aboutsummaryrefslogtreecommitdiff
path: root/crypto
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2018-03-27 17:03:01 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2018-03-27 17:03:01 +0000
commit02be298e504b8554caca6dc85af450e1ea44d19d (patch)
treeb4870fcd2c2663fedd44997d4bb5ad13dcd50293 /crypto
parent4f94f84d8491a2455678402b5c7c92e692a272bc (diff)
downloadsrc-02be298e504b8554caca6dc85af450e1ea44d19d.tar.gz
src-02be298e504b8554caca6dc85af450e1ea44d19d.zip
Import OpenSSL 1.0.2o.vendor/openssl/1.0.2o
Notes
Notes: svn path=/vendor-crypto/openssl/dist/; revision=331625 svn path=/vendor-crypto/openssl/1.0.2o/; revision=331626; tag=vendor/openssl/1.0.2o
Diffstat (limited to 'crypto')
-rw-r--r--crypto/asn1/a_gentm.c2
-rw-r--r--crypto/asn1/a_mbstr.c4
-rw-r--r--crypto/asn1/a_object.c4
-rw-r--r--crypto/asn1/a_strex.c8
-rw-r--r--crypto/asn1/a_time.c2
-rw-r--r--crypto/asn1/a_utctm.c4
-rw-r--r--crypto/asn1/asn1.h1
-rw-r--r--crypto/asn1/asn1_err.c3
-rw-r--r--crypto/asn1/asn1_lib.c4
-rw-r--r--crypto/asn1/asn1_par.c8
-rw-r--r--crypto/asn1/asn_mime.c3
-rw-r--r--crypto/asn1/t_x509a.c4
-rw-r--r--crypto/asn1/tasn_dec.c64
-rw-r--r--crypto/asn1/tasn_prn.c2
-rw-r--r--crypto/bf/bftest.c6
-rw-r--r--crypto/bio/b_dump.c41
-rw-r--r--crypto/bio/b_print.c4
-rw-r--r--crypto/bio/bio_cb.c2
-rw-r--r--crypto/bio/bss_bio.c2
-rw-r--r--crypto/bio/bss_conn.c4
-rw-r--r--crypto/bio/bss_file.c10
-rw-r--r--crypto/bn/bn_exp.c8
-rw-r--r--crypto/bn/bn_lib.c110
-rw-r--r--crypto/bn/bn_mont.c79
-rw-r--r--crypto/bn/bn_print.c4
-rw-r--r--crypto/bn/bntest.c2
-rw-r--r--crypto/bn/expspeed.c2
-rw-r--r--crypto/bn/exptest.c8
-rw-r--r--crypto/conf/conf_def.c2
-rw-r--r--crypto/conf/conf_mod.c2
-rw-r--r--crypto/des/destest.c4
-rw-r--r--crypto/des/ecb_enc.c2
-rw-r--r--crypto/des/fcrypt.c4
-rw-r--r--crypto/des/read_pwd.c2
-rw-r--r--crypto/des/set_key.c2
-rw-r--r--crypto/dh/dhtest.c2
-rw-r--r--crypto/dsa/dsatest.c2
-rw-r--r--crypto/ec/ec_lib.c10
-rw-r--r--crypto/ec/ec_mult.c16
-rw-r--r--crypto/ec/ecp_nistp224.c15
-rw-r--r--crypto/ec/ecp_nistp256.c41
-rw-r--r--crypto/ec/ecp_nistp521.c17
-rw-r--r--crypto/ec/ecp_nistz256.c2
-rw-r--r--crypto/ec/ecp_smpl.c2
-rw-r--r--crypto/ec/ectest.c14
-rw-r--r--crypto/ecdh/ecdhtest.c2
-rw-r--r--crypto/engine/eng_cryptodev.c12
-rw-r--r--crypto/engine/eng_table.c7
-rw-r--r--crypto/err/err.c4
-rw-r--r--crypto/err/err_prn.c2
-rw-r--r--crypto/evp/bio_b64.c8
-rw-r--r--crypto/evp/digest.c8
-rw-r--r--crypto/evp/e_aes.c4
-rw-r--r--crypto/evp/e_camellia.c4
-rw-r--r--crypto/evp/evp_enc.c10
-rw-r--r--crypto/evp/evp_locl.h4
-rw-r--r--crypto/evp/evp_pbe.c4
-rw-r--r--crypto/evp/evp_test.c2
-rw-r--r--crypto/evp/openbsd_hw.c6
-rw-r--r--crypto/evp/p5_crpt2.c2
-rw-r--r--crypto/hmac/hmac.c2
-rw-r--r--crypto/jpake/jpake.c12
-rw-r--r--crypto/md2/md2_dgst.c6
-rw-r--r--crypto/md4/md4.c2
-rw-r--r--crypto/mem_dbg.c18
-rw-r--r--crypto/o_init.c5
-rw-r--r--crypto/o_time.c8
-rw-r--r--crypto/objects/o_names.c4
-rw-r--r--crypto/objects/obj_dat.c28
-rw-r--r--crypto/opensslv.h6
-rw-r--r--crypto/pem/pem_info.c2
-rw-r--r--crypto/pem/pem_lib.c2
-rw-r--r--crypto/pkcs7/pk7_doit.c8
-rw-r--r--crypto/rand/md_rand.c6
-rw-r--r--crypto/rand/rand_egd.c2
-rw-r--r--crypto/rand/rand_unix.c10
-rw-r--r--crypto/rsa/rsa_crpt.c2
-rw-r--r--crypto/rsa/rsa_gen.c32
-rw-r--r--crypto/rsa/rsa_pss.c4
-rw-r--r--crypto/rsa/rsa_test.c2
-rw-r--r--crypto/srp/srp_grps.h28
-rw-r--r--crypto/threads/mttest.c2
-rw-r--r--crypto/ts/Makefile3
-rw-r--r--crypto/ts/ts_rsp_sign.c6
-rw-r--r--crypto/ui/ui_openssl.c2
-rw-r--r--crypto/x509/x509_txt.c2
-rw-r--r--crypto/x509/x509_v3.c2
-rw-r--r--crypto/x509/x509_vpm.c2
-rw-r--r--crypto/x509v3/v3_alt.c4
-rw-r--r--crypto/x509v3/v3_conf.c10
-rw-r--r--crypto/x509v3/v3_info.c2
91 files changed, 425 insertions, 412 deletions
diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
index 85118137859f..cb4481597064 100644
--- a/crypto/asn1/a_gentm.c
+++ b/crypto/asn1/a_gentm.c
@@ -78,7 +78,7 @@ int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
ASN1_STRING tmpstr = *(ASN1_STRING *)a;
len = tmpstr.length;
- ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
+ ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len);
tmpstr.data = tmp;
a = (ASN1_GENERALIZEDTIME *)&tmpstr;
diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c
index 6935efe09fb5..5b8028aaa3a5 100644
--- a/crypto/asn1/a_mbstr.c
+++ b/crypto/asn1/a_mbstr.c
@@ -149,14 +149,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
if ((minsize > 0) && (nchar < minsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
- BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
+ BIO_snprintf(strbuf, sizeof(strbuf), "%ld", minsize);
ERR_add_error_data(2, "minsize=", strbuf);
return -1;
}
if ((maxsize > 0) && (nchar > maxsize)) {
ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
- BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
+ BIO_snprintf(strbuf, sizeof(strbuf), "%ld", maxsize);
ERR_add_error_data(2, "maxsize=", strbuf);
return -1;
}
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
index 229a40ffa344..ad6b12a53667 100644
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -89,7 +89,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
{
int i, first, len = 0, c, use_bn;
char ftmp[24], *tmp = ftmp;
- int tmpsize = sizeof ftmp;
+ int tmpsize = sizeof(ftmp);
const char *p;
unsigned long l;
BIGNUM *bl = NULL;
@@ -226,7 +226,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
if ((a == NULL) || (a->data == NULL))
return (BIO_write(bp, "NULL", 4));
- i = i2t_ASN1_OBJECT(buf, sizeof buf, a);
+ i = i2t_ASN1_OBJECT(buf, sizeof(buf), a);
if (i > (int)(sizeof(buf) - 1)) {
p = OPENSSL_malloc(i + 1);
if (!p)
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index 2d562f93452f..95f041620735 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -130,13 +130,13 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
if (c > 0xffffffffL)
return -1;
if (c > 0xffff) {
- BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c);
+ BIO_snprintf(tmphex, sizeof(tmphex), "\\W%08lX", c);
if (!io_ch(arg, tmphex, 10))
return -1;
return 10;
}
if (c > 0xff) {
- BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c);
+ BIO_snprintf(tmphex, sizeof(tmphex), "\\U%04lX", c);
if (!io_ch(arg, tmphex, 6))
return -1;
return 6;
@@ -236,7 +236,7 @@ static int do_buf(unsigned char *buf, int buflen,
if (type & BUF_TYPE_CONVUTF8) {
unsigned char utfbuf[6];
int utflen;
- utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
+ utflen = UTF8_putc(utfbuf, sizeof(utfbuf), c);
for (i = 0; i < utflen; i++) {
/*
* We don't need to worry about setting orflags correctly
@@ -533,7 +533,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
if (fn_opt != XN_FLAG_FN_NONE) {
int objlen, fld_len;
if ((fn_opt == XN_FLAG_FN_OID) || (fn_nid == NID_undef)) {
- OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
+ OBJ_obj2txt(objtmp, sizeof(objtmp), fn, 1);
fld_len = 0; /* XXX: what should this be? */
objbuf = objtmp;
} else {
diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c
index 0eeb79cd428c..28831d6b843c 100644
--- a/crypto/asn1/a_time.c
+++ b/crypto/asn1/a_time.c
@@ -86,7 +86,7 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
tmpstr = *(ASN1_STRING *)a;
len = tmpstr.length;
ebcdic2ascii(tmp, tmpstr.data,
- (len >= sizeof tmp) ? sizeof tmp : len);
+ (len >= sizeof(tmp)) ? sizeof(tmp) : len);
tmpstr.data = tmp;
a = (ASN1_GENERALIZEDTIME *)&tmpstr;
}
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index 0344482cc247..9cbad7c5ee1a 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -76,7 +76,7 @@ int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
ASN1_STRING x = *(ASN1_STRING *)a;
len = x.length;
- ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len);
+ ebcdic2ascii(tmp, x.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len);
x.data = tmp;
return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
# endif
@@ -317,7 +317,7 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
struct tm tm;
int offset;
- memset(&tm, '\0', sizeof tm);
+ memset(&tm, '\0', sizeof(tm));
# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
tm.tm_year = g2(s->data);
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 68e791fcdbe8..35a2b2aa0238 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -1365,6 +1365,7 @@ void ERR_load_ASN1_strings(void);
# define ASN1_R_MSTRING_NOT_UNIVERSAL 139
# define ASN1_R_MSTRING_WRONG_TAG 140
# define ASN1_R_NESTED_ASN1_STRING 197
+# define ASN1_R_NESTED_TOO_DEEP 219
# define ASN1_R_NON_HEX_CHARACTERS 141
# define ASN1_R_NOT_ASCII_FORMAT 190
# define ASN1_R_NOT_ENOUGH_DATA 142
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index fd4ac8d9db80..cfc1512f9d07 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -1,6 +1,6 @@
/* crypto/asn1/asn1_err.c */
/* ====================================================================
- * Copyright (c) 1999-2014 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -279,6 +279,7 @@ static ERR_STRING_DATA ASN1_str_reasons[] = {
{ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"},
{ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"},
{ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"},
+ {ERR_REASON(ASN1_R_NESTED_TOO_DEEP), "nested too deep"},
{ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"},
{ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
{ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index e63e82a8b476..b52c3e1264c7 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -456,8 +456,8 @@ void asn1_add_error(const unsigned char *address, int offset)
{
char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1];
- BIO_snprintf(buf1, sizeof buf1, "%lu", (unsigned long)address);
- BIO_snprintf(buf2, sizeof buf2, "%d", offset);
+ BIO_snprintf(buf1, sizeof(buf1), "%lu", (unsigned long)address);
+ BIO_snprintf(buf2, sizeof(buf2), "%d", offset);
ERR_add_error_data(4, "address=", buf1, " offset=", buf2);
}
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index e85e3398b6bb..0b1a689d6831 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -87,13 +87,13 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
p = str;
if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
- BIO_snprintf(str, sizeof str, "priv [ %d ] ", tag);
+ BIO_snprintf(str, sizeof(str), "priv [ %d ] ", tag);
else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
- BIO_snprintf(str, sizeof str, "cont [ %d ]", tag);
+ BIO_snprintf(str, sizeof(str), "cont [ %d ]", tag);
else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
- BIO_snprintf(str, sizeof str, "appl [ %d ]", tag);
+ BIO_snprintf(str, sizeof(str), "appl [ %d ]", tag);
else if (tag > 30)
- BIO_snprintf(str, sizeof str, "<ASN1 %d>", tag);
+ BIO_snprintf(str, sizeof(str), "<ASN1 %d>", tag);
else
p = ASN1_tag2str(tag);
diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
index 5170906c62da..02b7c9b7efc6 100644
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@@ -4,7 +4,7 @@
* project.
