherited some data
- from a parent process*/
- p_AEP_Finalize();
-
- /*Initialise the AEP API*/
- rv = p_AEP_Initialize(NULL);
-
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_INIT_FAILURE);
- recorded_pid = 0;
- goto end;
- }
-
- /*Set the AEP big num call back functions*/
- rv = p_AEP_SetBNCallBacks(&GetBigNumSize, &MakeAEPBigNum,
- &ConvertAEPBigNum);
-
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_SETBNCALLBACK_FAILURE);
- recorded_pid = 0;
- goto end;
- }
-
-#ifdef AEPRAND
- /*Reset the rand byte count*/
- rand_block_bytes = 0;
-#endif
-
- /*Init the structures*/
- for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
- {
- aep_app_conn_table[count].conn_state = NotConnected;
- aep_app_conn_table[count].conn_hndl = 0;
- }
-
- /*Open a connection*/
- rv = p_AEP_OpenConnection(phConnection);
-
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_UNIT_FAILURE);
- recorded_pid = 0;
- goto end;
- }
-
- aep_app_conn_table[0].conn_state = InUse;
- aep_app_conn_table[0].conn_hndl = *phConnection;
- goto end;
- }
- /*Check the existing connections to see if we can find a free one*/
- for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
- {
- if (aep_app_conn_table[count].conn_state == Connected)
- {
- aep_app_conn_table[count].conn_state = InUse;
- *phConnection = aep_app_conn_table[count].conn_hndl;
- goto end;
- }
- }
- /*If no connections available, we're going to have to try
- to open a new one*/
- for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
- {
- if (aep_app_conn_table[count].conn_state == NotConnected)
- {
- /*Open a connection*/
- rv = p_AEP_OpenConnection(phConnection);
-
- if (rv != AEP_R_OK)
- {
- AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,AEPHK_R_UNIT_FAILURE);
- goto end;
- }
-
- aep_app_conn_table[count].conn_state = InUse;
- aep_app_conn_table[count].conn_hndl = *phConnection;
- goto end;
- }
- }
- rv = AEP_R_GENERAL_ERROR;
- end:
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return rv;
- }
-
-
-static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection)
- {
- int count;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
- /*Find the connection item that matches this connection handle*/
- for(count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
- {
- if (aep_app_conn_table[count].conn_hndl == hConnection)
- {
- aep_app_conn_table[count].conn_state = Connected;
- break;
- }
- }
-
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-
- return AEP_R_OK;
- }
-
-static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection)
- {
- int count;
- AEP_RV rv = AEP_R_OK;
-
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-
- /*Find the connection item that matches this connection handle*/
- for(count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
- {
- if (aep_app_conn_table[count].conn_hndl == hConnection)
- {
- rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
- if (rv != AEP_R_OK)
- goto end;
- aep_app_conn_table[count].conn_state = NotConnected;
- aep_app_conn_table[count].conn_hndl = 0;
- break;
- }
- }
-
- end:
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return rv;
- }
-
-static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use)
- {
- int count;
- AEP_RV rv = AEP_R_OK;
-
- *in_use = 0;
- if (use_engine_lock) CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- for (count = 0;count < MAX_PROCESS_CONNECTIONS;count ++)
- {
- switch (aep_app_conn_table[count].conn_state)
- {
- case Connected:
- rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
- if (rv != AEP_R_OK)
- goto end;
- aep_app_conn_table[count].conn_state = NotConnected;
- aep_app_conn_table[count].conn_hndl = 0;
- break;
- case InUse:
- (*in_use)++;
- break;
- case NotConnected:
- break;
- }
- }
- end:
- if (use_engine_lock) CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- return rv;
- }
-
-/*BigNum call back functions, used to convert OpenSSL bignums into AEP bignums.
- Note only 32bit Openssl build support*/
-
-static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32* BigNumSize)
- {
- BIGNUM* bn;
-
- /*Cast the ArbBigNum pointer to our BIGNUM struct*/
- bn = (BIGNUM*) ArbBigNum;
-
-#ifdef SIXTY_FOUR_BIT_LONG
- *BigNumSize = bn->top << 3;
-#else
- /*Size of the bignum in bytes is equal to the bn->top (no of 32 bit
- words) multiplies by 4*/
- *BigNumSize = bn->top << 2;
-#endif
-
- return AEP_R_OK;
- }
-
-static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
- unsigned char* AEP_BigNum)
- {
- BIGNUM* bn;
-
-#ifndef SIXTY_FOUR_BIT_LONG
- unsigned char* buf;
- int i;
-#endif
-
- /*Cast the ArbBigNum pointer to our BIGNUM struct*/
- bn = (BIGNUM*) ArbBigNum;
-
-#ifdef SIXTY_FOUR_BIT_LONG
- memcpy(AEP_BigNum, bn->d, BigNumSize);
-#else
- /*Must copy data into a (monotone) least significant byte first format
- performing endian conversion if necessary*/
- for(i=0;i<bn->top;i++)
- {
- buf = (unsigned char*)&bn->d[i];
-
- *((AEP_U32*)AEP_BigNum) = (AEP_U32)
- ((unsigned) buf[1] << 8 | buf[0]) |
- ((unsigned) buf[3] << 8 | buf[2]) << 16;
-
- AEP_BigNum += 4;
- }
-#endif
-
- return AEP_R_OK;
- }
-
-/*Turn an AEP Big Num back to a user big num*/
-static AEP_RV ConvertAEPBigNum(void* ArbBigNum, AEP_U32 BigNumSize,
- unsigned char* AEP_BigNum)
- {
- BIGNUM* bn;
-#ifndef SIXTY_FOUR_BIT_LONG
- int i;
-#endif
-
- bn = (BIGNUM*)ArbBigNum;
-
- /*Expand the result bn so that it can hold our big num.
- Size is in bits*/
- bn_expand(bn, (int)(BigNumSize << 3));
-
-#ifdef SIXTY_FOUR_BIT_LONG
- bn->top = BigNumSize >> 3;
-
- if((BigNumSize & 7) != 0)
- bn->top++;
-
- memset(bn->d, 0, bn->top << 3);
-
- memcpy(bn->d, AEP_BigNum, BigNumSize);
-#else
- bn->top = BigNumSize >> 2;
-
- for(i=0;i<bn->top;i++)
- {
- bn->d[i] = (AEP_U32)
- ((unsigned) AEP_BigNum[3] << 8 | AEP_BigNum[2]) << 16 |
- ((unsigned) AEP_BigNum[1] << 8 | AEP_BigNum[0]);
- AEP_BigNum += 4;
- }
-#endif
-
- return AEP_R_OK;
-}
-
-#endif /* !OPENSSL_NO_HW_AEP */
-#endif /* !OPENSSL_NO_HW */
--- crypto/openssl/crypto/engine/hw_aep_err.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_AEPHK_ERR_H
-#define HEADER_AEPHK_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_AEPHK_strings(void);
-static void ERR_unload_AEPHK_strings(void);
-static void ERR_AEPHK_error(int function, int reason, char *file, int line);
-#define AEPHKerr(f,r) ERR_AEPHK_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the AEPHK functions. */
-
-/* Function codes. */
-#define AEPHK_F_AEP_CTRL 100
-#define AEPHK_F_AEP_FINISH 101
-#define AEPHK_F_AEP_GET_CONNECTION 102
-#define AEPHK_F_AEP_INIT 103
-#define AEPHK_F_AEP_MOD_EXP 104
-#define AEPHK_F_AEP_MOD_EXP_CRT 105
-#define AEPHK_F_AEP_RAND 106
-#define AEPHK_F_AEP_RSA_MOD_EXP 107
-
-/* Reason codes. */
-#define AEPHK_R_ALREADY_LOADED 100
-#define AEPHK_R_CLOSE_HANDLES_FAILED 101
-#define AEPHK_R_CONNECTIONS_IN_USE 102
-#define AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103
-#define AEPHK_R_FINALIZE_FAILED 104
-#define AEPHK_R_GET_HANDLE_FAILED 105
-#define AEPHK_R_GET_RANDOM_FAILED 106
-#define AEPHK_R_INIT_FAILURE 107
-#define AEPHK_R_MISSING_KEY_COMPONENTS 108
-#define AEPHK_R_MOD_EXP_CRT_FAILED 109
-#define AEPHK_R_MOD_EXP_FAILED 110
-#define AEPHK_R_NOT_LOADED 111
-#define AEPHK_R_OK 112
-#define AEPHK_R_RETURN_CONNECTION_FAILED 113
-#define AEPHK_R_SETBNCALLBACK_FAILURE 114
-#define AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL 116
-#define AEPHK_R_UNIT_FAILURE 115
-
-#ifdef __cplusplus
-}
-#endif
-#endif
--- crypto/openssl/crypto/engine/hw.ec
+++ /dev/null
@@ -1,8 +0,0 @@
-L AEPHK hw_aep_err.h hw_aep_err.c
-L ATALLA hw_atalla_err.h hw_atalla_err.c
-L CSWIFT hw_cswift_err.h hw_cswift_err.c
-L HWCRHK hw_ncipher_err.h hw_ncipher_err.c
-L NURON hw_nuron_err.h hw_nuron_err.c
-L SUREWARE hw_sureware_err.h hw_sureware_err.c
-L UBSEC hw_ubsec_err.h hw_ubsec_err.c
-L CCA4758 hw_4758_cca_err.h hw_4758_cca_err.c
--- crypto/openssl/crypto/engine/hw_nuron_err.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* hw_nuron_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_nuron_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA NURON_str_functs[]=
- {
-{ERR_PACK(0,NURON_F_NURON_CTRL,0), "NURON_CTRL"},
-{ERR_PACK(0,NURON_F_NURON_FINISH,0), "NURON_FINISH"},
-{ERR_PACK(0,NURON_F_NURON_INIT,0), "NURON_INIT"},
-{ERR_PACK(0,NURON_F_NURON_MOD_EXP,0), "NURON_MOD_EXP"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA NURON_str_reasons[]=
- {
-{NURON_R_ALREADY_LOADED ,"already loaded"},
-{NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"},
-{NURON_R_DSO_FAILURE ,"dso failure"},
-{NURON_R_DSO_FUNCTION_NOT_FOUND ,"dso function not found"},
-{NURON_R_DSO_NOT_FOUND ,"dso not found"},
-{NURON_R_NOT_LOADED ,"not loaded"},
-{0,NULL}
- };
-
-#endif
-
-#ifdef NURON_LIB_NAME
-static ERR_STRING_DATA NURON_lib_name[]=
- {
-{0 ,NURON_LIB_NAME},
-{0,NULL}
- };
-#endif
-
-
-static int NURON_lib_error_code=0;
-static int NURON_error_init=1;
-
-static void ERR_load_NURON_strings(void)
- {
- if (NURON_lib_error_code == 0)
- NURON_lib_error_code=ERR_get_next_error_library();
-
- if (NURON_error_init)
- {
- NURON_error_init=0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(NURON_lib_error_code,NURON_str_functs);
- ERR_load_strings(NURON_lib_error_code,NURON_str_reasons);
-#endif
-
-#ifdef NURON_LIB_NAME
- NURON_lib_name->error = ERR_PACK(NURON_lib_error_code,0,0);
- ERR_load_strings(0,NURON_lib_name);
-#endif
- }
- }
-
-static void ERR_unload_NURON_strings(void)
- {
- if (NURON_error_init == 0)
- {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(NURON_lib_error_code,NURON_str_functs);
- ERR_unload_strings(NURON_lib_error_code,NURON_str_reasons);
-#endif
-
-#ifdef NURON_LIB_NAME
- ERR_unload_strings(0,NURON_lib_name);
-#endif
- NURON_error_init=1;
- }
- }
-
-static void ERR_NURON_error(int function, int reason, char *file, int line)
- {
- if (NURON_lib_error_code == 0)
- NURON_lib_error_code=ERR_get_next_error_library();
- ERR_PUT_error(NURON_lib_error_code,function,reason,file,line);
- }
--- crypto/openssl/crypto/engine/hw_sureware_err.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* hw_sureware_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_sureware_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA SUREWARE_str_functs[]=
- {
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_CTRL,0), "SUREWAREHK_CTRL"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,0), "SUREWAREHK_DSA_DO_SIGN"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_EX_FREE,0), "SUREWAREHK_EX_FREE"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_FINISH,0), "SUREWAREHK_FINISH"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_INIT,0), "SUREWAREHK_INIT"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,0), "SUREWAREHK_LOAD_PRIVATE_KEY"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,0), "SUREWAREHK_LOAD_PUBLIC_KEY"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_MOD_EXP,0), "SUREWAREHK_MOD_EXP"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RAND_BYTES,0), "SUREWAREHK_RAND_BYTES"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RAND_SEED,0), "SUREWAREHK_RAND_SEED"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,0), "SUREWAREHK_RSA_PRIV_DEC"},
-{ERR_PACK(0,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,0), "SUREWAREHK_RSA_PRIV_ENC"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA SUREWARE_str_reasons[]=
- {
-{SUREWARE_R_BIO_WAS_FREED ,"bio was freed"},
-{SUREWARE_R_MISSING_KEY_COMPONENTS ,"missing key components"},
-{SUREWARE_R_REQUEST_FAILED ,"request failed"},
-{SUREWARE_R_REQUEST_FALLBACK ,"request fallback"},
-{SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL ,"size too large or too small"},
-{SUREWARE_R_UNIT_FAILURE ,"unit failure"},
-{0,NULL}
- };
-
-#endif
-
-#ifdef SUREWARE_LIB_NAME
-static ERR_STRING_DATA SUREWARE_lib_name[]=
- {
-{0 ,SUREWARE_LIB_NAME},
-{0,NULL}
- };
-#endif
-
-
-static int SUREWARE_lib_error_code=0;
-static int SUREWARE_error_init=1;
-
-static void ERR_load_SUREWARE_strings(void)
- {
- if (SUREWARE_lib_error_code == 0)
- SUREWARE_lib_error_code=ERR_get_next_error_library();
-
- if (SUREWARE_error_init)
- {
- SUREWARE_error_init=0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(SUREWARE_lib_error_code,SUREWARE_str_functs);
- ERR_load_strings(SUREWARE_lib_error_code,SUREWARE_str_reasons);
-#endif
-
-#ifdef SUREWARE_LIB_NAME
- SUREWARE_lib_name->error = ERR_PACK(SUREWARE_lib_error_code,0,0);
- ERR_load_strings(0,SUREWARE_lib_name);
-#endif
- }
- }
-
-static void ERR_unload_SUREWARE_strings(void)
- {
- if (SUREWARE_error_init == 0)
- {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(SUREWARE_lib_error_code,SUREWARE_str_functs);
- ERR_unload_strings(SUREWARE_lib_error_code,SUREWARE_str_reasons);
-#endif
-
-#ifdef SUREWARE_LIB_NAME
- ERR_unload_strings(0,SUREWARE_lib_name);
-#endif
- SUREWARE_error_init=1;
- }
- }
-
-static void ERR_SUREWARE_error(int function, int reason, char *file, int line)
- {
- if (SUREWARE_lib_error_code == 0)
- SUREWARE_lib_error_code=ERR_get_next_error_library();
- ERR_PUT_error(SUREWARE_lib_error_code,function,reason,file,line);
- }
--- crypto/openssl/crypto/engine/hw_ncipher_err.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* hw_ncipher_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_ncipher_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA HWCRHK_str_functs[]=
- {
-{ERR_PACK(0,HWCRHK_F_HWCRHK_CTRL,0), "HWCRHK_CTRL"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_FINISH,0), "HWCRHK_FINISH"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_GET_PASS,0), "HWCRHK_GET_PASS"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_INIT,0), "HWCRHK_INIT"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_INSERT_CARD,0), "HWCRHK_INSERT_CARD"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PRIVKEY,0), "HWCRHK_LOAD_PRIVKEY"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_LOAD_PUBKEY,0), "HWCRHK_LOAD_PUBKEY"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_MOD_EXP,0), "HWCRHK_MOD_EXP"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_RAND_BYTES,0), "HWCRHK_RAND_BYTES"},
-{ERR_PACK(0,HWCRHK_F_HWCRHK_RSA_MOD_EXP,0), "HWCRHK_RSA_MOD_EXP"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA HWCRHK_str_reasons[]=
- {
-{HWCRHK_R_ALREADY_LOADED ,"already loaded"},
-{HWCRHK_R_BIO_WAS_FREED ,"bio was freed"},
-{HWCRHK_R_CHIL_ERROR ,"chil error"},
-{HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"},
-{HWCRHK_R_DSO_FAILURE ,"dso failure"},
-{HWCRHK_R_DYNAMIC_LOCKING_MISSING ,"dynamic locking missing"},
-{HWCRHK_R_MISSING_KEY_COMPONENTS ,"missing key components"},
-{HWCRHK_R_NOT_INITIALISED ,"not initialised"},
-{HWCRHK_R_NOT_LOADED ,"not loaded"},
-{HWCRHK_R_NO_CALLBACK ,"no callback"},
-{HWCRHK_R_NO_KEY ,"no key"},
-{HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED,"private key algorithms disabled"},
-{HWCRHK_R_REQUEST_FAILED ,"request failed"},
-{HWCRHK_R_REQUEST_FALLBACK ,"request fallback"},
-{HWCRHK_R_UNIT_FAILURE ,"unit failure"},
-{0,NULL}
- };
-
-#endif
-
-#ifdef HWCRHK_LIB_NAME
-static ERR_STRING_DATA HWCRHK_lib_name[]=
- {
-{0 ,HWCRHK_LIB_NAME},
-{0,NULL}
- };
-#endif
-
-
-static int HWCRHK_lib_error_code=0;
-static int HWCRHK_error_init=1;
-
-static void ERR_load_HWCRHK_strings(void)
- {
- if (HWCRHK_lib_error_code == 0)
- HWCRHK_lib_error_code=ERR_get_next_error_library();
-
- if (HWCRHK_error_init)
- {
- HWCRHK_error_init=0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_functs);
- ERR_load_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons);
-#endif
-
-#ifdef HWCRHK_LIB_NAME
- HWCRHK_lib_name->error = ERR_PACK(HWCRHK_lib_error_code,0,0);
- ERR_load_strings(0,HWCRHK_lib_name);
-#endif
- }
- }
-
-static void ERR_unload_HWCRHK_strings(void)
- {
- if (HWCRHK_error_init == 0)
- {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_functs);
- ERR_unload_strings(HWCRHK_lib_error_code,HWCRHK_str_reasons);
-#endif
-
-#ifdef HWCRHK_LIB_NAME
- ERR_unload_strings(0,HWCRHK_lib_name);
-#endif
- HWCRHK_error_init=1;
- }
- }
-
-static void ERR_HWCRHK_error(int function, int reason, char *file, int line)
- {
- if (HWCRHK_lib_error_code == 0)
- HWCRHK_lib_error_code=ERR_get_next_error_library();
- ERR_PUT_error(HWCRHK_lib_error_code,function,reason,file,line);
- }
--- crypto/openssl/crypto/engine/hw_nuron_err.h
+++ /dev/null
@@ -1,86 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_NURON_ERR_H
-#define HEADER_NURON_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_NURON_strings(void);
-static void ERR_unload_NURON_strings(void);
-static void ERR_NURON_error(int function, int reason, char *file, int line);
-#define NURONerr(f,r) ERR_NURON_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the NURON functions. */
-
-/* Function codes. */
-#define NURON_F_NURON_CTRL 100
-#define NURON_F_NURON_FINISH 101
-#define NURON_F_NURON_INIT 102
-#define NURON_F_NURON_MOD_EXP 103
-
-/* Reason codes. */
-#define NURON_R_ALREADY_LOADED 100
-#define NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED 101
-#define NURON_R_DSO_FAILURE 102
-#define NURON_R_DSO_FUNCTION_NOT_FOUND 103
-#define NURON_R_DSO_NOT_FOUND 104
-#define NURON_R_NOT_LOADED 105
-
-#ifdef __cplusplus
-}
-#endif
-#endif
--- crypto/openssl/crypto/engine/hw_cswift.c
+++ /dev/null
@@ -1,997 +0,0 @@
-/* crypto/engine/hw_cswift.c */
-/* Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_CSWIFT
-
-/* Attribution notice: Rainbow have generously allowed me to reproduce
- * the necessary definitions here from their API. This means the support
- * can build independently of whether application builders have the
- * API or hardware. This will allow developers to easily produce software
- * that has latent hardware support for any users that have accelerators
- * installed, without the developers themselves needing anything extra.
- *
- * I have only clipped the parts from the CryptoSwift header files that
- * are (or seem) relevant to the CryptoSwift support code. This is
- * simply to keep the file sizes reasonable.
- * [Geoff]
- */
-#ifdef FLAT_INC
-#include "cswift.h"
-#else
-#include "vendor_defns/cswift.h"
-#endif
-
-#define CSWIFT_LIB_NAME "cswift engine"
-#include "hw_cswift_err.c"
-
-static int cswift_destroy(ENGINE *e);
-static int cswift_init(ENGINE *e);
-static int cswift_finish(ENGINE *e);
-static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-
-/* BIGNUM stuff */
-static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1,
- const BIGNUM *iqmp, BN_CTX *ctx);
-
-#ifndef OPENSSL_NO_RSA
-/* RSA stuff */
-static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-#endif
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-#ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* DH stuff */
-/* This function is alised to mod_exp (with the DH and mont dropped). */
-static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#endif
-
-/* RAND stuff */
-static int cswift_rand_bytes(unsigned char *buf, int num);
-static int cswift_rand_status(void);
-
-/* The definitions for control commands specific to this engine */
-#define CSWIFT_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN cswift_cmd_defns[] = {
- {CSWIFT_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'cswift' shared library",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
- };
-
-#ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD cswift_rsa =
- {
- "CryptoSwift RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- cswift_rsa_mod_exp,
- cswift_mod_exp_mont,
- NULL,
- NULL,
- 0,
- NULL,
- NULL,
- NULL
- };
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD cswift_dsa =
- {
- "CryptoSwift DSA method",
- cswift_dsa_sign,
- NULL, /* dsa_sign_setup */
- cswift_dsa_verify,
- NULL, /* dsa_mod_exp */
- NULL, /* bn_mod_exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL /* app_data */
- };
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD cswift_dh =
- {
- "CryptoSwift DH method",
- NULL,
- NULL,
- cswift_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL
- };
-#endif
-
-static RAND_METHOD cswift_random =
- {
- /* "CryptoSwift RAND method", */
- NULL,
- cswift_rand_bytes,
- NULL,
- NULL,
- cswift_rand_bytes,
- cswift_rand_status,
- };
-
-
-/* Constants used when creating the ENGINE */
-static const char *engine_cswift_id = "cswift";
-static const char *engine_cswift_name = "CryptoSwift hardware engine support";
-
-/* This internal function is used by ENGINE_cswift() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
- {
-#ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DH
- const DH_METHOD *meth2;
-#endif
- if(!ENGINE_set_id(e, engine_cswift_id) ||
- !ENGINE_set_name(e, engine_cswift_name) ||
-#ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &cswift_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &cswift_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &cswift_dh) ||
-#endif
- !ENGINE_set_RAND(e, &cswift_random) ||
- !ENGINE_set_destroy_function(e, cswift_destroy) ||
- !ENGINE_set_init_function(e, cswift_init) ||
- !ENGINE_set_finish_function(e, cswift_finish) ||
- !ENGINE_set_ctrl_function(e, cswift_ctrl) ||
- !ENGINE_set_cmd_defns(e, cswift_cmd_defns))
- return 0;
-
-#ifndef OPENSSL_NO_RSA
- /* We know that the "PKCS1_SSLeay()" functions hook properly
- * to the cswift-specific mod_exp and mod_exp_crt so we use
- * those functions. NB: We don't use ENGINE_openssl() or
- * anything "more generic" because something like the RSAref
- * code may not hook properly, and if you own one of these
- * cards then you have the right to do RSA operations on it
- * anyway! */
- meth1 = RSA_PKCS1_SSLeay();
- cswift_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#endif
-
-#ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth2 = DH_OpenSSL();
- cswift_dh.generate_key = meth2->generate_key;
- cswift_dh.compute_key = meth2->compute_key;
-#endif
-
- /* Ensure the cswift error handling is set up */
- ERR_load_CSWIFT_strings();
- return 1;
- }
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_cswift(void)
- {
- ENGINE *ret = ENGINE_new();
- if(!ret)
- return NULL;
- if(!bind_helper(ret))
- {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
- }
-
-void ENGINE_load_cswift(void)
- {
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_cswift();
- if(!toadd) return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
- }
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the CryptoSwift library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-static DSO *cswift_dso = NULL;
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-t_swAcquireAccContext *p_CSwift_AcquireAccContext = NULL;
-t_swAttachKeyParam *p_CSwift_AttachKeyParam = NULL;
-t_swSimpleRequest *p_CSwift_SimpleRequest = NULL;
-t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL;
-
-/* Used in the DSO operations. */
-static const char *CSWIFT_LIBNAME = NULL;
-static const char *get_CSWIFT_LIBNAME(void)
- {
- if(CSWIFT_LIBNAME)
- return CSWIFT_LIBNAME;
- return "swift";
- }
-static void free_CSWIFT_LIBNAME(void)
- {
- if(CSWIFT_LIBNAME)
- OPENSSL_free((void*)CSWIFT_LIBNAME);
- CSWIFT_LIBNAME = NULL;
- }
-static long set_CSWIFT_LIBNAME(const char *name)
- {
- free_CSWIFT_LIBNAME();
- return (((CSWIFT_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
- }
-static const char *CSWIFT_F1 = "swAcquireAccContext";
-static const char *CSWIFT_F2 = "swAttachKeyParam";
-static const char *CSWIFT_F3 = "swSimpleRequest";
-static const char *CSWIFT_F4 = "swReleaseAccContext";
-
-
-/* CryptoSwift library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no
- * error checking, take a look lower down where these functions are
- * called, the checking and error handling is probably down there. */
-
-/* utility function to obtain a context */
-static int get_context(SW_CONTEXT_HANDLE *hac)
- {
- SW_STATUS status;
-
- status = p_CSwift_AcquireAccContext(hac);
- if(status != SW_OK)
- return 0;
- return 1;
- }
-
-/* similarly to release one. */
-static void release_context(SW_CONTEXT_HANDLE hac)
- {
- p_CSwift_ReleaseAccContext(hac);
- }
-
-/* Destructor (complements the "ENGINE_cswift()" constructor) */
-static int cswift_destroy(ENGINE *e)
- {
- free_CSWIFT_LIBNAME();
- ERR_unload_CSWIFT_strings();
- return 1;
- }
-
-/* (de)initialisation functions. */
-static int cswift_init(ENGINE *e)
- {
- SW_CONTEXT_HANDLE hac;
- t_swAcquireAccContext *p1;
- t_swAttachKeyParam *p2;
- t_swSimpleRequest *p3;
- t_swReleaseAccContext *p4;
-
- if(cswift_dso != NULL)
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_ALREADY_LOADED);
- goto err;
- }
- /* Attempt to load libswift.so/swift.dll/whatever. */
- cswift_dso = DSO_load(NULL, get_CSWIFT_LIBNAME(), NULL, 0);
- if(cswift_dso == NULL)
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
- goto err;
- }
- if(!(p1 = (t_swAcquireAccContext *)
- DSO_bind_func(cswift_dso, CSWIFT_F1)) ||
- !(p2 = (t_swAttachKeyParam *)
- DSO_bind_func(cswift_dso, CSWIFT_F2)) ||
- !(p3 = (t_swSimpleRequest *)
- DSO_bind_func(cswift_dso, CSWIFT_F3)) ||
- !(p4 = (t_swReleaseAccContext *)
- DSO_bind_func(cswift_dso, CSWIFT_F4)))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_NOT_LOADED);
- goto err;
- }
- /* Copy the pointers */
- p_CSwift_AcquireAccContext = p1;
- p_CSwift_AttachKeyParam = p2;
- p_CSwift_SimpleRequest = p3;
- p_CSwift_ReleaseAccContext = p4;
- /* Try and get a context - if not, we may have a DSO but no
- * accelerator! */
- if(!get_context(&hac))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_INIT,CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- release_context(hac);
- /* Everything's fine. */
- return 1;
-err:
- if(cswift_dso)
- DSO_free(cswift_dso);
- p_CSwift_AcquireAccContext = NULL;
- p_CSwift_AttachKeyParam = NULL;
- p_CSwift_SimpleRequest = NULL;
- p_CSwift_ReleaseAccContext = NULL;
- return 0;
- }
-
-static int cswift_finish(ENGINE *e)
- {
- free_CSWIFT_LIBNAME();
- if(cswift_dso == NULL)
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_NOT_LOADED);
- return 0;
- }
- if(!DSO_free(cswift_dso))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_FINISH,CSWIFT_R_UNIT_FAILURE);
- return 0;
- }
- cswift_dso = NULL;
- p_CSwift_AcquireAccContext = NULL;
- p_CSwift_AttachKeyParam = NULL;
- p_CSwift_SimpleRequest = NULL;
- p_CSwift_ReleaseAccContext = NULL;
- return 1;
- }
-
-static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
- {
- int initialised = ((cswift_dso == NULL) ? 0 : 1);
- switch(cmd)
- {
- case CSWIFT_CMD_SO_PATH:
- if(p == NULL)
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if(initialised)
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_ALREADY_LOADED);
- return 0;
- }
- return set_CSWIFT_LIBNAME((const char *)p);
- default:
- break;
- }
- CSWIFTerr(CSWIFT_F_CSWIFT_CTRL,CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- return 0;
- }
-
-/* Un petit mod_exp */
-static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
- {
- /* I need somewhere to store temporary serialised values for
- * use with the CryptoSwift API calls. A neat cheat - I'll use
- * BIGNUMs from the BN_CTX but access their arrays directly as
- * byte arrays <grin>. This way I don't have to clean anything
- * up. */
- BIGNUM *modulus;
- BIGNUM *exponent;
- BIGNUM *argument;
- BIGNUM *result;
- SW_STATUS sw_status;
- SW_LARGENUMBER arg, res;
- SW_PARAM sw_param;
- SW_CONTEXT_HANDLE hac;
- int to_return, acquired;
-
- modulus = exponent = argument = result = NULL;
- to_return = 0; /* expect failure */
- acquired = 0;
-
- if(!get_context(&hac))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- acquired = 1;
- /* Prepare the params */
- BN_CTX_start(ctx);
- modulus = BN_CTX_get(ctx);
- exponent = BN_CTX_get(ctx);
- argument = BN_CTX_get(ctx);
- result = BN_CTX_get(ctx);
- if(!result)
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_CTX_FULL);
- goto err;
- }
- if(!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) ||
- !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- sw_param.type = SW_ALG_EXP;
- sw_param.up.exp.modulus.nbytes = BN_bn2bin(m,
- (unsigned char *)modulus->d);
- sw_param.up.exp.modulus.value = (unsigned char *)modulus->d;
- sw_param.up.exp.exponent.nbytes = BN_bn2bin(p,
- (unsigned char *)exponent->d);
- sw_param.up.exp.exponent.value = (unsigned char *)exponent->d;
- /* Attach the key params */
- sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
- switch(sw_status)
- {
- case SW_OK:
- break;
- case SW_ERR_INPUT_SIZE:
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_BAD_KEY_SIZE);
- goto err;
- default:
- {
- char tmpbuf[DECIMAL_SIZE(sw_status)+1];
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
- }
- goto err;
- }
- /* Prepare the argument and response */
- arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
- arg.value = (unsigned char *)argument->d;
- res.nbytes = BN_num_bytes(m);
- memset(result->d, 0, res.nbytes);
- res.value = (unsigned char *)result->d;
- /* Perform the operation */
- if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1,
- &res, 1)) != SW_OK)
- {
- char tmpbuf[DECIMAL_SIZE(sw_status)+1];
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP,CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
- goto err;
- }
- /* Convert the response */
- BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
- to_return = 1;
-err:
- if(acquired)
- release_context(hac);
- BN_CTX_end(ctx);
- return to_return;
- }
-
-/* Un petit mod_exp chinois */
-static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dmp1,
- const BIGNUM *dmq1, const BIGNUM *iqmp, BN_CTX *ctx)
- {
- SW_STATUS sw_status;
- SW_LARGENUMBER arg, res;
- SW_PARAM sw_param;
- SW_CONTEXT_HANDLE hac;
- BIGNUM *rsa_p = NULL;
- BIGNUM *rsa_q = NULL;
- BIGNUM *rsa_dmp1 = NULL;
- BIGNUM *rsa_dmq1 = NULL;
- BIGNUM *rsa_iqmp = NULL;
- BIGNUM *argument = NULL;
- BIGNUM *result = NULL;
- int to_return = 0; /* expect failure */
- int acquired = 0;
-
- if(!get_context(&hac))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- acquired = 1;
- /* Prepare the params */
- BN_CTX_start(ctx);
- rsa_p = BN_CTX_get(ctx);
- rsa_q = BN_CTX_get(ctx);
- rsa_dmp1 = BN_CTX_get(ctx);
- rsa_dmq1 = BN_CTX_get(ctx);
- rsa_iqmp = BN_CTX_get(ctx);
- argument = BN_CTX_get(ctx);
- result = BN_CTX_get(ctx);
- if(!result)
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_CTX_FULL);
- goto err;
- }
- if(!bn_wexpand(rsa_p, p->top) || !bn_wexpand(rsa_q, q->top) ||
- !bn_wexpand(rsa_dmp1, dmp1->top) ||
- !bn_wexpand(rsa_dmq1, dmq1->top) ||
- !bn_wexpand(rsa_iqmp, iqmp->top) ||
- !bn_wexpand(argument, a->top) ||
- !bn_wexpand(result, p->top + q->top))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- sw_param.type = SW_ALG_CRT;
- sw_param.up.crt.p.nbytes = BN_bn2bin(p, (unsigned char *)rsa_p->d);
- sw_param.up.crt.p.value = (unsigned char *)rsa_p->d;
- sw_param.up.crt.q.nbytes = BN_bn2bin(q, (unsigned char *)rsa_q->d);
- sw_param.up.crt.q.value = (unsigned char *)rsa_q->d;
- sw_param.up.crt.dmp1.nbytes = BN_bn2bin(dmp1,
- (unsigned char *)rsa_dmp1->d);
- sw_param.up.crt.dmp1.value = (unsigned char *)rsa_dmp1->d;
- sw_param.up.crt.dmq1.nbytes = BN_bn2bin(dmq1,
- (unsigned char *)rsa_dmq1->d);
- sw_param.up.crt.dmq1.value = (unsigned char *)rsa_dmq1->d;
- sw_param.up.crt.iqmp.nbytes = BN_bn2bin(iqmp,
- (unsigned char *)rsa_iqmp->d);
- sw_param.up.crt.iqmp.value = (unsigned char *)rsa_iqmp->d;
- /* Attach the key params */
- sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
- switch(sw_status)
- {
- case SW_OK:
- break;
- case SW_ERR_INPUT_SIZE:
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_BAD_KEY_SIZE);
- goto err;
- default:
- {
- char tmpbuf[DECIMAL_SIZE(sw_status)+1];
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
- }
- goto err;
- }
- /* Prepare the argument and response */
- arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
- arg.value = (unsigned char *)argument->d;
- res.nbytes = 2 * BN_num_bytes(p);
- memset(result->d, 0, res.nbytes);
- res.value = (unsigned char *)result->d;
- /* Perform the operation */
- if((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1,
- &res, 1)) != SW_OK)
- {
- char tmpbuf[DECIMAL_SIZE(sw_status)+1];
- CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT,CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
- goto err;
- }
- /* Convert the response */
- BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
- to_return = 1;
-err:
- if(acquired)
- release_context(hac);
- BN_CTX_end(ctx);
- return to_return;
- }
-
-#ifndef OPENSSL_NO_RSA
-static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
- {
- BN_CTX *ctx;
- int to_return = 0;
-
- if((ctx = BN_CTX_new()) == NULL)
- goto err;
- if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,CSWIFT_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
- to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
- rsa->dmq1, rsa->iqmp, ctx);
-err:
- if(ctx)
- BN_CTX_free(ctx);
- return to_return;
- }
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
- {
- return cswift_mod_exp(r, a, p, m, ctx);
- }
-
-#ifndef OPENSSL_NO_DSA
-static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
- {
- SW_CONTEXT_HANDLE hac;
- SW_PARAM sw_param;
- SW_STATUS sw_status;
- SW_LARGENUMBER arg, res;
- unsigned char *ptr;
- BN_CTX *ctx;
- BIGNUM *dsa_p = NULL;
- BIGNUM *dsa_q = NULL;
- BIGNUM *dsa_g = NULL;
- BIGNUM *dsa_key = NULL;
- BIGNUM *result = NULL;
- DSA_SIG *to_return = NULL;
- int acquired = 0;
-
- if((ctx = BN_CTX_new()) == NULL)
- goto err;
- if(!get_context(&hac))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- acquired = 1;
- /* Prepare the params */
- BN_CTX_start(ctx);
- dsa_p = BN_CTX_get(ctx);
- dsa_q = BN_CTX_get(ctx);
- dsa_g = BN_CTX_get(ctx);
- dsa_key = BN_CTX_get(ctx);
- result = BN_CTX_get(ctx);
- if(!result)
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_CTX_FULL);
- goto err;
- }
- if(!bn_wexpand(dsa_p, dsa->p->top) ||
- !bn_wexpand(dsa_q, dsa->q->top) ||
- !bn_wexpand(dsa_g, dsa->g->top) ||
- !bn_wexpand(dsa_key, dsa->priv_key->top) ||
- !bn_wexpand(result, dsa->p->top))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- sw_param.type = SW_ALG_DSA;
- sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p,
- (unsigned char *)dsa_p->d);
- sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
- sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q,
- (unsigned char *)dsa_q->d);
- sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
- sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g,
- (unsigned char *)dsa_g->d);
- sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
- sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->priv_key,
- (unsigned char *)dsa_key->d);
- sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
- /* Attach the key params */
- sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
- switch(sw_status)
- {
- case SW_OK:
- break;
- case SW_ERR_INPUT_SIZE:
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_BAD_KEY_SIZE);
- goto err;
- default:
- {
- char tmpbuf[DECIMAL_SIZE(sw_status)+1];
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
- }
- goto err;
- }
- /* Prepare the argument and response */
- arg.nbytes = dlen;
- arg.value = (unsigned char *)dgst;
- res.nbytes = BN_num_bytes(dsa->p);
- memset(result->d, 0, res.nbytes);
- res.value = (unsigned char *)result->d;
- /* Perform the operation */
- sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_SIGN, &arg, 1,
- &res, 1);
- if(sw_status != SW_OK)
- {
- char tmpbuf[DECIMAL_SIZE(sw_status)+1];
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN,CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
- goto err;
- }
- /* Convert the response */
- ptr = (unsigned char *)result->d;
- if((to_return = DSA_SIG_new()) == NULL)
- goto err;
- to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL);
- to_return->s = BN_bin2bn((unsigned char *)result->d + 20, 20, NULL);
-
-err:
- if(acquired)
- release_context(hac);
- if(ctx)
- {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- return to_return;
- }
-
-static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa)
- {
- SW_CONTEXT_HANDLE hac;
- SW_PARAM sw_param;
- SW_STATUS sw_status;
- SW_LARGENUMBER arg[2], res;
- unsigned long sig_result;
- BN_CTX *ctx;
- BIGNUM *dsa_p = NULL;
- BIGNUM *dsa_q = NULL;
- BIGNUM *dsa_g = NULL;
- BIGNUM *dsa_key = NULL;
- BIGNUM *argument = NULL;
- int to_return = -1;
- int acquired = 0;
-
- if((ctx = BN_CTX_new()) == NULL)
- goto err;
- if(!get_context(&hac))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- acquired = 1;
- /* Prepare the params */
- BN_CTX_start(ctx);
- dsa_p = BN_CTX_get(ctx);
- dsa_q = BN_CTX_get(ctx);
- dsa_g = BN_CTX_get(ctx);
- dsa_key = BN_CTX_get(ctx);
- argument = BN_CTX_get(ctx);
- if(!argument)
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_CTX_FULL);
- goto err;
- }
- if(!bn_wexpand(dsa_p, dsa->p->top) ||
- !bn_wexpand(dsa_q, dsa->q->top) ||
- !bn_wexpand(dsa_g, dsa->g->top) ||
- !bn_wexpand(dsa_key, dsa->pub_key->top) ||
- !bn_wexpand(argument, 40))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BN_EXPAND_FAIL);
- goto err;
- }
- sw_param.type = SW_ALG_DSA;
- sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p,
- (unsigned char *)dsa_p->d);
- sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
- sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q,
- (unsigned char *)dsa_q->d);
- sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
- sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g,
- (unsigned char *)dsa_g->d);
- sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
- sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->pub_key,
- (unsigned char *)dsa_key->d);
- sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
- /* Attach the key params */
- sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
- switch(sw_status)
- {
- case SW_OK:
- break;
- case SW_ERR_INPUT_SIZE:
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_BAD_KEY_SIZE);
- goto err;
- default:
- {
- char tmpbuf[DECIMAL_SIZE(sw_status)+1];
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
- }
- goto err;
- }
- /* Prepare the argument and response */
- arg[0].nbytes = dgst_len;
- arg[0].value = (unsigned char *)dgst;
- arg[1].nbytes = 40;
- arg[1].value = (unsigned char *)argument->d;
- memset(arg[1].value, 0, 40);
- BN_bn2bin(sig->r, arg[1].value + 20 - BN_num_bytes(sig->r));
- BN_bn2bin(sig->s, arg[1].value + 40 - BN_num_bytes(sig->s));
- res.nbytes = 4; /* unsigned long */
- res.value = (unsigned char *)(&sig_result);
- /* Perform the operation */
- sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_VERIFY, arg, 2,
- &res, 1);
- if(sw_status != SW_OK)
- {
- char tmpbuf[DECIMAL_SIZE(sw_status)+1];
- CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY,CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", sw_status);
- ERR_add_error_data(2, "CryptoSwift error number is ",tmpbuf);
- goto err;
- }
- /* Convert the response */
- to_return = ((sig_result == 0) ? 0 : 1);
-
-err:
- if(acquired)
- release_context(hac);
- if(ctx)
- {
- BN_CTX_end(ctx);
- BN_CTX_free(ctx);
- }
- return to_return;
- }
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
- {
- return cswift_mod_exp(r, a, p, m, ctx);
- }
-#endif
-
-/* Random bytes are good */
-static int cswift_rand_bytes(unsigned char *buf, int num)
-{
- SW_CONTEXT_HANDLE hac;
- SW_STATUS swrc;
- SW_LARGENUMBER largenum;
- size_t nbytes = 0;
- int acquired = 0;
- int to_return = 0; /* assume failure */
-
- if (!get_context(&hac))
- {
- CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_UNIT_FAILURE);
- goto err;
- }
- acquired = 1;
-
- while (nbytes < (size_t)num)
- {
- /* tell CryptoSwift how many bytes we want and where we want it.
- * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
- * - CryptoSwift can only do multiple of 32-bits. */
- largenum.value = (SW_BYTE *) buf + nbytes;
- if (4096 > num - nbytes)
- largenum.nbytes = num - nbytes;
- else
- largenum.nbytes = 4096;
-
- swrc = p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
- if (swrc != SW_OK)
- {
- char tmpbuf[20];
- CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_REQUEST_FAILED);
- sprintf(tmpbuf, "%ld", swrc);
- ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
- goto err;
- }
-
- nbytes += largenum.nbytes;
- }
- to_return = 1; /* success */
-
-err:
- if (acquired)
- release_context(hac);
- return to_return;
-}
-
-static int cswift_rand_status(void)
-{
- return 1;
-}
-
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
- {
- if(id && (strcmp(id, engine_cswift_id) != 0))
- return 0;
- if(!bind_helper(e))
- return 0;
- return 1;
- }
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_CSWIFT */
-#endif /* !OPENSSL_NO_HW */
--- crypto/openssl/crypto/engine/hw_sureware.c
+++ /dev/null
@@ -1,1039 +0,0 @@
-/* Written by Corinne Dive-Reclus(cdive at baltimore.com)
-*
-*
-* Redistribution and use in source and binary forms, with or without
-* modification, are permitted provided that the following conditions
-* are met:
-*
-* 1. Redistributions of source code must retain the above copyright
-* notice, this list of conditions and the following disclaimer.
-*
-* 2. Redistributions in binary form must reproduce the above copyright
-* notice, this list of conditions and the following disclaimer in
-* the documentation and/or other materials provided with the
-* distribution.
-*
-* 3. All advertising materials mentioning features or use of this
-* software must display the following acknowledgment:
-* "This product includes software developed by the OpenSSL Project
-* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-*
-* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-* endorse or promote products derived from this software without
-* prior written permission. For written permission, please contact
-* licensing at OpenSSL.org.
-*
-* 5. Products derived from this software may not be called "OpenSSL"
-* nor may "OpenSSL" appear in their names without prior written
-* permission of the OpenSSL Project.
-*
-* 6. Redistributions of any form whatsoever must retain the following
-* acknowledgment:
-* "This product includes software developed by the OpenSSL Project
-* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-*
-* Written by Corinne Dive-Reclus(cdive at baltimore.com)
-*
-* Copyright at 2001 Baltimore Technologies Ltd.
-* All right Reserved.
-* *
-* THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND *
-* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE *
-* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE *
-* ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE *
-* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL *
-* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS *
-* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) *
-* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT *
-* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY *
-* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF *
-* SUCH DAMAGE. *
-====================================================================*/
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/pem.h>
-#include <openssl/dso.h>
-#include "eng_int.h"
-#include "engine.h"
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_SUREWARE
-
-#ifdef FLAT_INC
-#include "sureware.h"
-#else
-#include "vendor_defns/sureware.h"
-#endif
-
-#define SUREWARE_LIB_NAME "sureware engine"
-#include "hw_sureware_err.c"
-
-static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-static int surewarehk_destroy(ENGINE *e);
-static int surewarehk_init(ENGINE *e);
-static int surewarehk_finish(ENGINE *e);
-static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-
-/* RSA stuff */
-static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to,
- RSA *rsa,int padding);
-static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to,
- RSA *rsa,int padding);
-
-/* RAND stuff */
-static int surewarehk_rand_bytes(unsigned char *buf, int num);
-static void surewarehk_rand_seed(const void *buf, int num);
-static void surewarehk_rand_add(const void *buf, int num, double entropy);
-
-/* KM stuff */
-static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method, void *callback_data);
-static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method, void *callback_data);
-static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int idx,long argl, void *argp);
-#if 0
-static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int idx,long argl, void *argp);
-#endif
-
-#ifndef OPENSSL_NO_RSA
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int surewarehk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
- return surewarehk_modexp(r, a, p, m, ctx);
-}
-
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD surewarehk_rsa =
- {
- "SureWare RSA method",
- NULL, /* pub_enc*/
- NULL, /* pub_dec*/
- surewarehk_rsa_sign, /* our rsa_sign is OpenSSL priv_enc*/
- surewarehk_rsa_priv_dec, /* priv_dec*/
- NULL, /*mod_exp*/
- surewarehk_mod_exp_mont, /*mod_exp_mongomery*/
- NULL, /* init*/
- NULL, /* finish*/
- 0, /* RSA flag*/
- NULL,
- NULL, /* OpenSSL sign*/
- NULL /* OpenSSL verify*/
- };
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int surewarehk_modexp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
- return surewarehk_modexp(r, a, p, m, ctx);
-}
-
-static DH_METHOD surewarehk_dh =
- {
- "SureWare DH method",
- NULL,/*gen_key*/
- NULL,/*agree,*/
- surewarehk_modexp_dh, /*dh mod exp*/
- NULL, /* init*/
- NULL, /* finish*/
- 0, /* flags*/
- NULL
- };
-#endif
-
-static RAND_METHOD surewarehk_rand =
- {
- /* "SureWare RAND method", */
- surewarehk_rand_seed,
- surewarehk_rand_bytes,
- NULL,/*cleanup*/
- surewarehk_rand_add,
- surewarehk_rand_bytes,
- NULL,/*rand_status*/
- };
-
-#ifndef OPENSSL_NO_DSA
-/* DSA stuff */
-static DSA_SIG * surewarehk_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int surewarehk_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
- BIGNUM t;
- int to_return = 0;
- BN_init(&t);
- /* let rr = a1 ^ p1 mod m */
- if (!surewarehk_modexp(rr,a1,p1,m,ctx)) goto end;
- /* let t = a2 ^ p2 mod m */
- if (!surewarehk_modexp(&t,a2,p2,m,ctx)) goto end;
- /* let rr = rr * t mod m */
- if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
- to_return = 1;
-end:
- BN_free(&t);
- return to_return;
-}
-
-static DSA_METHOD surewarehk_dsa =
- {
- "SureWare DSA method",
- surewarehk_dsa_do_sign,
- NULL,/*sign setup*/
- NULL,/*verify,*/
- surewarehk_dsa_mod_exp,/*mod exp*/
- NULL,/*bn mod exp*/
- NULL, /*init*/
- NULL,/*finish*/
- 0,
- NULL,
- };
-#endif
-
-static const char *engine_sureware_id = "sureware";
-static const char *engine_sureware_name = "SureWare hardware engine support";
-
-/* Now, to our own code */
-
-/* As this is only ever called once, there's no need for locking
- * (indeed - the lock will already be held by our caller!!!) */
-static int bind_sureware(ENGINE *e)
-{
-#ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DSA
- const DSA_METHOD *meth2;
-#endif
-#ifndef OPENSSL_NO_DH
- const DH_METHOD *meth3;
-#endif
-
- if(!ENGINE_set_id(e, engine_sureware_id) ||
- !ENGINE_set_name(e, engine_sureware_name) ||
-#ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &surewarehk_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &surewarehk_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &surewarehk_dh) ||
-#endif
- !ENGINE_set_RAND(e, &surewarehk_rand) ||
- !ENGINE_set_destroy_function(e, surewarehk_destroy) ||
- !ENGINE_set_init_function(e, surewarehk_init) ||
- !ENGINE_set_finish_function(e, surewarehk_finish) ||
- !ENGINE_set_ctrl_function(e, surewarehk_ctrl) ||
- !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) ||
- !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey))
- return 0;
-
-#ifndef OPENSSL_NO_RSA
- /* We know that the "PKCS1_SSLeay()" functions hook properly
- * to the cswift-specific mod_exp and mod_exp_crt so we use
- * those functions. NB: We don't use ENGINE_openssl() or
- * anything "more generic" because something like the RSAref
- * code may not hook properly, and if you own one of these
- * cards then you have the right to do RSA operations on it
- * anyway! */
- meth1 = RSA_PKCS1_SSLeay();
- if (meth1)
- {
- surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- }
-#endif
-
-#ifndef OPENSSL_NO_DSA
- /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
- * bits. */
- meth2 = DSA_OpenSSL();
- if (meth2)
- {
- surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify;
- }
-#endif
-
-#ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth3 = DH_OpenSSL();
- if (meth3)
- {
- surewarehk_dh.generate_key = meth3->generate_key;
- surewarehk_dh.compute_key = meth3->compute_key;
- }
-#endif
-
- /* Ensure the sureware error handling is set up */
- ERR_load_SUREWARE_strings();
- return 1;
-}
-
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_helper(ENGINE *e, const char *id)
- {
- if(id && (strcmp(id, engine_sureware_id) != 0))
- return 0;
- if(!bind_sureware(e))
- return 0;
- return 1;
- }
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
-#else
-static ENGINE *engine_sureware(void)
- {
- ENGINE *ret = ENGINE_new();
- if(!ret)
- return NULL;
- if(!bind_sureware(ret))
- {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
- }
-
-void ENGINE_load_sureware(void)
- {
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_sureware();
- if(!toadd) return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
- }
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the SureWareHook library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-static DSO *surewarehk_dso = NULL;
-#ifndef OPENSSL_NO_RSA
-static int rsaHndidx = -1; /* Index for KM handle. Not really used yet. */
-#endif
-#ifndef OPENSSL_NO_DSA
-static int dsaHndidx = -1; /* Index for KM handle. Not really used yet. */
-#endif
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-static SureWareHook_Init_t *p_surewarehk_Init = NULL;
-static SureWareHook_Finish_t *p_surewarehk_Finish = NULL;
-static SureWareHook_Rand_Bytes_t *p_surewarehk_Rand_Bytes = NULL;
-static SureWareHook_Rand_Seed_t *p_surewarehk_Rand_Seed = NULL;
-static SureWareHook_Load_Privkey_t *p_surewarehk_Load_Privkey = NULL;
-static SureWareHook_Info_Pubkey_t *p_surewarehk_Info_Pubkey = NULL;
-static SureWareHook_Load_Rsa_Pubkey_t *p_surewarehk_Load_Rsa_Pubkey = NULL;
-static SureWareHook_Load_Dsa_Pubkey_t *p_surewarehk_Load_Dsa_Pubkey = NULL;
-static SureWareHook_Free_t *p_surewarehk_Free=NULL;
-static SureWareHook_Rsa_Priv_Dec_t *p_surewarehk_Rsa_Priv_Dec=NULL;
-static SureWareHook_Rsa_Sign_t *p_surewarehk_Rsa_Sign=NULL;
-static SureWareHook_Dsa_Sign_t *p_surewarehk_Dsa_Sign=NULL;
-static SureWareHook_Mod_Exp_t *p_surewarehk_Mod_Exp=NULL;
-
-/* Used in the DSO operations. */
-static const char *surewarehk_LIBNAME = "SureWareHook";
-static const char *n_surewarehk_Init = "SureWareHook_Init";
-static const char *n_surewarehk_Finish = "SureWareHook_Finish";
-static const char *n_surewarehk_Rand_Bytes="SureWareHook_Rand_Bytes";
-static const char *n_surewarehk_Rand_Seed="SureWareHook_Rand_Seed";
-static const char *n_surewarehk_Load_Privkey="SureWareHook_Load_Privkey";
-static const char *n_surewarehk_Info_Pubkey="SureWareHook_Info_Pubkey";
-static const char *n_surewarehk_Load_Rsa_Pubkey="SureWareHook_Load_Rsa_Pubkey";
-static const char *n_surewarehk_Load_Dsa_Pubkey="SureWareHook_Load_Dsa_Pubkey";
-static const char *n_surewarehk_Free="SureWareHook_Free";
-static const char *n_surewarehk_Rsa_Priv_Dec="SureWareHook_Rsa_Priv_Dec";
-static const char *n_surewarehk_Rsa_Sign="SureWareHook_Rsa_Sign";
-static const char *n_surewarehk_Dsa_Sign="SureWareHook_Dsa_Sign";
-static const char *n_surewarehk_Mod_Exp="SureWareHook_Mod_Exp";
-static BIO *logstream = NULL;
-
-/* SureWareHook library functions and mechanics - these are used by the
- * higher-level functions further down. NB: As and where there's no
- * error checking, take a look lower down where these functions are
- * called, the checking and error handling is probably down there.
-*/
-static int threadsafe=1;
-static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
-{
- int to_return = 1;
-
- switch(cmd)
- {
- case ENGINE_CTRL_SET_LOGSTREAM:
- {
- BIO *bio = (BIO *)p;
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- if (logstream)
- {
- BIO_free(logstream);
- logstream = NULL;
- }
- if (CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO) > 1)
- logstream = bio;
- else
- SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,SUREWARE_R_BIO_WAS_FREED);
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
- /* This will prevent the initialisation function from "installing"
- * the mutex-handling callbacks, even if they are available from
- * within the library (or were provided to the library from the
- * calling application). This is to remove any baggage for
- * applications not using multithreading. */
- case ENGINE_CTRL_CHIL_NO_LOCKING:
- CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
- threadsafe = 0;
- CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
- break;
-
- /* The command isn't understood by this engine */
- default:
- SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,
- ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- to_return = 0;
- break;
- }
-
- return to_return;
-}
-
-/* Destructor (complements the "ENGINE_surewarehk()" constructor) */
-static int surewarehk_destroy(ENGINE *e)
-{
- ERR_unload_SUREWARE_strings();
- return 1;
-}
-
-/* (de)initialisation functions. */
-static int surewarehk_init(ENGINE *e)
-{
- char msg[64]="ENGINE_init";
- SureWareHook_Init_t *p1=NULL;
- SureWareHook_Finish_t *p2=NULL;
- SureWareHook_Rand_Bytes_t *p3=NULL;
- SureWareHook_Rand_Seed_t *p4=NULL;
- SureWareHook_Load_Privkey_t *p5=NULL;
- SureWareHook_Load_Rsa_Pubkey_t *p6=NULL;
- SureWareHook_Free_t *p7=NULL;
- SureWareHook_Rsa_Priv_Dec_t *p8=NULL;
- SureWareHook_Rsa_Sign_t *p9=NULL;
- SureWareHook_Dsa_Sign_t *p12=NULL;
- SureWareHook_Info_Pubkey_t *p13=NULL;
- SureWareHook_Load_Dsa_Pubkey_t *p14=NULL;
- SureWareHook_Mod_Exp_t *p15=NULL;
-
- if(surewarehk_dso != NULL)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_ALREADY_LOADED);
- goto err;
- }
- /* Attempt to load libsurewarehk.so/surewarehk.dll/whatever. */
- surewarehk_dso = DSO_load(NULL, surewarehk_LIBNAME, NULL, 0);
- if(surewarehk_dso == NULL)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_DSO_FAILURE);
- goto err;
- }
- if(!(p1=(SureWareHook_Init_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Init)) ||
- !(p2=(SureWareHook_Finish_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Finish)) ||
- !(p3=(SureWareHook_Rand_Bytes_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rand_Bytes)) ||
- !(p4=(SureWareHook_Rand_Seed_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rand_Seed)) ||
- !(p5=(SureWareHook_Load_Privkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Privkey)) ||
- !(p6=(SureWareHook_Load_Rsa_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Rsa_Pubkey)) ||
- !(p7=(SureWareHook_Free_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Free)) ||
- !(p8=(SureWareHook_Rsa_Priv_Dec_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rsa_Priv_Dec)) ||
- !(p9=(SureWareHook_Rsa_Sign_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Rsa_Sign)) ||
- !(p12=(SureWareHook_Dsa_Sign_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Dsa_Sign)) ||
- !(p13=(SureWareHook_Info_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Info_Pubkey)) ||
- !(p14=(SureWareHook_Load_Dsa_Pubkey_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Load_Dsa_Pubkey)) ||
- !(p15=(SureWareHook_Mod_Exp_t*)DSO_bind_func(surewarehk_dso, n_surewarehk_Mod_Exp)))
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,ENGINE_R_DSO_FAILURE);
- goto err;
- }
- /* Copy the pointers */
- p_surewarehk_Init = p1;
- p_surewarehk_Finish = p2;
- p_surewarehk_Rand_Bytes = p3;
- p_surewarehk_Rand_Seed = p4;
- p_surewarehk_Load_Privkey = p5;
- p_surewarehk_Load_Rsa_Pubkey = p6;
- p_surewarehk_Free = p7;
- p_surewarehk_Rsa_Priv_Dec = p8;
- p_surewarehk_Rsa_Sign = p9;
- p_surewarehk_Dsa_Sign = p12;
- p_surewarehk_Info_Pubkey = p13;
- p_surewarehk_Load_Dsa_Pubkey = p14;
- p_surewarehk_Mod_Exp = p15;
- /* Contact the hardware and initialises it. */
- if(p_surewarehk_Init(msg,threadsafe)==SUREWAREHOOK_ERROR_UNIT_FAILURE)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,SUREWARE_R_UNIT_FAILURE);
- goto err;
- }
- if(p_surewarehk_Init(msg,threadsafe)==SUREWAREHOOK_ERROR_UNIT_FAILURE)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT,SUREWARE_R_UNIT_FAILURE);
- goto err;
- }
- /* try to load the default private key, if failed does not return a failure but
- wait for an explicit ENGINE_load_privakey */
- surewarehk_load_privkey(e,NULL,NULL,NULL);
-
- /* Everything's fine. */
-#ifndef OPENSSL_NO_RSA
- if (rsaHndidx == -1)
- rsaHndidx = RSA_get_ex_new_index(0,
- "SureWareHook RSA key handle",
- NULL, NULL, surewarehk_ex_free);
-#endif
-#ifndef OPENSSL_NO_DSA
- if (dsaHndidx == -1)
- dsaHndidx = DSA_get_ex_new_index(0,
- "SureWareHook DSA key handle",
- NULL, NULL, surewarehk_ex_free);
-#endif
-
- return 1;
-err:
- if(surewarehk_dso)
- DSO_free(surewarehk_dso);
- surewarehk_dso = NULL;
- p_surewarehk_Init = NULL;
- p_surewarehk_Finish = NULL;
- p_surewarehk_Rand_Bytes = NULL;
- p_surewarehk_Rand_Seed = NULL;
- p_surewarehk_Load_Privkey = NULL;
- p_surewarehk_Load_Rsa_Pubkey = NULL;
- p_surewarehk_Free = NULL;
- p_surewarehk_Rsa_Priv_Dec = NULL;
- p_surewarehk_Rsa_Sign = NULL;
- p_surewarehk_Dsa_Sign = NULL;
- p_surewarehk_Info_Pubkey = NULL;
- p_surewarehk_Load_Dsa_Pubkey = NULL;
- p_surewarehk_Mod_Exp = NULL;
- return 0;
-}
-
-static int surewarehk_finish(ENGINE *e)
-{
- int to_return = 1;
- if(surewarehk_dso == NULL)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH,ENGINE_R_NOT_LOADED);
- to_return = 0;
- goto err;
- }
- p_surewarehk_Finish();
- if(!DSO_free(surewarehk_dso))
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH,ENGINE_R_DSO_FAILURE);
- to_return = 0;
- goto err;
- }
- err:
- if (logstream)
- BIO_free(logstream);
- surewarehk_dso = NULL;
- p_surewarehk_Init = NULL;
- p_surewarehk_Finish = NULL;
- p_surewarehk_Rand_Bytes = NULL;
- p_surewarehk_Rand_Seed = NULL;
- p_surewarehk_Load_Privkey = NULL;
- p_surewarehk_Load_Rsa_Pubkey = NULL;
- p_surewarehk_Free = NULL;
- p_surewarehk_Rsa_Priv_Dec = NULL;
- p_surewarehk_Rsa_Sign = NULL;
- p_surewarehk_Dsa_Sign = NULL;
- p_surewarehk_Info_Pubkey = NULL;
- p_surewarehk_Load_Dsa_Pubkey = NULL;
- p_surewarehk_Mod_Exp = NULL;
- return to_return;
-}
-
-static void surewarehk_error_handling(char *const msg,int func,int ret)
-{
- switch (ret)
- {
- case SUREWAREHOOK_ERROR_UNIT_FAILURE:
- ENGINEerr(func,SUREWARE_R_UNIT_FAILURE);
- break;
- case SUREWAREHOOK_ERROR_FALLBACK:
- ENGINEerr(func,SUREWARE_R_REQUEST_FALLBACK);
- break;
- case SUREWAREHOOK_ERROR_DATA_SIZE:
- ENGINEerr(func,SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- break;
- case SUREWAREHOOK_ERROR_INVALID_PAD:
- ENGINEerr(func,RSA_R_PADDING_CHECK_FAILED);
- break;
- default:
- ENGINEerr(func,SUREWARE_R_REQUEST_FAILED);
- break;
- case 1:/*nothing*/
- msg[0]='\0';
- }
- if (*msg)
- {
- ERR_add_error_data(1,msg);
- if (logstream)
- {
- CRYPTO_w_lock(CRYPTO_LOCK_BIO);
- BIO_write(logstream, msg, strlen(msg));
- CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
- }
- }
-}
-
-static int surewarehk_rand_bytes(unsigned char *buf, int num)
-{
- int ret=0;
- char msg[64]="ENGINE_rand_bytes";
- if(!p_surewarehk_Rand_Bytes)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_BYTES,ENGINE_R_NOT_INITIALISED);
- }
- else
- {
- ret = p_surewarehk_Rand_Bytes(msg,buf, num);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_BYTES,ret);
- }
- return ret==1 ? 1 : 0;
-}
-
-static void surewarehk_rand_seed(const void *buf, int num)
-{
- int ret=0;
- char msg[64]="ENGINE_rand_seed";
- if(!p_surewarehk_Rand_Seed)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED,ENGINE_R_NOT_INITIALISED);
- }
- else
- {
- ret = p_surewarehk_Rand_Seed(msg,buf, num);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RAND_SEED,ret);
- }
-}
-
-static void surewarehk_rand_add(const void *buf, int num, double entropy)
-{
- surewarehk_rand_seed(buf,num);
-}
-
-static EVP_PKEY* sureware_load_public(ENGINE *e,const char *key_id,char *hptr,unsigned long el,char keytype)
-{
- EVP_PKEY *res = NULL;
-#ifndef OPENSSL_NO_RSA
- RSA *rsatmp = NULL;
-#endif
-#ifndef OPENSSL_NO_DSA
- DSA *dsatmp=NULL;
-#endif
- char msg[64]="sureware_load_public";
- int ret=0;
- if(!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED);
- goto err;
- }
- switch (keytype)
- {
-#ifndef OPENSSL_NO_RSA
- case 1: /*RSA*/
- /* set private external reference */
- rsatmp = RSA_new_method(e);
- RSA_set_ex_data(rsatmp,rsaHndidx,hptr);
- rsatmp->flags |= RSA_FLAG_EXT_PKEY;
-
- /* set public big nums*/
- rsatmp->e = BN_new();
- rsatmp->n = BN_new();
- bn_expand2(rsatmp->e, el/sizeof(BN_ULONG));
- bn_expand2(rsatmp->n, el/sizeof(BN_ULONG));
- if (!rsatmp->e || rsatmp->e->dmax!=(int)(el/sizeof(BN_ULONG))||
- !rsatmp->n || rsatmp->n->dmax!=(int)(el/sizeof(BN_ULONG)))
- goto err;
- ret=p_surewarehk_Load_Rsa_Pubkey(msg,key_id,el,
- (unsigned long *)rsatmp->n->d,
- (unsigned long *)rsatmp->e->d);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret);
- if (ret!=1)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
- goto err;
- }
- /* normalise pub e and pub n */
- rsatmp->e->top=el/sizeof(BN_ULONG);
- bn_fix_top(rsatmp->e);
- rsatmp->n->top=el/sizeof(BN_ULONG);
- bn_fix_top(rsatmp->n);
- /* create an EVP object: engine + rsa key */
- res = EVP_PKEY_new();
- EVP_PKEY_assign_RSA(res, rsatmp);
- break;
-#endif
-
-#ifndef OPENSSL_NO_DSA
- case 2:/*DSA*/
- /* set private/public external reference */
- dsatmp = DSA_new_method(e);
- DSA_set_ex_data(dsatmp,dsaHndidx,hptr);
- /*dsatmp->flags |= DSA_FLAG_EXT_PKEY;*/
-
- /* set public key*/
- dsatmp->pub_key = BN_new();
- dsatmp->p = BN_new();
- dsatmp->q = BN_new();
- dsatmp->g = BN_new();
- bn_expand2(dsatmp->pub_key, el/sizeof(BN_ULONG));
- bn_expand2(dsatmp->p, el/sizeof(BN_ULONG));
- bn_expand2(dsatmp->q, 20/sizeof(BN_ULONG));
- bn_expand2(dsatmp->g, el/sizeof(BN_ULONG));
- if (!dsatmp->pub_key || dsatmp->pub_key->dmax!=(int)(el/sizeof(BN_ULONG))||
- !dsatmp->p || dsatmp->p->dmax!=(int)(el/sizeof(BN_ULONG)) ||
- !dsatmp->q || dsatmp->q->dmax!=20/sizeof(BN_ULONG) ||
- !dsatmp->g || dsatmp->g->dmax!=(int)(el/sizeof(BN_ULONG)))
- goto err;
-
- ret=p_surewarehk_Load_Dsa_Pubkey(msg,key_id,el,
- (unsigned long *)dsatmp->pub_key->d,
- (unsigned long *)dsatmp->p->d,
- (unsigned long *)dsatmp->q->d,
- (unsigned long *)dsatmp->g->d);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ret);
- if (ret!=1)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
- goto err;
- }
- /* set parameters */
- /* normalise pubkey and parameters in case of */
- dsatmp->pub_key->top=el/sizeof(BN_ULONG);
- bn_fix_top(dsatmp->pub_key);
- dsatmp->p->top=el/sizeof(BN_ULONG);
- bn_fix_top(dsatmp->p);
- dsatmp->q->top=20/sizeof(BN_ULONG);
- bn_fix_top(dsatmp->q);
- dsatmp->g->top=el/sizeof(BN_ULONG);
- bn_fix_top(dsatmp->g);
-
- /* create an EVP object: engine + rsa key */
- res = EVP_PKEY_new();
- EVP_PKEY_assign_DSA(res, dsatmp);
- break;
-#endif
-
- default:
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
- goto err;
- }
- return res;
- err:
- if (res)
- EVP_PKEY_free(res);
-#ifndef OPENSSL_NO_RSA
- if (rsatmp)
- RSA_free(rsatmp);
-#endif
-#ifndef OPENSSL_NO_DSA
- if (dsatmp)
- DSA_free(dsatmp);
-#endif
- return NULL;
-}
-
-static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method, void *callback_data)
-{
- EVP_PKEY *res = NULL;
- int ret=0;
- unsigned long el=0;
- char *hptr=NULL;
- char keytype=0;
- char msg[64]="ENGINE_load_privkey";
-
- if(!p_surewarehk_Load_Privkey)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_NOT_INITIALISED);
- }
- else
- {
- ret=p_surewarehk_Load_Privkey(msg,key_id,&hptr,&el,&keytype);
- if (ret!=1)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVATE_KEY,ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
- ERR_add_error_data(1,msg);
- }
- else
- res=sureware_load_public(e,key_id,hptr,el,keytype);
- }
- return res;
-}
-
-static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
- UI_METHOD *ui_method, void *callback_data)
-{
- EVP_PKEY *res = NULL;
- int ret=0;
- unsigned long el=0;
- char *hptr=NULL;
- char keytype=0;
- char msg[64]="ENGINE_load_pubkey";
-
- if(!p_surewarehk_Info_Pubkey)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_NOT_INITIALISED);
- }
- else
- {
- /* call once to identify if DSA or RSA */
- ret=p_surewarehk_Info_Pubkey(msg,key_id,&el,&keytype);
- if (ret!=1)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBLIC_KEY,ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
- ERR_add_error_data(1,msg);
- }
- else
- res=sureware_load_public(e,key_id,hptr,el,keytype);
- }
- return res;
-}
-
-/* This cleans up an RSA/DSA KM key(do not destroy the key into the hardware)
-, called when ex_data is freed */
-static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int idx,long argl, void *argp)
-{
- if(!p_surewarehk_Free)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE,ENGINE_R_NOT_INITIALISED);
- }
- else
- p_surewarehk_Free((char *)item,0);
-}
-
-#if 0
-/* This cleans up an DH KM key (destroys the key into hardware),
-called when ex_data is freed */
-static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
- int idx,long argl, void *argp)
-{
- if(!p_surewarehk_Free)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE,ENGINE_R_NOT_INITIALISED);
- }
- else
- p_surewarehk_Free((char *)item,1);
-}
-#endif
-
-/*
-* return number of decrypted bytes
-*/
-#ifndef OPENSSL_NO_RSA
-static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned char *to,
- RSA *rsa,int padding)
-{
- int ret=0,tlen;
- char *buf=NULL,*hptr=NULL;
- char msg[64]="ENGINE_rsa_priv_dec";
- if (!p_surewarehk_Rsa_Priv_Dec)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ENGINE_R_NOT_INITIALISED);
- }
- /* extract ref to private key */
- else if (!(hptr=RSA_get_ex_data(rsa, rsaHndidx)))
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,SUREWARE_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
- /* analyse what padding we can do into the hardware */
- if (padding==RSA_PKCS1_PADDING)
- {
- /* do it one shot */
- ret=p_surewarehk_Rsa_Priv_Dec(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_PKCS1_PAD);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ret);
- if (ret!=1)
- goto err;
- ret=tlen;
- }
- else /* do with no padding into hardware */
- {
- ret=p_surewarehk_Rsa_Priv_Dec(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_NO_PAD);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ret);
- if (ret!=1)
- goto err;
- /* intermediate buffer for padding */
- if ((buf=OPENSSL_malloc(tlen)) == NULL)
- {
- RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- memcpy(buf,to,tlen);/* transfert to into buf */
- switch (padding) /* check padding in software */
- {
-#ifndef OPENSSL_NO_SHA
- case RSA_PKCS1_OAEP_PADDING:
- ret=RSA_padding_check_PKCS1_OAEP(to,tlen,(unsigned char *)buf,tlen,tlen,NULL,0);
- break;
-#endif
- case RSA_SSLV23_PADDING:
- ret=RSA_padding_check_SSLv23(to,tlen,(unsigned char *)buf,flen,tlen);
- break;
- case RSA_NO_PADDING:
- ret=RSA_padding_check_none(to,tlen,(unsigned char *)buf,flen,tlen);
- break;
- default:
- RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_UNKNOWN_PADDING_TYPE);
- goto err;
- }
- if (ret < 0)
- RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,RSA_R_PADDING_CHECK_FAILED);
- }
-err:
- if (buf)
- {
- OPENSSL_cleanse(buf,tlen);
- OPENSSL_free(buf);
- }
- return ret;
-}
-
-/*
-* Does what OpenSSL rsa_priv_enc does.
-*/
-static int surewarehk_rsa_sign(int flen,const unsigned char *from,unsigned char *to,
- RSA *rsa,int padding)
-{
- int ret=0,tlen;
- char *hptr=NULL;
- char msg[64]="ENGINE_rsa_sign";
- if (!p_surewarehk_Rsa_Sign)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ENGINE_R_NOT_INITIALISED);
- }
- /* extract ref to private key */
- else if (!(hptr=RSA_get_ex_data(rsa, rsaHndidx)))
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,SUREWARE_R_MISSING_KEY_COMPONENTS);
- }
- else
- {
- switch (padding)
- {
- case RSA_PKCS1_PADDING: /* do it in one shot */
- ret=p_surewarehk_Rsa_Sign(msg,flen,(unsigned char *)from,&tlen,to,hptr,SUREWARE_PKCS1_PAD);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,ret);
- break;
- case RSA_NO_PADDING:
- default:
- RSAerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_ENC,RSA_R_UNKNOWN_PADDING_TYPE);
- }
- }
- return ret==1 ? tlen : ret;
-}
-
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* DSA sign and verify */
-static DSA_SIG * surewarehk_dsa_do_sign(const unsigned char *from, int flen, DSA *dsa)
-{
- int ret=0;
- char *hptr=NULL;
- DSA_SIG *psign=NULL;
- char msg[64]="ENGINE_dsa_do_sign";
- if (!p_surewarehk_Dsa_Sign)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ENGINE_R_NOT_INITIALISED);
- }
- /* extract ref to private key */
- else if (!(hptr=DSA_get_ex_data(dsa, dsaHndidx)))
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,SUREWARE_R_MISSING_KEY_COMPONENTS);
- }
- else
- {
- if((psign = DSA_SIG_new()) == NULL)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ERR_R_MALLOC_FAILURE);
- goto err;
- }
- psign->r=BN_new();
- psign->s=BN_new();
- bn_expand2(psign->r, 20/sizeof(BN_ULONG));
- bn_expand2(psign->s, 20/sizeof(BN_ULONG));
- if (!psign->r || psign->r->dmax!=20/sizeof(BN_ULONG) ||
- !psign->s || psign->s->dmax!=20/sizeof(BN_ULONG))
- goto err;
- ret=p_surewarehk_Dsa_Sign(msg,flen,from,
- (unsigned long *)psign->r->d,
- (unsigned long *)psign->s->d,
- hptr);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,ret);
- }
- psign->r->top=20/sizeof(BN_ULONG);
- bn_fix_top(psign->r);
- psign->s->top=20/sizeof(BN_ULONG);
- bn_fix_top(psign->s);
-
-err:
- if (psign)
- {
- DSA_SIG_free(psign);
- psign=NULL;
- }
- return psign;
-}
-#endif
-
-static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
-{
- int ret=0;
- char msg[64]="ENGINE_modexp";
- if (!p_surewarehk_Mod_Exp)
- {
- SUREWAREerr(SUREWARE_F_SUREWAREHK_MOD_EXP,ENGINE_R_NOT_INITIALISED);
- }
- else
- {
- bn_expand2(r,m->top);
- if (r && r->dmax==m->top)
- {
- /* do it*/
- ret=p_surewarehk_Mod_Exp(msg,
- m->top*sizeof(BN_ULONG),
- (unsigned long *)m->d,
- p->top*sizeof(BN_ULONG),
- (unsigned long *)p->d,
- a->top*sizeof(BN_ULONG),
- (unsigned long *)a->d,
- (unsigned long *)r->d);
- surewarehk_error_handling(msg,SUREWARE_F_SUREWAREHK_MOD_EXP,ret);
- if (ret==1)
- {
- /* normalise result */
- r->top=m->top;
- bn_fix_top(r);
- }
- }
- }
- return ret;
-}
-#endif /* !OPENSSL_NO_HW_SureWare */
-#endif /* !OPENSSL_NO_HW */
--- crypto/openssl/crypto/engine/hw_ubsec.c
+++ /dev/null
@@ -1,1060 +0,0 @@
-/* crypto/engine/hw_ubsec.c */
-/* Written by Geoff Thorpe (geoff at geoffthorpe.net) for the OpenSSL
- * project 2000.
