aboutsummaryrefslogtreecommitdiff
path: root/crypto
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2020-03-17 21:27:57 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2020-03-17 21:27:57 +0000
commitaa144ced5d61b5c7fb74acaebb37d85bd08f0416 (patch)
tree2de6902cff4b007f4fae30a7d6c546b4dd3d1740 /crypto
parentfbc3ad1ae1976eb5f2bac351260f2c5ee255c27f (diff)
downloadsrc-aa144ced5d61b5c7fb74acaebb37d85bd08f0416.tar.gz
src-aa144ced5d61b5c7fb74acaebb37d85bd08f0416.zip
Import OpenSSL 1.1.1e.vendor/openssl/1.1.1e
Notes
Notes: svn path=/vendor-crypto/openssl/dist/; revision=359051 svn path=/vendor-crypto/openssl/1.1.1e/; revision=359052; tag=vendor/openssl/1.1.1e
Diffstat (limited to 'crypto')
-rw-r--r--crypto/LPdir_unix.c5
-rw-r--r--crypto/aes/aes_core.c2
-rw-r--r--crypto/aes/aes_ecb.c2
-rw-r--r--crypto/aes/aes_ige.c2
-rw-r--r--crypto/aes/aes_local.h (renamed from crypto/aes/aes_locl.h)6
-rw-r--r--crypto/aes/aes_misc.c2
-rw-r--r--crypto/aes/aes_x86core.c2
-rwxr-xr-xcrypto/aes/asm/aes-armv4.pl4
-rwxr-xr-xcrypto/aes/asm/aes-c64xplus.pl4
-rwxr-xr-xcrypto/aes/asm/aes-mips.pl4
-rwxr-xr-xcrypto/aes/asm/aes-parisc.pl4
-rwxr-xr-xcrypto/aes/asm/aes-ppc.pl4
-rwxr-xr-xcrypto/aes/asm/aes-s390x.pl8
-rwxr-xr-xcrypto/aes/asm/aes-sparcv9.pl4
-rwxr-xr-xcrypto/aes/asm/aesfx-sparcv9.pl4
-rwxr-xr-xcrypto/aes/asm/aesni-mb-x86_64.pl6
-rwxr-xr-xcrypto/aes/asm/aesni-sha1-x86_64.pl12
-rwxr-xr-xcrypto/aes/asm/aesni-sha256-x86_64.pl66
-rwxr-xr-xcrypto/aes/asm/aesni-x86.pl4
-rwxr-xr-xcrypto/aes/asm/aesni-x86_64.pl30
-rwxr-xr-xcrypto/aes/asm/aesp8-ppc.pl4
-rwxr-xr-xcrypto/aes/asm/aest4-sparcv9.pl4
-rwxr-xr-xcrypto/aes/asm/aesv8-armx.pl4
-rwxr-xr-xcrypto/aes/asm/bsaes-armv7.pl4
-rwxr-xr-xcrypto/aes/asm/vpaes-armv8.pl4
-rwxr-xr-xcrypto/aes/asm/vpaes-ppc.pl4
-rwxr-xr-xcrypto/aes/asm/vpaes-x86.pl4
-rwxr-xr-xcrypto/aes/asm/vpaes-x86_64.pl4
-rw-r--r--crypto/aria/aria.c2
-rwxr-xr-xcrypto/arm64cpuid.pl4
-rw-r--r--crypto/arm_arch.h4
-rwxr-xr-xcrypto/armv4cpuid.pl4
-rw-r--r--crypto/asn1/a_bitstr.c2
-rw-r--r--crypto/asn1/a_d2i_fp.c2
-rw-r--r--crypto/asn1/a_gentm.c2
-rw-r--r--crypto/asn1/a_int.c2
-rw-r--r--crypto/asn1/a_mbstr.c2
-rw-r--r--crypto/asn1/a_object.c6
-rw-r--r--crypto/asn1/a_print.c2
-rw-r--r--crypto/asn1/a_sign.c4
-rw-r--r--crypto/asn1/a_strex.c2
-rw-r--r--crypto/asn1/a_time.c4
-rw-r--r--crypto/asn1/a_type.c2
-rw-r--r--crypto/asn1/a_utctm.c2
-rw-r--r--crypto/asn1/a_verify.c4
-rw-r--r--crypto/asn1/ameth_lib.c4
-rw-r--r--crypto/asn1/asn1_lib.c2
-rw-r--r--crypto/asn1/asn1_local.h (renamed from crypto/asn1/asn1_locl.h)0
-rw-r--r--crypto/asn1/asn1_par.c38
-rw-r--r--crypto/asn1/asn_mime.c16
-rw-r--r--crypto/asn1/asn_moid.c6
-rw-r--r--crypto/asn1/charmap.h2
-rw-r--r--crypto/asn1/d2i_pr.c4
-rw-r--r--crypto/asn1/d2i_pu.c2
-rw-r--r--crypto/asn1/f_int.c2
-rw-r--r--crypto/asn1/f_string.c2
-rw-r--r--crypto/asn1/i2d_pr.c4
-rw-r--r--crypto/asn1/p8_pkey.c2
-rw-r--r--crypto/asn1/t_pkey.c2
-rw-r--r--crypto/asn1/tasn_dec.c2
-rw-r--r--crypto/asn1/tasn_enc.c4
-rw-r--r--crypto/asn1/tasn_fre.c2
-rw-r--r--crypto/asn1/tasn_new.c2
-rw-r--r--crypto/asn1/tasn_prn.c4
-rw-r--r--crypto/asn1/tasn_scn.c2
-rw-r--r--crypto/asn1/tasn_utl.c2
-rw-r--r--crypto/asn1/x_algor.c2
-rw-r--r--crypto/asn1/x_bignum.c6
-rw-r--r--crypto/asn1/x_int64.c2
-rw-r--r--crypto/asn1/x_sig.c2
-rw-r--r--crypto/async/arch/async_null.c2
-rw-r--r--crypto/async/arch/async_posix.c2
-rw-r--r--crypto/async/arch/async_posix.h6
-rw-r--r--crypto/async/async.c4
-rw-r--r--crypto/async/async_local.h (renamed from crypto/async/async_locl.h)2
-rw-r--r--crypto/async/async_wait.c2
-rw-r--r--crypto/bf/asm/bf-586.pl4
-rw-r--r--crypto/bf/bf_cfb64.c2
-rw-r--r--crypto/bf/bf_ecb.c2
-rw-r--r--crypto/bf/bf_enc.c2
-rw-r--r--crypto/bf/bf_local.h (renamed from crypto/bf/bf_locl.h)4
-rw-r--r--crypto/bf/bf_ofb64.c2
-rw-r--r--crypto/bf/bf_skey.c2
-rw-r--r--crypto/bio/b_addr.c8
-rw-r--r--crypto/bio/b_dump.c6
-rw-r--r--crypto/bio/b_print.c2
-rw-r--r--crypto/bio/b_sock.c2
-rw-r--r--crypto/bio/b_sock2.c2
-rw-r--r--crypto/bio/bf_buff.c2
-rw-r--r--crypto/bio/bf_lbuf.c2
-rw-r--r--crypto/bio/bf_nbio.c2
-rw-r--r--crypto/bio/bf_null.c2
-rw-r--r--crypto/bio/bio_cb.c2
-rw-r--r--crypto/bio/bio_lib.c2
-rw-r--r--crypto/bio/bio_local.h (renamed from crypto/bio/bio_lcl.h)6
-rw-r--r--crypto/bio/bio_meth.c2
-rw-r--r--crypto/bio/bss_acpt.c11
-rw-r--r--crypto/bio/bss_bio.c2
-rw-r--r--crypto/bio/bss_conn.c18
-rw-r--r--crypto/bio/bss_dgram.c2
-rw-r--r--crypto/bio/bss_fd.c9
-rw-r--r--crypto/bio/bss_file.c2
-rw-r--r--crypto/bio/bss_log.c2
-rw-r--r--crypto/bio/bss_mem.c2
-rw-r--r--crypto/bio/bss_null.c2
-rw-r--r--crypto/bio/bss_sock.c9
-rw-r--r--crypto/blake2/blake2_local.h (renamed from crypto/blake2/blake2_locl.h)0
-rw-r--r--crypto/blake2/blake2b.c2
-rw-r--r--crypto/blake2/blake2s.c2
-rw-r--r--crypto/blake2/m_blake2b.c4
-rw-r--r--crypto/blake2/m_blake2s.c4
-rw-r--r--crypto/bn/README.pod2
-rwxr-xr-xcrypto/bn/asm/armv4-gf2m.pl4
-rwxr-xr-xcrypto/bn/asm/armv4-mont.pl4
-rwxr-xr-xcrypto/bn/asm/armv8-mont.pl4
-rw-r--r--crypto/bn/asm/bn-586.pl4
-rwxr-xr-xcrypto/bn/asm/c64xplus-gf2m.pl4
-rw-r--r--crypto/bn/asm/co-586.pl12
-rwxr-xr-xcrypto/bn/asm/ia64-mont.pl4
-rwxr-xr-xcrypto/bn/asm/mips-mont.pl4
-rwxr-xr-xcrypto/bn/asm/mips.pl4
-rwxr-xr-xcrypto/bn/asm/parisc-mont.pl4
-rwxr-xr-xcrypto/bn/asm/ppc-mont.pl4
-rw-r--r--crypto/bn/asm/ppc.pl4
-rwxr-xr-xcrypto/bn/asm/ppc64-mont.pl4
-rwxr-xr-xcrypto/bn/asm/rsaz-avx2.pl6
-rwxr-xr-xcrypto/bn/asm/rsaz-x86_64.pl403
-rwxr-xr-xcrypto/bn/asm/s390x-gf2m.pl4
-rwxr-xr-xcrypto/bn/asm/s390x-mont.pl12
-rwxr-xr-xcrypto/bn/asm/s390x.S2
-rwxr-xr-xcrypto/bn/asm/sparct4-mont.pl4
-rwxr-xr-xcrypto/bn/asm/sparcv9-gf2m.pl4
-rwxr-xr-xcrypto/bn/asm/sparcv9-mont.pl4
-rwxr-xr-xcrypto/bn/asm/sparcv9a-mont.pl4
-rwxr-xr-xcrypto/bn/asm/via-mont.pl4
-rwxr-xr-xcrypto/bn/asm/vis3-mont.pl4
-rwxr-xr-xcrypto/bn/asm/x86-gf2m.pl4
-rwxr-xr-xcrypto/bn/asm/x86-mont.pl4
-rw-r--r--crypto/bn/asm/x86_64-gcc.c2
-rwxr-xr-xcrypto/bn/asm/x86_64-gf2m.pl4
-rwxr-xr-xcrypto/bn/asm/x86_64-mont.pl6
-rwxr-xr-xcrypto/bn/asm/x86_64-mont5.pl24
-rw-r--r--crypto/bn/bn_add.c2
-rw-r--r--crypto/bn/bn_asm.c2
-rw-r--r--crypto/bn/bn_blind.c2
-rw-r--r--crypto/bn/bn_ctx.c2
-rw-r--r--crypto/bn/bn_depr.c2
-rw-r--r--crypto/bn/bn_dh.c4
-rw-r--r--crypto/bn/bn_div.c2
-rw-r--r--crypto/bn/bn_exp.c4
-rw-r--r--crypto/bn/bn_exp2.c2
-rw-r--r--crypto/bn/bn_gcd.c220
-rw-r--r--crypto/bn/bn_gf2m.c2
-rw-r--r--crypto/bn/bn_intern.c2
-rw-r--r--crypto/bn/bn_kron.c2
-rw-r--r--crypto/bn/bn_lib.c4
-rw-r--r--crypto/bn/bn_local.h (renamed from crypto/bn/bn_lcl.h)8
-rw-r--r--crypto/bn/bn_mod.c2
-rw-r--r--crypto/bn/bn_mont.c2
-rw-r--r--crypto/bn/bn_mpi.c2
-rw-r--r--crypto/bn/bn_mul.c2
-rw-r--r--crypto/bn/bn_nist.c2
-rw-r--r--crypto/bn/bn_prime.c2
-rw-r--r--crypto/bn/bn_prime.h2
-rw-r--r--crypto/bn/bn_print.c4
-rw-r--r--crypto/bn/bn_rand.c2
-rw-r--r--crypto/bn/bn_recp.c2
-rw-r--r--crypto/bn/bn_shift.c73
-rw-r--r--crypto/bn/bn_sqr.c2
-rw-r--r--crypto/bn/bn_sqrt.c2
-rw-r--r--crypto/bn/bn_srp.c4
-rw-r--r--crypto/bn/bn_word.c2
-rw-r--r--crypto/bn/bn_x931p.c2
-rw-r--r--crypto/bn/build.info1
-rw-r--r--crypto/bn/rsaz_exp.h4
-rwxr-xr-xcrypto/c64xpluscpuid.pl4
-rwxr-xr-xcrypto/camellia/asm/cmll-x86.pl4
-rwxr-xr-xcrypto/camellia/asm/cmll-x86_64.pl12
-rwxr-xr-xcrypto/camellia/asm/cmllt4-sparcv9.pl4
-rw-r--r--crypto/camellia/camellia.c2
-rw-r--r--crypto/camellia/cmll_ecb.c2
-rw-r--r--crypto/camellia/cmll_local.h (renamed from crypto/camellia/cmll_locl.h)6
-rw-r--r--crypto/camellia/cmll_misc.c2
-rw-r--r--crypto/cast/asm/cast-586.pl4
-rw-r--r--crypto/cast/c_cfb64.c2
-rw-r--r--crypto/cast/c_ecb.c2
-rw-r--r--crypto/cast/c_enc.c2
-rw-r--r--crypto/cast/c_ofb64.c2
-rw-r--r--crypto/cast/c_skey.c2
-rw-r--r--crypto/cast/cast_local.h (renamed from crypto/cast/cast_lcl.h)0
-rwxr-xr-xcrypto/chacha/asm/chacha-armv4.pl4
-rwxr-xr-xcrypto/chacha/asm/chacha-armv8.pl4
-rwxr-xr-xcrypto/chacha/asm/chacha-c64xplus.pl4
-rwxr-xr-xcrypto/chacha/asm/chacha-ppc.pl4
-rwxr-xr-xcrypto/chacha/asm/chacha-s390x.pl4
-rwxr-xr-xcrypto/chacha/asm/chacha-x86.pl6
-rwxr-xr-xcrypto/chacha/asm/chacha-x86_64.pl6
-rw-r--r--crypto/chacha/chacha_enc.c19
-rw-r--r--crypto/cmac/cm_ameth.c2
-rw-r--r--crypto/cmac/cm_pmeth.c2
-rw-r--r--crypto/cms/cms_asn1.c2
-rw-r--r--crypto/cms/cms_att.c2
-rw-r--r--crypto/cms/cms_cd.c2
-rw-r--r--crypto/cms/cms_dd.c2
-rw-r--r--crypto/cms/cms_enc.c2
-rw-r--r--crypto/cms/cms_env.c6
-rw-r--r--crypto/cms/cms_ess.c2
-rw-r--r--crypto/cms/cms_io.c2
-rw-r--r--crypto/cms/cms_kari.c6
-rw-r--r--crypto/cms/cms_lib.c2
-rw-r--r--crypto/cms/cms_local.h (renamed from crypto/cms/cms_lcl.h)4
-rw-r--r--crypto/cms/cms_pwri.c4
-rw-r--r--crypto/cms/cms_sd.c6
-rw-r--r--crypto/cms/cms_smime.c4
-rw-r--r--crypto/comp/c_zlib.c26
-rw-r--r--crypto/comp/comp_lib.c2
-rw-r--r--crypto/comp/comp_local.h (renamed from crypto/comp/comp_lcl.h)0
-rw-r--r--crypto/conf/conf_def.c17
-rw-r--r--crypto/conf/conf_def.h2
-rw-r--r--crypto/conf/conf_lib.c2
-rw-r--r--crypto/conf/conf_local.h (renamed from crypto/conf/conf_lcl.h)0
-rw-r--r--crypto/conf/conf_mall.c2
-rw-r--r--crypto/conf/conf_ssl.c2
-rw-r--r--crypto/cryptlib.c4
-rw-r--r--crypto/ct/ct_b64.c2
-rw-r--r--crypto/ct/ct_local.h (renamed from crypto/ct/ct_locl.h)0
-rw-r--r--crypto/ct/ct_oct.c2
-rw-r--r--crypto/ct/ct_policy.c2
-rw-r--r--crypto/ct/ct_prn.c2
-rw-r--r--crypto/ct/ct_sct.c2
-rw-r--r--crypto/ct/ct_sct_ctx.c2
-rw-r--r--crypto/ct/ct_vfy.c2
-rw-r--r--crypto/ct/ct_x509v3.c2
-rw-r--r--crypto/ctype.c2
-rw-r--r--crypto/des/asm/crypt586.pl4
-rw-r--r--crypto/des/asm/des-586.pl4
-rw-r--r--crypto/des/asm/des_enc.m48
-rwxr-xr-xcrypto/des/asm/dest4-sparcv9.pl4
-rw-r--r--crypto/des/cbc_cksm.c2
-rw-r--r--crypto/des/cfb64ede.c2
-rw-r--r--crypto/des/cfb64enc.c2
-rw-r--r--crypto/des/cfb_enc.c2
-rw-r--r--crypto/des/des_enc.c2
-rw-r--r--crypto/des/des_local.h (renamed from crypto/des/des_locl.h)4
-rw-r--r--crypto/des/ecb3_enc.c2
-rw-r--r--crypto/des/ecb_enc.c2
-rw-r--r--crypto/des/fcrypt.c2
-rw-r--r--crypto/des/fcrypt_b.c2
-rw-r--r--crypto/des/ncbc_enc.c2
-rw-r--r--crypto/des/ofb64ede.c2
-rw-r--r--crypto/des/ofb64enc.c2
-rw-r--r--crypto/des/ofb_enc.c2
-rw-r--r--crypto/des/pcbc_enc.c2
-rw-r--r--crypto/des/qud_cksm.c2
-rw-r--r--crypto/des/set_key.c2
-rw-r--r--crypto/des/str2key.c2
-rw-r--r--crypto/des/xcbc_enc.c2
-rw-r--r--crypto/dh/dh_ameth.c7
-rw-r--r--crypto/dh/dh_asn1.c2
-rw-r--r--crypto/dh/dh_check.c2
-rw-r--r--crypto/dh/dh_gen.c6
-rw-r--r--crypto/dh/dh_key.c4
-rw-r--r--crypto/dh/dh_lib.c2
-rw-r--r--crypto/dh/dh_local.h (renamed from crypto/dh/dh_locl.h)0
-rw-r--r--crypto/dh/dh_meth.c2
-rw-r--r--crypto/dh/dh_pmeth.c4
-rw-r--r--crypto/dh/dh_rfc5114.c4
-rw-r--r--crypto/dh/dh_rfc7919.c4
-rw-r--r--crypto/dllmain.c2
-rw-r--r--crypto/dsa/dsa_ameth.c6
-rw-r--r--crypto/dsa/dsa_asn1.c2
-rw-r--r--crypto/dsa/dsa_gen.c2
-rw-r--r--crypto/dsa/dsa_key.c2
-rw-r--r--crypto/dsa/dsa_lib.c2
-rw-r--r--crypto/dsa/dsa_local.h (renamed from crypto/dsa/dsa_locl.h)0
-rw-r--r--crypto/dsa/dsa_meth.c2
-rw-r--r--crypto/dsa/dsa_ossl.c4
-rw-r--r--crypto/dsa/dsa_pmeth.c12
-rw-r--r--crypto/dsa/dsa_sign.c2
-rw-r--r--crypto/dsa/dsa_vrf.c2
-rw-r--r--crypto/dso/dso_dl.c2
-rw-r--r--crypto/dso/dso_dlfcn.c2
-rw-r--r--crypto/dso/dso_lib.c2
-rw-r--r--crypto/dso/dso_local.h (renamed from crypto/dso/dso_locl.h)2
-rw-r--r--crypto/dso/dso_openssl.c2
-rwxr-xr-xcrypto/ec/asm/ecp_nistz256-armv4.pl83
-rwxr-xr-xcrypto/ec/asm/ecp_nistz256-armv8.pl69
-rwxr-xr-xcrypto/ec/asm/ecp_nistz256-avx2.pl6
-rwxr-xr-xcrypto/ec/asm/ecp_nistz256-ppc64.pl4
-rwxr-xr-xcrypto/ec/asm/ecp_nistz256-sparcv9.pl4
-rwxr-xr-xcrypto/ec/asm/ecp_nistz256-x86.pl80
-rwxr-xr-xcrypto/ec/asm/ecp_nistz256-x86_64.pl40
-rwxr-xr-xcrypto/ec/asm/x25519-ppc64.pl4
-rwxr-xr-xcrypto/ec/asm/x25519-x86_64.pl20
-rw-r--r--crypto/ec/curve25519.c2
-rw-r--r--crypto/ec/curve448/arch_32/arch_intrinsics.h8
-rw-r--r--crypto/ec/curve448/arch_32/f_impl.h6
-rw-r--r--crypto/ec/curve448/curve448.c2
-rw-r--r--crypto/ec/curve448/curve448_local.h (renamed from crypto/ec/curve448/curve448_lcl.h)6
-rw-r--r--crypto/ec/curve448/curve448utils.h4
-rw-r--r--crypto/ec/curve448/ed448.h6
-rw-r--r--crypto/ec/curve448/eddsa.c11
-rw-r--r--crypto/ec/curve448/field.h8
-rw-r--r--crypto/ec/curve448/point_448.h6
-rw-r--r--crypto/ec/curve448/word.h6
-rw-r--r--crypto/ec/ec2_oct.c2
-rw-r--r--crypto/ec/ec2_smpl.c4
-rw-r--r--crypto/ec/ec_ameth.c6
-rw-r--r--crypto/ec/ec_asn1.c23
-rw-r--r--crypto/ec/ec_check.c2
-rw-r--r--crypto/ec/ec_curve.c2
-rw-r--r--crypto/ec/ec_cvt.c2
-rw-r--r--crypto/ec/ec_key.c2
-rw-r--r--crypto/ec/ec_kmeth.c2
-rw-r--r--crypto/ec/ec_lib.c2
-rw-r--r--crypto/ec/ec_local.h (renamed from crypto/ec/ec_lcl.h)2
-rw-r--r--crypto/ec/ec_mult.c4
-rw-r--r--crypto/ec/ec_oct.c2
-rw-r--r--crypto/ec/ec_pmeth.c4
-rw-r--r--crypto/ec/ec_print.c6
-rw-r--r--crypto/ec/ecdh_kdf.c2
-rw-r--r--crypto/ec/ecdh_ossl.c2
-rw-r--r--crypto/ec/ecdsa_ossl.c6
-rw-r--r--crypto/ec/ecdsa_sign.c2
-rw-r--r--crypto/ec/ecdsa_vrf.c8
-rw-r--r--crypto/ec/ecp_mont.c2
-rw-r--r--crypto/ec/ecp_nist.c2
-rw-r--r--crypto/ec/ecp_nistp224.c39
-rw-r--r--crypto/ec/ecp_nistp256.c30
-rw-r--r--crypto/ec/ecp_nistp521.c24
-rw-r--r--crypto/ec/ecp_nistputil.c2
-rw-r--r--crypto/ec/ecp_nistz256.c55
-rw-r--r--crypto/ec/ecp_oct.c2
-rw-r--r--crypto/ec/ecp_smpl.c2
-rw-r--r--crypto/ec/ecx_meth.c10
-rw-r--r--crypto/engine/README2
-rw-r--r--crypto/engine/eng_all.c2
-rw-r--r--crypto/engine/eng_cnf.c2
-rw-r--r--crypto/engine/eng_ctrl.c2
-rw-r--r--crypto/engine/eng_devcrypto.c2
-rw-r--r--crypto/engine/eng_dyn.c2
-rw-r--r--crypto/engine/eng_fat.c2
-rw-r--r--crypto/engine/eng_init.c2
-rw-r--r--crypto/engine/eng_lib.c2
-rw-r--r--crypto/engine/eng_list.c2
-rw-r--r--crypto/engine/eng_local.h (renamed from crypto/engine/eng_int.h)8
-rw-r--r--crypto/engine/eng_openssl.c6
-rw-r--r--crypto/engine/eng_pkey.c2
-rw-r--r--crypto/engine/eng_rdrand.c2
-rw-r--r--crypto/engine/eng_table.c6
-rw-r--r--crypto/engine/tb_asnmth.c7
-rw-r--r--crypto/engine/tb_cipher.c2
-rw-r--r--crypto/engine/tb_dh.c2
-rw-r--r--crypto/engine/tb_digest.c2
-rw-r--r--crypto/engine/tb_dsa.c2
-rw-r--r--crypto/engine/tb_eckey.c2
-rw-r--r--crypto/engine/tb_pkmeth.c2
-rw-r--r--crypto/engine/tb_rand.c2
-rw-r--r--crypto/engine/tb_rsa.c2
-rw-r--r--crypto/err/err.c8
-rw-r--r--crypto/err/err_all.c2
-rw-r--r--crypto/err/openssl.txt7
-rw-r--r--crypto/evp/bio_md.c4
-rw-r--r--crypto/evp/bio_ok.c2
-rw-r--r--crypto/evp/c_allc.c2
-rw-r--r--crypto/evp/c_alld.c2
-rw-r--r--crypto/evp/cmeth_lib.c4
-rw-r--r--crypto/evp/digest.c4
-rw-r--r--crypto/evp/e_aes.c14
-rw-r--r--crypto/evp/e_aes_cbc_hmac_sha1.c8
-rw-r--r--crypto/evp/e_aes_cbc_hmac_sha256.c10
-rw-r--r--crypto/evp/e_aria.c15
-rw-r--r--crypto/evp/e_bf.c2
-rw-r--r--crypto/evp/e_camellia.c4
-rw-r--r--crypto/evp/e_cast.c2
-rw-r--r--crypto/evp/e_chacha20_poly1305.c8
-rw-r--r--crypto/evp/e_des.c2
-rw-r--r--crypto/evp/e_des3.c4
-rw-r--r--crypto/evp/e_idea.c2
-rw-r--r--crypto/evp/e_null.c2
-rw-r--r--crypto/evp/e_rc2.c2
-rw-r--r--crypto/evp/e_rc4.c2
-rw-r--r--crypto/evp/e_rc4_hmac_md5.c2
-rw-r--r--crypto/evp/e_rc5.c4
-rw-r--r--crypto/evp/e_seed.c2
-rw-r--r--crypto/evp/e_sm4.c4
-rw-r--r--crypto/evp/e_xcbc_d.c2
-rw-r--r--crypto/evp/encode.c4
-rw-r--r--crypto/evp/evp_enc.c35
-rw-r--r--crypto/evp/evp_err.c3
-rw-r--r--crypto/evp/evp_lib.c4
-rw-r--r--crypto/evp/evp_local.h (renamed from crypto/evp/evp_locl.h)0
-rw-r--r--crypto/evp/evp_pbe.c2
-rw-r--r--crypto/evp/evp_pkey.c6
-rw-r--r--crypto/evp/m_md2.c2
-rw-r--r--crypto/evp/m_md4.c2
-rw-r--r--crypto/evp/m_md5.c2
-rw-r--r--crypto/evp/m_md5_sha1.c2
-rw-r--r--crypto/evp/m_mdc2.c2
-rw-r--r--crypto/evp/m_null.c2
-rw-r--r--crypto/evp/m_ripemd.c2
-rw-r--r--crypto/evp/m_sha1.c4
-rw-r--r--crypto/evp/m_sha3.c4
-rw-r--r--crypto/evp/m_sigver.c4
-rw-r--r--crypto/evp/m_wp.c2
-rw-r--r--crypto/evp/names.c4
-rw-r--r--crypto/evp/p5_crpt.c26
-rw-r--r--crypto/evp/p5_crpt2.c2
-rw-r--r--crypto/evp/p_lib.c12
-rw-r--r--crypto/evp/p_sign.c2
-rw-r--r--crypto/evp/p_verify.c2
-rw-r--r--crypto/evp/pmeth_fn.c2
-rw-r--r--crypto/evp/pmeth_gn.c6
-rw-r--r--crypto/evp/pmeth_lib.c36
-rw-r--r--crypto/ex_data.c2
-rw-r--r--crypto/hmac/hm_ameth.c4
-rw-r--r--crypto/hmac/hm_pmeth.c2
-rw-r--r--crypto/hmac/hmac.c44
-rw-r--r--crypto/hmac/hmac_local.h (renamed from crypto/hmac/hmac_lcl.h)8
-rw-r--r--crypto/idea/i_cbc.c2
-rw-r--r--crypto/idea/i_cfb64.c2
-rw-r--r--crypto/idea/i_ecb.c2
-rw-r--r--crypto/idea/i_ofb64.c2
-rw-r--r--crypto/idea/i_skey.c2
-rw-r--r--crypto/idea/idea_local.h (renamed from crypto/idea/idea_lcl.h)0
-rw-r--r--crypto/include/internal/__DECC_INCLUDE_EPILOGUE.H16
-rw-r--r--crypto/include/internal/__DECC_INCLUDE_PROLOGUE.H20
-rw-r--r--crypto/include/internal/aria.h50
-rw-r--r--crypto/include/internal/asn1_int.h113
-rw-r--r--crypto/include/internal/async.h15
-rw-r--r--crypto/include/internal/bn_conf.h.in27
-rw-r--r--crypto/include/internal/bn_dh.h24
-rw-r--r--crypto/include/internal/bn_int.h90
-rw-r--r--crypto/include/internal/bn_srp.h32
-rw-r--r--crypto/include/internal/chacha.h42
-rw-r--r--crypto/include/internal/cryptlib_int.h35
-rw-r--r--crypto/include/internal/ctype.h82
-rw-r--r--crypto/include/internal/dso_conf.h.in31
-rw-r--r--crypto/include/internal/ec_int.h53
-rw-r--r--crypto/include/internal/engine.h20
-rw-r--r--crypto/include/internal/err_int.h19
-rw-r--r--crypto/include/internal/evp_int.h442
-rw-r--r--crypto/include/internal/lhash.h15
-rw-r--r--crypto/include/internal/md32_common.h256
-rw-r--r--crypto/include/internal/objects.h12
-rw-r--r--crypto/include/internal/poly1305.h21
-rw-r--r--crypto/include/internal/rand_int.h134
-rw-r--r--crypto/include/internal/sha.h19
-rw-r--r--crypto/include/internal/siphash.h25
-rw-r--r--crypto/include/internal/sm2.h78
-rw-r--r--crypto/include/internal/sm2err.h65
-rw-r--r--crypto/include/internal/sm3.h39
-rw-r--r--crypto/include/internal/sm4.h37
-rw-r--r--crypto/include/internal/store.h10
-rw-r--r--crypto/include/internal/store_int.h26
-rw-r--r--crypto/include/internal/x509_int.h286
-rw-r--r--crypto/init.c18
-rw-r--r--crypto/kdf/hkdf.c2
-rw-r--r--crypto/kdf/scrypt.c2
-rw-r--r--crypto/kdf/tls1_prf.c2
-rw-r--r--crypto/lhash/lh_stats.c2
-rw-r--r--crypto/lhash/lhash.c6
-rw-r--r--crypto/lhash/lhash_local.h (renamed from crypto/lhash/lhash_lcl.h)0
-rw-r--r--crypto/md4/md4_dgst.c4
-rw-r--r--crypto/md4/md4_local.h (renamed from crypto/md4/md4_locl.h)4
-rw-r--r--crypto/md5/asm/md5-586.pl4
-rwxr-xr-xcrypto/md5/asm/md5-sparcv9.pl4
-rwxr-xr-xcrypto/md5/asm/md5-x86_64.pl4
-rw-r--r--crypto/md5/md5_dgst.c4
-rw-r--r--crypto/md5/md5_local.h (renamed from crypto/md5/md5_locl.h)4
-rw-r--r--crypto/mem.c2
-rw-r--r--crypto/mips_arch.h4
-rwxr-xr-xcrypto/modes/asm/aesni-gcm-x86_64.pl14
-rwxr-xr-xcrypto/modes/asm/ghash-armv4.pl4
-rwxr-xr-xcrypto/modes/asm/ghash-c64xplus.pl4
-rwxr-xr-xcrypto/modes/asm/ghash-ia64.pl4
-rwxr-xr-xcrypto/modes/asm/ghash-parisc.pl4
-rwxr-xr-xcrypto/modes/asm/ghash-s390x.pl4
-rwxr-xr-xcrypto/modes/asm/ghash-sparcv9.pl4
-rwxr-xr-xcrypto/modes/asm/ghash-x86.pl4
-rwxr-xr-xcrypto/modes/asm/ghash-x86_64.pl6
-rwxr-xr-xcrypto/modes/asm/ghashp8-ppc.pl4
-rwxr-xr-xcrypto/modes/asm/ghashv8-armx.pl4
-rw-r--r--crypto/modes/cbc128.c2
-rw-r--r--crypto/modes/ccm128.c2
-rw-r--r--crypto/modes/cfb128.c2
-rw-r--r--crypto/modes/ctr128.c2
-rw-r--r--crypto/modes/cts128.c2
-rw-r--r--crypto/modes/gcm128.c2
-rw-r--r--crypto/modes/modes_local.h (renamed from crypto/modes/modes_lcl.h)0
-rw-r--r--crypto/modes/ocb128.c2
-rw-r--r--crypto/modes/ofb128.c2
-rw-r--r--crypto/modes/xts128.c2
-rw-r--r--crypto/objects/o_names.c4
-rw-r--r--crypto/objects/obj_dat.c8
-rw-r--r--crypto/objects/obj_dat.h10
-rw-r--r--crypto/objects/obj_lib.c2
-rw-r--r--crypto/objects/obj_local.h (renamed from crypto/objects/obj_lcl.h)0
-rw-r--r--crypto/objects/obj_xref.h2
-rw-r--r--crypto/objects/objects.txt4
-rw-r--r--crypto/ocsp/ocsp_asn.c2
-rwxr-xr-xcrypto/ocsp/ocsp_cl.c2
-rwxr-xr-xcrypto/ocsp/ocsp_ext.c2
-rw-r--r--crypto/ocsp/ocsp_ht.c2
-rwxr-xr-xcrypto/ocsp/ocsp_lib.c2
-rw-r--r--crypto/ocsp/ocsp_local.h (renamed from crypto/ocsp/ocsp_lcl.h)0
-rw-r--r--crypto/ocsp/ocsp_prn.c2
-rwxr-xr-xcrypto/ocsp/ocsp_srv.c2
-rw-r--r--crypto/ocsp/ocsp_vfy.c2
-rw-r--r--crypto/ocsp/v3_ocsp.c2
-rwxr-xr-xcrypto/pariscid.pl4
-rw-r--r--crypto/pem/pem_all.c11
-rw-r--r--crypto/pem/pem_lib.c4
-rw-r--r--crypto/pem/pem_pkey.c4
-rw-r--r--crypto/pem/pvkfmt.c4
-rw-r--r--crypto/perlasm/README2
-rwxr-xr-xcrypto/perlasm/arm-xlate.pl4
-rwxr-xr-xcrypto/perlasm/ppc-xlate.pl4
-rwxr-xr-xcrypto/perlasm/x86_64-xlate.pl4
-rw-r--r--crypto/pkcs12/p12_add.c2
-rw-r--r--crypto/pkcs12/p12_asn.c2
-rw-r--r--crypto/pkcs12/p12_attr.c2
-rw-r--r--crypto/pkcs12/p12_crt.c2