*/
/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -473,6 +473,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
+ sk_BIO_pop_free(parts, BIO_vfree);
return NULL;
}
diff --git a/crypto/asn1/t_x509a.c b/crypto/asn1/t_x509a.c
index f4b8f94cb35a..d1b897a469fd 100644
--- a/crypto/asn1/t_x509a.c
+++ b/crypto/asn1/t_x509a.c
@@ -81,7 +81,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
BIO_puts(out, ", ");
else
first = 0;
- OBJ_obj2txt(oidstr, sizeof oidstr,
+ OBJ_obj2txt(oidstr, sizeof(oidstr),
sk_ASN1_OBJECT_value(aux->trust, i), 0);
BIO_puts(out, oidstr);
}
@@ -96,7 +96,7 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
BIO_puts(out, ", ");
else
first = 0;
- OBJ_obj2txt(oidstr, sizeof oidstr,
+ OBJ_obj2txt(oidstr, sizeof(oidstr),
sk_ASN1_OBJECT_value(aux->reject, i), 0);
BIO_puts(out, oidstr);
}
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index d49a5d5792a4..e657c36d8ab6 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -65,6 +65,14 @@
#include <openssl/buffer.h>
#include <openssl/err.h>
+/*
+ * Constructed types with a recursive definition (such as can be found in PKCS7)
+ * could eventually exceed the stack given malicious input with excessive
+ * recursion. Therefore we limit the stack depth. This is the maximum number of
+ * recursive invocations of asn1_item_embed_d2i().
+ */
+#define ASN1_MAX_CONSTRUCTED_NEST 30
+
static int asn1_check_eoc(const unsigned char **in, long len);
static int asn1_find_end(const unsigned char **in, long len, char inf);
@@ -81,11 +89,11 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
static int asn1_template_ex_d2i(ASN1_VALUE **pval,
const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt,
- ASN1_TLC *ctx);
+ ASN1_TLC *ctx, int depth);
static int asn1_template_noexp_d2i(ASN1_VALUE **val,
const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt,
- ASN1_TLC *ctx);
+ ASN1_TLC *ctx, int depth);
static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
const unsigned char **in, long len,
const ASN1_ITEM *it,
@@ -154,17 +162,16 @@ int ASN1_template_d2i(ASN1_VALUE **pval,
{
ASN1_TLC c;
asn1_tlc_clear_nc(&c);
- return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
+ return asn1_template_ex_d2i(pval, in, len, tt, 0, &c, 0);
}
/*
* Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and
* tag mismatch return -1 to handle OPTIONAL
*/
-
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
- const ASN1_ITEM *it,
- int tag, int aclass, char opt, ASN1_TLC *ctx)
+static int asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in,
+ long len, const ASN1_ITEM *it, int tag, int aclass,
+ char opt, ASN1_TLC *ctx, int depth)
{
const ASN1_TEMPLATE *tt, *errtt = NULL;
const ASN1_COMPAT_FUNCS *cf;
@@ -189,6 +196,11 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
else
asn1_cb = 0;
+ if (++depth > ASN1_MAX_CONSTRUCTED_NEST) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NESTED_TOO_DEEP);
+ goto err;
+ }
+
switch (it->itype) {
case ASN1_ITYPE_PRIMITIVE:
if (it->templates) {
@@ -204,7 +216,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
goto err;
}
return asn1_template_ex_d2i(pval, in, len,
- it->templates, opt, ctx);
+ it->templates, opt, ctx, depth);
}
return asn1_d2i_ex_primitive(pval, in, len, it,
tag, aclass, opt, ctx);
@@ -326,7 +338,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
/*
* We mark field as OPTIONAL so its absence can be recognised.
*/
- ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
+ ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx, depth);
/* If field not present, try the next one */
if (ret == -1)
continue;
@@ -444,7 +456,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
* attempt to read in field, allowing each to be OPTIONAL
*/
- ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
+ ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx,
+ depth);
if (!ret) {
errtt = seqtt;
goto err;
@@ -514,6 +527,13 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
return 0;
}
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+ const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+ return asn1_item_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx, 0);
+}
+
/*
* Templates are handled with two separate functions. One handles any
* EXPLICIT tag and the other handles the rest.
@@ -522,7 +542,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
static int asn1_template_ex_d2i(ASN1_VALUE **val,
const unsigned char **in, long inlen,
const ASN1_TEMPLATE *tt, char opt,
- ASN1_TLC *ctx)
+ ASN1_TLC *ctx, int depth)
{
int flags, aclass;
int ret;
@@ -557,7 +577,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
return 0;
}
/* We've found the field so it can't be OPTIONAL now */
- ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
+ ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx, depth);
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
return 0;
@@ -581,7 +601,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
}
}
} else
- return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
+ return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx, depth);
*in = p;
return 1;
@@ -594,7 +614,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
static int asn1_template_noexp_d2i(ASN1_VALUE **val,
const unsigned char **in, long len,
const ASN1_TEMPLATE *tt, char opt,
- ASN1_TLC *ctx)
+ ASN1_TLC *ctx, int depth)
{
int flags, aclass;
int ret;
@@ -665,8 +685,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
break;
}
skfield = NULL;
- if (!ASN1_item_ex_d2i(&skfield, &p, len,
- ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
+ if (!asn1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item),
+ -1, 0, 0, ctx, depth)) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
ERR_R_NESTED_ASN1_ERROR);
goto err;
@@ -684,9 +704,8 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
}
} else if (flags & ASN1_TFLG_IMPTAG) {
/* IMPLICIT tagging */
- ret = ASN1_item_ex_d2i(val, &p, len,
- ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt,
- ctx);
+ ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag,
+ aclass, opt, ctx, depth);
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
@@ -694,8 +713,9 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
return -1;
} else {
/* Nothing special */
- ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
- -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
+ ret = asn1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
+ -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx,
+ depth);
if (!ret) {
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
goto err;
diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c
index f628caddbd05..e93fd11f4740 100644
--- a/crypto/asn1/tasn_prn.c
+++ b/crypto/asn1/tasn_prn.c
@@ -463,7 +463,7 @@ static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
ln = OBJ_nid2ln(OBJ_obj2nid(oid));
if (!ln)
ln = "";
- OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
+ OBJ_obj2txt(objbuf, sizeof(objbuf), oid, 1);
if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
return 0;
return 1;
diff --git a/crypto/bf/bftest.c b/crypto/bf/bftest.c
index 0b008f091cbf..bd20a8e2112e 100644
--- a/crypto/bf/bftest.c
+++ b/crypto/bf/bftest.c
@@ -462,9 +462,9 @@ static int test(void)
len = strlen(cbc_data) + 1;
BF_set_key(&key, 16, cbc_key);
- memset(cbc_in, 0, sizeof cbc_in);
- memset(cbc_out, 0, sizeof cbc_out);
- memcpy(iv, cbc_iv, sizeof iv);
+ memset(cbc_in, 0, sizeof(cbc_in));
+ memset(cbc_out, 0, sizeof(cbc_out));
+ memcpy(iv, cbc_iv, sizeof(iv));
BF_cbc_encrypt((unsigned char *)cbc_data, cbc_out, len,
&key, iv, BF_ENCRYPT);
if (memcmp(cbc_out, cbc_ok, 32) != 0) {
diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c
index ccf0e287c4e8..fcfd6995953d 100644
--- a/crypto/bio/b_dump.c
+++ b/crypto/bio/b_dump.c
@@ -64,7 +64,6 @@
#include "cryptlib.h"
#include "bio_lcl.h"
-#define TRUNCATE
#define DUMP_WIDTH 16
#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4))
@@ -79,17 +78,10 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
{
int ret = 0;
char buf[288 + 1], tmp[20], str[128 + 1];
- int i, j, rows, trc;
+ int i, j, rows;
unsigned char ch;
int dump_width;
- trc = 0;
-
-#ifdef TRUNCATE
- for (; (len > 0) && ((s[len - 1] == ' ') || (s[len - 1] == '\0')); len--)
- trc++;
-#endif
-
if (indent < 0)
indent = 0;
if (indent) {
@@ -104,50 +96,43 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
if ((rows * dump_width) < len)
rows++;
for (i = 0; i < rows; i++) {
- BUF_strlcpy(buf, str, sizeof buf);
- BIO_snprintf(tmp, sizeof tmp, "%04x - ", i * dump_width);
- BUF_strlcat(buf, tmp, sizeof buf);
+ BUF_strlcpy(buf, str, sizeof(buf));
+ BIO_snprintf(tmp, sizeof(tmp), "%04x - ", i * dump_width);
+ BUF_strlcat(buf, tmp, sizeof(buf));
for (j = 0; j < dump_width; j++) {
if (((i * dump_width) + j) >= len) {
- BUF_strlcat(buf, " ", sizeof buf);
+ BUF_strlcat(buf, " ", sizeof(buf));
} else {
ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
- BIO_snprintf(tmp, sizeof tmp, "%02x%c", ch,
+ BIO_snprintf(tmp, sizeof(tmp), "%02x%c", ch,
j == 7 ? '-' : ' ');
- BUF_strlcat(buf, tmp, sizeof buf);
+ BUF_strlcat(buf, tmp, sizeof(buf));
}
}
- BUF_strlcat(buf, " ", sizeof buf);
+ BUF_strlcat(buf, " ", sizeof(buf));