- *
- * Cloned shamelessly by Joe Tardo.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_UBSEC
-
-#ifdef FLAT_INC
-#include "hw_ubsec.h"
-#else
-#include "vendor_defns/hw_ubsec.h"
-#endif
-
-#define UBSEC_LIB_NAME "ubsec engine"
-#include "hw_ubsec_err.c"
-
-#define FAIL_TO_SOFTWARE -15
-
-static int ubsec_destroy(ENGINE *e);
-static int ubsec_init(ENGINE *e);
-static int ubsec_finish(ENGINE *e);
-static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
-static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx);
-static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dp,
- const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx);
-#ifndef OPENSSL_NO_RSA
-static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
-#endif
-static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-#ifndef OPENSSL_NO_DSA
-#ifdef NOT_USED
-static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont);
-static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-#endif
-static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa);
-#endif
-#ifndef OPENSSL_NO_DH
-static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx);
-static int ubsec_dh_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-static int ubsec_dh_generate_key(DH *dh);
-#endif
-
-#ifdef NOT_USED
-static int ubsec_rand_bytes(unsigned char *buf, int num);
-static int ubsec_rand_status(void);
-#endif
-
-#define UBSEC_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN ubsec_cmd_defns[] = {
- {UBSEC_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'ubsec' shared library",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
- };
-
-#ifndef OPENSSL_NO_RSA
-/* Our internal RSA_METHOD that we provide pointers to */
-static RSA_METHOD ubsec_rsa =
- {
- "UBSEC RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- ubsec_rsa_mod_exp,
- ubsec_mod_exp_mont,
- NULL,
- NULL,
- 0,
- NULL,
- NULL,
- NULL
- };
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* Our internal DSA_METHOD that we provide pointers to */
-static DSA_METHOD ubsec_dsa =
- {
- "UBSEC DSA method",
- ubsec_dsa_do_sign, /* dsa_do_sign */
- NULL, /* dsa_sign_setup */
- ubsec_dsa_verify, /* dsa_do_verify */
- NULL, /* ubsec_dsa_mod_exp */ /* dsa_mod_exp */
- NULL, /* ubsec_mod_exp_dsa */ /* bn_mod_exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL /* app_data */
- };
-#endif
-
-#ifndef OPENSSL_NO_DH
-/* Our internal DH_METHOD that we provide pointers to */
-static DH_METHOD ubsec_dh =
- {
- "UBSEC DH method",
- ubsec_dh_generate_key,
- ubsec_dh_compute_key,
- ubsec_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL
- };
-#endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_ubsec_id = "ubsec";
-static const char *engine_ubsec_name = "UBSEC hardware engine support";
-
-/* This internal function is used by ENGINE_ubsec() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
- {
-#ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DH
-#ifndef HAVE_UBSEC_DH
- const DH_METHOD *meth3;
-#endif /* HAVE_UBSEC_DH */
-#endif
- if(!ENGINE_set_id(e, engine_ubsec_id) ||
- !ENGINE_set_name(e, engine_ubsec_name) ||
-#ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &ubsec_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &ubsec_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &ubsec_dh) ||
-#endif
- !ENGINE_set_destroy_function(e, ubsec_destroy) ||
- !ENGINE_set_init_function(e, ubsec_init) ||
- !ENGINE_set_finish_function(e, ubsec_finish) ||
- !ENGINE_set_ctrl_function(e, ubsec_ctrl) ||
- !ENGINE_set_cmd_defns(e, ubsec_cmd_defns))
- return 0;
-
-#ifndef OPENSSL_NO_RSA
- /* We know that the "PKCS1_SSLeay()" functions hook properly
- * to the Broadcom-specific mod_exp and mod_exp_crt so we use
- * those functions. NB: We don't use ENGINE_openssl() or
- * anything "more generic" because something like the RSAref
- * code may not hook properly, and if you own one of these
- * cards then you have the right to do RSA operations on it
- * anyway! */
- meth1 = RSA_PKCS1_SSLeay();
- ubsec_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
- ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
- ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
- ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
-#endif
-
-#ifndef OPENSSL_NO_DH
-#ifndef HAVE_UBSEC_DH
- /* Much the same for Diffie-Hellman */
- meth3 = DH_OpenSSL();
- ubsec_dh.generate_key = meth3->generate_key;
- ubsec_dh.compute_key = meth3->compute_key;
-#endif /* HAVE_UBSEC_DH */
-#endif
-
- /* Ensure the ubsec error handling is set up */
- ERR_load_UBSEC_strings();
- return 1;
- }
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_ubsec(void)
- {
- ENGINE *ret = ENGINE_new();
- if(!ret)
- return NULL;
- if(!bind_helper(ret))
- {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
- }
-
-void ENGINE_load_ubsec(void)
- {
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_ubsec();
- if(!toadd) return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
- }
-#endif
-
-/* This is a process-global DSO handle used for loading and unloading
- * the UBSEC library. NB: This is only set (or unset) during an
- * init() or finish() call (reference counts permitting) and they're
- * operating with global locks, so this should be thread-safe
- * implicitly. */
-
-static DSO *ubsec_dso = NULL;
-
-/* These are the function pointers that are (un)set when the library has
- * successfully (un)loaded. */
-
-static t_UBSEC_ubsec_bytes_to_bits *p_UBSEC_ubsec_bytes_to_bits = NULL;
-static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL;
-static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL;
-static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL;
-#ifndef OPENSSL_NO_DH
-static t_UBSEC_diffie_hellman_generate_ioctl
- *p_UBSEC_diffie_hellman_generate_ioctl = NULL;
-static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl = NULL;
-#endif
-/* #ifndef OPENSSL_NO_RSA */
-static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL;
-static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-/* #endif */
-#ifndef OPENSSL_NO_DSA
-static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL;
-static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL;
-#endif
-static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL;
-static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL;
-static t_UBSEC_max_key_len_ioctl *p_UBSEC_max_key_len_ioctl = NULL;
-
-static int max_key_len = 1024; /* ??? */
-
-/*
- * These are the static string constants for the DSO file name and the function
- * symbol names to bind to.
- */
-
-static const char *UBSEC_LIBNAME = NULL;
-static const char *get_UBSEC_LIBNAME(void)
- {
- if(UBSEC_LIBNAME)
- return UBSEC_LIBNAME;
- return "ubsec";
- }
-static void free_UBSEC_LIBNAME(void)
- {
- if(UBSEC_LIBNAME)
- OPENSSL_free((void*)UBSEC_LIBNAME);
- UBSEC_LIBNAME = NULL;
- }
-static long set_UBSEC_LIBNAME(const char *name)
- {
- free_UBSEC_LIBNAME();
- return (((UBSEC_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
- }
-static const char *UBSEC_F1 = "ubsec_bytes_to_bits";
-static const char *UBSEC_F2 = "ubsec_bits_to_bytes";
-static const char *UBSEC_F3 = "ubsec_open";
-static const char *UBSEC_F4 = "ubsec_close";
-#ifndef OPENSSL_NO_DH
-static const char *UBSEC_F5 = "diffie_hellman_generate_ioctl";
-static const char *UBSEC_F6 = "diffie_hellman_agree_ioctl";
-#endif
-/* #ifndef OPENSSL_NO_RSA */
-static const char *UBSEC_F7 = "rsa_mod_exp_ioctl";
-static const char *UBSEC_F8 = "rsa_mod_exp_crt_ioctl";
-/* #endif */
-#ifndef OPENSSL_NO_DSA
-static const char *UBSEC_F9 = "dsa_sign_ioctl";
-static const char *UBSEC_F10 = "dsa_verify_ioctl";
-#endif
-static const char *UBSEC_F11 = "math_accelerate_ioctl";
-static const char *UBSEC_F12 = "rng_ioctl";
-static const char *UBSEC_F13 = "ubsec_max_key_len_ioctl";
-
-/* Destructor (complements the "ENGINE_ubsec()" constructor) */
-static int ubsec_destroy(ENGINE *e)
- {
- free_UBSEC_LIBNAME();
- ERR_unload_UBSEC_strings();
- return 1;
- }
-
-/* (de)initialisation functions. */
-static int ubsec_init(ENGINE *e)
- {
- t_UBSEC_ubsec_bytes_to_bits *p1;
- t_UBSEC_ubsec_bits_to_bytes *p2;
- t_UBSEC_ubsec_open *p3;
- t_UBSEC_ubsec_close *p4;
-#ifndef OPENSSL_NO_DH
- t_UBSEC_diffie_hellman_generate_ioctl *p5;
- t_UBSEC_diffie_hellman_agree_ioctl *p6;
-#endif
-/* #ifndef OPENSSL_NO_RSA */
- t_UBSEC_rsa_mod_exp_ioctl *p7;
- t_UBSEC_rsa_mod_exp_crt_ioctl *p8;
-/* #endif */
-#ifndef OPENSSL_NO_DSA
- t_UBSEC_dsa_sign_ioctl *p9;
- t_UBSEC_dsa_verify_ioctl *p10;
-#endif
- t_UBSEC_math_accelerate_ioctl *p11;
- t_UBSEC_rng_ioctl *p12;
- t_UBSEC_max_key_len_ioctl *p13;
- int fd = 0;
-
- if(ubsec_dso != NULL)
- {
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_ALREADY_LOADED);
- goto err;
- }
- /*
- * Attempt to load libubsec.so/ubsec.dll/whatever.
- */
- ubsec_dso = DSO_load(NULL, get_UBSEC_LIBNAME(), NULL, 0);
- if(ubsec_dso == NULL)
- {
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
- goto err;
- }
-
- if (
- !(p1 = (t_UBSEC_ubsec_bytes_to_bits *) DSO_bind_func(ubsec_dso, UBSEC_F1)) ||
- !(p2 = (t_UBSEC_ubsec_bits_to_bytes *) DSO_bind_func(ubsec_dso, UBSEC_F2)) ||
- !(p3 = (t_UBSEC_ubsec_open *) DSO_bind_func(ubsec_dso, UBSEC_F3)) ||
- !(p4 = (t_UBSEC_ubsec_close *) DSO_bind_func(ubsec_dso, UBSEC_F4)) ||
-#ifndef OPENSSL_NO_DH
- !(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F5)) ||
- !(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F6)) ||
-#endif
-/* #ifndef OPENSSL_NO_RSA */
- !(p7 = (t_UBSEC_rsa_mod_exp_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F7)) ||
- !(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F8)) ||
-/* #endif */
-#ifndef OPENSSL_NO_DSA
- !(p9 = (t_UBSEC_dsa_sign_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F9)) ||
- !(p10 = (t_UBSEC_dsa_verify_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F10)) ||
-#endif
- !(p11 = (t_UBSEC_math_accelerate_ioctl *)
- DSO_bind_func(ubsec_dso, UBSEC_F11)) ||
- !(p12 = (t_UBSEC_rng_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F12)) ||
- !(p13 = (t_UBSEC_max_key_len_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F13)))
- {
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
- goto err;
- }
-
- /* Copy the pointers */
- p_UBSEC_ubsec_bytes_to_bits = p1;
- p_UBSEC_ubsec_bits_to_bytes = p2;
- p_UBSEC_ubsec_open = p3;
- p_UBSEC_ubsec_close = p4;
-#ifndef OPENSSL_NO_DH
- p_UBSEC_diffie_hellman_generate_ioctl = p5;
- p_UBSEC_diffie_hellman_agree_ioctl = p6;
-#endif
-#ifndef OPENSSL_NO_RSA
- p_UBSEC_rsa_mod_exp_ioctl = p7;
- p_UBSEC_rsa_mod_exp_crt_ioctl = p8;
-#endif
-#ifndef OPENSSL_NO_DSA
- p_UBSEC_dsa_sign_ioctl = p9;
- p_UBSEC_dsa_verify_ioctl = p10;
-#endif
- p_UBSEC_math_accelerate_ioctl = p11;
- p_UBSEC_rng_ioctl = p12;
- p_UBSEC_max_key_len_ioctl = p13;
-
- /* Perform an open to see if there's actually any unit running. */
- if (((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) > 0) && (p_UBSEC_max_key_len_ioctl(fd, &max_key_len) == 0))
- {
- p_UBSEC_ubsec_close(fd);
- return 1;
- }
- else
- {
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
- }
-
-err:
- if(ubsec_dso)
- DSO_free(ubsec_dso);
- p_UBSEC_ubsec_bytes_to_bits = NULL;
- p_UBSEC_ubsec_bits_to_bytes = NULL;
- p_UBSEC_ubsec_open = NULL;
- p_UBSEC_ubsec_close = NULL;
-#ifndef OPENSSL_NO_DH
- p_UBSEC_diffie_hellman_generate_ioctl = NULL;
- p_UBSEC_diffie_hellman_agree_ioctl = NULL;
-#endif
-#ifndef OPENSSL_NO_RSA
- p_UBSEC_rsa_mod_exp_ioctl = NULL;
- p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-#endif
-#ifndef OPENSSL_NO_DSA
- p_UBSEC_dsa_sign_ioctl = NULL;
- p_UBSEC_dsa_verify_ioctl = NULL;
-#endif
- p_UBSEC_math_accelerate_ioctl = NULL;
- p_UBSEC_rng_ioctl = NULL;
- p_UBSEC_max_key_len_ioctl = NULL;
-
- return 0;
- }
-
-static int ubsec_finish(ENGINE *e)
- {
- free_UBSEC_LIBNAME();
- if(ubsec_dso == NULL)
- {
- UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED);
- return 0;
- }
- if(!DSO_free(ubsec_dso))
- {
- UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_DSO_FAILURE);
- return 0;
- }
- ubsec_dso = NULL;
- p_UBSEC_ubsec_bytes_to_bits = NULL;
- p_UBSEC_ubsec_bits_to_bytes = NULL;
- p_UBSEC_ubsec_open = NULL;
- p_UBSEC_ubsec_close = NULL;
-#ifndef OPENSSL_NO_DH
- p_UBSEC_diffie_hellman_generate_ioctl = NULL;
- p_UBSEC_diffie_hellman_agree_ioctl = NULL;
-#endif
-#ifndef OPENSSL_NO_RSA
- p_UBSEC_rsa_mod_exp_ioctl = NULL;
- p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-#endif
-#ifndef OPENSSL_NO_DSA
- p_UBSEC_dsa_sign_ioctl = NULL;
- p_UBSEC_dsa_verify_ioctl = NULL;
-#endif
- p_UBSEC_math_accelerate_ioctl = NULL;
- p_UBSEC_rng_ioctl = NULL;
- p_UBSEC_max_key_len_ioctl = NULL;
- return 1;
- }
-
-static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
- {
- int initialised = ((ubsec_dso == NULL) ? 0 : 1);
- switch(cmd)
- {
- case UBSEC_CMD_SO_PATH:
- if(p == NULL)
- {
- UBSECerr(UBSEC_F_UBSEC_CTRL,ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if(initialised)
- {
- UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_ALREADY_LOADED);
- return 0;
- }
- return set_UBSEC_LIBNAME((const char *)p);
- default:
- break;
- }
- UBSECerr(UBSEC_F_UBSEC_CTRL,UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- return 0;
- }
-
-static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx)
- {
- int y_len = 0;
- int fd;
-
- if(ubsec_dso == NULL)
- {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_NOT_LOADED);
- return 0;
- }
-
- /* Check if hardware can't handle this argument. */
- y_len = BN_num_bits(m);
- if (y_len > max_key_len) {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- if(!bn_wexpand(r, m->top))
- {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_BN_EXPAND_FAIL);
- return 0;
- }
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
- fd = 0;
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- if (p_UBSEC_rsa_mod_exp_ioctl(fd, (unsigned char *)a->d, BN_num_bits(a),
- (unsigned char *)m->d, BN_num_bits(m), (unsigned char *)p->d,
- BN_num_bits(p), (unsigned char *)r->d, &y_len) != 0)
- {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
-
- return BN_mod_exp(r, a, p, m, ctx);
- }
-
- p_UBSEC_ubsec_close(fd);
-
- r->top = (BN_num_bits(m)+BN_BITS2-1)/BN_BITS2;
- return 1;
- }
-
-#ifndef OPENSSL_NO_RSA
-static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
- {
- BN_CTX *ctx;
- int to_return = 0;
-
- if((ctx = BN_CTX_new()) == NULL)
- goto err;
-
- if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp)
- {
- UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP, UBSEC_R_MISSING_KEY_COMPONENTS);
- goto err;
- }
-
- to_return = ubsec_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
- rsa->dmq1, rsa->iqmp, ctx);
- if (to_return == FAIL_TO_SOFTWARE)
- {
- /*
- * Do in software as hardware failed.
- */
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- to_return = (*meth->rsa_mod_exp)(r0, I, rsa);
- }
-err:
- if(ctx)
- BN_CTX_free(ctx);
- return to_return;
- }
-#endif
-
-static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *q, const BIGNUM *dp,
- const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx)
- {
- int y_len,
- m_len,
- fd;
-
- m_len = BN_num_bytes(p) + BN_num_bytes(q) + 1;
- y_len = BN_num_bits(p) + BN_num_bits(q);
-
- /* Check if hardware can't handle this argument. */
- if (y_len > max_key_len) {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
- return FAIL_TO_SOFTWARE;
- }
-
- if (!bn_wexpand(r, p->top + q->top + 1)) {
- UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL);
- return 0;
- }
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
- fd = 0;
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
- return FAIL_TO_SOFTWARE;
- }
-
- if (p_UBSEC_rsa_mod_exp_crt_ioctl(fd,
- (unsigned char *)a->d, BN_num_bits(a),
- (unsigned char *)qinv->d, BN_num_bits(qinv),
- (unsigned char *)dp->d, BN_num_bits(dp),
- (unsigned char *)p->d, BN_num_bits(p),
- (unsigned char *)dq->d, BN_num_bits(dq),
- (unsigned char *)q->d, BN_num_bits(q),
- (unsigned char *)r->d, &y_len) != 0) {
- UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
- return FAIL_TO_SOFTWARE;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1)/BN_BITS2;
- return 1;
-}
-
-#ifndef OPENSSL_NO_DSA
-#ifdef NOT_USED
-static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont)
- {
- BIGNUM t;
- int to_return = 0;
-
- BN_init(&t);
- /* let rr = a1 ^ p1 mod m */
- if (!ubsec_mod_exp(rr,a1,p1,m,ctx)) goto end;
- /* let t = a2 ^ p2 mod m */
- if (!ubsec_mod_exp(&t,a2,p2,m,ctx)) goto end;
- /* let rr = rr * t mod m */
- if (!BN_mod_mul(rr,rr,&t,m,ctx)) goto end;
- to_return = 1;
-end:
- BN_free(&t);
- return to_return;
- }
-
-static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
- {
- return ubsec_mod_exp(r, a, p, m, ctx);
- }
-#endif
-#endif
-
-/*
- * This function is aliased to mod_exp (with the mont stuff dropped).
- */
-static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
- {
- int ret = 0;
-
-#ifndef OPENSSL_NO_RSA
- /* Do in software if the key is too large for the hardware. */
- if (BN_num_bits(m) > max_key_len)
- {
- const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
- ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx);
- }
- else
-#endif
- {
- ret = ubsec_mod_exp(r, a, p, m, ctx);
- }
-
- return ret;
- }
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
- {
- return ubsec_mod_exp(r, a, p, m, ctx);
- }
-#endif
-
-#ifndef OPENSSL_NO_DSA
-static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
- {
- DSA_SIG *to_return = NULL;
- int s_len = 160, r_len = 160, d_len, fd;
- BIGNUM m, *r=NULL, *s=NULL;
-
- BN_init(&m);
-
- s = BN_new();
- r = BN_new();
- if ((s == NULL) || (r==NULL))
- goto err;
-
- d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dlen);
-
- if(!bn_wexpand(r, (160+BN_BITS2-1)/BN_BITS2) ||
- (!bn_wexpand(s, (160+BN_BITS2-1)/BN_BITS2))) {
- UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
- goto err;
- }
-
- if (BN_bin2bn(dgst,dlen,&m) == NULL) {
- UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
- goto err;
- }
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
- const DSA_METHOD *meth;
- fd = 0;
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
- meth = DSA_OpenSSL();
- to_return = meth->dsa_do_sign(dgst, dlen, dsa);
- goto err;
- }
-
- if (p_UBSEC_dsa_sign_ioctl(fd, 0, /* compute hash before signing */
- (unsigned char *)dgst, d_len,
- NULL, 0, /* compute random value */
- (unsigned char *)dsa->p->d, BN_num_bits(dsa->p),
- (unsigned char *)dsa->q->d, BN_num_bits(dsa->q),
- (unsigned char *)dsa->g->d, BN_num_bits(dsa->g),
- (unsigned char *)dsa->priv_key->d, BN_num_bits(dsa->priv_key),
- (unsigned char *)r->d, &r_len,
- (unsigned char *)s->d, &s_len ) != 0) {
- const DSA_METHOD *meth;
-
- UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
- meth = DSA_OpenSSL();
- to_return = meth->dsa_do_sign(dgst, dlen, dsa);
-
- goto err;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- r->top = (160+BN_BITS2-1)/BN_BITS2;
- s->top = (160+BN_BITS2-1)/BN_BITS2;
-
- to_return = DSA_SIG_new();
- if(to_return == NULL) {
- UBSECerr(UBSEC_F_UBSEC_DSA_SIGN, UBSEC_R_BN_EXPAND_FAIL);
- goto err;
- }
-
- to_return->r = r;
- to_return->s = s;
-
-err:
- if (!to_return) {
- if (r) BN_free(r);
- if (s) BN_free(s);
- }
- BN_clear_free(&m);
- return to_return;
-}
-
-static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
- DSA_SIG *sig, DSA *dsa)
- {
- int v_len, d_len;
- int to_return = 0;
- int fd;
- BIGNUM v;
-
- BN_init(&v);
-
- if(!bn_wexpand(&v, dsa->p->top)) {
- UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY ,UBSEC_R_BN_EXPAND_FAIL);
- goto err;
- }
-
- v_len = BN_num_bits(dsa->p);
-
- d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dgst_len);
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
- const DSA_METHOD *meth;
- fd = 0;
- UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
- meth = DSA_OpenSSL();
- to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
- goto err;
- }
-
- if (p_UBSEC_dsa_verify_ioctl(fd, 0, /* compute hash before signing */
- (unsigned char *)dgst, d_len,
- (unsigned char *)dsa->p->d, BN_num_bits(dsa->p),
- (unsigned char *)dsa->q->d, BN_num_bits(dsa->q),
- (unsigned char *)dsa->g->d, BN_num_bits(dsa->g),
- (unsigned char *)dsa->pub_key->d, BN_num_bits(dsa->pub_key),
- (unsigned char *)sig->r->d, BN_num_bits(sig->r),
- (unsigned char *)sig->s->d, BN_num_bits(sig->s),
- (unsigned char *)v.d, &v_len) != 0) {
- const DSA_METHOD *meth;
- UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY , UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
-
- meth = DSA_OpenSSL();
- to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
-
- goto err;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- to_return = 1;
-err:
- BN_clear_free(&v);
- return to_return;
- }
-#endif
-
-#ifndef OPENSSL_NO_DH
-static int ubsec_dh_compute_key (unsigned char *key,const BIGNUM *pub_key,DH *dh)
- {
- int ret = -1,
- k_len,
- fd;
-
- k_len = BN_num_bits(dh->p);
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
- {
- const DH_METHOD *meth;
- ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
- meth = DH_OpenSSL();
- ret = meth->compute_key(key, pub_key, dh);
- goto err;
- }
-
- if (p_UBSEC_diffie_hellman_agree_ioctl(fd,
- (unsigned char *)dh->priv_key->d, BN_num_bits(dh->priv_key),
- (unsigned char *)pub_key->d, BN_num_bits(pub_key),
- (unsigned char *)dh->p->d, BN_num_bits(dh->p),
- key, &k_len) != 0)
- {
- /* Hardware's a no go, failover to software */
- const DH_METHOD *meth;
- ENGINEerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
-
- meth = DH_OpenSSL();
- ret = meth->compute_key(key, pub_key, dh);
-
- goto err;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- ret = p_UBSEC_ubsec_bits_to_bytes(k_len);
-err:
- return ret;
- }
-
-static int ubsec_dh_generate_key (DH *dh)
- {
- int ret = 0,
- random_bits = 0,
- pub_key_len = 0,
- priv_key_len = 0,
- fd;
- BIGNUM *pub_key = NULL;
- BIGNUM *priv_key = NULL;
-
- /*
- * How many bits should Random x be? dh_key.c
- * sets the range from 0 to num_bits(modulus) ???
- */
-
- if (dh->priv_key == NULL)
- {
- priv_key = BN_new();
- if (priv_key == NULL) goto err;
- priv_key_len = BN_num_bits(dh->p);
- bn_wexpand(priv_key, dh->p->top);
- do
- if (!BN_rand_range(priv_key, dh->p)) goto err;
- while (BN_is_zero(priv_key));
- random_bits = BN_num_bits(priv_key);
- }
- else
- {
- priv_key = dh->priv_key;
- }
-
- if (dh->pub_key == NULL)
- {
- pub_key = BN_new();
- pub_key_len = BN_num_bits(dh->p);
- bn_wexpand(pub_key, dh->p->top);
- if(pub_key == NULL) goto err;
- }
- else
- {
- pub_key = dh->pub_key;
- }
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
- {
- const DH_METHOD *meth;
- ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
- meth = DH_OpenSSL();
- ret = meth->generate_key(dh);
- goto err;
- }
-
- if (p_UBSEC_diffie_hellman_generate_ioctl(fd,
- (unsigned char *)priv_key->d, &priv_key_len,
- (unsigned char *)pub_key->d, &pub_key_len,
- (unsigned char *)dh->g->d, BN_num_bits(dh->g),
- (unsigned char *)dh->p->d, BN_num_bits(dh->p),
- 0, 0, random_bits) != 0)
- {
- /* Hardware's a no go, failover to software */
- const DH_METHOD *meth;
-
- ENGINEerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
-
- meth = DH_OpenSSL();
- ret = meth->generate_key(dh);
-
- goto err;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- dh->pub_key = pub_key;
- dh->pub_key->top = (pub_key_len + BN_BITS2-1) / BN_BITS2;
- dh->priv_key = priv_key;
- dh->priv_key->top = (priv_key_len + BN_BITS2-1) / BN_BITS2;
-
- ret = 1;
-err:
- return ret;
- }
-#endif
-
-#ifdef NOT_USED
-static int ubsec_rand_bytes(unsigned char * buf,
- int num)
- {
- int ret = 0,
- fd;
-
- if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0)
- {
- const RAND_METHOD *meth;
- ENGINEerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
- num = p_UBSEC_ubsec_bits_to_bytes(num);
- meth = RAND_SSLeay();
- meth->seed(buf, num);
- ret = meth->bytes(buf, num);
- goto err;
- }
-
- num *= 8; /* bytes to bits */
-
- if (p_UBSEC_rng_ioctl(fd,
- UBSEC_RNG_DIRECT,
- buf,
- &num) != 0)
- {
- /* Hardware's a no go, failover to software */
- const RAND_METHOD *meth;
-
- ENGINEerr(UBSEC_F_UBSEC_RNG_BYTES, UBSEC_R_REQUEST_FAILED);
- p_UBSEC_ubsec_close(fd);
-
- num = p_UBSEC_ubsec_bits_to_bytes(num);
- meth = RAND_SSLeay();
- meth->seed(buf, num);
- ret = meth->bytes(buf, num);
-
- goto err;
- }
-
- p_UBSEC_ubsec_close(fd);
-
- ret = 1;
-err:
- return(ret);
- }
-
-
-static int ubsec_rand_status(void)
- {
- return 0;
- }
-#endif
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
- {
- if(id && (strcmp(id, engine_ubsec_id) != 0))
- return 0;
- if(!bind_helper(e))
- return 0;
- return 1;
- }
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_UBSEC */
-#endif /* !OPENSSL_NO_HW */
--- crypto/openssl/crypto/engine/hw_ncipher_err.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#ifndef HEADER_HWCRHK_ERR_H
-#define HEADER_HWCRHK_ERR_H
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-static void ERR_load_HWCRHK_strings(void);
-static void ERR_unload_HWCRHK_strings(void);
-static void ERR_HWCRHK_error(int function, int reason, char *file, int line);
-#define HWCRHKerr(f,r) ERR_HWCRHK_error((f),(r),__FILE__,__LINE__)
-
-/* Error codes for the HWCRHK functions. */
-
-/* Function codes. */
-#define HWCRHK_F_HWCRHK_CTRL 100
-#define HWCRHK_F_HWCRHK_FINISH 101
-#define HWCRHK_F_HWCRHK_GET_PASS 102
-#define HWCRHK_F_HWCRHK_INIT 103
-#define HWCRHK_F_HWCRHK_INSERT_CARD 104
-#define HWCRHK_F_HWCRHK_LOAD_PRIVKEY 105
-#define HWCRHK_F_HWCRHK_LOAD_PUBKEY 106
-#define HWCRHK_F_HWCRHK_MOD_EXP 107
-#define HWCRHK_F_HWCRHK_RAND_BYTES 108
-#define HWCRHK_F_HWCRHK_RSA_MOD_EXP 109
-
-/* Reason codes. */
-#define HWCRHK_R_ALREADY_LOADED 100
-#define HWCRHK_R_BIO_WAS_FREED 101
-#define HWCRHK_R_CHIL_ERROR 102
-#define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED 103
-#define HWCRHK_R_DSO_FAILURE 104
-#define HWCRHK_R_DYNAMIC_LOCKING_MISSING 114
-#define HWCRHK_R_MISSING_KEY_COMPONENTS 105
-#define HWCRHK_R_NOT_INITIALISED 106
-#define HWCRHK_R_NOT_LOADED 107
-#define HWCRHK_R_NO_CALLBACK 108
-#define HWCRHK_R_NO_KEY 109
-#define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED 110
-#define HWCRHK_R_REQUEST_FAILED 111
-#define HWCRHK_R_REQUEST_FALLBACK 112
-#define HWCRHK_R_UNIT_FAILURE 113
-
-#ifdef __cplusplus
-}
-#endif
-#endif
--- crypto/openssl/crypto/engine/hw_aep_err.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* hw_aep_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_aep_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA AEPHK_str_functs[]=
- {
-{ERR_PACK(0,AEPHK_F_AEP_CTRL,0), "AEP_CTRL"},
-{ERR_PACK(0,AEPHK_F_AEP_FINISH,0), "AEP_FINISH"},
-{ERR_PACK(0,AEPHK_F_AEP_GET_CONNECTION,0), "AEP_GET_CONNECTION"},
-{ERR_PACK(0,AEPHK_F_AEP_INIT,0), "AEP_INIT"},
-{ERR_PACK(0,AEPHK_F_AEP_MOD_EXP,0), "AEP_MOD_EXP"},
-{ERR_PACK(0,AEPHK_F_AEP_MOD_EXP_CRT,0), "AEP_MOD_EXP_CRT"},
-{ERR_PACK(0,AEPHK_F_AEP_RAND,0), "AEP_RAND"},
-{ERR_PACK(0,AEPHK_F_AEP_RSA_MOD_EXP,0), "AEP_RSA_MOD_EXP"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA AEPHK_str_reasons[]=
- {
-{AEPHK_R_ALREADY_LOADED ,"already loaded"},
-{AEPHK_R_CLOSE_HANDLES_FAILED ,"close handles failed"},
-{AEPHK_R_CONNECTIONS_IN_USE ,"connections in use"},
-{AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"},
-{AEPHK_R_FINALIZE_FAILED ,"finalize failed"},
-{AEPHK_R_GET_HANDLE_FAILED ,"get handle failed"},
-{AEPHK_R_GET_RANDOM_FAILED ,"get random failed"},
-{AEPHK_R_INIT_FAILURE ,"init failure"},
-{AEPHK_R_MISSING_KEY_COMPONENTS ,"missing key components"},
-{AEPHK_R_MOD_EXP_CRT_FAILED ,"mod exp crt failed"},
-{AEPHK_R_MOD_EXP_FAILED ,"mod exp failed"},
-{AEPHK_R_NOT_LOADED ,"not loaded"},
-{AEPHK_R_OK ,"ok"},
-{AEPHK_R_RETURN_CONNECTION_FAILED ,"return connection failed"},
-{AEPHK_R_SETBNCALLBACK_FAILURE ,"setbncallback failure"},
-{AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL ,"size too large or too small"},
-{AEPHK_R_UNIT_FAILURE ,"unit failure"},
-{0,NULL}
- };
-
-#endif
-
-#ifdef AEPHK_LIB_NAME
-static ERR_STRING_DATA AEPHK_lib_name[]=
- {
-{0 ,AEPHK_LIB_NAME},
-{0,NULL}
- };
-#endif
-
-
-static int AEPHK_lib_error_code=0;
-static int AEPHK_error_init=1;
-
-static void ERR_load_AEPHK_strings(void)
- {
- if (AEPHK_lib_error_code == 0)
- AEPHK_lib_error_code=ERR_get_next_error_library();
-
- if (AEPHK_error_init)
- {
- AEPHK_error_init=0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(AEPHK_lib_error_code,AEPHK_str_functs);
- ERR_load_strings(AEPHK_lib_error_code,AEPHK_str_reasons);
-#endif
-
-#ifdef AEPHK_LIB_NAME
- AEPHK_lib_name->error = ERR_PACK(AEPHK_lib_error_code,0,0);
- ERR_load_strings(0,AEPHK_lib_name);
-#endif
- }
- }
-
-static void ERR_unload_AEPHK_strings(void)
- {
- if (AEPHK_error_init == 0)
- {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(AEPHK_lib_error_code,AEPHK_str_functs);
- ERR_unload_strings(AEPHK_lib_error_code,AEPHK_str_reasons);
-#endif
-
-#ifdef AEPHK_LIB_NAME
- ERR_unload_strings(0,AEPHK_lib_name);
-#endif
- AEPHK_error_init=1;
- }
- }
-
-static void ERR_AEPHK_error(int function, int reason, char *file, int line)
- {
- if (AEPHK_lib_error_code == 0)
- AEPHK_lib_error_code=ERR_get_next_error_library();
- ERR_PUT_error(AEPHK_lib_error_code,function,reason,file,line);
- }
--- crypto/openssl/crypto/engine/hw_atalla_err.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* hw_atalla_err.c */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_atalla_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA ATALLA_str_functs[]=
- {
-{ERR_PACK(0,ATALLA_F_ATALLA_CTRL,0), "ATALLA_CTRL"},
-{ERR_PACK(0,ATALLA_F_ATALLA_FINISH,0), "ATALLA_FINISH"},
-{ERR_PACK(0,ATALLA_F_ATALLA_INIT,0), "ATALLA_INIT"},
-{ERR_PACK(0,ATALLA_F_ATALLA_MOD_EXP,0), "ATALLA_MOD_EXP"},
-{ERR_PACK(0,ATALLA_F_ATALLA_RSA_MOD_EXP,0), "ATALLA_RSA_MOD_EXP"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA ATALLA_str_reasons[]=
- {
-{ATALLA_R_ALREADY_LOADED ,"already loaded"},
-{ATALLA_R_BN_CTX_FULL ,"bn ctx full"},
-{ATALLA_R_BN_EXPAND_FAIL ,"bn expand fail"},
-{ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED ,"ctrl command not implemented"},
-{ATALLA_R_MISSING_KEY_COMPONENTS ,"missing key components"},
-{ATALLA_R_NOT_LOADED ,"not loaded"},
-{ATALLA_R_REQUEST_FAILED ,"request failed"},
-{ATALLA_R_UNIT_FAILURE ,"unit failure"},
-{0,NULL}
- };
-
-#endif
-
-#ifdef ATALLA_LIB_NAME
-static ERR_STRING_DATA ATALLA_lib_name[]=
- {
-{0 ,ATALLA_LIB_NAME},
-{0,NULL}
- };
-#endif
-
-
-static int ATALLA_lib_error_code=0;
-static int ATALLA_error_init=1;
-
-static void ERR_load_ATALLA_strings(void)
- {
- if (ATALLA_lib_error_code == 0)
- ATALLA_lib_error_code=ERR_get_next_error_library();
-
- if (ATALLA_error_init)
- {
- ATALLA_error_init=0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(ATALLA_lib_error_code,ATALLA_str_functs);
- ERR_load_strings(ATALLA_lib_error_code,ATALLA_str_reasons);
-#endif
-
-#ifdef ATALLA_LIB_NAME
- ATALLA_lib_name->error = ERR_PACK(ATALLA_lib_error_code,0,0);
- ERR_load_strings(0,ATALLA_lib_name);
-#endif
- }
- }
-
-static void ERR_unload_ATALLA_strings(void)
- {
- if (ATALLA_error_init == 0)
- {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(ATALLA_lib_error_code,ATALLA_str_functs);
- ERR_unload_strings(ATALLA_lib_error_code,ATALLA_str_reasons);
-#endif
-
-#ifdef ATALLA_LIB_NAME
- ERR_unload_strings(0,ATALLA_lib_name);
-#endif
- ATALLA_error_init=1;
- }
- }
-
-static void ERR_ATALLA_error(int function, int reason, char *file, int line)
- {
- if (ATALLA_lib_error_code == 0)
- ATALLA_lib_error_code=ERR_get_next_error_library();
- ERR_PUT_error(ATALLA_lib_error_code,function,reason,file,line);
- }
--- crypto/openssl/crypto/engine/hw_4758_cca_err.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* hw_4758_cca_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include "hw_4758_cca_err.h"
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA CCA4758_str_functs[]=
- {
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_CTRL,0), "IBM_4758_CCA_CTRL"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_FINISH,0), "IBM_4758_CCA_FINISH"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_INIT,0), "IBM_4758_CCA_INIT"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_LOAD_PRIVKEY,0), "IBM_4758_CCA_LOAD_PRIVKEY"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_LOAD_PUBKEY,0), "IBM_4758_CCA_LOAD_PUBKEY"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_SIGN,0), "IBM_4758_CCA_SIGN"},
-{ERR_PACK(0,CCA4758_F_IBM_4758_CCA_VERIFY,0), "IBM_4758_CCA_VERIFY"},
-{0,NULL}
- };
-
-static ERR_STRING_DATA CCA4758_str_reasons[]=
- {
-{CCA4758_R_ALREADY_LOADED ,"already loaded"},
-{CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD ,"asn1 oid unknown for md"},
-{CCA4758_R_COMMAND_NOT_IMPLEMENTED ,"command not implemented"},
-{CCA4758_R_DSO_FAILURE ,"dso failure"},
-{CCA4758_R_FAILED_LOADING_PRIVATE_KEY ,"failed loading private key"},
-{CCA4758_R_FAILED_LOADING_PUBLIC_KEY ,"failed loading public key"},
-{CCA4758_R_NOT_LOADED ,"not loaded"},
-{CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL ,"size too large or too small"},
-{CCA4758_R_UNIT_FAILURE ,"unit failure"},
-{CCA4758_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"},
-{0,NULL}
- };
-
-#endif
-
-#ifdef CCA4758_LIB_NAME
-static ERR_STRING_DATA CCA4758_lib_name[]=
- {
-{0 ,CCA4758_LIB_NAME},
-{0,NULL}
- };
-#endif
-
-
-static int CCA4758_lib_error_code=0;
-static int CCA4758_error_init=1;
-
-static void ERR_load_CCA4758_strings(void)
- {
- if (CCA4758_lib_error_code == 0)
- CCA4758_lib_error_code=ERR_get_next_error_library();
-
- if (CCA4758_error_init)
- {
- CCA4758_error_init=0;
-#ifndef OPENSSL_NO_ERR
- ERR_load_strings(CCA4758_lib_error_code,CCA4758_str_functs);
- ERR_load_strings(CCA4758_lib_error_code,CCA4758_str_reasons);
-#endif
-
-#ifdef CCA4758_LIB_NAME
- CCA4758_lib_name->error = ERR_PACK(CCA4758_lib_error_code,0,0);
- ERR_load_strings(0,CCA4758_lib_name);
-#endif
- }
- }
-
-static void ERR_unload_CCA4758_strings(void)
- {
- if (CCA4758_error_init == 0)
- {
-#ifndef OPENSSL_NO_ERR
- ERR_unload_strings(CCA4758_lib_error_code,CCA4758_str_functs);
- ERR_unload_strings(CCA4758_lib_error_code,CCA4758_str_reasons);
-#endif
-
-#ifdef CCA4758_LIB_NAME
- ERR_unload_strings(0,CCA4758_lib_name);
-#endif
- CCA4758_error_init=1;
- }
- }
-
-static void ERR_CCA4758_error(int function, int reason, char *file, int line)
- {
- if (CCA4758_lib_error_code == 0)
- CCA4758_lib_error_code=ERR_get_next_error_library();
- ERR_PUT_error(CCA4758_lib_error_code,function,reason,file,line);
- }
--- crypto/openssl/crypto/engine/hw_nuron.c
+++ /dev/null
@@ -1,418 +0,0 @@
-/* crypto/engine/hw_nuron.c */
-/* Written by Ben Laurie for the OpenSSL Project, leaning heavily on Geoff
- * Thorpe's Atalla implementation.