-rw-r--r--crypto/pkcs12/p12_init.c2
-rw-r--r--crypto/pkcs12/p12_local.h (renamed from crypto/pkcs12/p12_lcl.h)0
-rw-r--r--crypto/pkcs12/p12_mutl.c2
-rw-r--r--crypto/pkcs12/p12_npas.c2
-rw-r--r--crypto/pkcs12/p12_p8e.c2
-rw-r--r--crypto/pkcs12/p12_sbag.c2
-rw-r--r--crypto/pkcs7/pk7_lib.c4
-rwxr-xr-xcrypto/poly1305/asm/poly1305-armv4.pl4
-rwxr-xr-xcrypto/poly1305/asm/poly1305-armv8.pl4
-rwxr-xr-xcrypto/poly1305/asm/poly1305-mips.pl4
-rwxr-xr-xcrypto/poly1305/asm/poly1305-ppc.pl4
-rwxr-xr-xcrypto/poly1305/asm/poly1305-ppcfp.pl4
-rwxr-xr-xcrypto/poly1305/asm/poly1305-s390x.pl4
-rwxr-xr-xcrypto/poly1305/asm/poly1305-sparcv9.pl4
-rwxr-xr-xcrypto/poly1305/asm/poly1305-x86.pl6
-rwxr-xr-xcrypto/poly1305/asm/poly1305-x86_64.pl30
-rw-r--r--crypto/poly1305/poly1305.c4
-rw-r--r--crypto/poly1305/poly1305_ameth.c6
-rw-r--r--crypto/poly1305/poly1305_pmeth.c4
-rw-r--r--crypto/ppc_arch.h4
-rw-r--r--crypto/ppccap.c4
-rwxr-xr-xcrypto/ppccpuid.pl4
-rw-r--r--crypto/rand/drbg_ctr.c2
-rw-r--r--crypto/rand/drbg_lib.c10
-rw-r--r--crypto/rand/rand_err.c5
-rw-r--r--crypto/rand/rand_lib.c32
-rw-r--r--[-rwxr-xr-x]crypto/rand/rand_local.h (renamed from crypto/rand/rand_lcl.h)8
-rw-r--r--crypto/rand/rand_unix.c64
-rw-r--r--crypto/rc2/rc2_cbc.c2
-rw-r--r--crypto/rc2/rc2_ecb.c2
-rw-r--r--crypto/rc2/rc2_local.h (renamed from crypto/rc2/rc2_locl.h)0
-rw-r--r--crypto/rc2/rc2_skey.c2
-rw-r--r--crypto/rc2/rc2cfb64.c2
-rw-r--r--crypto/rc2/rc2ofb64.c2
-rw-r--r--crypto/rc4/asm/rc4-586.pl4
-rwxr-xr-xcrypto/rc4/asm/rc4-c64xplus.pl4
-rwxr-xr-xcrypto/rc4/asm/rc4-md5-x86_64.pl6
-rwxr-xr-xcrypto/rc4/asm/rc4-parisc.pl4
-rwxr-xr-xcrypto/rc4/asm/rc4-s390x.pl12
-rwxr-xr-xcrypto/rc4/asm/rc4-x86_64.pl13
-rw-r--r--crypto/rc4/rc4_enc.c2
-rw-r--r--crypto/rc4/rc4_local.h (renamed from crypto/rc4/rc4_locl.h)4
-rw-r--r--crypto/rc4/rc4_skey.c2
-rw-r--r--crypto/rc5/asm/rc5-586.pl4
-rw-r--r--crypto/rc5/rc5_ecb.c2
-rw-r--r--crypto/rc5/rc5_enc.c2
-rw-r--r--crypto/rc5/rc5_local.h (renamed from crypto/rc5/rc5_locl.h)0
-rw-r--r--crypto/rc5/rc5_skey.c2
-rw-r--r--crypto/rc5/rc5cfb64.c2
-rw-r--r--crypto/rc5/rc5ofb64.c2
-rw-r--r--crypto/ripemd/asm/rmd-586.pl4
-rw-r--r--crypto/ripemd/rmd_dgst.c4
-rw-r--r--crypto/ripemd/rmd_local.h (renamed from crypto/ripemd/rmd_locl.h)4
-rw-r--r--crypto/rsa/rsa_ameth.c6
-rw-r--r--crypto/rsa/rsa_asn1.c2
-rw-r--r--crypto/rsa/rsa_chk.c2
-rw-r--r--crypto/rsa/rsa_crpt.c4
-rw-r--r--crypto/rsa/rsa_gen.c2
-rw-r--r--crypto/rsa/rsa_lib.c11
-rw-r--r--crypto/rsa/rsa_local.h (renamed from crypto/rsa/rsa_locl.h)0
-rw-r--r--crypto/rsa/rsa_meth.c2
-rw-r--r--crypto/rsa/rsa_mp.c2
-rw-r--r--crypto/rsa/rsa_oaep.c4
-rw-r--r--crypto/rsa/rsa_ossl.c6
-rw-r--r--crypto/rsa/rsa_pk1.c24
-rw-r--r--crypto/rsa/rsa_pmeth.c6
-rw-r--r--crypto/rsa/rsa_pss.c2
-rw-r--r--crypto/rsa/rsa_sign.c4
-rw-r--r--crypto/rsa/rsa_ssl.c22
-rw-r--r--crypto/rsa/rsa_x931g.c2
-rw-r--r--crypto/s390x_arch.h4
-rwxr-xr-xcrypto/s390xcpuid.pl4
-rw-r--r--crypto/seed/seed.c2
-rw-r--r--crypto/seed/seed_local.h (renamed from crypto/seed/seed_locl.h)6
-rwxr-xr-xcrypto/sha/asm/keccak1600-armv4.pl4
-rwxr-xr-xcrypto/sha/asm/keccak1600-armv8.pl4
-rwxr-xr-xcrypto/sha/asm/keccak1600-avx2.pl4
-rwxr-xr-xcrypto/sha/asm/keccak1600-avx512.pl4
-rwxr-xr-xcrypto/sha/asm/keccak1600-avx512vl.pl4
-rwxr-xr-xcrypto/sha/asm/keccak1600-c64x.pl4
-rwxr-xr-xcrypto/sha/asm/keccak1600-mmx.pl6
-rwxr-xr-xcrypto/sha/asm/keccak1600-ppc64.pl4
-rwxr-xr-xcrypto/sha/asm/keccak1600-s390x.pl4
-rwxr-xr-xcrypto/sha/asm/keccak1600-x86_64.pl8
-rwxr-xr-xcrypto/sha/asm/keccak1600p8-ppc.pl4
-rw-r--r--crypto/sha/asm/sha1-586.pl6
-rwxr-xr-xcrypto/sha/asm/sha1-armv4-large.pl4
-rwxr-xr-xcrypto/sha/asm/sha1-armv8.pl4
-rwxr-xr-xcrypto/sha/asm/sha1-c64xplus.pl4
-rwxr-xr-xcrypto/sha/asm/sha1-mb-x86_64.pl6
-rwxr-xr-xcrypto/sha/asm/sha1-mips.pl4
-rwxr-xr-xcrypto/sha/asm/sha1-parisc.pl4
-rwxr-xr-xcrypto/sha/asm/sha1-ppc.pl4
-rwxr-xr-xcrypto/sha/asm/sha1-s390x.pl4
-rwxr-xr-xcrypto/sha/asm/sha1-sparcv9.pl4
-rwxr-xr-xcrypto/sha/asm/sha1-sparcv9a.pl4
-rwxr-xr-xcrypto/sha/asm/sha1-thumb.pl4
-rwxr-xr-xcrypto/sha/asm/sha1-x86_64.pl8
-rwxr-xr-xcrypto/sha/asm/sha256-586.pl6
-rwxr-xr-xcrypto/sha/asm/sha256-armv4.pl4
-rwxr-xr-xcrypto/sha/asm/sha256-c64xplus.pl4
-rwxr-xr-xcrypto/sha/asm/sha256-mb-x86_64.pl6
-rwxr-xr-xcrypto/sha/asm/sha512-586.pl4
-rwxr-xr-xcrypto/sha/asm/sha512-armv4.pl4
-rwxr-xr-xcrypto/sha/asm/sha512-armv8.pl4
-rwxr-xr-xcrypto/sha/asm/sha512-c64xplus.pl4
-rwxr-xr-xcrypto/sha/asm/sha512-mips.pl4
-rwxr-xr-xcrypto/sha/asm/sha512-parisc.pl4
-rwxr-xr-xcrypto/sha/asm/sha512-ppc.pl4
-rwxr-xr-xcrypto/sha/asm/sha512-s390x.pl4
-rwxr-xr-xcrypto/sha/asm/sha512-sparcv9.pl4
-rwxr-xr-xcrypto/sha/asm/sha512-x86_64.pl86
-rwxr-xr-xcrypto/sha/asm/sha512p8-ppc.pl4
-rw-r--r--crypto/sha/sha1dgst.c2
-rw-r--r--crypto/sha/sha256.c2
-rw-r--r--crypto/sha/sha512.c2
-rw-r--r--crypto/sha/sha_local.h (renamed from crypto/sha/sha_locl.h)2
-rw-r--r--crypto/siphash/siphash.c2
-rw-r--r--crypto/siphash/siphash_ameth.c6
-rw-r--r--crypto/siphash/siphash_pmeth.c4
-rw-r--r--crypto/sm2/sm2_crypt.c6
-rw-r--r--crypto/sm2/sm2_err.c2
-rw-r--r--crypto/sm2/sm2_pmeth.c10
-rw-r--r--crypto/sm2/sm2_sign.c6
-rw-r--r--crypto/sm3/m_sm3.c4
-rw-r--r--crypto/sm3/sm3.c2
-rw-r--r--crypto/sm3/sm3_local.h (renamed from crypto/sm3/sm3_locl.h)4
-rw-r--r--crypto/sm4/sm4.c2
-rw-r--r--crypto/sparc_arch.h6
-rw-r--r--crypto/sparcv9cap.c4
-rw-r--r--crypto/srp/srp_lib.c2
-rw-r--r--crypto/srp/srp_vfy.c2
-rw-r--r--crypto/store/loader_file.c8
-rw-r--r--crypto/store/store_init.c4
-rw-r--r--crypto/store/store_lib.c4
-rw-r--r--crypto/store/store_local.h (renamed from crypto/store/store_locl.h)0
-rw-r--r--crypto/store/store_register.c4
-rw-r--r--crypto/threads_none.c2
-rw-r--r--crypto/ts/ts_asn1.c2
-rw-r--r--crypto/ts/ts_lib.c2
-rw-r--r--crypto/ts/ts_local.h (renamed from crypto/ts/ts_lcl.h)0
-rw-r--r--crypto/ts/ts_req_print.c2
-rw-r--r--crypto/ts/ts_req_utils.c2
-rw-r--r--crypto/ts/ts_rsp_print.c2
-rw-r--r--crypto/ts/ts_rsp_sign.c2
-rw-r--r--crypto/ts/ts_rsp_utils.c2
-rw-r--r--crypto/ts/ts_rsp_verify.c2
-rw-r--r--crypto/ts/ts_verify_ctx.c2
-rw-r--r--crypto/ui/ui_lib.c2
-rw-r--r--crypto/ui/ui_local.h (renamed from crypto/ui/ui_locl.h)4
-rw-r--r--crypto/ui/ui_null.c2
-rw-r--r--crypto/ui/ui_openssl.c2
-rw-r--r--crypto/ui/ui_util.c5
-rwxr-xr-xcrypto/whrlpool/asm/wp-mmx.pl10
-rwxr-xr-xcrypto/whrlpool/asm/wp-x86_64.pl4
-rw-r--r--crypto/whrlpool/wp_block.c2
-rw-r--r--crypto/whrlpool/wp_dgst.c2
-rw-r--r--crypto/whrlpool/wp_local.h (renamed from crypto/whrlpool/wp_locl.h)0
-rw-r--r--crypto/x509/by_dir.c4
-rw-r--r--crypto/x509/by_file.c2
-rw-r--r--crypto/x509/t_x509.c2
-rw-r--r--crypto/x509/x509_att.c2
-rw-r--r--crypto/x509/x509_cmp.c2
-rw-r--r--crypto/x509/x509_ext.c2
-rw-r--r--crypto/x509/x509_local.h (renamed from crypto/x509/x509_lcl.h)0
-rw-r--r--crypto/x509/x509_lu.c4
-rw-r--r--crypto/x509/x509_meth.c2
-rw-r--r--crypto/x509/x509_obj.c2
-rw-r--r--crypto/x509/x509_r2x.c2
-rw-r--r--crypto/x509/x509_req.c2
-rw-r--r--crypto/x509/x509_set.c6
-rw-r--r--crypto/x509/x509_trs.c2
-rw-r--r--crypto/x509/x509_v3.c2
-rw-r--r--crypto/x509/x509_vfy.c6
-rw-r--r--crypto/x509/x509_vpm.c4
-rw-r--r--crypto/x509/x509cset.c2
-rw-r--r--crypto/x509/x509name.c2
-rw-r--r--crypto/x509/x509rset.c2
-rw-r--r--crypto/x509/x_all.c2
-rw-r--r--crypto/x509/x_attrib.c2
-rw-r--r--crypto/x509/x_crl.c4
-rw-r--r--crypto/x509/x_exten.c2
-rw-r--r--crypto/x509/x_name.c8
-rw-r--r--crypto/x509/x_pubkey.c6
-rw-r--r--crypto/x509/x_req.c2
-rw-r--r--crypto/x509/x_x509.c2
-rw-r--r--crypto/x509/x_x509a.c2
-rw-r--r--crypto/x509v3/pcy_cache.c4
-rw-r--r--crypto/x509v3/pcy_data.c2
-rw-r--r--crypto/x509v3/pcy_lib.c2
-rw-r--r--crypto/x509v3/pcy_local.h (renamed from crypto/x509v3/pcy_int.h)0
-rw-r--r--crypto/x509v3/pcy_map.c4
-rw-r--r--crypto/x509v3/pcy_node.c2
-rw-r--r--crypto/x509v3/pcy_tree.c2
-rw-r--r--crypto/x509v3/v3_addr.c2
-rw-r--r--crypto/x509v3/v3_admis.h4
-rw-r--r--crypto/x509v3/v3_alt.c17
-rw-r--r--crypto/x509v3/v3_asid.c28
-rw-r--r--crypto/x509v3/v3_conf.c4
-rw-r--r--crypto/x509v3/v3_cpols.c2
-rw-r--r--crypto/x509v3/v3_crld.c2
-rw-r--r--crypto/x509v3/v3_ncons.c4
-rw-r--r--crypto/x509v3/v3_purp.c2
-rw-r--r--crypto/x509v3/v3_skey.c2
-rw-r--r--crypto/x509v3/v3_utl.c4
-rw-r--r--crypto/x86_64cpuid.pl20
-rw-r--r--crypto/x86cpuid.pl4
730 files changed, 2328 insertions, 3949 deletions
diff --git a/crypto/LPdir_unix.c b/crypto/LPdir_unix.c
index b1022895c855..bbbec0aee138 100644
--- a/crypto/LPdir_unix.c
+++ b/crypto/LPdir_unix.c
@@ -131,9 +131,8 @@ const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
return 0;
}
- strncpy((*ctx)->entry_name, direntry->d_name,
- sizeof((*ctx)->entry_name) - 1);
- (*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
+ OPENSSL_strlcpy((*ctx)->entry_name, direntry->d_name,
+ sizeof((*ctx)->entry_name));
#ifdef __VMS
if ((*ctx)->expect_file_generations) {
char *p = (*ctx)->entry_name + strlen((*ctx)->entry_name);
diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c
index f1f11fd8de7b..e3e688f528a5 100644
--- a/crypto/aes/aes_core.c
+++ b/crypto/aes/aes_core.c
@@ -41,7 +41,7 @@
#include <stdlib.h>
#include <openssl/crypto.h>
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include "aes_local.h"
#ifndef AES_ASM
/*-
diff --git a/crypto/aes/aes_ecb.c b/crypto/aes/aes_ecb.c
index 29bfc1ad66f7..4fa360ca8b8d 100644
--- a/crypto/aes/aes_ecb.c
+++ b/crypto/aes/aes_ecb.c
@@ -10,7 +10,7 @@
#include <assert.h>
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include "aes_local.h"
void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key, const int enc)
diff --git a/crypto/aes/aes_ige.c b/crypto/aes/aes_ige.c
index 75f796cf3b8f..dce4ef11be4f 100644
--- a/crypto/aes/aes_ige.c
+++ b/crypto/aes/aes_ige.c
@@ -10,7 +10,7 @@
#include "internal/cryptlib.h"
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include "aes_local.h"
#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
typedef struct {
diff --git a/crypto/aes/aes_locl.h b/crypto/aes/aes_local.h
index adee29df8d91..cc8456861d92 100644
--- a/crypto/aes/aes_locl.h
+++ b/crypto/aes/aes_local.h
@@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef HEADER_AES_LOCL_H
-# define HEADER_AES_LOCL_H
+#ifndef OSSL_CRYPTO_AES_LOCAL_H
+# define OSSL_CRYPTO_AES_LOCAL_H
# include <openssl/e_os2.h>
# include <stdio.h>
@@ -39,4 +39,4 @@ typedef unsigned char u8;
/* This controls loop-unrolling in aes_core.c */
# undef FULL_UNROLL
-#endif /* !HEADER_AES_LOCL_H */
+#endif /* !OSSL_CRYPTO_AES_LOCAL_H */
diff --git a/crypto/aes/aes_misc.c b/crypto/aes/aes_misc.c
index 7403c84f82d2..e0edc72ba71c 100644
--- a/crypto/aes/aes_misc.c
+++ b/crypto/aes/aes_misc.c
@@ -9,7 +9,7 @@
#include <openssl/opensslv.h>
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include "aes_local.h"
const char *AES_options(void)
{
diff --git a/crypto/aes/aes_x86core.c b/crypto/aes/aes_x86core.c
index 1b660d716d6c..50b53abc1219 100644
--- a/crypto/aes/aes_x86core.c
+++ b/crypto/aes/aes_x86core.c
@@ -46,7 +46,7 @@
#include <stdlib.h>
#include <openssl/aes.h>
-#include "aes_locl.h"
+#include "aes_local.h"
/*
* These two parameters control which table, 256-byte or 2KB, is
diff --git a/crypto/aes/asm/aes-armv4.pl b/crypto/aes/asm/aes-armv4.pl
index 998158998e90..1112eef50c0b 100755
--- a/crypto/aes/asm/aes-armv4.pl
+++ b/crypto/aes/asm/aes-armv4.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1242,4 +1242,4 @@ while(<SELF>) {
close SELF;
print $code;
-close STDOUT; # enforce flush
+close STDOUT or die "error closing STDOUT: $!"; # enforce flush
diff --git a/crypto/aes/asm/aes-c64xplus.pl b/crypto/aes/asm/aes-c64xplus.pl
index 19d2cc176fb2..cad3fcd06e36 100755
--- a/crypto/aes/asm/aes-c64xplus.pl
+++ b/crypto/aes/asm/aes-c64xplus.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1379,4 +1379,4 @@ AES_Td4:
___
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aes-mips.pl b/crypto/aes/asm/aes-mips.pl
index 716c3356ead9..b5601e90ea3f 100755
--- a/crypto/aes/asm/aes-mips.pl
+++ b/crypto/aes/asm/aes-mips.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -2167,4 +2167,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aes-parisc.pl b/crypto/aes/asm/aes-parisc.pl
index e817c757f8c2..5b07fac3d004 100755
--- a/crypto/aes/asm/aes-parisc.pl
+++ b/crypto/aes/asm/aes-parisc.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1035,4 +1035,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aes-ppc.pl b/crypto/aes/asm/aes-ppc.pl
index ca69df4c3e95..bb4ee84ae337 100755
--- a/crypto/aes/asm/aes-ppc.pl
+++ b/crypto/aes/asm/aes-ppc.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1456,4 +1456,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aes-s390x.pl b/crypto/aes/asm/aes-s390x.pl
index 815fde8fcd7e..4cb8f4331742 100755
--- a/crypto/aes/asm/aes-s390x.pl
+++ b/crypto/aes/asm/aes-s390x.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1987,7 +1987,7 @@ $code.=<<___;
.Lxts_enc_done:
stg $sp,$tweak+0($sp) # wipe tweak
- stg $sp,$twesk+8($sp)
+ stg $sp,$tweak+8($sp)
lm${g} %r6,$ra,6*$SIZE_T($sp)
br $ra
.size AES_xts_encrypt,.-AES_xts_encrypt
@@ -2267,7 +2267,7 @@ $code.=<<___;
stg $sp,$tweak-16+8($sp)
.Lxts_dec_done:
stg $sp,$tweak+0($sp) # wipe tweak
- stg $sp,$twesk+8($sp)
+ stg $sp,$tweak+8($sp)
lm${g} %r6,$ra,6*$SIZE_T($sp)
br $ra
.size AES_xts_decrypt,.-AES_xts_decrypt
@@ -2279,4 +2279,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
-close STDOUT; # force flush
+close STDOUT or die "error closing STDOUT: $!"; # force flush
diff --git a/crypto/aes/asm/aes-sparcv9.pl b/crypto/aes/asm/aes-sparcv9.pl
index 40d1f94ccd72..1b37a9203c27 100755
--- a/crypto/aes/asm/aes-sparcv9.pl
+++ b/crypto/aes/asm/aes-sparcv9.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1189,4 +1189,4 @@ ___
$code =~ s/fmovs.*$//gm;
print $code;
-close STDOUT; # ensure flush
+close STDOUT or die "error closing STDOUT: $!"; # ensure flush
diff --git a/crypto/aes/asm/aesfx-sparcv9.pl b/crypto/aes/asm/aesfx-sparcv9.pl
index 9ddf0b4b00ec..1678c4f786f2 100755
--- a/crypto/aes/asm/aesfx-sparcv9.pl
+++ b/crypto/aes/asm/aesfx-sparcv9.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1267,4 +1267,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aesni-mb-x86_64.pl b/crypto/aes/asm/aesni-mb-x86_64.pl
index 1f356d2d3fbb..be2434f12041 100755
--- a/crypto/aes/asm/aesni-mb-x86_64.pl
+++ b/crypto/aes/asm/aesni-mb-x86_64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}
@@ -1471,4 +1471,4 @@ $code =~ s/\`([^\`]*)\`/eval($1)/gem;
$code =~ s/\b(aes.*%xmm[0-9]+).*$/aesni($1)/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aesni-sha1-x86_64.pl b/crypto/aes/asm/aesni-sha1-x86_64.pl
index b01a4c55c86a..42fe5d469ea6 100755
--- a/crypto/aes/asm/aesni-sha1-x86_64.pl
+++ b/crypto/aes/asm/aesni-sha1-x86_64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -108,7 +108,7 @@ $avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
$avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
`ml64 2>&1` =~ /Version ([0-9]+)\./ &&
$1>=10);
-$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/ && $2>=3.0);
+$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/ && $2>=3.0);
$shaext=1; ### set to zero if compiling for 1.0.1
@@ -133,6 +133,7 @@ $code.=<<___;
.type aesni_cbc_sha1_enc,\@abi-omnipotent
.align 32
aesni_cbc_sha1_enc:
+.cfi_startproc
# caller should check for SSSE3 and AES-NI bits
mov OPENSSL_ia32cap_P+0(%rip),%r10d
mov OPENSSL_ia32cap_P+4(%rip),%r11
@@ -151,6 +152,7 @@ ___
$code.=<<___;
jmp aesni_cbc_sha1_enc_ssse3
ret
+.cfi_endproc
.size aesni_cbc_sha1_enc,.-aesni_cbc_sha1_enc
___
@@ -840,6 +842,7 @@ $code.=<<___;
.type aesni256_cbc_sha1_dec,\@abi-omnipotent
.align 32
aesni256_cbc_sha1_dec:
+.cfi_startproc
# caller should check for SSSE3 and AES-NI bits
mov OPENSSL_ia32cap_P+0(%rip),%r10d
mov OPENSSL_ia32cap_P+4(%rip),%r11d
@@ -854,6 +857,7 @@ ___
$code.=<<___;
jmp aesni256_cbc_sha1_dec_ssse3
ret
+.cfi_endproc
.size aesni256_cbc_sha1_dec,.-aesni256_cbc_sha1_dec
.type aesni256_cbc_sha1_dec_ssse3,\@function,6
@@ -1760,6 +1764,7 @@ $code.=<<___;
.type aesni_cbc_sha1_enc_shaext,\@function,6
.align 32
aesni_cbc_sha1_enc_shaext:
+.cfi_startproc
mov `($win64?56:8)`(%rsp),$inp # load 7th argument
___
$code.=<<___ if ($win64);
@@ -1911,6 +1916,7 @@ $code.=<<___ if ($win64);
___
$code.=<<___;
ret
+.cfi_endproc
.size aesni_cbc_sha1_enc_shaext,.-aesni_cbc_sha1_enc_shaext
___
}}}
@@ -2137,4 +2143,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aesni-sha256-x86_64.pl b/crypto/aes/asm/aesni-sha256-x86_64.pl
index ef460237108e..f1b144eccbdd 100755
--- a/crypto/aes/asm/aesni-sha256-x86_64.pl
+++ b/crypto/aes/asm/aesni-sha256-x86_64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -70,7 +70,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=12);
}
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}
@@ -123,6 +123,7 @@ $code=<<___;
.type $func,\@abi-omnipotent
.align 16
$func:
+.cfi_startproc
___
if ($avx) {
$code.=<<___;
@@ -162,6 +163,7 @@ $code.=<<___;
ud2
.Lprobe:
ret
+.cfi_endproc
.size $func,.-$func
.align 64
@@ -1084,7 +1086,23 @@ $code.=<<___;
vmovdqa $t0,0x00(%rsp)
xor $a1,$a1
vmovdqa $t1,0x20(%rsp)
+___
+$code.=<<___ if (!$win64);
+# temporarily use %rsi as frame pointer
+ mov $_rsp,%rsi
+.cfi_def_cfa %rsi,8
+___
+$code.=<<___;
lea -$PUSH8(%rsp),%rsp
+___
+$code.=<<___ if (!$win64);
+# the frame info is at $_rsp, but the stack is moving...
+# so a second frame pointer is saved at -8(%rsp)
+# that is in the red zone
+ mov %rsi,-8(%rsp)
+.cfi_cfa_expression %rsp-8,deref,+8
+___
+$code.=<<___;
mov $B,$a3
vmovdqa $t2,0x00(%rsp)
xor $C,$a3 # magic
@@ -1106,7 +1124,17 @@ my @X = @_;
my @insns = (&$body,&$body,&$body,&$body); # 96 instructions
my $base = "+2*$PUSH8(%rsp)";
- &lea ("%rsp","-$PUSH8(%rsp)") if (($j%2)==0);
+ if (($j%2)==0) {
+ &lea ("%rsp","-$PUSH8(%rsp)");
+$code.=<<___ if (!$win64);
+.cfi_cfa_expression %rsp+`$PUSH8-8`,deref,+8
+# copy secondary frame pointer to new location again at -8(%rsp)
+ pushq $PUSH8-8(%rsp)
+.cfi_cfa_expression %rsp,deref,+8
+ lea 8(%rsp),%rsp
+.cfi_cfa_expression %rsp-8,deref,+8
+___
+ }
foreach (Xupdate_256_AVX()) { # 29 instructions
eval;
eval(shift(@insns));
@@ -1232,26 +1260,28 @@ $code.=<<___;
jbe .Loop_avx2
lea (%rsp),$Tbl
+# temporarily use $Tbl as index to $_rsp
+# this avoids the need to save a secondary frame pointer at -8(%rsp)
+.cfi_cfa_expression $Tbl+`16*$SZ+7*8`,deref,+8
.Ldone_avx2:
- lea ($Tbl),%rsp
- mov $_ivp,$ivp
- mov $_rsp,%rsi
+ mov 16*$SZ+4*8($Tbl),$ivp
+ mov 16*$SZ+7*8($Tbl),%rsi
.cfi_def_cfa %rsi,8
vmovdqu $iv,($ivp) # output IV
vzeroall
___
$code.=<<___ if ($win64);
- movaps `$framesz+16*0`(%rsp),%xmm6
- movaps `$framesz+16*1`(%rsp),%xmm7
- movaps `$framesz+16*2`(%rsp),%xmm8
- movaps `$framesz+16*3`(%rsp),%xmm9
- movaps `$framesz+16*4`(%rsp),%xmm10
- movaps `$framesz+16*5`(%rsp),%xmm11
- movaps `$framesz+16*6`(%rsp),%xmm12
- movaps `$framesz+16*7`(%rsp),%xmm13
- movaps `$framesz+16*8`(%rsp),%xmm14
- movaps `$framesz+16*9`(%rsp),%xmm15
+ movaps `$framesz+16*0`($Tbl),%xmm6
+ movaps `$framesz+16*1`($Tbl),%xmm7
+ movaps `$framesz+16*2`($Tbl),%xmm8
+ movaps `$framesz+16*3`($Tbl),%xmm9
+ movaps `$framesz+16*4`($Tbl),%xmm10
+ movaps `$framesz+16*5`($Tbl),%xmm11
+ movaps `$framesz+16*6`($Tbl),%xmm12
+ movaps `$framesz+16*7`($Tbl),%xmm13
+ movaps `$framesz+16*8`($Tbl),%xmm14
+ movaps `$framesz+16*9`($Tbl),%xmm15
___
$code.=<<___;
mov -48(%rsi),%r15
@@ -1339,6 +1369,7 @@ $code.=<<___;
.type ${func}_shaext,\@function,6
.align 32
${func}_shaext:
+.cfi_startproc
mov `($win64?56:8)`(%rsp),$inp # load 7th argument
___
$code.=<<___ if ($win64);
@@ -1555,6 +1586,7 @@ $code.=<<___ if ($win64);
___
$code.=<<___;
ret
+.cfi_endproc
.size ${func}_shaext,.-${func}_shaext
___
}
@@ -1767,4 +1799,4 @@ sub rex {
$code =~ s/\`([^\`]*)\`/eval $1/gem;
$code =~ s/\b(sha256[^\s]*)\s+(.*)/sha256op38($1,$2)/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aesni-x86.pl b/crypto/aes/asm/aesni-x86.pl
index b351fca28e02..fe2b26542ab6 100755
--- a/crypto/aes/asm/aesni-x86.pl
+++ b/crypto/aes/asm/aesni-x86.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -3412,4 +3412,4 @@ my ($l_,$block,$i1,$i3,$i5) = ($rounds_,$key_,$rounds,$len,$out);
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aesni-x86_64.pl b/crypto/aes/asm/aesni-x86_64.pl
index b68c14da60ca..f8c2e2393438 100755
--- a/crypto/aes/asm/aesni-x86_64.pl
+++ b/crypto/aes/asm/aesni-x86_64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2009-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -59,7 +59,7 @@