for (j = 0; j < dump_width; j++) {
if (((i * dump_width) + j) >= len)
break;
ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
#ifndef CHARSET_EBCDIC
- BIO_snprintf(tmp, sizeof tmp, "%c",
+ BIO_snprintf(tmp, sizeof(tmp), "%c",
((ch >= ' ') && (ch <= '~')) ? ch : '.');
#else
- BIO_snprintf(tmp, sizeof tmp, "%c",
+ BIO_snprintf(tmp, sizeof(tmp), "%c",
((ch >= os_toascii[' ']) && (ch <= os_toascii['~']))
? os_toebcdic[ch]
: '.');
#endif
- BUF_strlcat(buf, tmp, sizeof buf);
+ BUF_strlcat(buf, tmp, sizeof(buf));
}
- BUF_strlcat(buf, "\n", sizeof buf);
+ BUF_strlcat(buf, "\n", sizeof(buf));
/*
* if this is the last call then update the ddt_dump thing so that we
* will move the selection point in the debug window
*/
ret += cb((void *)buf, strlen(buf), u);
}
-#ifdef TRUNCATE
- if (trc > 0) {
- BIO_snprintf(buf, sizeof buf, "%s%04x - <SPACES/NULS>\n", str,
- len + trc);
- ret += cb((void *)buf, strlen(buf), u);
- }
-#endif
- return (ret);
+ return ret;
}
#ifndef OPENSSL_NO_FP_API
diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
index 1c82f53d5a07..47654f85b0b0 100644
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -663,7 +663,7 @@ fmtfp(char **sbuffer,
iconvert[iplace++] = "0123456789"[intpart % 10];
intpart = (intpart / 10);
} while (intpart && (iplace < (int)sizeof(iconvert)));
- if (iplace == sizeof iconvert)
+ if (iplace == sizeof(iconvert))
iplace--;
iconvert[iplace] = 0;
@@ -672,7 +672,7 @@ fmtfp(char **sbuffer,
fconvert[fplace++] = "0123456789"[fracpart % 10];
fracpart = (fracpart / 10);
} while (fplace < max);
- if (fplace == sizeof fconvert)
+ if (fplace == sizeof(fconvert))
fplace--;
fconvert[fplace] = 0;
diff --git a/crypto/bio/bio_cb.c b/crypto/bio/bio_cb.c
index f96294bb4304..2ff52636d2c3 100644
--- a/crypto/bio/bio_cb.c
+++ b/crypto/bio/bio_cb.c
@@ -76,7 +76,7 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
if (BIO_CB_RETURN & cmd)
r = ret;
- len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio);
+ len = BIO_snprintf(buf,sizeof(buf),"BIO[%p]: ",(void *)bio);
/* Ignore errors and continue printing the other information. */
if (len < 0)
diff --git a/crypto/bio/bss_bio.c b/crypto/bio/bss_bio.c
index 3dd818772942..096ea4156cd4 100644
--- a/crypto/bio/bss_bio.c
+++ b/crypto/bio/bss_bio.c
@@ -144,7 +144,7 @@ static int bio_new(BIO *bio)
{
struct bio_bio_st *b;
- b = OPENSSL_malloc(sizeof *b);
+ b = OPENSSL_malloc(sizeof(*b));
if (b == NULL)
return 0;
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
index 7d15ad29dcd7..bbc6d5ab48bc 100644
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -481,7 +481,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
char buf[16];
unsigned char *p = ptr;
- BIO_snprintf(buf, sizeof buf, "%d.%d.%d.%d",
+ BIO_snprintf(buf, sizeof(buf), "%d.%d.%d.%d",
p[0], p[1], p[2], p[3]);
if (data->param_hostname != NULL)
OPENSSL_free(data->param_hostname);
@@ -490,7 +490,7 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
} else if (num == 3) {
char buf[DECIMAL_SIZE(int) + 1];
- BIO_snprintf(buf, sizeof buf, "%d", *(int *)ptr);
+ BIO_snprintf(buf, sizeof(buf), "%d", *(int *)ptr);
if (data->param_port != NULL)
OPENSSL_free(data->param_port);
data->param_port = BUF_strdup(buf);
diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
index 0cf67e5b770b..bbf906fabba0 100644
--- a/crypto/bio/bss_file.c
+++ b/crypto/bio/bss_file.c
@@ -375,15 +375,15 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
b->shutdown = (int)num & BIO_CLOSE;
if (num & BIO_FP_APPEND) {
if (num & BIO_FP_READ)
- BUF_strlcpy(p, "a+", sizeof p);
+ BUF_strlcpy(p, "a+", sizeof(p));
else
- BUF_strlcpy(p, "a", sizeof p);
+ BUF_strlcpy(p, "a", sizeof(p));
} else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
- BUF_strlcpy(p, "r+", sizeof p);
+ BUF_strlcpy(p, "r+", sizeof(p));
else if (num & BIO_FP_WRITE)
- BUF_strlcpy(p, "w", sizeof p);
+ BUF_strlcpy(p, "w", sizeof(p));
else if (num & BIO_FP_READ)
- BUF_strlcpy(p, "r", sizeof p);
+ BUF_strlcpy(p, "r", sizeof(p));
else {
BIOerr(BIO_F_FILE_CTRL, BIO_R_BAD_FOPEN_MODE);
ret = 0;
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index c4b63e44ba36..40115fc72052 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -727,7 +727,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
top = m->top;
- bits = BN_num_bits(p);
+ /*
+ * Use all bits stored in |p|, rather than |BN_num_bits|, so we do not leak
+ * whether the top bits are zero.
+ */
+ bits = p->top * BN_BITS2;
if (bits == 0) {
/* x**0 mod 1 is still zero. */
if (BN_is_one(m)) {
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index f9c65f9f948a..27b9bdbc3c28 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -144,74 +144,47 @@ const BIGNUM *BN_value_one(void)
int BN_num_bits_word(BN_ULONG l)
{
- static const unsigned char bits[256] = {
- 0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
- 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
- 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- };
-
-#if defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffffffff00000000L) {
- if (l & 0xffff000000000000L) {
- if (l & 0xff00000000000000L) {
- return (bits[(int)(l >> 56)] + 56);
- } else
- return (bits[(int)(l >> 48)] + 48);
- } else {
- if (l & 0x0000ff0000000000L) {
- return (bits[(int)(l >> 40)] + 40);
- } else
- return (bits[(int)(l >> 32)] + 32);
- }
- } else
-#else
-# ifdef SIXTY_FOUR_BIT
- if (l & 0xffffffff00000000LL) {
- if (l & 0xffff000000000000LL) {
- if (l & 0xff00000000000000LL) {
- return (bits[(int)(l >> 56)] + 56);
- } else
- return (bits[(int)(l >> 48)] + 48);
- } else {
- if (l & 0x0000ff0000000000LL) {
- return (bits[(int)(l >> 40)] + 40);
- } else
- return (bits[(int)(l >> 32)] + 32);
- }
- } else
-# endif
-#endif
- {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffff0000L) {
- if (l & 0xff000000L)
- return (bits[(int)(l >> 24L)] + 24);
- else
- return (bits[(int)(l >> 16L)] + 16);
- } else
-#endif
- {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xff00L)
- return (bits[(int)(l >> 8)] + 8);
- else
+ BN_ULONG x, mask;
+ int bits = (l != 0);
+
+#if BN_BITS2 > 32
+ x = l >> 32;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 32 & mask;
+ l ^= (x ^ l) & mask;
#endif
- return (bits[(int)(l)]);
- }
- }
+
+ x = l >> 16;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 16 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 8;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 8 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 4;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 4 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 2;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 2 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 1;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 1 & mask;
+
+ return bits;
}
int BN_num_bits(const BIGNUM *a)
@@ -524,9 +497,6 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
#endif
- if (BN_get_flags(b, BN_FLG_CONSTTIME) != 0)
- BN_set_flags(a, BN_FLG_CONSTTIME);
-
a->top = b->top;
a->neg = b->neg;
bn_check_top(a);
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 3af9db870bcb..c1703650ef1e 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -207,26 +207,13 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
r->top = max;
n0 = mont->n0[0];
-# ifdef BN_COUNT
- fprintf(stderr, "word BN_from_montgomery_word %d * %d\n", nl, nl);
-# endif
+ /*
+ * Add multiples of |n| to |r| until R = 2^(nl * BN_BITS2) divides it. On
+ * input, we had |r| < |n| * R, so now |r| < 2 * |n| * R. Note that |r|
+ * includes |carry| which is stored separately.
+ */
for (carry = 0, i = 0; i < nl; i++, rp++) {
-# ifdef __TANDEM
- {
- long long t1;
- long long t2;
- long long t3;
- t1 = rp[0] * (n0 & 0177777);
- t2 = 037777600000l;
- t2 = n0 & t2;
- t3 = rp[0] & 0177777;
- t2 = (t3 * t2) & BN_MASK2;
- t1 = t1 + t2;
- v = bn_mul_add_words(rp, np, nl, (BN_ULONG)t1);
- }
-# else
v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
-# endif
v = (v + carry + rp[nl]) & BN_MASK2;
carry |= (v != rp[nl]);
carry &= (v <= rp[nl]);
@@ -239,46 +226,24 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
ret->neg = r->neg;
rp = ret->d;
- ap = &(r->d[nl]);
-# define BRANCH_FREE 1
-# if BRANCH_FREE
- {
- BN_ULONG *nrp;
- size_t m;
+ /*
+ * Shift |nl| words to divide by R. We have |ap| < 2 * |n|. Note that |ap|
+ * includes |carry| which is stored separately.
+ */
+ ap = &(r->d[nl]);
- v = bn_sub_words(rp, ap, np, nl) - carry;
- /*
- * if subtraction result is real, then trick unconditional memcpy
- * below to perform in-place "refresh" instead of actual copy.
- */
- m = (0 - (size_t)v);
- nrp =
- (BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m));
-
- for (i = 0, nl -= 4; i < nl; i += 4) {
- BN_ULONG t1, t2, t3, t4;
-
- t1 = nrp[i + 0];
- t2 = nrp[i + 1];
- t3 = nrp[i + 2];
- ap[i + 0] = 0;
- t4 = nrp[i + 3];
- ap[i + 1] = 0;
- rp[i + 0] = t1;
- ap[i + 2] = 0;
- rp[i + 1] = t2;
- ap[i + 3] = 0;
- rp[i + 2] = t3;
- rp[i + 3] = t4;
- }
- for (nl += 4; i < nl; i++)
- rp[i] = nrp[i], ap[i] = 0;
+ /*
+ * |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v|
+ * cannot be -1. That would imply the subtraction did not fit in |nl| words,
+ * and we know at most one subtraction is needed.