- */
-/* ====================================================================
- * Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * licensing at OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include "cryptlib.h"
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_NURON
-
-#define NURON_LIB_NAME "nuron engine"
-#include "hw_nuron_err.c"
-
-static const char *NURON_LIBNAME = NULL;
-static const char *get_NURON_LIBNAME(void)
- {
- if(NURON_LIBNAME)
- return NURON_LIBNAME;
- return "nuronssl";
- }
-static void free_NURON_LIBNAME(void)
- {
- if(NURON_LIBNAME)
- OPENSSL_free((void*)NURON_LIBNAME);
- NURON_LIBNAME = NULL;
- }
-static long set_NURON_LIBNAME(const char *name)
- {
- free_NURON_LIBNAME();
- return (((NURON_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
- }
-static const char *NURON_F1 = "nuron_mod_exp";
-
-/* The definitions for control commands specific to this engine */
-#define NURON_CMD_SO_PATH ENGINE_CMD_BASE
-static const ENGINE_CMD_DEFN nuron_cmd_defns[] = {
- {NURON_CMD_SO_PATH,
- "SO_PATH",
- "Specifies the path to the 'nuronssl' shared library",
- ENGINE_CMD_FLAG_STRING},
- {0, NULL, NULL, 0}
- };
-
-typedef int tfnModExp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,const BIGNUM *m);
-static tfnModExp *pfnModExp = NULL;
-
-static DSO *pvDSOHandle = NULL;
-
-static int nuron_destroy(ENGINE *e)
- {
- free_NURON_LIBNAME();
- ERR_unload_NURON_strings();
- return 1;
- }
-
-static int nuron_init(ENGINE *e)
- {
- if(pvDSOHandle != NULL)
- {
- NURONerr(NURON_F_NURON_INIT,NURON_R_ALREADY_LOADED);
- return 0;
- }
-
- pvDSOHandle = DSO_load(NULL, get_NURON_LIBNAME(), NULL,
- DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
- if(!pvDSOHandle)
- {
- NURONerr(NURON_F_NURON_INIT,NURON_R_DSO_NOT_FOUND);
- return 0;
- }
-
- pfnModExp = (tfnModExp *)DSO_bind_func(pvDSOHandle, NURON_F1);
- if(!pfnModExp)
- {
- NURONerr(NURON_F_NURON_INIT,NURON_R_DSO_FUNCTION_NOT_FOUND);
- return 0;
- }
-
- return 1;
- }
-
-static int nuron_finish(ENGINE *e)
- {
- free_NURON_LIBNAME();
- if(pvDSOHandle == NULL)
- {
- NURONerr(NURON_F_NURON_FINISH,NURON_R_NOT_LOADED);
- return 0;
- }
- if(!DSO_free(pvDSOHandle))
- {
- NURONerr(NURON_F_NURON_FINISH,NURON_R_DSO_FAILURE);
- return 0;
- }
- pvDSOHandle=NULL;
- pfnModExp=NULL;
- return 1;
- }
-
-static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
- {
- int initialised = ((pvDSOHandle == NULL) ? 0 : 1);
- switch(cmd)
- {
- case NURON_CMD_SO_PATH:
- if(p == NULL)
- {
- NURONerr(NURON_F_NURON_CTRL,ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- if(initialised)
- {
- NURONerr(NURON_F_NURON_CTRL,NURON_R_ALREADY_LOADED);
- return 0;
- }
- return set_NURON_LIBNAME((const char *)p);
- default:
- break;
- }
- NURONerr(NURON_F_NURON_CTRL,NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED);
- return 0;
-}
-
-static int nuron_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p,
- const BIGNUM *m,BN_CTX *ctx)
- {
- if(!pvDSOHandle)
- {
- NURONerr(NURON_F_NURON_MOD_EXP,NURON_R_NOT_LOADED);
- return 0;
- }
- return pfnModExp(r,a,p,m);
- }
-
-#ifndef OPENSSL_NO_RSA
-static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
- {
- return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL);
- }
-#endif
-
-#ifndef OPENSSL_NO_DSA
-/* This code was liberated and adapted from the commented-out code in
- * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration
- * (it doesn't have a CRT form for RSA), this function means that an
- * Atalla system running with a DSA server certificate can handshake
- * around 5 or 6 times faster/more than an equivalent system running with
- * RSA. Just check out the "signs" statistics from the RSA and DSA parts
- * of "openssl speed -engine atalla dsa1024 rsa1024". */
-static int nuron_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
- BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont)
- {
- BIGNUM t;
- int to_return = 0;
-
- BN_init(&t);
- /* let rr = a1 ^ p1 mod m */
- if (!nuron_mod_exp(rr,a1,p1,m,ctx))
- goto end;
- /* let t = a2 ^ p2 mod m */
- if (!nuron_mod_exp(&t,a2,p2,m,ctx))
- goto end;
- /* let rr = rr * t mod m */
- if (!BN_mod_mul(rr,rr,&t,m,ctx))
- goto end;
- to_return = 1;
-end:
- BN_free(&t);
- return to_return;
- }
-
-
-static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
- const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx)
- {
- return nuron_mod_exp(r, a, p, m, ctx);
- }
-#endif
-
-/* This function is aliased to mod_exp (with the mont stuff dropped). */
-static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
- {
- return nuron_mod_exp(r, a, p, m, ctx);
- }
-
-#ifndef OPENSSL_NO_DH
-/* This function is aliased to mod_exp (with the dh and mont dropped). */
-static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r,
- const BIGNUM *a, const BIGNUM *p,
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
- {
- return nuron_mod_exp(r, a, p, m, ctx);
- }
-#endif
-
-#ifndef OPENSSL_NO_RSA
-static RSA_METHOD nuron_rsa =
- {
- "Nuron RSA method",
- NULL,
- NULL,
- NULL,
- NULL,
- nuron_rsa_mod_exp,
- nuron_mod_exp_mont,
- NULL,
- NULL,
- 0,
- NULL,
- NULL,
- NULL
- };
-#endif
-
-#ifndef OPENSSL_NO_DSA
-static DSA_METHOD nuron_dsa =
- {
- "Nuron DSA method",
- NULL, /* dsa_do_sign */
- NULL, /* dsa_sign_setup */
- NULL, /* dsa_do_verify */
- nuron_dsa_mod_exp, /* dsa_mod_exp */
- nuron_mod_exp_dsa, /* bn_mod_exp */
- NULL, /* init */
- NULL, /* finish */
- 0, /* flags */
- NULL /* app_data */
- };
-#endif
-
-#ifndef OPENSSL_NO_DH
-static DH_METHOD nuron_dh =
- {
- "Nuron DH method",
- NULL,
- NULL,
- nuron_mod_exp_dh,
- NULL,
- NULL,
- 0,
- NULL
- };
-#endif
-
-/* Constants used when creating the ENGINE */
-static const char *engine_nuron_id = "nuron";
-static const char *engine_nuron_name = "Nuron hardware engine support";
-
-/* This internal function is used by ENGINE_nuron() and possibly by the
- * "dynamic" ENGINE support too */
-static int bind_helper(ENGINE *e)
- {
-#ifndef OPENSSL_NO_RSA
- const RSA_METHOD *meth1;
-#endif
-#ifndef OPENSSL_NO_DSA
- const DSA_METHOD *meth2;
-#endif
-#ifndef OPENSSL_NO_DH
- const DH_METHOD *meth3;
-#endif
- if(!ENGINE_set_id(e, engine_nuron_id) ||
- !ENGINE_set_name(e, engine_nuron_name) ||
-#ifndef OPENSSL_NO_RSA
- !ENGINE_set_RSA(e, &nuron_rsa) ||
-#endif
-#ifndef OPENSSL_NO_DSA
- !ENGINE_set_DSA(e, &nuron_dsa) ||
-#endif
-#ifndef OPENSSL_NO_DH
- !ENGINE_set_DH(e, &nuron_dh) ||
-#endif
- !ENGINE_set_destroy_function(e, nuron_destroy) ||
- !ENGINE_set_init_function(e, nuron_init) ||
- !ENGINE_set_finish_function(e, nuron_finish) ||
- !ENGINE_set_ctrl_function(e, nuron_ctrl) ||
- !ENGINE_set_cmd_defns(e, nuron_cmd_defns))
- return 0;
-
-#ifndef OPENSSL_NO_RSA
- /* We know that the "PKCS1_SSLeay()" functions hook properly
- * to the nuron-specific mod_exp and mod_exp_crt so we use
- * those functions. NB: We don't use ENGINE_openssl() or
- * anything "more generic" because something like the RSAref
- * code may not hook properly, and if you own one of these
- * cards then you have the right to do RSA operations on it
- * anyway! */
- meth1=RSA_PKCS1_SSLeay();
- nuron_rsa.rsa_pub_enc=meth1->rsa_pub_enc;
- nuron_rsa.rsa_pub_dec=meth1->rsa_pub_dec;
- nuron_rsa.rsa_priv_enc=meth1->rsa_priv_enc;
- nuron_rsa.rsa_priv_dec=meth1->rsa_priv_dec;
-#endif
-
-#ifndef OPENSSL_NO_DSA
- /* Use the DSA_OpenSSL() method and just hook the mod_exp-ish
- * bits. */
- meth2=DSA_OpenSSL();
- nuron_dsa.dsa_do_sign=meth2->dsa_do_sign;
- nuron_dsa.dsa_sign_setup=meth2->dsa_sign_setup;
- nuron_dsa.dsa_do_verify=meth2->dsa_do_verify;
-#endif
-
-#ifndef OPENSSL_NO_DH
- /* Much the same for Diffie-Hellman */
- meth3=DH_OpenSSL();
- nuron_dh.generate_key=meth3->generate_key;
- nuron_dh.compute_key=meth3->compute_key;
-#endif
-
- /* Ensure the nuron error handling is set up */
- ERR_load_NURON_strings();
- return 1;
- }
-
-#ifndef ENGINE_DYNAMIC_SUPPORT
-static ENGINE *engine_nuron(void)
- {
- ENGINE *ret = ENGINE_new();
- if(!ret)
- return NULL;
- if(!bind_helper(ret))
- {
- ENGINE_free(ret);
- return NULL;
- }
- return ret;
- }
-
-void ENGINE_load_nuron(void)
- {
- /* Copied from eng_[openssl|dyn].c */
- ENGINE *toadd = engine_nuron();
- if(!toadd) return;
- ENGINE_add(toadd);
- ENGINE_free(toadd);
- ERR_clear_error();
- }
-#endif
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int bind_fn(ENGINE *e, const char *id)
- {
- if(id && (strcmp(id, engine_nuron_id) != 0))
- return 0;
- if(!bind_helper(e))
- return 0;
- return 1;
- }
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#endif /* !OPENSSL_NO_HW_NURON */
-#endif /* !OPENSSL_NO_HW */
--- crypto/openssl/crypto/ec/ecp_recp.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/ec/ecp_recp.c */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core at openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay at cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh at cryptsoft.com).
- *
- */
-
-#include "ec_lcl.h"
-
-#if 0
-const EC_METHOD *EC_GFp_recp_method(void)
- {
- static const EC_METHOD ret = {
- ec_GFp_recp_group_init,
- ec_GFp_recp_group_finish,
- ec_GFp_recp_group_clear_finish,
- ec_GFp_recp_group_copy,
- ec_GFp_recp_group_set_curve_GFp,
- ec_GFp_simple_group_get_curve_GFp,
- ec_GFp_simple_group_set_generator,
- ec_GFp_simple_group_get0_generator,
- ec_GFp_simple_group_get_order,
- ec_GFp_simple_group_get_cofactor,
- ec_GFp_simple_point_init,
- ec_GFp_simple_point_finish,
- ec_GFp_simple_point_clear_finish,
- ec_GFp_simple_point_copy,
- ec_GFp_simple_point_set_to_infinity,
- ec_GFp_simple_set_Jprojective_coordinates_GFp,
- ec_GFp_simple_get_Jprojective_coordinates_GFp,
- ec_GFp_simple_point_set_affine_coordinates_GFp,
- ec_GFp_simple_point_get_affine_coordinates_GFp,
- ec_GFp_simple_set_compressed_coordinates_GFp,
- ec_GFp_simple_point2oct,
- ec_GFp_simple_oct2point,
- ec_GFp_simple_add,
- ec_GFp_simple_dbl,
- ec_GFp_simple_invert,
- ec_GFp_simple_is_at_infinity,
- ec_GFp_simple_is_on_curve,
- ec_GFp_simple_cmp,
- ec_GFp_simple_make_affine,
- ec_GFp_simple_points_make_affine,
- ec_GFp_recp_field_mul,
- ec_GFp_recp_field_sqr,
- 0 /* field_encode */,
- 0 /* field_decode */,
- 0 /* field_set_to_one */ };
-
- return &ret;
- }
-#endif
-
-int ec_GFp_recp_group_init(EC_GROUP *group)
- {
- int ok;
-
- ok = ec_GFp_simple_group_init(group);
- group->field_data1 = NULL;
- return ok;
- }
-
-
-int ec_GFp_recp_group_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-/* TODO */
-
-
-void ec_GFp_recp_group_finish(EC_GROUP *group);
-/* TODO */
-
-
-void ec_GFp_recp_group_clear_finish(EC_GROUP *group);
-/* TODO */
-
-
-int ec_GFp_recp_group_copy(EC_GROUP *dest, const EC_GROUP *src);
-/* TODO */
-
-
-int ec_GFp_recp_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-/* TODO */
-
-
-int ec_GFp_recp_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
-/* TODO */
--- crypto/openssl/crypto/engine/vendor_defns/atalla.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/* This header declares the necessary definitions for using the exponentiation
- * acceleration capabilities of Atalla cards. The only cryptographic operation
- * is performed by "ASI_RSAPrivateKeyOpFn" and this takes a structure that
- * defines an "RSA private key". However, it is really only performing a
- * regular mod_exp using the supplied modulus and exponent - no CRT form is
- * being used. Hence, it is a generic mod_exp function in disguise, and we use
- * it as such.
- *
- * Thanks to the people at Atalla for letting me know these definitions are
- * fine and that they can be reproduced here.
- *
- * Geoff.
- */
-
-typedef struct ItemStr
- {
- unsigned char *data;
- int len;
- } Item;
-
-typedef struct RSAPrivateKeyStr
- {
- void *reserved;
- Item version;
- Item modulus;
- Item publicExponent;
- Item privateExponent;
- Item prime[2];
- Item exponent[2];
- Item coefficient;
- } RSAPrivateKey;
-
-/* Predeclare the function pointer types that we dynamically load from the DSO.
- * These use the same names and form that Ben's original support code had (in
- * crypto/bn/bn_exp.c) unless of course I've inadvertently changed the style
- * somewhere along the way!
- */
-
-typedef int tfnASI_GetPerformanceStatistics(int reset_flag,
- unsigned int *ret_buf);
-
-typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf);
-
-typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey,
- unsigned char *output,
- unsigned char *input,
- unsigned int modulus_len);
-
--- crypto/openssl/crypto/engine/vendor_defns/cswift.h
+++ /dev/null
@@ -1,234 +0,0 @@
-/* Attribution notice: Rainbow have generously allowed me to reproduce
- * the necessary definitions here from their API. This means the support
- * can build independently of whether application builders have the
- * API or hardware. This will allow developers to easily produce software
- * that has latent hardware support for any users that have accelertors
- * installed, without the developers themselves needing anything extra.
- *
- * I have only clipped the parts from the CryptoSwift header files that
- * are (or seem) relevant to the CryptoSwift support code. This is
- * simply to keep the file sizes reasonable.
- * [Geoff]
- */
-
-
-/* NB: These type widths do *not* seem right in general, in particular
- * they're not terribly friendly to 64-bit architectures (unsigned long)
- * will be 64-bit on IA-64 for a start. I'm leaving these alone as they
- * agree with Rainbow's API and this will only be called into question
- * on platforms with Rainbow support anyway! ;-) */
-
-#ifdef __cplusplus
-extern "C" {
-#endif /* __cplusplus */
-
-typedef long SW_STATUS; /* status */
-typedef unsigned char SW_BYTE; /* 8 bit byte */
-typedef unsigned short SW_U16; /* 16 bit number */
-#if defined(_IRIX)
-#include <sgidefs.h>
-typedef __uint32_t SW_U32;
-#else
-typedef unsigned long SW_U32; /* 32 bit integer */
-#endif
-
-#if defined(OPENSSL_SYS_WIN32)
- typedef struct _SW_U64 {
- SW_U32 low32;
- SW_U32 high32;
- } SW_U64; /* 64 bit integer */
-#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
- typedef longlong SW_U64
-#else /* Unix variants */
- typedef struct _SW_U64 {
- SW_U32 low32;
- SW_U32 high32;
- } SW_U64; /* 64 bit integer */
-#endif
-
-/* status codes */
-#define SW_OK (0L)
-#define SW_ERR_BASE (-10000L)
-#define SW_ERR_NO_CARD (SW_ERR_BASE-1) /* The Card is not present */
-#define SW_ERR_CARD_NOT_READY (SW_ERR_BASE-2) /* The card has not powered */
- /* up yet */
-#define SW_ERR_TIME_OUT (SW_ERR_BASE-3) /* Execution of a command */
- /* time out */
-#define SW_ERR_NO_EXECUTE (SW_ERR_BASE-4) /* The Card failed to */
- /* execute the command */
-#define SW_ERR_INPUT_NULL_PTR (SW_ERR_BASE-5) /* a required pointer is */
- /* NULL */
-#define SW_ERR_INPUT_SIZE (SW_ERR_BASE-6) /* size is invalid, too */
- /* small, too large. */
-#define SW_ERR_INVALID_HANDLE (SW_ERR_BASE-7) /* Invalid SW_ACC_CONTEXT */
- /* handle */
-#define SW_ERR_PENDING (SW_ERR_BASE-8) /* A request is already out- */
- /* standing at this */
- /* context handle */
-#define SW_ERR_AVAILABLE (SW_ERR_BASE-9) /* A result is available. */
-#define SW_ERR_NO_PENDING (SW_ERR_BASE-10)/* No request is pending. */
-#define SW_ERR_NO_MEMORY (SW_ERR_BASE-11)/* Not enough memory */
-#define SW_ERR_BAD_ALGORITHM (SW_ERR_BASE-12)/* Invalid algorithm type */
- /* in SW_PARAM structure */
-#define SW_ERR_MISSING_KEY (SW_ERR_BASE-13)/* No key is associated with */
- /* context. */
- /* swAttachKeyParam() is */
- /* not called. */
-#define SW_ERR_KEY_CMD_MISMATCH \
- (SW_ERR_BASE-14)/* Cannot perform requested */
- /* SW_COMMAND_CODE since */
- /* key attached via */
- /* swAttachKeyParam() */
- /* cannot be used for this*/
- /* SW_COMMAND_CODE. */
-#define SW_ERR_NOT_IMPLEMENTED \
- (SW_ERR_BASE-15)/* Not implemented */
-#define SW_ERR_BAD_COMMAND (SW_ERR_BASE-16)/* Bad command code */
-#define SW_ERR_BAD_ITEM_SIZE (SW_ERR_BASE-17)/* too small or too large in */
- /* the "initems" or */
- /* "outitems". */
-#define SW_ERR_BAD_ACCNUM (SW_ERR_BASE-18)/* Bad accelerator number */
-#define SW_ERR_SELFTEST_FAIL (SW_ERR_BASE-19)/* At least one of the self */
- /* test fail, look at the */
- /* selfTestBitmap in */
- /* SW_ACCELERATOR_INFO for*/
- /* details. */
-#define SW_ERR_MISALIGN (SW_ERR_BASE-20)/* Certain alogrithms require*/
- /* key materials aligned */
- /* in certain order, e.g. */
- /* 128 bit for CRT */
-#define SW_ERR_OUTPUT_NULL_PTR \
- (SW_ERR_BASE-21)/* a required pointer is */
- /* NULL */
-#define SW_ERR_OUTPUT_SIZE \
- (SW_ERR_BASE-22)/* size is invalid, too */
- /* small, too large. */
-#define SW_ERR_FIRMWARE_CHECKSUM \
- (SW_ERR_BASE-23)/* firmware checksum mismatch*/
- /* download failed. */
-#define SW_ERR_UNKNOWN_FIRMWARE \
- (SW_ERR_BASE-24)/* unknown firmware error */
-#define SW_ERR_INTERRUPT (SW_ERR_BASE-25)/* request is abort when */
- /* it's waiting to be */
- /* completed. */
-#define SW_ERR_NVWRITE_FAIL (SW_ERR_BASE-26)/* error in writing to Non- */
- /* volatile memory */
-#define SW_ERR_NVWRITE_RANGE (SW_ERR_BASE-27)/* out of range error in */
- /* writing to NV memory */
-#define SW_ERR_RNG_ERROR (SW_ERR_BASE-28)/* Random Number Generation */
- /* failure */
-#define SW_ERR_DSS_FAILURE (SW_ERR_BASE-29)/* DSS Sign or Verify failure*/
-#define SW_ERR_MODEXP_FAILURE (SW_ERR_BASE-30)/* Failure in various math */
- /* calculations */
-#define SW_ERR_ONBOARD_MEMORY (SW_ERR_BASE-31)/* Error in accessing on - */
- /* board memory */
-#define SW_ERR_FIRMWARE_VERSION \
- (SW_ERR_BASE-32)/* Wrong version in firmware */
- /* update */
-#define SW_ERR_ZERO_WORKING_ACCELERATOR \
- (SW_ERR_BASE-44)/* All accelerators are bad */
-
-
- /* algorithm type */
-#define SW_ALG_CRT 1
-#define SW_ALG_EXP 2
-#define SW_ALG_DSA 3
-#define SW_ALG_NVDATA 4
-
- /* command code */
-#define SW_CMD_MODEXP_CRT 1 /* perform Modular Exponentiation using */
- /* Chinese Remainder Theorem (CRT) */
-#define SW_CMD_MODEXP 2 /* perform Modular Exponentiation */
-#define SW_CMD_DSS_SIGN 3 /* perform DSS sign */
-#define SW_CMD_DSS_VERIFY 4 /* perform DSS verify */
-#define SW_CMD_RAND 5 /* perform random number generation */
-#define SW_CMD_NVREAD 6 /* perform read to nonvolatile RAM */
-#define SW_CMD_NVWRITE 7 /* perform write to nonvolatile RAM */
-
-typedef SW_U32 SW_ALGTYPE; /* alogrithm type */
-typedef SW_U32 SW_STATE; /* state */
-typedef SW_U32 SW_COMMAND_CODE; /* command code */
-typedef SW_U32 SW_COMMAND_BITMAP[4]; /* bitmap */
-
-typedef struct _SW_LARGENUMBER {
- SW_U32 nbytes; /* number of bytes in the buffer "value" */
- SW_BYTE* value; /* the large integer as a string of */
- /* bytes in network (big endian) order */
-} SW_LARGENUMBER;
-
-#if defined(OPENSSL_SYS_WIN32)
- #include <windows.h>
- typedef HANDLE SW_OSHANDLE; /* handle to kernel object */
- #define SW_OS_INVALID_HANDLE INVALID_HANDLE_VALUE
- #define SW_CALLCONV _stdcall
-#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
- /* async callback mechanisms */
- /* swiftCallbackLevel */
- #define SW_MAC_CALLBACK_LEVEL_NO 0
- #define SW_MAC_CALLBACK_LEVEL_HARDWARE 1 /* from the hardware ISR */
- #define SW_MAC_CALLBACK_LEVEL_SECONDARY 2 /* as secondary ISR */
- typedef int SW_MAC_CALLBACK_LEVEL;
- typedef int SW_OSHANDLE;
- #define SW_OS_INVALID_HANDLE (-1)
- #define SW_CALLCONV
-#else /* Unix variants */
- typedef int SW_OSHANDLE; /* handle to driver */
- #define SW_OS_INVALID_HANDLE (-1)
- #define SW_CALLCONV
-#endif
-
-typedef struct _SW_CRT {
- SW_LARGENUMBER p; /* prime number p */
- SW_LARGENUMBER q; /* prime number q */
- SW_LARGENUMBER dmp1; /* exponent1 */
- SW_LARGENUMBER dmq1; /* exponent2 */
- SW_LARGENUMBER iqmp; /* CRT coefficient */
-} SW_CRT;
-
-typedef struct _SW_EXP {
- SW_LARGENUMBER modulus; /* modulus */
- SW_LARGENUMBER exponent;/* exponent */
-} SW_EXP;
-
-typedef struct _SW_DSA {
- SW_LARGENUMBER p; /* */
- SW_LARGENUMBER q; /* */
- SW_LARGENUMBER g; /* */
- SW_LARGENUMBER key; /* private/public key */
-} SW_DSA;
-
-typedef struct _SW_NVDATA {
- SW_U32 accnum; /* accelerator board number */
- SW_U32 offset; /* offset in byte */
-} SW_NVDATA;
-
-typedef struct _SW_PARAM {
- SW_ALGTYPE type; /* type of the alogrithm */
- union {
- SW_CRT crt;
- SW_EXP exp;
- SW_DSA dsa;
- SW_NVDATA nvdata;
- } up;
-} SW_PARAM;
-
-typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */
-
-
-/* Now the OpenSSL bits, these function types are the for the function
- * pointers that will bound into the Rainbow shared libraries. */
-typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac);
-typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac,
- SW_PARAM *key_params);
-typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac,
- SW_COMMAND_CODE cmd,
- SW_LARGENUMBER pin[],
- SW_U32 pin_count,
- SW_LARGENUMBER pout[],
- SW_U32 pout_count);
-typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE hac);
-
-#ifdef __cplusplus
-}
-#endif /* __cplusplus */
-
--- crypto/openssl/crypto/engine/vendor_defns/hw_ubsec.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/******************************************************************************
- *
- * Copyright 2000
- * Broadcom Corporation
- * 16215 Alton Parkway
- * PO Box 57013
- * Irvine CA 92619-7013
- *
- *****************************************************************************/
-/*
- * Broadcom Corporation uBSec SDK
- */
-/*
- * Character device header file.
- */
-/*
- * Revision History:
- *
- * October 2000 JTT Created.
- */
-
-#define MAX_PUBLIC_KEY_BITS (1024)
-#define MAX_PUBLIC_KEY_BYTES (1024/8)
-#define SHA_BIT_SIZE (160)
-#define MAX_CRYPTO_KEY_LENGTH 24
-#define MAX_MAC_KEY_LENGTH 64
-#define UBSEC_CRYPTO_DEVICE_NAME ((unsigned char *)"/dev/ubscrypt")
-#define UBSEC_KEY_DEVICE_NAME ((unsigned char *)"/dev/ubskey")
-
-/* Math command types. */
-#define UBSEC_MATH_MODADD 0x0001
-#define UBSEC_MATH_MODSUB 0x0002
-#define UBSEC_MATH_MODMUL 0x0004
-#define UBSEC_MATH_MODEXP 0x0008
-#define UBSEC_MATH_MODREM 0x0010
-#define UBSEC_MATH_MODINV 0x0020
-
-typedef long ubsec_MathCommand_t;
-typedef long ubsec_RNGCommand_t;
-
-typedef struct ubsec_crypto_context_s {
- unsigned int flags;
- unsigned char crypto[MAX_CRYPTO_KEY_LENGTH];
- unsigned char auth[MAX_MAC_KEY_LENGTH];
-} ubsec_crypto_context_t, *ubsec_crypto_context_p;
-
-/*
- * Predeclare the function pointer types that we dynamically load from the DSO.
- */
-
-typedef int t_UBSEC_ubsec_bytes_to_bits(unsigned char *n, int bytes);
-
-typedef int t_UBSEC_ubsec_bits_to_bytes(int bits);
-
-typedef int t_UBSEC_ubsec_open(unsigned char *device);
-
-typedef int t_UBSEC_ubsec_close(int fd);
-
-typedef int t_UBSEC_diffie_hellman_generate_ioctl (int fd,
- unsigned char *x, int *x_len, unsigned char *y, int *y_len,
- unsigned char *g, int g_len, unsigned char *m, int m_len,
- unsigned char *userX, int userX_len, int random_bits);
-
-typedef int t_UBSEC_diffie_hellman_agree_ioctl (int fd,
- unsigned char *x, int x_len, unsigned char *y, int y_len,
- unsigned char *m, int m_len, unsigned char *k, int *k_len);
-
-typedef int t_UBSEC_rsa_mod_exp_ioctl (int fd,
- unsigned char *x, int x_len, unsigned char *m, int m_len,
- unsigned char *e, int e_len, unsigned char *y, int *y_len);
-
-typedef int t_UBSEC_rsa_mod_exp_crt_ioctl (int fd,
- unsigned char *x, int x_len, unsigned char *qinv, int qinv_len,
- unsigned char *edq, int edq_len, unsigned char *q, int q_len,
- unsigned char *edp, int edp_len, unsigned char *p, int p_len,
- unsigned char *y, int *y_len);
-
-typedef int t_UBSEC_dsa_sign_ioctl (int fd,
- int hash, unsigned char *data, int data_len,
- unsigned char *rndom, int random_len,
- unsigned char *p, int p_len, unsigned char *q, int q_len,
- unsigned char *g, int g_len, unsigned char *key, int key_len,
- unsigned char *r, int *r_len, unsigned char *s, int *s_len);
-
-typedef int t_UBSEC_dsa_verify_ioctl (int fd,
- int hash, unsigned char *data, int data_len,
- unsigned char *p, int p_len, unsigned char *q, int q_len,
- unsigned char *g, int g_len, unsigned char *key, int key_len,
- unsigned char *r, int r_len, unsigned char *s, int s_len,
- unsigned char *v, int *v_len);
-
-typedef int t_UBSEC_math_accelerate_ioctl(int fd, ubsec_MathCommand_t command,
- unsigned char *ModN, int *ModN_len, unsigned char *ExpE, int *ExpE_len,
- unsigned char *ParamA, int *ParamA_len, unsigned char *ParamB, int *ParamB_len,
- unsigned char *Result, int *Result_len);
-
-typedef int t_UBSEC_rng_ioctl(int fd, ubsec_RNGCommand_t command,
- unsigned char *Result, int *Result_len);
-
-typedef int t_UBSEC_max_key_len_ioctl(int fd, int *max_key_len);
--- crypto/openssl/crypto/engine/vendor_defns/sureware.h
+++ /dev/null
@@ -1,239 +0,0 @@
-/*
-* Written by Corinne Dive-Reclus(cdive at baltimore.com)
-*
-* Copyright at 2001 Baltimore Technologies Ltd.
-* *
-* THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND *
-* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE *
-* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE *
-* ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE *
-* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL *
-* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS *
-* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) *
-* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT *
-* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY *
-* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF *
-* SUCH DAMAGE. *
-*
-*
-*/
-#ifdef WIN32
-#define SW_EXPORT __declspec ( dllexport )
-#else
-#define SW_EXPORT
-#endif
-
-/*
-* List of exposed SureWare errors
-*/
-#define SUREWAREHOOK_ERROR_FAILED -1
-#define SUREWAREHOOK_ERROR_FALLBACK -2
-#define SUREWAREHOOK_ERROR_UNIT_FAILURE -3
-#define SUREWAREHOOK_ERROR_DATA_SIZE -4
-#define SUREWAREHOOK_ERROR_INVALID_PAD -5
-/*
-* -----------------WARNING-----------------------------------
-* In all the following functions:
-* msg is a string with at least 24 bytes free.
-* A 24 bytes string will be concatenated to the existing content of msg.
-*/
-/*
-* SureWare Initialisation function
-* in param threadsafe, if !=0, thread safe enabled
-* return SureWareHOOK_ERROR_UNIT_FAILURE if failure, 1 if success
-*/
-typedef int SureWareHook_Init_t(char*const msg,int threadsafe);
-extern SW_EXPORT SureWareHook_Init_t SureWareHook_Init;
-/*
-* SureWare Finish function
-*/
-typedef void SureWareHook_Finish_t();
-extern SW_EXPORT SureWareHook_Finish_t SureWareHook_Finish;
-/*
-* PRE_CONDITION:
-* DO NOT CALL ANY OF THE FOLLOWING FUNCTIONS IN CASE OF INIT FAILURE
-*/
-/*
-* SureWare RAND Bytes function
-* In case of failure, the content of buf is unpredictable.
-* return 1 if success
-* SureWareHOOK_ERROR_FALLBACK if function not available in hardware
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* in/out param buf : a num bytes long buffer where random bytes will be put
-* in param num : the number of bytes into buf
-*/
-typedef int SureWareHook_Rand_Bytes_t(char*const msg,unsigned char *buf, int num);
-extern SW_EXPORT SureWareHook_Rand_Bytes_t SureWareHook_Rand_Bytes;
-
-/*
-* SureWare RAND Seed function
-* Adds some seed to the Hardware Random Number Generator
-* return 1 if success
-* SureWareHOOK_ERROR_FALLBACK if function not available in hardware
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* in param buf : the seed to add into the HRNG
-* in param num : the number of bytes into buf
-*/
-typedef int SureWareHook_Rand_Seed_t(char*const msg,const void *buf, int num);
-extern SW_EXPORT SureWareHook_Rand_Seed_t SureWareHook_Rand_Seed;
-
-/*
-* SureWare Load Private Key function
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* No hardware is contact for this function.
-*
-* in param key_id :the name of the private protected key file without the extension
- ".sws"
-* out param hptr : a pointer to a buffer allocated by SureWare_Hook
-* out param num: the effective key length in bytes
-* out param keytype: 1 if RSA 2 if DSA
-*/
-typedef int SureWareHook_Load_Privkey_t(char*const msg,const char *key_id,char **hptr,unsigned long *num,char *keytype);
-extern SW_EXPORT SureWareHook_Load_Privkey_t SureWareHook_Load_Privkey;
-
-/*
-* SureWare Info Public Key function
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* No hardware is contact for this function.
-*
-* in param key_id :the name of the private protected key file without the extension
- ".swp"
-* out param hptr : a pointer to a buffer allocated by SureWare_Hook
-* out param num: the effective key length in bytes
-* out param keytype: 1 if RSA 2 if DSA
-*/
-typedef int SureWareHook_Info_Pubkey_t(char*const msg,const char *key_id,unsigned long *num,
- char *keytype);
-extern SW_EXPORT SureWareHook_Info_Pubkey_t SureWareHook_Info_Pubkey;
-
-/*
-* SureWare Load Public Key function
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* No hardware is contact for this function.
-*
-* in param key_id :the name of the public protected key file without the extension
- ".swp"
-* in param num : the bytes size of n and e
-* out param n: where to write modulus in bn format
-* out param e: where to write exponent in bn format
-*/
-typedef int SureWareHook_Load_Rsa_Pubkey_t(char*const msg,const char *key_id,unsigned long num,
- unsigned long *n, unsigned long *e);
-extern SW_EXPORT SureWareHook_Load_Rsa_Pubkey_t SureWareHook_Load_Rsa_Pubkey;
-
-/*
-* SureWare Load DSA Public Key function
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* No hardware is contact for this function.
-*
-* in param key_id :the name of the public protected key file without the extension
- ".swp"
-* in param num : the bytes size of n and e
-* out param pub: where to write pub key in bn format
-* out param p: where to write prime in bn format
-* out param q: where to write sunprime (length 20 bytes) in bn format
-* out param g: where to write base in bn format
-*/
-typedef int SureWareHook_Load_Dsa_Pubkey_t(char*const msg,const char *key_id,unsigned long num,
- unsigned long *pub, unsigned long *p,unsigned long*q,
- unsigned long *g);
-extern SW_EXPORT SureWareHook_Load_Dsa_Pubkey_t SureWareHook_Load_Dsa_Pubkey;
-
-/*
-* SureWare Free function
-* Destroy the key into the hardware if destroy==1
-*/
-typedef void SureWareHook_Free_t(char *p,int destroy);
-extern SW_EXPORT SureWareHook_Free_t SureWareHook_Free;
-
-#define SUREWARE_PKCS1_PAD 1
-#define SUREWARE_ISO9796_PAD 2
-#define SUREWARE_NO_PAD 0
-/*
-* SureWare RSA Private Decryption
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* in param flen : byte size of from and to
-* in param from : encrypted data buffer, should be a not-null valid pointer
-* out param tlen: byte size of decrypted data, if error, unexpected value
-* out param to : decrypted data buffer, should be a not-null valid pointer
-* in param prsa: a protected key pointer, should be a not-null valid pointer
-* int padding: padding id as follow
-* SUREWARE_PKCS1_PAD
-* SUREWARE_NO_PAD
-*
-*/
-typedef int SureWareHook_Rsa_Priv_Dec_t(char*const msg,int flen,unsigned char *from,
- int *tlen,unsigned char *to,
- char *prsa,int padding);
-extern SW_EXPORT SureWareHook_Rsa_Priv_Dec_t SureWareHook_Rsa_Priv_Dec;
-/*
-* SureWare RSA Signature
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* in param flen : byte size of from and to
-* in param from : encrypted data buffer, should be a not-null valid pointer
-* out param tlen: byte size of decrypted data, if error, unexpected value
-* out param to : decrypted data buffer, should be a not-null valid pointer
-* in param prsa: a protected key pointer, should be a not-null valid pointer
-* int padding: padding id as follow
-* SUREWARE_PKCS1_PAD
-* SUREWARE_ISO9796_PAD
-*
-*/
-typedef int SureWareHook_Rsa_Sign_t(char*const msg,int flen,unsigned char *from,
- int *tlen,unsigned char *to,
- char *prsa,int padding);
-extern SW_EXPORT SureWareHook_Rsa_Sign_t SureWareHook_Rsa_Sign;
-/*
-* SureWare DSA Signature
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* in param flen : byte size of from and to
-* in param from : encrypted data buffer, should be a not-null valid pointer
-* out param to : decrypted data buffer, should be a 40bytes valid pointer
-* in param pdsa: a protected key pointer, should be a not-null valid pointer
-*
-*/
-typedef int SureWareHook_Dsa_Sign_t(char*const msg,int flen,const unsigned char *from,
- unsigned long *r,unsigned long *s,char *pdsa);
-extern SW_EXPORT SureWareHook_Dsa_Sign_t SureWareHook_Dsa_Sign;
-
-
-/*
-* SureWare Mod Exp
-* return 1 if success
-* SureWareHOOK_ERROR_FAILED if error while processing
-* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
-* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
-*
-* mod and res are mlen bytes long.
-* exp is elen bytes long
-* data is dlen bytes long
-* mlen,elen and dlen are all multiple of sizeof(unsigned long)
-*/
-typedef int SureWareHook_Mod_Exp_t(char*const msg,int mlen,const unsigned long *mod,
- int elen,const unsigned long *exp,
- int dlen,unsigned long *data,
- unsigned long *res);
-extern SW_EXPORT SureWareHook_Mod_Exp_t SureWareHook_Mod_Exp;
-
--- crypto/openssl/crypto/engine/vendor_defns/hwcryptohook.h
+++ /dev/null
@@ -1,486 +0,0 @@
-/*
- * ModExp / RSA (with/without KM) plugin API
- *
- * The application will load a dynamic library which
- * exports entrypoint(s) defined in this file.
- *
- * This set of entrypoints provides only a multithreaded,
- * synchronous-within-each-thread, facility.
- *
- *
- * This file is Copyright 1998-2000 nCipher Corporation Limited.
- *
- * Redistribution and use in source and binary forms, with opr without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the copyright notice,
- * this list of conditions, and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above
- * copyright notice, this list of conditions, and the following
- * disclaimer, in the documentation and/or other materials provided
- * with the distribution
- *
- * IN NO EVENT SHALL NCIPHER CORPORATION LIMITED (`NCIPHER') AND/OR
- * ANY OTHER AUTHORS OR DISTRIBUTORS OF THIS FILE BE LIABLE for any
- * damages arising directly or indirectly from this file, its use or
- * this licence. Without prejudice to the generality of the
- * foregoing: all liability shall be excluded for direct, indirect,
- * special, incidental, consequential or other damages or any loss of
- * profits, business, revenue goodwill or anticipated savings;
- * liability shall be excluded even if nCipher or anyone else has been
- * advised of the possibility of damage. In any event, if the
- * exclusion of liability is not effective, the liability of nCipher
- * or any author or distributor shall be limited to the lesser of the
- * price paid and 1,000 pounds sterling. This licence only fails to
- * exclude or limit liability for death or personal injury arising out
- * of negligence, and only to the extent that such an exclusion or
- * limitation is not effective.