# nothing one can do and the result appears optimal. CCM result is
# identical to CBC, because CBC-MAC is essentially CBC encrypt without
# saving output. CCM CTR "stays invisible," because it's neatly
-# interleaved wih CBC-MAC. This provides ~30% improvement over
+# interleaved with CBC-MAC. This provides ~30% improvement over
# "straightforward" CCM implementation with CTR and CBC-MAC performed
# disjointly. Parallelizable modes practically achieve the theoretical
# limit.
@@ -984,6 +984,7 @@ $code.=<<___;
.type aesni_ccm64_encrypt_blocks,\@function,6
.align 16
aesni_ccm64_encrypt_blocks:
+.cfi_startproc
___
$code.=<<___ if ($win64);
lea -0x58(%rsp),%rsp
@@ -1066,6 +1067,7 @@ $code.=<<___ if ($win64);
___
$code.=<<___;
ret
+.cfi_endproc
.size aesni_ccm64_encrypt_blocks,.-aesni_ccm64_encrypt_blocks
___
######################################################################
@@ -1074,6 +1076,7 @@ $code.=<<___;
.type aesni_ccm64_decrypt_blocks,\@function,6
.align 16
aesni_ccm64_decrypt_blocks:
+.cfi_startproc
___
$code.=<<___ if ($win64);
lea -0x58(%rsp),%rsp
@@ -1173,6 +1176,7 @@ $code.=<<___ if ($win64);
___
$code.=<<___;
ret
+.cfi_endproc
.size aesni_ccm64_decrypt_blocks,.-aesni_ccm64_decrypt_blocks
___
}
@@ -2339,7 +2343,7 @@ $code.=<<___;
movdqu `16*0`($inp),$inout0 # load input
movdqa $rndkey0,$twmask
movdqu `16*1`($inp),$inout1
- pxor @tweak[0],$inout0 # intput^=tweak^round[0]
+ pxor @tweak[0],$inout0 # input^=tweak^round[0]
movdqu `16*2`($inp),$inout2
pxor @tweak[1],$inout1
aesdec $rndkey1,$inout0
@@ -3031,6 +3035,7 @@ $code.=<<___;
.type __ocb_encrypt6,\@abi-omnipotent
.align 32
__ocb_encrypt6:
+.cfi_startproc
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
movdqu ($L_p,$i1),@offset[1]
movdqa @offset[0],@offset[2]
@@ -3128,11 +3133,13 @@ __ocb_encrypt6:
aesenclast @offset[4],$inout4
aesenclast @offset[5],$inout5
ret
+.cfi_endproc
.size __ocb_encrypt6,.-__ocb_encrypt6
.type __ocb_encrypt4,\@abi-omnipotent
.align 32
__ocb_encrypt4:
+.cfi_startproc
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
movdqu ($L_p,$i1),@offset[1]
movdqa @offset[0],@offset[2]
@@ -3197,11 +3204,13 @@ __ocb_encrypt4:
aesenclast @offset[2],$inout2
aesenclast @offset[3],$inout3
ret
+.cfi_endproc
.size __ocb_encrypt4,.-__ocb_encrypt4
.type __ocb_encrypt1,\@abi-omnipotent
.align 32
__ocb_encrypt1:
+.cfi_startproc
pxor @offset[5],$inout5 # offset_i
pxor $rndkey0l,$inout5 # offset_i ^ round[0]
pxor $inout0,$checksum # accumulate checksum
@@ -3232,6 +3241,7 @@ __ocb_encrypt1:
aesenclast $inout5,$inout0
ret
+.cfi_endproc
.size __ocb_encrypt1,.-__ocb_encrypt1
.globl aesni_ocb_decrypt
@@ -3513,6 +3523,7 @@ $code.=<<___;
.type __ocb_decrypt6,\@abi-omnipotent
.align 32
__ocb_decrypt6:
+.cfi_startproc
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
movdqu ($L_p,$i1),@offset[1]
movdqa @offset[0],@offset[2]
@@ -3604,11 +3615,13 @@ __ocb_decrypt6:
aesdeclast @offset[4],$inout4
aesdeclast @offset[5],$inout5
ret
+.cfi_endproc
.size __ocb_decrypt6,.-__ocb_decrypt6
.type __ocb_decrypt4,\@abi-omnipotent
.align 32
__ocb_decrypt4:
+.cfi_startproc
pxor $rndkey0l,@offset[5] # offset_i ^ round[0]
movdqu ($L_p,$i1),@offset[1]
movdqa @offset[0],@offset[2]
@@ -3669,11 +3682,13 @@ __ocb_decrypt4:
aesdeclast @offset[2],$inout2
aesdeclast @offset[3],$inout3
ret
+.cfi_endproc
.size __ocb_decrypt4,.-__ocb_decrypt4
.type __ocb_decrypt1,\@abi-omnipotent
.align 32
__ocb_decrypt1:
+.cfi_startproc
pxor @offset[5],$inout5 # offset_i
pxor $rndkey0l,$inout5 # offset_i ^ round[0]
pxor $inout5,$inout0 # input ^ round[0] ^ offset_i
@@ -3703,6 +3718,7 @@ __ocb_decrypt1:
aesdeclast $inout5,$inout0
ret
+.cfi_endproc
.size __ocb_decrypt1,.-__ocb_decrypt1
___
} }}
@@ -4637,7 +4653,6 @@ __aesni_set_encrypt_key:
add \$8,%rsp
.cfi_adjust_cfa_offset -8
ret
-.cfi_endproc
.LSEH_end_set_encrypt_key:
.align 16
@@ -4708,6 +4723,7 @@ __aesni_set_encrypt_key:
shufps \$0b10101010,%xmm1,%xmm1 # critical path
xorps %xmm1,%xmm2
ret
+.cfi_endproc
.size ${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key
.size __aesni_set_encrypt_key,.-__aesni_set_encrypt_key
___
@@ -4812,7 +4828,7 @@ ctr_xts_se_handler:
mov 56($disp),%r11 # disp->HandlerData
mov 0(%r11),%r10d # HandlerData[0]
- lea (%rsi,%r10),%r10 # prologue lable
+ lea (%rsi,%r10),%r10 # prologue label
cmp %r10,%rbx # context->Rip<prologue label
jb .Lcommon_seh_tail
@@ -4856,7 +4872,7 @@ ocb_se_handler:
mov 56($disp),%r11 # disp->HandlerData
mov 0(%r11),%r10d # HandlerData[0]
- lea (%rsi,%r10),%r10 # prologue lable
+ lea (%rsi,%r10),%r10 # prologue label
cmp %r10,%rbx # context->Rip<prologue label
jb .Lcommon_seh_tail
@@ -5138,4 +5154,4 @@ $code =~ s/\bmovbe\s+%eax,\s*([0-9]+)\(%rsp\)/movbe($1)/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aesp8-ppc.pl b/crypto/aes/asm/aesp8-ppc.pl
index c0da1b84aaa9..22a538f9e24f 100755
--- a/crypto/aes/asm/aesp8-ppc.pl
+++ b/crypto/aes/asm/aesp8-ppc.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -3804,4 +3804,4 @@ foreach(split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aest4-sparcv9.pl b/crypto/aes/asm/aest4-sparcv9.pl
index 54d0c58821a7..478c97eb6feb 100755
--- a/crypto/aes/asm/aest4-sparcv9.pl
+++ b/crypto/aes/asm/aest4-sparcv9.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -926,4 +926,4 @@ ___
&emit_assembler();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/aesv8-armx.pl b/crypto/aes/asm/aesv8-armx.pl
index eec0ed230a88..d6068dbf03f8 100755
--- a/crypto/aes/asm/aesv8-armx.pl
+++ b/crypto/aes/asm/aesv8-armx.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1008,4 +1008,4 @@ if ($flavour =~ /64/) { ######## 64-bit code
}
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/bsaes-armv7.pl b/crypto/aes/asm/bsaes-armv7.pl
index bfe825af0d92..2b9f241ce8b0 100755
--- a/crypto/aes/asm/bsaes-armv7.pl
+++ b/crypto/aes/asm/bsaes-armv7.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -2488,4 +2488,4 @@ close SELF;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/vpaes-armv8.pl b/crypto/aes/asm/vpaes-armv8.pl
index e38288af5558..7a9ffbd7d94c 100755
--- a/crypto/aes/asm/vpaes-armv8.pl
+++ b/crypto/aes/asm/vpaes-armv8.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1274,4 +1274,4 @@ ___
} }
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/vpaes-ppc.pl b/crypto/aes/asm/vpaes-ppc.pl
index 3c771a7e98b1..0260a5c9bff0 100755
--- a/crypto/aes/asm/vpaes-ppc.pl
+++ b/crypto/aes/asm/vpaes-ppc.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1591,4 +1591,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/vpaes-x86.pl b/crypto/aes/asm/vpaes-x86.pl
index 7d57edc0eb6c..fb02a413345a 100755
--- a/crypto/aes/asm/vpaes-x86.pl
+++ b/crypto/aes/asm/vpaes-x86.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -913,4 +913,4 @@ $k_dsbo=0x2c0; # decryption sbox final output
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aes/asm/vpaes-x86_64.pl b/crypto/aes/asm/vpaes-x86_64.pl
index 33d293e623d5..099a686a4d5d 100755
--- a/crypto/aes/asm/vpaes-x86_64.pl
+++ b/crypto/aes/asm/vpaes-x86_64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1238,4 +1238,4 @@ $code =~ s/\`([^\`]*)\`/eval($1)/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/aria/aria.c b/crypto/aria/aria.c
index 293bcc72bd03..ce55d5266429 100644
--- a/crypto/aria/aria.c
+++ b/crypto/aria/aria.c
@@ -19,7 +19,7 @@
*/
#include <openssl/e_os2.h>
-#include "internal/aria.h"
+#include "crypto/aria.h"
#include <assert.h>
#include <string.h>
diff --git a/crypto/arm64cpuid.pl b/crypto/arm64cpuid.pl
index 06c8add7a075..319927e6c729 100755
--- a/crypto/arm64cpuid.pl
+++ b/crypto/arm64cpuid.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -144,4 +144,4 @@ CRYPTO_memcmp:
___
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/arm_arch.h b/crypto/arm_arch.h
index f11b543df64f..8b7105571d78 100644
--- a/crypto/arm_arch.h
+++ b/crypto/arm_arch.h
@@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef __ARM_ARCH_H__
-# define __ARM_ARCH_H__
+#ifndef OSSL_CRYPTO_ARM_ARCH_H
+# define OSSL_CRYPTO_ARM_ARCH_H
# if !defined(__ARM_ARCH__)
# if defined(__CC_ARM)
diff --git a/crypto/armv4cpuid.pl b/crypto/armv4cpuid.pl
index ab007c19c3cd..d1b71f836f10 100755
--- a/crypto/armv4cpuid.pl
+++ b/crypto/armv4cpuid.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -293,4 +293,4 @@ atomic_add_spinlock:
___
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
index bffbd160a233..f462dd107368 100644
--- a/crypto/asn1/a_bitstr.c
+++ b/crypto/asn1/a_bitstr.c
@@ -11,7 +11,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
{
diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c
index a1a17901b8f8..a452b3deba08 100644
--- a/crypto/asn1/a_d2i_fp.c
+++ b/crypto/asn1/a_d2i_fp.c
@@ -13,7 +13,7 @@
#include "internal/numbers.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>
-#include "internal/asn1_int.h"
+#include "crypto/asn1.h"
#ifndef NO_OLD_ASN1
# ifndef OPENSSL_NO_STDIO
diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
index d3878d6e57fe..133bbb1581cb 100644
--- a/crypto/asn1/a_gentm.c
+++ b/crypto/asn1/a_gentm.c
@@ -15,7 +15,7 @@
#include <time.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
/* This is the primary function used to parse ASN1_GENERALIZEDTIME */
int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index 70a45cb3cc77..9c1a9f52b5e6 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -13,7 +13,7 @@
#include <limits.h>
#include <openssl/asn1.h>
#include <openssl/bn.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
{
diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c
index 949fe6c1611a..bdb697ab30c1 100644
--- a/crypto/asn1/a_mbstr.c
+++ b/crypto/asn1/a_mbstr.c
@@ -8,7 +8,7 @@
*/
#include <stdio.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
index 5e1424a806fb..d67a723c9611 100644
--- a/crypto/asn1/a_object.c
+++ b/crypto/asn1/a_object.c
@@ -9,14 +9,14 @@
#include <stdio.h>
#include <limits.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>
#include <openssl/objects.h>
#include <openssl/bn.h>
-#include "internal/asn1_int.h"
-#include "asn1_locl.h"
+#include "crypto/asn1.h"
+#include "asn1_local.h"
int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp)
{
diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c
index 8a373d9da9f6..85a631a27aa7 100644
--- a/crypto/asn1/a_print.c
+++ b/crypto/asn1/a_print.c
@@ -8,7 +8,7 @@
*/
#include <stdio.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
index 146fdb962628..72381b665551 100644
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -18,8 +18,8 @@
#include <openssl/x509.h>
#include <openssl/objects.h>
#include <openssl/buffer.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
#ifndef NO_ASN1_OLD
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index ea4dd1c5b189..4879b33785e9 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include <string.h>
#include "internal/cryptlib.h"
-#include "internal/asn1_int.h"
+#include "crypto/asn1.h"
#include <openssl/crypto.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c
index c36dd9500169..54e0de1931c2 100644
--- a/crypto/asn1/a_time.c
+++ b/crypto/asn1/a_time.c
@@ -16,10 +16,10 @@
#include <stdio.h>
#include <time.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c
index 732328e05049..4a96315df03b 100644
--- a/crypto/asn1/a_type.c
+++ b/crypto/asn1/a_type.c
@@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/objects.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
int ASN1_TYPE_get(const ASN1_TYPE *a)
{
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index b224991aa3df..0ff37b16c51f 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -11,7 +11,7 @@
#include <time.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
/* This is the primary function used to parse ASN1_UTCTIME */
int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d)
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index cdaf17c3cbc1..4b5f54234fa5 100644
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -18,8 +18,8 @@
#include <openssl/objects.h>
#include <openssl/buffer.h>
#include <openssl/evp.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
#ifndef NO_ASN1_OLD
diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c
index d7d270dbb581..5e8c3ed1d5b0 100644
--- a/crypto/asn1/ameth_lib.c
+++ b/crypto/asn1/ameth_lib.c
@@ -13,8 +13,8 @@
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/engine.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
#include "standard_methods.h"
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index 88c4b5391802..a7d32ae5e2c3 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -11,7 +11,7 @@
#include <limits.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
long max);
diff --git a/crypto/asn1/asn1_locl.h b/crypto/asn1/asn1_local.h
index cec141721b34..cec141721b34 100644
--- a/crypto/asn1/asn1_locl.h
+++ b/crypto/asn1/asn1_local.h
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index 4b60c615de76..3f10c7cb94c5 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -75,6 +75,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
int nl, hl, j, r;
ASN1_OBJECT *o = NULL;
ASN1_OCTET_STRING *os = NULL;
+ ASN1_INTEGER *ai = NULL;
+ ASN1_ENUMERATED *ae = NULL;
/* ASN1_BMPSTRING *bmp=NULL; */
int dump_indent, dump_cont = 0;
@@ -250,22 +252,21 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
ASN1_OCTET_STRING_free(os);
os = NULL;
} else if (tag == V_ASN1_INTEGER) {
- ASN1_INTEGER *bs;
int i;
opp = op;
- bs = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
- if (bs != NULL) {
+ ai = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
+ if (ai != NULL) {
if (BIO_write(bp, ":", 1) <= 0)
goto end;
- if (bs->type == V_ASN1_NEG_INTEGER)
+ if (ai->type == V_ASN1_NEG_INTEGER)
if (BIO_write(bp, "-", 1) <= 0)
goto end;
- for (i = 0; i < bs->length; i++) {
- if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
+ for (i = 0; i < ai->length; i++) {
+ if (BIO_printf(bp, "%02X", ai->data[i]) <= 0)
goto end;
}
- if (bs->length == 0) {
+ if (ai->length == 0) {
if (BIO_write(bp, "00", 2) <= 0)
goto end;
}
@@ -274,24 +275,24 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
goto end;
dump_cont = 1;
}
- ASN1_INTEGER_free(bs);
+ ASN1_INTEGER_free(ai);
+ ai = NULL;
} else if (tag == V_ASN1_ENUMERATED) {
- ASN1_ENUMERATED *bs;
int i;
opp = op;
- bs = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
- if (bs != NULL) {
+ ae = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
+ if (ae != NULL) {
if (BIO_write(bp, ":", 1) <= 0)
goto end;
- if (bs->type == V_ASN1_NEG_ENUMERATED)
+ if (ae->type == V_ASN1_NEG_ENUMERATED)
if (BIO_write(bp, "-", 1) <= 0)
goto end;
- for (i = 0; i < bs->length; i++) {
- if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
+ for (i = 0; i < ae->length; i++) {
+ if (BIO_printf(bp, "%02X", ae->data[i]) <= 0)
goto end;
}
- if (bs->length == 0) {
+ if (ae->length == 0) {
if (BIO_write(bp, "00", 2) <= 0)
goto end;
}
@@ -300,7 +301,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
goto end;
dump_cont = 1;
}
- ASN1_ENUMERATED_free(bs);
+ ASN1_ENUMERATED_free(ae);
+ ae = NULL;
} else if (len > 0 && dump) {
if (!nl) {
if (BIO_write(bp, "\n", 1) <= 0)
@@ -341,6 +343,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
end:
ASN1_OBJECT_free(o);
ASN1_OCTET_STRING_free(os);
+ ASN1_INTEGER_free(ai);
+ ASN1_ENUMERATED_free(ae);
*pp = p;
return ret;
}
diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
index dfd5be634754..38735cd86f3e 100644
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,15 +8,15 @@
*/
#include <stdio.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/rand.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
#include "internal/bio.h"
-#include "asn1_locl.h"
+#include "asn1_local.h"
/*
* Generalised MIME like utilities for streaming ASN1. Although many have a
@@ -198,6 +198,14 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
BIO_puts(out, "gostr3411-94");
goto err;
+ case NID_id_GostR3411_2012_256:
+ BIO_puts(out, "gostr3411-2012-256");
+ goto err;
+
+ case NID_id_GostR3411_2012_512:
+ BIO_puts(out, "gostr3411-2012-512");
+ goto err;
+
default:
if (have_unknown)
write_comma = 0;
diff --git a/crypto/asn1/asn_moid.c b/crypto/asn1/asn_moid.c
index 68a01f31179e..732ce972aa29 100644
--- a/crypto/asn1/asn_moid.c
+++ b/crypto/asn1/asn_moid.c
@@ -8,13 +8,13 @@
*/
#include <stdio.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include <openssl/crypto.h>
#include "internal/cryptlib.h"
#include <openssl/conf.h>
#include <openssl/x509.h>
-#include "internal/asn1_int.h"
-#include "internal/objects.h"
+#include "crypto/asn1.h"
+#include "crypto/objects.h"
/* Simple ASN1 OID module: add all objects in a given section */
diff --git a/crypto/asn1/charmap.h b/crypto/asn1/charmap.h
index f15d72d73661..cac354c6bf33 100644
--- a/crypto/asn1/charmap.h
+++ b/crypto/asn1/charmap.h
@@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by crypto/asn1/charmap.pl
*
- * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index aa0d6ad6aed0..6ec010738049 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -15,8 +15,8 @@
#include <openssl/engine.h>
#include <openssl/x509.h>
#include <openssl/asn1.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c
index 7bc16c7bceb4..8327ac16ca9c 100644
--- a/crypto/asn1/d2i_pu.c
+++ b/crypto/asn1/d2i_pu.c
@@ -17,7 +17,7 @@
#include <openssl/dsa.h>
#include <openssl/ec.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
long length)
diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c
index 6d6bddc651cc..3a18381173d4 100644
--- a/crypto/asn1/f_int.c
+++ b/crypto/asn1/f_int.c
@@ -8,7 +8,7 @@
*/
#include <stdio.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>
diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c
index f893489a6719..53dfec71b5d4 100644
--- a/crypto/asn1/f_string.c
+++ b/crypto/asn1/f_string.c
@@ -8,7 +8,7 @@
*/
#include <stdio.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/asn1.h>
diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c
index 445b0c84251f..0374c0bfbdc0 100644
--- a/crypto/asn1/i2d_pr.c
+++ b/crypto/asn1/i2d_pr.c
@@ -11,8 +11,8 @@
#include "internal/cryptlib.h"
#include <openssl/evp.h>
#include <openssl/x509.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
{
diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c
index dbee827e0d37..ab509b1ac976 100644
--- a/crypto/asn1/p8_pkey.c
+++ b/crypto/asn1/p8_pkey.c
@@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
/* Minor tweak to operation: zero private key data */
static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c
index 3b2c9df8917f..651622aedc8f 100644
--- a/crypto/asn1/t_pkey.c
+++ b/crypto/asn1/t_pkey.c
@@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/buffer.h>
-#include "internal/bn_int.h"
+#include "crypto/bn.h"
/* Number of octets per line */
#define ASN1_BUF_PRINT_WIDTH 15
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index c2a521ed5180..2332b204edc1 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -15,7 +15,7 @@
#include <openssl/buffer.h>
#include <openssl/err.h>
#include "internal/numbers.h"
-#include "asn1_locl.h"
+#include "asn1_local.h"
/*
diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c
index 30be314ff982..d600c7a53804 100644
--- a/crypto/asn1/tasn_enc.c
+++ b/crypto/asn1/tasn_enc.c
@@ -13,8 +13,8 @@
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
-#include "internal/asn1_int.h"
-#include "asn1_locl.h"
+#include "crypto/asn1.h"
+#include "asn1_local.h"
static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
const ASN1_ITEM *it, int tag, int aclass);
diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c
index bbce489fe003..2916bef7863a 100644
--- a/crypto/asn1/tasn_fre.c
+++ b/crypto/asn1/tasn_fre.c
@@ -11,7 +11,7 @@
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
/* Free up an ASN1 structure */
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
index 6b8ea8ddd74d..287f2af33b58 100644
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@@ -13,7 +13,7 @@
#include <openssl/err.h>
#include <openssl/asn1t.h>
#include <string.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
static int asn1_item_embed_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
int embed);
diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c
index 1fb66f1062ba..56d5ea0f39e3 100644
--- a/crypto/asn1/tasn_prn.c
+++ b/crypto/asn1/tasn_prn.c
@@ -15,8 +15,8 @@
#include <openssl/buffer.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
-#include "internal/asn1_int.h"
-#include "asn1_locl.h"
+#include "crypto/asn1.h"
+#include "asn1_local.h"
/*
* Print routines.
diff --git a/crypto/asn1/tasn_scn.c b/crypto/asn1/tasn_scn.c
index e1df2cfcae04..f0f218ae8bbe 100644
--- a/crypto/asn1/tasn_scn.c
+++ b/crypto/asn1/tasn_scn.c
@@ -15,7 +15,7 @@
#include <openssl/buffer.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
/*
* General ASN1 structure recursive scanner: iterate through all fields
diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c
index 7ceecffce758..a448685e19a9 100644
--- a/crypto/asn1/tasn_utl.c
+++ b/crypto/asn1/tasn_utl.c
@@ -15,7 +15,7 @@
#include <openssl/asn1t.h>
#include <openssl/objects.h>
#include <openssl/err.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
/* Utility functions for manipulating fields and offsets */
diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c
index 853d45b8bc8a..4c4a718850ee 100644
--- a/crypto/asn1/x_algor.c
+++ b/crypto/asn1/x_algor.c
@@ -11,7 +11,7 @@
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
ASN1_SEQUENCE(X509_ALGOR) = {
ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT),
diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c
index 6c93ea7510da..c6b3accd3a10 100644
--- a/crypto/asn1/x_bignum.c
+++ b/crypto/asn1/x_bignum.c
@@ -82,7 +82,7 @@ static int bn_secure_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- if (!*pval)
+ if (*pval == NULL)
return;
if (it->size & BN_SENSITIVE)
BN_clear_free((BIGNUM *)*pval);
@@ -96,7 +96,7 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
{
BIGNUM *bn;
int pad;
- if (!*pval)
+ if (*pval == NULL)
return -1;
bn = (BIGNUM *)*pval;
/* If MSB set in an octet we need a padding byte */
@@ -133,7 +133,7 @@ static int bn_secure_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int ret;
BIGNUM *bn;
- if (!*pval && !bn_secure_new(pval, it))
+ if (*pval == NULL && !bn_secure_new(pval, it))
return 0;
ret = bn_c2i(pval, cont, len, utype, free_cont, it);
diff --git a/crypto/asn1/x_int64.c b/crypto/asn1/x_int64.c
index 0ee552cf0a48..96c1a259e1fe 100644
--- a/crypto/asn1/x_int64.c
+++ b/crypto/asn1/x_int64.c
@@ -12,7 +12,7 @@
#include "internal/numbers.h"
#include <openssl/asn1t.h>
#include <openssl/bn.h>
-#include "asn1_locl.h"
+#include "asn1_local.h"
/*
* Custom primitive types for handling int32_t, int64_t, uint32_t, uint64_t.
diff --git a/crypto/asn1/x_sig.c b/crypto/asn1/x_sig.c
index e465cf2d4d10..fb24e240cba8 100644
--- a/crypto/asn1/x_sig.c
+++ b/crypto/asn1/x_sig.c
@@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
-#include "internal/x509_int.h"
+#include "crypto/x509.h"
ASN1_SEQUENCE(X509_SIG) = {
ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR),
diff --git a/crypto/async/arch/async_null.c b/crypto/async/arch/async_null.c
index 3eaf170f2e50..26801f873130 100644
--- a/crypto/async/arch/async_null.c
+++ b/crypto/async/arch/async_null.c
@@ -8,7 +8,7 @@
*/
/* This must be the first #include file */
-#include "../async_locl.h"
+#include "../async_local.h"
#ifdef ASYNC_NULL
int ASYNC_is_capable(void)
diff --git a/crypto/async/arch/async_posix.c b/crypto/async/arch/async_posix.c
index 02c342d3dfa9..95678d4fa686 100644
--- a/crypto/async/arch/async_posix.c
+++ b/crypto/async/arch/async_posix.c
@@ -8,7 +8,7 @@
*/
/* This must be the first #include file */
-#include "../async_locl.h"
+#include "../async_local.h"
#ifdef ASYNC_POSIX
diff --git a/crypto/async/arch/async_posix.h b/crypto/async/arch/async_posix.h
index 62449fe60e04..873c0316ddf3 100644
--- a/crypto/async/arch/async_posix.h
+++ b/crypto/async/arch/async_posix.h
@@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H
-#define OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H
+#ifndef OSSL_CRYPTO_ASYNC_POSIX_H
+#define OSSL_CRYPTO_ASYNC_POSIX_H
#include <openssl/e_os2.h>
#if defined(OPENSSL_SYS_UNIX) \
@@ -55,4 +55,4 @@ void async_fibre_free(async_fibre *fibre);
# endif
#endif
-#endif /* OPENSSL_ASYNC_ARCH_ASYNC_POSIX_H */
+#endif /* OSSL_CRYPTO_ASYNC_POSIX_H */
diff --git a/crypto/async/async.c b/crypto/async/async.c
index 1d83e4576f81..326015c605e9 100644
--- a/crypto/async/async.c
+++ b/crypto/async/async.c
@@ -16,10 +16,10 @@
#undef _FORTIFY_SOURCE
/* This must be the first #include file */
-#include "async_locl.h"
+#include "async_local.h"
#include <openssl/err.h>
-#include "internal/cryptlib_int.h"
+#include "crypto/cryptlib.h"
#include <string.h>
#define ASYNC_JOB_RUNNING 0
diff --git a/crypto/async/async_locl.h b/crypto/async/async_local.h
index d7790293f74f..dd1a85e02684 100644
--- a/crypto/async/async_locl.h
+++ b/crypto/async/async_local.h
@@ -20,7 +20,7 @@
# include <windows.h>
#endif
-#include "internal/async.h"
+#include "crypto/async.h"
#include <openssl/crypto.h>
typedef struct async_ctx_st async_ctx;
diff --git a/crypto/async/async_wait.c b/crypto/async/async_wait.c
index b23e43e8c862..7723f949a67e 100644
--- a/crypto/async/async_wait.c
+++ b/crypto/async/async_wait.c
@@ -8,7 +8,7 @@
*/
/* This must be the first #include file */
-#include "async_locl.h"
+#include "async_local.h"
#include <openssl/err.h>
diff --git a/crypto/bf/asm/bf-586.pl b/crypto/bf/asm/bf-586.pl
index 4e913aecf42d..cddc17bddafa 100644
--- a/crypto/bf/asm/bf-586.pl
+++ b/crypto/bf/asm/bf-586.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -32,7 +32,7 @@ $tmp4="edx";
&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
sub BF_encrypt
{
diff --git a/crypto/bf/bf_cfb64.c b/crypto/bf/bf_cfb64.c
index ce6e13b5a4cc..12332c540d66 100644
--- a/crypto/bf/bf_cfb64.c
+++ b/crypto/bf/bf_cfb64.c
@@ -8,7 +8,7 @@
*/
#include <openssl/blowfish.h>
-#include "bf_locl.h"
+#include "bf_local.h"
/*
* The input and output encrypted as though 64bit cfb mode is being used.
diff --git a/crypto/bf/bf_ecb.c b/crypto/bf/bf_ecb.c
index dc1becdbe4ed..38e784cc2dad 100644
--- a/crypto/bf/bf_ecb.c
+++ b/crypto/bf/bf_ecb.c
@@ -8,7 +8,7 @@
*/
#include <openssl/blowfish.h>
-#include "bf_locl.h"
+#include "bf_local.h"
#include <openssl/opensslv.h>
/*
diff --git a/crypto/bf/bf_enc.c b/crypto/bf/bf_enc.c
index 67c0d78aec5c..423a4697a51e 100644
--- a/crypto/bf/bf_enc.c
+++ b/crypto/bf/bf_enc.c
@@ -8,7 +8,7 @@
*/
#include <openssl/blowfish.h>
-#include "bf_locl.h"
+#include "bf_local.h"
/*
* Blowfish as implemented from 'Blowfish: Springer-Verlag paper' (From
diff --git a/crypto/bf/bf_locl.h b/crypto/bf/bf_local.h
index b1a415e5132c..8c76976fa4d9 100644
--- a/crypto/bf/bf_locl.h
+++ b/crypto/bf/bf_local.h
@@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef HEADER_BF_LOCL_H
-# define HEADER_BF_LOCL_H
+#ifndef OSSL_CRYPTO_BF_LOCAL_H
+# define OSSL_CRYPTO_BF_LOCAL_H
# include <openssl/opensslconf.h>
/* NOTE - c is not incremented as per n2l */
diff --git a/crypto/bf/bf_ofb64.c b/crypto/bf/bf_ofb64.c
index 6418217b307d..5d75401fcca5 100644
--- a/crypto/bf/bf_ofb64.c
+++ b/crypto/bf/bf_ofb64.c
@@ -8,7 +8,7 @@
*/
#include <openssl/blowfish.h>
-#include "bf_locl.h"
+#include "bf_local.h"
/*
* The input and output encrypted as though 64bit ofb mode is being used.
diff --git a/crypto/bf/bf_skey.c b/crypto/bf/bf_skey.c
index a4903a2a71de..ed29cf9153a4 100644
--- a/crypto/bf/bf_skey.c
+++ b/crypto/bf/bf_skey.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include <string.h>
#include <openssl/blowfish.h>
-#include "bf_locl.h"
+#include "bf_local.h"
#include "bf_pi.h"
void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c
index dd5008e636a4..d11268b6dc59 100644
--- a/crypto/bio/b_addr.c
+++ b/crypto/bio/b_addr.c
@@ -10,7 +10,7 @@
#include <assert.h>
#include <string.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include <openssl/crypto.h>
#ifndef OPENSSL_NO_SOCK
@@ -22,7 +22,7 @@ CRYPTO_RWLOCK *bio_lookup_lock;
static CRYPTO_ONCE bio_lookup_init = CRYPTO_ONCE_STATIC_INIT;
/*
- * Throughout this file and bio_lcl.h, the existence of the macro
+ * Throughout this file and bio_local.h, the existence of the macro
* AI_PASSIVE is used to detect the availability of struct addrinfo,
* getnameinfo() and getaddrinfo(). If that macro doesn't exist,
* we use our own implementation instead, using gethostbyname,
@@ -694,9 +694,11 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
hints.ai_flags |= AI_PASSIVE;
/* Note that |res| SHOULD be a 'struct addrinfo **' thanks to
- * macro magic in bio_lcl.h
+ * macro magic in bio_local.h
*/
+# if defined(AI_ADDRCONFIG) && defined(AI_NUMERICHOST)
retry:
+# endif
switch ((gai_ret = getaddrinfo(host, service, &hints, res))) {
# ifdef EAI_SYSTEM
case EAI_SYSTEM:
diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c
index 0d06414e7d91..f175e244b233 100644
--- a/crypto/bio/b_dump.c
+++ b/crypto/bio/b_dump.c
@@ -12,7 +12,7 @@
*/
#include <stdio.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#define DUMP_WIDTH 16
#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH - ((i - (i > 6 ? 6 : i) + 3) / 4))
@@ -36,8 +36,8 @@ int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
if (indent < 0)
indent = 0;
- else if (indent > 128)
- indent = 128;
+ else if (indent > 64)
+ indent = 64;
dump_width = DUMP_WIDTH_LESS_INDENT(indent);
rows = len / dump_width;
diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
index 9e907fcaa778..8ef90ac1d4f8 100644
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include <string.h>
#include "internal/cryptlib.h"
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include "internal/numbers.h"
#include <openssl/bio.h>
diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c
index e7a24d02cbe5..df431e6d523d 100644
--- a/crypto/bio/b_sock.c
+++ b/crypto/bio/b_sock.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#ifndef OPENSSL_NO_SOCK
# define SOCKET_PROTOCOL IPPROTO_TCP
# ifdef SO_MAXCONN
diff --git a/crypto/bio/b_sock2.c b/crypto/bio/b_sock2.c
index 5d82ab22dc30..335dfabc6180 100644
--- a/crypto/bio/b_sock2.c
+++ b/crypto/bio/b_sock2.c
@@ -11,7 +11,7 @@
#include <stdlib.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include <openssl/err.h>
diff --git a/crypto/bio/bf_buff.c b/crypto/bio/bf_buff.c
index 8e87a629b8b5..51ae1f918d87 100644
--- a/crypto/bio/bf_buff.c
+++ b/crypto/bio/bf_buff.c
@@ -9,7 +9,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include "internal/cryptlib.h"
static int buffer_write(BIO *h, const char *buf, int num);
diff --git a/crypto/bio/bf_lbuf.c b/crypto/bio/bf_lbuf.c
index 194c7b8af713..72f9901813ea 100644
--- a/crypto/bio/bf_lbuf.c
+++ b/crypto/bio/bf_lbuf.c
@@ -9,7 +9,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include "internal/cryptlib.h"
#include <openssl/evp.h>
diff --git a/crypto/bio/bf_nbio.c b/crypto/bio/bf_nbio.c
index 4bc84eeba659..dd7011ab669f 100644
--- a/crypto/bio/bf_nbio.c
+++ b/crypto/bio/bf_nbio.c
@@ -9,7 +9,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include "internal/cryptlib.h"
#include <openssl/rand.h>
diff --git a/crypto/bio/bf_null.c b/crypto/bio/bf_null.c
index 613fb2e0583d..48c6be692a5d 100644
--- a/crypto/bio/bf_null.c
+++ b/crypto/bio/bf_null.c
@@ -9,7 +9,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include "internal/cryptlib.h"
/*
diff --git a/crypto/bio/bio_cb.c b/crypto/bio/bio_cb.c
index 1154c233afd8..a153100a8825 100644
--- a/crypto/bio/bio_cb.c
+++ b/crypto/bio/bio_cb.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include "internal/cryptlib.h"
#include <openssl/err.h>
diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c
index ca375b911ae8..d2202e537b30 100644
--- a/crypto/bio/bio_lib.c
+++ b/crypto/bio/bio_lib.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include <errno.h>
#include <openssl/crypto.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include "internal/cryptlib.h"
diff --git a/crypto/bio/bio_lcl.h b/crypto/bio/bio_local.h
index e2c05a20de6c..8b2122129396 100644
--- a/crypto/bio/bio_lcl.h
+++ b/crypto/bio/bio_local.h
@@ -27,11 +27,11 @@
* For clarity, we check for internal/cryptlib.h since it's a common header
* that also includes bio.h.