+ */
+ v = bn_sub_words(rp, ap, np, nl) - carry;
+ v = 0 - v;
+ for (i = 0; i < nl; i++) {
+ rp[i] = (v & ap[i]) | (~v & rp[i]);
+ ap[i] = 0;
}
-# else
- if (bn_sub_words(rp, ap, np, nl) - carry)
- memcpy(rp, ap, nl * sizeof(BN_ULONG));
-# endif
bn_correct_top(r);
bn_correct_top(ret);
bn_check_top(ret);
@@ -382,6 +347,8 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
R = &(mont->RR); /* grab RR as a temp */
if (!BN_copy(&(mont->N), mod))
goto err; /* Set N */
+ if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
+ BN_set_flags(&(mont->N), BN_FLG_CONSTTIME);
mont->N.neg = 0;
#ifdef MONT_WORD
diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c
index f85a6550a54e..c0b029dad6cd 100644
--- a/crypto/bn/bn_print.c
+++ b/crypto/bn/bn_print.c
@@ -391,10 +391,10 @@ char *BN_options(void)
if (!init) {
init++;
#ifdef BN_LLONG
- BIO_snprintf(data, sizeof data, "bn(%d,%d)",
+ BIO_snprintf(data, sizeof(data), "bn(%d,%d)",
(int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
#else
- BIO_snprintf(data, sizeof data, "bn(%d,%d)",
+ BIO_snprintf(data, sizeof(data), "bn(%d,%d)",
(int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
#endif
}
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
index a327b1a647b2..abe5dbe0b01a 100644
--- a/crypto/bn/bntest.c
+++ b/crypto/bn/bntest.c
@@ -148,7 +148,7 @@ int main(int argc, char *argv[])
results = 0;
- RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
+ RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */
argc--;
argv++;
diff --git a/crypto/bn/expspeed.c b/crypto/bn/expspeed.c
index 513a568a481f..8ea980cdd201 100644
--- a/crypto/bn/expspeed.c
+++ b/crypto/bn/expspeed.c
@@ -198,7 +198,7 @@ static int mul_c[NUM_SIZES] =
* static int sizes[NUM_SIZES]={59,179,299,419,539};
*/
-#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); }
+#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof(str)); }
void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx);
diff --git a/crypto/bn/exptest.c b/crypto/bn/exptest.c
index ac611c2e2614..779ee902036c 100644
--- a/crypto/bn/exptest.c
+++ b/crypto/bn/exptest.c
@@ -183,9 +183,11 @@ int main(int argc, char *argv[])
unsigned char c;
BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
- RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we
- * don't even check its return
- * value (which we should) */
+ /*
+ * Seed or BN_rand may fail, and we don't even check its return
+ * value (which we should)
+ */
+ RAND_seed(rnd_seed, sizeof(rnd_seed));
ERR_load_BN_strings();
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 75e309aaca81..6237f6a1b6a9 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -423,7 +423,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
OPENSSL_free(section);
if (line != NULL)
*line = eline;
- BIO_snprintf(btmp, sizeof btmp, "%ld", eline);
+ BIO_snprintf(btmp, sizeof(btmp), "%ld", eline);
ERR_add_error_data(2, "line ", btmp);
if ((h != conf->data) && (conf->data != NULL)) {
CONF_free(conf->data);
diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c
index e0c9a67ff68f..e2a9a81678ed 100644
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@@ -221,7 +221,7 @@ static int module_run(const CONF *cnf, char *name, char *value,
if (!(flags & CONF_MFLAGS_SILENT)) {
char rcode[DECIMAL_SIZE(ret) + 1];
CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
- BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
+ BIO_snprintf(rcode, sizeof(rcode), "%-8d", ret);
ERR_add_error_data(6, "module=", name, ", value=", value,
", retcode=", rcode);
}
diff --git a/crypto/des/destest.c b/crypto/des/destest.c
index c6be34203853..f2041c1e1118 100644
--- a/crypto/des/destest.c
+++ b/crypto/des/destest.c
@@ -398,7 +398,7 @@ int main(int argc, char *argv[])
i = strlen((char *)cbc_data) + 1;
/* i=((i+7)/8)*8; */
memcpy(iv3, cbc_iv, sizeof(cbc_iv));
- memset(iv2, '\0', sizeof iv2);
+ memset(iv2, '\0', sizeof(iv2));
DES_ede3_cbcm_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3, &iv2,
DES_ENCRYPT);
@@ -412,7 +412,7 @@ int main(int argc, char *argv[])
}
*/
memcpy(iv3, cbc_iv, sizeof(cbc_iv));
- memset(iv2, '\0', sizeof iv2);
+ memset(iv2, '\0', sizeof(iv2));
DES_ede3_cbcm_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, &iv2,
DES_DECRYPT);
if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
diff --git a/crypto/des/ecb_enc.c b/crypto/des/ecb_enc.c
index f97fd971dc20..60470d6db748 100644
--- a/crypto/des/ecb_enc.c
+++ b/crypto/des/ecb_enc.c
@@ -96,7 +96,7 @@ const char *DES_options(void)
size = "int";
else
size = "long";
- BIO_snprintf(buf, sizeof buf, "des(%s,%s,%s,%s)", ptr, risc, unroll,
+ BIO_snprintf(buf, sizeof(buf), "des(%s,%s,%s,%s)", ptr, risc, unroll,
size);
init = 0;
}
diff --git a/crypto/des/fcrypt.c b/crypto/des/fcrypt.c
index 111f1e4617ff..09f5792b1eb6 100644
--- a/crypto/des/fcrypt.c
+++ b/crypto/des/fcrypt.c
@@ -80,10 +80,10 @@ char *DES_crypt(const char *buf, const char *salt)
e_salt[sizeof(e_salt) - 1] = e_buf[sizeof(e_buf) - 1] = '\0';
/* Convert the e_salt to ASCII, as that's what DES_fcrypt works on */
- ebcdic2ascii(e_salt, e_salt, sizeof e_salt);
+ ebcdic2ascii(e_salt, e_salt, sizeof(e_salt));
/* Convert the cleartext password to ASCII */
- ebcdic2ascii(e_buf, e_buf, sizeof e_buf);
+ ebcdic2ascii(e_buf, e_buf, sizeof(e_buf));
/* Encrypt it (from/to ASCII) */
ret = DES_fcrypt(e_buf, e_salt, buff);
diff --git a/crypto/des/read_pwd.c b/crypto/des/read_pwd.c
index 514a7063b4bf..080d3e8dfc4c 100644
--- a/crypto/des/read_pwd.c
+++ b/crypto/des/read_pwd.c
@@ -434,7 +434,7 @@ static void pushsig(void)
# ifdef SIGACTION
struct sigaction sa;
- memset(&sa, 0, sizeof sa);
+ memset(&sa, 0, sizeof(sa));
sa.sa_handler = recsig;
# endif
diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
index d9c5e7fcb3bb..0a9ddb4baa7f 100644
--- a/crypto/des/set_key.c
+++ b/crypto/des/set_key.c
@@ -377,7 +377,7 @@ void private_DES_set_key_unchecked(const_DES_cblock *key,
register int i;
#ifdef OPENBSD_DEV_CRYPTO
- memcpy(schedule->key, key, sizeof schedule->key);
+ memcpy(schedule->key, key, sizeof(schedule->key));
schedule->session = NULL;
#endif
k = &schedule->ks->deslong[0];
diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c
index c5d3d87ea549..cb83109c4051 100644
--- a/crypto/dh/dhtest.c
+++ b/crypto/dh/dhtest.c
@@ -116,7 +116,7 @@ int main(int argc, char *argv[])
CRYPTO_malloc_init();
# endif
- RAND_seed(rnd_seed, sizeof rnd_seed);
+ RAND_seed(rnd_seed, sizeof(rnd_seed));
out = BIO_new(BIO_s_file());
if (out == NULL)
diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c
index 8a224a8876c3..bee95431dffa 100644
--- a/crypto/dsa/dsatest.c
+++ b/crypto/dsa/dsatest.c
@@ -157,7 +157,7 @@ int main(int argc, char **argv)
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
- RAND_seed(rnd_seed, sizeof rnd_seed);
+ RAND_seed(rnd_seed, sizeof(rnd_seed));
BIO_printf(bio_err, "test generation of DSA parameters\n");
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 3ffa112cc306..3241aa51d9f4 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -85,7 +85,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
return NULL;
}
- ret = OPENSSL_malloc(sizeof *ret);
+ ret = OPENSSL_malloc(sizeof(*ret));
if (ret == NULL) {
ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
@@ -164,7 +164,7 @@ void EC_GROUP_clear_free(EC_GROUP *group)
OPENSSL_free(group->seed);
}
- OPENSSL_cleanse(group, sizeof *group);
+ OPENSSL_cleanse(group, sizeof(*group));
OPENSSL_free(group);
}
@@ -575,7 +575,7 @@ int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data,
/* no explicit entry needed */
return 1;
- d = OPENSSL_malloc(sizeof *d);
+ d = OPENSSL_malloc(sizeof(*d));
if (d == NULL)
return 0;
@@ -712,7 +712,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group)
return NULL;
}
- ret = OPENSSL_malloc(sizeof *ret);
+ ret = OPENSSL_malloc(sizeof(*ret));
if (ret == NULL) {
ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
@@ -747,7 +747,7 @@ void EC_POINT_clear_free(EC_POINT *point)
point->meth->point_clear_finish(point);
else if (point->meth->point_finish != 0)
point->meth->point_finish(point);
- OPENSSL_cleanse(point, sizeof *point);
+ OPENSSL_cleanse(point, sizeof(*point));
OPENSSL_free(point);
}
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index 24ca67a6ef1e..2231f9957ef6 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -169,11 +169,11 @@ static void ec_pre_comp_clear_free(void *pre_)
for (p = pre->points; *p != NULL; p++) {
EC_POINT_clear_free(*p);
- OPENSSL_cleanse(p, sizeof *p);
+ OPENSSL_cleanse(p, sizeof(*p));
}
OPENSSL_free(pre->points);
}
- OPENSSL_cleanse(pre, sizeof *pre);
+ OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre);
}
@@ -430,11 +430,11 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
totalnum = num + numblocks;
- wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]);
- wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]);
- wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space
- * for pivot */
- val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]);
+ wsize = OPENSSL_malloc(totalnum * sizeof(wsize[0]));
+ wNAF_len = OPENSSL_malloc(totalnum * sizeof(wNAF_len[0]));
+ /* include space for pivot */
+ wNAF = OPENSSL_malloc((totalnum + 1) * sizeof(wNAF[0]));
+ val_sub = OPENSSL_malloc(totalnum * sizeof(val_sub[0]));
/* Ensure wNAF is initialised in case we end up going to err */
if (wNAF)
@@ -580,7 +580,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
* 'val_sub[i]' is a pointer to the subarray for the i-th point, or to a
* subarray of 'pre_comp->points' if we already have precomputation.
*/
- val = OPENSSL_malloc((num_val + 1) * sizeof val[0]);
+ val = OPENSSL_malloc((num_val + 1) * sizeof(val[0]));
if (val == NULL) {
ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
goto err;
diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c
index fcd754e44881..121f587b58b6 100644
--- a/crypto/ec/ecp_nistp224.c
+++ b/crypto/ec/ecp_nistp224.c
@@ -48,7 +48,6 @@ typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit
typedef uint8_t u8;
typedef uint64_t u64;
-typedef int64_t s64;
/******************************************************************************/
/*-
@@ -351,9 +350,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
unsigned num_bytes;
/* BN_bn2bin eats leading zeroes */
- memset(b_out, 0, sizeof b_out);
+ memset(b_out, 0, sizeof(b_out));
num_bytes = BN_num_bytes(bn);
- if (num_bytes > sizeof b_out) {
+ if (num_bytes > sizeof(b_out)) {
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
return 0;
}
@@ -372,8 +371,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
{
felem_bytearray b_in, b_out;
felem_to_bin28(b_in, in);
- flip_endian(b_out, b_in, sizeof b_out);
- return BN_bin2bn(b_out, sizeof b_out, out);
+ flip_endian(b_out, b_in, sizeof(b_out));
+ return BN_bin2bn(b_out, sizeof(b_out), out);
}
/******************************************************************************/
@@ -1234,7 +1233,7 @@ static void batch_mul(felem x_out, felem y_out, felem z_out,
static NISTP224_PRE_COMP *nistp224_pre_comp_new()
{
NISTP224_PRE_COMP *ret = NULL;
- ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
+ ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof(*ret));
if (!ret) {
ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
return ret;
@@ -1281,7 +1280,7 @@ static void nistp224_pre_comp_clear_free(void *pre_)
if (i > 0)
return;
- OPENSSL_cleanse(pre, sizeof *pre);
+ OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre);
}
@@ -1568,7 +1567,7 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
/* the scalar for the generator */
if ((scalar != NULL) && (have_pre_comp)) {
- memset(g_secret, 0, sizeof g_secret);
+ memset(g_secret, 0, sizeof(g_secret));
/* reduce scalar to 0 <= scalar < 2^224 */
if ((BN_num_bits(scalar) > 224) || (BN_is_negative(scalar))) {
/*
diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c
index 1272966fff84..378f0bae0857 100644
--- a/crypto/ec/ecp_nistp256.c
+++ b/crypto/ec/ecp_nistp256.c
@@ -51,7 +51,6 @@ typedef __int128_t int128_t;
typedef uint8_t u8;
typedef uint32_t u32;
typedef uint64_t u64;
-typedef int64_t s64;
/*
* The underlying field. P256 operates over GF(2^256-2^224+2^192+2^96-1). We
@@ -161,9 +160,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
unsigned num_bytes;
/* BN_bn2bin eats leading zeroes */
- memset(b_out, 0, sizeof b_out);
+ memset(b_out, 0, sizeof(b_out));
num_bytes = BN_num_bytes(bn);
- if (num_bytes > sizeof b_out) {
+ if (num_bytes > sizeof(b_out)) {
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
return 0;
}
@@ -182,8 +181,8 @@ static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in)
{
felem_bytearray b_in, b_out;
smallfelem_to_bin32(b_in, in);
- flip_endian(b_out, b_in, sizeof b_out);
- return BN_bin2bn(b_out, sizeof b_out, out);
+ flip_endian(b_out, b_in, sizeof(b_out));
+ return BN_bin2bn(b_out, sizeof(b_out), out);
}
/*-
@@ -392,7 +391,7 @@ static void felem_shrink(smallfelem out, const felem in)
{
felem tmp;
u64 a, b, mask;
- s64 high, low;
+ u64 high, low;
static const u64 kPrime3Test = 0x7fffffff00000001ul; /* 2^63 - 2^32 + 1 */
/* Carry 2->3 */
@@ -433,29 +432,31 @@ static void felem_shrink(smallfelem out, const felem in)
* In order to make space in tmp[3] for the carry from 2 -> 3, we
* conditionally subtract kPrime if tmp[3] is large enough.