- *
- * NCIPHER AND THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ALL
- * AND ANY WARRANTIES (WHETHER EXPRESS OR IMPLIED), including, but not
- * limited to, any implied warranties of merchantability, fitness for
- * a particular purpose, satisfactory quality, and/or non-infringement
- * of any third party rights.
- *
- * US Government use: This software and documentation is Commercial
- * Computer Software and Computer Software Documentation, as defined in
- * sub-paragraphs (a)(1) and (a)(5) of DFAR 252.227-7014, "Rights in
- * Noncommercial Computer Software and Noncommercial Computer Software
- * Documentation." Use, duplication or disclosure by the Government is
- * subject to the terms and conditions specified here.
- *
- * By using or distributing this file you will be accepting these
- * terms and conditions, including the limitation of liability and
- * lack of warranty. If you do not wish to accept these terms and
- * conditions, DO NOT USE THE FILE.
- *
- *
- * The actual dynamically loadable plugin, and the library files for
- * static linking, which are also provided in some distributions, are
- * not covered by the licence described above. You should have
- * received a separate licence with terms and conditions for these
- * library files; if you received the library files without a licence,
- * please contact nCipher.
- *
- *
- * $Id: hwcryptohook.h,v 1.3 2001/07/04 12:26:39 ben Exp $
- */
-
-#ifndef HWCRYPTOHOOK_H
-#define HWCRYPTOHOOK_H
-
-#include <sys/types.h>
-#include <stdio.h>
-
-#ifndef HWCRYPTOHOOK_DECLARE_APPTYPES
-#define HWCRYPTOHOOK_DECLARE_APPTYPES 1
-#endif
-
-#define HWCRYPTOHOOK_ERROR_FAILED -1
-#define HWCRYPTOHOOK_ERROR_FALLBACK -2
-#define HWCRYPTOHOOK_ERROR_MPISIZE -3
-
-#if HWCRYPTOHOOK_DECLARE_APPTYPES
-
-/* These structs are defined by the application and opaque to the
- * crypto plugin. The application may define these as it sees fit.
- * Default declarations are provided here, but the application may
- * #define HWCRYPTOHOOK_DECLARE_APPTYPES 0
- * to prevent these declarations, and instead provide its own
- * declarations of these types. (Pointers to them must still be
- * ordinary pointers to structs or unions, or the resulting combined
- * program will have a type inconsistency.)
- */
-typedef struct HWCryptoHook_MutexValue HWCryptoHook_Mutex;
-typedef struct HWCryptoHook_CondVarValue HWCryptoHook_CondVar;
-typedef struct HWCryptoHook_PassphraseContextValue HWCryptoHook_PassphraseContext;
-typedef struct HWCryptoHook_CallerContextValue HWCryptoHook_CallerContext;
-
-#endif /* HWCRYPTOHOOK_DECLARE_APPTYPES */
-
-/* These next two structs are opaque to the application. The crypto
- * plugin will return pointers to them; the caller simply manipulates
- * the pointers.
- */
-typedef struct HWCryptoHook_Context *HWCryptoHook_ContextHandle;
-typedef struct HWCryptoHook_RSAKey *HWCryptoHook_RSAKeyHandle;
-
-typedef struct {
- char *buf;
- size_t size;
-} HWCryptoHook_ErrMsgBuf;
-/* Used for error reporting. When a HWCryptoHook function fails it
- * will return a sentinel value (0 for pointer-valued functions, or a
- * negative number, usually HWCRYPTOHOOK_ERROR_FAILED, for
- * integer-valued ones). It will, if an ErrMsgBuf is passed, also put
- * an error message there.
- *
- * size is the size of the buffer, and will not be modified. If you
- * pass 0 for size you must pass 0 for buf, and nothing will be
- * recorded (just as if you passed 0 for the struct pointer).
- * Messages written to the buffer will always be null-terminated, even
- * when truncated to fit within size bytes.
- *
- * The contents of the buffer are not defined if there is no error.
- */
-
-typedef struct HWCryptoHook_MPIStruct {
- unsigned char *buf;
- size_t size;
-} HWCryptoHook_MPI;
-/* When one of these is returned, a pointer is passed to the function.
- * At call, size is the space available. Afterwards it is updated to
- * be set to the actual length (which may be more than the space available,
- * if there was not enough room and the result was truncated).
- * buf (the pointer) is not updated.
- *
- * size is in bytes and may be zero at call or return, but must be a
- * multiple of the limb size. Zero limbs at the MS end are not
- * permitted.
- */
-
-#define HWCryptoHook_InitFlags_FallbackModExp 0x0002UL
-#define HWCryptoHook_InitFlags_FallbackRSAImmed 0x0004UL
-/* Enable requesting fallback to software in case of problems with the
- * hardware support. This indicates to the crypto provider that the
- * application is prepared to fall back to software operation if the
- * ModExp* or RSAImmed* functions return HWCRYPTOHOOK_ERROR_FALLBACK.
- * Without this flag those calls will never return
- * HWCRYPTOHOOK_ERROR_FALLBACK. The flag will also cause the crypto
- * provider to avoid repeatedly attempting to contact dead hardware
- * within a short interval, if appropriate.
- */
-
-#define HWCryptoHook_InitFlags_SimpleForkCheck 0x0010UL
-/* Without _SimpleForkCheck the library is allowed to assume that the
- * application will not fork and call the library in the child(ren).
- *
- * When it is specified, this is allowed. However, after a fork
- * neither parent nor child may unload any loaded keys or call
- * _Finish. Instead, they should call exit (or die with a signal)
- * without calling _Finish. After all the children have died the
- * parent may unload keys or call _Finish.
- *
- * This flag only has any effect on UN*X platforms.
- */
-
-typedef struct {
- unsigned long flags;
- void *logstream; /* usually a FILE*. See below. */
-
- size_t limbsize; /* bignum format - size of radix type, must be power of 2 */
- int mslimbfirst; /* 0 or 1 */
- int msbytefirst; /* 0 or 1; -1 = native */
-
- /* All the callback functions should return 0 on success, or a
- * nonzero integer (whose value will be visible in the error message
- * put in the buffer passed to the call).
- *
- * If a callback is not available pass a null function pointer.
- *
- * The callbacks may not call down again into the crypto plugin.
- */
-
- /* For thread-safety. Set everything to 0 if you promise only to be
- * singlethreaded. maxsimultaneous is the number of calls to
- * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to
- * put there then say 0 and the hook library will use a default.
- *
- * maxmutexes is a small limit on the number of simultaneous mutexes
- * which will be requested by the library. If there is no small
- * limit, set it to 0. If the crypto plugin cannot create the
- * advertised number of mutexes the calls to its functions may fail.
- * If a low number of mutexes is advertised the plugin will try to
- * do the best it can. Making larger numbers of mutexes available
- * may improve performance and parallelism by reducing contention
- * over critical sections. Unavailability of any mutexes, implying
- * single-threaded operation, should be indicated by the setting
- * mutex_init et al to 0.
- */
- int maxmutexes;
- int maxsimultaneous;
- size_t mutexsize;
- int (*mutex_init)(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext *cactx);
- int (*mutex_acquire)(HWCryptoHook_Mutex*);
- void (*mutex_release)(HWCryptoHook_Mutex*);
- void (*mutex_destroy)(HWCryptoHook_Mutex*);
-
- /* For greater efficiency, can use condition vars internally for
- * synchronisation. In this case maxsimultaneous is ignored, but
- * the other mutex stuff must be available. In singlethreaded
- * programs, set everything to 0.
- */
- size_t condvarsize;
- int (*condvar_init)(HWCryptoHook_CondVar*, HWCryptoHook_CallerContext *cactx);
- int (*condvar_wait)(HWCryptoHook_CondVar*, HWCryptoHook_Mutex*);
- void (*condvar_signal)(HWCryptoHook_CondVar*);
- void (*condvar_broadcast)(HWCryptoHook_CondVar*);
- void (*condvar_destroy)(HWCryptoHook_CondVar*);
-
- /* The semantics of acquiring and releasing mutexes and broadcasting
- * and waiting on condition variables are expected to be those from
- * POSIX threads (pthreads). The mutexes may be (in pthread-speak)
- * fast mutexes, recursive mutexes, or nonrecursive ones.
- *
- * The _release/_signal/_broadcast and _destroy functions must
- * always succeed when given a valid argument; if they are given an
- * invalid argument then the program (crypto plugin + application)
- * has an internal error, and they should abort the program.
- */
-
- int (*getpassphrase)(const char *prompt_info,
- int *len_io, char *buf,
- HWCryptoHook_PassphraseContext *ppctx,
- HWCryptoHook_CallerContext *cactx);
- /* Passphrases and the prompt_info, if they contain high-bit-set
- * characters, are UTF-8. The prompt_info may be a null pointer if
- * no prompt information is available (it should not be an empty
- * string). It will not contain text like `enter passphrase';
- * instead it might say something like `Operator Card for John
- * Smith' or `SmartCard in nFast Module #1, Slot #1'.
- *
- * buf points to a buffer in which to return the passphrase; on
- * entry *len_io is the length of the buffer. It should be updated
- * by the callback. The returned passphrase should not be
- * null-terminated by the callback.
- */
-
- int (*getphystoken)(const char *prompt_info,
- const char *wrong_info,
- HWCryptoHook_PassphraseContext *ppctx,
- HWCryptoHook_CallerContext *cactx);
- /* Requests that the human user physically insert a different
- * smartcard, DataKey, etc. The plugin should check whether the
- * currently inserted token(s) are appropriate, and if they are it
- * should not make this call.
- *
- * prompt_info is as before. wrong_info is a description of the
- * currently inserted token(s) so that the user is told what
- * something is. wrong_info, like prompt_info, may be null, but
- * should not be an empty string. Its contents should be
- * syntactically similar to that of prompt_info.
- */
-
- /* Note that a single LoadKey operation might cause several calls to
- * getpassphrase and/or requestphystoken. If requestphystoken is
- * not provided (ie, a null pointer is passed) then the plugin may
- * not support loading keys for which authorisation by several cards
- * is required. If getpassphrase is not provided then cards with
- * passphrases may not be supported.
- *
- * getpassphrase and getphystoken do not need to check that the
- * passphrase has been entered correctly or the correct token
- * inserted; the crypto plugin will do that. If this is not the
- * case then the crypto plugin is responsible for calling these
- * routines again as appropriate until the correct token(s) and
- * passphrase(s) are supplied as required, or until any retry limits
- * implemented by the crypto plugin are reached.
- *
- * In either case, the application must allow the user to say `no'
- * or `cancel' to indicate that they do not know the passphrase or
- * have the appropriate token; this should cause the callback to
- * return nonzero indicating error.
- */
-
- void (*logmessage)(void *logstream, const char *message);
- /* A log message will be generated at least every time something goes
- * wrong and an ErrMsgBuf is filled in (or would be if one was
- * provided). Other diagnostic information may be written there too,
- * including more detailed reasons for errors which are reported in an
- * ErrMsgBuf.
- *
- * When a log message is generated, this callback is called. It
- * should write a message to the relevant logging arrangements.
- *
- * The message string passed will be null-terminated and may be of arbitrary
- * length. It will not be prefixed by the time and date, nor by the
- * name of the library that is generating it - if this is required,
- * the logmessage callback must do it. The message will not have a
- * trailing newline (though it may contain internal newlines).
- *
- * If a null pointer is passed for logmessage a default function is
- * used. The default function treats logstream as a FILE* which has
- * been converted to a void*. If logstream is 0 it does nothing.
- * Otherwise it prepends the date and time and library name and
- * writes the message to logstream. Each line will be prefixed by a
- * descriptive string containing the date, time and identity of the
- * crypto plugin. Errors on the logstream are not reported
- * anywhere, and the default function doesn't flush the stream, so
- * the application must set the buffering how it wants it.
- *
- * The crypto plugin may also provide a facility to have copies of
- * log messages sent elsewhere, and or for adjusting the verbosity
- * of the log messages; any such facilities will be configured by
- * external means.
- */
-
-} HWCryptoHook_InitInfo;
-
-typedef
-HWCryptoHook_ContextHandle HWCryptoHook_Init_t(const HWCryptoHook_InitInfo *initinfo,
- size_t initinfosize,
- const HWCryptoHook_ErrMsgBuf *errors,
- HWCryptoHook_CallerContext *cactx);
-extern HWCryptoHook_Init_t HWCryptoHook_Init;
-
-/* Caller should set initinfosize to the size of the HWCryptoHook struct,
- * so it can be extended later.
- *
- * On success, a message for display or logging by the server,
- * including the name and version number of the plugin, will be filled
- * in into *errors; on failure *errors is used for error handling, as
- * usual.
- */
-
-/* All these functions return 0 on success, HWCRYPTOHOOK_ERROR_FAILED
- * on most failures. HWCRYPTOHOOK_ERROR_MPISIZE means at least one of
- * the output MPI buffer(s) was too small; the sizes of all have been
- * set to the desired size (and for those where the buffer was large
- * enough, the value may have been copied in), and no error message
- * has been recorded.
- *
- * You may pass 0 for the errors struct. In any case, unless you set
- * _NoStderr at init time then messages may be reported to stderr.
- */
-
-/* The RSAImmed* functions (and key managed RSA) only work with
- * modules which have an RSA patent licence - currently that means KM
- * units; the ModExp* ones work with all modules, so you need a patent
- * licence in the software in the US. They are otherwise identical.
- */
-
-typedef
-void HWCryptoHook_Finish_t(HWCryptoHook_ContextHandle hwctx);
-extern HWCryptoHook_Finish_t HWCryptoHook_Finish;
-/* You must not have any calls going or keys loaded when you call this. */
-
-typedef
-int HWCryptoHook_RandomBytes_t(HWCryptoHook_ContextHandle hwctx,
- unsigned char *buf, size_t len,
- const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RandomBytes_t HWCryptoHook_RandomBytes;
-
-typedef
-int HWCryptoHook_ModExp_t(HWCryptoHook_ContextHandle hwctx,
- HWCryptoHook_MPI a,
- HWCryptoHook_MPI p,
- HWCryptoHook_MPI n,
- HWCryptoHook_MPI *r,
- const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_ModExp_t HWCryptoHook_ModExp;
-
-typedef
-int HWCryptoHook_RSAImmedPub_t(HWCryptoHook_ContextHandle hwctx,
- HWCryptoHook_MPI m,
- HWCryptoHook_MPI e,
- HWCryptoHook_MPI n,
- HWCryptoHook_MPI *r,
- const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RSAImmedPub_t HWCryptoHook_RSAImmedPub;
-
-typedef
-int HWCryptoHook_ModExpCRT_t(HWCryptoHook_ContextHandle hwctx,
- HWCryptoHook_MPI a,
- HWCryptoHook_MPI p,
- HWCryptoHook_MPI q,
- HWCryptoHook_MPI dmp1,
- HWCryptoHook_MPI dmq1,
- HWCryptoHook_MPI iqmp,
- HWCryptoHook_MPI *r,
- const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_ModExpCRT_t HWCryptoHook_ModExpCRT;
-
-typedef
-int HWCryptoHook_RSAImmedPriv_t(HWCryptoHook_ContextHandle hwctx,
- HWCryptoHook_MPI m,
- HWCryptoHook_MPI p,
- HWCryptoHook_MPI q,
- HWCryptoHook_MPI dmp1,
- HWCryptoHook_MPI dmq1,
- HWCryptoHook_MPI iqmp,
- HWCryptoHook_MPI *r,
- const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RSAImmedPriv_t HWCryptoHook_RSAImmedPriv;
-
-/* The RSAImmed* and ModExp* functions may return E_FAILED or
- * E_FALLBACK for failure.
- *
- * E_FAILED means the failure is permanent and definite and there
- * should be no attempt to fall back to software. (Eg, for some
- * applications, which support only the acceleration-only
- * functions, the `key material' may actually be an encoded key
- * identifier, and doing the operation in software would give wrong
- * answers.)
- *
- * E_FALLBACK means that doing the computation in software would seem
- * reasonable. If an application pays attention to this and is
- * able to fall back, it should also set the Fallback init flags.
- */
-
-typedef
-int HWCryptoHook_RSALoadKey_t(HWCryptoHook_ContextHandle hwctx,
- const char *key_ident,
- HWCryptoHook_RSAKeyHandle *keyhandle_r,
- const HWCryptoHook_ErrMsgBuf *errors,
- HWCryptoHook_PassphraseContext *ppctx);
-extern HWCryptoHook_RSALoadKey_t HWCryptoHook_RSALoadKey;
-/* The key_ident is a null-terminated string configured by the
- * user via the application's usual configuration mechanisms.
- * It is provided to the user by the crypto provider's key management
- * system. The user must be able to enter at least any string of between
- * 1 and 1023 characters inclusive, consisting of printable 7-bit
- * ASCII characters. The provider should avoid using
- * any characters except alphanumerics and the punctuation
- * characters _ - + . / @ ~ (the user is expected to be able
- * to enter these without quoting). The string may be case-sensitive.
- * The application may allow the user to enter other NULL-terminated strings,
- * and the provider must cope (returning an error if the string is not
- * valid).
- *
- * If the key does not exist, no error is recorded and 0 is returned;
- * keyhandle_r will be set to 0 instead of to a key handle.
- */
-
-typedef
-int HWCryptoHook_RSAGetPublicKey_t(HWCryptoHook_RSAKeyHandle k,
- HWCryptoHook_MPI *n,
- HWCryptoHook_MPI *e,
- const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RSAGetPublicKey_t HWCryptoHook_RSAGetPublicKey;
-/* The crypto plugin will not store certificates.
- *
- * Although this function for acquiring the public key value is
- * provided, it is not the purpose of this API to deal fully with the
- * handling of the public key.
- *
- * It is expected that the crypto supplier's key generation program
- * will provide general facilities for producing X.509
- * self-certificates and certificate requests in PEM format. These
- * will be given to the user so that they can configure them in the
- * application, send them to CAs, or whatever.
- *
- * In case this kind of certificate handling is not appropriate, the
- * crypto supplier's key generation program should be able to be
- * configured not to generate such a self-certificate or certificate
- * request. Then the application will need to do all of this, and
- * will need to store and handle the public key and certificates
- * itself.
- */
-
-typedef
-int HWCryptoHook_RSAUnloadKey_t(HWCryptoHook_RSAKeyHandle k,
- const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RSAUnloadKey_t HWCryptoHook_RSAUnloadKey;
-/* Might fail due to locking problems, or other serious internal problems. */
-
-typedef
-int HWCryptoHook_RSA_t(HWCryptoHook_MPI m,
- HWCryptoHook_RSAKeyHandle k,
- HWCryptoHook_MPI *r,
- const HWCryptoHook_ErrMsgBuf *errors);
-extern HWCryptoHook_RSA_t HWCryptoHook_RSA;
-/* RSA private key operation (sign or decrypt) - raw, unpadded. */
-
-#endif /*HWCRYPTOHOOK_H*/
--- crypto/openssl/crypto/engine/vendor_defns/hw_4758_cca.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/**********************************************************************/
-/* */
-/* Prototypes of the CCA verbs used by the 4758 CCA openssl driver */
-/* */
-/* Maurice Gittens <maurice at gittens.nl> */
-/* */
-/**********************************************************************/
-
-#ifndef __HW_4758_CCA__
-#define __HW_4758_CCA__
-
-/*
- * Only WIN32 support for now
- */
-#if defined(WIN32)
-
- #define CCA_LIB_NAME "CSUNSAPI"
-
- #define CSNDPKX "CSNDPKX_32"
- #define CSNDKRR "CSNDKRR_32"
- #define CSNDPKE "CSNDPKE_32"
- #define CSNDPKD "CSNDPKD_32"
- #define CSNDDSV "CSNDDSV_32"
- #define CSNDDSG "CSNDDSG_32"
- #define CSNBRNG "CSNBRNG_32"
-
- #define SECURITYAPI __stdcall
-#else
- /* Fixme!!
- Find out the values of these constants for other platforms.
- */
- #define CCA_LIB_NAME "CSUNSAPI"
-
- #define CSNDPKX "CSNDPKX"
- #define CSNDKRR "CSNDKRR"
- #define CSNDPKE "CSNDPKE"
- #define CSNDPKD "CSNDPKD"
- #define CSNDDSV "CSNDDSV"
- #define CSNDDSG "CSNDDSG"
- #define CSNBRNG "CSNBRNG"
-
- #define SECURITYAPI
-#endif
-
-/*
- * security API prototypes
- */
-
-/* PKA Key Record Read */
-typedef void (SECURITYAPI *F_KEYRECORDREAD)
- (long * return_code,
- long * reason_code,
- long * exit_data_length,
- unsigned char * exit_data,
- long * rule_array_count,
- unsigned char * rule_array,
- unsigned char * key_label,
- long * key_token_length,
- unsigned char * key_token);
-
-/* Random Number Generate */
-typedef void (SECURITYAPI *F_RANDOMNUMBERGENERATE)
- (long * return_code,
- long * reason_code,
- long * exit_data_length,
- unsigned char * exit_data,
- unsigned char * form,
- unsigned char * random_number);
-
-/* Digital Signature Generate */
-typedef void (SECURITYAPI *F_DIGITALSIGNATUREGENERATE)
- (long * return_code,
- long * reason_code,
- long * exit_data_length,
- unsigned char * exit_data,
- long * rule_array_count,
- unsigned char * rule_array,
- long * PKA_private_key_id_length,
- unsigned char * PKA_private_key_id,
- long * hash_length,
- unsigned char * hash,
- long * signature_field_length,
- long * signature_bit_length,
- unsigned char * signature_field);
-
-/* Digital Signature Verify */
-typedef void (SECURITYAPI *F_DIGITALSIGNATUREVERIFY)(
- long * return_code,
- long * reason_code,
- long * exit_data_length,
- unsigned char * exit_data,
- long * rule_array_count,
- unsigned char * rule_array,
- long * PKA_public_key_id_length,
- unsigned char * PKA_public_key_id,
- long * hash_length,
- unsigned char * hash,
- long * signature_field_length,
- unsigned char * signature_field);
-
-/* PKA Public Key Extract */
-typedef void (SECURITYAPI *F_PUBLICKEYEXTRACT)(
- long * return_code,
- long * reason_code,
- long * exit_data_length,
- unsigned char * exit_data,
- long * rule_array_count,
- unsigned char * rule_array,
- long * source_key_identifier_length,
- unsigned char * source_key_identifier,
- long * target_key_token_length,
- unsigned char * target_key_token);
-
-/* PKA Encrypt */
-typedef void (SECURITYAPI *F_PKAENCRYPT)
- (long * return_code,
- long * reason_code,
- long * exit_data_length,
- unsigned char * exit_data,
- long * rule_array_count,
- unsigned char * rule_array,
- long * key_value_length,
- unsigned char * key_value,
- long * data_struct_length,
- unsigned char * data_struct,
- long * RSA_public_key_length,
- unsigned char * RSA_public_key,
- long * RSA_encipher_length,
- unsigned char * RSA_encipher );
-
-/* PKA Decrypt */
-typedef void (SECURITYAPI *F_PKADECRYPT)
- (long * return_code,
- long * reason_code,
- long * exit_data_length,
- unsigned char * exit_data,
- long * rule_array_count,
- unsigned char * rule_array,
- long * enciphered_key_length,
- unsigned char * enciphered_key,
- long * data_struct_length,
- unsigned char * data_struct,
- long * RSA_private_key_length,
- unsigned char * RSA_private_key,
- long * key_value_length,
- unsigned char * key_value );
-
-
-#endif
--- crypto/openssl/crypto/engine/vendor_defns/aep.h
+++ /dev/null
@@ -1,178 +0,0 @@
-/* This header declares the necessary definitions for using the exponentiation
- * acceleration capabilities, and rnd number generation of the AEP card.
- *
- */
-
-/*
- *
- * Some AEP defines
- *
- */
-
-/*Successful return value*/
-#define AEP_R_OK 0x00000000
-
-/*Miscelleanous unsuccessful return value*/
-#define AEP_R_GENERAL_ERROR 0x10000001
-
-/*Insufficient host memory*/
-#define AEP_R_HOST_MEMORY 0x10000002
-
-#define AEP_R_FUNCTION_FAILED 0x10000006
-
-/*Invalid arguments in function call*/
-#define AEP_R_ARGUMENTS_BAD 0x10020000
-
-#define AEP_R_NO_TARGET_RESOURCES 0x10030000
-
-/*Error occuring on socket operation*/
-#define AEP_R_SOCKERROR 0x10000010
-
-/*Socket has been closed from the other end*/
-#define AEP_R_SOCKEOF 0x10000011
-
-/*Invalid handles*/
-#define AEP_R_CONNECTION_HANDLE_INVALID 0x100000B3
-
-#define AEP_R_TRANSACTION_HANDLE_INVALID 0x10040000
-
-/*Transaction has not yet returned from accelerator*/
-#define AEP_R_TRANSACTION_NOT_READY 0x00010000
-
-/*There is already a thread waiting on this transaction*/
-#define AEP_R_TRANSACTION_CLAIMED 0x10050000
-
-/*The transaction timed out*/
-#define AEP_R_TIMED_OUT 0x10060000
-
-#define AEP_R_FXN_NOT_IMPLEMENTED 0x10070000
-
-#define AEP_R_TARGET_ERROR 0x10080000
-
-/*Error in the AEP daemon process*/
-#define AEP_R_DAEMON_ERROR 0x10090000
-
-/*Invalid ctx id*/
-#define AEP_R_INVALID_CTX_ID 0x10009000
-
-#define AEP_R_NO_KEY_MANAGER 0x1000a000
-
-/*Error obtaining a mutex*/
-#define AEP_R_MUTEX_BAD 0x000001A0
-
-/*Fxn call before AEP_Initialise ot after AEP_Finialise*/
-#define AEP_R_AEPAPI_NOT_INITIALIZED 0x10000190
-
-/*AEP_Initialise has already been called*/
-#define AEP_R_AEPAPI_ALREADY_INITIALIZED 0x10000191
-
-/*Maximum number of connections to daemon reached*/
-#define AEP_R_NO_MORE_CONNECTION_HNDLS 0x10000200
-
-/*
- *
- * Some AEP Type definitions
- *
- */
-
-/* an unsigned 8-bit value */
-typedef unsigned char AEP_U8;
-
-/* an unsigned 8-bit character */
-typedef char AEP_CHAR;
-
-/* a BYTE-sized Boolean flag */
-typedef AEP_U8 AEP_BBOOL;
-
-/*Unsigned value, at least 16 bits long*/
-typedef unsigned short AEP_U16;
-
-/* an unsigned value, at least 32 bits long */
-#ifdef SIXTY_FOUR_BIT_LONG
-typedef unsigned int AEP_U32;
-#else
-typedef unsigned long AEP_U32;
-#endif
-
-#ifdef SIXTY_FOUR_BIT_LONG
-typedef unsigned long AEP_U64;
-#else
-typedef struct { unsigned long l1, l2; } AEP_U64;
-#endif
-
-/* at least 32 bits; each bit is a Boolean flag */
-typedef AEP_U32 AEP_FLAGS;
-
-typedef AEP_U8 *AEP_U8_PTR;
-typedef AEP_CHAR *AEP_CHAR_PTR;
-typedef AEP_U32 *AEP_U32_PTR;
-typedef AEP_U64 *AEP_U64_PTR;
-typedef void *AEP_VOID_PTR;
-
-/* Pointer to a AEP_VOID_PTR-- i.e., pointer to pointer to void */
-typedef AEP_VOID_PTR *AEP_VOID_PTR_PTR;
-
-/*Used to identify an AEP connection handle*/
-typedef AEP_U32 AEP_CONNECTION_HNDL;
-
-/*Pointer to an AEP connection handle*/
-typedef AEP_CONNECTION_HNDL *AEP_CONNECTION_HNDL_PTR;
-
-/*Used by an application (in conjunction with the apps process id) to
-identify an individual transaction*/
-typedef AEP_U32 AEP_TRANSACTION_ID;
-
-/*Pointer to an applications transaction identifier*/
-typedef AEP_TRANSACTION_ID *AEP_TRANSACTION_ID_PTR;
-
-/*Return value type*/
-typedef AEP_U32 AEP_RV;
-
-#define MAX_PROCESS_CONNECTIONS 256
-
-#define RAND_BLK_SIZE 1024
-
-typedef enum{
- NotConnected= 0,
- Connected= 1,
- InUse= 2
-} AEP_CONNECTION_STATE;
-
-
-typedef struct AEP_CONNECTION_ENTRY{
- AEP_CONNECTION_STATE conn_state;
- AEP_CONNECTION_HNDL conn_hndl;
-} AEP_CONNECTION_ENTRY;
-
-
-typedef AEP_RV t_AEP_OpenConnection(AEP_CONNECTION_HNDL_PTR phConnection);
-typedef AEP_RV t_AEP_CloseConnection(AEP_CONNECTION_HNDL hConnection);
-
-typedef AEP_RV t_AEP_ModExp(AEP_CONNECTION_HNDL hConnection,
- AEP_VOID_PTR pA, AEP_VOID_PTR pP,
- AEP_VOID_PTR pN,
- AEP_VOID_PTR pResult,
- AEP_TRANSACTION_ID* pidTransID);
-
-typedef AEP_RV t_AEP_ModExpCrt(AEP_CONNECTION_HNDL hConnection,
- AEP_VOID_PTR pA, AEP_VOID_PTR pP,
- AEP_VOID_PTR pQ,
- AEP_VOID_PTR pDmp1, AEP_VOID_PTR pDmq1,
- AEP_VOID_PTR pIqmp,
- AEP_VOID_PTR pResult,
- AEP_TRANSACTION_ID* pidTransID);
-
-#ifdef AEPRAND
-typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection,
- AEP_U32 Len,
- AEP_U32 Type,
- AEP_VOID_PTR pResult,
- AEP_TRANSACTION_ID* pidTransID);
-#endif
-
-typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs);
-typedef AEP_RV t_AEP_Finalize();
-typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)(),
- AEP_RV (*MakeAEPBigNumFunc)(),
- AEP_RV (*ConverAEPBigNumFunc)());
-
--- crypto/openssl/crypto/perlasm/alpha.pl
+++ /dev/null
@@ -1,434 +0,0 @@
-#!/usr/local/bin/perl
-
-package alpha;
-use Carp qw(croak cluck);
-
-$label="100";
-
-$n_debug=0;
-$smear_regs=1;
-$reg_alloc=1;
-
-$align="3";
-$com_start="#";
-
-sub main'asm_init_output { @out=(); }
-sub main'asm_get_output { return(@out); }
-sub main'get_labels { return(@labels); }
-sub main'external_label { push(@labels, at _); }
-
-# General registers
-
-%regs=( 'r0', '$0',
- 'r1', '$1',
- 'r2', '$2',
- 'r3', '$3',
- 'r4', '$4',
- 'r5', '$5',
- 'r6', '$6',
- 'r7', '$7',
- 'r8', '$8',
- 'r9', '$22',
- 'r10', '$23',
- 'r11', '$24',
- 'r12', '$25',
- 'r13', '$27',
- 'r14', '$28',
- 'r15', '$21', # argc == 5
- 'r16', '$20', # argc == 4
- 'r17', '$19', # argc == 3
- 'r18', '$18', # argc == 2
- 'r19', '$17', # argc == 1
- 'r20', '$16', # argc == 0
- 'r21', '$9', # save 0
- 'r22', '$10', # save 1
- 'r23', '$11', # save 2
- 'r24', '$12', # save 3
- 'r25', '$13', # save 4
- 'r26', '$14', # save 5
-
- 'a0', '$16',
- 'a1', '$17',
- 'a2', '$18',
- 'a3', '$19',
- 'a4', '$20',
- 'a5', '$21',
-
- 's0', '$9',
- 's1', '$10',
- 's2', '$11',
- 's3', '$12',
- 's4', '$13',
- 's5', '$14',
- 'zero', '$31',
- 'sp', '$30',
- );
-
-$main'reg_s0="r21";
-$main'reg_s1="r22";
-$main'reg_s2="r23";
-$main'reg_s3="r24";
-$main'reg_s4="r25";
-$main'reg_s5="r26";
-
- at reg=( '$0', '$1' ,'$2' ,'$3' ,'$4' ,'$5' ,'$6' ,'$7' ,'$8',
- '$22','$23','$24','$25','$20','$21','$27','$28');
-
-
-sub main'sub { &out3("subq", at _); }
-sub main'add { &out3("addq", at _); }
-sub main'mov { &out3("bis",$_[0],$_[0],$_[1]); }
-sub main'or { &out3("bis", at _); }
-sub main'bis { &out3("bis", at _); }
-sub main'br { &out1("br", at _); }
-sub main'ld { &out2("ldq", at _); }
-sub main'st { &out2("stq", at _); }
-sub main'cmpult { &out3("cmpult", at _); }
-sub main'cmplt { &out3("cmplt", at _); }
-sub main'bgt { &out2("bgt", at _); }
-sub main'ble { &out2("ble", at _); }
-sub main'blt { &out2("blt", at _); }
-sub main'mul { &out3("mulq", at _); }
-sub main'muh { &out3("umulh", at _); }
-
-$main'QWS=8;
-
-sub main'asm_add
- {
- push(@out, at _);
- }
-
-sub main'asm_finish
- {
- &main'file_end();
- print &main'asm_get_output();
- }
-
-sub main'asm_init
- {
- ($type,$fn)=@_;
- $filename=$fn;
-
- &main'asm_init_output();
- &main'comment("Don't even think of reading this code");
- &main'comment("It was automatically generated by $filename");
- &main'comment("Which is a perl program used to generate the alpha assember.");
- &main'comment("eric <eay\@cryptsoft.com>");
- &main'comment("");
-
- $filename =~ s/\.pl$//;
- &main'file($filename);
- }
-
-sub conv
- {
- local($r)=@_;
- local($v);
-
- return($regs{$r}) if defined($regs{$r});
- return($r);
- }
-
-sub main'QWPw
- {
- local($off,$reg)=@_;
-
- return(&main'QWP($off*8,$reg));
- }
-
-sub main'QWP
- {
- local($off,$reg)=@_;
-
- $ret="$off(".&conv($reg).")";
- return($ret);
- }
-
-sub out3
- {
- local($name,$p1,$p2,$p3)=@_;
-
- $p1=&conv($p1);
- $p2=&conv($p2);
- $p3=&conv($p3);
- push(@out,"\t$name\t");
- $l=length($p1)+1;
- push(@out,$p1.",");
- $ll=3-($l+9)/8;
- $tmp1=sprintf("\t" x $ll);
- push(@out,$tmp1);
-
- $l=length($p2)+1;
- push(@out,$p2.",");
- $ll=3-($l+9)/8;
- $tmp1=sprintf("\t" x $ll);
- push(@out,$tmp1);
-
- push(@out,&conv($p3)."\n");
- }
-
-sub out2
- {
- local($name,$p1,$p2,$p3)=@_;
-
- $p1=&conv($p1);
- $p2=&conv($p2);
- push(@out,"\t$name\t");
- $l=length($p1)+1;
- push(@out,$p1.",");
- $ll=3-($l+9)/8;
- $tmp1=sprintf("\t" x $ll);
- push(@out,$tmp1);
-
- push(@out,&conv($p2)."\n");
- }
-
-sub out1
- {
- local($name,$p1)=@_;
-
- $p1=&conv($p1);
- push(@out,"\t$name\t".$p1."\n");
- }
-
-sub out0
- {
- push(@out,"\t$_[0]\n");
- }
-
-sub main'file
- {
- local($file)=@_;
-
- local($tmp)=<<"EOF";
- # DEC Alpha assember
- # Generated from perl scripts contains in SSLeay
- .file 1 "$file.s"
- .set noat
-EOF
- push(@out,$tmp);
- }
-
-sub main'function_begin
- {
- local($func)=@_;
-
-print STDERR "$func\n";
- local($tmp)=<<"EOF";
- .text
- .align $align
- .globl $func
- .ent $func
-${func}:
-${func}..ng:
- .frame \$30,0,\$26,0
- .prologue 0
-EOF
- push(@out,$tmp);
- $stack=0;
- }
-
-sub main'function_end
- {
- local($func)=@_;
-
- local($tmp)=<<"EOF";
- ret \$31,(\$26),1
- .end $func
-EOF
- push(@out,$tmp);
- $stack=0;
- %label=();
- }
-
-sub main'function_end_A
- {
- local($func)=@_;
-
- local($tmp)=<<"EOF";
- ret \$31,(\$26),1
-EOF
- push(@out,$tmp);
- }
-
-sub main'function_end_B
- {
- local($func)=@_;
-
- $func=$under.$func;
-
- push(@out,"\t.end $func\n");
- $stack=0;
- %label=();
- }
-
-sub main'wparam
- {
- local($num)=@_;
-
- if ($num < 6)
- {
- $num=20-$num;
- return("r$num");
- }
- else
- { return(&main'QWP($stack+$num*8,"sp")); }
- }
-
-sub main'stack_push
- {
- local($num)=@_;
- $stack+=$num*8;
- &main'sub("sp",$num*8,"sp");
- }
-
-sub main'stack_pop
- {
- local($num)=@_;
- $stack-=$num*8;
- &main'add("sp",$num*8,"sp");
- }
-
-sub main'swtmp
- {
- return(&main'QWP(($_[0])*8,"sp"));
- }
-
-# Should use swtmp, which is above sp. Linix can trash the stack above esp
-#sub main'wtmp
-# {
-# local($num)=@_;
-#
-# return(&main'QWP(-($num+1)*4,"esp","",0));
-# }
-
-sub main'comment
- {
- foreach (@_)
- {
- if (/^\s*$/)
- { push(@out,"\n"); }
- else
- { push(@out,"\t$com_start $_ $com_end\n"); }
- }
- }
-
-sub main'label
- {
- if (!defined($label{$_[0]}))
- {
- $label{$_[0]}=$label;
- $label++;
- }
- return('$'.$label{$_[0]});
- }
-
-sub main'set_label
- {
- if (!defined($label{$_[0]}))
- {
- $label{$_[0]}=$label;
- $label++;
- }
-# push(@out,".align $align\n") if ($_[1] != 0);
- push(@out,'$'."$label{$_[0]}:\n");
- }
-
-sub main'file_end
- {
- }
-
-sub main'data_word
- {
- push(@out,"\t.long $_[0]\n");
- }
-
- at pool_free=();
- at pool_taken=();
-$curr_num=0;
-$max=0;
-
-sub main'init_pool
- {
- local($args)=@_;
- local($i);
-
- @pool_free=();
- for ($i=(14+(6-$args)); $i >= 0; $i--)
- {
- push(@pool_free,"r$i");
- }
- print STDERR "START :register pool:@pool_free\n";
- $curr_num=$max=0;
- }
-
-sub main'fin_pool
- {
- printf STDERR "END %2d:register pool:@pool_free\n",$max;
- }
-
-sub main'GR
- {
- local($r)=@_;
- local($i, at n,$_);
-
- foreach (@pool_free)
- {
- if ($r ne $_)
- { push(@n,$_); }
- else
- {
- $curr_num++;
- $max=$curr_num if ($curr_num > $max);
- }
- }
- @pool_free=@n;
-print STDERR "GR:@pool_free\n" if $reg_alloc;
- return(@_);
- }
-
-sub main'NR
- {
- local($num)=@_;
- local(@ret);
-
- $num=1 if $num == 0;
- ($#pool_free >= ($num-1)) || croak "out of registers: want $num, have @pool_free";
- while ($num > 0)
- {
- push(@ret,pop @pool_free);
- $curr_num++;
- $max=$curr_num if ($curr_num > $max);
- $num--
- }
- print STDERR "nr @ret\n" if $n_debug;
-print STDERR "NR:@pool_free\n" if $reg_alloc;
- return(@ret);
-
- }
-
-sub main'FR
- {
- local(@r)=@_;
- local(@a,$v,$w);
-
- print STDERR "fr @r\n" if $n_debug;
-# cluck "fr @r";
- for $w (@pool_free)
- {
- foreach $v (@r)
- {
- croak "double register free of $v (@pool_free)" if $w eq $v;
- }
- }
- foreach $v (@r)
- {
- croak "bad argument to FR" if ($v !~ /^r\d+$/);
- if ($smear_regs)
- { unshift(@pool_free,$v); }
- else { push(@pool_free,$v); }
- $curr_num--;
- }
-print STDERR "FR:@pool_free\n" if $reg_alloc;
- }
-1;
Index: rsa_err.c
===================================================================
RCS file: /home/cvs/src/crypto/openssl/crypto/rsa/rsa_err.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/crypto/rsa/rsa_err.c -L crypto/openssl/crypto/rsa/rsa_err.c -u -r1.2 -r1.3
--- crypto/openssl/crypto/rsa/rsa_err.c
+++ crypto/openssl/crypto/rsa/rsa_err.c
@@ -1,6 +1,6 @@
/* crypto/rsa/rsa_err.c */
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -64,71 +64,95 @@
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_RSA,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason)
+
static ERR_STRING_DATA RSA_str_functs[]=
{
-{ERR_PACK(0,RSA_F_MEMORY_LOCK,0), "MEMORY_LOCK"},
-{ERR_PACK(0,RSA_F_RSA_CHECK_KEY,0), "RSA_check_key"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"},
-{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"},
-{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"},
-{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"},
-{ERR_PACK(0,RSA_F_RSA_NULL,0), "RSA_NULL"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0), "RSA_padding_add_none"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,0), "RSA_padding_add_PKCS1_OAEP"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0), "RSA_padding_add_PKCS1_type_1"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0), "RSA_padding_add_PKCS1_type_2"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0), "RSA_padding_add_SSLv23"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0), "RSA_padding_check_none"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,0), "RSA_padding_check_PKCS1_OAEP"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0), "RSA_padding_check_PKCS1_type_1"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0), "RSA_padding_check_PKCS1_type_2"},
-{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0), "RSA_padding_check_SSLv23"},
-{ERR_PACK(0,RSA_F_RSA_PRINT,0), "RSA_print"},
-{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0), "RSA_print_fp"},
-{ERR_PACK(0,RSA_F_RSA_SIGN,0), "RSA_sign"},
-{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0), "RSA_sign_ASN1_OCTET_STRING"},
-{ERR_PACK(0,RSA_F_RSA_VERIFY,0), "RSA_verify"},
-{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0), "RSA_verify_ASN1_OCTET_STRING"},
+{ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"},
+{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
+{ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
+{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
+{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
+{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
+{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
+{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
+{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
+{ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
+{ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
+{ERR_FUNC(RSA_F_RSA_NULL_MOD_EXP), "RSA_NULL_MOD_EXP"},
+{ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_DECRYPT), "RSA_NULL_PRIVATE_DECRYPT"},
+{ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_ENCRYPT), "RSA_NULL_PRIVATE_ENCRYPT"},
+{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT), "RSA_NULL_PUBLIC_DECRYPT"},
+{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1), "RSA_padding_add_PKCS1_type_1"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2), "RSA_padding_add_PKCS1_type_2"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"},
+{ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931), "RSA_padding_add_X931"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE), "RSA_padding_check_none"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP), "RSA_padding_check_PKCS1_OAEP"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1), "RSA_padding_check_PKCS1_type_1"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2), "RSA_padding_check_PKCS1_type_2"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"},
+{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
+{ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
+{ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
+{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
+{ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
+{ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"},
+{ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
+{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING), "RSA_verify_ASN1_OCTET_STRING"},
+{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_verify_PKCS1_PSS"},
{0,NULL}
};
static ERR_STRING_DATA RSA_str_reasons[]=
{
-{RSA_R_ALGORITHM_MISMATCH ,"algorithm mismatch"},
-{RSA_R_BAD_E_VALUE ,"bad e value"},
-{RSA_R_BAD_FIXED_HEADER_DECRYPT ,"bad fixed header decrypt"},
-{RSA_R_BAD_PAD_BYTE_COUNT ,"bad pad byte count"},
-{RSA_R_BAD_SIGNATURE ,"bad signature"},
-{RSA_R_BLOCK_TYPE_IS_NOT_01 ,"block type is not 01"},
-{RSA_R_BLOCK_TYPE_IS_NOT_02 ,"block type is not 02"},
-{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"},
-{RSA_R_DATA_TOO_LARGE ,"data too large"},
-{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
-{RSA_R_DATA_TOO_LARGE_FOR_MODULUS ,"data too large for modulus"},
-{RSA_R_DATA_TOO_SMALL ,"data too small"},
-{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"},
-{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"},
-{RSA_R_DMP1_NOT_CONGRUENT_TO_D ,"dmp1 not congruent to d"},
-{RSA_R_DMQ1_NOT_CONGRUENT_TO_D ,"dmq1 not congruent to d"},
-{RSA_R_D_E_NOT_CONGRUENT_TO_1 ,"d e not congruent to 1"},
-{RSA_R_INVALID_MESSAGE_LENGTH ,"invalid message length"},
-{RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"},
-{RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"},
-{RSA_R_MODULUS_TOO_LARGE ,"modulus too large"},
-{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"},
-{RSA_R_N_DOES_NOT_EQUAL_P_Q ,"n does not equal p q"},
-{RSA_R_OAEP_DECODING_ERROR ,"oaep decoding error"},
-{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"},
-{RSA_R_P_NOT_PRIME ,"p not prime"},
-{RSA_R_Q_NOT_PRIME ,"q not prime"},
-{RSA_R_RSA_OPERATIONS_NOT_SUPPORTED ,"rsa operations not supported"},
-{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"},
-{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
-{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"},
-{RSA_R_UNKNOWN_PADDING_TYPE ,"unknown padding type"},
-{RSA_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
+{ERR_REASON(RSA_R_ALGORITHM_MISMATCH) ,"algorithm mismatch"},
+{ERR_REASON(RSA_R_BAD_E_VALUE) ,"bad e value"},
+{ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT),"bad fixed header decrypt"},
+{ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT) ,"bad pad byte count"},
+{ERR_REASON(RSA_R_BAD_SIGNATURE) ,"bad signature"},
+{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01) ,"block type is not 01"},
+{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02) ,"block type is not 02"},
+{ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN),"data greater than mod len"},
+{ERR_REASON(RSA_R_DATA_TOO_LARGE) ,"data too large"},
+{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
+{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS),"data too large for modulus"},
+{ERR_REASON(RSA_R_DATA_TOO_SMALL) ,"data too small"},
+{ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE),"data too small for key size"},
+{ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY),"digest too big for rsa key"},
+{ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D),"dmp1 not congruent to d"},
+{ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D),"dmq1 not congruent to d"},
+{ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1),"d e not congruent to 1"},
+{ERR_REASON(RSA_R_FIRST_OCTET_INVALID) ,"first octet invalid"},
+{ERR_REASON(RSA_R_INVALID_HEADER) ,"invalid header"},
+{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH),"invalid message length"},
+{ERR_REASON(RSA_R_INVALID_PADDING) ,"invalid padding"},
+{ERR_REASON(RSA_R_INVALID_TRAILER) ,"invalid trailer"},
+{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) ,"iqmp not inverse of q"},
+{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"},
+{ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"},
+{ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"},
+{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"},
+{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"},
+{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"},
+{ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"},
+{ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"},
+{ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"},
+{ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"},
+{ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"},
+{ERR_REASON(RSA_R_SLEN_CHECK_FAILED) ,"salt length check failed"},
+{ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED) ,"salt length recovery failed"},
+{ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) ,"sslv3 rollback attack"},
+{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
+{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE),"unknown algorithm type"},
+{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE) ,"unknown padding type"},
+{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH),"wrong signature length"},
{0,NULL}
};
@@ -136,15 +160,12 @@
void ERR_load_RSA_strings(void)
{
- static int init=1;
-
- if (init)
- {
- init=0;
#ifndef OPENSSL_NO_ERR
- ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
- ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
-#endif
+ if (ERR_func_error_string(RSA_str_functs[0].error) == NULL)
+ {
+ ERR_load_strings(0,RSA_str_functs);
+ ERR_load_strings(0,RSA_str_reasons);
}
+#endif
}
Index: rsa.h
===================================================================
RCS file: /home/cvs/src/crypto/openssl/crypto/rsa/rsa.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/crypto/rsa/rsa.h -L crypto/openssl/crypto/rsa/rsa.h -u -r1.2 -r1.3
--- crypto/openssl/crypto/rsa/rsa.h
+++ crypto/openssl/crypto/rsa/rsa.h
@@ -55,7 +55,6 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
-/* $FreeBSD: src/crypto/openssl/crypto/rsa/rsa.h,v 1.11 2005/02/25 05:49:43 nectar Exp $ */
#ifndef HEADER_RSA_H
#define HEADER_RSA_H
@@ -65,25 +64,25 @@
#ifndef OPENSSL_NO_BIO
#include <openssl/bio.h>
#endif
-#include <openssl/bn.h>
#include <openssl/crypto.h>
#include <openssl/ossl_typ.h>
+#ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
+#endif
#ifdef OPENSSL_NO_RSA
#error RSA is disabled.