*/
-# ifdef HEADER_CRYPTLIB_H
-# error internal/cryptlib.h included before bio_lcl.h
+# ifdef OSSL_INTERNAL_CRYPTLIB_H
+# error internal/cryptlib.h included before bio_local.h
# endif
# ifdef HEADER_BIO_H
-# error openssl/bio.h included before bio_lcl.h
+# error openssl/bio.h included before bio_local.h
# endif
/*
diff --git a/crypto/bio/bio_meth.c b/crypto/bio/bio_meth.c
index 493ff63a9012..da116461922e 100644
--- a/crypto/bio/bio_meth.c
+++ b/crypto/bio/bio_meth.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "bio_lcl.h"
+#include "bio_local.h"
#include "internal/thread_once.h"
CRYPTO_RWLOCK *bio_type_lock = NULL;
diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
index 993e5903a04f..b38e47a592f4 100644
--- a/crypto/bio/bss_acpt.c
+++ b/crypto/bio/bss_acpt.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,7 +9,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#ifndef OPENSSL_NO_SOCK
@@ -527,7 +527,12 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
break;
case BIO_CTRL_DUP:
break;
-
+ case BIO_CTRL_EOF:
+ if (b->next_bio == NULL)
+ ret = 0;
+ else
+ ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+ break;
default:
ret = 0;
break;
diff --git a/crypto/bio/bss_bio.c b/crypto/bio/bss_bio.c
index e34382c55781..c97349e43282 100644
--- a/crypto/bio/bss_bio.c
+++ b/crypto/bio/bss_bio.c
@@ -21,7 +21,7 @@
#include <stdlib.h>
#include <string.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include <openssl/err.h>
#include <openssl/crypto.h>
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
index e9673fe78336..dd43a406018c 100644
--- a/crypto/bio/bss_conn.c
+++ b/crypto/bio/bss_conn.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -10,7 +10,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#ifndef OPENSSL_NO_SOCK
@@ -54,6 +54,7 @@ void BIO_CONNECT_free(BIO_CONNECT *a);
#define BIO_CONN_S_CONNECT 4
#define BIO_CONN_S_OK 5
#define BIO_CONN_S_BLOCKED_CONNECT 6
+#define BIO_CONN_S_CONNECT_ERROR 7
static const BIO_METHOD methods_connectp = {
BIO_TYPE_CONNECT,
@@ -174,7 +175,8 @@ static int conn_state(BIO *b, BIO_CONNECT *c)
ERR_add_error_data(4,
"hostname=", c->param_hostname,
" service=", c->param_service);
- BIOerr(BIO_F_CONN_STATE, BIO_R_CONNECT_ERROR);
+ c->state = BIO_CONN_S_CONNECT_ERROR;
+ break;
}
goto exit_loop;
} else {
@@ -197,6 +199,11 @@ static int conn_state(BIO *b, BIO_CONNECT *c)
c->state = BIO_CONN_S_OK;
break;
+ case BIO_CONN_S_CONNECT_ERROR:
+ BIOerr(BIO_F_CONN_STATE, BIO_R_CONNECT_ERROR);
+ ret = 0;
+ goto exit_loop;
+
case BIO_CONN_S_OK:
ret = 1;
goto exit_loop;
@@ -309,6 +316,8 @@ static int conn_read(BIO *b, char *out, int outl)
if (ret <= 0) {
if (BIO_sock_should_retry(ret))
BIO_set_retry_read(b);
+ else if (ret == 0)
+ b->flags |= BIO_FLAGS_IN_EOF;
}
}
return ret;
@@ -488,6 +497,9 @@ static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
*fptr = data->info_callback;
}
break;
+ case BIO_CTRL_EOF:
+ ret = (b->flags & BIO_FLAGS_IN_EOF) != 0 ? 1 : 0;
+ break;
default:
ret = 0;
break;
diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
index 551821609f73..942fd8b514be 100644
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#ifndef OPENSSL_NO_DGRAM
# ifndef OPENSSL_NO_SCTP
diff --git a/crypto/bio/bss_fd.c b/crypto/bio/bss_fd.c
index 5bc539c90b96..ccbe1626baf2 100644
--- a/crypto/bio/bss_fd.c
+++ b/crypto/bio/bss_fd.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -10,7 +10,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#if defined(OPENSSL_NO_POSIX_IO)
/*
@@ -123,6 +123,8 @@ static int fd_read(BIO *b, char *out, int outl)
if (ret <= 0) {
if (BIO_fd_should_retry(ret))
BIO_set_retry_read(b);
+ else if (ret == 0)
+ b->flags |= BIO_FLAGS_IN_EOF;
}
}
return ret;
@@ -186,6 +188,9 @@ static long fd_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_CTRL_FLUSH:
ret = 1;
break;
+ case BIO_CTRL_EOF:
+ ret = (b->flags & BIO_FLAGS_IN_EOF) != 0 ? 1 : 0;
+ break;
default:
ret = 0;
break;
diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
index a21020559760..1a70ce799404 100644
--- a/crypto/bio/bss_file.c
+++ b/crypto/bio/bss_file.c
@@ -27,7 +27,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include <openssl/err.h>
#if !defined(OPENSSL_NO_STDIO)
diff --git a/crypto/bio/bss_log.c b/crypto/bio/bss_log.c
index e9ab932ec295..b9579faaa2a5 100644
--- a/crypto/bio/bss_log.c
+++ b/crypto/bio/bss_log.c
@@ -19,7 +19,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include "internal/cryptlib.h"
#if defined(OPENSSL_SYS_WINCE)
diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
index 2d536e9db05f..7cb4a57813fd 100644
--- a/crypto/bio/bss_mem.c
+++ b/crypto/bio/bss_mem.c
@@ -9,7 +9,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include "internal/cryptlib.h"
static int mem_write(BIO *h, const char *buf, int num);
diff --git a/crypto/bio/bss_null.c b/crypto/bio/bss_null.c
index 08f1d2bc98a3..e73ce7841d41 100644
--- a/crypto/bio/bss_null.c
+++ b/crypto/bio/bss_null.c
@@ -9,7 +9,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include "internal/cryptlib.h"
static int null_write(BIO *h, const char *buf, int num);
diff --git a/crypto/bio/bss_sock.c b/crypto/bio/bss_sock.c
index ad38453201f1..6251f3d46a17 100644
--- a/crypto/bio/bss_sock.c
+++ b/crypto/bio/bss_sock.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -9,7 +9,7 @@
#include <stdio.h>
#include <errno.h>
-#include "bio_lcl.h"
+#include "bio_local.h"
#include "internal/cryptlib.h"
#ifndef OPENSSL_NO_SOCK
@@ -101,6 +101,8 @@ static int sock_read(BIO *b, char *out, int outl)
if (ret <= 0) {
if (BIO_sock_should_retry(ret))
BIO_set_retry_read(b);
+ else if (ret == 0)
+ b->flags |= BIO_FLAGS_IN_EOF;
}
}
return ret;
@@ -151,6 +153,9 @@ static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_CTRL_FLUSH:
ret = 1;
break;
+ case BIO_CTRL_EOF:
+ ret = (b->flags & BIO_FLAGS_IN_EOF) != 0 ? 1 : 0;
+ break;
default:
ret = 0;
break;
diff --git a/crypto/blake2/blake2_locl.h b/crypto/blake2/blake2_local.h
index 926bae944c17..926bae944c17 100644
--- a/crypto/blake2/blake2_locl.h
+++ b/crypto/blake2/blake2_local.h
diff --git a/crypto/blake2/blake2b.c b/crypto/blake2/blake2b.c
index 4b353dd498bb..fc6e5f1a3f3c 100644
--- a/crypto/blake2/blake2b.c
+++ b/crypto/blake2/blake2b.c
@@ -18,7 +18,7 @@
#include <string.h>
#include <openssl/crypto.h>
-#include "blake2_locl.h"
+#include "blake2_local.h"
#include "blake2_impl.h"
static const uint64_t blake2b_IV[8] =
diff --git a/crypto/blake2/blake2s.c b/crypto/blake2/blake2s.c
index 8211374d123f..d072e05ca364 100644
--- a/crypto/blake2/blake2s.c
+++ b/crypto/blake2/blake2s.c
@@ -18,7 +18,7 @@
#include <string.h>
#include <openssl/crypto.h>
-#include "blake2_locl.h"
+#include "blake2_local.h"
#include "blake2_impl.h"
static const uint32_t blake2s_IV[8] =
diff --git a/crypto/blake2/m_blake2b.c b/crypto/blake2/m_blake2b.c
index c493648c3cd0..ce4d8f95652f 100644
--- a/crypto/blake2/m_blake2b.c
+++ b/crypto/blake2/m_blake2b.c
@@ -20,8 +20,8 @@
# include <openssl/evp.h>
# include <openssl/objects.h>
-# include "blake2_locl.h"
-# include "internal/evp_int.h"
+# include "blake2_local.h"
+# include "crypto/evp.h"
static int init(EVP_MD_CTX *ctx)
{
diff --git a/crypto/blake2/m_blake2s.c b/crypto/blake2/m_blake2s.c
index 83b2811e4432..b8fb048b30bf 100644
--- a/crypto/blake2/m_blake2s.c
+++ b/crypto/blake2/m_blake2s.c
@@ -20,8 +20,8 @@
# include <openssl/evp.h>
# include <openssl/objects.h>
-# include "blake2_locl.h"
-# include "internal/evp_int.h"
+# include "blake2_local.h"
+# include "crypto/evp.h"
static int init(EVP_MD_CTX *ctx)
{
diff --git a/crypto/bn/README.pod b/crypto/bn/README.pod
index 706a140342cd..5d5c4fa99fa1 100644
--- a/crypto/bn/README.pod
+++ b/crypto/bn/README.pod
@@ -188,7 +188,7 @@ B<a> and the 2*B<n> word arrays B<tmp> and B<r>.
The implementations use the following macros which, depending on the
architecture, may use "long long" C operations or inline assembler.
-They are defined in C<bn_lcl.h>.
+They are defined in C<bn_local.h>.
mul(B<r>, B<a>, B<w>, B<c>) computes B<w>*B<a>+B<c> and places the
low word of the result in B<r> and the high word in B<c>.
diff --git a/crypto/bn/asm/armv4-gf2m.pl b/crypto/bn/asm/armv4-gf2m.pl
index 7a0cdb2e8a00..3a83cb855007 100755
--- a/crypto/bn/asm/armv4-gf2m.pl
+++ b/crypto/bn/asm/armv4-gf2m.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -329,4 +329,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT; # enforce flush
+close STDOUT or die "error closing STDOUT: $!"; # enforce flush
diff --git a/crypto/bn/asm/armv4-mont.pl b/crypto/bn/asm/armv4-mont.pl
index 6bedc62ba62d..eadc8bbf6322 100755
--- a/crypto/bn/asm/armv4-mont.pl
+++ b/crypto/bn/asm/armv4-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -754,4 +754,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/armv8-mont.pl b/crypto/bn/asm/armv8-mont.pl
index d8347bf93249..bc9a18dc4ce6 100755
--- a/crypto/bn/asm/armv8-mont.pl
+++ b/crypto/bn/asm/armv8-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1511,4 +1511,4 @@ ___
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/bn-586.pl b/crypto/bn/asm/bn-586.pl
index 58effc8808dd..e0422405d5f3 100644
--- a/crypto/bn/asm/bn-586.pl
+++ b/crypto/bn/asm/bn-586.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -31,7 +31,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
sub bn_mul_add_words
{
diff --git a/crypto/bn/asm/c64xplus-gf2m.pl b/crypto/bn/asm/c64xplus-gf2m.pl
index 9c46da3af8d1..3bb8d120e96a 100755
--- a/crypto/bn/asm/c64xplus-gf2m.pl
+++ b/crypto/bn/asm/c64xplus-gf2m.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -157,4 +157,4 @@ $code.=<<___;
___
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/co-586.pl b/crypto/bn/asm/co-586.pl
index 97f5e3a19fc4..3c34fa885c30 100644
--- a/crypto/bn/asm/co-586.pl
+++ b/crypto/bn/asm/co-586.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -22,7 +22,7 @@ open STDOUT,">$output";
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
sub mul_add_c
{
@@ -39,17 +39,17 @@ sub mul_add_c
&mul("edx");
&add($c0,"eax");
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a
+ &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a
&mov("eax",&wparam(0)) if $pos > 0; # load r[]
###
&adc($c1,"edx");
- &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b
- &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b
+ &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # load next b
+ &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # load next b
###
&adc($c2,0);
# is pos > 1, it means it is the last loop
&mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[];
- &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a
+ &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next a
}
sub sqr_add_c
diff --git a/crypto/bn/asm/ia64-mont.pl b/crypto/bn/asm/ia64-mont.pl
index ec486f77792b..7a4e74d71942 100755
--- a/crypto/bn/asm/ia64-mont.pl
+++ b/crypto/bn/asm/ia64-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -857,4 +857,4 @@ ___
open STDOUT,">$output" if $output;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/mips-mont.pl b/crypto/bn/asm/mips-mont.pl
index fbe5d04f716c..3b79a4b186d7 100755
--- a/crypto/bn/asm/mips-mont.pl
+++ b/crypto/bn/asm/mips-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -430,4 +430,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/mips.pl b/crypto/bn/asm/mips.pl
index a205189eb684..8ad715bda4d4 100755
--- a/crypto/bn/asm/mips.pl
+++ b/crypto/bn/asm/mips.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2010-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -2260,4 +2260,4 @@ $code.=<<___;
.end bn_sqr_comba4
___
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/parisc-mont.pl b/crypto/bn/asm/parisc-mont.pl
index aa9f626ed267..6a7c714a156e 100755
--- a/crypto/bn/asm/parisc-mont.pl
+++ b/crypto/bn/asm/parisc-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1003,4 +1003,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/ppc-mont.pl b/crypto/bn/asm/ppc-mont.pl
index ec7e019a4380..278314c57bd6 100755
--- a/crypto/bn/asm/ppc-mont.pl
+++ b/crypto/bn/asm/ppc-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1987,4 +1987,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/ppc.pl b/crypto/bn/asm/ppc.pl
index d6d4e66f92e9..a8d3f14e9b8e 100644
--- a/crypto/bn/asm/ppc.pl
+++ b/crypto/bn/asm/ppc.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2004-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2004-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -2009,4 +2009,4 @@ Lppcasm_maw_adios:
EOF
$data =~ s/\`([^\`]*)\`/eval $1/gem;
print $data;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/ppc64-mont.pl b/crypto/bn/asm/ppc64-mont.pl
index c41b620bc23e..b55fd46c824f 100755
--- a/crypto/bn/asm/ppc64-mont.pl
+++ b/crypto/bn/asm/ppc64-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1649,4 +1649,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/rsaz-avx2.pl b/crypto/bn/asm/rsaz-avx2.pl
index 85cd73c668bd..9b54f9d9ed3c 100755
--- a/crypto/bn/asm/rsaz-avx2.pl
+++ b/crypto/bn/asm/rsaz-avx2.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2013-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
# Copyright (c) 2012, Intel Corporation. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
@@ -66,7 +66,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=11);
}
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9])\.([0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$avx = ($ver>=3.0) + ($ver>=3.01);
$addx = ($ver>=3.03);
@@ -1979,4 +1979,4 @@ rsaz_1024_gather5_avx2:
___
}}}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/rsaz-x86_64.pl b/crypto/bn/asm/rsaz-x86_64.pl
index b1797b649f00..8172dace74ee 100755
--- a/crypto/bn/asm/rsaz-x86_64.pl
+++ b/crypto/bn/asm/rsaz-x86_64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
# Copyright (c) 2012, Intel Corporation. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
@@ -81,7 +81,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9])\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}
@@ -116,7 +116,7 @@ rsaz_512_sqr: # 25-29% faster than rsaz_512_mul
subq \$128+24, %rsp
.cfi_adjust_cfa_offset 128+24
.Lsqr_body:
- movq $mod, %rbp # common argument
+ movq $mod, %xmm1 # common off-load
movq ($inp), %rdx
movq 8($inp), %rax
movq $n0, 128(%rsp)
@@ -134,7 +134,8 @@ $code.=<<___;
.Loop_sqr:
movl $times,128+8(%rsp)
#first iteration
- movq %rdx, %rbx
+ movq %rdx, %rbx # 0($inp)
+ mov %rax, %rbp # 8($inp)
mulq %rdx
movq %rax, %r8
movq 16($inp), %rax
@@ -173,31 +174,29 @@ $code.=<<___;
mulq %rbx
addq %rax, %r14
movq %rbx, %rax
- movq %rdx, %r15
- adcq \$0, %r15
+ adcq \$0, %rdx
- addq %r8, %r8 #shlq \$1, %r8
- movq %r9, %rcx
- adcq %r9, %r9 #shld \$1, %r8, %r9
+ xorq %rcx,%rcx # rcx:r8 = r8 << 1
+ addq %r8, %r8
+ movq %rdx, %r15
+ adcq \$0, %rcx
mulq %rax
- movq %rax, (%rsp)
- addq %rdx, %r8
- adcq \$0, %r9
+ addq %r8, %rdx
+ adcq \$0, %rcx
- movq %r8, 8(%rsp)
- shrq \$63, %rcx
+ movq %rax, (%rsp)
+ movq %rdx, 8(%rsp)
#second iteration
- movq 8($inp), %r8
movq 16($inp), %rax
- mulq %r8
+ mulq %rbp
addq %rax, %r10
movq 24($inp), %rax
movq %rdx, %rbx
adcq \$0, %rbx
- mulq %r8
+ mulq %rbp
addq %rax, %r11
movq 32($inp), %rax
adcq \$0, %rdx
@@ -205,7 +204,7 @@ $code.=<<___;
movq %rdx, %rbx
adcq \$0, %rbx
- mulq %r8
+ mulq %rbp
addq %rax, %r12
movq 40($inp), %rax
adcq \$0, %rdx
@@ -213,7 +212,7 @@ $code.=<<___;
movq %rdx, %rbx
adcq \$0, %rbx
- mulq %r8
+ mulq %rbp
addq %rax, %r13
movq 48($inp), %rax
adcq \$0, %rdx
@@ -221,7 +220,7 @@ $code.=<<___;
movq %rdx, %rbx
adcq \$0, %rbx
- mulq %r8
+ mulq %rbp
addq %rax, %r14
movq 56($inp), %rax
adcq \$0, %rdx
@@ -229,39 +228,39 @@ $code.=<<___;
movq %rdx, %rbx
adcq \$0, %rbx
- mulq %r8
+ mulq %rbp
addq %rax, %r15
- movq %r8, %rax
+ movq %rbp, %rax
adcq \$0, %rdx
addq %rbx, %r15
- movq %rdx, %r8
- movq %r10, %rdx
- adcq \$0, %r8
+ adcq \$0, %rdx
- add %rdx, %rdx
- lea (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
- movq %r11, %rbx
- adcq %r11, %r11 #shld \$1, %r10, %r11
+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1
+ addq %r9, %r9
+ movq %rdx, %r8
+ adcq %r10, %r10
+ adcq \$0, %rbx
mulq %rax
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rcx, %rax
+ movq 16($inp), %rbp
addq %rax, %r9
+ movq 24($inp), %rax
adcq %rdx, %r10
- adcq \$0, %r11
+ adcq \$0, %rbx
movq %r9, 16(%rsp)
movq %r10, 24(%rsp)
- shrq \$63, %rbx
#third iteration
- movq 16($inp), %r9
- movq 24($inp), %rax
- mulq %r9
+ mulq %rbp
addq %rax, %r12
movq 32($inp), %rax
movq %rdx, %rcx
adcq \$0, %rcx
- mulq %r9
+ mulq %rbp
addq %rax, %r13
movq 40($inp), %rax
adcq \$0, %rdx
@@ -269,7 +268,7 @@ $code.=<<___;
movq %rdx, %rcx
adcq \$0, %rcx
- mulq %r9
+ mulq %rbp
addq %rax, %r14
movq 48($inp), %rax
adcq \$0, %rdx
@@ -277,9 +276,7 @@ $code.=<<___;
movq %rdx, %rcx
adcq \$0, %rcx
- mulq %r9
- movq %r12, %r10
- lea (%rbx,%r12,2), %r12 #shld \$1, %rbx, %r12
+ mulq %rbp
addq %rax, %r15
movq 56($inp), %rax
adcq \$0, %rdx
@@ -287,36 +284,40 @@ $code.=<<___;
movq %rdx, %rcx
adcq \$0, %rcx
- mulq %r9
- shrq \$63, %r10
+ mulq %rbp
addq %rax, %r8
- movq %r9, %rax
+ movq %rbp, %rax
adcq \$0, %rdx
addq %rcx, %r8
- movq %rdx, %r9
- adcq \$0, %r9
+ adcq \$0, %rdx
- movq %r13, %rcx
- leaq (%r10,%r13,2), %r13 #shld \$1, %r12, %r13
+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1
+ addq %r11, %r11
+ movq %rdx, %r9
+ adcq %r12, %r12
+ adcq \$0, %rcx
mulq %rax
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rbx, %rax
+ movq 24($inp), %r10
addq %rax, %r11
+ movq 32($inp), %rax
adcq %rdx, %r12
- adcq \$0, %r13
+ adcq \$0, %rcx
movq %r11, 32(%rsp)
movq %r12, 40(%rsp)
- shrq \$63, %rcx
#fourth iteration
- movq 24($inp), %r10
- movq 32($inp), %rax
+ mov %rax, %r11 # 32($inp)
mulq %r10
addq %rax, %r14
movq 40($inp), %rax
movq %rdx, %rbx
adcq \$0, %rbx
+ mov %rax, %r12 # 40($inp)
mulq %r10
addq %rax, %r15
movq 48($inp), %rax
@@ -325,9 +326,8 @@ $code.=<<___;
movq %rdx, %rbx
adcq \$0, %rbx
+ mov %rax, %rbp # 48($inp)
mulq %r10
- movq %r14, %r12
- leaq (%rcx,%r14,2), %r14 #shld \$1, %rcx, %r14
addq %rax, %r8
movq 56($inp), %rax
adcq \$0, %rdx
@@ -336,32 +336,33 @@ $code.=<<___;
adcq \$0, %rbx
mulq %r10
- shrq \$63, %r12
addq %rax, %r9
movq %r10, %rax
adcq \$0, %rdx
addq %rbx, %r9
- movq %rdx, %r10
- adcq \$0, %r10
+ adcq \$0, %rdx
- movq %r15, %rbx
- leaq (%r12,%r15,2),%r15 #shld \$1, %r14, %r15
+ xorq %rbx, %rbx # rbx:r13:r14 = r13:r14 << 1
+ addq %r13, %r13
+ movq %rdx, %r10
+ adcq %r14, %r14
+ adcq \$0, %rbx
mulq %rax
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rcx, %rax
addq %rax, %r13
+ movq %r12, %rax # 40($inp)
adcq %rdx, %r14
- adcq \$0, %r15
+ adcq \$0, %rbx
movq %r13, 48(%rsp)
movq %r14, 56(%rsp)
- shrq \$63, %rbx
#fifth iteration
- movq 32($inp), %r11
- movq 40($inp), %rax
mulq %r11
addq %rax, %r8
- movq 48($inp), %rax
+ movq %rbp, %rax # 48($inp)
movq %rdx, %rcx
adcq \$0, %rcx
@@ -369,97 +370,99 @@ $code.=<<___;
addq %rax, %r9
movq 56($inp), %rax
adcq \$0, %rdx
- movq %r8, %r12
- leaq (%rbx,%r8,2), %r8 #shld \$1, %rbx, %r8
addq %rcx, %r9
movq %rdx, %rcx
adcq \$0, %rcx
+ mov %rax, %r14 # 56($inp)
mulq %r11
- shrq \$63, %r12
addq %rax, %r10
movq %r11, %rax
adcq \$0, %rdx
addq %rcx, %r10
- movq %rdx, %r11
- adcq \$0, %r11
+ adcq \$0, %rdx
- movq %r9, %rcx
- leaq (%r12,%r9,2), %r9 #shld \$1, %r8, %r9
+ xorq %rcx, %rcx # rcx:r8:r15 = r8:r15 << 1
+ addq %r15, %r15
+ movq %rdx, %r11
+ adcq %r8, %r8
+ adcq \$0, %rcx
mulq %rax
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rbx, %rax
addq %rax, %r15
+ movq %rbp, %rax # 48($inp)
adcq %rdx, %r8
- adcq \$0, %r9
+ adcq \$0, %rcx
movq %r15, 64(%rsp)
movq %r8, 72(%rsp)
- shrq \$63, %rcx
#sixth iteration
- movq 40($inp), %r12
- movq 48($inp), %rax
mulq %r12
addq %rax, %r10
- movq 56($inp), %rax
+ movq %r14, %rax # 56($inp)
movq %rdx, %rbx
adcq \$0, %rbx
mulq %r12
addq %rax, %r11
movq %r12, %rax
- movq %r10, %r15
- leaq (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
adcq \$0, %rdx
- shrq \$63, %r15
addq %rbx, %r11
- movq %rdx, %r12
- adcq \$0, %r12
+ adcq \$0, %rdx
- movq %r11, %rbx
- leaq (%r15,%r11,2), %r11 #shld \$1, %r10, %r11
+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1
+ addq %r9, %r9
+ movq %rdx, %r12
+ adcq %r10, %r10
+ adcq \$0, %rbx
mulq %rax
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rcx, %rax
addq %rax, %r9
+ movq %r14, %rax # 56($inp)
adcq %rdx, %r10
- adcq \$0, %r11
+ adcq \$0, %rbx
movq %r9, 80(%rsp)
movq %r10, 88(%rsp)
#seventh iteration
- movq 48($inp), %r13
- movq 56($inp), %rax
- mulq %r13
+ mulq %rbp
addq %rax, %r12
- movq %r13, %rax
- movq %rdx, %r13
- adcq \$0, %r13
+ movq %rbp, %rax
+ adcq \$0, %rdx
- xorq %r14, %r14
- shlq \$1, %rbx
- adcq %r12, %r12 #shld \$1, %rbx, %r12
- adcq %r13, %r13 #shld \$1, %r12, %r13
- adcq %r14, %r14 #shld \$1, %r13, %r14
+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1
+ addq %r11, %r11
+ movq %rdx, %r13
+ adcq %r12, %r12
+ adcq \$0, %rcx
mulq %rax
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rbx, %rax
addq %rax, %r11
+ movq %r14, %rax # 56($inp)
adcq %rdx, %r12
- adcq \$0, %r13
+ adcq \$0, %rcx
movq %r11, 96(%rsp)
movq %r12, 104(%rsp)
#eighth iteration
- movq 56($inp), %rax
- mulq %rax
- addq %rax, %r13
- adcq \$0, %rdx
-
- addq %rdx, %r14
+ xorq %rbx, %rbx # rbx:r13 = r13 << 1
+ addq %r13, %r13
+ adcq \$0, %rbx
- movq %r13, 112(%rsp)
- movq %r14, 120(%rsp)
+ mulq %rax
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rcx, %rax
+ addq %r13, %rax
+ adcq %rbx, %rdx
movq (%rsp), %r8
movq 8(%rsp), %r9
@@ -469,6 +472,10 @@ $code.=<<___;
movq 40(%rsp), %r13
movq 48(%rsp), %r14
movq 56(%rsp), %r15
+ movq %xmm1, %rbp
+
+ movq %rax, 112(%rsp)
+ movq %rdx, 120(%rsp)
call __rsaz_512_reduce
@@ -500,9 +507,9 @@ $code.=<<___;
.Loop_sqrx:
movl $times,128+8(%rsp)
movq $out, %xmm0 # off-load
- movq %rbp, %xmm1 # off-load
#first iteration
mulx %rax, %r8, %r9
+ mov %rax, %rbx
mulx 16($inp), %rcx, %r10
xor %rbp, %rbp # cf=0, of=0
@@ -510,40 +517,39 @@ $code.=<<___;
mulx 24($inp), %rax, %r11
adcx %rcx, %r9
- mulx 32($inp), %rcx, %r12
+ .byte 0xc4,0x62,0xf3,0xf6,0xa6,0x20,0x00,0x00,0x00 # mulx 32($inp), %rcx, %r12
adcx %rax, %r10
- mulx 40($inp), %rax, %r13
+ .byte 0xc4,0x62,0xfb,0xf6,0xae,0x28,0x00,0x00,0x00 # mulx 40($inp), %rax, %r13
adcx %rcx, %r11
- .byte 0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($inp), %rcx, %r14
+ mulx 48($inp), %rcx, %r14
adcx %rax, %r12
adcx %rcx, %r13
- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r15
+ mulx 56($inp), %rax, %r15
adcx %rax, %r14
adcx %rbp, %r15 # %rbp is 0
- mov %r9, %rcx
- shld \$1, %r8, %r9
- shl \$1, %r8
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rdx, %r8
- mov 8($inp), %rdx
- adcx %rbp, %r9
+ mulx %rdx, %rax, $out
+ mov %rbx, %rdx # 8($inp)
+ xor %rcx, %rcx
+ adox %r8, %r8
+ adcx $out, %r8
+ adox %rbp, %rcx
+ adcx %rbp, %rcx
mov %rax, (%rsp)
mov %r8, 8(%rsp)
#second iteration
- mulx 16($inp), %rax, %rbx
+ .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x10,0x00,0x00,0x00 # mulx 16($inp), %rax, %rbx
adox %rax, %r10
adcx %rbx, %r11
- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r8
+ mulx 24($inp), $out, %r8
adox $out, %r11
+ .byte 0x66
adcx %r8, %r12
mulx 32($inp), %rax, %rbx
@@ -561,24 +567,25 @@ $code.=<<___;
.byte 0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r8
adox $out, %r15
adcx %rbp, %r8
+ mulx %rdx, %rax, $out
adox %rbp, %r8
+ .byte 0x48,0x8b,0x96,0x10,0x00,0x00,0x00 # mov 16($inp), %rdx
- mov %r11, %rbx
- shld \$1, %r10, %r11
- shld \$1, %rcx, %r10
-
- xor %ebp,%ebp
- mulx %rdx, %rax, %rcx
- mov 16($inp), %rdx
+ xor %rbx, %rbx
+ adox %r9, %r9
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rcx, %rax
+ adox %r10, %r10
adcx %rax, %r9
- adcx %rcx, %r10
- adcx %rbp, %r11
+ adox %rbp, %rbx
+ adcx $out, %r10
+ adcx %rbp, %rbx
mov %r9, 16(%rsp)
.byte 0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00 # mov %r10, 24(%rsp)
#third iteration
- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r9
+ mulx 24($inp), $out, %r9
adox $out, %r12
adcx %r9, %r13
@@ -586,7 +593,7 @@ $code.=<<___;
adox %rax, %r13
adcx %rcx, %r14
- mulx 40($inp), $out, %r9
+ .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r9
adox $out, %r14
adcx %r9, %r15
@@ -594,27 +601,28 @@ $code.=<<___;
adox %rax, %r15
adcx %rcx, %r8
- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r9
+ mulx 56($inp), $out, %r9
adox $out, %r8
adcx %rbp, %r9
+ mulx %rdx, %rax, $out
adox %rbp, %r9
+ mov 24($inp), %rdx
- mov %r13, %rcx
- shld \$1, %r12, %r13
- shld \$1, %rbx, %r12
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rcx, %rcx
+ adox %r11, %r11
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rbx, %rax
+ adox %r12, %r12
adcx %rax, %r11
- adcx %rdx, %r12
- mov 24($inp), %rdx
- adcx %rbp, %r13
+ adox %rbp, %rcx
+ adcx $out, %r12
+ adcx %rbp, %rcx
mov %r11, 32(%rsp)
- .byte 0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00 # mov %r12, 40(%rsp)
+ mov %r12, 40(%rsp)
#fourth iteration
- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00 # mulx 32($inp), %rax, %rbx
+ mulx 32($inp), %rax, %rbx
adox %rax, %r14
adcx %rbx, %r15
@@ -629,25 +637,25 @@ $code.=<<___;
mulx 56($inp), $out, %r10
adox $out, %r9
adcx %rbp, %r10
+ mulx %rdx, %rax, $out
adox %rbp, %r10
+ mov 32($inp), %rdx
- .byte 0x66
- mov %r15, %rbx
- shld \$1, %r14, %r15
- shld \$1, %rcx, %r14
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rbx, %rbx
+ adox %r13, %r13
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rcx, %rax
+ adox %r14, %r14
adcx %rax, %r13
- adcx %rdx, %r14
- mov 32($inp), %rdx
- adcx %rbp, %r15
+ adox %rbp, %rbx
+ adcx $out, %r14
+ adcx %rbp, %rbx
mov %r13, 48(%rsp)
mov %r14, 56(%rsp)
#fifth iteration
- .byte 0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r11
+ mulx 40($inp), $out, %r11
adox $out, %r8
adcx %r11, %r9
@@ -658,18 +666,19 @@ $code.=<<___;
mulx 56($inp), $out, %r11
adox $out, %r10
adcx %rbp, %r11
+ mulx %rdx, %rax, $out
+ mov 40($inp), %rdx
adox %rbp, %r11
- mov %r9, %rcx
- shld \$1, %r8, %r9
- shld \$1, %rbx, %r8
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rcx, %rcx
+ adox %r15, %r15
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rbx, %rax
+ adox %r8, %r8
adcx %rax, %r15
- adcx %rdx, %r8
- mov 40($inp), %rdx
- adcx %rbp, %r9
+ adox %rbp, %rcx
+ adcx $out, %r8
+ adcx %rbp, %rcx
mov %r15, 64(%rsp)
mov %r8, 72(%rsp)
@@ -682,18 +691,19 @@ $code.=<<___;
.byte 0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r12
adox $out, %r11
adcx %rbp, %r12
+ mulx %rdx, %rax, $out
adox %rbp, %r12
+ mov 48($inp), %rdx
- mov %r11, %rbx
- shld \$1, %r10, %r11
- shld \$1, %rcx, %r10
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rbx, %rbx
+ adox %r9, %r9
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rcx, %rax
+ adox %r10, %r10
adcx %rax, %r9
- adcx %rdx, %r10
- mov 48($inp), %rdx
- adcx %rbp, %r11
+ adcx $out, %r10
+ adox %rbp, %rbx
+ adcx %rbp, %rbx
mov %r9, 80(%rsp)
mov %r10, 88(%rsp)
@@ -703,31 +713,31 @@ $code.=<<___;
adox %rax, %r12
adox %rbp, %r13
- xor %r14, %r14
- shld \$1, %r13, %r14
- shld \$1, %r12, %r13
- shld \$1, %rbx, %r12
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r11
- adcx %rdx, %r12
+ mulx %rdx, %rax, $out
+ xor %rcx, %rcx
mov 56($inp), %rdx
- adcx %rbp, %r13
+ adox %r11, %r11
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rbx, %rax
+ adox %r12, %r12
+ adcx %rax, %r11
+ adox %rbp, %rcx
+ adcx $out, %r12
+ adcx %rbp, %rcx
.byte 0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00 # mov %r11, 96(%rsp)
.byte 0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00 # mov %r12, 104(%rsp)
#eighth iteration
mulx %rdx, %rax, %rdx
- adox %rax, %r13
- adox %rbp, %rdx
+ xor %rbx, %rbx
+ adox %r13, %r13
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rcx, %rax
+ adox %rbp, %rbx
+ adcx %r13, %rax
+ adcx %rdx, %rbx
- .byte 0x66
- add %rdx, %r14
-
- movq %r13, 112(%rsp)
- movq %r14, 120(%rsp)
movq %xmm0, $out
movq %xmm1, %rbp
@@ -741,6 +751,9 @@ $code.=<<___;
movq 48(%rsp), %r14
movq 56(%rsp), %r15
+ movq %rax, 112(%rsp)
+ movq %rbx, 120(%rsp)
+
call __rsaz_512_reducex
addq 64(%rsp), %r8
@@ -1606,6 +1619,7 @@ $code.=<<___;
.type __rsaz_512_reduce,\@abi-omnipotent
.align 32