*/
- high = tmp[3] >> 64;
+ high = (u64)(tmp[3] >> 64);
/* As tmp[3] < 2^65, high is either 1 or 0 */
- high <<= 63;
- high >>= 63;
+ high = 0 - high;
/*-
* high is:
* all ones if the high word of tmp[3] is 1
- * all zeros if the high word of tmp[3] if 0 */
- low = tmp[3];
- mask = low >> 63;
+ * all zeros if the high word of tmp[3] if 0
+ */
+ low = (u64)tmp[3];
+ mask = 0 - (low >> 63);
/*-
* mask is:
* all ones if the MSB of low is 1
- * all zeros if the MSB of low if 0 */
+ * all zeros if the MSB of low if 0
+ */
low &= bottom63bits;
low -= kPrime3Test;
/* if low was greater than kPrime3Test then the MSB is zero */
low = ~low;
- low >>= 63;
+ low = 0 - (low >> 63);
/*-
* low is:
* all ones if low was > kPrime3Test
- * all zeros if low was <= kPrime3Test */
+ * all zeros if low was <= kPrime3Test
+ */
mask = (mask & low) | high;
tmp[0] -= mask & kPrime[0];
tmp[1] -= mask & kPrime[1];
@@ -889,7 +890,7 @@ static void felem_contract(smallfelem out, const felem in)
equal &= equal << 4;
equal &= equal << 2;
equal &= equal << 1;
- equal = ((s64) equal) >> 63;
+ equal = 0 - (equal >> 63);
all_equal_so_far &= equal;
}
@@ -956,7 +957,7 @@ static limb smallfelem_is_zero(const smallfelem small)
is_zero &= is_zero << 4;
is_zero &= is_zero << 2;
is_zero &= is_zero << 1;
- is_zero = ((s64) is_zero) >> 63;
+ is_zero = 0 - (is_zero >> 63);
is_p = (small[0] ^ kPrime[0]) |
(small[1] ^ kPrime[1]) |
@@ -968,7 +969,7 @@ static limb smallfelem_is_zero(const smallfelem small)
is_p &= is_p << 4;
is_p &= is_p << 2;
is_p &= is_p << 1;
- is_p = ((s64) is_p) >> 63;
+ is_p = 0 - (is_p >> 63);
is_zero |= is_p;
@@ -1820,7 +1821,7 @@ const EC_METHOD *EC_GFp_nistp256_method(void)
static NISTP256_PRE_COMP *nistp256_pre_comp_new()
{
NISTP256_PRE_COMP *ret = NULL;
- ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
+ ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof(*ret));
if (!ret) {
ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
return ret;
@@ -1867,7 +1868,7 @@ static void nistp256_pre_comp_clear_free(void *pre_)
if (i > 0)
return;
- OPENSSL_cleanse(pre, sizeof *pre);
+ OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre);
}
diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
index a1dc9946fd17..90989c5a0769 100644
--- a/crypto/ec/ecp_nistp521.c
+++ b/crypto/ec/ecp_nistp521.c
@@ -49,7 +49,6 @@ typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit
typedef uint8_t u8;
typedef uint64_t u64;
-typedef int64_t s64;
/*
* The underlying field. P521 operates over GF(2^521-1). We can serialise an
@@ -185,9 +184,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
unsigned num_bytes;
/* BN_bn2bin eats leading zeroes */
- memset(b_out, 0, sizeof b_out);
+ memset(b_out, 0, sizeof(b_out));
num_bytes = BN_num_bytes(bn);
- if (num_bytes > sizeof b_out) {
+ if (num_bytes > sizeof(b_out)) {
ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
return 0;
}
@@ -206,8 +205,8 @@ static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
{
felem_bytearray b_in, b_out;
felem_to_bin66(b_in, in);
- flip_endian(b_out, b_in, sizeof b_out);
- return BN_bin2bn(b_out, sizeof b_out, out);
+ flip_endian(b_out, b_in, sizeof(b_out));
+ return BN_bin2bn(b_out, sizeof(b_out), out);
}
/*-
@@ -852,7 +851,7 @@ static limb felem_is_zero(const felem in)
* We know that ftmp[i] < 2^63, therefore the only way that the top bit
* can be set is if is_zero was 0 before the decrement.
*/
- is_zero = ((s64) is_zero) >> 63;
+ is_zero = 0 - (is_zero >> 63);
is_p = ftmp[0] ^ kPrime[0];
is_p |= ftmp[1] ^ kPrime[1];
@@ -865,7 +864,7 @@ static limb felem_is_zero(const felem in)
is_p |= ftmp[8] ^ kPrime[8];
is_p--;
- is_p = ((s64) is_p) >> 63;
+ is_p = 0 - (is_p >> 63);
is_zero |= is_p;
return is_zero;
@@ -936,7 +935,7 @@ static void felem_contract(felem out, const felem in)
is_p &= is_p << 4;
is_p &= is_p << 2;
is_p &= is_p << 1;
- is_p = ((s64) is_p) >> 63;
+ is_p = 0 - (is_p >> 63);
is_p = ~is_p;
/* is_p is 0 iff |out| == 2^521-1 and all ones otherwise */
@@ -962,7 +961,7 @@ static void felem_contract(felem out, const felem in)
is_greater |= is_greater << 4;
is_greater |= is_greater << 2;
is_greater |= is_greater << 1;
- is_greater = ((s64) is_greater) >> 63;
+ is_greater = 0 - (is_greater >> 63);
out[0] -= kPrime[0] & is_greater;
out[1] -= kPrime[1] & is_greater;
diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c
index 99b8d613c833..9a53a39a25b9 100644
--- a/crypto/ec/ecp_nistz256.c
+++ b/crypto/ec/ecp_nistz256.c
@@ -1504,7 +1504,7 @@ static void ecp_nistz256_pre_comp_clear_free(void *pre_)
32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37);
OPENSSL_free(pre->precomp_storage);
}
- OPENSSL_cleanse(pre, sizeof *pre);
+ OPENSSL_cleanse(pre, sizeof(*pre));
OPENSSL_free(pre);
}
diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c
index 2b848216d78c..e94a7d49368d 100644
--- a/crypto/ec/ecp_smpl.c
+++ b/crypto/ec/ecp_smpl.c
@@ -1270,7 +1270,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num,
if (tmp == NULL || tmp_Z == NULL)
goto err;
- prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]);
+ prod_Z = OPENSSL_malloc(num * sizeof(prod_Z[0]));
if (prod_Z == NULL)
goto err;
for (i = 0; i < num; i++) {
diff --git a/crypto/ec/ectest.c b/crypto/ec/ectest.c
index 40a1f003259f..5e1ef5093383 100644
--- a/crypto/ec/ectest.c
+++ b/crypto/ec/ectest.c
@@ -469,7 +469,7 @@ static void prime_field_tests(void)
len =
EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
- sizeof buf, ctx);
+ sizeof(buf), ctx);
if (len == 0)
ABORT;
if (!EC_POINT_oct2point(group, P, buf, len, ctx))
@@ -482,7 +482,7 @@ static void prime_field_tests(void)
len =
EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
- sizeof buf, ctx);
+ sizeof(buf), ctx);
if (len == 0)
ABORT;
if (!EC_POINT_oct2point(group, P, buf, len, ctx))
@@ -494,7 +494,7 @@ static void prime_field_tests(void)
fprintf(stdout, "%02X", buf[i]);
len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof(buf),
ctx);
if (len == 0)
ABORT;
@@ -1206,7 +1206,7 @@ static void char2_field_tests(void)
# ifdef OPENSSL_EC_BIN_PT_COMP
len =
EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
- sizeof buf, ctx);
+ sizeof(buf), ctx);
if (len == 0)
ABORT;
if (!EC_POINT_oct2point(group, P, buf, len, ctx))
@@ -1220,7 +1220,7 @@ static void char2_field_tests(void)
len =
EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
- sizeof buf, ctx);
+ sizeof(buf), ctx);
if (len == 0)
ABORT;
if (!EC_POINT_oct2point(group, P, buf, len, ctx))
@@ -1234,7 +1234,7 @@ static void char2_field_tests(void)
/* Change test based on whether binary point compression is enabled or not. */
# ifdef OPENSSL_EC_BIN_PT_COMP
len =
- EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
+ EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof(buf),
ctx);
if (len == 0)
ABORT;
@@ -1844,7 +1844,7 @@ int main(int argc, char *argv[])
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
- RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
+ RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */
prime_field_tests();
puts("");
diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c
index 2fe2c66443d0..3febf10188ba 100644
--- a/crypto/ecdh/ecdhtest.c
+++ b/crypto/ecdh/ecdhtest.c
@@ -490,7 +490,7 @@ int main(int argc, char *argv[])
CRYPTO_malloc_init();
# endif
- RAND_seed(rnd_seed, sizeof rnd_seed);
+ RAND_seed(rnd_seed, sizeof(rnd_seed));
out = BIO_new(BIO_s_file());
if (out == NULL)
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index af59471c4771..d8cac4bdfd31 100644
--- a/crypto/engine/eng_cryptodev.c
+++ b/crypto/engine/eng_cryptodev.c
@@ -1057,7 +1057,7 @@ static int crparam2bn(struct crparam *crp, BIGNUM *a)
return (-1);
for (i = 0; i < bytes; i++)
- pd[i] = crp->crp_p[bytes - i - 1];
+ pd[i] = ((char *)crp->crp_p)[bytes - i - 1];
BN_bin2bn(pd, bytes, a);
free(pd);
@@ -1133,7 +1133,7 @@ cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
return (ret);
}
- memset(&kop, 0, sizeof kop);
+ memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_MOD_EXP;
/* inputs: a^p % m */
@@ -1184,7 +1184,7 @@ cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
return (0);
}
- memset(&kop, 0, sizeof kop);
+ memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_MOD_EXP_CRT;
/* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
if (bn2crparam(rsa->p, &kop.crk_param[0]))
@@ -1287,7 +1287,7 @@ static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
goto err;
}
- memset(&kop, 0, sizeof kop);
+ memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_DSA_SIGN;
/* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
@@ -1330,7 +1330,7 @@ cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
struct crypt_kop kop;
int dsaret = 1;
- memset(&kop, 0, sizeof kop);
+ memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_DSA_VERIFY;
/* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
@@ -1403,7 +1403,7 @@ cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
keylen = BN_num_bits(dh->p);
- memset(&kop, 0, sizeof kop);
+ memset(&kop, 0, sizeof(kop));
kop.crk_op = CRK_DH_COMPUTE_KEY;
/* inputs: dh->priv_key pub_key dh->p key */
diff --git a/crypto/engine/eng_table.c b/crypto/engine/eng_table.c
index 27d31f70c855..709393fae57d 100644
--- a/crypto/engine/eng_table.c
+++ b/crypto/engine/eng_table.c
@@ -1,5 +1,5 @@
/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -159,6 +159,11 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
}
fnd->funct = NULL;
(void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
+ if (lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate) != fnd) {
+ sk_ENGINE_free(fnd->sk);
+ OPENSSL_free(fnd);
+ goto end;
+ }
}
/* A registration shouldn't add duplciate entries */
(void)sk_ENGINE_delete_ptr(fnd->sk, e);
diff --git a/crypto/err/err.c b/crypto/err/err.c
index cfe0e8083f39..e9ef2156e11f 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -602,8 +602,8 @@ static void build_SYS_str_reasons(void)
char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
char *src = strerror(i);
if (src != NULL) {
- strncpy(*dest, src, sizeof *dest);
- (*dest)[sizeof *dest - 1] = '\0';
+ strncpy(*dest, src, sizeof(*dest));
+ (*dest)[sizeof(*dest) - 1] = '\0';
str->string = *dest;
}
}
diff --git a/crypto/err/err_prn.c b/crypto/err/err_prn.c
index 6e352effe31d..25c808eab73b 100644
--- a/crypto/err/err_prn.c
+++ b/crypto/err/err_prn.c
@@ -77,7 +77,7 @@ void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
CRYPTO_THREADID_current(&cur);
es = CRYPTO_THREADID_hash(&cur);
while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
- ERR_error_string_n(l, buf, sizeof buf);
+ ERR_error_string_n(l, buf, sizeof(buf));
BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf,
file, line, (flags & ERR_TXT_STRING) ? data : "");
if (cb(buf2, strlen(buf2), u) <= 0)
diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
index 538b5202643a..5ad5a950352b 100644
--- a/crypto/evp/bio_b64.c
+++ b/crypto/evp/bio_b64.c
@@ -330,6 +330,14 @@ static int b64_read(BIO *b, char *out, int outl)
(unsigned char *)ctx->tmp, i);
ctx->tmp_len = 0;
}
+ /*
+ * If eof or an error was signalled, then the condition
+ * 'ctx->cont <= 0' will prevent b64_read() from reading
+ * more data on subsequent calls. This assignment was
+ * deleted accidentally in commit 5562cfaca4f3.