#endif
-#if defined(OPENSSL_FIPS)
-#define FIPS_RSA_SIZE_T int
-#endif
-
#ifdef __cplusplus
extern "C" {
#endif
-typedef struct rsa_st RSA;
+/* Declared already in ossl_typ.h */
+/* typedef struct rsa_st RSA; */
+/* typedef struct rsa_meth_st RSA_METHOD; */
-typedef struct rsa_meth_st
+struct rsa_meth_st
{
const char *name;
int (*rsa_pub_enc)(int flen,const unsigned char *from,
@@ -98,7 +97,7 @@
int (*rsa_priv_dec)(int flen,const unsigned char *from,
unsigned char *to,
RSA *rsa,int padding);
- int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa); /* Can be null */
+ int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa,BN_CTX *ctx); /* Can be null */
int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx); /* Can be null */
@@ -119,8 +118,12 @@
int (*rsa_verify)(int dtype,
const unsigned char *m, unsigned int m_length,
unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
-
- } RSA_METHOD;
+/* If this callback is NULL, the builtin software RSA key-gen will be used. This
+ * is for behavioural compatibility whilst the code gets rewired, but one day
+ * it would be nice to assume there are no such things as "builtin software"
+ * implementations. */
+ int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+ };
struct rsa_st
{
@@ -153,49 +156,58 @@
* NULL */
char *bignum_data;
BN_BLINDING *blinding;
+ BN_BLINDING *mt_blinding;
};
#ifndef OPENSSL_RSA_MAX_MODULUS_BITS
-# define OPENSSL_RSA_MAX_MODULUS_BITS 16400
+# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
#endif
#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
-# define OPENSSL_RSA_SMALL_MODULUS_BITS 4112
+# define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
#endif
#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
-# define OPENSSL_RSA_MAX_PUBEXP_BITS 72 /* exponent limit enforced for "large" modulus only */
+# define OPENSSL_RSA_MAX_PUBEXP_BITS 64 /* exponent limit enforced for "large" modulus only */
#endif
#define RSA_3 0x3L
#define RSA_F4 0x10001L
-#define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */
+#define RSA_METHOD_FLAG_NO_CHECK 0x0001 /* don't check pub/private match */
-#define RSA_FLAG_CACHE_PUBLIC 0x02
-#define RSA_FLAG_CACHE_PRIVATE 0x04
-#define RSA_FLAG_BLINDING 0x08
-#define RSA_FLAG_THREAD_SAFE 0x10
+#define RSA_FLAG_CACHE_PUBLIC 0x0002
+#define RSA_FLAG_CACHE_PRIVATE 0x0004
+#define RSA_FLAG_BLINDING 0x0008
+#define RSA_FLAG_THREAD_SAFE 0x0010
/* This flag means the private key operations will be handled by rsa_mod_exp
* and that they do not depend on the private key components being present:
* for example a key stored in external hardware. Without this flag bn_mod_exp
* gets called when private key components are absent.
*/
-#define RSA_FLAG_EXT_PKEY 0x20
+#define RSA_FLAG_EXT_PKEY 0x0020
/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
*/
-#define RSA_FLAG_SIGN_VER 0x40
+#define RSA_FLAG_SIGN_VER 0x0040
-#define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in
- * RSA implementation now uses blinding by
- * default (ignoring RSA_FLAG_BLINDING),
- * but other engines might not need it
- */
+#define RSA_FLAG_NO_BLINDING 0x0080 /* new with 0.9.6j and 0.9.7b; the built-in
+ * RSA implementation now uses blinding by
+ * default (ignoring RSA_FLAG_BLINDING),
+ * but other engines might not need it
+ */
+#define RSA_FLAG_NO_EXP_CONSTTIME 0x0100 /* new with 0.9.7h; the built-in RSA
+ * implementation now uses constant time
+ * modular exponentiation for secret exponents
+ * by default. This flag causes the
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
#define RSA_PKCS1_PADDING 1
#define RSA_SSLV23_PADDING 2
#define RSA_NO_PADDING 3
#define RSA_PKCS1_OAEP_PADDING 4
+#define RSA_X931_PADDING 5
#define RSA_PKCS1_PADDING_SIZE 11
@@ -205,8 +217,16 @@
RSA * RSA_new(void);
RSA * RSA_new_method(ENGINE *engine);
int RSA_size(const RSA *);
+
+/* Deprecated version */
+#ifndef OPENSSL_NO_DEPRECATED
RSA * RSA_generate_key(int bits, unsigned long e,void
(*callback)(int,int,void *),void *cb_arg);
+#endif /* !defined(OPENSSL_NO_DEPRECATED) */
+
+/* New version */
+int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
int RSA_check_key(const RSA *);
/* next 4 return -1 on error */
int RSA_public_encrypt(int flen, const unsigned char *from,
@@ -247,11 +267,19 @@
int RSA_print(BIO *bp, const RSA *r,int offset);
#endif
-int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey);
-RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey);
-
-int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)());
-RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)());
+int i2d_RSA_NET(const RSA *a, unsigned char **pp,
+ int (*cb)(char *buf, int len, const char *prompt, int verify),
+ int sgckey);
+RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
+ int (*cb)(char *buf, int len, const char *prompt, int verify),
+ int sgckey);
+
+int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
+ int (*cb)(char *buf, int len, const char *prompt,
+ int verify));
+RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
+ int (*cb)(char *buf, int len, const char *prompt,
+ int verify));
/* The following 2 functions sign and verify a X509_SIG ASN1 object
* inside PKCS#1 padded RSA encryption */
@@ -271,6 +299,7 @@
int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
void RSA_blinding_off(RSA *rsa);
+BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,
const unsigned char *f,int fl);
@@ -280,6 +309,8 @@
const unsigned char *f,int fl);
int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
const unsigned char *f,int fl,int rsa_len);
+int PKCS1_MGF1(unsigned char *mask, long len,
+ const unsigned char *seed, long seedlen, const EVP_MD *dgst);
int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen,
const unsigned char *f,int fl,
const unsigned char *p,int pl);
@@ -294,6 +325,17 @@
const unsigned char *f,int fl);
int RSA_padding_check_none(unsigned char *to,int tlen,
const unsigned char *f,int fl,int rsa_len);
+int RSA_padding_add_X931(unsigned char *to,int tlen,
+ const unsigned char *f,int fl);
+int RSA_padding_check_X931(unsigned char *to,int tlen,
+ const unsigned char *f,int fl,int rsa_len);
+int RSA_X931_hash_id(int nid);
+
+int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
+ const EVP_MD *Hash, const unsigned char *EM, int sLen);
+int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
+ const unsigned char *mHash,
+ const EVP_MD *Hash, int sLen);
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
@@ -313,30 +355,42 @@
/* Function codes. */
#define RSA_F_MEMORY_LOCK 100
+#define RSA_F_RSA_BUILTIN_KEYGEN 129
#define RSA_F_RSA_CHECK_KEY 123
#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104
#define RSA_F_RSA_GENERATE_KEY 105
+#define RSA_F_RSA_MEMORY_LOCK 130
#define RSA_F_RSA_NEW_METHOD 106
#define RSA_F_RSA_NULL 124
+#define RSA_F_RSA_NULL_MOD_EXP 131
+#define RSA_F_RSA_NULL_PRIVATE_DECRYPT 132
+#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT 133
+#define RSA_F_RSA_NULL_PUBLIC_DECRYPT 134
+#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT 135
#define RSA_F_RSA_PADDING_ADD_NONE 107
#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
+#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
#define RSA_F_RSA_PADDING_ADD_SSLV23 110
+#define RSA_F_RSA_PADDING_ADD_X931 127
#define RSA_F_RSA_PADDING_CHECK_NONE 111
#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122
#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112
#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113
#define RSA_F_RSA_PADDING_CHECK_SSLV23 114
+#define RSA_F_RSA_PADDING_CHECK_X931 128
#define RSA_F_RSA_PRINT 115
#define RSA_F_RSA_PRINT_FP 116
+#define RSA_F_RSA_SETUP_BLINDING 136
#define RSA_F_RSA_SIGN 117
#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
#define RSA_F_RSA_VERIFY 119
#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
+#define RSA_F_RSA_VERIFY_PKCS1_PSS 126
/* Reason codes. */
#define RSA_R_ALGORITHM_MISMATCH 100
@@ -356,10 +410,16 @@
#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123
+#define RSA_R_FIRST_OCTET_INVALID 133
+#define RSA_R_INVALID_HEADER 137
#define RSA_R_INVALID_MESSAGE_LENGTH 131
+#define RSA_R_INVALID_PADDING 138
+#define RSA_R_INVALID_TRAILER 139
#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
#define RSA_R_KEY_SIZE_TOO_SMALL 120
+#define RSA_R_LAST_OCTET_INVALID 134
#define RSA_R_MODULUS_TOO_LARGE 105
+#define RSA_R_NO_PUBLIC_EXPONENT 140
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127
#define RSA_R_OAEP_DECODING_ERROR 121
@@ -367,6 +427,8 @@
#define RSA_R_P_NOT_PRIME 128
#define RSA_R_Q_NOT_PRIME 129
#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130
+#define RSA_R_SLEN_CHECK_FAILED 136
+#define RSA_R_SLEN_RECOVERY_FAILED 135
#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
Index: rsa_sign.c
===================================================================
RCS file: /home/cvs/src/crypto/openssl/crypto/rsa/rsa_sign.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/crypto/rsa/rsa_sign.c -L crypto/openssl/crypto/rsa/rsa_sign.c -u -r1.2 -r1.3
--- crypto/openssl/crypto/rsa/rsa_sign.c
+++ crypto/openssl/crypto/rsa/rsa_sign.c
@@ -146,7 +146,7 @@
unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
{
int i,ret=0,sigtype;
- unsigned char *p,*s;
+ unsigned char *s;
X509_SIG *sig=NULL;
if (siglen != (unsigned int)RSA_size(rsa))
@@ -169,7 +169,7 @@
}
if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) {
RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH);
- return(0);
+ goto err;
}
i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
@@ -181,7 +181,7 @@
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
else ret = 1;
} else {
- p=s;
+ const unsigned char *p=s;
sig=d2i_X509_SIG(NULL,&p,(long)i);
if (sig == NULL) goto err;
@@ -196,7 +196,7 @@
/* Parameters to the signature algorithm can also be used to
create forgeries */
if(sig->algor->parameter
- && sig->algor->parameter->type != V_ASN1_NULL)
+ && ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL)
{
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
goto err;
@@ -239,8 +239,11 @@
}
err:
if (sig != NULL) X509_SIG_free(sig);
- OPENSSL_cleanse(s,(unsigned int)siglen);
- OPENSSL_free(s);
+ if (s != NULL)
+ {
+ OPENSSL_cleanse(s,(unsigned int)siglen);
+ OPENSSL_free(s);
+ }
return(ret);
}
Index: rsa_eay.c
===================================================================
RCS file: /home/cvs/src/crypto/openssl/crypto/rsa/rsa_eay.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/crypto/rsa/rsa_eay.c -L crypto/openssl/crypto/rsa/rsa_eay.c -u -r1.2 -r1.3
--- crypto/openssl/crypto/rsa/rsa_eay.c
+++ crypto/openssl/crypto/rsa/rsa_eay.c
@@ -55,7 +55,59 @@
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
-/* $FreeBSD: src/crypto/openssl/crypto/rsa/rsa_eay.c,v 1.13 2005/02/25 05:49:43 nectar Exp $ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core at openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay at cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh at cryptsoft.com).
+ *
+ */
#include <stdio.h>
#include "cryptlib.h"
@@ -63,7 +115,7 @@
#include <openssl/rsa.h>
#include <openssl/rand.h>
-#if !defined(RSA_NULL) && !defined(OPENSSL_FIPS)
+#ifndef RSA_NULL
static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
@@ -73,7 +125,7 @@
unsigned char *to, RSA *rsa,int padding);
static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
-static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa);
+static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx);
static int RSA_eay_init(RSA *rsa);
static int RSA_eay_finish(RSA *rsa);
static RSA_METHOD rsa_pkcs1_eay_meth={
@@ -89,7 +141,8 @@
0, /* flags */
NULL,
0, /* rsa_sign */
- 0 /* rsa_verify */
+ 0, /* rsa_verify */
+ NULL /* rsa_keygen */
};
const RSA_METHOD *RSA_PKCS1_SSLeay(void)
@@ -97,10 +150,20 @@
return(&rsa_pkcs1_eay_meth);
}
+/* Usage example;
+ * MONT_HELPER(rsa, bn_ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err);
+ */
+#define MONT_HELPER(rsa, ctx, m, pre_cond, err_instr) \
+ if((pre_cond) && ((rsa)->_method_mod_##m == NULL) && \
+ !BN_MONT_CTX_set_locked(&((rsa)->_method_mod_##m), \
+ CRYPTO_LOCK_RSA, \
+ (rsa)->m, (ctx))) \
+ err_instr
+
static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
- BIGNUM f,ret;
+ BIGNUM *f,*ret;
int i,j,k,num=0,r= -1;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
@@ -127,11 +190,13 @@
}
}
- BN_init(&f);
- BN_init(&ret);
if ((ctx=BN_CTX_new()) == NULL) goto err;
+ BN_CTX_start(ctx);
+ f = BN_CTX_get(ctx);
+ ret = BN_CTX_get(ctx);
num=BN_num_bytes(rsa->n);
- if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
+ buf = OPENSSL_malloc(num);
+ if (!f || !ret || !buf)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
goto err;
@@ -159,54 +224,34 @@
}
if (i <= 0) goto err;
- if (BN_bin2bn(buf,num,&f) == NULL) goto err;
+ if (BN_bin2bn(buf,num,f) == NULL) goto err;
- if (BN_ucmp(&f, rsa->n) >= 0)
+ if (BN_ucmp(f, rsa->n) >= 0)
{
/* usually the padding functions would catch this */
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
goto err;
}
- if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
- {
- BN_MONT_CTX* bn_mont_ctx;
- if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
- goto err;
- if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
- {
- BN_MONT_CTX_free(bn_mont_ctx);
- goto err;
- }
- if (rsa->_method_mod_n == NULL) /* other thread may have finished first */
- {
- CRYPTO_w_lock(CRYPTO_LOCK_RSA);
- if (rsa->_method_mod_n == NULL)
- {
- rsa->_method_mod_n = bn_mont_ctx;
- bn_mont_ctx = NULL;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
- }
- if (bn_mont_ctx)
- BN_MONT_CTX_free(bn_mont_ctx);
- }
-
- if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
+ MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err);
+
+ if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
rsa->_method_mod_n)) goto err;
/* put in leading 0 bytes if the number is less than the
* length of the modulus */
- j=BN_num_bytes(&ret);
- i=BN_bn2bin(&ret,&(to[num-j]));
+ j=BN_num_bytes(ret);
+ i=BN_bn2bin(ret,&(to[num-j]));
for (k=0; k<(num-i); k++)
to[k]=0;
r=num;
err:
- if (ctx != NULL) BN_CTX_free(ctx);
- BN_clear_free(&f);
- BN_clear_free(&ret);
+ if (ctx != NULL)
+ {
+ BN_CTX_end(ctx);
+ BN_CTX_free(ctx);
+ }
if (buf != NULL)
{
OPENSSL_cleanse(buf,num);
@@ -215,76 +260,115 @@
return(r);
}
-static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx)
- {
- int ret = 1;
- CRYPTO_w_lock(CRYPTO_LOCK_RSA);
- /* Check again inside the lock - the macro's check is racey */
- if(rsa->blinding == NULL)
- ret = RSA_blinding_on(rsa, ctx);
- CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
- return ret;
- }
+static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)
+{
+ BN_BLINDING *ret;
+ int got_write_lock = 0;
-#define BLINDING_HELPER(rsa, ctx, err_instr) \
- do { \
- if((!((rsa)->flags & RSA_FLAG_NO_BLINDING)) && \
- ((rsa)->blinding == NULL) && \
- !rsa_eay_blinding(rsa, ctx)) \
- err_instr \
- } while(0)
+ CRYPTO_r_lock(CRYPTO_LOCK_RSA);
-static BN_BLINDING *setup_blinding(RSA *rsa, BN_CTX *ctx)
- {
- BIGNUM *A, *Ai;
- BN_BLINDING *ret = NULL;
+ if (rsa->blinding == NULL)
+ {
+ CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
+ CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+ got_write_lock = 1;
- /* added in OpenSSL 0.9.6j and 0.9.7b */
+ if (rsa->blinding == NULL)
+ rsa->blinding = RSA_setup_blinding(rsa, ctx);
+ }
- /* NB: similar code appears in RSA_blinding_on (rsa_lib.c);
- * this should be placed in a new function of its own, but for reasons
- * of binary compatibility can't */
+ ret = rsa->blinding;
+ if (ret == NULL)
+ goto err;
- BN_CTX_start(ctx);
- A = BN_CTX_get(ctx);
- if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL)
+ if (BN_BLINDING_get_thread_id(ret) == CRYPTO_thread_id())
{
- /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */
- RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0);
- if (!BN_pseudo_rand_range(A,rsa->n)) goto err;
+ /* rsa->blinding is ours! */
+
+ *local = 1;
}
else
{
- if (!BN_rand_range(A,rsa->n)) goto err;
+ /* resort to rsa->mt_blinding instead */
+
+ *local = 0; /* instructs rsa_blinding_convert(), rsa_blinding_invert()
+ * that the BN_BLINDING is shared, meaning that accesses
+ * require locks, and that the blinding factor must be
+ * stored outside the BN_BLINDING
+ */
+
+ if (rsa->mt_blinding == NULL)
+ {
+ if (!got_write_lock)
+ {
+ CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
+ CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+ got_write_lock = 1;
+ }
+
+ if (rsa->mt_blinding == NULL)
+ rsa->mt_blinding = RSA_setup_blinding(rsa, ctx);
+ }
+ ret = rsa->mt_blinding;
}
- if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
- if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
- goto err;
- ret = BN_BLINDING_new(A,Ai,rsa->n);
- BN_free(Ai);
-err:
- BN_CTX_end(ctx);
+ err:
+ if (got_write_lock)
+ CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+ else
+ CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
return ret;
- }
+}
+
+static int rsa_blinding_convert(BN_BLINDING *b, int local, BIGNUM *f,
+ BIGNUM *r, BN_CTX *ctx)
+{
+ if (local)
+ return BN_BLINDING_convert_ex(f, NULL, b, ctx);
+ else
+ {
+ int ret;
+ CRYPTO_r_lock(CRYPTO_LOCK_RSA_BLINDING);
+ ret = BN_BLINDING_convert_ex(f, r, b, ctx);
+ CRYPTO_r_unlock(CRYPTO_LOCK_RSA_BLINDING);
+ return ret;
+ }
+}
+
+static int rsa_blinding_invert(BN_BLINDING *b, int local, BIGNUM *f,
+ BIGNUM *r, BN_CTX *ctx)
+{
+ if (local)
+ return BN_BLINDING_invert_ex(f, NULL, b, ctx);
+ else
+ {
+ int ret;
+ CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING);
+ ret = BN_BLINDING_invert_ex(f, r, b, ctx);
+ CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING);
+ return ret;
+ }
+}
/* signing */
static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
- BIGNUM f,ret;
+ BIGNUM *f, *ret, *br, *res;
int i,j,k,num=0,r= -1;
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
int local_blinding = 0;
BN_BLINDING *blinding = NULL;
- BN_init(&f);
- BN_init(&ret);
-
if ((ctx=BN_CTX_new()) == NULL) goto err;
- num=BN_num_bytes(rsa->n);
- if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
+ BN_CTX_start(ctx);
+ f = BN_CTX_get(ctx);
+ br = BN_CTX_get(ctx);
+ ret = BN_CTX_get(ctx);
+ num = BN_num_bytes(rsa->n);
+ buf = OPENSSL_malloc(num);
+ if(!f || !ret || !buf)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
goto err;
@@ -295,6 +379,9 @@
case RSA_PKCS1_PADDING:
i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen);
break;
+ case RSA_X931_PADDING:
+ i=RSA_padding_add_X931(buf,num,from,flen);
+ break;
case RSA_NO_PADDING:
i=RSA_padding_add_none(buf,num,from,flen);
break;
@@ -305,26 +392,18 @@
}
if (i <= 0) goto err;
- if (BN_bin2bn(buf,num,&f) == NULL) goto err;
+ if (BN_bin2bn(buf,num,f) == NULL) goto err;
- if (BN_ucmp(&f, rsa->n) >= 0)
+ if (BN_ucmp(f, rsa->n) >= 0)
{
/* usually the padding functions would catch this */
RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
goto err;
}
- BLINDING_HELPER(rsa, ctx, goto err;);
- blinding = rsa->blinding;
-
- /* Now unless blinding is disabled, 'blinding' is non-NULL.
- * But the BN_BLINDING object may be owned by some other thread
- * (we don't want to keep it constant and we don't want to use
- * lots of locking to avoid race conditions, so only a single
- * thread can use it; other threads have to use local blinding
- * factors) */
if (!(rsa->flags & RSA_FLAG_NO_BLINDING))
{
+ blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
if (blinding == NULL)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR);
@@ -333,20 +412,8 @@
}
if (blinding != NULL)
- {
- if (blinding->thread_id != CRYPTO_thread_id())
- {
- /* we need a local one-time blinding factor */
-
- blinding = setup_blinding(rsa, ctx);
- if (blinding == NULL)
- goto err;
- local_blinding = 1;
- }
- }
-
- if (blinding)
- if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err;
+ if (!rsa_blinding_convert(blinding, local_blinding, f, br, ctx))
+ goto err;
if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
((rsa->p != NULL) &&
@@ -354,29 +421,58 @@
(rsa->dmp1 != NULL) &&
(rsa->dmq1 != NULL) &&
(rsa->iqmp != NULL)) )
- { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
+ {
+ if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err;
+ }
else
{
- if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err;
+ BIGNUM local_d;
+ BIGNUM *d = NULL;
+
+ if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
+ {
+ BN_init(&local_d);
+ d = &local_d;
+ BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
+ }
+ else
+ d = rsa->d;
+
+ MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err);
+
+ if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx,
+ rsa->_method_mod_n)) goto err;
}
if (blinding)
- if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err;
+ if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx))
+ goto err;
+
+ if (padding == RSA_X931_PADDING)
+ {
+ BN_sub(f, rsa->n, ret);
+ if (BN_cmp(ret, f))
+ res = f;
+ else
+ res = ret;
+ }
+ else
+ res = ret;
/* put in leading 0 bytes if the number is less than the
* length of the modulus */
- j=BN_num_bytes(&ret);
- i=BN_bn2bin(&ret,&(to[num-j]));
+ j=BN_num_bytes(res);
+ i=BN_bn2bin(res,&(to[num-j]));
for (k=0; k<(num-i); k++)
to[k]=0;
r=num;
err:
- if (ctx != NULL) BN_CTX_free(ctx);
- BN_clear_free(&ret);
- BN_clear_free(&f);
- if (local_blinding)
- BN_BLINDING_free(blinding);
+ if (ctx != NULL)
+ {
+ BN_CTX_end(ctx);
+ BN_CTX_free(ctx);
+ }
if (buf != NULL)
{
OPENSSL_cleanse(buf,num);
@@ -388,7 +484,7 @@
static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
- BIGNUM f,ret;
+ BIGNUM *f, *ret, *br;
int j,num=0,r= -1;
unsigned char *p;
unsigned char *buf=NULL;
@@ -396,14 +492,14 @@
int local_blinding = 0;
BN_BLINDING *blinding = NULL;
- BN_init(&f);
- BN_init(&ret);
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
-
- num=BN_num_bytes(rsa->n);
-
- if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
+ if((ctx = BN_CTX_new()) == NULL) goto err;
+ BN_CTX_start(ctx);
+ f = BN_CTX_get(ctx);
+ br = BN_CTX_get(ctx);
+ ret = BN_CTX_get(ctx);
+ num = BN_num_bytes(rsa->n);
+ buf = OPENSSL_malloc(num);
+ if(!f || !ret || !buf)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
goto err;
@@ -418,25 +514,17 @@
}
/* make data into a big number */
- if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err;
+ if (BN_bin2bn(from,(int)flen,f) == NULL) goto err;
- if (BN_ucmp(&f, rsa->n) >= 0)
+ if (BN_ucmp(f, rsa->n) >= 0)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
goto err;
}
- BLINDING_HELPER(rsa, ctx, goto err;);
- blinding = rsa->blinding;
-
- /* Now unless blinding is disabled, 'blinding' is non-NULL.
- * But the BN_BLINDING object may be owned by some other thread
- * (we don't want to keep it constant and we don't want to use
- * lots of locking to avoid race conditions, so only a single
- * thread can use it; other threads have to use local blinding
- * factors) */
if (!(rsa->flags & RSA_FLAG_NO_BLINDING))
{
+ blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
if (blinding == NULL)
{
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR);
@@ -445,20 +533,8 @@
}
if (blinding != NULL)
- {
- if (blinding->thread_id != CRYPTO_thread_id())
- {
- /* we need a local one-time blinding factor */
-
- blinding = setup_blinding(rsa, ctx);
- if (blinding == NULL)
- goto err;
- local_blinding = 1;
- }
- }
-
- if (blinding)
- if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err;
+ if (!rsa_blinding_convert(blinding, local_blinding, f, br, ctx))
+ goto err;
/* do the decrypt */
if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
@@ -467,18 +543,34 @@
(rsa->dmp1 != NULL) &&
(rsa->dmq1 != NULL) &&
(rsa->iqmp != NULL)) )
- { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
+ {
+ if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err;
+ }
else
{
- if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL))
- goto err;
+ BIGNUM local_d;
+ BIGNUM *d = NULL;
+
+ if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
+ {
+ d = &local_d;
+ BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
+ }
+ else
+ d = rsa->d;
+
+ MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err);
+ if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx,
+ rsa->_method_mod_n))
+ goto err;
}
if (blinding)
- if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err;
+ if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx))
+ goto err;
p=buf;
- j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */
+ j=BN_bn2bin(ret,p); /* j is only used with no-padding mode */
switch (padding)
{
@@ -504,11 +596,11 @@
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
err:
- if (ctx != NULL) BN_CTX_free(ctx);
- BN_clear_free(&f);
- BN_clear_free(&ret);
- if (local_blinding)
- BN_BLINDING_free(blinding);
+ if (ctx != NULL)
+ {
+ BN_CTX_end(ctx);
+ BN_CTX_free(ctx);
+ }
if (buf != NULL)
{
OPENSSL_cleanse(buf,num);
@@ -521,7 +613,7 @@
static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
- BIGNUM f,ret;
+ BIGNUM *f,*ret;
int i,num=0,r= -1;
unsigned char *p;
unsigned char *buf=NULL;
@@ -549,14 +641,13 @@
}
}
- BN_init(&f);
- BN_init(&ret);
- ctx=BN_CTX_new();
- if (ctx == NULL) goto err;
-
+ if((ctx = BN_CTX_new()) == NULL) goto err;
+ BN_CTX_start(ctx);
+ f = BN_CTX_get(ctx);
+ ret = BN_CTX_get(ctx);
num=BN_num_bytes(rsa->n);
- buf=(unsigned char *)OPENSSL_malloc(num);
- if (buf == NULL)
+ buf = OPENSSL_malloc(num);
+ if(!f || !ret || !buf)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
goto err;
@@ -570,50 +661,33 @@
goto err;
}
- if (BN_bin2bn(from,flen,&f) == NULL) goto err;
+ if (BN_bin2bn(from,flen,f) == NULL) goto err;
- if (BN_ucmp(&f, rsa->n) >= 0)
+ if (BN_ucmp(f, rsa->n) >= 0)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
goto err;
}
- /* do the decrypt */
- if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
- {
- BN_MONT_CTX* bn_mont_ctx;
- if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
- goto err;
- if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
- {
- BN_MONT_CTX_free(bn_mont_ctx);
- goto err;
- }
- if (rsa->_method_mod_n == NULL) /* other thread may have finished first */
- {
- CRYPTO_w_lock(CRYPTO_LOCK_RSA);
- if (rsa->_method_mod_n == NULL)
- {
- rsa->_method_mod_n = bn_mont_ctx;
- bn_mont_ctx = NULL;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
- }
- if (bn_mont_ctx)
- BN_MONT_CTX_free(bn_mont_ctx);
- }
-
- if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
+ MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err);
+
+ if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
rsa->_method_mod_n)) goto err;
+ if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12))
+ BN_sub(ret, rsa->n, ret);
+
p=buf;
- i=BN_bn2bin(&ret,p);
+ i=BN_bn2bin(ret,p);
switch (padding)
{
case RSA_PKCS1_PADDING:
r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
break;
+ case RSA_X931_PADDING:
+ r=RSA_padding_check_X931(to,num,buf,i,num);
+ break;
case RSA_NO_PADDING:
r=RSA_padding_check_none(to,num,buf,i,num);
break;
@@ -625,9 +699,11 @@
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED);
err:
- if (ctx != NULL) BN_CTX_free(ctx);
- BN_clear_free(&f);
- BN_clear_free(&ret);
+ if (ctx != NULL)
+ {
+ BN_CTX_end(ctx);
+ BN_CTX_free(ctx);
+ }
if (buf != NULL)
{
OPENSSL_cleanse(buf,num);
@@ -636,84 +712,52 @@
return(r);
}
-static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
+static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
{
- BIGNUM r1,m1,vrfy;
+ BIGNUM *r1,*m1,*vrfy;
+ BIGNUM local_dmp1, local_dmq1;
+ BIGNUM *dmp1, *dmq1;
int ret=0;
- BN_CTX *ctx;
- BN_init(&m1);
- BN_init(&r1);
- BN_init(&vrfy);
- if ((ctx=BN_CTX_new()) == NULL) goto err;
+ BN_CTX_start(ctx);
+ r1 = BN_CTX_get(ctx);
+ m1 = BN_CTX_get(ctx);
+ vrfy = BN_CTX_get(ctx);
+
+ MONT_HELPER(rsa, ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err);
+ MONT_HELPER(rsa, ctx, q, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err);
+ MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err);
- if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
+ if (!BN_mod(r1,I,rsa->q,ctx)) goto err;
+ if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
{
- if (rsa->_method_mod_p == NULL)
- {
- BN_MONT_CTX* bn_mont_ctx;
- if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
- goto err;
- if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->p,ctx))
- {
- BN_MONT_CTX_free(bn_mont_ctx);
- goto err;
- }
- if (rsa->_method_mod_p == NULL) /* other thread may have finished first */
- {
- CRYPTO_w_lock(CRYPTO_LOCK_RSA);
- if (rsa->_method_mod_p == NULL)
- {
- rsa->_method_mod_p = bn_mont_ctx;
- bn_mont_ctx = NULL;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
- }
- if (bn_mont_ctx)
- BN_MONT_CTX_free(bn_mont_ctx);
- }
-
- if (rsa->_method_mod_q == NULL)
- {
- BN_MONT_CTX* bn_mont_ctx;
- if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
- goto err;
- if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->q,ctx))
- {
- BN_MONT_CTX_free(bn_mont_ctx);
- goto err;
- }
- if (rsa->_method_mod_q == NULL) /* other thread may have finished first */
- {
- CRYPTO_w_lock(CRYPTO_LOCK_RSA);
- if (rsa->_method_mod_q == NULL)
- {
- rsa->_method_mod_q = bn_mont_ctx;
- bn_mont_ctx = NULL;
- }
- CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
- }
- if (bn_mont_ctx)
- BN_MONT_CTX_free(bn_mont_ctx);
- }
+ dmq1 = &local_dmq1;
+ BN_with_flags(dmq1, rsa->dmq1, BN_FLG_EXP_CONSTTIME);
}
-
- if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
- if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx,
+ else
+ dmq1 = rsa->dmq1;
+ if (!rsa->meth->bn_mod_exp(m1,r1,dmq1,rsa->q,ctx,
rsa->_method_mod_q)) goto err;
- if (!BN_mod(&r1,I,rsa->p,ctx)) goto err;
- if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx,
+ if (!BN_mod(r1,I,rsa->p,ctx)) goto err;
+ if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
+ {
+ dmp1 = &local_dmp1;
+ BN_with_flags(dmp1, rsa->dmp1, BN_FLG_EXP_CONSTTIME);
+ }
+ else
+ dmp1 = rsa->dmp1;
+ if (!rsa->meth->bn_mod_exp(r0,r1,dmp1,rsa->p,ctx,
rsa->_method_mod_p)) goto err;
- if (!BN_sub(r0,r0,&m1)) goto err;
+ if (!BN_sub(r0,r0,m1)) goto err;
/* This will help stop the size of r0 increasing, which does
* affect the multiply if it optimised for a power of 2 size */
- if (r0->neg)
+ if (BN_is_negative(r0))
if (!BN_add(r0,r0,rsa->p)) goto err;
- if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err;
- if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err;
+ if (!BN_mul(r1,r0,rsa->iqmp,ctx)) goto err;
+ if (!BN_mod(r0,r1,rsa->p,ctx)) goto err;
/* If p < q it is occasionally possible for the correction of
* adding 'p' if r0 is negative above to leave the result still
* negative. This can break the private key operations: the following
@@ -721,34 +765,45 @@
* This will *never* happen with OpenSSL generated keys because
* they ensure p > q [steve]
*/
- if (r0->neg)
+ if (BN_is_negative(r0))
if (!BN_add(r0,r0,rsa->p)) goto err;
- if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err;
- if (!BN_add(r0,&r1,&m1)) goto err;
+ if (!BN_mul(r1,r0,rsa->q,ctx)) goto err;
+ if (!BN_add(r0,r1,m1)) goto err;
if (rsa->e && rsa->n)
{
- if (!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err;
+ if (!rsa->meth->bn_mod_exp(vrfy,r0,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) goto err;
/* If 'I' was greater than (or equal to) rsa->n, the operation
* will be equivalent to using 'I mod n'. However, the result of
* the verify will *always* be less than 'n' so we don't check
* for absolute equality, just congruency. */
- if (!BN_sub(&vrfy, &vrfy, I)) goto err;
- if (!BN_mod(&vrfy, &vrfy, rsa->n, ctx)) goto err;
- if (vrfy.neg)
- if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err;
- if (!BN_is_zero(&vrfy))
+ if (!BN_sub(vrfy, vrfy, I)) goto err;
+ if (!BN_mod(vrfy, vrfy, rsa->n, ctx)) goto err;
+ if (BN_is_negative(vrfy))
+ if (!BN_add(vrfy, vrfy, rsa->n)) goto err;
+ if (!BN_is_zero(vrfy))
+ {
/* 'I' and 'vrfy' aren't congruent mod n. Don't leak
* miscalculated CRT output, just do a raw (slower)
* mod_exp and return that instead. */
- if (!rsa->meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err;
+
+ BIGNUM local_d;
+ BIGNUM *d = NULL;
+
+ if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
+ {
+ d = &local_d;
+ BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
+ }
+ else
+ d = rsa->d;
+ if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx,
+ rsa->_method_mod_n)) goto err;
+ }
}
ret=1;
err:
- BN_clear_free(&m1);
- BN_clear_free(&r1);
- BN_clear_free(&vrfy);
- BN_CTX_free(ctx);
+ BN_CTX_end(ctx);
return(ret);
}
--- crypto/openssl/test/testfipsssl
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/bin/sh
-
-if [ "$1" = "" ]; then
- key=../apps/server.pem
-else
- key="$1"
-fi
-if [ "$2" = "" ]; then
- cert=../apps/server.pem
-else
- cert="$2"
-fi
-
-ciphers="DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA"
-
-ssltest="./ssltest -F -key $key -cert $cert -c_key $key -c_cert $cert -cipher $ciphers"
-
-if ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
- dsa_cert=YES
-else
- dsa_cert=NO
-fi
-
-if [ "$3" = "" ]; then
- CA="-CApath ../certs"
-else
- CA="-CAfile $3"
-fi
-
-if [ "$4" = "" ]; then
- extra=""
-else
- extra="$4"
-fi
-
-#############################################################################
-
-echo test ssl3 is forbidden in FIPS mode
-$ssltest -ssl3 $extra && exit 1
-
-echo test ssl2 is forbidden in FIPS mode
-$ssltest -ssl2 $extra && exit 1
-
-echo test tls1
-$ssltest -tls1 $extra || exit 1
-
-echo test tls1 with server authentication
-$ssltest -tls1 -server_auth $CA $extra || exit 1
-
-echo test tls1 with client authentication
-$ssltest -tls1 -client_auth $CA $extra || exit 1
-
-echo test tls1 with both client and server authentication
-$ssltest -tls1 -server_auth -client_auth $CA $extra || exit 1
-
-echo test tls1 via BIO pair
-$ssltest -bio_pair -tls1 $extra || exit 1
-
-echo test tls1 with server authentication via BIO pair
-$ssltest -bio_pair -tls1 -server_auth $CA $extra || exit 1
-
-echo test tls1 with client authentication via BIO pair
-$ssltest -bio_pair -tls1 -client_auth $CA $extra || exit 1
-
-echo test tls1 with both client and server authentication via BIO pair
-$ssltest -bio_pair -tls1 -server_auth -client_auth $CA $extra || exit 1
-
-# note that all the below actually choose TLS...