__rsaz_512_reduce:
+.cfi_startproc
movq %r8, %rbx
imulq 128+8(%rsp), %rbx
movq 0(%rbp), %rax
@@ -1685,6 +1699,7 @@ __rsaz_512_reduce:
jne .Lreduction_loop
ret
+.cfi_endproc
.size __rsaz_512_reduce,.-__rsaz_512_reduce
___
}
@@ -1698,6 +1713,7 @@ $code.=<<___;
.type __rsaz_512_reducex,\@abi-omnipotent
.align 32
__rsaz_512_reducex:
+.cfi_startproc
#movq 128+8(%rsp), %rdx # pull $n0
imulq %r8, %rdx
xorq %rsi, %rsi # cf=0,of=0
@@ -1750,6 +1766,7 @@ __rsaz_512_reducex:
jne .Lreduction_loopx
ret
+.cfi_endproc
.size __rsaz_512_reducex,.-__rsaz_512_reducex
___
}
@@ -1761,6 +1778,7 @@ $code.=<<___;
.type __rsaz_512_subtract,\@abi-omnipotent
.align 32
__rsaz_512_subtract:
+.cfi_startproc
movq %r8, ($out)
movq %r9, 8($out)
movq %r10, 16($out)
@@ -1814,6 +1832,7 @@ __rsaz_512_subtract:
movq %r15, 56($out)
ret
+.cfi_endproc
.size __rsaz_512_subtract,.-__rsaz_512_subtract
___
}
@@ -1827,6 +1846,7 @@ $code.=<<___;
.type __rsaz_512_mul,\@abi-omnipotent
.align 32
__rsaz_512_mul:
+.cfi_startproc
leaq 8(%rsp), %rdi
movq ($ap), %rax
@@ -1965,6 +1985,7 @@ __rsaz_512_mul:
movq %r15, 56(%rdi)
ret
+.cfi_endproc
.size __rsaz_512_mul,.-__rsaz_512_mul
___
}
@@ -1979,6 +2000,7 @@ $code.=<<___;
.type __rsaz_512_mulx,\@abi-omnipotent
.align 32
__rsaz_512_mulx:
+.cfi_startproc
mulx ($ap), %rbx, %r8 # initial %rdx preloaded by caller
mov \$-6, %rcx
@@ -2095,6 +2117,7 @@ __rsaz_512_mulx:
mov %r15, 8+64+56(%rsp)
ret
+.cfi_endproc
.size __rsaz_512_mulx,.-__rsaz_512_mulx
___
}
@@ -2105,6 +2128,7 @@ $code.=<<___;
.type rsaz_512_scatter4,\@abi-omnipotent
.align 16
rsaz_512_scatter4:
+.cfi_startproc
leaq ($out,$power,8), $out
movl \$8, %r9d
jmp .Loop_scatter
@@ -2117,12 +2141,14 @@ rsaz_512_scatter4:
decl %r9d
jnz .Loop_scatter
ret
+.cfi_endproc
.size rsaz_512_scatter4,.-rsaz_512_scatter4
.globl rsaz_512_gather4
.type rsaz_512_gather4,\@abi-omnipotent
.align 16
rsaz_512_gather4:
+.cfi_startproc
___
$code.=<<___ if ($win64);
.LSEH_begin_rsaz_512_gather4:
@@ -2217,6 +2243,7 @@ ___
$code.=<<___;
ret
.LSEH_end_rsaz_512_gather4:
+.cfi_endproc
.size rsaz_512_gather4,.-rsaz_512_gather4
.align 64
@@ -2401,4 +2428,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/s390x-gf2m.pl b/crypto/bn/asm/s390x-gf2m.pl
index 06181bf9b95f..a7e4b8a97d30 100755
--- a/crypto/bn/asm/s390x-gf2m.pl
+++ b/crypto/bn/asm/s390x-gf2m.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -225,4 +225,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval($1)/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/s390x-mont.pl b/crypto/bn/asm/s390x-mont.pl
index c2fc5adffe0d..bc8c8951e060 100755
--- a/crypto/bn/asm/s390x-mont.pl
+++ b/crypto/bn/asm/s390x-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -145,7 +145,7 @@ $code.=<<___;
lghi $NHI,0
alcgr $NHI,$nhi
- la $j,8(%r0) # j=1
+ la $j,8 # j=1
lr $count,$num
.align 16
@@ -197,7 +197,7 @@ $code.=<<___;
lghi $NHI,0
alcgr $NHI,$nhi
- la $j,8(%r0) # j=1
+ la $j,8 # j=1
lr $count,$num
.align 16
@@ -241,7 +241,7 @@ $code.=<<___;
la $ap,$stdframe($sp)
ahi $num,1 # restore $num, incidentally clears "borrow"
- la $j,0(%r0)
+ la $j,0
lr $count,$num
.Lsub: lg $alo,0($j,$ap)
lg $nlo,0($j,$np)
@@ -255,7 +255,7 @@ $code.=<<___;
lghi $NHI,-1
xgr $NHI,$AHI
- la $j,0(%r0)
+ la $j,0
lgr $count,$num
.Lcopy: lg $ahi,$stdframe($j,$sp) # conditional copy
lg $alo,0($j,$rp)
@@ -281,4 +281,4 @@ foreach (split("\n",$code)) {
s/_dswap\s+(%r[0-9]+)/sprintf("rllg\t%s,%s,32",$1,$1) if($SIZE_T==4)/e;
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/s390x.S b/crypto/bn/asm/s390x.S
index 292a7a9998bd..b666c41a88a4 100755
--- a/crypto/bn/asm/s390x.S
+++ b/crypto/bn/asm/s390x.S
@@ -511,7 +511,7 @@ bn_mul_comba4:
lghi zero,0
mul_add_c(0,0,c1,c2,c3);
- stg c1,0*8(%r3)
+ stg c1,0*8(%r2)
lghi c1,0
mul_add_c(0,1,c2,c3,c1);
diff --git a/crypto/bn/asm/sparct4-mont.pl b/crypto/bn/asm/sparct4-mont.pl
index fcae9cfc5b44..62e297a01692 100755
--- a/crypto/bn/asm/sparct4-mont.pl
+++ b/crypto/bn/asm/sparct4-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1225,4 +1225,4 @@ ___
&emit_assembler();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/sparcv9-gf2m.pl b/crypto/bn/asm/sparcv9-gf2m.pl
index dcf11a87a18e..238a93dca56c 100755
--- a/crypto/bn/asm/sparcv9-gf2m.pl
+++ b/crypto/bn/asm/sparcv9-gf2m.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -197,4 +197,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval($1)/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/sparcv9-mont.pl b/crypto/bn/asm/sparcv9-mont.pl
index b41903af985f..d1a3c2bc4343 100755
--- a/crypto/bn/asm/sparcv9-mont.pl
+++ b/crypto/bn/asm/sparcv9-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -617,4 +617,4 @@ $code.=<<___;
___
$code =~ s/\`([^\`]*)\`/eval($1)/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/sparcv9a-mont.pl b/crypto/bn/asm/sparcv9a-mont.pl
index c8f759df9fbd..7a1fca1263a9 100755
--- a/crypto/bn/asm/sparcv9a-mont.pl
+++ b/crypto/bn/asm/sparcv9a-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -884,4 +884,4 @@ $code =~ s/fzeros\s+%f([0-9]+)/
print $code;
# flush
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/via-mont.pl b/crypto/bn/asm/via-mont.pl
index 9cf717e84102..9dbc8d458792 100755
--- a/crypto/bn/asm/via-mont.pl
+++ b/crypto/bn/asm/via-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -248,4 +248,4 @@ $sp=&DWP(28,"esp");
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/vis3-mont.pl b/crypto/bn/asm/vis3-mont.pl
index 04833a0c876d..d797af8745dc 100755
--- a/crypto/bn/asm/vis3-mont.pl
+++ b/crypto/bn/asm/vis3-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -381,4 +381,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/x86-gf2m.pl b/crypto/bn/asm/x86-gf2m.pl
index d03efcc75023..436d90b11ea4 100755
--- a/crypto/bn/asm/x86-gf2m.pl
+++ b/crypto/bn/asm/x86-gf2m.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -322,4 +322,4 @@ if ($sse2) {
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/x86-mont.pl b/crypto/bn/asm/x86-mont.pl
index 7ba2133ac9c3..2103f806b65a 100755
--- a/crypto/bn/asm/x86-mont.pl
+++ b/crypto/bn/asm/x86-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -628,4 +628,4 @@ $sbit=$num;
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/x86_64-gcc.c b/crypto/bn/asm/x86_64-gcc.c
index 31839ba060fa..e6fdaadf0e91 100644
--- a/crypto/bn/asm/x86_64-gcc.c
+++ b/crypto/bn/asm/x86_64-gcc.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "../bn_lcl.h"
+#include "../bn_local.h"
#if !(defined(__GNUC__) && __GNUC__>=2)
# include "../bn_asm.c" /* kind of dirty hack for Sun Studio */
#else
diff --git a/crypto/bn/asm/x86_64-gf2m.pl b/crypto/bn/asm/x86_64-gf2m.pl
index 0fd6e985d7b0..655f13c89ee8 100755
--- a/crypto/bn/asm/x86_64-gf2m.pl
+++ b/crypto/bn/asm/x86_64-gf2m.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -421,4 +421,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval($1)/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/x86_64-mont.pl b/crypto/bn/asm/x86_64-mont.pl
index c051135e30dd..e00cac448b89 100755
--- a/crypto/bn/asm/x86_64-mont.pl
+++ b/crypto/bn/asm/x86_64-mont.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -75,7 +75,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9])\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}
@@ -1589,4 +1589,4 @@ ___
}
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl
index f43e13d11643..887770b30db1 100755
--- a/crypto/bn/asm/x86_64-mont5.pl
+++ b/crypto/bn/asm/x86_64-mont5.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -60,7 +60,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9])\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}
@@ -580,6 +580,7 @@ $code.=<<___;
.type mul4x_internal,\@abi-omnipotent
.align 32
mul4x_internal:
+.cfi_startproc
shl \$5,$num # $num was in bytes
movd `($win64?56:8)`(%rax),%xmm5 # load 7th argument, index
lea .Linc(%rip),%rax
@@ -1074,6 +1075,7 @@ $code.=<<___
___
}
$code.=<<___;
+.cfi_endproc
.size mul4x_internal,.-mul4x_internal
___
}}}
@@ -1239,6 +1241,7 @@ $code.=<<___;
.align 32
bn_sqr8x_internal:
__bn_sqr8x_internal:
+.cfi_startproc
##############################################################
# Squaring part:
#
@@ -2030,6 +2033,7 @@ __bn_sqr8x_reduction:
cmp %rdx,$tptr # end of t[]?
jb .L8x_reduction_loop
ret
+.cfi_endproc
.size bn_sqr8x_internal,.-bn_sqr8x_internal
___
}
@@ -2042,6 +2046,7 @@ $code.=<<___;
.type __bn_post4x_internal,\@abi-omnipotent
.align 32
__bn_post4x_internal:
+.cfi_startproc
mov 8*0($nptr),%r12
lea (%rdi,$num),$tptr # %rdi was $tptr above
mov $num,%rcx
@@ -2092,6 +2097,7 @@ __bn_post4x_internal:
mov $num,%r10 # prepare for back-to-back call
neg $num # restore $num
ret
+.cfi_endproc
.size __bn_post4x_internal,.-__bn_post4x_internal
___
}
@@ -2101,10 +2107,12 @@ $code.=<<___;
.type bn_from_montgomery,\@abi-omnipotent
.align 32
bn_from_montgomery:
+.cfi_startproc
testl \$7,`($win64?"48(%rsp)":"%r9d")`
jz bn_from_mont8x
xor %eax,%eax
ret
+.cfi_endproc
.size bn_from_montgomery,.-bn_from_montgomery
.type bn_from_mont8x,\@function,6
@@ -2400,6 +2408,7 @@ bn_mulx4x_mont_gather5:
.type mulx4x_internal,\@abi-omnipotent
.align 32
mulx4x_internal:
+.cfi_startproc
mov $num,8(%rsp) # save -$num (it was in bytes)
mov $num,%r10
neg $num # restore $num
@@ -2750,6 +2759,7 @@ $code.=<<___;
mov 8*2(%rbp),%r14
mov 8*3(%rbp),%r15
jmp .Lsqrx4x_sub_entry # common post-condition
+.cfi_endproc
.size mulx4x_internal,.-mulx4x_internal
___
} {
@@ -3555,6 +3565,7 @@ my ($rptr,$nptr)=("%rdx","%rbp");
$code.=<<___;
.align 32
__bn_postx4x_internal:
+.cfi_startproc
mov 8*0($nptr),%r12
mov %rcx,%r10 # -$num
mov %rcx,%r9 # -$num
@@ -3602,6 +3613,7 @@ __bn_postx4x_internal:
neg %r9 # restore $num
ret
+.cfi_endproc
.size __bn_postx4x_internal,.-__bn_postx4x_internal
___
}
@@ -3618,6 +3630,7 @@ $code.=<<___;
.type bn_get_bits5,\@abi-omnipotent
.align 16
bn_get_bits5:
+.cfi_startproc
lea 0($inp),%r10
lea 1($inp),%r11
mov $num,%ecx
@@ -3631,12 +3644,14 @@ bn_get_bits5:
shrl %cl,%eax
and \$31,%eax
ret
+.cfi_endproc
.size bn_get_bits5,.-bn_get_bits5
.globl bn_scatter5
.type bn_scatter5,\@abi-omnipotent
.align 16
bn_scatter5:
+.cfi_startproc
cmp \$0, $num
jz .Lscatter_epilogue
lea ($tbl,$idx,8),$tbl
@@ -3649,6 +3664,7 @@ bn_scatter5:
jnz .Lscatter
.Lscatter_epilogue:
ret
+.cfi_endproc
.size bn_scatter5,.-bn_scatter5
.globl bn_gather5
@@ -3656,6 +3672,7 @@ bn_scatter5:
.align 32
bn_gather5:
.LSEH_begin_bn_gather5: # Win64 thing, but harmless in other cases
+.cfi_startproc
# I can't trust assembler to use specific encoding:-(
.byte 0x4c,0x8d,0x14,0x24 #lea (%rsp),%r10
.byte 0x48,0x81,0xec,0x08,0x01,0x00,0x00 #sub $0x108,%rsp
@@ -3740,6 +3757,7 @@ $code.=<<___;
lea (%r10),%rsp
ret
.LSEH_end_bn_gather5:
+.cfi_endproc
.size bn_gather5,.-bn_gather5
___
}
@@ -3942,4 +3960,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval($1)/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/bn/bn_add.c b/crypto/bn/bn_add.c
index f2736b8f6d41..8ffe49618a8b 100644
--- a/crypto/bn/bn_add.c
+++ b/crypto/bn/bn_add.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
/* signed add of b to a. */
int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
diff --git a/crypto/bn/bn_asm.c b/crypto/bn/bn_asm.c
index 729b2480acd1..4d83a8cf1115 100644
--- a/crypto/bn/bn_asm.c
+++ b/crypto/bn/bn_asm.c
@@ -10,7 +10,7 @@
#include <assert.h>
#include <openssl/crypto.h>
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
#if defined(BN_LLONG) || defined(BN_UMULT_HIGH)
diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c
index 450cdfb34866..76fc7ebcffc0 100644
--- a/crypto/bn/bn_blind.c
+++ b/crypto/bn/bn_blind.c
@@ -9,7 +9,7 @@
#include <openssl/opensslconf.h>
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
#define BN_BLINDING_COUNTER 32
diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c
index 90cecea2aa5d..042cb247d37f 100644
--- a/crypto/bn/bn_ctx.c
+++ b/crypto/bn/bn_ctx.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
/*-
* TODO list
diff --git a/crypto/bn/bn_depr.c b/crypto/bn/bn_depr.c
index 58bcf197a490..b60269cd57a6 100644
--- a/crypto/bn/bn_depr.c
+++ b/crypto/bn/bn_depr.c
@@ -20,7 +20,7 @@ NON_EMPTY_TRANSLATION_UNIT
# include <stdio.h>
# include <time.h>
# include "internal/cryptlib.h"
-# include "bn_lcl.h"
+# include "bn_local.h"
BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
const BIGNUM *add, const BIGNUM *rem,
diff --git a/crypto/bn/bn_dh.c b/crypto/bn/bn_dh.c
index 38acdee234d0..58c44f0b179e 100644
--- a/crypto/bn/bn_dh.c
+++ b/crypto/bn/bn_dh.c
@@ -7,12 +7,12 @@
* https://www.openssl.org/source/license.html
*/
-#include "bn_lcl.h"
+#include "bn_local.h"
#include "internal/nelem.h"
#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
-#include "internal/bn_dh.h"
+#include "crypto/bn_dh.h"
/* DH parameters from RFC5114 */
# if BN_BITS2 == 64
diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c
index 7fc0132830a1..286d69c895fd 100644
--- a/crypto/bn/bn_div.c
+++ b/crypto/bn/bn_div.c
@@ -10,7 +10,7 @@
#include <assert.h>
#include <openssl/bn.h>
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
/* The old slow way */
#if 0
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index 88f2baf0e553..9531acfc3c94 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -8,8 +8,8 @@
*/
#include "internal/cryptlib.h"
-#include "internal/constant_time_locl.h"
-#include "bn_lcl.h"
+#include "internal/constant_time.h"
+#include "bn_local.h"
#include <stdlib.h>
#ifdef _WIN32
diff --git a/crypto/bn/bn_exp2.c b/crypto/bn/bn_exp2.c
index 082c9286a0f4..e542abe46fa1 100644
--- a/crypto/bn/bn_exp2.c
+++ b/crypto/bn/bn_exp2.c
@@ -9,7 +9,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
#define TABLE_SIZE 32
diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c
index 0091ea4e08a6..ef81acb77ba6 100644
--- a/crypto/bn/bn_gcd.c
+++ b/crypto/bn/bn_gcd.c
@@ -8,113 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
-
-static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
-
-int BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
-{
- BIGNUM *a, *b, *t;
- int ret = 0;
-
- bn_check_top(in_a);
- bn_check_top(in_b);
-
- BN_CTX_start(ctx);
- a = BN_CTX_get(ctx);
- b = BN_CTX_get(ctx);
- if (b == NULL)
- goto err;
-
- if (BN_copy(a, in_a) == NULL)
- goto err;
- if (BN_copy(b, in_b) == NULL)
- goto err;
- a->neg = 0;
- b->neg = 0;
-
- if (BN_cmp(a, b) < 0) {
- t = a;
- a = b;
- b = t;
- }
- t = euclid(a, b);
- if (t == NULL)
- goto err;
-
- if (BN_copy(r, t) == NULL)
- goto err;
- ret = 1;
- err:
- BN_CTX_end(ctx);
- bn_check_top(r);
- return ret;
-}
-
-static BIGNUM *euclid(BIGNUM *a, BIGNUM *b)
-{
- BIGNUM *t;
- int shifts = 0;
-
- bn_check_top(a);
- bn_check_top(b);
-
- /* 0 <= b <= a */
- while (!BN_is_zero(b)) {
- /* 0 < b <= a */
-
- if (BN_is_odd(a)) {
- if (BN_is_odd(b)) {
- if (!BN_sub(a, a, b))
- goto err;
- if (!BN_rshift1(a, a))
- goto err;
- if (BN_cmp(a, b) < 0) {
- t = a;
- a = b;
- b = t;
- }
- } else { /* a odd - b even */
-
- if (!BN_rshift1(b, b))
- goto err;
- if (BN_cmp(a, b) < 0) {
- t = a;
- a = b;
- b = t;
- }
- }
- } else { /* a is even */
-
- if (BN_is_odd(b)) {
- if (!BN_rshift1(a, a))
- goto err;
- if (BN_cmp(a, b) < 0) {
- t = a;
- a = b;
- b = t;
- }
- } else { /* a even - b even */
-
- if (!BN_rshift1(a, a))
- goto err;
- if (!BN_rshift1(b, b))
- goto err;
- shifts++;
- }
- }
- /* 0 <= b <= a */
- }
-
- if (shifts) {
- if (!BN_lshift(a, a, shifts))
- goto err;
- }
- bn_check_top(a);
- return a;
- err:
- return NULL;
-}
+#include "bn_local.h"
/* solves ax == 1 (mod n) */
static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
@@ -621,3 +515,115 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
bn_check_top(ret);
return ret;
}
+
+/*-
+ * This function is based on the constant-time GCD work by Bernstein and Yang:
+ * https://eprint.iacr.org/2019/266
+ * Generalized fast GCD function to allow even inputs.
+ * The algorithm first finds the shared powers of 2 between
+ * the inputs, and removes them, reducing at least one of the
+ * inputs to an odd value. Then it proceeds to calculate the GCD.
+ * Before returning the resulting GCD, we take care of adding
+ * back the powers of two removed at the beginning.
+ * Note 1: we assume the bit length of both inputs is public information,
+ * since access to top potentially leaks this information.
+ */
+int BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
+{
+ BIGNUM *g, *temp = NULL;
+ BN_ULONG mask = 0;
+ int i, j, top, rlen, glen, m, bit = 1, delta = 1, cond = 0, shifts = 0, ret = 0;
+
+ /* Note 2: zero input corner cases are not constant-time since they are
+ * handled immediately. An attacker can run an attack under this
+ * assumption without the need of side-channel information. */
+ if (BN_is_zero(in_b)) {
+ ret = BN_copy(r, in_a) != NULL;
+ r->neg = 0;
+ return ret;
+ }
+ if (BN_is_zero(in_a)) {
+ ret = BN_copy(r, in_b) != NULL;
+ r->neg = 0;
+ return ret;
+ }
+
+ bn_check_top(in_a);
+ bn_check_top(in_b);
+
+ BN_CTX_start(ctx);
+ temp = BN_CTX_get(ctx);
+ g = BN_CTX_get(ctx);
+
+ /* make r != 0, g != 0 even, so BN_rshift is not a potential nop */
+ if (g == NULL
+ || !BN_lshift1(g, in_b)
+ || !BN_lshift1(r, in_a))
+ goto err;
+
+ /* find shared powers of two, i.e. "shifts" >= 1 */
+ for (i = 0; i < r->dmax && i < g->dmax; i++) {
+ mask = ~(r->d[i] | g->d[i]);
+ for (j = 0; j < BN_BITS2; j++) {
+ bit &= mask;
+ shifts += bit;
+ mask >>= 1;
+ }
+ }
+
+ /* subtract shared powers of two; shifts >= 1 */
+ if (!BN_rshift(r, r, shifts)
+ || !BN_rshift(g, g, shifts))
+ goto err;
+
+ /* expand to biggest nword, with room for a possible extra word */
+ top = 1 + ((r->top >= g->top) ? r->top : g->top);
+ if (bn_wexpand(r, top) == NULL
+ || bn_wexpand(g, top) == NULL
+ || bn_wexpand(temp, top) == NULL)
+ goto err;
+
+ /* re arrange inputs s.t. r is odd */
+ BN_consttime_swap((~r->d[0]) & 1, r, g, top);
+
+ /* compute the number of iterations */
+ rlen = BN_num_bits(r);
+ glen = BN_num_bits(g);
+ m = 4 + 3 * ((rlen >= glen) ? rlen : glen);
+
+ for (i = 0; i < m; i++) {
+ /* conditionally flip signs if delta is positive and g is odd */
+ cond = (-delta >> (8 * sizeof(delta) - 1)) & g->d[0] & 1
+ /* make sure g->top > 0 (i.e. if top == 0 then g == 0 always) */
+ & (~((g->top - 1) >> (sizeof(g->top) * 8 - 1)));
+ delta = (-cond & -delta) | ((cond - 1) & delta);
+ r->neg ^= cond;
+ /* swap */
+ BN_consttime_swap(cond, r, g, top);
+
+ /* elimination step */
+ delta++;
+ if (!BN_add(temp, g, r))
+ goto err;
+ BN_consttime_swap(g->d[0] & 1 /* g is odd */
+ /* make sure g->top > 0 (i.e. if top == 0 then g == 0 always) */
+ & (~((g->top - 1) >> (sizeof(g->top) * 8 - 1))),
+ g, temp, top);
+ if (!BN_rshift1(g, g))
+ goto err;
+ }
+
+ /* remove possible negative sign */
+ r->neg = 0;
+ /* add powers of 2 removed, then correct the artificial shift */
+ if (!BN_lshift(r, r, shifts)
+ || !BN_rshift1(r, r))
+ goto err;
+
+ ret = 1;
+
+ err:
+ BN_CTX_end(ctx);
+ bn_check_top(r);
+ return ret;
+}
diff --git a/crypto/bn/bn_gf2m.c b/crypto/bn/bn_gf2m.c
index 34d8b69c1ec9..a2ea86755182 100644
--- a/crypto/bn/bn_gf2m.c
+++ b/crypto/bn/bn_gf2m.c
@@ -12,7 +12,7 @@
#include <limits.h>
#include <stdio.h>
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
#ifndef OPENSSL_NO_EC2M
diff --git a/crypto/bn/bn_intern.c b/crypto/bn/bn_intern.c
index 46bc97575dfe..147b4fa022cf 100644
--- a/crypto/bn/bn_intern.c
+++ b/crypto/bn/bn_intern.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
/*
* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
diff --git a/crypto/bn/bn_kron.c b/crypto/bn/bn_kron.c
index b9bc6cca27fe..c1e09d272120 100644
--- a/crypto/bn/bn_kron.c
+++ b/crypto/bn/bn_kron.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
/* least significant word */
#define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0])
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 254069ff3819..86d4956c8a8c 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -10,9 +10,9 @@
#include <assert.h>
#include <limits.h>
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
#include <openssl/opensslconf.h>
-#include "internal/constant_time_locl.h"
+#include "internal/constant_time.h"
/* This stuff appears to be completely unused, so is deprecated */
#if OPENSSL_API_COMPAT < 0x00908000L
diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_local.h
index 7f823a6178a5..37228104c640 100644
--- a/crypto/bn/bn_lcl.h
+++ b/crypto/bn/bn_local.h
@@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef HEADER_BN_LCL_H
-# define HEADER_BN_LCL_H
+#ifndef OSSL_CRYPTO_BN_LOCAL_H
+# define OSSL_CRYPTO_BN_LOCAL_H
/*
* The EDK2 build doesn't use bn_conf.h; it sets THIRTY_TWO_BIT or
@@ -18,10 +18,10 @@
# include <openssl/opensslconf.h>
# if !defined(OPENSSL_SYS_UEFI)
-# include "internal/bn_conf.h"
+# include "crypto/bn_conf.h"
# endif
-# include "internal/bn_int.h"
+# include "crypto/bn.h"
/*
* These preprocessor symbols control various aspects of the bignum headers
diff --git a/crypto/bn/bn_mod.c b/crypto/bn/bn_mod.c
index 712fc8ac145b..f7d2e2650ed8 100644
--- a/crypto/bn/bn_mod.c
+++ b/crypto/bn/bn_mod.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
{
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 393d27c392c7..1e5045a010bb 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -15,7 +15,7 @@
*/
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
#define MONT_WORD /* use the faster word-based algorithm */
diff --git a/crypto/bn/bn_mpi.c b/crypto/bn/bn_mpi.c
index 043e21d26a38..bdbe822415c7 100644
--- a/crypto/bn/bn_mpi.c
+++ b/crypto/bn/bn_mpi.c
@@ -9,7 +9,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
{
diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
index 5eda65cfbb04..6743e7be8166 100644
--- a/crypto/bn/bn_mul.c
+++ b/crypto/bn/bn_mul.c
@@ -9,7 +9,7 @@
#include <assert.h>
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
#if defined(OPENSSL_NO_ASM) || !defined(OPENSSL_BN_ASM_PART_WORDS)
/*
diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c
index dcdd321c6688..325dc228490a 100644
--- a/crypto/bn/bn_nist.c
+++ b/crypto/bn/bn_nist.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "bn_lcl.h"
+#include "bn_local.h"
#include "internal/cryptlib.h"
#define BN_NIST_192_TOP (192+BN_BITS2-1)/BN_BITS2
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
index 19b081f38eb7..6d74da26d3c7 100644
--- a/crypto/bn/bn_prime.c
+++ b/crypto/bn/bn_prime.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include <time.h>
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
/*
* The quick sieve algorithm approach to weeding out primes is Philip
diff --git a/crypto/bn/bn_prime.h b/crypto/bn/bn_prime.h
index 2eb7b52f76f9..ba48244534b0 100644
--- a/crypto/bn/bn_prime.h
+++ b/crypto/bn/bn_prime.h
@@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by crypto/bn/bn_prime.pl
*
- * Copyright 1998-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c
index 1853269d903d..69749a9fa7dc 100644
--- a/crypto/bn/bn_print.c
+++ b/crypto/bn/bn_print.c
@@ -8,11 +8,11 @@
*/
#include <stdio.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include <limits.h>
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
static const char Hex[] = "0123456789ABCDEF";
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index 051f29e34305..6b4b50a068f1 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include <time.h>
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
#include <openssl/rand.h>
#include <openssl/sha.h>
diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c
index 9ab767f42fe9..e82231334123 100644
--- a/crypto/bn/bn_recp.c
+++ b/crypto/bn/bn_recp.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
void BN_RECP_CTX_init(BN_RECP_CTX *recp)
{
diff --git a/crypto/bn/bn_shift.c b/crypto/bn/bn_shift.c
index b7a1e0ff9ae3..210a83f586d2 100644
--- a/crypto/bn/bn_shift.c
+++ b/crypto/bn/bn_shift.c
@@ -9,7 +9,7 @@
#include <assert.h>
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
int BN_lshift1(BIGNUM *r, const BIGNUM *a)
{
@@ -34,12 +34,10 @@ int BN_lshift1(BIGNUM *r, const BIGNUM *a)
for (i = 0; i < a->top; i++) {
t = *(ap++);
*(rp++) = ((t << 1) | c) & BN_MASK2;
- c = (t & BN_TBIT) ? 1 : 0;
- }
- if (c) {
- *rp = 1;
- r->top++;
+ c = t >> (BN_BITS2 - 1);
}
+ *rp = c;
+ r->top += c;
bn_check_top(r);
return 1;
}
@@ -47,7 +45,7 @@ int BN_lshift1(BIGNUM *r, const BIGNUM *a)
int BN_rshift1(BIGNUM *r, const BIGNUM *a)
{
BN_ULONG *ap, *rp, t, c;
- int i, j;
+ int i;
bn_check_top(r);
bn_check_top(a);
@@ -58,23 +56,22 @@ int BN_rshift1(BIGNUM *r, const BIGNUM *a)
}
i = a->top;
ap = a->d;
- j = i - (ap[i - 1] == 1);
if (a != r) {
- if (bn_wexpand(r, j) == NULL)
+ if (bn_wexpand(r, i) == NULL)
return 0;
r->neg = a->neg;
}
rp = r->d;
+ r->top = i;
t = ap[--i];
- c = (t & 1) ? BN_TBIT : 0;
- if (t >>= 1)
- rp[i] = t;
+ rp[i] = t >> 1;
+ c = t << (BN_BITS2 - 1);
+ r->top -= (t == 1);
while (i > 0) {
t = ap[--i];
rp[i] = ((t >> 1) & BN_MASK2) | c;
- c = (t & 1) ? BN_TBIT : 0;
+ c = t << (BN_BITS2 - 1);
}
- r->top = j;
if (!r->top)
r->neg = 0; /* don't allow negative zero */
bn_check_top(r);
@@ -152,57 +149,19 @@ int bn_lshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n)
int BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
{
- int i, j, nw, lb, rb;
- BN_ULONG *t, *f;
- BN_ULONG l, tmp;
-
- bn_check_top(r);
- bn_check_top(a);
+ int ret = 0;
if (n < 0) {
BNerr(BN_F_BN_RSHIFT, BN_R_INVALID_SHIFT);
return 0;
}
- nw = n / BN_BITS2;
- rb = n % BN_BITS2;
- lb = BN_BITS2 - rb;
- if (nw >= a->top || a->top == 0) {
- BN_zero(r);
- return 1;
- }
- i = (BN_num_bits(a) - n + (BN_BITS2 - 1)) / BN_BITS2;
- if (r != a) {
- if (bn_wexpand(r, i) == NULL)
- return 0;
- r->neg = a->neg;
- } else {
- if (n == 0)
- return 1; /* or the copying loop will go berserk */
- }
-
- f = &(a->d[nw]);
- t = r->d;
- j = a->top - nw;
- r->top = i;
+ ret = bn_rshift_fixed_top(r, a, n);
- if (rb == 0) {
- for (i = j; i != 0; i--)
- *(t++) = *(f++);
- } else {
- l = *(f++);
- for (i = j - 1; i != 0; i--) {
- tmp = (l >> rb) & BN_MASK2;
- l = *(f++);
- *(t++) = (tmp | (l << lb)) & BN_MASK2;
- }
- if ((l = (l >> rb) & BN_MASK2))
- *(t) = l;
- }
- if (!r->top)
- r->neg = 0; /* don't allow negative zero */
+ bn_correct_top(r);
bn_check_top(r);
- return 1;
+
+ return ret;
}
/*
diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c
index 0c0a590f0c6a..7f3a179177b6 100644
--- a/crypto/bn/bn_sqr.c
+++ b/crypto/bn/bn_sqr.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
/* r must not be a */
/*
diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c
index c3e66b033bde..1723d5ded5a8 100644
--- a/crypto/bn/bn_sqrt.c
+++ b/crypto/bn/bn_sqrt.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
/*
diff --git a/crypto/bn/bn_srp.c b/crypto/bn/bn_srp.c
index 27b6ebe518ea..820757be60e3 100644
--- a/crypto/bn/bn_srp.c
+++ b/crypto/bn/bn_srp.c
@@ -7,13 +7,13 @@
* https://www.openssl.org/source/license.html
*/
-#include "bn_lcl.h"
+#include "bn_local.h"
#include "internal/nelem.h"
#ifndef OPENSSL_NO_SRP
#include <openssl/srp.h>
-#include "internal/bn_srp.h"
+#include "crypto/bn_srp.h"
# if (BN_BYTES == 8)
# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
diff --git a/crypto/bn/bn_word.c b/crypto/bn/bn_word.c
index 262d7668fcd4..18fb3030a8f4 100644
--- a/crypto/bn/bn_word.c
+++ b/crypto/bn/bn_word.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "bn_lcl.h"
+#include "bn_local.h"
BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
{
diff --git a/crypto/bn/bn_x931p.c b/crypto/bn/bn_x931p.c
index 9eb8384fdeb2..009950259d41 100644
--- a/crypto/bn/bn_x931p.c
+++ b/crypto/bn/bn_x931p.c
@@ -9,7 +9,7 @@
#include <stdio.h>
#include <openssl/bn.h>
-#include "bn_lcl.h"
+#include "bn_local.h"
/* X9.31 routines for prime derivation */
diff --git a/crypto/bn/build.info b/crypto/bn/build.info
index a463eddabbbb..b9ed5322fa68 100644
--- a/crypto/bn/build.info
+++ b/crypto/bn/build.info
@@ -6,7 +6,6 @@ SOURCE[../../libcrypto]=\
{- $target{bn_asm_src} -} \
bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
bn_depr.c bn_const.c bn_x931p.c bn_intern.c bn_dh.c bn_srp.c
-INCLUDE[../../libcrypto]=../../crypto/include
INCLUDE[bn_exp.o]=..