+ */
+ ctx->cont = i;
+
ctx->buf_off = 0;
if (i < 0) {
ret_code = 0;
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 4db179629d04..d4274c5729b7 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -124,12 +124,12 @@
void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
{
- memset(ctx, '\0', sizeof *ctx);
+ memset(ctx, '\0', sizeof(*ctx));
}
EVP_MD_CTX *EVP_MD_CTX_create(void)
{
- EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+ EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx)
EVP_MD_CTX_init(ctx);
@@ -316,7 +316,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
} else
tmp_buf = NULL;
EVP_MD_CTX_cleanup(out);
- memcpy(out, in, sizeof *out);
+ memcpy(out, in, sizeof(*out));
if (in->md_data && out->digest->ctx_size) {
if (tmp_buf)
@@ -402,7 +402,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
#ifdef OPENSSL_FIPS
FIPS_md_ctx_cleanup(ctx);
#endif
- memset(ctx, '\0', sizeof *ctx);
+ memset(ctx, '\0', sizeof(*ctx));
return 1;
}
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index b45b364466ac..ccc626f1d81c 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -1,5 +1,5 @@
/* ====================================================================
- * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -1089,6 +1089,8 @@ static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
ctx->iv, &ctx->num, ctx->encrypt, dat->block);
len -= MAXBITCHUNK;
+ out += MAXBITCHUNK;
+ in += MAXBITCHUNK;
}
if (len)
CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
diff --git a/crypto/evp/e_camellia.c b/crypto/evp/e_camellia.c
index f273f9c9475a..996aed2a676b 100644
--- a/crypto/evp/e_camellia.c
+++ b/crypto/evp/e_camellia.c
@@ -1,6 +1,6 @@
/* crypto/evp/e_camellia.c */
/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -356,6 +356,8 @@ static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
ctx->iv, &ctx->num, ctx->encrypt, dat->block);
len -= MAXBITCHUNK;
+ out += MAXBITCHUNK;
+ in += MAXBITCHUNK;
}
if (len)
CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index be577bac767f..0c740d167902 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -85,7 +85,7 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
{
- EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+ EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx)
EVP_CIPHER_CTX_init(ctx);
return ctx;
@@ -402,7 +402,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
}
b = ctx->cipher->block_size;
- OPENSSL_assert(b <= sizeof ctx->buf);
+ OPENSSL_assert(b <= sizeof(ctx->buf));
if (b == 1) {
*outl = 0;
return 1;
@@ -454,7 +454,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
return EVP_EncryptUpdate(ctx, out, outl, in, inl);
b = ctx->cipher->block_size;
- OPENSSL_assert(b <= sizeof ctx->final);
+ OPENSSL_assert(b <= sizeof(ctx->final));
if (ctx->final_used) {
memcpy(out, ctx->final, b);
@@ -520,7 +520,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH);
return (0);
}
- OPENSSL_assert(b <= sizeof ctx->final);
+ OPENSSL_assert(b <= sizeof(ctx->final));
/*
* The following assumes that the ciphertext has been authenticated.
@@ -651,7 +651,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
#endif
EVP_CIPHER_CTX_cleanup(out);
- memcpy(out, in, sizeof *out);
+ memcpy(out, in, sizeof(*out));
if (in->cipher_data && in->cipher->ctx_size) {
out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h
index 2bb709a065d5..bee7f6d16504 100644
--- a/crypto/evp/evp_locl.h
+++ b/crypto/evp/evp_locl.h
@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -116,7 +116,7 @@ static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (inl<chunk) chunk=inl;\
while(inl && inl>=chunk)\
{\
- cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
+ cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?chunk*8:chunk), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
inl-=chunk;\
in +=chunk;\
out+=chunk;\
diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c
index 7934c95fad0c..5d2f04bf9eda 100644
--- a/crypto/evp/evp_pbe.c
+++ b/crypto/evp/evp_pbe.c
@@ -161,9 +161,9 @@ int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
char obj_tmp[80];
EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
if (!pbe_obj)
- BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
+ BUF_strlcpy(obj_tmp, "NULL", sizeof(obj_tmp));
else
- i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
+ i2t_ASN1_OBJECT(obj_tmp, sizeof(obj_tmp), pbe_obj);
ERR_add_error_data(2, "TYPE=", obj_tmp);
return 0;
}
diff --git a/crypto/evp/evp_test.c b/crypto/evp/evp_test.c
index 98796427bf49..97a208302785 100644
--- a/crypto/evp/evp_test.c
+++ b/crypto/evp/evp_test.c
@@ -506,7 +506,7 @@ int main(int argc, char **argv)
int an = 0;
int tn = 0;
- if (!fgets((char *)line, sizeof line, f))
+ if (!fgets((char *)line, sizeof(line), f))
break;
if (line[0] == '#' || line[0] == '\n')
continue;
diff --git a/crypto/evp/openbsd_hw.c b/crypto/evp/openbsd_hw.c
index 07decf267433..24a358e54306 100644
--- a/crypto/evp/openbsd_hw.c
+++ b/crypto/evp/openbsd_hw.c
@@ -111,7 +111,7 @@ static int dev_crypto_init(session_op *ses)
close(cryptodev_fd);
}
assert(ses);
- memset(ses, '\0', sizeof *ses);
+ memset(ses, '\0', sizeof(*ses));
return 1;
}
@@ -164,7 +164,7 @@ static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
assert(CDATA(ctx));
assert(!dev_failed);
- memset(&cryp, '\0', sizeof cryp);
+ memset(&cryp, '\0', sizeof(cryp));
cryp.ses = CDATA(ctx)->ses;
cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
cryp.flags = 0;
@@ -329,7 +329,7 @@ static int do_digest(int ses, unsigned char *md, const void *data, int len)
return 1;
}
- memset(&cryp, '\0', sizeof cryp);
+ memset(&cryp, '\0', sizeof(cryp));
cryp.ses = ses;
cryp.op = COP_ENCRYPT; /* required to do the MAC rather than check
* it */
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index f2ae1e5790d0..46fefa9ad584 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -262,7 +262,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
goto err;
}
keylen = EVP_CIPHER_CTX_key_length(ctx);
- OPENSSL_assert(keylen <= sizeof key);
+ OPENSSL_assert(keylen <= sizeof(key));
/* Decode parameter */
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 213504e85fee..023ec456f94c 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -234,7 +234,7 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx)
EVP_MD_CTX_cleanup(&ctx->i_ctx);
EVP_MD_CTX_cleanup(&ctx->o_ctx);
EVP_MD_CTX_cleanup(&ctx->md_ctx);
- OPENSSL_cleanse(ctx, sizeof *ctx);
+ OPENSSL_cleanse(ctx, sizeof(*ctx));
}
unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
diff --git a/crypto/jpake/jpake.c b/crypto/jpake/jpake.c
index 2ba75f0172c1..daf27228352a 100644
--- a/crypto/jpake/jpake.c
+++ b/crypto/jpake/jpake.c
@@ -108,14 +108,14 @@ static void JPAKE_CTX_release(JPAKE_CTX *ctx)
OPENSSL_free(ctx->p.peer_name);
OPENSSL_free(ctx->p.name);
- memset(ctx, '\0', sizeof *ctx);
+ memset(ctx, '\0', sizeof(*ctx));
}
JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
const BIGNUM *secret)
{
- JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+ JPAKE_CTX *ctx = OPENSSL_malloc(sizeof(*ctx));
if (ctx == NULL)
return NULL;
@@ -460,7 +460,7 @@ void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a)
int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx)
{
quickhashbn(send->hhk, ctx->key);
- SHA1(send->hhk, sizeof send->hhk, send->hhk);
+ SHA1(send->hhk, sizeof(send->hhk), send->hhk);
return 1;
}
@@ -470,8 +470,8 @@ int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received)
unsigned char hhk[SHA_DIGEST_LENGTH];
quickhashbn(hhk, ctx->key);
- SHA1(hhk, sizeof hhk, hhk);
- if (memcmp(hhk, received->hhk, sizeof hhk)) {
+ SHA1(hhk, sizeof(hhk), hhk);
+ if (memcmp(hhk, received->hhk, sizeof(hhk))) {
JPAKEerr(JPAKE_F_JPAKE_STEP3A_PROCESS,
JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH);
return 0;
@@ -499,7 +499,7 @@ int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received)
unsigned char hk[SHA_DIGEST_LENGTH];
quickhashbn(hk, ctx->key);
- if (memcmp(hk, received->hk, sizeof hk)) {
+ if (memcmp(hk, received->hk, sizeof(hk))) {
JPAKEerr(JPAKE_F_JPAKE_STEP3B_PROCESS, JPAKE_R_HASH_OF_KEY_MISMATCH);
return 0;
}
diff --git a/crypto/md2/md2_dgst.c b/crypto/md2/md2_dgst.c
index 7f5d9ba69ba2..44193e282b43 100644
--- a/crypto/md2/md2_dgst.c
+++ b/crypto/md2/md2_dgst.c
@@ -122,9 +122,9 @@ const char *MD2_options(void)
fips_md_init(MD2)
{
c->num = 0;
- memset(c->state, 0, sizeof c->state);
- memset(c->cksm, 0, sizeof c->cksm);
- memset(c->data, 0, sizeof c->data);
+ memset(c->state, 0, sizeof(c->state));
+ memset(c->cksm, 0, sizeof(c->cksm));
+ memset(c->data, 0, sizeof(c->data));
return 1;
}
diff --git a/crypto/md4/md4.c b/crypto/md4/md4.c
index c9fab6669aff..a79997f8ffcc 100644
--- a/crypto/md4/md4.c
+++ b/crypto/md4/md4.c
@@ -102,7 +102,7 @@ void do_fp(FILE *f)
fd = fileno(f);
MD4_Init(&c);
for (;;) {
- i = read(fd, buf, sizeof buf);
+ i = read(fd, buf, sizeof(buf));
if (i <= 0)
break;
MD4_Update(&c, buf, (unsigned long)i);
diff --git a/crypto/mem_dbg.c b/crypto/mem_dbg.c
index 8525ded78c79..9e1be508951e 100644
--- a/crypto/mem_dbg.c
+++ b/crypto/mem_dbg.c
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -633,16 +633,22 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
APP_INFO *amip;
int ami_cnt;
struct tm *lcl = NULL;
+ struct tm result = {0};
CRYPTO_THREADID ti;
-#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf))
+#define BUF_REMAIN (sizeof(buf) - (size_t)(bufp - buf))
if (m->addr == (char *)l->bio)
return;
if (options & V_CRYPTO_MDEBUG_TIME) {
+# if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && \
+ !defined(OPENSSL_SYS_OS2) && !defined(OPENSSL_SYS_SUNOS) && \
+ (!defined(OPENSSL_SYS_VMS) || defined(localtime_r))
+ lcl = localtime_r(&m->time, &result);
+# else
lcl = localtime(&m->time);
-
+# endif
BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ",
lcl->tm_hour, lcl->tm_min, lcl->tm_sec);
bufp += strlen(bufp);
@@ -679,7 +685,7 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
ami_cnt++;
memset(buf, '>', ami_cnt);
- BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
+ BIO_snprintf(buf + ami_cnt, sizeof(buf) - ami_cnt,
" thread=%lu, file=%s, line=%d, info=\"",
CRYPTO_THREADID_hash(&amip->threadid), amip->file,
amip->line);
@@ -689,10 +695,10 @@ static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
memcpy(buf + buf_len, amip->info, 128 - buf_len - 3);
buf_len = 128 - 3;
} else {
- BUF_strlcpy(buf + buf_len, amip->info, sizeof buf - buf_len);
+ BUF_strlcpy(buf + buf_len, amip->info, sizeof(buf) - buf_len);
buf_len = strlen(buf);
}
- BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n");
+ BIO_snprintf(buf + buf_len, sizeof(buf) - buf_len, "\"\n");
BIO_puts(l->bio, buf);
diff --git a/crypto/o_init.c b/crypto/o_init.c
index 185841ea048c..18bb85894d36 100644
--- a/crypto/o_init.c
+++ b/crypto/o_init.c
@@ -58,6 +58,11 @@
#ifdef OPENSSL_FIPS
# include <openssl/fips.h>
# include <openssl/rand.h>
+
+# ifndef OPENSSL_NO_DEPRECATED
+/* the prototype is missing in <openssl/fips.h> */
+void FIPS_crypto_set_id_callback(unsigned long (*func)(void));
+# endif
#endif
/*
diff --git a/crypto/o_time.c b/crypto/o_time.c
index 04d805d9a96d..61927439eaf5 100644
--- a/crypto/o_time.c
+++ b/crypto/o_time.c
@@ -8,7 +8,7 @@
* 2008.