-
-if [ $dsa_cert = NO ]; then
- echo test sslv2/sslv3 w/o DHE via BIO pair
- $ssltest -bio_pair -no_dhe $extra || exit 1
-fi
-
-echo test sslv2/sslv3 with 1024bit DHE via BIO pair
-$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
-
-echo test sslv2/sslv3 with server authentication
-$ssltest -bio_pair -server_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with client authentication via BIO pair
-$ssltest -bio_pair -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication via BIO pair
-$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
-$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
-
-#############################################################################
-
-if ../apps/openssl no-dh; then
- echo skipping anonymous DH tests
-else
- echo test tls1 with 1024bit anonymous DH, multiple handshakes
- $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
-fi
-
-if ../apps/openssl no-rsa; then
- echo skipping RSA tests
-else
- echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
- ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
-
- if ../apps/openssl no-dh; then
- echo skipping RSA+DHE tests
- else
- echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
- ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
- fi
-fi
-
-exit 0
Index: s3_srvr.c
===================================================================
RCS file: /home/cvs/src/crypto/openssl/ssl/s3_srvr.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/ssl/s3_srvr.c -L crypto/openssl/ssl/s3_srvr.c -u -r1.2 -r1.3
--- crypto/openssl/ssl/s3_srvr.c
+++ crypto/openssl/ssl/s3_srvr.c
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -108,11 +108,23 @@
* Hudson (tjh at cryptsoft.com).
*
*/
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * ECC cipher suite support in OpenSSL originally written by
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
#define REUSE_CIPHER_BUG
#define NETSCAPE_HANG_BUG
-
#include <stdio.h>
#include "ssl_locl.h"
#include "kssl_lcl.h"
@@ -121,23 +133,20 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
#ifndef OPENSSL_NO_KRB5
#include <openssl/krb5_asn.h>
#endif
#include <openssl/md5.h>
-#include <openssl/fips.h>
static SSL_METHOD *ssl3_get_server_method(int ver);
-static int ssl3_get_client_hello(SSL *s);
-static int ssl3_check_client_hello(SSL *s);
-static int ssl3_send_server_hello(SSL *s);
-static int ssl3_send_server_key_exchange(SSL *s);
-static int ssl3_send_certificate_request(SSL *s);
-static int ssl3_send_server_done(SSL *s);
-static int ssl3_get_client_key_exchange(SSL *s);
-static int ssl3_get_client_certificate(SSL *s);
-static int ssl3_get_cert_verify(SSL *s);
-static int ssl3_send_hello_request(SSL *s);
+
+#ifndef OPENSSL_NO_ECDH
+static int nid2curve_id(int nid);
+#endif
static SSL_METHOD *ssl3_get_server_method(int ver)
{
@@ -147,33 +156,15 @@
return(NULL);
}
-SSL_METHOD *SSLv3_server_method(void)
- {
- static int init=1;
- static SSL_METHOD SSLv3_server_data;
-
- if (init)
- {
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
- if (init)
- {
- memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
- sizeof(SSL_METHOD));
- SSLv3_server_data.ssl_accept=ssl3_accept;
- SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
- init=0;
- }
-
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
- }
- return(&SSLv3_server_data);
- }
+IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
+ ssl3_accept,
+ ssl_undefined_function,
+ ssl3_get_server_method)
int ssl3_accept(SSL *s)
{
BUF_MEM *buf;
- unsigned long l,Time=time(NULL);
+ unsigned long l,Time=(unsigned long)time(NULL);
void (*cb)(const SSL *ssl,int type,int val)=NULL;
long num1;
int ret= -1;
@@ -309,8 +300,9 @@
case SSL3_ST_SW_CERT_A:
case SSL3_ST_SW_CERT_B:
- /* Check if it is anon DH */
- if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+ /* Check if it is anon DH or anon ECDH or KRB5 */
+ if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)
+ && !(s->s3->tmp.new_cipher->algorithms & SSL_aKRB5))
{
ret=ssl3_send_server_certificate(s);
if (ret <= 0) goto end;
@@ -340,9 +332,18 @@
else
s->s3->tmp.use_rsa_tmp=0;
+
/* only send if a DH key exchange, fortezza or
- * RSA but we have a sign only certificate */
+ * RSA but we have a sign only certificate
+ *
+ * For ECC ciphersuites, we send a serverKeyExchange
+ * message only if the cipher suite is either
+ * ECDH-anon or ECDHE. In other cases, the
+ * server certificate contains the server's
+ * public key for key exchange.
+ */
if (s->s3->tmp.use_rsa_tmp
+ || (l & SSL_kECDHE)
|| (l & (SSL_DH|SSL_kFZA))
|| ((l & SSL_kRSA)
&& (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
@@ -446,19 +447,33 @@
case SSL3_ST_SR_KEY_EXCH_A:
case SSL3_ST_SR_KEY_EXCH_B:
ret=ssl3_get_client_key_exchange(s);
- if (ret <= 0) goto end;
- s->state=SSL3_ST_SR_CERT_VRFY_A;
- s->init_num=0;
-
- /* We need to get hashes here so if there is
- * a client cert, it can be verified */
- s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst1),
- &(s->s3->tmp.cert_verify_md[0]));
- s->method->ssl3_enc->cert_verify_mac(s,
- &(s->s3->finish_dgst2),
- &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
+ if (ret <= 0)
+ goto end;
+ if (ret == 2)
+ {
+ /* For the ECDH ciphersuites when
+ * the client sends its ECDH pub key in
+ * a certificate, the CertificateVerify
+ * message is not sent.
+ */
+ s->state=SSL3_ST_SR_FINISHED_A;
+ s->init_num = 0;
+ }
+ else
+ {
+ s->state=SSL3_ST_SR_CERT_VRFY_A;
+ s->init_num=0;
+ /* We need to get hashes here so if there is
+ * a client cert, it can be verified
+ */
+ s->method->ssl3_enc->cert_verify_mac(s,
+ &(s->s3->finish_dgst1),
+ &(s->s3->tmp.cert_verify_md[0]));
+ s->method->ssl3_enc->cert_verify_mac(s,
+ &(s->s3->finish_dgst2),
+ &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
+ }
break;
case SSL3_ST_SR_CERT_VRFY_A:
@@ -589,7 +604,7 @@
return(ret);
}
-static int ssl3_send_hello_request(SSL *s)
+int ssl3_send_hello_request(SSL *s)
{
unsigned char *p;
@@ -611,14 +626,14 @@
return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
}
-static int ssl3_check_client_hello(SSL *s)
+int ssl3_check_client_hello(SSL *s)
{
int ok;
long n;
/* this function is called when we really expect a Certificate message,
* so permit appropriate message length */
- n=ssl3_get_message(s,
+ n=s->method->ssl_get_message(s,
SSL3_ST_SR_CERT_A,
SSL3_ST_SR_CERT_B,
-1,
@@ -644,14 +659,17 @@
return 1;
}
-static int ssl3_get_client_hello(SSL *s)
+int ssl3_get_client_hello(SSL *s)
{
int i,j,ok,al,ret= -1;
+ unsigned int cookie_len;
long n;
unsigned long id;
unsigned char *p,*d,*q;
SSL_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
SSL_COMP *comp=NULL;
+#endif
STACK_OF(SSL_CIPHER) *ciphers=NULL;
/* We do this so that we will respond with our native type.
@@ -662,10 +680,10 @@
*/
if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
{
- s->first_packet=1;
s->state=SSL3_ST_SR_CLNT_HELLO_B;
}
- n=ssl3_get_message(s,
+ s->first_packet=1;
+ n=s->method->ssl_get_message(s,
SSL3_ST_SR_CLNT_HELLO_B,
SSL3_ST_SR_CLNT_HELLO_C,
SSL3_MT_CLIENT_HELLO,
@@ -673,6 +691,7 @@
&ok);
if (!ok) return((int)n);
+ s->first_packet=0;
d=p=(unsigned char *)s->init_msg;
/* use version from inside client hello, not from record header
@@ -730,6 +749,68 @@
}
p+=j;
+
+ if (SSL_version(s) == DTLS1_VERSION)
+ {
+ /* cookie stuff */
+ cookie_len = *(p++);
+
+ if ( (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) &&
+ s->d1->send_cookie == 0)
+ {
+ /* HelloVerifyMessage has already been sent */
+ if ( cookie_len != s->d1->cookie_len)
+ {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
+ goto f_err;
+ }
+ }
+
+ /*
+ * The ClientHello may contain a cookie even if the
+ * HelloVerify message has not been sent--make sure that it
+ * does not cause an overflow.
+ */
+ if ( cookie_len > sizeof(s->d1->rcvd_cookie))
+ {
+ /* too much data */
+ al = SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
+ goto f_err;
+ }
+
+ /* verify the cookie if appropriate option is set. */
+ if ( (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) &&
+ cookie_len > 0)
+ {
+ memcpy(s->d1->rcvd_cookie, p, cookie_len);
+
+ if ( s->ctx->app_verify_cookie_cb != NULL)
+ {
+ if ( s->ctx->app_verify_cookie_cb(s, s->d1->rcvd_cookie,
+ cookie_len) == 0)
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+ SSL_R_COOKIE_MISMATCH);
+ goto f_err;
+ }
+ /* else cookie verification succeeded */
+ }
+ else if ( memcmp(s->d1->rcvd_cookie, s->d1->cookie,
+ s->d1->cookie_len) != 0) /* default verification */
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+ SSL_R_COOKIE_MISMATCH);
+ goto f_err;
+ }
+ }
+
+ p += cookie_len;
+ }
+
n2s(p,i);
if ((i == 0) && (j != 0))
{
@@ -779,8 +860,7 @@
if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
{
/* Very bad for multi-threading.... */
- s->session->cipher=sk_SSL_CIPHER_value(ciphers,
- 0);
+ s->session->cipher=sk_SSL_CIPHER_value(ciphers, 0);
}
else
{
@@ -821,6 +901,7 @@
* options, we will now look for them. We have i-1 compression
* algorithms from the client, starting at q. */
s->s3->tmp.new_compression=NULL;
+#ifndef OPENSSL_NO_COMP
if (s->ctx->comp_methods != NULL)
{ /* See if we have a match */
int m,nn,o,v,done=0;
@@ -845,6 +926,7 @@
else
comp=NULL;
}
+#endif
/* TLS does not mind if there is extra stuff */
#if 0 /* SSL 3.0 does not mind either, so we should disable this test
@@ -868,7 +950,11 @@
if (!s->hit)
{
+#ifdef OPENSSL_NO_COMP
+ s->session->compress_meth=0;
+#else
s->session->compress_meth=(comp == NULL)?0:comp->id;
+#endif
if (s->session->ciphers != NULL)
sk_SSL_CIPHER_free(s->session->ciphers);
s->session->ciphers=ciphers;
@@ -943,7 +1029,7 @@
return(ret);
}
-static int ssl3_send_server_hello(SSL *s)
+int ssl3_send_server_hello(SSL *s)
{
unsigned char *buf;
unsigned char *p,*d;
@@ -954,9 +1040,9 @@
{
buf=(unsigned char *)s->init_buf->data;
p=s->s3->server_random;
- Time=time(NULL); /* Time */
+ Time=(unsigned long)time(NULL); /* Time */
l2n(Time,p);
- if(RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)) <= 0)
+ if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0)
return -1;
/* Do the message type and length last */
d=p= &(buf[4]);
@@ -980,7 +1066,7 @@
s->session->session_id_length=0;
sl=s->session->session_id_length;
- if (sl > sizeof s->session->session_id)
+ if (sl > (int)sizeof(s->session->session_id))
{
SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
return -1;
@@ -994,10 +1080,14 @@
p+=i;
/* put the compression method */
+#ifdef OPENSSL_NO_COMP
+ *(p++)=0;
+#else
if (s->s3->tmp.new_compression == NULL)
*(p++)=0;
else
*(p++)=s->s3->tmp.new_compression->id;
+#endif
/* do the header */
l=(p-d);
@@ -1015,7 +1105,7 @@
return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
}
-static int ssl3_send_server_done(SSL *s)
+int ssl3_send_server_done(SSL *s)
{
unsigned char *p;
@@ -1039,7 +1129,7 @@
return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
}
-static int ssl3_send_server_key_exchange(SSL *s)
+int ssl3_send_server_key_exchange(SSL *s)
{
#ifndef OPENSSL_NO_RSA
unsigned char *q;
@@ -1051,6 +1141,13 @@
#ifndef OPENSSL_NO_DH
DH *dh=NULL,*dhp;
#endif
+#ifndef OPENSSL_NO_ECDH
+ EC_KEY *ecdh=NULL, *ecdhp;
+ unsigned char *encodedPoint = NULL;
+ int encodedlen = 0;
+ int curve_id = 0;
+ BN_CTX *bn_ctx = NULL;
+#endif
EVP_PKEY *pkey;
unsigned char *p,*d;
int al,i;
@@ -1159,6 +1256,134 @@
}
else
#endif
+#ifndef OPENSSL_NO_ECDH
+ if (type & SSL_kECDHE)
+ {
+ const EC_GROUP *group;
+
+ ecdhp=cert->ecdh_tmp;
+ if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL))
+ {
+ ecdhp=s->cert->ecdh_tmp_cb(s,
+ SSL_C_IS_EXPORT(s->s3->tmp.new_cipher),
+ SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher));
+ }
+ if (ecdhp == NULL)
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_ECDH_KEY);
+ goto f_err;
+ }
+
+ if (s->s3->tmp.ecdh != NULL)
+ {
+ EC_KEY_free(s->s3->tmp.ecdh);
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ /* Duplicate the ECDH structure. */
+ if (ecdhp == NULL)
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
+ goto err;
+ }
+ if (!EC_KEY_up_ref(ecdhp))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
+ goto err;
+ }
+ ecdh = ecdhp;
+
+ s->s3->tmp.ecdh=ecdh;
+ if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
+ (EC_KEY_get0_private_key(ecdh) == NULL) ||
+ (s->options & SSL_OP_SINGLE_ECDH_USE))
+ {
+ if(!EC_KEY_generate_key(ecdh))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
+ goto err;
+ }
+ }
+
+ if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
+ (EC_KEY_get0_public_key(ecdh) == NULL) ||
+ (EC_KEY_get0_private_key(ecdh) == NULL))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+ (EC_GROUP_get_degree(group) > 163))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
+ goto err;
+ }
+
+ /* XXX: For now, we only support ephemeral ECDH
+ * keys over named (not generic) curves. For
+ * supported named curves, curve_id is non-zero.
+ */
+ if ((curve_id =
+ nid2curve_id(EC_GROUP_get_curve_name(group)))
+ == 0)
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
+ goto err;
+ }
+
+ /* Encode the public key.
+ * First check the size of encoding and
+ * allocate memory accordingly.
+ */
+ encodedlen = EC_POINT_point2oct(group,
+ EC_KEY_get0_public_key(ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ NULL, 0, NULL);
+
+ encodedPoint = (unsigned char *)
+ OPENSSL_malloc(encodedlen*sizeof(unsigned char));
+ bn_ctx = BN_CTX_new();
+ if ((encodedPoint == NULL) || (bn_ctx == NULL))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+
+ encodedlen = EC_POINT_point2oct(group,
+ EC_KEY_get0_public_key(ecdh),
+ POINT_CONVERSION_UNCOMPRESSED,
+ encodedPoint, encodedlen, bn_ctx);
+
+ if (encodedlen == 0)
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ BN_CTX_free(bn_ctx); bn_ctx=NULL;
+
+ /* XXX: For now, we only support named (not
+ * generic) curves in ECDH ephemeral key exchanges.
+ * In this situation, we need four additional bytes
+ * to encode the entire ServerECDHParams
+ * structure.
+ */
+ n = 4 + encodedlen;
+
+ /* We'll generate the serverKeyExchange message
+ * explicitly so we can set these to NULLs
+ */
+ r[0]=NULL;
+ r[1]=NULL;
+ r[2]=NULL;
+ r[3]=NULL;
+ }
+ else
+#endif /* !OPENSSL_NO_ECDH */
{
al=SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
@@ -1201,6 +1426,31 @@
p+=nr[i];
}
+#ifndef OPENSSL_NO_ECDH
+ if (type & SSL_kECDHE)
+ {
+ /* XXX: For now, we only support named (not generic) curves.
+ * In this situation, the serverKeyExchange message has:
+ * [1 byte CurveType], [2 byte CurveName]
+ * [1 byte length of encoded point], followed by
+ * the actual encoded point itself
+ */
+ *p = NAMED_CURVE_TYPE;
+ p += 1;
+ *p = 0;
+ p += 1;
+ *p = curve_id;
+ p += 1;
+ *p = encodedlen;
+ p += 1;
+ memcpy((unsigned char*)p,
+ (unsigned char *)encodedPoint,
+ encodedlen);
+ OPENSSL_free(encodedPoint);
+ p += encodedlen;
+ }
+#endif
+
/* not anonymous */
if (pkey != NULL)
{
@@ -1218,16 +1468,8 @@
EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
EVP_DigestUpdate(&md_ctx,&(d[4]),n);
-#ifdef OPENSSL_FIPS
- if(s->version == TLS1_VERSION && num == 2)
- FIPS_allow_md5(1);
-#endif
EVP_DigestFinal_ex(&md_ctx,q,
(unsigned int *)&i);
-#ifdef OPENSSL_FIPS
- if(s->version == TLS1_VERSION && num == 2)
- FIPS_allow_md5(0);
-#endif
q+=i;
j+=i;
}
@@ -1261,6 +1503,25 @@
}
else
#endif
+#if !defined(OPENSSL_NO_ECDSA)
+ if (pkey->type == EVP_PKEY_EC)
+ {
+ /* let's do ECDSA */
+ EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
+ EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx,&(d[4]),n);
+ if (!EVP_SignFinal(&md_ctx,&(p[2]),
+ (unsigned int *)&i,pkey))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_ECDSA);
+ goto err;
+ }
+ s2n(i,p);
+ n+=i+2;
+ }
+ else
+#endif
{
/* Is this error check actually needed? */
al=SSL_AD_HANDSHAKE_FAILURE;
@@ -1284,11 +1545,15 @@
f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
err:
+#ifndef OPENSSL_NO_ECDH
+ if (encodedPoint != NULL) OPENSSL_free(encodedPoint);
+ BN_CTX_free(bn_ctx);
+#endif
EVP_MD_CTX_cleanup(&md_ctx);
return(-1);
}
-static int ssl3_send_certificate_request(SSL *s)
+int ssl3_send_certificate_request(SSL *s)
{
unsigned char *p,*d;
int i,j,nl,off,n;
@@ -1377,7 +1642,7 @@
return(-1);
}
-static int ssl3_get_client_key_exchange(SSL *s)
+int ssl3_get_client_key_exchange(SSL *s)
{
int i,al,ok;
long n;
@@ -1395,7 +1660,14 @@
KSSL_ERR kssl_err;
#endif /* OPENSSL_NO_KRB5 */
- n=ssl3_get_message(s,
+#ifndef OPENSSL_NO_ECDH
+ EC_KEY *srvr_ecdh = NULL;
+ EVP_PKEY *clnt_pub_pkey = NULL;
+ EC_POINT *clnt_ecpoint = NULL;
+ BN_CTX *bn_ctx = NULL;
+#endif
+
+ n=s->method->ssl_get_message(s,
SSL3_ST_SR_KEY_EXCH_A,
SSL3_ST_SR_KEY_EXCH_B,
SSL3_MT_CLIENT_KEY_EXCHANGE,
@@ -1501,7 +1773,7 @@
i = SSL_MAX_MASTER_KEY_LENGTH;
p[0] = s->client_version >> 8;
p[1] = s->client_version & 0xff;
- if(RAND_pseudo_bytes(p+2, i-2) <= 0) /* should be RAND_bytes, but we cannot work around a failure */
+ if (RAND_pseudo_bytes(p+2, i-2) <= 0) /* should be RAND_bytes, but we cannot work around a failure */
goto err;
}
@@ -1600,7 +1872,7 @@
n2s(p,i);
enc_ticket.length = i;
- if (n < enc_ticket.length + 6)
+ if (n < (int)enc_ticket.length + 6)
{
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DATA_LENGTH_TOO_LONG);
@@ -1613,7 +1885,7 @@
n2s(p,i);
authenticator.length = i;
- if (n < enc_ticket.length + authenticator.length + 6)
+ if (n < (int)(enc_ticket.length + authenticator.length) + 6)
{
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DATA_LENGTH_TOO_LONG);
@@ -1638,8 +1910,8 @@
goto err;
}
- if (n != enc_ticket.length + authenticator.length +
- enc_pms.length + 6)
+ if (n != (long)(enc_ticket.length + authenticator.length +
+ enc_pms.length + 6))
{
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
SSL_R_DATA_LENGTH_TOO_LONG);
@@ -1655,7 +1927,7 @@
if (kssl_err.text)
printf("kssl_err text= %s\n", kssl_err.text);
#endif /* KSSL_DEBUG */
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
kssl_err.reason);
goto err;
}
@@ -1672,14 +1944,14 @@
if (kssl_err.text)
printf("kssl_err text= %s\n", kssl_err.text);
#endif /* KSSL_DEBUG */
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
kssl_err.reason);
goto err;
}
if ((krb5rc = kssl_validate_times(authtime, &ttimes)) != 0)
{
- SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, krb5rc);
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, krb5rc);
goto err;
}
@@ -1725,6 +1997,25 @@
SSL_R_DATA_LENGTH_TOO_LONG);
goto err;
}
+ if (!((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff))))
+ {
+ /* The premaster secret must contain the same version number as the
+ * ClientHello to detect version rollback attacks (strangely, the
+ * protocol does not offer such protection for DH ciphersuites).
+ * However, buggy clients exist that send random bytes instead of
+ * the protocol version.
+ * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients.
+ * (Perhaps we should have a separate BUG value for the Kerberos cipher)
+ */
+ if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
+ (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff))))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_AD_DECODE_ERROR);
+ goto err;
+ }
+ }
+
EVP_CIPHER_CTX_cleanup(&ciph_ctx);
s->session->master_key_length=
@@ -1750,6 +2041,156 @@
}
else
#endif /* OPENSSL_NO_KRB5 */
+
+#ifndef OPENSSL_NO_ECDH
+ if ((l & SSL_kECDH) || (l & SSL_kECDHE))
+ {
+ int ret = 1;
+ int field_size = 0;
+ const EC_KEY *tkey;
+ const EC_GROUP *group;
+ const BIGNUM *priv_key;
+
+ /* initialize structures for server's ECDH key pair */
+ if ((srvr_ecdh = EC_KEY_new()) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* Let's get server private key and group information */
+ if (l & SSL_kECDH)
+ {
+ /* use the certificate */
+ tkey = s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec;
+ }
+ else
+ {
+ /* use the ephermeral values we saved when
+ * generating the ServerKeyExchange msg.
+ */
+ tkey = s->s3->tmp.ecdh;
+ }
+
+ group = EC_KEY_get0_group(tkey);
+ priv_key = EC_KEY_get0_private_key(tkey);
+
+ if (!EC_KEY_set_group(srvr_ecdh, group) ||
+ !EC_KEY_set_private_key(srvr_ecdh, priv_key))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ ERR_R_EC_LIB);
+ goto err;
+ }
+
+ /* Let's get client's public key */
+ if ((clnt_ecpoint = EC_POINT_new(group)) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (n == 0L)
+ {
+ /* Client Publickey was in Client Certificate */
+
+ if (l & SSL_kECDHE)
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_ECDH_KEY);
+ goto f_err;
+ }
+ if (((clnt_pub_pkey=X509_get_pubkey(s->session->peer))
+ == NULL) ||
+ (clnt_pub_pkey->type != EVP_PKEY_EC))
+ {
+ /* XXX: For now, we do not support client
+ * authentication using ECDH certificates
+ * so this branch (n == 0L) of the code is
+ * never executed. When that support is
+ * added, we ought to ensure the key
+ * received in the certificate is
+ * authorized for key agreement.
+ * ECDH_compute_key implicitly checks that
+ * the two ECDH shares are for the same
+ * group.
+ */
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ SSL_R_UNABLE_TO_DECODE_ECDH_CERTS);
+ goto f_err;
+ }
+
+ if (EC_POINT_copy(clnt_ecpoint,
+ EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec)) == 0)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ ERR_R_EC_LIB);
+ goto err;
+ }
+ ret = 2; /* Skip certificate verify processing */
+ }
+ else
+ {
+ /* Get client's public key from encoded point
+ * in the ClientKeyExchange message.
+ */
+ if ((bn_ctx = BN_CTX_new()) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* Get encoded point length */
+ i = *p;
+ p += 1;
+ if (EC_POINT_oct2point(group,
+ clnt_ecpoint, p, i, bn_ctx) == 0)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ ERR_R_EC_LIB);
+ goto err;
+ }
+ /* p is pointing to somewhere in the buffer
+ * currently, so set it to the start
+ */
+ p=(unsigned char *)s->init_buf->data;
+ }
+
+ /* Compute the shared pre-master secret */
+ field_size = EC_GROUP_get_degree(group);
+ if (field_size <= 0)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ ERR_R_ECDH_LIB);
+ goto err;
+ }
+ i = ECDH_compute_key(p, (field_size+7)/8, clnt_ecpoint, srvr_ecdh, NULL);
+ if (i <= 0)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+ ERR_R_ECDH_LIB);
+ goto err;
+ }
+
+ EVP_PKEY_free(clnt_pub_pkey);
+ EC_POINT_free(clnt_ecpoint);
+ if (srvr_ecdh != NULL)
+ EC_KEY_free(srvr_ecdh);
+ BN_CTX_free(bn_ctx);
+
+ /* Compute the master secret */
+ s->session->master_key_length = s->method->ssl3_enc-> \
+ generate_master_secret(s, s->session->master_key, p, i);
+
+ OPENSSL_cleanse(p, i);
+ return (ret);
+ }
+ else
+#endif
{
al=SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
@@ -1760,13 +2201,20 @@
return(1);
f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
-#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA)
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH)
err:
#endif
+#ifndef OPENSSL_NO_ECDH
+ EVP_PKEY_free(clnt_pub_pkey);
+ EC_POINT_free(clnt_ecpoint);
+ if (srvr_ecdh != NULL)
+ EC_KEY_free(srvr_ecdh);
+ BN_CTX_free(bn_ctx);
+#endif
return(-1);
}
-static int ssl3_get_cert_verify(SSL *s)
+int ssl3_get_cert_verify(SSL *s)
{
EVP_PKEY *pkey=NULL;
unsigned char *p;
@@ -1775,7 +2223,7 @@
int type=0,i,j;
X509 *peer;
- n=ssl3_get_message(s,
+ n=s->method->ssl_get_message(s,
SSL3_ST_SR_CERT_VRFY_A,
SSL3_ST_SR_CERT_VRFY_B,
-1,
@@ -1886,6 +2334,23 @@
}
else
#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (pkey->type == EVP_PKEY_EC)
+ {
+ j=ECDSA_verify(pkey->save_type,
+ &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
+ SHA_DIGEST_LENGTH,p,i,pkey->pkey.ec);
+ if (j <= 0)
+ {
+ /* bad signature */
+ al=SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
+ SSL_R_BAD_ECDSA_SIGNATURE);
+ goto f_err;
+ }
+ }
+ else
+#endif
{
SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,ERR_R_INTERNAL_ERROR);
al=SSL_AD_UNSUPPORTED_CERTIFICATE;
@@ -1904,15 +2369,16 @@
return(ret);
}
-static int ssl3_get_client_certificate(SSL *s)
+int ssl3_get_client_certificate(SSL *s)
{
int i,ok,al,ret= -1;
X509 *x=NULL;
unsigned long l,nc,llen,n;
- unsigned char *p,*d,*q;
+ const unsigned char *p,*q;
+ unsigned char *d;
STACK_OF(X509) *sk=NULL;
- n=ssl3_get_message(s,
+ n=s->method->ssl_get_message(s,
SSL3_ST_SR_CERT_A,
SSL3_ST_SR_CERT_B,
-1,
@@ -1947,7 +2413,7 @@
SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
goto f_err;
}
- d=p=(unsigned char *)s->init_msg;
+ p=d=(unsigned char *)s->init_msg;
if ((sk=sk_X509_new_null()) == NULL)
{
@@ -2086,3 +2552,67 @@
/* SSL3_ST_SW_CERT_B */
return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
}
+
+
+#ifndef OPENSSL_NO_ECDH
+/* This is the complement of curve_id2nid in s3_clnt.c. */
+static int nid2curve_id(int nid)
+{
+ /* ECC curves from draft-ietf-tls-ecc-01.txt (Mar 15, 2001)
+ * (no changes in draft-ietf-tls-ecc-03.txt [June 2003]) */
+ switch (nid) {
+ case NID_sect163k1: /* sect163k1 (1) */
+ return 1;
+ case NID_sect163r1: /* sect163r1 (2) */
+ return 2;
+ case NID_sect163r2: /* sect163r2 (3) */
+ return 3;
+ case NID_sect193r1: /* sect193r1 (4) */
+ return 4;
+ case NID_sect193r2: /* sect193r2 (5) */
+ return 5;
+ case NID_sect233k1: /* sect233k1 (6) */
+ return 6;
+ case NID_sect233r1: /* sect233r1 (7) */
+ return 7;
+ case NID_sect239k1: /* sect239k1 (8) */
+ return 8;
+ case NID_sect283k1: /* sect283k1 (9) */
+ return 9;
+ case NID_sect283r1: /* sect283r1 (10) */
+ return 10;
+ case NID_sect409k1: /* sect409k1 (11) */
+ return 11;
+ case NID_sect409r1: /* sect409r1 (12) */
+ return 12;
+ case NID_sect571k1: /* sect571k1 (13) */
+ return 13;
+ case NID_sect571r1: /* sect571r1 (14) */
+ return 14;
+ case NID_secp160k1: /* secp160k1 (15) */
+ return 15;
+ case NID_secp160r1: /* secp160r1 (16) */
+ return 16;
+ case NID_secp160r2: /* secp160r2 (17) */
+ return 17;
+ case NID_secp192k1: /* secp192k1 (18) */
+ return 18;
+ case NID_X9_62_prime192v1: /* secp192r1 (19) */
+ return 19;
+ case NID_secp224k1: /* secp224k1 (20) */
+ return 20;
+ case NID_secp224r1: /* secp224r1 (21) */
+ return 21;
+ case NID_secp256k1: /* secp256k1 (22) */
+ return 22;
+ case NID_X9_62_prime256v1: /* secp256r1 (23) */
+ return 23;
+ case NID_secp384r1: /* secp384r1 (24) */
+ return 24;
+ case NID_secp521r1: /* secp521r1 (25) */
+ return 25;
+ default:
+ return 0;
+ }
+}
+#endif
Index: ssl_lib.c
===================================================================
RCS file: /home/cvs/src/crypto/openssl/ssl/ssl_lib.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssl/ssl/ssl_lib.c -L crypto/openssl/ssl/ssl_lib.c -u -r1.3 -r1.4
--- crypto/openssl/ssl/ssl_lib.c
+++ crypto/openssl/ssl/ssl_lib.c
@@ -110,7 +110,11 @@
* Hudson (tjh at cryptsoft.com).