diff --git a/crypto/bn/rsaz_exp.h b/crypto/bn/rsaz_exp.h
index c5864f8aaa8c..88f65a4bae46 100644
--- a/crypto/bn/rsaz_exp.h
+++ b/crypto/bn/rsaz_exp.h
@@ -12,8 +12,8 @@
* (2) University of Haifa, Israel
*/
-#ifndef RSAZ_EXP_H
-# define RSAZ_EXP_H
+#ifndef OSSL_CRYPTO_BN_RSAZ_EXP_H
+# define OSSL_CRYPTO_BN_RSAZ_EXP_H
# undef RSAZ_ENABLED
# if defined(OPENSSL_BN_ASM_MONT) && \
diff --git a/crypto/c64xpluscpuid.pl b/crypto/c64xpluscpuid.pl
index b7b11d50316b..9aeee574ebf8 100755
--- a/crypto/c64xpluscpuid.pl
+++ b/crypto/c64xpluscpuid.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -284,4 +284,4 @@ bus_loop2_done?:
___
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/camellia/asm/cmll-x86.pl b/crypto/camellia/asm/cmll-x86.pl
index 55af9b4e3d01..cd514acfae4a 100755
--- a/crypto/camellia/asm/cmll-x86.pl
+++ b/crypto/camellia/asm/cmll-x86.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1147,4 +1147,4 @@ my ($s0,$s1,$s2,$s3) = @T;
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/camellia/asm/cmll-x86_64.pl b/crypto/camellia/asm/cmll-x86_64.pl
index 02c52c3efe47..59e1840160ff 100755
--- a/crypto/camellia/asm/cmll-x86_64.pl
+++ b/crypto/camellia/asm/cmll-x86_64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -125,11 +125,13 @@ $code=<<___;
.type Camellia_EncryptBlock,\@abi-omnipotent
.align 16
Camellia_EncryptBlock:
+.cfi_startproc
movl \$128,%eax
subl $arg0d,%eax
movl \$3,$arg0d
adcl \$0,$arg0d # keyBitLength==128?3:4
jmp .Lenc_rounds
+.cfi_endproc
.size Camellia_EncryptBlock,.-Camellia_EncryptBlock
# V2
.globl Camellia_EncryptBlock_Rounds
@@ -198,6 +200,7 @@ Camellia_EncryptBlock_Rounds:
.type _x86_64_Camellia_encrypt,\@abi-omnipotent
.align 16
_x86_64_Camellia_encrypt:
+.cfi_startproc
xor 0($key),@S[1]
xor 4($key),@S[0] # ^=key[0-3]
xor 8($key),@S[3]
@@ -241,6 +244,7 @@ $code.=<<___;
mov $t3,@S[3]
.byte 0xf3,0xc3 # rep ret
+.cfi_endproc
.size _x86_64_Camellia_encrypt,.-_x86_64_Camellia_encrypt
# V1.x API
@@ -248,11 +252,13 @@ $code.=<<___;
.type Camellia_DecryptBlock,\@abi-omnipotent
.align 16
Camellia_DecryptBlock:
+.cfi_startproc
movl \$128,%eax
subl $arg0d,%eax
movl \$3,$arg0d
adcl \$0,$arg0d # keyBitLength==128?3:4
jmp .Ldec_rounds
+.cfi_endproc
.size Camellia_DecryptBlock,.-Camellia_DecryptBlock
# V2
.globl Camellia_DecryptBlock_Rounds
@@ -321,6 +327,7 @@ Camellia_DecryptBlock_Rounds:
.type _x86_64_Camellia_decrypt,\@abi-omnipotent
.align 16
_x86_64_Camellia_decrypt:
+.cfi_startproc
xor 0($key),@S[1]
xor 4($key),@S[0] # ^=key[0-3]
xor 8($key),@S[3]
@@ -365,6 +372,7 @@ $code.=<<___;
mov $t1,@S[3]
.byte 0xf3,0xc3 # rep ret
+.cfi_endproc
.size _x86_64_Camellia_decrypt,.-_x86_64_Camellia_decrypt
___
@@ -1142,4 +1150,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/camellia/asm/cmllt4-sparcv9.pl b/crypto/camellia/asm/cmllt4-sparcv9.pl
index 6396679a5af4..71a40f6af90c 100755
--- a/crypto/camellia/asm/cmllt4-sparcv9.pl
+++ b/crypto/camellia/asm/cmllt4-sparcv9.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -936,4 +936,4 @@ ___
&emit_assembler();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/camellia/camellia.c b/crypto/camellia/camellia.c
index c200b823041b..f623864bc413 100644
--- a/crypto/camellia/camellia.c
+++ b/crypto/camellia/camellia.c
@@ -40,7 +40,7 @@
*/
#include <openssl/camellia.h>
-#include "cmll_locl.h"
+#include "cmll_local.h"
#include <string.h>
#include <stdlib.h>
diff --git a/crypto/camellia/cmll_ecb.c b/crypto/camellia/cmll_ecb.c
index d932f1b37517..5760d1ed35fc 100644
--- a/crypto/camellia/cmll_ecb.c
+++ b/crypto/camellia/cmll_ecb.c
@@ -8,7 +8,7 @@
*/
#include <openssl/camellia.h>
-#include "cmll_locl.h"
+#include "cmll_local.h"
void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
const CAMELLIA_KEY *key, const int enc)
diff --git a/crypto/camellia/cmll_locl.h b/crypto/camellia/cmll_local.h
index 6403b390d82d..d16baa55facc 100644
--- a/crypto/camellia/cmll_locl.h
+++ b/crypto/camellia/cmll_local.h
@@ -22,8 +22,8 @@
* to the OpenSSL project.
*/
-#ifndef HEADER_CAMELLIA_LOCL_H
-# define HEADER_CAMELLIA_LOCL_H
+#ifndef OSSL_CRYPTO_CAMELLIA_CMLL_LOCAL_H
+# define OSSL_CRYPTO_CAMELLIA_CMLL_LOCAL_H
typedef unsigned int u32;
typedef unsigned char u8;
@@ -40,4 +40,4 @@ void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[],
const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
-#endif /* #ifndef HEADER_CAMELLIA_LOCL_H */
+#endif /* #ifndef OSSL_CRYPTO_CAMELLIA_CMLL_LOCAL_H */
diff --git a/crypto/camellia/cmll_misc.c b/crypto/camellia/cmll_misc.c
index e5f014b79cbc..d8fc3738c404 100644
--- a/crypto/camellia/cmll_misc.c
+++ b/crypto/camellia/cmll_misc.c
@@ -9,7 +9,7 @@
#include <openssl/opensslv.h>
#include <openssl/camellia.h>
-#include "cmll_locl.h"
+#include "cmll_local.h"
int Camellia_set_key(const unsigned char *userKey, const int bits,
CAMELLIA_KEY *key)
diff --git a/crypto/cast/asm/cast-586.pl b/crypto/cast/asm/cast-586.pl
index d5d38965cf76..04710819380a 100644
--- a/crypto/cast/asm/cast-586.pl
+++ b/crypto/cast/asm/cast-586.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -46,7 +46,7 @@ $S4="CAST_S_table3";
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
sub CAST_encrypt {
local($name,$enc)=@_;
diff --git a/crypto/cast/c_cfb64.c b/crypto/cast/c_cfb64.c
index bd7cb2f46843..72221595382b 100644
--- a/crypto/cast/c_cfb64.c
+++ b/crypto/cast/c_cfb64.c
@@ -8,7 +8,7 @@
*/
#include <openssl/cast.h>
-#include "cast_lcl.h"
+#include "cast_local.h"
/*
* The input and output encrypted as though 64bit cfb mode is being used.
diff --git a/crypto/cast/c_ecb.c b/crypto/cast/c_ecb.c
index da4179438f1d..6fe093f75b1b 100644
--- a/crypto/cast/c_ecb.c
+++ b/crypto/cast/c_ecb.c
@@ -8,7 +8,7 @@
*/
#include <openssl/cast.h>
-#include "cast_lcl.h"
+#include "cast_local.h"
#include <openssl/opensslv.h>
void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
diff --git a/crypto/cast/c_enc.c b/crypto/cast/c_enc.c
index 700b6d162a9f..d27d1fc0a54f 100644
--- a/crypto/cast/c_enc.c
+++ b/crypto/cast/c_enc.c
@@ -8,7 +8,7 @@
*/
#include <openssl/cast.h>
-#include "cast_lcl.h"
+#include "cast_local.h"
void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key)
{
diff --git a/crypto/cast/c_ofb64.c b/crypto/cast/c_ofb64.c
index dffb074762c2..49c0cfade577 100644
--- a/crypto/cast/c_ofb64.c
+++ b/crypto/cast/c_ofb64.c
@@ -8,7 +8,7 @@
*/
#include <openssl/cast.h>
-#include "cast_lcl.h"
+#include "cast_local.h"
/*
* The input and output encrypted as though 64bit ofb mode is being used.
diff --git a/crypto/cast/c_skey.c b/crypto/cast/c_skey.c
index 962d2a60b4c5..0311482d20dd 100644
--- a/crypto/cast/c_skey.c
+++ b/crypto/cast/c_skey.c
@@ -8,7 +8,7 @@
*/
#include <openssl/cast.h>
-#include "cast_lcl.h"
+#include "cast_local.h"
#include "cast_s.h"
#define CAST_exp(l,A,a,n) \
diff --git a/crypto/cast/cast_lcl.h b/crypto/cast/cast_local.h
index 35e89930a8c0..35e89930a8c0 100644
--- a/crypto/cast/cast_lcl.h
+++ b/crypto/cast/cast_local.h
diff --git a/crypto/chacha/asm/chacha-armv4.pl b/crypto/chacha/asm/chacha-armv4.pl
index d3fadcc63d33..81c616add313 100755
--- a/crypto/chacha/asm/chacha-armv4.pl
+++ b/crypto/chacha/asm/chacha-armv4.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1157,4 +1157,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/chacha/asm/chacha-armv8.pl b/crypto/chacha/asm/chacha-armv8.pl
index e90be6d0e5bd..22655747295e 100755
--- a/crypto/chacha/asm/chacha-armv8.pl
+++ b/crypto/chacha/asm/chacha-armv8.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1141,4 +1141,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT; # flush
+close STDOUT or die "error closing STDOUT: $!"; # flush
diff --git a/crypto/chacha/asm/chacha-c64xplus.pl b/crypto/chacha/asm/chacha-c64xplus.pl
index 266401eb1644..4bd18a4f8f95 100755
--- a/crypto/chacha/asm/chacha-c64xplus.pl
+++ b/crypto/chacha/asm/chacha-c64xplus.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -923,4 +923,4 @@ $code.=<<___;
___
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/chacha/asm/chacha-ppc.pl b/crypto/chacha/asm/chacha-ppc.pl
index f4f8610bf3bf..3073deac17ee 100755
--- a/crypto/chacha/asm/chacha-ppc.pl
+++ b/crypto/chacha/asm/chacha-ppc.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1345,4 +1345,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/chacha/asm/chacha-s390x.pl b/crypto/chacha/asm/chacha-s390x.pl
index c31526473dba..dd66a9c60309 100755
--- a/crypto/chacha/asm/chacha-s390x.pl
+++ b/crypto/chacha/asm/chacha-s390x.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -323,4 +323,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/chacha/asm/chacha-x86.pl b/crypto/chacha/asm/chacha-x86.pl
index 13c217dcf1f2..a1f5694b691e 100755
--- a/crypto/chacha/asm/chacha-x86.pl
+++ b/crypto/chacha/asm/chacha-x86.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -62,7 +62,7 @@ $ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32" &&
$1>=10); # first version supporting AVX
$ymm=1 if ($xmm && !$ymm &&
- `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9]\.[0-9]+)/ &&
+ `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+\.[0-9]+)/ &&
$2>=3.0); # first version supporting AVX
$a="eax";
@@ -1152,4 +1152,4 @@ sub XOPROUND {
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/chacha/asm/chacha-x86_64.pl b/crypto/chacha/asm/chacha-x86_64.pl
index b54f3b1525bc..647d2537ceae 100755
--- a/crypto/chacha/asm/chacha-x86_64.pl
+++ b/crypto/chacha/asm/chacha-x86_64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -85,7 +85,7 @@ if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$avx = ($1>=10) + ($1>=11);
}
-if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9]\.[0-9]+)/) {
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+\.[0-9]+)/) {
$avx = ($2>=3.0) + ($2>3.0);
}
@@ -4002,4 +4002,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/chacha/chacha_enc.c b/crypto/chacha/chacha_enc.c
index 239f68ab825e..18251eac08de 100644
--- a/crypto/chacha/chacha_enc.c
+++ b/crypto/chacha/chacha_enc.c
@@ -11,7 +11,8 @@
#include <string.h>
-#include "internal/chacha.h"
+#include "crypto/chacha.h"
+#include "crypto/ctype.h"
typedef unsigned int u32;
typedef unsigned char u8;
@@ -78,10 +79,18 @@ void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
size_t todo, i;
/* sigma constant "expand 32-byte k" in little-endian encoding */
- input[0] = ((u32)'e') | ((u32)'x'<<8) | ((u32)'p'<<16) | ((u32)'a'<<24);
- input[1] = ((u32)'n') | ((u32)'d'<<8) | ((u32)' '<<16) | ((u32)'3'<<24);
- input[2] = ((u32)'2') | ((u32)'-'<<8) | ((u32)'b'<<16) | ((u32)'y'<<24);
- input[3] = ((u32)'t') | ((u32)'e'<<8) | ((u32)' '<<16) | ((u32)'k'<<24);
+ input[0] = ((u32)ossl_toascii('e')) | ((u32)ossl_toascii('x') << 8)
+ | ((u32)ossl_toascii('p') << 16)
+ | ((u32)ossl_toascii('a') << 24);
+ input[1] = ((u32)ossl_toascii('n')) | ((u32)ossl_toascii('d') << 8)
+ | ((u32)ossl_toascii(' ') << 16)
+ | ((u32)ossl_toascii('3') << 24);
+ input[2] = ((u32)ossl_toascii('2')) | ((u32)ossl_toascii('-') << 8)
+ | ((u32)ossl_toascii('b') << 16)
+ | ((u32)ossl_toascii('y') << 24);
+ input[3] = ((u32)ossl_toascii('t')) | ((u32)ossl_toascii('e') << 8)
+ | ((u32)ossl_toascii(' ') << 16)
+ | ((u32)ossl_toascii('k') << 24);
input[4] = key[0];
input[5] = key[1];
diff --git a/crypto/cmac/cm_ameth.c b/crypto/cmac/cm_ameth.c
index a58454a089c6..82adf18c8019 100644
--- a/crypto/cmac/cm_ameth.c
+++ b/crypto/cmac/cm_ameth.c
@@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include <openssl/evp.h>
#include <openssl/cmac.h>
-#include "internal/asn1_int.h"
+#include "crypto/asn1.h"
/*
* CMAC "ASN1" method. This is just here to indicate the maximum CMAC output
diff --git a/crypto/cmac/cm_pmeth.c b/crypto/cmac/cm_pmeth.c
index 10748f148859..5574f25be868 100644
--- a/crypto/cmac/cm_pmeth.c
+++ b/crypto/cmac/cm_pmeth.c
@@ -13,7 +13,7 @@
#include <openssl/x509v3.h>
#include <openssl/evp.h>
#include <openssl/cmac.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
/* The context structure and "key" is simply a CMAC_CTX */
diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c
index 993ea6b219ab..08069d72a29e 100644
--- a/crypto/cms/cms_asn1.c
+++ b/crypto/cms/cms_asn1.c
@@ -11,7 +11,7 @@
#include <openssl/pem.h>
#include <openssl/x509v3.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
ASN1_SEQUENCE(CMS_IssuerAndSerialNumber) = {
diff --git a/crypto/cms/cms_att.c b/crypto/cms/cms_att.c
index 0566019753bd..4f716619193a 100644
--- a/crypto/cms/cms_att.c
+++ b/crypto/cms/cms_att.c
@@ -12,7 +12,7 @@
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
#include "internal/nelem.h"
/*-
diff --git a/crypto/cms/cms_cd.c b/crypto/cms/cms_cd.c
index f05e308418f8..45365b8ba247 100644
--- a/crypto/cms/cms_cd.c
+++ b/crypto/cms/cms_cd.c
@@ -15,7 +15,7 @@
#include <openssl/cms.h>
#include <openssl/bio.h>
#include <openssl/comp.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
#ifdef ZLIB
diff --git a/crypto/cms/cms_dd.c b/crypto/cms/cms_dd.c
index 5da6802fcd5e..0df2e698c237 100644
--- a/crypto/cms/cms_dd.c
+++ b/crypto/cms/cms_dd.c
@@ -13,7 +13,7 @@
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
/* CMS DigestedData Utilities */
diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
index a1719830e8d4..fc490303d4c6 100644
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -14,7 +14,7 @@
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/rand.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
/* CMS EncryptedData Utilities */
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c
index 26fb81f79ab1..04940146fd25 100644
--- a/crypto/cms/cms_env.c
+++ b/crypto/cms/cms_env.c
@@ -14,9 +14,9 @@
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/aes.h>
-#include "cms_lcl.h"
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "cms_local.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
/* CMS EnvelopedData Utilities */
diff --git a/crypto/cms/cms_ess.c b/crypto/cms/cms_ess.c
index 4780231c22bb..a21c443ae85e 100644
--- a/crypto/cms/cms_ess.c
+++ b/crypto/cms/cms_ess.c
@@ -14,7 +14,7 @@
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
diff --git a/crypto/cms/cms_io.c b/crypto/cms/cms_io.c
index d18f980a9732..b37e485f5a28 100644
--- a/crypto/cms/cms_io.c
+++ b/crypto/cms/cms_io.c
@@ -12,7 +12,7 @@
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms)
{
diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c
index 5e83814d0fcf..cafc3040ac70 100644
--- a/crypto/cms/cms_kari.c
+++ b/crypto/cms/cms_kari.c
@@ -14,8 +14,8 @@
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/aes.h>
-#include "cms_lcl.h"
-#include "internal/asn1_int.h"
+#include "cms_local.h"
+#include "crypto/asn1.h"
/* Key Agreement Recipient Info (KARI) routines */
@@ -162,7 +162,7 @@ int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk)
if (!pk)
return 1;
pctx = EVP_PKEY_CTX_new(pk, NULL);
- if (!pctx || !EVP_PKEY_derive_init(pctx))
+ if (!pctx || EVP_PKEY_derive_init(pctx) <= 0)
goto err;
kari->pctx = pctx;
return 1;
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index c2cac260109d..57afba436115 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -14,7 +14,7 @@
#include <openssl/bio.h>
#include <openssl/asn1.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
+#include "cms_local.h"
IMPLEMENT_ASN1_FUNCTIONS(CMS_ContentInfo)
IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
diff --git a/crypto/cms/cms_lcl.h b/crypto/cms/cms_local.h
index 68aa01271bc2..a0ce4448f603 100644
--- a/crypto/cms/cms_lcl.h
+++ b/crypto/cms/cms_local.h
@@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef HEADER_CMS_LCL_H
-# define HEADER_CMS_LCL_H
+#ifndef OSSL_CRYPTO_CMS_LOCAL_H
+# define OSSL_CRYPTO_CMS_LOCAL_H
# include <openssl/x509.h>
diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c
index 26e3bdcf9e41..d7414883396c 100644
--- a/crypto/cms/cms_pwri.c
+++ b/crypto/cms/cms_pwri.c
@@ -15,8 +15,8 @@
#include <openssl/cms.h>
#include <openssl/rand.h>
#include <openssl/aes.h>
-#include "cms_lcl.h"
-#include "internal/asn1_int.h"
+#include "cms_local.h"
+#include "crypto/asn1.h"
int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
unsigned char *pass, ossl_ssize_t passlen)
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index 3841513f8bd2..29ba4c1b1334 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -14,9 +14,9 @@
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "cms_local.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
/* CMS SignedData Utilities */
diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
index 10815639f811..652e97b2e877 100644
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -13,8 +13,8 @@
#include <openssl/x509v3.h>
#include <openssl/err.h>
#include <openssl/cms.h>
-#include "cms_lcl.h"
-#include "internal/asn1_int.h"
+#include "cms_local.h"
+#include "crypto/asn1.h"
static BIO *cms_get_text_bio(BIO *out, unsigned int flags)
{
diff --git a/crypto/comp/c_zlib.c b/crypto/comp/c_zlib.c
index d688deee5f23..b81933791312 100644
--- a/crypto/comp/c_zlib.c
+++ b/crypto/comp/c_zlib.c
@@ -13,9 +13,9 @@
#include <openssl/objects.h>
#include "internal/comp.h"
#include <openssl/err.h>
-#include "internal/cryptlib_int.h"
+#include "crypto/cryptlib.h"
#include "internal/bio.h"
-#include "comp_lcl.h"
+#include "comp_local.h"
COMP_METHOD *COMP_zlib(void);
@@ -598,6 +598,28 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr)
BIO_copy_next_retry(b);
break;
+ case BIO_CTRL_WPENDING:
+ if (ctx->obuf == NULL)
+ return 0;
+
+ if (ctx->odone) {
+ ret = ctx->ocount;
+ } else {
+ ret = ctx->ocount;
+ if (ret == 0)
+ /* Unknown amount pending but we are not finished */
+ ret = 1;
+ }
+ if (ret == 0)
+ ret = BIO_ctrl(next, cmd, num, ptr);
+ break;
+
+ case BIO_CTRL_PENDING:
+ ret = ctx->zin.avail_in;
+ if (ret == 0)
+ ret = BIO_ctrl(next, cmd, num, ptr);
+ break;
+
default:
ret = BIO_ctrl(next, cmd, num, ptr);
break;
diff --git a/crypto/comp/comp_lib.c b/crypto/comp/comp_lib.c
index 6ae2114496b0..56920e1cca51 100644
--- a/crypto/comp/comp_lib.c
+++ b/crypto/comp/comp_lib.c
@@ -13,7 +13,7 @@
#include <openssl/objects.h>
#include <openssl/comp.h>
#include <openssl/err.h>
-#include "comp_lcl.h"
+#include "comp_local.h"
COMP_CTX *COMP_CTX_new(COMP_METHOD *meth)
{
diff --git a/crypto/comp/comp_lcl.h b/crypto/comp/comp_local.h
index aa45fca238da..aa45fca238da 100644
--- a/crypto/comp/comp_lcl.h
+++ b/crypto/comp/comp_local.h
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 8e3f42a0caca..ca76fa3679b8 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -703,7 +703,9 @@ static BIO *process_include(char *include, OPENSSL_DIR_CTX **dirctx,
static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx)
{
const char *filename;
+ size_t pathlen;
+ pathlen = strlen(path);
while ((filename = OPENSSL_DIR_read(dirctx, path)) != NULL) {
size_t namelen;
@@ -716,7 +718,7 @@ static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx)
char *newpath;
BIO *bio;
- newlen = strlen(path) + namelen + 2;
+ newlen = pathlen + namelen + 2;
newpath = OPENSSL_zalloc(newlen);
if (newpath == NULL) {
CONFerr(CONF_F_GET_NEXT_FILE, ERR_R_MALLOC_FAILURE);
@@ -727,14 +729,11 @@ static BIO *get_next_file(const char *path, OPENSSL_DIR_CTX **dirctx)
* If the given path isn't clear VMS syntax,
* we treat it as on Unix.
*/
- {
- size_t pathlen = strlen(path);
-
- if (path[pathlen - 1] == ']' || path[pathlen - 1] == '>'
- || path[pathlen - 1] == ':') {
- /* Clear VMS directory syntax, just copy as is */
- OPENSSL_strlcpy(newpath, path, newlen);
- }
+ if (path[pathlen - 1] == ']'
+ || path[pathlen - 1] == '>'
+ || path[pathlen - 1] == ':') {
+ /* Clear VMS directory syntax, just copy as is */
+ OPENSSL_strlcpy(newpath, path, newlen);
}
#endif
if (newpath[0] == '\0') {
diff --git a/crypto/conf/conf_def.h b/crypto/conf/conf_def.h
index 2016d31b8929..2ced300e40d6 100644
--- a/crypto/conf/conf_def.h
+++ b/crypto/conf/conf_def.h
@@ -2,7 +2,7 @@
* WARNING: do not edit!
* Generated by crypto/conf/keysets.pl
*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c
index 2d40ac97ec27..0b7dd26d63b0 100644
--- a/crypto/conf/conf_lib.c
+++ b/crypto/conf/conf_lib.c
@@ -11,7 +11,7 @@
#include <stdio.h>
#include <string.h>
#include "internal/conf.h"
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/conf.h>
diff --git a/crypto/conf/conf_lcl.h b/crypto/conf/conf_local.h
index 6e1f7fe00d70..6e1f7fe00d70 100644
--- a/crypto/conf/conf_lcl.h
+++ b/crypto/conf/conf_local.h
diff --git a/crypto/conf/conf_mall.c b/crypto/conf/conf_mall.c
index 7e86948e89e9..d7eaa8509b2f 100644
--- a/crypto/conf/conf_mall.c
+++ b/crypto/conf/conf_mall.c
@@ -14,7 +14,7 @@
#include <openssl/x509.h>
#include <openssl/asn1.h>
#include <openssl/engine.h>
-#include "conf_lcl.h"
+#include "conf_local.h"
/* Load all OpenSSL builtin modules */
diff --git a/crypto/conf/conf_ssl.c b/crypto/conf/conf_ssl.c
index 387f2cf46c31..4bd8117d365c 100644
--- a/crypto/conf/conf_ssl.c
+++ b/crypto/conf/conf_ssl.c
@@ -12,7 +12,7 @@
#include <openssl/conf.h>
#include <openssl/err.h>
#include "internal/sslconf.h"
-#include "conf_lcl.h"
+#include "conf_local.h"
/*
* SSL library configuration module placeholder. We load it here but defer
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
index 7b761a3adced..1f36b20c86ed 100644
--- a/crypto/cryptlib.c
+++ b/crypto/cryptlib.c
@@ -9,7 +9,7 @@
*/
#include "e_os.h"
-#include "internal/cryptlib_int.h"
+#include "crypto/cryptlib.h"
#include <openssl/safestack.h>
#if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
@@ -49,7 +49,7 @@ typedef char variant_char;
# define ossl_getenv getenv
# endif
-# include "internal/ctype.h"
+# include "crypto/ctype.h"
static int todigit(variant_char c)
{
diff --git a/crypto/ct/ct_b64.c b/crypto/ct/ct_b64.c
index 109ffcdcf24a..4abe11ca298b 100644
--- a/crypto/ct/ct_b64.c
+++ b/crypto/ct/ct_b64.c
@@ -14,7 +14,7 @@
#include <openssl/err.h>
#include <openssl/evp.h>
-#include "ct_locl.h"
+#include "ct_local.h"
/*
* Decodes the base64 string |in| into |out|.
diff --git a/crypto/ct/ct_locl.h b/crypto/ct/ct_local.h
index 9f983c91beae..9f983c91beae 100644
--- a/crypto/ct/ct_locl.h
+++ b/crypto/ct/ct_local.h
diff --git a/crypto/ct/ct_oct.c b/crypto/ct/ct_oct.c
index 0dd691c0f711..d4b6645af48d 100644
--- a/crypto/ct/ct_oct.c
+++ b/crypto/ct/ct_oct.c
@@ -19,7 +19,7 @@
#include <openssl/ct.h>
#include <openssl/err.h>
-#include "ct_locl.h"
+#include "ct_local.h"
int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len)
{
diff --git a/crypto/ct/ct_policy.c b/crypto/ct/ct_policy.c
index 0d7b3463877d..df66e8a494d0 100644
--- a/crypto/ct/ct_policy.c
+++ b/crypto/ct/ct_policy.c
@@ -15,7 +15,7 @@
#include <openssl/err.h>
#include <time.h>
-#include "ct_locl.h"
+#include "ct_local.h"
/*
* Number of seconds in the future that an SCT timestamp can be, by default,
diff --git a/crypto/ct/ct_prn.c b/crypto/ct/ct_prn.c
index 376e04523e57..e6584b57f391 100644
--- a/crypto/ct/ct_prn.c
+++ b/crypto/ct/ct_prn.c
@@ -14,7 +14,7 @@
#include <openssl/asn1.h>
#include <openssl/bio.h>
-#include "ct_locl.h"
+#include "ct_local.h"
static void SCT_signature_algorithms_print(const SCT *sct, BIO *out)
{
diff --git a/crypto/ct/ct_sct.c b/crypto/ct/ct_sct.c
index 1dc16857ba50..4ff36e2fbd49 100644
--- a/crypto/ct/ct_sct.c
+++ b/crypto/ct/ct_sct.c
@@ -17,7 +17,7 @@
#include <openssl/tls1.h>
#include <openssl/x509.h>
-#include "ct_locl.h"
+#include "ct_local.h"
SCT *SCT_new(void)
{
diff --git a/crypto/ct/ct_sct_ctx.c b/crypto/ct/ct_sct_ctx.c
index 75a5027df0e8..841e768033e5 100644
--- a/crypto/ct/ct_sct_ctx.c
+++ b/crypto/ct/ct_sct_ctx.c
@@ -18,7 +18,7 @@
#include <openssl/obj_mac.h>
#include <openssl/x509.h>
-#include "ct_locl.h"
+#include "ct_local.h"
SCT_CTX *SCT_CTX_new(void)
{
diff --git a/crypto/ct/ct_vfy.c b/crypto/ct/ct_vfy.c
index cabcf5782aa4..74fd34f4154e 100644
--- a/crypto/ct/ct_vfy.c
+++ b/crypto/ct/ct_vfy.c
@@ -14,7 +14,7 @@
#include <openssl/evp.h>
#include <openssl/x509.h>
-#include "ct_locl.h"
+#include "ct_local.h"
typedef enum sct_signature_type_t {
SIGNATURE_TYPE_NOT_SET = -1,
diff --git a/crypto/ct/ct_x509v3.c b/crypto/ct/ct_x509v3.c
index ec186d1f5b83..19c2a852d24a 100644
--- a/crypto/ct/ct_x509v3.c
+++ b/crypto/ct/ct_x509v3.c
@@ -11,7 +11,7 @@
# error "CT is disabled"
#endif
-#include "ct_locl.h"
+#include "ct_local.h"
static char *i2s_poison(const X509V3_EXT_METHOD *method, void *val)
{
diff --git a/crypto/ctype.c b/crypto/ctype.c
index e05f84cd4086..b7f1183f9ccf 100644
--- a/crypto/ctype.c
+++ b/crypto/ctype.c
@@ -9,7 +9,7 @@
#include <string.h>
#include <stdio.h>
-#include "internal/ctype.h"
+#include "crypto/ctype.h"
#include "openssl/ebcdic.h"
/*
diff --git a/crypto/des/asm/crypt586.pl b/crypto/des/asm/crypt586.pl
index a02d18063149..d14b9f89b6b6 100644
--- a/crypto/des/asm/crypt586.pl
+++ b/crypto/des/asm/crypt586.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -25,7 +25,7 @@ $R="esi";
&fcrypt_body("fcrypt_body");
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
sub fcrypt_body
{
diff --git a/crypto/des/asm/des-586.pl b/crypto/des/asm/des-586.pl
index 2bcc54ef2f25..07d9d87ac735 100644
--- a/crypto/des/asm/des-586.pl
+++ b/crypto/des/asm/des-586.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -47,7 +47,7 @@ $small_footprint=1 if (grep(/\-DOPENSSL_SMALL_FOOTPRINT/,@ARGV));
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
sub DES_encrypt_internal()
{
diff --git a/crypto/des/asm/des_enc.m4 b/crypto/des/asm/des_enc.m4
index 4ada97b175d9..ebb5e7cd1d75 100644
--- a/crypto/des/asm/des_enc.m4
+++ b/crypto/des/asm/des_enc.m4
@@ -106,15 +106,15 @@ changequote({,})
! technique.