*/
/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2001-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -105,7 +105,7 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
{
struct tm *ts = NULL;
-#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
+#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_SUNOS)
if (gmtime_r(timer, result) == NULL)
return NULL;
ts = result;
@@ -141,14 +141,14 @@ struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
pitem->ileb_64$w_mbo = 1;
pitem->ileb_64$w_code = LNM$_STRING;
pitem->ileb_64$l_mbmo = -1;
- pitem->ileb_64$q_length = sizeof (logvalue);
+ pitem->ileb_64$q_length = sizeof(logvalue);
pitem->ileb_64$pq_bufaddr = logvalue;
pitem->ileb_64$pq_retlen_addr = (unsigned __int64 *) &reslen;
pitem++;
/* Last item of the item list is null terminated */
pitem->ileb_64$q_length = pitem->ileb_64$w_code = 0;
# else
- pitem->ile3$w_length = sizeof (logvalue);
+ pitem->ile3$w_length = sizeof(logvalue);
pitem->ile3$w_code = LNM$_STRING;
pitem->ile3$ps_bufaddr = logvalue;
pitem->ile3$ps_retlen_addr = (unsigned short int *) &reslen;
diff --git a/crypto/objects/o_names.c b/crypto/objects/o_names.c
index f106905ffa77..b8bdc5c5202e 100644
--- a/crypto/objects/o_names.c
+++ b/crypto/objects/o_names.c
@@ -312,13 +312,13 @@ void OBJ_NAME_do_all_sorted(int type,
d.type = type;
d.names =
- OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names);
+ OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof(*d.names));
/* Really should return an error if !d.names...but its a void function! */
if (d.names) {
d.n = 0;
OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
- qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
+ qsort((void *)d.names, d.n, sizeof(*d.names), do_all_sorted_cmp);
for (n = 0; n < d.n; ++n)
fn(d.names[n], arg);
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index aca382a6e9f3..315afa9dbed3 100644
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -305,9 +305,8 @@ int OBJ_add_object(const ASN1_OBJECT *obj)
for (i = ADDED_DATA; i <= ADDED_NID; i++)
if (ao[i] != NULL)
OPENSSL_free(ao[i]);
- if (o != NULL)
- OPENSSL_free(o);
- return (NID_undef);
+ ASN1_OBJECT_free(o);
+ return NID_undef;
}
ASN1_OBJECT *OBJ_nid2obj(int n)
@@ -591,7 +590,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
n += i;
OPENSSL_free(bndec);
} else {
- BIO_snprintf(tbuf, sizeof tbuf, ".%lu", l);
+ BIO_snprintf(tbuf, sizeof(tbuf), ".%lu", l);
i = strlen(tbuf);
if (buf && (buf_len > 0)) {
BUF_strlcpy(buf, tbuf, buf_len);
@@ -725,6 +724,10 @@ const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num,
return (p);
}
+/*
+ * Parse a BIO sink to create some extra oid's objects.
+ * Line format:<OID:isdigit or '.']><isspace><SN><isspace><LN>
+ */
int OBJ_create_objects(BIO *in)
{
MS_STATIC char buf[512];
@@ -746,9 +749,9 @@ int OBJ_create_objects(BIO *in)
*(s++) = '\0';
while (isspace((unsigned char)*s))
s++;
- if (*s == '\0')
+ if (*s == '\0') {
s = NULL;
- else {
+ } else {
l = s;
while ((*l != '\0') && !isspace((unsigned char)*l))
l++;
@@ -756,15 +759,18 @@ int OBJ_create_objects(BIO *in)
*(l++) = '\0';
while (isspace((unsigned char)*l))
l++;
- if (*l == '\0')
+ if (*l == '\0') {
l = NULL;
- } else
+ }
+ } else {
l = NULL;
+ }
}
- } else
+ } else {
s = NULL;
- if ((o == NULL) || (*o == '\0'))
- return (num);
+ }
+ if (*o == '\0')
+ return num;
if (!OBJ_create(o, s, l))
return (num);
num++;
diff --git a/crypto/opensslv.h b/crypto/opensslv.h
index baee2d0865fd..77f124e2cb3c 100644
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x100020efL
+# define OPENSSL_VERSION_NUMBER 0x100020ffL
# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2n-fips 7 Dec 2017"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2o-fips 27 Mar 2018"
# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2n 7 Dec 2017"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2o 27 Mar 2018"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index 4d736a1d07e5..0994020d2eac 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -354,7 +354,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
/* create the right magic header stuff */
OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
- sizeof buf);
+ sizeof(buf));
buf[0] = '\0';
PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 865976bf8cce..4d5f053e4680 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -406,7 +406,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
OPENSSL_cleanse(buf, PEM_BUFSIZE);
OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
- sizeof buf);
+ sizeof(buf));
buf[0] = '\0';
PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 6cf8253bc238..6a463680d7ec 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -375,16 +375,18 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
}
if (bio == NULL) {
- if (PKCS7_is_detached(p7))
+ if (PKCS7_is_detached(p7)) {
bio = BIO_new(BIO_s_null());
- else if (os && os->length > 0)
+ } else if (os && os->length > 0) {
bio = BIO_new_mem_buf(os->data, os->length);
- if (bio == NULL) {
+ } else {
bio = BIO_new(BIO_s_mem());
if (bio == NULL)
goto err;
BIO_set_mem_eof_return(bio, 0);
}
+ if (bio == NULL)
+ goto err;
}
if (out)
BIO_push(out, bio);
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 29e465b07524..a7af9f9d8671 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -238,7 +238,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
md_c[0] = md_count[0];
md_c[1] = md_count[1];
- memcpy(local_md, md, sizeof md);
+ memcpy(local_md, md, sizeof(md));
/* state_index <= state_num <= STATE_SIZE */
state_index += num;
@@ -454,7 +454,7 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
st_num = state_num;
md_c[0] = md_count[0];
md_c[1] = md_count[1];
- memcpy(local_md, md, sizeof md);
+ memcpy(local_md, md, sizeof(md));
state_index += num_ceil;
if (state_index > state_num)
@@ -480,7 +480,7 @@ int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
goto err;
#ifndef GETPID_IS_MEANINGLESS
if (curr_pid) { /* just in the first iteration to save time */
- if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof curr_pid))
+ if (!MD_Update(&m, (unsigned char *)&curr_pid, sizeof(curr_pid)))
goto err;
curr_pid = 0;
}
diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c
index 737aebfa22fe..66fb14c87efd 100644
--- a/crypto/rand/rand_egd.c
+++ b/crypto/rand/rand_egd.c
@@ -148,7 +148,7 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
addr.sun_family = AF_UNIX;
if (strlen(path) >= sizeof(addr.sun_path))
return (-1);
- BUF_strlcpy(addr.sun_path, path, sizeof addr.sun_path);
+ BUF_strlcpy(addr.sun_path, path, sizeof(addr.sun_path));
len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (fd == -1)
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index 6c5b65da0070..097e4099181a 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -181,15 +181,15 @@ int RAND_poll(void)
*/
curr_gid = getgid();
- RAND_add(&curr_gid, sizeof curr_gid, 1);
+ RAND_add(&curr_gid, sizeof(curr_gid), 1);
curr_gid = 0;
curr_pid = getpid();
- RAND_add(&curr_pid, sizeof curr_pid, 1);
+ RAND_add(&curr_pid, sizeof(curr_pid), 1);
curr_pid = 0;
curr_uid = getuid();
- RAND_add(&curr_uid, sizeof curr_uid, 1);
+ RAND_add(&curr_uid, sizeof(curr_uid), 1);
curr_uid = 0;
for (i = 0; i < (ENTROPY_NEEDED * 4); i++) {
@@ -217,7 +217,7 @@ int RAND_poll(void)
/* take 8 bits */
v = (unsigned char)(ts.tv_nsec % 256);
- RAND_add(&v, sizeof v, 1);
+ RAND_add(&v, sizeof(v), 1);
v = 0;
}
return 1;
@@ -402,7 +402,7 @@ int RAND_poll(void)
# if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
if (n > 0) {
- RAND_add(tmpbuf, sizeof tmpbuf, (double)n);
+ RAND_add(tmpbuf, sizeof(tmpbuf), (double)n);
OPENSSL_cleanse(tmpbuf, n);
}
# endif
diff --git a/crypto/rsa/rsa_crpt.c b/crypto/rsa/rsa_crpt.c
index 5c416b53fab0..68f2981cc54d 100644
--- a/crypto/rsa/rsa_crpt.c
+++ b/crypto/rsa/rsa_crpt.c
@@ -219,7 +219,7 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
* if PRNG is not properly seeded, resort to secret exponent as
* unpredictable seed
*/
- RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
+ RAND_add(rsa->d->d, rsa->d->dmax * sizeof(rsa->d->d[0]), 0.0);
}
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index a85493d6097b..9ca5dfefb707 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -109,6 +109,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
BIGNUM *pr0, *d, *p;
int bitsp, bitsq, ok = -1, n = 0;
BN_CTX *ctx = NULL;
+ unsigned long error = 0;
/*
* When generating ridiculously small keys, we can get stuck
@@ -155,16 +156,26 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
if (BN_copy(rsa->e, e_value) == NULL)
goto err;
+ BN_set_flags(r2, BN_FLG_CONSTTIME);
/* generate p and q */
for (;;) {
if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
goto err;
if (!BN_sub(r2, rsa->p, BN_value_one()))
goto err;
- if (!BN_gcd(r1, r2, rsa->e, ctx))
- goto err;
- if (BN_is_one(r1))
+ ERR_set_mark();
+ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) {
+ /* GCD == 1 since inverse exists */
break;
+ }
+ error = ERR_peek_last_error();
+ if (ERR_GET_LIB(error) == ERR_LIB_BN
+ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
+ /* GCD != 1 */
+ ERR_pop_to_mark();
+ } else {
+ goto err;
+ }
if (!BN_GENCB_call(cb, 2, n++))
goto err;
}
@@ -177,10 +188,19 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
} while (BN_cmp(rsa->p, rsa->q) == 0);
if (!BN_sub(r2, rsa->q, BN_value_one()))
goto err;
- if (!BN_gcd(r1, r2, rsa->e, ctx))
- goto err;
- if (BN_is_one(r1))
+ ERR_set_mark();