*
*/
-
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
#ifdef REF_CHECK
# include <assert.h>
@@ -121,18 +125,27 @@
#include <openssl/objects.h>
#include <openssl/lhash.h>
#include <openssl/x509v3.h>
-#include <openssl/fips.h>
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
const char *SSL_version_str=OPENSSL_VERSION_TEXT;
-OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={
+SSL3_ENC_METHOD ssl3_undef_enc_method={
/* evil casts, but these functions are only called if there's a library bug */
(int (*)(SSL *,int))ssl_undefined_function,
(int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
ssl_undefined_function,
(int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function,
(int (*)(SSL*, int))ssl_undefined_function,
- (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function
+ (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function,
+ 0, /* finish_mac_length */
+ (int (*)(SSL *, EVP_MD_CTX *, unsigned char *))ssl_undefined_function,
+ NULL, /* client_finished_label */
+ 0, /* client_finished_label_len */
+ NULL, /* server_finished_label */
+ 0, /* server_finished_label_len */
+ (int (*)(int))ssl_undefined_function
};
int SSL_clear(SSL *s)
@@ -272,14 +285,23 @@
s->msg_callback=ctx->msg_callback;
s->msg_callback_arg=ctx->msg_callback_arg;
s->verify_mode=ctx->verify_mode;
+#if 0
s->verify_depth=ctx->verify_depth;
+#endif
s->sid_ctx_length=ctx->sid_ctx_length;
OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx));
s->verify_callback=ctx->default_verify_callback;
s->generate_session_id=ctx->generate_session_id;
+
+ s->param = X509_VERIFY_PARAM_new();
+ if (!s->param)
+ goto err;
+ X509_VERIFY_PARAM_inherit(s->param, ctx->param);
+#if 0
s->purpose = ctx->purpose;
s->trust = ctx->trust;
+#endif
s->quiet_shutdown=ctx->quiet_shutdown;
CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
@@ -393,22 +415,22 @@
int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
{
- return X509_PURPOSE_set(&s->purpose, purpose);
+ return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
}
int SSL_set_purpose(SSL *s, int purpose)
{
- return X509_PURPOSE_set(&s->purpose, purpose);
+ return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
}
int SSL_CTX_set_trust(SSL_CTX *s, int trust)
{
- return X509_TRUST_set(&s->trust, trust);
+ return X509_VERIFY_PARAM_set_trust(s->param, trust);
}
int SSL_set_trust(SSL *s, int trust)
{
- return X509_TRUST_set(&s->trust, trust);
+ return X509_VERIFY_PARAM_set_trust(s->param, trust);
}
void SSL_free(SSL *s)
@@ -431,6 +453,9 @@
}
#endif
+ if (s->param)
+ X509_VERIFY_PARAM_free(s->param);
+
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
if (s->bbio != NULL)
@@ -501,18 +526,18 @@
s->wbio=wbio;
}
-BIO *SSL_get_rbio(SSL *s)
+BIO *SSL_get_rbio(const SSL *s)
{ return(s->rbio); }
-BIO *SSL_get_wbio(SSL *s)
+BIO *SSL_get_wbio(const SSL *s)
{ return(s->wbio); }
-int SSL_get_fd(SSL *s)
+int SSL_get_fd(const SSL *s)
{
return(SSL_get_rfd(s));
}
-int SSL_get_rfd(SSL *s)
+int SSL_get_rfd(const SSL *s)
{
int ret= -1;
BIO *b,*r;
@@ -524,7 +549,7 @@
return(ret);
}
-int SSL_get_wfd(SSL *s)
+int SSL_get_wfd(const SSL *s)
{
int ret= -1;
BIO *b,*r;
@@ -606,7 +631,7 @@
/* return length of latest Finished message we sent, copy to 'buf' */
-size_t SSL_get_finished(SSL *s, void *buf, size_t count)
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
{
size_t ret = 0;
@@ -621,7 +646,7 @@
}
/* return length of latest Finished message we expected, copy to 'buf' */
-size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count)
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
{
size_t ret = 0;
@@ -636,32 +661,32 @@
}
-int SSL_get_verify_mode(SSL *s)
+int SSL_get_verify_mode(const SSL *s)
{
return(s->verify_mode);
}
-int SSL_get_verify_depth(SSL *s)
+int SSL_get_verify_depth(const SSL *s)
{
- return(s->verify_depth);
+ return X509_VERIFY_PARAM_get_depth(s->param);
}
-int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *)
+int (*SSL_get_verify_callback(const SSL *s))(int,X509_STORE_CTX *)
{
return(s->verify_callback);
}
-int SSL_CTX_get_verify_mode(SSL_CTX *ctx)
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
{
return(ctx->verify_mode);
}
-int SSL_CTX_get_verify_depth(SSL_CTX *ctx)
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
{
- return(ctx->verify_depth);
+ return X509_VERIFY_PARAM_get_depth(ctx->param);
}
-int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *)
+int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int,X509_STORE_CTX *)
{
return(ctx->default_verify_callback);
}
@@ -676,7 +701,7 @@
void SSL_set_verify_depth(SSL *s,int depth)
{
- s->verify_depth=depth;
+ X509_VERIFY_PARAM_set_depth(s->param, depth);
}
void SSL_set_read_ahead(SSL *s,int yes)
@@ -684,12 +709,12 @@
s->read_ahead=yes;
}
-int SSL_get_read_ahead(SSL *s)
+int SSL_get_read_ahead(const SSL *s)
{
return(s->read_ahead);
}
-int SSL_pending(SSL *s)
+int SSL_pending(const SSL *s)
{
/* SSL_pending cannot work properly if read-ahead is enabled
* (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
@@ -701,7 +726,7 @@
return(s->method->ssl_pending(s));
}
-X509 *SSL_get_peer_certificate(SSL *s)
+X509 *SSL_get_peer_certificate(const SSL *s)
{
X509 *r;
@@ -717,7 +742,7 @@
return(r);
}
-STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s)
+STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
{
STACK_OF(X509) *r;
@@ -734,7 +759,7 @@
/* Now in theory, since the calling process own 't' it should be safe to
* modify. We need to be able to read f without being hassled */
-void SSL_copy_session_id(SSL *t,SSL *f)
+void SSL_copy_session_id(SSL *t,const SSL *f)
{
CERT *tmp;
@@ -763,7 +788,7 @@
}
/* Fix this so it checks all the valid key/cert options */
-int SSL_CTX_check_private_key(SSL_CTX *ctx)
+int SSL_CTX_check_private_key(const SSL_CTX *ctx)
{
if ( (ctx == NULL) ||
(ctx->cert == NULL) ||
@@ -781,7 +806,7 @@
}
/* Fix this function so that it takes an optional type parameter */
-int SSL_check_private_key(SSL *ssl)
+int SSL_check_private_key(const SSL *ssl)
{
if (ssl == NULL)
{
@@ -825,7 +850,7 @@
return(s->method->ssl_connect(s));
}
-long SSL_get_default_timeout(SSL *s)
+long SSL_get_default_timeout(const SSL *s)
{
return(s->method->get_timeout());
}
@@ -850,7 +875,7 @@
{
if (s->handshake_func == 0)
{
- SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
+ SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
return -1;
}
@@ -941,12 +966,19 @@
l=s->max_cert_list;
s->max_cert_list=larg;
return(l);
+ case SSL_CTRL_SET_MTU:
+ if (SSL_version(s) == DTLS1_VERSION)
+ {
+ s->d1->mtu = larg;
+ return larg;
+ }
+ return 0;
default:
return(s->method->ssl_ctrl(s,cmd,larg,parg));
}
}
-long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)())
+long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
{
switch(cmd)
{
@@ -1034,7 +1066,7 @@
}
}
-long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)())
+long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
{
switch(cmd)
{
@@ -1072,7 +1104,7 @@
/** return a STACK of the ciphers available for the SSL and in order of
* preference */
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s)
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
{
if (s != NULL)
{
@@ -1109,7 +1141,7 @@
}
/** The old interface to get the same thing as SSL_get_ciphers() */
-const char *SSL_get_cipher_list(SSL *s,int n)
+const char *SSL_get_cipher_list(const SSL *s,int n)
{
SSL_CIPHER *c;
STACK_OF(SSL_CIPHER) *sk;
@@ -1130,8 +1162,21 @@
sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
&ctx->cipher_list_by_id,str);
-/* XXXX */
- return((sk == NULL)?0:1);
+ /* ssl_create_cipher_list may return an empty stack if it
+ * was unable to find a cipher matching the given rule string
+ * (for example if the rule string specifies a cipher which
+ * has been disabled). This is not an error as far as
+ * ssl_create_cipher_list is concerned, and hence
+ * ctx->cipher_list and ctx->cipher_list_by_id has been
+ * updated. */
+ if (sk == NULL)
+ return 0;
+ else if (sk_SSL_CIPHER_num(sk) == 0)
+ {
+ SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+ return 0;
+ }
+ return 1;
}
/** specify the ciphers to be used by the SSL */
@@ -1141,14 +1186,22 @@
sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
&s->cipher_list_by_id,str);
-/* XXXX */
- return((sk == NULL)?0:1);
+ /* see comment in SSL_CTX_set_cipher_list */
+ if (sk == NULL)
+ return 0;
+ else if (sk_SSL_CIPHER_num(sk) == 0)
+ {
+ SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+ return 0;
+ }
+ return 1;
}
/* works well for SSLv2, not so good for SSLv3 */
-char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
+char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len)
{
char *p;
+ const char *cp;
STACK_OF(SSL_CIPHER) *sk;
SSL_CIPHER *c;
int i;
@@ -1161,27 +1214,27 @@
sk=s->session->ciphers;
for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
- int n;
-
+ /* Decrement for either the ':' or a '\0' */
+ len--;
c=sk_SSL_CIPHER_value(sk,i);
- n=strlen(c->name);
- if (n+1 > len)
+ for (cp=c->name; *cp; )
{
- if (p != buf)
- --p;
- *p='\0';
- return buf;
+ if (len-- <= 0)
+ {
+ *p='\0';
+ return(buf);
+ }
+ else
+ *(p++)= *(cp++);
}
- strcpy(p,c->name);
- p+=n;
*(p++)=':';
- len-=n+1;
}
p[-1]='\0';
return(buf);
}
-int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
+int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
+ int (*put_cb)(const SSL_CIPHER *, unsigned char *))
{
int i,j=0;
SSL_CIPHER *c;
@@ -1200,7 +1253,8 @@
if ((c->algorithms & SSL_KRB5) && nokrb5)
continue;
#endif /* OPENSSL_NO_KRB5 */
- j=ssl_put_cipher_by_char(s,c,p);
+
+ j = put_cb ? put_cb(c,p) : ssl_put_cipher_by_char(s,c,p);
p+=j;
}
return(p-q);
@@ -1250,7 +1304,7 @@
return(NULL);
}
-unsigned long SSL_SESSION_hash(SSL_SESSION *a)
+unsigned long SSL_SESSION_hash(const SSL_SESSION *a)
{
unsigned long l;
@@ -1267,7 +1321,7 @@
* SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
* able to construct an SSL_SESSION that will collide with any existing session
* with a matching session ID. */
-int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b)
+int SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b)
{
if (a->ssl_version != b->ssl_version)
return(1);
@@ -1341,7 +1395,9 @@
ret->msg_callback=0;
ret->msg_callback_arg=NULL;
ret->verify_mode=SSL_VERIFY_NONE;
+#if 0
ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */
+#endif
ret->sid_ctx_length=0;
ret->default_verify_callback=NULL;
if ((ret->cert=ssl_cert_new()) == NULL)
@@ -1350,6 +1406,8 @@
ret->default_passwd_callback=0;
ret->default_passwd_callback_userdata=NULL;
ret->client_cert_cb=0;
+ ret->app_gen_cookie_cb=0;
+ ret->app_verify_cookie_cb=0;
ret->sessions=lh_new(LHASH_HASH_FN(SSL_SESSION_hash),
LHASH_COMP_FN(SSL_SESSION_cmp));
@@ -1367,6 +1425,10 @@
goto err2;
}
+ ret->param = X509_VERIFY_PARAM_new();
+ if (!ret->param)
+ goto err;
+
if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
{
SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
@@ -1423,6 +1485,9 @@
}
#endif
+ if (a->param)
+ X509_VERIFY_PARAM_free(a->param);
+
/*
* Free internal session cache. However: the remove_cb() may reference
* the ex_data of SSL_CTX, thus the ex_data store can only be removed
@@ -1485,7 +1550,7 @@
void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
{
- ctx->verify_depth=depth;
+ X509_VERIFY_PARAM_set_depth(ctx->param, depth);
}
void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
@@ -1495,6 +1560,13 @@
int rsa_enc_export,dh_rsa_export,dh_dsa_export;
int rsa_tmp_export,dh_tmp_export,kl;
unsigned long mask,emask;
+ int have_ecc_cert, ecdh_ok, ecdsa_ok, ecc_pkey_size;
+#ifndef OPENSSL_NO_ECDH
+ int have_ecdh_tmp;
+#endif
+ X509 *x = NULL;
+ EVP_PKEY *ecc_pkey = NULL;
+ int signature_nid = 0;
if (c == NULL) return;
@@ -1515,6 +1587,9 @@
dh_tmp=dh_tmp_export=0;
#endif
+#ifndef OPENSSL_NO_ECDH
+ have_ecdh_tmp=(c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL);
+#endif
cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL);
rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
@@ -1529,7 +1604,8 @@
/* FIX THIS EAY EAY EAY */
dh_dsa= (cpk->x509 != NULL && cpk->privatekey != NULL);
dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl);
-
+ cpk= &(c->pkeys[SSL_PKEY_ECC]);
+ have_ecc_cert= (cpk->x509 != NULL && cpk->privatekey != NULL);
mask=0;
emask=0;
@@ -1586,11 +1662,127 @@
emask|=SSL_kKRB5|SSL_aKRB5;
#endif
+ /* An ECC certificate may be usable for ECDH and/or
+ * ECDSA cipher suites depending on the key usage extension.
+ */
+ if (have_ecc_cert)
+ {
+ /* This call populates extension flags (ex_flags) */
+ x = (c->pkeys[SSL_PKEY_ECC]).x509;
+ X509_check_purpose(x, -1, 0);
+ ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
+ (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
+ ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
+ (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
+ ecc_pkey = X509_get_pubkey(x);
+ ecc_pkey_size = (ecc_pkey != NULL) ?
+ EVP_PKEY_bits(ecc_pkey) : 0;
+ EVP_PKEY_free(ecc_pkey);
+ if ((x->sig_alg) && (x->sig_alg->algorithm))
+ signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
+#ifndef OPENSSL_NO_ECDH
+ if (ecdh_ok)
+ {
+ if ((signature_nid == NID_md5WithRSAEncryption) ||
+ (signature_nid == NID_md4WithRSAEncryption) ||
+ (signature_nid == NID_md2WithRSAEncryption))
+ {
+ mask|=SSL_kECDH|SSL_aRSA;
+ if (ecc_pkey_size <= 163)
+ emask|=SSL_kECDH|SSL_aRSA;
+ }
+ if (signature_nid == NID_ecdsa_with_SHA1)
+ {
+ mask|=SSL_kECDH|SSL_aECDSA;
+ if (ecc_pkey_size <= 163)
+ emask|=SSL_kECDH|SSL_aECDSA;
+ }
+ }
+#endif
+#ifndef OPENSSL_NO_ECDSA
+ if (ecdsa_ok)
+ {
+ mask|=SSL_aECDSA;
+ emask|=SSL_aECDSA;
+ }
+#endif
+ }
+
+#ifndef OPENSSL_NO_ECDH
+ if (have_ecdh_tmp)
+ {
+ mask|=SSL_kECDHE;
+ emask|=SSL_kECDHE;
+ }
+#endif
c->mask=mask;
c->export_mask=emask;
c->valid=1;
}
+/* This handy macro borrowed from crypto/x509v3/v3_purp.c */
+#define ku_reject(x, usage) \
+ (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
+
+int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
+ {
+ unsigned long alg = cs->algorithms;
+ EVP_PKEY *pkey = NULL;
+ int keysize = 0;
+ int signature_nid = 0;
+
+ if (SSL_C_IS_EXPORT(cs))
+ {
+ /* ECDH key length in export ciphers must be <= 163 bits */
+ pkey = X509_get_pubkey(x);
+ if (pkey == NULL) return 0;
+ keysize = EVP_PKEY_bits(pkey);
+ EVP_PKEY_free(pkey);
+ if (keysize > 163) return 0;
+ }
+
+ /* This call populates the ex_flags field correctly */
+ X509_check_purpose(x, -1, 0);
+ if ((x->sig_alg) && (x->sig_alg->algorithm))
+ signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
+ if (alg & SSL_kECDH)
+ {
+ /* key usage, if present, must allow key agreement */
+ if (ku_reject(x, X509v3_KU_KEY_AGREEMENT))
+ {
+ return 0;
+ }
+ if (alg & SSL_aECDSA)
+ {
+ /* signature alg must be ECDSA */
+ if (signature_nid != NID_ecdsa_with_SHA1)
+ {
+ return 0;
+ }
+ }
+ if (alg & SSL_aRSA)
+ {
+ /* signature alg must be RSA */
+ if ((signature_nid != NID_md5WithRSAEncryption) &&
+ (signature_nid != NID_md4WithRSAEncryption) &&
+ (signature_nid != NID_md2WithRSAEncryption))
+ {
+ return 0;
+ }
+ }
+ }
+ else if (alg & SSL_aECDSA)
+ {
+ /* key usage, if present, must allow signing */
+ if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE))
+ {
+ return 0;
+ }
+ }
+
+ return 1; /* all checks are ok */
+ }
+
/* THIS NEEDS CLEANING UP */
X509 *ssl_get_server_send_cert(SSL *s)
{
@@ -1605,7 +1797,26 @@
mask=is_export?c->export_mask:c->mask;
kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
- if (kalg & SSL_kDHr)
+ if (kalg & SSL_kECDH)
+ {
+ /* we don't need to look at SSL_kECDHE
+ * since no certificate is needed for
+ * anon ECDH and for authenticated
+ * ECDHE, the check for the auth
+ * algorithm will set i correctly
+ * NOTE: For ECDH-RSA, we need an ECC
+ * not an RSA cert but for ECDHE-RSA
+ * we need an RSA cert. Placing the
+ * checks for SSL_kECDH before RSA
+ * checks ensures the correct cert is chosen.
+ */
+ i=SSL_PKEY_ECC;
+ }
+ else if (kalg & SSL_aECDSA)
+ {
+ i=SSL_PKEY_ECC;
+ }
+ else if (kalg & SSL_kDHr)
i=SSL_PKEY_DH_RSA;
else if (kalg & SSL_kDHd)
i=SSL_PKEY_DH_DSA;
@@ -1629,6 +1840,7 @@
return(NULL);
}
if (c->pkeys[i].x509 == NULL) return(NULL);
+
return(c->pkeys[i].x509);
}
@@ -1652,6 +1864,9 @@
else
return(NULL);
}
+ else if ((alg & SSL_aECDSA) &&
+ (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
+ return(c->pkeys[SSL_PKEY_ECC].privatekey);
else /* if (alg & SSL_aNULL) */
{
SSLerr(SSL_F_SSL_GET_SIGN_PKEY,ERR_R_INTERNAL_ERROR);
@@ -1686,7 +1901,7 @@
?s->ctx->stats.sess_connect_good
:s->ctx->stats.sess_accept_good) & 0xff) == 0xff)
{
- SSL_CTX_flush_sessions(s->ctx,time(NULL));
+ SSL_CTX_flush_sessions(s->ctx,(unsigned long)time(NULL));
}
}
}
@@ -1723,7 +1938,7 @@
return(ret);
}
-int SSL_get_error(SSL *s,int i)
+int SSL_get_error(const SSL *s,int i)
{
int reason;
unsigned long l;
@@ -1857,13 +2072,25 @@
return(0);
}
+int ssl_undefined_void_function(void)
+ {
+ SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return(0);
+ }
+
+int ssl_undefined_const_function(const SSL *s)
+ {
+ SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return(0);
+ }
+
SSL_METHOD *ssl_bad_method(int ver)
{
SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return(NULL);
}
-const char *SSL_get_version(SSL *s)
+const char *SSL_get_version(const SSL *s)
{
if (s->version == TLS1_VERSION)
return("TLSv1");
@@ -1966,8 +2193,8 @@
ret->rstate=s->rstate;
ret->init_num = 0; /* would have to copy ret->init_buf, ret->init_msg, ret->init_num, ret->init_off */
ret->hit=s->hit;
- ret->purpose=s->purpose;
- ret->trust=s->trust;
+
+ X509_VERIFY_PARAM_inherit(ret->param, s->param);
/* dup the cipher_list and cipher_list_by_id stacks */
if (s->cipher_list != NULL)
@@ -2019,6 +2246,7 @@
OPENSSL_free(s->enc_write_ctx);
s->enc_write_ctx=NULL;
}
+#ifndef OPENSSL_NO_COMP
if (s->expand != NULL)
{
COMP_CTX_free(s->expand);
@@ -2029,10 +2257,11 @@
COMP_CTX_free(s->compress);
s->compress=NULL;
}
+#endif
}
/* Fix this function so that it takes an optional type parameter */
-X509 *SSL_get_certificate(SSL *s)
+X509 *SSL_get_certificate(const SSL *s)
{
if (s->cert != NULL)
return(s->cert->key->x509);
@@ -2049,12 +2278,37 @@
return(NULL);
}
-SSL_CIPHER *SSL_get_current_cipher(SSL *s)
+SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
{
if ((s->session != NULL) && (s->session->cipher != NULL))
return(s->session->cipher);
return(NULL);
}
+#ifdef OPENSSL_NO_COMP
+const void *SSL_get_current_compression(SSL *s)
+ {
+ return NULL;
+ }
+const void *SSL_get_current_expansion(SSL *s)
+ {
+ return NULL;
+ }
+#else
+
+const COMP_METHOD *SSL_get_current_compression(SSL *s)
+ {
+ if (s->compress != NULL)
+ return(s->compress->meth);
+ return(NULL);
+ }
+
+const COMP_METHOD *SSL_get_current_expansion(SSL *s)
+ {
+ if (s->expand != NULL)
+ return(s->expand->meth);
+ return(NULL);
+ }
+#endif
int ssl_init_wbio_buffer(SSL *s,int push)
{
@@ -2113,7 +2367,7 @@
ctx->quiet_shutdown=mode;
}
-int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx)
+int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
{
return(ctx->quiet_shutdown);
}
@@ -2123,7 +2377,7 @@
s->quiet_shutdown=mode;
}
-int SSL_get_quiet_shutdown(SSL *s)
+int SSL_get_quiet_shutdown(const SSL *s)
{
return(s->quiet_shutdown);
}
@@ -2133,17 +2387,17 @@
s->shutdown=mode;
}
-int SSL_get_shutdown(SSL *s)
+int SSL_get_shutdown(const SSL *s)
{
return(s->shutdown);
}
-int SSL_version(SSL *s)
+int SSL_version(const SSL *s)
{
return(s->version);
}
-SSL_CTX *SSL_get_SSL_CTX(SSL *ssl)
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
{
return(ssl->ctx);
}
@@ -2157,33 +2411,24 @@
int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
const char *CApath)
{
- int r;
-
-#ifdef OPENSSL_FIPS
- if(ctx->method->version == TLS1_VERSION)
- FIPS_allow_md5(1);
-#endif
- r=X509_STORE_load_locations(ctx->cert_store,CAfile,CApath);
-#ifdef OPENSSL_FIPS
- if(ctx->method->version == TLS1_VERSION)
- FIPS_allow_md5(0);
-#endif
- return r;
+ return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
}
#endif
void SSL_set_info_callback(SSL *ssl,
- void (*cb)(const SSL *ssl,int type,int val))
+ void (*cb)(const SSL *ssl,int type,int val))
{
ssl->info_callback=cb;
}
-void (*SSL_get_info_callback(SSL *ssl))(const SSL *ssl,int type,int val)
+/* One compiler (Diab DCC) doesn't like argument names in returned
+ function pointer. */
+void (*SSL_get_info_callback(const SSL *ssl))(const SSL * /*ssl*/,int /*type*/,int /*val*/)
{
return ssl->info_callback;
}
-int SSL_state(SSL *ssl)
+int SSL_state(const SSL *ssl)
{
return(ssl->state);
}
@@ -2193,7 +2438,7 @@
ssl->verify_result=arg;
}
-long SSL_get_verify_result(SSL *ssl)
+long SSL_get_verify_result(const SSL *ssl)
{
return(ssl->verify_result);
}
@@ -2210,7 +2455,7 @@
return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
}
-void *SSL_get_ex_data(SSL *s,int idx)
+void *SSL_get_ex_data(const SSL *s,int idx)
{
return(CRYPTO_get_ex_data(&s->ex_data,idx));
}
@@ -2227,7 +2472,7 @@
return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
}
-void *SSL_CTX_get_ex_data(SSL_CTX *s,int idx)
+void *SSL_CTX_get_ex_data(const SSL_CTX *s,int idx)
{
return(CRYPTO_get_ex_data(&s->ex_data,idx));
}
@@ -2237,7 +2482,7 @@
return(1);
}
-X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx)
+X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
{
return(ctx->cert_store);
}
@@ -2249,7 +2494,7 @@
ctx->cert_store=store;
}
-int SSL_want(SSL *s)
+int SSL_want(const SSL *s)
{
return(s->rwstate);
}
@@ -2265,14 +2510,14 @@
int is_export,
int keylength))
{
- SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
+ SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
}
void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl,
int is_export,
int keylength))
{
- SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb);
+ SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
}
#endif
@@ -2301,24 +2546,38 @@
void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export,
int keylength))
{
- SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
+ SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
}
void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export,
int keylength))
{
- SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh);
+ SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
+ }
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
+ int keylength))
+ {
+ SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
+ }
+
+void SSL_set_tmp_ecdh_callback(SSL *ssl,EC_KEY *(*ecdh)(SSL *ssl,int is_export,
+ int keylength))
+ {
+ SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
}
#endif
void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
{
- SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
+ SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
}
void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
{
- SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)())cb);
+ SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
}
Index: s2_clnt.c
===================================================================
RCS file: /home/cvs/src/crypto/openssl/ssl/s2_clnt.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssl/ssl/s2_clnt.c -L crypto/openssl/ssl/s2_clnt.c -u -r1.2 -r1.3
--- crypto/openssl/ssl/s2_clnt.c
+++ crypto/openssl/ssl/s2_clnt.c
@@ -137,32 +137,14 @@
return(NULL);
}
-SSL_METHOD *SSLv2_client_method(void)
- {
- static int init=1;
- static SSL_METHOD SSLv2_client_data;
-
- if (init)
- {
- CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
- if (init)
- {
- memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(),
- sizeof(SSL_METHOD));
- SSLv2_client_data.ssl_connect=ssl2_connect;
- SSLv2_client_data.get_ssl_method=ssl2_get_client_method;
- init=0;
- }
-
- CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
- }
- return(&SSLv2_client_data);
- }
+IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
+ ssl_undefined_function,
+ ssl2_connect,
+ ssl2_get_client_method)
int ssl2_connect(SSL *s)
{
- unsigned long l=time(NULL);
+ unsigned long l=(unsigned long)time(NULL);
BUF_MEM *buf=NULL;
int ret= -1;
void (*cb)(const SSL *ssl,int type,int val)=NULL;
@@ -585,7 +567,7 @@
s2n(SSL2_VERSION,p); /* version */
n=j=0;
- n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d);
+ n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d,0);
d+=n;
if (n == 0)
@@ -613,7 +595,7 @@
s->s2->challenge_length=SSL2_CHALLENGE_LENGTH;
s2n(SSL2_CHALLENGE_LENGTH,p); /* challenge length */
/*challenge id data*/
- if(RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH) <= 0)
+ if (RAND_pseudo_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH) <= 0)
return -1;
memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH);
d+=SSL2_CHALLENGE_LENGTH;
@@ -663,7 +645,7 @@
return -1;
}
if (i > 0)
- if(RAND_pseudo_bytes(sess->key_arg,i) <= 0)
+ if (RAND_pseudo_bytes(sess->key_arg,i) <= 0)
return -1;
/* make a master key */
@@ -671,7 +653,7 @@
sess->master_key_length=i;
if (i > 0)
{
- if (i > sizeof sess->master_key)
+ if (i > (int)sizeof(sess->master_key))
{
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
@@ -691,7 +673,7 @@
else
enc=i;
- if (i < enc)
+ if ((int)i < enc)
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR);
@@ -720,7 +702,7 @@
d+=enc;
karg=sess->key_arg_length;
s2n(karg,p); /* key arg size */
- if (karg > sizeof sess->key_arg)
+ if (karg > (int)sizeof(sess->key_arg))
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
@@ -1038,7 +1020,7 @@
}
/* loads in the certificate from the server */
-int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data)
+int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
{
STACK_OF(X509) *sk=NULL;
EVP_PKEY *pkey=NULL;
--- crypto/openssl/util/pl/VC-16.pl
+++ /dev/null
@@ -1,177 +0,0 @@
-#!/usr/local/bin/perl
-# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
-#
-
-$ssl= "ssleay16";
-$crypto="libeay16";
-
-$o='\\';
-$cp='copy';
-$rm='del';
-
-# C compiler stuff
-$cc='cl';
-
-$out_def="out16";
-$tmp_def="tmp16";
-$inc_def="inc16";
-
-if ($debug)
- {
- $op="/Od /Zi /Zd";
- $base_lflags="/CO";
- }
-else {
- $op="/G2 /f- /Ocgnotb2";
- }
-$base_lflags.=" /FARCALL /NOLOGO /NOD /SEG:1024 /ONERROR:NOEXE /NOE /PACKC:60000";
-if ($win16) { $base_lflags.=" /PACKD:60000"; }
-
-$cflags="/ALw /Gx- /Gt256 /Gf $op /W3 /WX -DL_ENDIAN /nologo";
-# I add the stack opt
-$lflags="$base_lflags /STACK:20000";
-
-if ($win16)
- {
- $cflags.=" -DOPENSSL_SYSNAME_WIN16";
- $app_cflag="/Gw /FPi87";
- $lib_cflag="/Gw";
- $lib_cflag.=" -D_WINDLL -D_DLL" if $shlib;
- $lib_cflag.=" -DWIN16TTY" if !$shlib;
- $lflags.=" /ALIGN:256";
- $ex_libs.="oldnames llibcewq libw";
- }
-else
- {
- $no_sock=1;
- $cflags.=" -DMSDOS";
- $lflags.=" /EXEPACK";
- $ex_libs.="oldnames.lib llibce.lib";
- }
-
-if ($shlib)
- {
- $mlflags="$base_lflags";
- $libs="oldnames ldllcew libw";
- $shlib_ex_obj="";
-# $no_asm=1;
- $out_def="out16dll";
- $tmp_def="tmp16dll";
- }
-else
- { $mlflags=''; }
-
-$app_ex_obj="";
-
-$obj='.obj';
-$ofile="/Fo";
-
-# EXE linking stuff
-$link="link";
-$efile="";
-$exep='.exe';
-$ex_libs.=$no_sock?"":" winsock";
-
-# static library stuff
-$mklib='lib /PAGESIZE:1024';
-$ranlib='';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='';
-
-$asm='ml /Cp /c /Cx';
-$afile='/Fo';
-
-$bn_asm_obj='';
-$bn_asm_src='';
-$des_enc_obj='';
-$des_enc_src='';
-$bf_enc_obj='';
-$bf_enc_src='';
-
-if (!$no_asm && !$fips)
- {
- if ($asmbits == 32)
- {
- $bn_asm_obj='crypto\bn\asm\x86w32.obj';
- $bn_asm_src='crypto\bn\asm\x86w32.asm';
- }
- else
- {
- $bn_asm_obj='crypto\bn\asm\x86w16.obj';
- $bn_asm_src='crypto\bn\asm\x86w16.asm';
- }
- }
-
-sub do_lib_rule
- {
- local($objs,$target,$name,$shlib)=@_;
- local($ret,$Name);
-
- $taget =~ s/\//$o/g if $o ne '/';
- ($Name=$name) =~ tr/a-z/A-Z/;
-
-# $target="\$(LIB_D)$o$target";
- $ret.="$target: $objs\n";
-# $ret.="\t\$(RM) \$(O_$Name)\n";
-
- # Due to a pathetic line length limit, I unwrap the args.
- local($lib_names)="";
- local($dll_names)=" \$(SHLIB_EX_OBJ) +\n";
- ($obj)= ($objs =~ /\((.*)\)/);
- foreach $_ (sort split(/\s+/,$Vars{$obj}))
- {
- $lib_names.="+$_ &\n";
- $dll_names.=" $_ +\n";
- }
-
- if (!$shlib)
- {
- $ret.="\tdel $target\n";
- $ret.="\t\$(MKLIB) @<<\n$target\ny\n$lib_names\n\n<<\n";
- }
- else
- {
- local($ex)=($target =~ /O_SSL/)?'$(L_CRYPTO)':"";
- $ex.=' winsock';
- $ret.="\t\$(LINK) \$(MLFLAGS) @<<\n";
- $ret.=$dll_names;
- $ret.="\n $target\n\n $ex $libs\nms$o${name}.def;\n<<\n";
- ($out_lib=$target) =~ s/O_/L_/;
- $ret.="\timplib /noignorecase /nowep $out_lib $target\n";
- }
- $ret.="\n";
- return($ret);
- }
-
-sub do_link_rule
- {
- local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_;
- local($ret,$f,$_, at f);
-
- $file =~ s/\//$o/g if $o ne '/';
- $n=&bname($targer);
- $ret.="$target: $files $dep_libs\n";
- $ret.=" \$(LINK) \$(LFLAGS) @<<\n";
-
- # Due to a pathetic line length limit, I have to unwrap the args.
- if ($files =~ /\(([^)]*)\)$/)
- {
- @a=('$(APP_EX_OBJ)');
- push(@a,sort split(/\s+/,$Vars{$1}));
- for $_ (@a)
- { $ret.=" $_ +\n"; }
- }
- else
- { $ret.=" \$(APP_EX_OBJ) $files"; }
- $ret.="\n $target\n\n $libs\n\n<<\n";
- if (defined $sha1file)
- {
- $ret.=" $openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file";
- }
- $ret.="\n";
- return($ret);
- }
-
-1;
--- crypto/openssl/util/pl/VC-CE.pl
+++ /dev/null
@@ -1,116 +0,0 @@
-#!/usr/local/bin/perl
-# VC-CE.pl - the file for eMbedded Visual C++ 3.0 for windows CE, static libraries
-#
-
-$ssl= "ssleay32";
-$crypto="libeay32";
-$RSAref="RSAref32";
-
-$o='\\';
-$cp='copy nul+'; # Timestamps get stuffed otherwise
-$rm='del';
-
-# C compiler stuff
-$cc='$(CC)';
-$cflags=' /W3 /WX /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo $(WCETARGETDEFS) -DUNICODE -D_UNICODE -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -I$(WCECOMPAT)/include';
-$lflags='/nologo /subsystem:windowsce,$(WCELDVERSION) /machine:$(WCELDMACHINE) /opt:ref';
-$mlflags='';
-
-$out_def='out32_$(TARGETCPU)';
-$tmp_def='tmp32_$(TARGETCPU)';
-$inc_def="inc32";
-
-if ($debug)
- {
- $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWIN32 -D_DEBUG -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32";
- $lflags.=" /debug";
- $mlflags.=' /debug';
- }
-
-$obj='.obj';
-$ofile="/Fo";
-
-# EXE linking stuff
-$link="link";
-$efile="/out:";
-$exep='.exe';
-if ($no_sock)
- { $ex_libs=""; }
-else { $ex_libs='winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib $(WCELDFLAGS)'; }
-
-# static library stuff
-$mklib='lib';
-$ranlib='';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='/out:';
-
-$shlib_ex_obj="";
-$app_ex_obj="";
-$app_ex_obj="";
-
-$bn_asm_obj='';
-$bn_asm_src='';
-$des_enc_obj='';
-$des_enc_src='';
-$bf_enc_obj='';
-$bf_enc_src='';
-
-if ($shlib)
- {
- $mlflags.=" $lflags /dll";
-# $cflags =~ s| /MD| /MT|;
- $lib_cflag=" -D_WINDLL -D_DLL";
- $out_def='out32dll_$(TARGETCPU)';
- $tmp_def='tmp32dll_$(TARGETCPU)';
- }
-
-$cflags.=" /Fd$out_def";
-
-sub do_lib_rule
- {
- local($objs,$target,$name,$shlib)=@_;
- local($ret,$Name);
-
- $taget =~ s/\//$o/g if $o ne '/';
- ($Name=$name) =~ tr/a-z/A-Z/;
-
-# $target="\$(LIB_D)$o$target";
- $ret.="$target: $objs\n";
- if (!$shlib)
- {
-# $ret.="\t\$(RM) \$(O_$Name)\n";
- $ex =' ';
- $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n";
- }
- else
- {
- local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
-# $ex.=' winsock.lib coredll.lib $(WCECOMPAT)/lib/wcecompatex.lib';
- $ex.=' winsock.lib $(WCECOMPAT)/lib/wcecompatex.lib';
- $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
- }
- $ret.="\n";
- return($ret);
- }
-
-sub do_link_rule
- {
- local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_;
- local($ret,$_);
-
- $file =~ s/\//$o/g if $o ne '/';
- $n=&bname($targer);
- $ret.="$target: $files $dep_libs\n";
- $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n";
- $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n";
- if (defined $sha1file)
- {
- $ret.=" $openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file";
- }
- $ret.="\n";
- return($ret);
- }
-
-1;
--- crypto/openssl/util/pl/BC-16.pl
+++ /dev/null
@@ -1,151 +0,0 @@
-#!/usr/local/bin/perl
-# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
-#
-
-$o='\\';
-$cp='copy';
-$rm='del';
-
-# C compiler stuff
-$cc='bcc';
-
-if ($debug)
- { $op="-v "; }
-else { $op="-O "; }
-
-$cflags="-d -ml $op -DL_ENDIAN";
-# I add the stack opt
-$base_lflags="/c /C";
-$lflags="$base_lflags";
-
-if ($win16)
- {
- $shlib=1;
- $cflags.=" -DOPENSSL_SYSNAME_WIN16";
- $app_cflag="-W";
- $lib_cflag="-WD";
- $lflags.="/Twe";
- }
-else
- {
- $cflags.=" -DOENSSL_SYSNAME_MSDOS";
- $lflags.=" /Tde";
- }
-
-if ($shlib)
- {
- $mlflags=" /Twd $base_lflags"; # stack if defined in .def file
- $libs="libw ldllcew";
- $no_asm=1;
- }
-else
- { $mlflags=''; }
-
-$obj='.obj';
-$ofile="-o";
-
-# EXE linking stuff
-$link="tlink";
-$efile="";
-$exep='.exe';
-$ex_libs="CL";
-$ex_libs.=$no_sock?"":" winsock.lib";
-
-$app_ex_obj="C0L.obj ";
-$shlib_ex_obj="" if ($shlib);
-
-# static library stuff
-$mklib='tlib';
-$ranlib='echo no ranlib';
-$plib="";
-$libp=".lib";
-$shlibp=($shlib)?".dll":".lib";
-$lfile='';
-
-$asm='bcc -c -B -Tml';
-$afile='/o';
-if ($no_asm || $fips)
- {
- $bn_asm_obj='';
- $bn_asm_src='';
- }
-elsif ($asmbits == 32)
- {
- $bn_asm_obj='crypto\bn\asm\x86w32.obj';
- $bn_asm_src='crypto\bn\asm\x86w32.asm';
- }
-else
- {
- $bn_asm_obj='crypto\bn\asm\x86w16.obj';
- $bn_asm_src='crypto\bn\asm\x86w16.asm';
- }
-
-sub do_lib_rule
- {
- local($target,$name,$shlib)=@_;
- local($ret,$Name);
-
- $taget =~ s/\//$o/g if $o ne '/';
- ($Name=$name) =~ tr/a-z/A-Z/;
-
- $ret.="$target: \$(${Name}OBJ)\n";
- $ret.="\t\$(RM) \$(O_$Name)\n";
-
- # Due to a pathetic line length limit, I unwrap the args.
- local($lib_names)="";
- local($dll_names)="";
- foreach $_ (sort split(/\s+/,$Vars{"${Name}OBJ"}))
- {
- $lib_names.=" +$_ &\n";
- $dll_names.=" $_\n";
- }
-
- if (!$shlib)
- {
- $ret.="\t\$(MKLIB) $target & <<|\n$lib_names\n,\n|\n";
- }
- else
- {
- local($ex)=($Name eq "SSL")?' $(L_CRYPTO) winsock':"";
- $ret.="\t\$(LINK) \$(MLFLAGS) @&&|\n";
- $ret.=$dll_names;
- $ret.="\n $target\n\n $ex $libs\nms$o${name}16.def;\n|\n";
- ($out_lib=$target) =~ s/O_/L_/;
- $ret.="\timplib /nowep $out_lib $target\n\n";
- }
- $ret.="\n";
- return($ret);
- }
-
-sub do_link_rule
- {
- local($target,$files,$dep_libs,$libs,$sha1file,$openssl)=@_;
- local($ret,$f,$_, at f);
-
- $file =~ s/\//$o/g if $o ne '/';
- $n=&bname($target);
- $ret.="$target: $files $dep_libs\n";
- $ret.=" \$(LINK) @&&|";
-
- # Due to a pathetic line length limit, I have to unwrap the args.
- $ret.=" \$(LFLAGS) ";
- if ($files =~ /\(([^)]*)\)$/)
- {
- $ret.=" \$(APP_EX_OBJ)";
- foreach $_ (sort split(/\s+/,$Vars{$1}))
- { $ret.="\n $r $_ +"; }
- chop($ret);
- $ret.="\n";
- }
- else
- { $ret.="\n $r \$(APP_EX_OBJ) $files\n"; }
- $ret.=" $target\n\n $libs\n\n|\n";
- if (defined $sha1file)
- {
- $ret.=" $openssl sha1 -hmac etaonrishdlcupfm -binary $target > $sha1file";
- }
- $ret.="\n";
- return($ret);
- }
-
-1;
More information about the Midnightbsd-cvs
mailing list