!
! The macro also loads address sbox 1 to 5 to global 1 to 5, address
-! sbox 6 to local6, and addres sbox 8 to out3.
+! sbox 6 to local6, and address sbox 8 to out3.
!
-! Rotates the halfs 3 left to bring the sbox bits in convenient positions.
+! Rotates the halves 3 left to bring the sbox bits in convenient positions.
!
! Loads key first round from address in parameter 5 to out0, out1.
!
! After the original LibDES initial permutation, the resulting left
! is in the variable initially used for right and vice versa. The macro
-! implements the possibility to keep the halfs in the original registers.
+! implements the possibility to keep the halves in the original registers.
!
! parameter 1 left
! parameter 2 right
@@ -1184,7 +1184,7 @@ DES_encrypt2:
add %o7,global1,global1
sub global1,.PIC.DES_SPtrans-.des_and,out2
- ! Set sbox address 1 to 6 and rotate halfs 3 left
+ ! Set sbox address 1 to 6 and rotate halves 3 left
! Errors caught by destest? Yes. Still? *NO*
!sethi %hi(DES_SPtrans), global1 ! address sbox 1
diff --git a/crypto/des/asm/dest4-sparcv9.pl b/crypto/des/asm/dest4-sparcv9.pl
index fe1fdc7025cf..5c92a52b7957 100755
--- a/crypto/des/asm/dest4-sparcv9.pl
+++ b/crypto/des/asm/dest4-sparcv9.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -624,4 +624,4 @@ ___
&emit_assembler();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/des/cbc_cksm.c b/crypto/des/cbc_cksm.c
index 5a1f72f82db8..c5e2e017b84e 100644
--- a/crypto/des/cbc_cksm.c
+++ b/crypto/des/cbc_cksm.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "des_locl.h"
+#include "des_local.h"
DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
long length, DES_key_schedule *schedule,
diff --git a/crypto/des/cfb64ede.c b/crypto/des/cfb64ede.c
index 21943f6143ea..490d925f46f4 100644
--- a/crypto/des/cfb64ede.c
+++ b/crypto/des/cfb64ede.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "des_locl.h"
+#include "des_local.h"
/*
* The input and output encrypted as though 64bit cfb mode is being used.
diff --git a/crypto/des/cfb64enc.c b/crypto/des/cfb64enc.c
index 96de51b055ec..ca0e82164803 100644
--- a/crypto/des/cfb64enc.c
+++ b/crypto/des/cfb64enc.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "des_locl.h"
+#include "des_local.h"
/*
* The input and output encrypted as though 64bit cfb mode is being used.
diff --git a/crypto/des/cfb_enc.c b/crypto/des/cfb_enc.c
index 544392e405c2..17018420e6cc 100644
--- a/crypto/des/cfb_enc.c
+++ b/crypto/des/cfb_enc.c
@@ -8,7 +8,7 @@
*/
#include "e_os.h"
-#include "des_locl.h"
+#include "des_local.h"
#include <assert.h>
/*
diff --git a/crypto/des/des_enc.c b/crypto/des/des_enc.c
index ed134ace8c32..45eec615d8b0 100644
--- a/crypto/des/des_enc.c
+++ b/crypto/des/des_enc.c
@@ -8,7 +8,7 @@
*/
#include <openssl/crypto.h>
-#include "des_locl.h"
+#include "des_local.h"
#include "spr.h"
void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
diff --git a/crypto/des/des_locl.h b/crypto/des/des_local.h
index f401e6f3ebe8..0f58a1c9ae2e 100644
--- a/crypto/des/des_locl.h
+++ b/crypto/des/des_local.h
@@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef HEADER_DES_LOCL_H
-# define HEADER_DES_LOCL_H
+#ifndef OSSL_CRYPTO_DES_LOCAL_H
+# define OSSL_CRYPTO_DES_LOCAL_H
# include <openssl/e_os2.h>
diff --git a/crypto/des/ecb3_enc.c b/crypto/des/ecb3_enc.c
index 6ac89d4e78bb..7afa8eaadde7 100644
--- a/crypto/des/ecb3_enc.c
+++ b/crypto/des/ecb3_enc.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "des_locl.h"
+#include "des_local.h"
void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
DES_key_schedule *ks1, DES_key_schedule *ks2,
diff --git a/crypto/des/ecb_enc.c b/crypto/des/ecb_enc.c
index 5ed079d15fdc..513c65e116cd 100644
--- a/crypto/des/ecb_enc.c
+++ b/crypto/des/ecb_enc.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "des_locl.h"
+#include "des_local.h"
#include <openssl/opensslv.h>
#include <openssl/bio.h>
diff --git a/crypto/des/fcrypt.c b/crypto/des/fcrypt.c
index aaee4bf236a5..e83cf76b615c 100644
--- a/crypto/des/fcrypt.c
+++ b/crypto/des/fcrypt.c
@@ -19,7 +19,7 @@
#endif
#include <openssl/crypto.h>
-#include "des_locl.h"
+#include "des_local.h"
/*
* Added more values to handle illegal salt values the way normal crypt()
diff --git a/crypto/des/fcrypt_b.c b/crypto/des/fcrypt_b.c
index fe2369a93526..22f967b8c6d3 100644
--- a/crypto/des/fcrypt_b.c
+++ b/crypto/des/fcrypt_b.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#define DES_FCRYPT
-#include "des_locl.h"
+#include "des_local.h"
#undef DES_FCRYPT
#undef PERM_OP
diff --git a/crypto/des/ncbc_enc.c b/crypto/des/ncbc_enc.c
index 244f15ca2a96..cd4b071a3d73 100644
--- a/crypto/des/ncbc_enc.c
+++ b/crypto/des/ncbc_enc.c
@@ -13,7 +13,7 @@
* des_enc.c (DES_ncbc_encrypt)
*/
-#include "des_locl.h"
+#include "des_local.h"
#ifdef CBC_ENC_C__DONT_UPDATE_IV
void DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
diff --git a/crypto/des/ofb64ede.c b/crypto/des/ofb64ede.c
index a551a07e0eb4..68cf2dc557c6 100644
--- a/crypto/des/ofb64ede.c
+++ b/crypto/des/ofb64ede.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "des_locl.h"
+#include "des_local.h"
/*
* The input and output encrypted as though 64bit ofb mode is being used.
diff --git a/crypto/des/ofb64enc.c b/crypto/des/ofb64enc.c
index 30976c871daa..5796980c1865 100644
--- a/crypto/des/ofb64enc.c
+++ b/crypto/des/ofb64enc.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "des_locl.h"
+#include "des_local.h"
/*
* The input and output encrypted as though 64bit ofb mode is being used.
diff --git a/crypto/des/ofb_enc.c b/crypto/des/ofb_enc.c
index 65a9b8604d80..2b0498994b51 100644
--- a/crypto/des/ofb_enc.c
+++ b/crypto/des/ofb_enc.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "des_locl.h"
+#include "des_local.h"
/*
* The input and output are loaded in multiples of 8 bits. What this means is
diff --git a/crypto/des/pcbc_enc.c b/crypto/des/pcbc_enc.c
index 0fa058f03f07..3490592741c6 100644
--- a/crypto/des/pcbc_enc.c
+++ b/crypto/des/pcbc_enc.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "des_locl.h"
+#include "des_local.h"
void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
long length, DES_key_schedule *schedule,
diff --git a/crypto/des/qud_cksm.c b/crypto/des/qud_cksm.c
index 81e6be8226aa..10b6abf69ea5 100644
--- a/crypto/des/qud_cksm.c
+++ b/crypto/des/qud_cksm.c
@@ -13,7 +13,7 @@
* only based on the code in this paper and is almost definitely not the same
* as the MIT implementation.
*/
-#include "des_locl.h"
+#include "des_local.h"
#define Q_B0(a) (((DES_LONG)(a)))
#define Q_B1(a) (((DES_LONG)(a))<<8)
diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
index adbad72362f5..cbcb616cb2ad 100644
--- a/crypto/des/set_key.c
+++ b/crypto/des/set_key.c
@@ -16,7 +16,7 @@
* 1.0 First working version
*/
#include <openssl/crypto.h>
-#include "des_locl.h"
+#include "des_local.h"
/* defaults to false */
OPENSSL_IMPLEMENT_GLOBAL(int, DES_check_key, 0)
diff --git a/crypto/des/str2key.c b/crypto/des/str2key.c
index e18d726522ba..61db60512567 100644
--- a/crypto/des/str2key.c
+++ b/crypto/des/str2key.c
@@ -8,7 +8,7 @@
*/
#include <openssl/crypto.h>
-#include "des_locl.h"
+#include "des_local.h"
void DES_string_to_key(const char *str, DES_cblock *key)
{
diff --git a/crypto/des/xcbc_enc.c b/crypto/des/xcbc_enc.c
index c4e455d9b912..fb3fd5292cb6 100644
--- a/crypto/des/xcbc_enc.c
+++ b/crypto/des/xcbc_enc.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "des_locl.h"
+#include "des_local.h"
/* RSA's DESX */
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c
index 05a1d4227ee3..d53004080d5e 100644
--- a/crypto/dh/dh_ameth.c
+++ b/crypto/dh/dh_ameth.c
@@ -11,10 +11,10 @@
#include "internal/cryptlib.h"
#include <openssl/x509.h>
#include <openssl/asn1.h>
-#include "dh_locl.h"
+#include "dh_local.h"
#include <openssl/bn.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
#include <openssl/cms.h>
/*
@@ -901,6 +901,7 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
err:
OPENSSL_free(penc);
X509_ALGOR_free(wrap_alg);
+ OPENSSL_free(dukm);
return rv;
}
diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c
index 1a40633b4806..e37f0904e560 100644
--- a/crypto/dh/dh_asn1.c
+++ b/crypto/dh/dh_asn1.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
-#include "dh_locl.h"
+#include "dh_local.h"
#include <openssl/objects.h>
#include <openssl/asn1t.h>
diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
index d13d8206ce50..4ac169e75c23 100644
--- a/crypto/dh/dh_check.c
+++ b/crypto/dh/dh_check.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
-#include "dh_locl.h"
+#include "dh_local.h"
# define DH_NUMBER_ITERATIONS_FOR_PRIME 64
diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c
index d293835eb22b..ab82ab58bd2a 100644
--- a/crypto/dh/dh_gen.c
+++ b/crypto/dh/dh_gen.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -15,7 +15,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
-#include "dh_locl.h"
+#include "dh_local.h"
static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
BN_GENCB *cb);
@@ -54,7 +54,7 @@ int DH_generate_parameters_ex(DH *ret, int prime_len, int generator,
* for 3, p mod 12 == 11
* for 5, p mod 60 == 59
*
- * However for compatibilty with previous versions we use:
+ * However for compatibility with previous versions we use:
* for 2, p mod 24 == 11
* for 5, p mod 60 == 23
*/
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index 718aa422d935..daffdf74dd37 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -9,8 +9,8 @@
#include <stdio.h>
#include "internal/cryptlib.h"
-#include "dh_locl.h"
-#include "internal/bn_int.h"
+#include "dh_local.h"
+#include "crypto/bn.h"
static int generate_key(DH *dh);
static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
index e7e7ef08e9e3..04b79d355ca4 100644
--- a/crypto/dh/dh_lib.c
+++ b/crypto/dh/dh_lib.c
@@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include "internal/refcount.h"
#include <openssl/bn.h>
-#include "dh_locl.h"
+#include "dh_local.h"
#include <openssl/engine.h>
int DH_set_method(DH *dh, const DH_METHOD *meth)
diff --git a/crypto/dh/dh_locl.h b/crypto/dh/dh_local.h
index 0a8391a6c004..0a8391a6c004 100644
--- a/crypto/dh/dh_locl.h
+++ b/crypto/dh/dh_local.h
diff --git a/crypto/dh/dh_meth.c b/crypto/dh/dh_meth.c
index 59c4d7e96782..8a54a8108fc3 100644
--- a/crypto/dh/dh_meth.c
+++ b/crypto/dh/dh_meth.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "dh_locl.h"
+#include "dh_local.h"
#include <string.h>
#include <openssl/err.h>
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
index 568831f1c2a7..1fd94deb4731 100644
--- a/crypto/dh/dh_pmeth.c
+++ b/crypto/dh/dh_pmeth.c
@@ -12,11 +12,11 @@
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/evp.h>
-#include "dh_locl.h"
+#include "dh_local.h"
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/objects.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
/* DH pkey context structure */
diff --git a/crypto/dh/dh_rfc5114.c b/crypto/dh/dh_rfc5114.c
index c4a219590e9e..e3603a05a322 100644
--- a/crypto/dh/dh_rfc5114.c
+++ b/crypto/dh/dh_rfc5114.c
@@ -9,9 +9,9 @@
#include <stdio.h>
#include "internal/cryptlib.h"
-#include "dh_locl.h"
+#include "dh_local.h"
#include <openssl/bn.h>
-#include "internal/bn_dh.h"
+#include "crypto/bn_dh.h"
/*
* Macro to make a DH structure from BIGNUM data. NB: although just copying
diff --git a/crypto/dh/dh_rfc7919.c b/crypto/dh/dh_rfc7919.c
index a54b468e552c..03d30a1f5d59 100644
--- a/crypto/dh/dh_rfc7919.c
+++ b/crypto/dh/dh_rfc7919.c
@@ -9,10 +9,10 @@
#include <stdio.h>
#include "internal/cryptlib.h"
-#include "dh_locl.h"
+#include "dh_local.h"
#include <openssl/bn.h>
#include <openssl/objects.h>
-#include "internal/bn_dh.h"
+#include "crypto/bn_dh.h"
static DH *dh_param_init(const BIGNUM *p, int32_t nbits)
{
diff --git a/crypto/dllmain.c b/crypto/dllmain.c
index 0838c55e4897..e8217893b9ed 100644
--- a/crypto/dllmain.c
+++ b/crypto/dllmain.c
@@ -8,7 +8,7 @@
*/
#include "e_os.h"
-#include "internal/cryptlib_int.h"
+#include "crypto/cryptlib.h"
#if defined(_WIN32) || defined(__CYGWIN__)
# ifdef __CYGWIN__
diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c
index 49aa1ae23bab..2dcaa0815fd6 100644
--- a/crypto/dsa/dsa_ameth.c
+++ b/crypto/dsa/dsa_ameth.c
@@ -11,11 +11,11 @@
#include "internal/cryptlib.h"
#include <openssl/x509.h>
#include <openssl/asn1.h>
-#include "dsa_locl.h"
+#include "dsa_local.h"
#include <openssl/bn.h>
#include <openssl/cms.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
{
diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c
index 6499e87ef318..9cafd5ca8a90 100644
--- a/crypto/dsa/dsa_asn1.c
+++ b/crypto/dsa/dsa_asn1.c
@@ -9,7 +9,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
-#include "dsa_locl.h"
+#include "dsa_local.h"
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/rand.h>
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index af59a582b53e..5d066a06c546 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -21,7 +21,7 @@
#include <openssl/bn.h>
#include <openssl/rand.h>
#include <openssl/sha.h>
-#include "dsa_locl.h"
+#include "dsa_local.h"
int DSA_generate_parameters_ex(DSA *ret, int bits,
const unsigned char *seed_in, int seed_len,
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index a48af5849291..bdeddd4f61df 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -11,7 +11,7 @@
#include <time.h>
#include "internal/cryptlib.h"
#include <openssl/bn.h>
-#include "dsa_locl.h"
+#include "dsa_local.h"
static int dsa_builtin_keygen(DSA *dsa);
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index 1048601bebde..f98af5853dc1 100644
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include "internal/refcount.h"
#include <openssl/bn.h>
-#include "dsa_locl.h"
+#include "dsa_local.h"
#include <openssl/asn1.h>
#include <openssl/engine.h>
#include <openssl/dh.h>
diff --git a/crypto/dsa/dsa_locl.h b/crypto/dsa/dsa_local.h
index a81a4b49788d..a81a4b49788d 100644
--- a/crypto/dsa/dsa_locl.h
+++ b/crypto/dsa/dsa_local.h
diff --git a/crypto/dsa/dsa_meth.c b/crypto/dsa/dsa_meth.c
index ff4fae44a7c3..1e6ee2f4ed3b 100644
--- a/crypto/dsa/dsa_meth.c
+++ b/crypto/dsa/dsa_meth.c
@@ -15,7 +15,7 @@
* or in the file LICENSE in the source distribution.
*/
-#include "dsa_locl.h"
+#include "dsa_local.h"
#include <string.h>
#include <openssl/err.h>
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index 16161dcadf22..a983def64e76 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -9,10 +9,10 @@
#include <stdio.h>
#include "internal/cryptlib.h"
-#include "internal/bn_int.h"
+#include "crypto/bn.h"
#include <openssl/bn.h>
#include <openssl/sha.h>
-#include "dsa_locl.h"
+#include "dsa_local.h"
#include <openssl/asn1.h>
static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index 1dd2fef9beb9..4ca3747a4646 100644
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -13,8 +13,8 @@
#include <openssl/x509.h>
#include <openssl/evp.h>
#include <openssl/bn.h>
-#include "internal/evp_int.h"
-#include "dsa_locl.h"
+#include "crypto/evp.h"
+#include "dsa_local.h"
/* DSA pkey context structure */
@@ -178,9 +178,7 @@ static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
}
if (strcmp(type, "dsa_paramgen_q_bits") == 0) {
int qbits = atoi(value);
- return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
- EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits,
- NULL);
+ return EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, qbits);
}
if (strcmp(type, "dsa_paramgen_md") == 0) {
const EVP_MD *md = EVP_get_digestbyname(value);
@@ -189,9 +187,7 @@ static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
DSAerr(DSA_F_PKEY_DSA_CTRL_STR, DSA_R_INVALID_DIGEST_TYPE);
return 0;
}
- return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
- EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0,
- (void *)md);
+ return EVP_PKEY_CTX_set_dsa_paramgen_md(ctx, md);
}
return -2;
}
diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c
index e9466b29f1d7..51c7754b93e4 100644
--- a/crypto/dsa/dsa_sign.c
+++ b/crypto/dsa/dsa_sign.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "dsa_locl.h"
+#include "dsa_local.h"
#include <openssl/bn.h>
DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c
index 21f98cd94e5c..6f80a4aab7a5 100644
--- a/crypto/dsa/dsa_vrf.c
+++ b/crypto/dsa/dsa_vrf.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "dsa_locl.h"
+#include "dsa_local.h"
int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
DSA *dsa)
diff --git a/crypto/dso/dso_dl.c b/crypto/dso/dso_dl.c
index 290d73cf3575..3bbb10e5ca98 100644
--- a/crypto/dso/dso_dl.c
+++ b/crypto/dso/dso_dl.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "dso_locl.h"
+#include "dso_local.h"
#ifdef DSO_DL
diff --git a/crypto/dso/dso_dlfcn.c b/crypto/dso/dso_dlfcn.c
index ba3b55fcbffa..4719e8f4f337 100644
--- a/crypto/dso/dso_dlfcn.c
+++ b/crypto/dso/dso_dlfcn.c
@@ -16,7 +16,7 @@
# define _GNU_SOURCE /* make sure dladdr is declared */
#endif
-#include "dso_locl.h"
+#include "dso_local.h"
#include "e_os.h"
#ifdef DSO_DLFCN
diff --git a/crypto/dso/dso_lib.c b/crypto/dso/dso_lib.c
index 2e75021d39ea..50a39bb7d5d8 100644
--- a/crypto/dso/dso_lib.c
+++ b/crypto/dso/dso_lib.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "dso_locl.h"
+#include "dso_local.h"
#include "internal/refcount.h"
static DSO_METHOD *default_DSO_meth = NULL;
diff --git a/crypto/dso/dso_locl.h b/crypto/dso/dso_local.h
index 14a0ccb7c012..43b7df9d7832 100644
--- a/crypto/dso/dso_locl.h
+++ b/crypto/dso/dso_local.h
@@ -10,7 +10,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include "internal/dso.h"
-#include "internal/dso_conf.h"
+#include "crypto/dso_conf.h"
#include "internal/refcount.h"
/**********************************************************************/
diff --git a/crypto/dso/dso_openssl.c b/crypto/dso/dso_openssl.c
index f0dd38ace259..c76a04db23f9 100644
--- a/crypto/dso/dso_openssl.c
+++ b/crypto/dso/dso_openssl.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "dso_locl.h"
+#include "dso_local.h"
#ifdef DSO_NONE
diff --git a/crypto/ec/asm/ecp_nistz256-armv4.pl b/crypto/ec/asm/ecp_nistz256-armv4.pl
index 83abbdd89578..ea538c0698d5 100755
--- a/crypto/ec/asm/ecp_nistz256-armv4.pl
+++ b/crypto/ec/asm/ecp_nistz256-armv4.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1394,7 +1394,7 @@ my ($Z1sqr, $Z2sqr) = ($Hsqr, $Rsqr);
# 256-bit vectors on top. Then note that we push
# starting from r0, which means that we have copy of
# input arguments just below these temporary vectors.
-# We use three of them for !in1infty, !in2intfy and
+# We use three of them for ~in1infty, ~in2infty and
# result of check for zero.
$code.=<<___;
@@ -1424,7 +1424,7 @@ ecp_nistz256_point_add:
#endif
movne r12,#-1
stmia r3,{r4-r11}
- str r12,[sp,#32*18+8] @ !in2infty
+ str r12,[sp,#32*18+8] @ ~in2infty
ldmia $a_ptr!,{r4-r11} @ copy in1_x
add r3,sp,#$in1_x
@@ -1445,7 +1445,7 @@ ecp_nistz256_point_add:
#endif
movne r12,#-1
stmia r3,{r4-r11}
- str r12,[sp,#32*18+4] @ !in1infty
+ str r12,[sp,#32*18+4] @ ~in1infty
add $a_ptr,sp,#$in2_z
add $b_ptr,sp,#$in2_z
@@ -1510,33 +1510,20 @@ ecp_nistz256_point_add:
orr $a0,$a0,$a2
orr $a4,$a4,$a6
orr $a0,$a0,$a7
- orrs $a0,$a0,$a4
+ orr $a0,$a0,$a4 @ ~is_equal(U1,U2)
- bne .Ladd_proceed @ is_equal(U1,U2)?
+ ldr $t0,[sp,#32*18+4] @ ~in1infty
+ ldr $t1,[sp,#32*18+8] @ ~in2infty
+ ldr $t2,[sp,#32*18+12] @ ~is_equal(S1,S2)
+ mvn $t0,$t0 @ -1/0 -> 0/-1
+ mvn $t1,$t1 @ -1/0 -> 0/-1
+ orr $a0,$t0
+ orr $a0,$t1
+ orrs $a0,$t2 @ set flags
- ldr $t0,[sp,#32*18+4]
- ldr $t1,[sp,#32*18+8]
- ldr $t2,[sp,#32*18+12]
- tst $t0,$t1
- beq .Ladd_proceed @ (in1infty || in2infty)?
- tst $t2,$t2
- beq .Ladd_double @ is_equal(S1,S2)?
+ @ if(~is_equal(U1,U2) | in1infty | in2infty | ~is_equal(S1,S2))
+ bne .Ladd_proceed
- ldr $r_ptr,[sp,#32*18+16]
- eor r4,r4,r4
- eor r5,r5,r5
- eor r6,r6,r6
- eor r7,r7,r7
- eor r8,r8,r8
- eor r9,r9,r9
- eor r10,r10,r10
- eor r11,r11,r11
- stmia $r_ptr!,{r4-r11}
- stmia $r_ptr!,{r4-r11}
- stmia $r_ptr!,{r4-r11}
- b .Ladd_done
-
-.align 4
.Ladd_double:
ldr $a_ptr,[sp,#32*18+20]
add sp,sp,#32*(18-5)+16 @ difference in frame sizes
@@ -1601,15 +1588,15 @@ ecp_nistz256_point_add:
add $b_ptr,sp,#$S2
bl __ecp_nistz256_sub_from @ p256_sub(res_y, res_y, S2);
- ldr r11,[sp,#32*18+4] @ !in1intfy
- ldr r12,[sp,#32*18+8] @ !in2intfy
+ ldr r11,[sp,#32*18+4] @ ~in1infty
+ ldr r12,[sp,#32*18+8] @ ~in2infty
add r1,sp,#$res_x
add r2,sp,#$in2_x
- and r10,r11,r12
+ and r10,r11,r12 @ ~in1infty & ~in2infty
mvn r11,r11
add r3,sp,#$in1_x
- and r11,r11,r12
- mvn r12,r12
+ and r11,r11,r12 @ in1infty & ~in2infty
+ mvn r12,r12 @ in2infty
ldr $r_ptr,[sp,#32*18+16]
___
for($i=0;$i<96;$i+=8) { # conditional moves
@@ -1617,11 +1604,11 @@ $code.=<<___;
ldmia r1!,{r4-r5} @ res_x
ldmia r2!,{r6-r7} @ in2_x
ldmia r3!,{r8-r9} @ in1_x
- and r4,r4,r10
+ and r4,r4,r10 @ ~in1infty & ~in2infty
and r5,r5,r10
- and r6,r6,r11
+ and r6,r6,r11 @ in1infty & ~in2infty
and r7,r7,r11
- and r8,r8,r12
+ and r8,r8,r12 @ in2infty
and r9,r9,r12
orr r4,r4,r6
orr r5,r5,r7
@@ -1656,7 +1643,7 @@ my $Z1sqr = $S2;
# 256-bit vectors on top. Then note that we push
# starting from r0, which means that we have copy of
# input arguments just below these temporary vectors.
-# We use two of them for !in1infty, !in2intfy.
+# We use two of them for ~in1infty, ~in2infty.
my @ONE_mont=(1,0,0,-1,-1,-1,-2,0);
@@ -1687,7 +1674,7 @@ ecp_nistz256_point_add_affine:
#endif
movne r12,#-1
stmia r3,{r4-r11}
- str r12,[sp,#32*15+4] @ !in1infty
+ str r12,[sp,#32*15+4] @ ~in1infty
ldmia $b_ptr!,{r4-r11} @ copy in2_x
add r3,sp,#$in2_x
@@ -1714,7 +1701,7 @@ ecp_nistz256_point_add_affine:
it ne
#endif
movne r12,#-1
- str r12,[sp,#32*15+8] @ !in2infty
+ str r12,[sp,#32*15+8] @ ~in2infty
add $a_ptr,sp,#$in1_z
add $b_ptr,sp,#$in1_z
@@ -1796,15 +1783,15 @@ ecp_nistz256_point_add_affine:
add $b_ptr,sp,#$S2
bl __ecp_nistz256_sub_from @ p256_sub(res_y, res_y, S2);
- ldr r11,[sp,#32*15+4] @ !in1intfy
- ldr r12,[sp,#32*15+8] @ !in2intfy
+ ldr r11,[sp,#32*15+4] @ ~in1infty
+ ldr r12,[sp,#32*15+8] @ ~in2infty
add r1,sp,#$res_x
add r2,sp,#$in2_x
- and r10,r11,r12
+ and r10,r11,r12 @ ~in1infty & ~in2infty
mvn r11,r11
add r3,sp,#$in1_x
- and r11,r11,r12
- mvn r12,r12
+ and r11,r11,r12 @ in1infty & ~in2infty
+ mvn r12,r12 @ in2infty
ldr $r_ptr,[sp,#32*15]
___
for($i=0;$i<64;$i+=8) { # conditional moves
@@ -1812,11 +1799,11 @@ $code.=<<___;
ldmia r1!,{r4-r5} @ res_x
ldmia r2!,{r6-r7} @ in2_x
ldmia r3!,{r8-r9} @ in1_x
- and r4,r4,r10
+ and r4,r4,r10 @ ~in1infty & ~in2infty
and r5,r5,r10
- and r6,r6,r11
+ and r6,r6,r11 @ in1infty & ~in2infty
and r7,r7,r11
- and r8,r8,r12
+ and r8,r8,r12 @ in2infty
and r9,r9,r12
orr r4,r4,r6
orr r5,r5,r7
@@ -1862,4 +1849,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT; # enforce flush
+close STDOUT or die "error closing STDOUT: $!"; # enforce flush
diff --git a/crypto/ec/asm/ecp_nistz256-armv8.pl b/crypto/ec/asm/ecp_nistz256-armv8.pl
index 887ddfb1ea9b..e93e18f29f19 100755
--- a/crypto/ec/asm/ecp_nistz256-armv8.pl
+++ b/crypto/ec/asm/ecp_nistz256-armv8.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -722,7 +722,7 @@ $code.=<<___;
.align 5
ecp_nistz256_point_double:
.inst 0xd503233f // paciasp
- stp x29,x30,[sp,#-80]!
+ stp x29,x30,[sp,#-96]!
add x29,sp,#0
stp x19,x20,[sp,#16]
stp x21,x22,[sp,#32]
@@ -855,7 +855,7 @@ ecp_nistz256_point_double:
add sp,x29,#0 // destroy frame
ldp x19,x20,[x29,#16]
ldp x21,x22,[x29,#32]
- ldp x29,x30,[sp],#80
+ ldp x29,x30,[sp],#96
.inst 0xd50323bf // autiasp
ret
.size ecp_nistz256_point_double,.-ecp_nistz256_point_double
@@ -872,7 +872,7 @@ my ($res_x,$res_y,$res_z,
my ($Z1sqr, $Z2sqr) = ($Hsqr, $Rsqr);
# above map() describes stack layout with 12 temporary
# 256-bit vectors on top.
-my ($rp_real,$ap_real,$bp_real,$in1infty,$in2infty,$temp)=map("x$_",(21..26));
+my ($rp_real,$ap_real,$bp_real,$in1infty,$in2infty,$temp0,$temp1,$temp2)=map("x$_",(21..28));
$code.=<<___;
.globl ecp_nistz256_point_add
@@ -880,12 +880,13 @@ $code.=<<___;
.align 5
ecp_nistz256_point_add:
.inst 0xd503233f // paciasp
- stp x29,x30,[sp,#-80]!