+ if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) {
+ /* GCD == 1 since inverse exists */
break;
+ }
+ error = ERR_peek_last_error();
+ if (ERR_GET_LIB(error) == ERR_LIB_BN
+ && ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
+ /* GCD != 1 */
+ ERR_pop_to_mark();
+ } else {
+ goto err;
+ }
if (!BN_GENCB_call(cb, 2, n++))
goto err;
}
diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c
index 2c3fd73b0996..3c9250ba5eb3 100644
--- a/crypto/rsa/rsa_pss.c
+++ b/crypto/rsa/rsa_pss.c
@@ -157,7 +157,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
goto err;
}
if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
- || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+ || !EVP_DigestUpdate(&ctx, zeroes, sizeof(zeroes))
|| !EVP_DigestUpdate(&ctx, mHash, hLen))
goto err;
if (maskedDBLen - i) {
@@ -252,7 +252,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
H = EM + maskedDBLen;
EVP_MD_CTX_init(&ctx);
if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
- || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+ || !EVP_DigestUpdate(&ctx, zeroes, sizeof(zeroes))
|| !EVP_DigestUpdate(&ctx, mHash, hLen))
goto err;
if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
diff --git a/crypto/rsa/rsa_test.c b/crypto/rsa/rsa_test.c
index 85c7440b8c68..ed78f01081b1 100644
--- a/crypto/rsa/rsa_test.c
+++ b/crypto/rsa/rsa_test.c
@@ -226,7 +226,7 @@ int main(int argc, char *argv[])
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
- RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
+ RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or OAEP may fail */
plen = sizeof(ptext_ex) - 1;
diff --git a/crypto/srp/srp_grps.h b/crypto/srp/srp_grps.h
index 31312de15c81..f76652cb8b9a 100644
--- a/crypto/srp/srp_grps.h
+++ b/crypto/srp/srp_grps.h
@@ -21,8 +21,8 @@ static BN_ULONG bn_group_1024_value[] = {
static BIGNUM bn_group_1024 = {
bn_group_1024_value,
- (sizeof bn_group_1024_value) / sizeof(BN_ULONG),
- (sizeof bn_group_1024_value) / sizeof(BN_ULONG),
+ (sizeof(bn_group_1024_value)) / sizeof(BN_ULONG),
+ (sizeof(bn_group_1024_value)) / sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
@@ -56,8 +56,8 @@ static BN_ULONG bn_group_1536_value[] = {
static BIGNUM bn_group_1536 = {
bn_group_1536_value,
- (sizeof bn_group_1536_value) / sizeof(BN_ULONG),
- (sizeof bn_group_1536_value) / sizeof(BN_ULONG),
+ (sizeof(bn_group_1536_value)) / sizeof(BN_ULONG),
+ (sizeof(bn_group_1536_value)) / sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
@@ -99,8 +99,8 @@ static BN_ULONG bn_group_2048_value[] = {
static BIGNUM bn_group_2048 = {
bn_group_2048_value,
- (sizeof bn_group_2048_value) / sizeof(BN_ULONG),
- (sizeof bn_group_2048_value) / sizeof(BN_ULONG),
+ (sizeof(bn_group_2048_value)) / sizeof(BN_ULONG),
+ (sizeof(bn_group_2048_value)) / sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
@@ -158,8 +158,8 @@ static BN_ULONG bn_group_3072_value[] = {
static BIGNUM bn_group_3072 = {
bn_group_3072_value,
- (sizeof bn_group_3072_value) / sizeof(BN_ULONG),
- (sizeof bn_group_3072_value) / sizeof(BN_ULONG),
+ (sizeof(bn_group_3072_value)) / sizeof(BN_ULONG),
+ (sizeof(bn_group_3072_value)) / sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
@@ -233,8 +233,8 @@ static BN_ULONG bn_group_4096_value[] = {
static BIGNUM bn_group_4096 = {
bn_group_4096_value,
- (sizeof bn_group_4096_value) / sizeof(BN_ULONG),
- (sizeof bn_group_4096_value) / sizeof(BN_ULONG),
+ (sizeof(bn_group_4096_value)) / sizeof(BN_ULONG),
+ (sizeof(bn_group_4096_value)) / sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
@@ -340,8 +340,8 @@ static BN_ULONG bn_group_6144_value[] = {
static BIGNUM bn_group_6144 = {
bn_group_6144_value,
- (sizeof bn_group_6144_value) / sizeof(BN_ULONG),
- (sizeof bn_group_6144_value) / sizeof(BN_ULONG),
+ (sizeof(bn_group_6144_value)) / sizeof(BN_ULONG),
+ (sizeof(bn_group_6144_value)) / sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
@@ -479,8 +479,8 @@ static BN_ULONG bn_group_8192_value[] = {
static BIGNUM bn_group_8192 = {
bn_group_8192_value,
- (sizeof bn_group_8192_value) / sizeof(BN_ULONG),
- (sizeof bn_group_8192_value) / sizeof(BN_ULONG),
+ (sizeof(bn_group_8192_value)) / sizeof(BN_ULONG),
+ (sizeof(bn_group_8192_value)) / sizeof(BN_ULONG),
0,
BN_FLG_STATIC_DATA
};
diff --git a/crypto/threads/mttest.c b/crypto/threads/mttest.c
index dbff4a69f3a4..b26ed28aa9f6 100644
--- a/crypto/threads/mttest.c
+++ b/crypto/threads/mttest.c
@@ -190,7 +190,7 @@ int main(int argc, char *argv[])
char *ccert = TEST_CLIENT_CERT;
const SSL_METHOD *ssl_method = SSLv23_method();
- RAND_seed(rnd_seed, sizeof rnd_seed);
+ RAND_seed(rnd_seed, sizeof(rnd_seed));
if (bio_err == NULL)
bio_err = BIO_new_fd(2, BIO_NOCLOSE);
diff --git a/crypto/ts/Makefile b/crypto/ts/Makefile
index cf991efe4641..4a3c0f0017e8 100644
--- a/crypto/ts/Makefile
+++ b/crypto/ts/Makefile
@@ -217,7 +217,8 @@ ts_rsp_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
ts_rsp_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
ts_rsp_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
ts_rsp_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-ts_rsp_sign.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_sign.c
+ts_rsp_sign.o: ../../include/openssl/x509v3.h ../cryptlib.h ../o_time.h
+ts_rsp_sign.o: ts_rsp_sign.c
ts_rsp_utils.o: ../../e_os.h ../../include/openssl/asn1.h
ts_rsp_utils.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
ts_rsp_utils.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index db6ce3241f73..d55e903e836a 100644
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -4,7 +4,7 @@
* 2002.
*/
/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -58,6 +58,7 @@
*/
#include "cryptlib.h"
+#include "o_time.h"
#if defined(OPENSSL_SYS_UNIX)
# include <sys/time.h>
@@ -948,6 +949,7 @@ static ASN1_GENERALIZEDTIME
{
time_t time_sec = (time_t)sec;
struct tm *tm = NULL;
+ struct tm result = {0};
char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
char *p = genTime_str;
char *p_end = genTime_str + sizeof(genTime_str);
@@ -955,7 +957,7 @@ static ASN1_GENERALIZEDTIME
if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
goto err;
- if (!(tm = gmtime(&time_sec)))
+ if (!(tm = OPENSSL_gmtime(&time_sec, &result)))
goto err;
/*
diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c
index 17d14f58427a..8a43590319fa 100644
--- a/crypto/ui/ui_openssl.c
+++ b/crypto/ui/ui_openssl.c
@@ -614,7 +614,7 @@ static void pushsig(void)
# ifdef SIGACTION
struct sigaction sa;
- memset(&sa, 0, sizeof sa);
+ memset(&sa, 0, sizeof(sa));
sa.sa_handler = recsig;
# endif
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
index 35db09559133..594031e7722d 100644
--- a/crypto/x509/x509_txt.c
+++ b/crypto/x509/x509_txt.c
@@ -212,7 +212,7 @@ const char *X509_verify_cert_error_string(long n)
return ("proxy subject name violation");
default:
- BIO_snprintf(buf, sizeof buf, "error number %ld", n);
+ BIO_snprintf(buf, sizeof(buf), "error number %ld", n);
return (buf);
}
}
diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c
index 4a03445a64d2..9a3517e02af1 100644
--- a/crypto/x509/x509_v3.c
+++ b/crypto/x509/x509_v3.c
@@ -177,7 +177,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
err2:
if (new_ex != NULL)
X509_EXTENSION_free(new_ex);
- if (sk != NULL)
+ if (x != NULL && *x == NULL && sk != NULL)
sk_X509_EXTENSION_free(sk);
return (NULL);
}
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index 1ac15a881a10..7d68a4abbc94 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -173,7 +173,7 @@ X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)
X509_VERIFY_PARAM *param;
X509_VERIFY_PARAM_ID *paramid;
- param = OPENSSL_malloc(sizeof *param);
+ param = OPENSSL_malloc(sizeof(*param));
if (!param)
return NULL;
memset(param, 0, sizeof(*param));
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index a0351faf1119..d4d024c561c8 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -157,12 +157,12 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
case GEN_IPADD:
p = gen->d.ip->data;
if (gen->d.ip->length == 4)
- BIO_snprintf(oline, sizeof oline,
+ BIO_snprintf(oline, sizeof(oline),
"%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
else if (gen->d.ip->length == 16) {
oline[0] = 0;
for (i = 0; i < 8; i++) {
- BIO_snprintf(htmp, sizeof htmp, "%X", p[0] << 8 | p[1]);
+ BIO_snprintf(htmp, sizeof(htmp), "%X", p[0] << 8 | p[1]);
p += 2;
strcat(oline, htmp);
if (i != 7)
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index c1b4c1a89f74..a38848cc1df7 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -4,7 +4,7 @@
* 1999.
*/
/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -340,8 +340,12 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
val = sk_CONF_VALUE_value(nval, i);
if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
return 0;
- if (sk)
- X509v3_add_ext(sk, ext, -1);
+ if (sk != NULL) {
+ if (X509v3_add_ext(sk, ext, -1) == NULL) {
+ X509_EXTENSION_free(ext);
+ return 0;
+ }
+ }
X509_EXTENSION_free(ext);
}
return 1;
diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c
index 7064c725d98d..0c64b0adfcc9 100644
--- a/crypto/x509v3/v3_info.c
+++ b/crypto/x509v3/v3_info.c
@@ -126,7 +126,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
goto err;
tret = tmp;
vtmp = sk_CONF_VALUE_value(tret, i);
- i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
+ i2t_ASN1_OBJECT(objtmp, sizeof(objtmp), desc->method);
nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
ntmp = OPENSSL_malloc(nlen);
if (ntmp == NULL)