+ stp x29,x30,[sp,#-96]!
add x29,sp,#0
stp x19,x20,[sp,#16]
stp x21,x22,[sp,#32]
stp x23,x24,[sp,#48]
stp x25,x26,[sp,#64]
+ stp x27,x28,[sp,#80]
sub sp,sp,#32*12
ldp $a0,$a1,[$bp,#64] // in2_z
@@ -899,7 +900,7 @@ ecp_nistz256_point_add:
orr $t2,$a2,$a3
orr $in2infty,$t0,$t2
cmp $in2infty,#0
- csetm $in2infty,ne // !in2infty
+ csetm $in2infty,ne // ~in2infty
add $rp,sp,#$Z2sqr
bl __ecp_nistz256_sqr_mont // p256_sqr_mont(Z2sqr, in2_z);
@@ -909,7 +910,7 @@ ecp_nistz256_point_add:
orr $t2,$a2,$a3
orr $in1infty,$t0,$t2
cmp $in1infty,#0
- csetm $in1infty,ne // !in1infty
+ csetm $in1infty,ne // ~in1infty
add $rp,sp,#$Z1sqr
bl __ecp_nistz256_sqr_mont // p256_sqr_mont(Z1sqr, in1_z);
@@ -950,7 +951,7 @@ ecp_nistz256_point_add:
orr $acc0,$acc0,$acc1 // see if result is zero
orr $acc2,$acc2,$acc3
- orr $temp,$acc0,$acc2
+ orr $temp0,$acc0,$acc2 // ~is_equal(S1,S2)
add $bp,sp,#$Z2sqr
add $rp,sp,#$U1
@@ -971,32 +972,21 @@ ecp_nistz256_point_add:
orr $acc0,$acc0,$acc1 // see if result is zero
orr $acc2,$acc2,$acc3
- orr $acc0,$acc0,$acc2
- tst $acc0,$acc0
- b.ne .Ladd_proceed // is_equal(U1,U2)?
+ orr $acc0,$acc0,$acc2 // ~is_equal(U1,U2)
- tst $in1infty,$in2infty
- b.eq .Ladd_proceed // (in1infty || in2infty)?
+ mvn $temp1,$in1infty // -1/0 -> 0/-1
+ mvn $temp2,$in2infty // -1/0 -> 0/-1
+ orr $acc0,$acc0,$temp1
+ orr $acc0,$acc0,$temp2
+ orr $acc0,$acc0,$temp0
+ cbnz $acc0,.Ladd_proceed // if(~is_equal(U1,U2) | in1infty | in2infty | ~is_equal(S1,S2))
- tst $temp,$temp
- b.eq .Ladd_double // is_equal(S1,S2)?
-
- eor $a0,$a0,$a0
- eor $a1,$a1,$a1
- stp $a0,$a1,[$rp_real]
- stp $a0,$a1,[$rp_real,#16]
- stp $a0,$a1,[$rp_real,#32]
- stp $a0,$a1,[$rp_real,#48]
- stp $a0,$a1,[$rp_real,#64]
- stp $a0,$a1,[$rp_real,#80]
- b .Ladd_done
-
-.align 4
.Ladd_double:
mov $ap,$ap_real
mov $rp,$rp_real
ldp x23,x24,[x29,#48]
ldp x25,x26,[x29,#64]
+ ldp x27,x28,[x29,#80]
add sp,sp,#32*(12-4) // difference in stack frames
b .Ldouble_shortcut
@@ -1081,14 +1071,14 @@ ___
for($i=0;$i<64;$i+=32) { # conditional moves
$code.=<<___;
ldp $acc0,$acc1,[$ap_real,#$i] // in1
- cmp $in1infty,#0 // !$in1intfy, remember?
+ cmp $in1infty,#0 // ~$in1intfy, remember?
ldp $acc2,$acc3,[$ap_real,#$i+16]
csel $t0,$a0,$t0,ne
csel $t1,$a1,$t1,ne
ldp $a0,$a1,[sp,#$res_x+$i+32] // res
csel $t2,$a2,$t2,ne
csel $t3,$a3,$t3,ne
- cmp $in2infty,#0 // !$in2intfy, remember?
+ cmp $in2infty,#0 // ~$in2intfy, remember?
ldp $a2,$a3,[sp,#$res_x+$i+48]
csel $acc0,$t0,$acc0,ne
csel $acc1,$t1,$acc1,ne
@@ -1102,13 +1092,13 @@ ___
}
$code.=<<___;
ldp $acc0,$acc1,[$ap_real,#$i] // in1
- cmp $in1infty,#0 // !$in1intfy, remember?
+ cmp $in1infty,#0 // ~$in1intfy, remember?
ldp $acc2,$acc3,[$ap_real,#$i+16]
csel $t0,$a0,$t0,ne
csel $t1,$a1,$t1,ne
csel $t2,$a2,$t2,ne
csel $t3,$a3,$t3,ne
- cmp $in2infty,#0 // !$in2intfy, remember?
+ cmp $in2infty,#0 // ~$in2intfy, remember?
csel $acc0,$t0,$acc0,ne
csel $acc1,$t1,$acc1,ne
csel $acc2,$t2,$acc2,ne
@@ -1122,7 +1112,8 @@ $code.=<<___;
ldp x21,x22,[x29,#32]
ldp x23,x24,[x29,#48]
ldp x25,x26,[x29,#64]
- ldp x29,x30,[sp],#80
+ ldp x27,x28,[x29,#80]
+ ldp x29,x30,[sp],#96
.inst 0xd50323bf // autiasp
ret
.size ecp_nistz256_point_add,.-ecp_nistz256_point_add
@@ -1166,7 +1157,7 @@ ecp_nistz256_point_add_affine:
orr $t2,$a2,$a3
orr $in1infty,$t0,$t2
cmp $in1infty,#0
- csetm $in1infty,ne // !in1infty
+ csetm $in1infty,ne // ~in1infty
ldp $acc0,$acc1,[$bp] // in2_x
ldp $acc2,$acc3,[$bp,#16]
@@ -1180,7 +1171,7 @@ ecp_nistz256_point_add_affine:
orr $t0,$t0,$t2
orr $in2infty,$acc0,$t0
cmp $in2infty,#0
- csetm $in2infty,ne // !in2infty
+ csetm $in2infty,ne // ~in2infty
add $rp,sp,#$Z1sqr
bl __ecp_nistz256_sqr_mont // p256_sqr_mont(Z1sqr, in1_z);
@@ -1290,14 +1281,14 @@ ___
for($i=0;$i<64;$i+=32) { # conditional moves
$code.=<<___;
ldp $acc0,$acc1,[$ap_real,#$i] // in1
- cmp $in1infty,#0 // !$in1intfy, remember?
+ cmp $in1infty,#0 // ~$in1intfy, remember?
ldp $acc2,$acc3,[$ap_real,#$i+16]
csel $t0,$a0,$t0,ne
csel $t1,$a1,$t1,ne
ldp $a0,$a1,[sp,#$res_x+$i+32] // res
csel $t2,$a2,$t2,ne
csel $t3,$a3,$t3,ne
- cmp $in2infty,#0 // !$in2intfy, remember?
+ cmp $in2infty,#0 // ~$in2intfy, remember?
ldp $a2,$a3,[sp,#$res_x+$i+48]
csel $acc0,$t0,$acc0,ne
csel $acc1,$t1,$acc1,ne
@@ -1314,13 +1305,13 @@ ___
}
$code.=<<___;
ldp $acc0,$acc1,[$ap_real,#$i] // in1
- cmp $in1infty,#0 // !$in1intfy, remember?
+ cmp $in1infty,#0 // ~$in1intfy, remember?
ldp $acc2,$acc3,[$ap_real,#$i+16]
csel $t0,$a0,$t0,ne
csel $t1,$a1,$t1,ne
csel $t2,$a2,$t2,ne
csel $t3,$a3,$t3,ne
- cmp $in2infty,#0 // !$in2intfy, remember?
+ cmp $in2infty,#0 // ~$in2intfy, remember?
csel $acc0,$t0,$acc0,ne
csel $acc1,$t1,$acc1,ne
csel $acc2,$t2,$acc2,ne
@@ -1880,4 +1871,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT; # enforce flush
+close STDOUT or die "error closing STDOUT: $!"; # enforce flush
diff --git a/crypto/ec/asm/ecp_nistz256-avx2.pl b/crypto/ec/asm/ecp_nistz256-avx2.pl
index 794e56a082fc..5071d09ac2ec 100755
--- a/crypto/ec/asm/ecp_nistz256-avx2.pl
+++ b/crypto/ec/asm/ecp_nistz256-avx2.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
# Copyright (c) 2014, Intel Corporation. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
@@ -47,7 +47,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([3-9])\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$avx = ($ver>=3.0) + ($ver>=3.01);
$addx = ($ver>=3.03);
@@ -2077,4 +2077,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/ec/asm/ecp_nistz256-ppc64.pl b/crypto/ec/asm/ecp_nistz256-ppc64.pl
index 984c7f205056..2bf54e2aa544 100755
--- a/crypto/ec/asm/ecp_nistz256-ppc64.pl
+++ b/crypto/ec/asm/ecp_nistz256-ppc64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -2379,4 +2379,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT; # enforce flush
+close STDOUT or die "error closing STDOUT: $!"; # enforce flush
diff --git a/crypto/ec/asm/ecp_nistz256-sparcv9.pl b/crypto/ec/asm/ecp_nistz256-sparcv9.pl
index 4383bea4a7be..042e122718b7 100755
--- a/crypto/ec/asm/ecp_nistz256-sparcv9.pl
+++ b/crypto/ec/asm/ecp_nistz256-sparcv9.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -3057,4 +3057,4 @@ foreach (split("\n",$code)) {
print $_,"\n";
}
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/ec/asm/ecp_nistz256-x86.pl b/crypto/ec/asm/ecp_nistz256-x86.pl
index 0c6fc665bf46..e926d69b020b 100755
--- a/crypto/ec/asm/ecp_nistz256-x86.pl
+++ b/crypto/ec/asm/ecp_nistz256-x86.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1388,7 +1388,7 @@ for ($i=0;$i<7;$i++) {
# above map() describes stack layout with 18 temporary
# 256-bit vectors on top, then we take extra words for
- # !in1infty, !in2infty, result of check for zero and
+ # ~in1infty, ~in2infty, result of check for zero and
# OPENSSL_ia32cap_P copy. [one unused word for padding]
&stack_push(8*18+5);
if ($sse2) {
@@ -1419,7 +1419,7 @@ for ($i=0;$i<7;$i++) {
&sub ("eax","ebp");
&or ("ebp","eax");
&sar ("ebp",31);
- &mov (&DWP(32*18+4,"esp"),"ebp"); # !in2infty
+ &mov (&DWP(32*18+4,"esp"),"ebp"); # ~in2infty
&lea ("edi",&DWP($in1_x,"esp"));
for($i=0;$i<96;$i+=16) {
@@ -1441,7 +1441,7 @@ for ($i=0;$i<7;$i++) {
&sub ("eax","ebp");
&or ("ebp","eax");
&sar ("ebp",31);
- &mov (&DWP(32*18+0,"esp"),"ebp"); # !in1infty
+ &mov (&DWP(32*18+0,"esp"),"ebp"); # ~in1infty
&mov ("eax",&DWP(32*18+12,"esp")); # OPENSSL_ia32cap_P copy
&lea ("esi",&DWP($in2_z,"esp"));
@@ -1516,23 +1516,19 @@ for ($i=0;$i<7;$i++) {
&or ("eax",&DWP(0,"edi"));
&or ("eax",&DWP(4,"edi"));
&or ("eax",&DWP(8,"edi"));
- &or ("eax",&DWP(12,"edi"));
+ &or ("eax",&DWP(12,"edi")); # ~is_equal(U1,U2)
- &data_byte(0x3e); # predict taken
- &jnz (&label("add_proceed")); # is_equal(U1,U2)?
-
- &mov ("eax",&DWP(32*18+0,"esp"));
- &and ("eax",&DWP(32*18+4,"esp"));
- &mov ("ebx",&DWP(32*18+8,"esp"));
- &jz (&label("add_proceed")); # (in1infty || in2infty)?
- &test ("ebx","ebx");
- &jz (&label("add_double")); # is_equal(S1,S2)?
+ &mov ("ebx",&DWP(32*18+0,"esp")); # ~in1infty
+ &not ("ebx"); # -1/0 -> 0/-1
+ &or ("eax","ebx");
+ &mov ("ebx",&DWP(32*18+4,"esp")); # ~in2infty
+ &not ("ebx"); # -1/0 -> 0/-1
+ &or ("eax","ebx");
+ &or ("eax",&DWP(32*18+8,"esp")); # ~is_equal(S1,S2)
- &mov ("edi",&wparam(0));
- &xor ("eax","eax");
- &mov ("ecx",96/4);
- &data_byte(0xfc,0xf3,0xab); # cld; stosd
- &jmp (&label("add_done"));
+ # if (~is_equal(U1,U2) | in1infty | in2infty | ~is_equal(S1,S2))
+ &data_byte(0x3e); # predict taken
+ &jnz (&label("add_proceed"));
&set_label("add_double",16);
&mov ("esi",&wparam(1));
@@ -1614,34 +1610,34 @@ for ($i=0;$i<7;$i++) {
&lea ("edi",&DWP($res_y,"esp"));
&call ("_ecp_nistz256_sub"); # p256_sub(res_y, res_y, S2);
- &mov ("ebp",&DWP(32*18+0,"esp")); # !in1infty
- &mov ("esi",&DWP(32*18+4,"esp")); # !in2infty
+ &mov ("ebp",&DWP(32*18+0,"esp")); # ~in1infty
+ &mov ("esi",&DWP(32*18+4,"esp")); # ~in2infty
&mov ("edi",&wparam(0));
&mov ("edx","ebp");
&not ("ebp");
- &and ("edx","esi");
- &and ("ebp","esi");
- &not ("esi");
+ &and ("edx","esi"); # ~in1infty & ~in2infty
+ &and ("ebp","esi"); # in1infty & ~in2infty
+ &not ("esi"); # in2infty
########################################
# conditional moves
for($i=64;$i<96;$i+=4) {
- &mov ("eax","edx");
+ &mov ("eax","edx"); # ~in1infty & ~in2infty
&and ("eax",&DWP($res_x+$i,"esp"));
- &mov ("ebx","ebp");
+ &mov ("ebx","ebp"); # in1infty & ~in2infty
&and ("ebx",&DWP($in2_x+$i,"esp"));
- &mov ("ecx","esi");
+ &mov ("ecx","esi"); # in2infty
&and ("ecx",&DWP($in1_x+$i,"esp"));
&or ("eax","ebx");
&or ("eax","ecx");
&mov (&DWP($i,"edi"),"eax");
}
for($i=0;$i<64;$i+=4) {
- &mov ("eax","edx");
+ &mov ("eax","edx"); # ~in1infty & ~in2infty
&and ("eax",&DWP($res_x+$i,"esp"));
- &mov ("ebx","ebp");
+ &mov ("ebx","ebp"); # in1infty & ~in2infty
&and ("ebx",&DWP($in2_x+$i,"esp"));
- &mov ("ecx","esi");
+ &mov ("ecx","esi"); # in2infty
&and ("ecx",&DWP($in1_x+$i,"esp"));
&or ("eax","ebx");
&or ("eax","ecx");
@@ -1668,7 +1664,7 @@ for ($i=0;$i<7;$i++) {
# above map() describes stack layout with 15 temporary
# 256-bit vectors on top, then we take extra words for
- # !in1infty, !in2infty, and OPENSSL_ia32cap_P copy.
+ # ~in1infty, ~in2infty, and OPENSSL_ia32cap_P copy.
&stack_push(8*15+3);
if ($sse2) {
&call ("_picup_eax");
@@ -1698,7 +1694,7 @@ for ($i=0;$i<7;$i++) {
&sub ("eax","ebp");
&or ("ebp","eax");
&sar ("ebp",31);
- &mov (&DWP(32*15+0,"esp"),"ebp"); # !in1infty
+ &mov (&DWP(32*15+0,"esp"),"ebp"); # ~in1infty
&lea ("edi",&DWP($in2_x,"esp"));
for($i=0;$i<64;$i+=16) {
@@ -1724,7 +1720,7 @@ for ($i=0;$i<7;$i++) {
&lea ("ebp",&DWP($in1_z,"esp"));
&sar ("ebx",31);
&lea ("edi",&DWP($Z1sqr,"esp"));
- &mov (&DWP(32*15+4,"esp"),"ebx"); # !in2infty
+ &mov (&DWP(32*15+4,"esp"),"ebx"); # ~in2infty
&call ("_ecp_nistz256_mul_mont"); # p256_sqr_mont(Z1sqr, in1_z);
@@ -1823,14 +1819,14 @@ for ($i=0;$i<7;$i++) {
&lea ("edi",&DWP($res_y,"esp"));
&call ("_ecp_nistz256_sub"); # p256_sub(res_y, res_y, S2);
- &mov ("ebp",&DWP(32*15+0,"esp")); # !in1infty
- &mov ("esi",&DWP(32*15+4,"esp")); # !in2infty
+ &mov ("ebp",&DWP(32*15+0,"esp")); # ~in1infty
+ &mov ("esi",&DWP(32*15+4,"esp")); # ~in2infty
&mov ("edi",&wparam(0));
&mov ("edx","ebp");
&not ("ebp");
- &and ("edx","esi");
- &and ("ebp","esi");
- &not ("esi");
+ &and ("edx","esi"); # ~in1infty & ~in2infty
+ &and ("ebp","esi"); # in1infty & ~in2infty
+ &not ("esi"); # in2infty
########################################
# conditional moves
@@ -1848,11 +1844,11 @@ for ($i=0;$i<7;$i++) {
&mov (&DWP($i,"edi"),"eax");
}
for($i=0;$i<64;$i+=4) {
- &mov ("eax","edx");
+ &mov ("eax","edx"); # ~in1infty & ~in2infty
&and ("eax",&DWP($res_x+$i,"esp"));
- &mov ("ebx","ebp");
+ &mov ("ebx","ebp"); # in1infty & ~in2infty
&and ("ebx",&DWP($in2_x+$i,"esp"));
- &mov ("ecx","esi");
+ &mov ("ecx","esi"); # in2infty
&and ("ecx",&DWP($in1_x+$i,"esp"));
&or ("eax","ebx");
&or ("eax","ecx");
@@ -1863,4 +1859,4 @@ for ($i=0;$i<7;$i++) {
&asm_finish();
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/ec/asm/ecp_nistz256-x86_64.pl b/crypto/ec/asm/ecp_nistz256-x86_64.pl
index 10ccc6414a49..de9b194510bf 100755
--- a/crypto/ec/asm/ecp_nistz256-x86_64.pl
+++ b/crypto/ec/asm/ecp_nistz256-x86_64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
# Copyright (c) 2014, Intel Corporation. All Rights Reserved.
# Copyright (c) 2015 CloudFlare, Inc.
#
@@ -72,7 +72,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9])\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$avx = ($ver>=3.0) + ($ver>=3.01);
$addx = ($ver>=3.03);
@@ -1579,6 +1579,7 @@ $code.=<<___;
.type ecp_nistz256_to_mont,\@function,2
.align 32
ecp_nistz256_to_mont:
+.cfi_startproc
___
$code.=<<___ if ($addx);
mov \$0x80100, %ecx
@@ -1587,6 +1588,7 @@ ___
$code.=<<___;
lea .LRR(%rip), $b_org
jmp .Lmul_mont
+.cfi_endproc
.size ecp_nistz256_to_mont,.-ecp_nistz256_to_mont
################################################################################
@@ -2562,6 +2564,7 @@ $code.=<<___;
.type ecp_nistz256_scatter_w5,\@abi-omnipotent
.align 32
ecp_nistz256_scatter_w5:
+.cfi_startproc
lea -3($index,$index,2), $index
movdqa 0x00($in_t), %xmm0
shl \$5, $index
@@ -2578,6 +2581,7 @@ ecp_nistz256_scatter_w5:
movdqa %xmm5, 0x50($val,$index)
ret
+.cfi_endproc
.size ecp_nistz256_scatter_w5,.-ecp_nistz256_scatter_w5
################################################################################
@@ -2685,6 +2689,7 @@ $code.=<<___;
.type ecp_nistz256_scatter_w7,\@abi-omnipotent
.align 32
ecp_nistz256_scatter_w7:
+.cfi_startproc
movdqu 0x00($in_t), %xmm0
shl \$6, $index
movdqu 0x10($in_t), %xmm1
@@ -2696,6 +2701,7 @@ ecp_nistz256_scatter_w7:
movdqa %xmm3, 0x30($val,$index)
ret
+.cfi_endproc
.size ecp_nistz256_scatter_w7,.-ecp_nistz256_scatter_w7
################################################################################
@@ -3020,8 +3026,10 @@ $code.=<<___;
.type ecp_nistz256_avx2_gather_w7,\@function,3
.align 32
ecp_nistz256_avx2_gather_w7:
+.cfi_startproc
.byte 0x0f,0x0b # ud2
ret
+.cfi_endproc
.size ecp_nistz256_avx2_gather_w7,.-ecp_nistz256_avx2_gather_w7
___
}
@@ -3618,28 +3626,18 @@ $code.=<<___;
or $acc5, $acc4 # see if result is zero
or $acc0, $acc4
+ or $acc1, $acc4 # !is_equal(U1, U2)
+
+ movq %xmm2, $acc0 # in1infty | in2infty
+ movq %xmm3, $acc1 # !is_equal(S1, S2)
+
+ or $acc0, $acc4
or $acc1, $acc4
+ # if (!is_equal(U1, U2) | in1infty | in2infty | !is_equal(S1, S2))
.byte 0x3e # predict taken
- jnz .Ladd_proceed$x # is_equal(U1,U2)?
- movq %xmm2, $acc0
- movq %xmm3, $acc1
- test $acc0, $acc0
- jnz .Ladd_proceed$x # (in1infty || in2infty)?
- test $acc1, $acc1
- jz .Ladd_double$x # is_equal(S1,S2)?
+ jnz .Ladd_proceed$x
- movq %xmm0, $r_ptr # restore $r_ptr
- pxor %xmm0, %xmm0
- movdqu %xmm0, 0x00($r_ptr)
- movdqu %xmm0, 0x10($r_ptr)
- movdqu %xmm0, 0x20($r_ptr)
- movdqu %xmm0, 0x30($r_ptr)
- movdqu %xmm0, 0x40($r_ptr)
- movdqu %xmm0, 0x50($r_ptr)
- jmp .Ladd_done$x
-
-.align 32
.Ladd_double$x:
movq %xmm1, $a_ptr # restore $a_ptr
movq %xmm0, $r_ptr # restore $r_ptr
@@ -4738,4 +4736,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/ec/asm/x25519-ppc64.pl b/crypto/ec/asm/x25519-ppc64.pl
index 6e8b36420f53..f4b523bf8a08 100755
--- a/crypto/ec/asm/x25519-ppc64.pl
+++ b/crypto/ec/asm/x25519-ppc64.pl
@@ -1,5 +1,5 @@
#! /usr/bin/env perl
-# Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -821,4 +821,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/ec/asm/x25519-x86_64.pl b/crypto/ec/asm/x25519-x86_64.pl
index 18dc6af9fae9..3d9d1dc1ad0c 100755
--- a/crypto/ec/asm/x25519-x86_64.pl
+++ b/crypto/ec/asm/x25519-x86_64.pl
@@ -1,5 +1,5 @@
#!/usr/bin/env perl
-# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -90,7 +90,7 @@ if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
$addx = ($1>=12);
}
-if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([3-9])\.([0-9]+)/) {
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /((?:^clang|LLVM) version|.*based on LLVM) ([0-9]+)\.([0-9]+)/) {
my $ver = $2 + $3/100.0; # 3.1->3.01, 3.10->3.10
$addx = ($ver>=3.03);
}
@@ -488,12 +488,14 @@ $code.=<<___;
.type x25519_fe64_eligible,\@abi-omnipotent
.align 32
x25519_fe64_eligible:
+.cfi_startproc
mov OPENSSL_ia32cap_P+8(%rip),%ecx
xor %eax,%eax
and \$0x80100,%ecx
cmp \$0x80100,%ecx
cmove %ecx,%eax
ret
+.cfi_endproc
.size x25519_fe64_eligible,.-x25519_fe64_eligible
.globl x25519_fe64_mul
@@ -722,6 +724,7 @@ x25519_fe64_sqr:
.align 32
x25519_fe64_mul121666:
.Lfe64_mul121666_body:
+.cfi_startproc
mov \$121666,%edx
mulx 8*0(%rsi),$acc0,%rcx
mulx 8*1(%rsi),$acc1,%rax
@@ -750,6 +753,7 @@ x25519_fe64_mul121666:
.Lfe64_mul121666_epilogue:
ret
+.cfi_endproc
.size x25519_fe64_mul121666,.-x25519_fe64_mul121666
.globl x25519_fe64_add
@@ -757,6 +761,7 @@ x25519_fe64_mul121666:
.align 32
x25519_fe64_add:
.Lfe64_add_body:
+.cfi_startproc
mov 8*0(%rsi),$acc0
mov 8*1(%rsi),$acc1
mov 8*2(%rsi),$acc2
@@ -785,6 +790,7 @@ x25519_fe64_add:
.Lfe64_add_epilogue:
ret
+.cfi_endproc
.size x25519_fe64_add,.-x25519_fe64_add
.globl x25519_fe64_sub
@@ -792,6 +798,7 @@ x25519_fe64_add:
.align 32
x25519_fe64_sub:
.Lfe64_sub_body:
+.cfi_startproc
mov 8*0(%rsi),$acc0
mov 8*1(%rsi),$acc1
mov 8*2(%rsi),$acc2
@@ -820,6 +827,7 @@ x25519_fe64_sub:
.Lfe64_sub_epilogue:
ret
+.cfi_endproc
.size x25519_fe64_sub,.-x25519_fe64_sub
.globl x25519_fe64_tobytes
@@ -827,6 +835,7 @@ x25519_fe64_sub:
.align 32
x25519_fe64_tobytes:
.Lfe64_to_body:
+.cfi_startproc
mov 8*0(%rsi),$acc0
mov 8*1(%rsi),$acc1
mov 8*2(%rsi),$acc2
@@ -862,6 +871,7 @@ x25519_fe64_tobytes:
.Lfe64_to_epilogue:
ret
+.cfi_endproc
.size x25519_fe64_tobytes,.-x25519_fe64_tobytes
___
} else {
@@ -870,8 +880,10 @@ $code.=<<___;
.type x25519_fe64_eligible,\@abi-omnipotent
.align 32
x25519_fe64_eligible:
+.cfi_startproc
xor %eax,%eax
ret
+.cfi_endproc
.size x25519_fe64_eligible,.-x25519_fe64_eligible
.globl x25519_fe64_mul
@@ -887,8 +899,10 @@ x25519_fe64_mul121666:
x25519_fe64_add:
x25519_fe64_sub:
x25519_fe64_tobytes:
+.cfi_startproc
.byte 0x0f,0x0b # ud2
ret
+.cfi_endproc
.size x25519_fe64_mul,.-x25519_fe64_mul
___
}
@@ -1114,4 +1128,4 @@ ___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
print $code;
-close STDOUT;
+close STDOUT or die "error closing STDOUT: $!";
diff --git a/crypto/ec/curve25519.c b/crypto/ec/curve25519.c
index c5d887ec4cd4..952da0e65385 100644
--- a/crypto/ec/curve25519.c
+++ b/crypto/ec/curve25519.c
@@ -8,7 +8,7 @@
*/
#include <string.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#include <openssl/sha.h>
#if defined(X25519_ASM) && (defined(__x86_64) || defined(__x86_64__) || \
diff --git a/crypto/ec/curve448/arch_32/arch_intrinsics.h b/crypto/ec/curve448/arch_32/arch_intrinsics.h
index 48081c77170b..5f6389863d15 100644
--- a/crypto/ec/curve448/arch_32/arch_intrinsics.h
+++ b/crypto/ec/curve448/arch_32/arch_intrinsics.h
@@ -10,10 +10,10 @@
* Originally written by Mike Hamburg
*/
-#ifndef HEADER_ARCH_32_ARCH_INTRINSICS_H
-# define HEADER_ARCH_32_ARCH_INTRINSICS_H
+#ifndef OSSL_CRYPTO_EC_CURVE448_ARCH_32_INTRINSICS_H
+# define OSSL_CRYPTO_EC_CURVE448_ARCH_32_INTRINSICS_H
-#include "internal/constant_time_locl.h"
+#include "internal/constant_time.h"
# define ARCH_WORD_BITS 32
@@ -24,4 +24,4 @@ static ossl_inline uint64_t widemul(uint32_t a, uint32_t b)
return ((uint64_t)a) * b;
}
-#endif /* HEADER_ARCH_32_ARCH_INTRINSICS_H */
+#endif /* OSSL_CRYPTO_EC_CURVE448_ARCH_32_INTRINSICS_H */
diff --git a/crypto/ec/curve448/arch_32/f_impl.h b/crypto/ec/curve448/arch_32/f_impl.h
index bbde84a03897..e1ddddaee08d 100644
--- a/crypto/ec/curve448/arch_32/f_impl.h
+++ b/crypto/ec/curve448/arch_32/f_impl.h
@@ -10,8 +10,8 @@
* Originally written by Mike Hamburg
*/
-#ifndef HEADER_ARCH_32_F_IMPL_H
-# define HEADER_ARCH_32_F_IMPL_H
+#ifndef OSSL_CRYPTO_EC_CURVE448_ARCH_32_F_IMPL_H
+# define OSSL_CRYPTO_EC_CURVE448_ARCH_32_F_IMPL_H
# define GF_HEADROOM 2
# define LIMB(x) ((x) & ((1 << 28) - 1)), ((x) >> 28)
@@ -57,4 +57,4 @@ void gf_weak_reduce(gf a)
a->limb[0] = (a->limb[0] & mask) + tmp;
}
-#endif /* HEADER_ARCH_32_F_IMPL_H */
+#endif /* OSSL_CRYPTO_EC_CURVE448_ARCH_32_F_IMPL_H */
diff --git a/crypto/ec/curve448/curve448.c b/crypto/ec/curve448/curve448.c
index 19bd3857812c..12d97f06795b 100644
--- a/crypto/ec/curve448/curve448.c
+++ b/crypto/ec/curve448/curve448.c
@@ -15,7 +15,7 @@
#include "point_448.h"
#include "ed448.h"
-#include "curve448_lcl.h"
+#include "curve448_local.h"
#define COFACTOR 4
diff --git a/crypto/ec/curve448/curve448_lcl.h b/crypto/ec/curve448/curve448_local.h
index 2bc3bd84c86d..b27770661f89 100644
--- a/crypto/ec/curve448/curve448_lcl.h
+++ b/crypto/ec/curve448/curve448_local.h
@@ -6,8 +6,8 @@
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
-#ifndef HEADER_CURVE448_LCL_H
-# define HEADER_CURVE448_LCL_H
+#ifndef OSSL_CRYPTO_EC_CURVE448_LOCAL_H
+# define OSSL_CRYPTO_EC_CURVE448_LOCAL_H
# include "curve448utils.h"
int X448(uint8_t out_shared_key[56], const uint8_t private_key[56],
@@ -35,4 +35,4 @@ int ED448ph_verify(const uint8_t hash[64], const uint8_t signature[114],
int ED448_public_from_private(uint8_t out_public_key[57],
const uint8_t private_key[57]);
-#endif /* HEADER_CURVE448_LCL_H */
+#endif /* OSSL_CRYPTO_EC_CURVE448_LOCAL_H */
diff --git a/crypto/ec/curve448/curve448utils.h b/crypto/ec/curve448/curve448utils.h
index 9032bb4f730a..86c258e745e4 100644
--- a/crypto/ec/curve448/curve448utils.h
+++ b/crypto/ec/curve448/curve448utils.h
@@ -10,8 +10,8 @@
* Originally written by Mike Hamburg
*/
-#ifndef HEADER_CURVE448UTILS_H
-# define HEADER_CURVE448UTILS_H
+#ifndef OSSL_CRYPTO_EC_CURVE448UTILS_H
+# define OSSL_CRYPTO_EC_CURVE448UTILS_H
# include <openssl/e_os2.h>
diff --git a/crypto/ec/curve448/ed448.h b/crypto/ec/curve448/ed448.h
index 5fe939e8e19d..c1e5c2832f9b 100644
--- a/crypto/ec/curve448/ed448.h
+++ b/crypto/ec/curve448/ed448.h
@@ -10,8 +10,8 @@
* Originally written by Mike Hamburg
*/
-#ifndef HEADER_ED448_H
-# define HEADER_ED448_H
+#ifndef OSSL_CRYPTO_EC_CURVE448_ED448_H
+# define OSSL_CRYPTO_EC_CURVE448_ED448_H
# include "point_448.h"
@@ -192,4 +192,4 @@ c448_error_t c448_ed448_convert_private_key_to_x448(
uint8_t x[X448_PRIVATE_BYTES],
const uint8_t ed[EDDSA_448_PRIVATE_BYTES]);
-#endif /* HEADER_ED448_H */
+#endif /* OSSL_CRYPTO_EC_CURVE448_ED448_H */
diff --git a/crypto/ec/curve448/eddsa.c b/crypto/ec/curve448/eddsa.c
index b28f7dff9138..82741f543549 100644
--- a/crypto/ec/curve448/eddsa.c
+++ b/crypto/ec/curve448/eddsa.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2015-2016 Cryptography Research, Inc.
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -12,7 +12,7 @@
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/evp.h>
-#include "curve448_lcl.h"
+#include "curve448_local.h"
#include "word.h"
#include "ed448.h"
#include "internal/numbers.h"
@@ -50,7 +50,12 @@ static c448_error_t hash_init_with_dom(EVP_MD_CTX *hashctx, uint8_t prehashed,
const uint8_t *context,
size_t context_len)
{
- const char *dom_s = "SigEd448";
+#ifdef CHARSET_EBCDIC
+ const char dom_s[] = {0x53, 0x69, 0x67, 0x45,
+ 0x64, 0x34, 0x34, 0x38, 0x00};
+#else
+ const char dom_s[] = "SigEd448";
+#endif
uint8_t dom[2];
if (context_len > UINT8_MAX)
diff --git a/crypto/ec/curve448/field.h b/crypto/ec/curve448/field.h
index d96d4c023d44..ccd04482d205 100644
--- a/crypto/ec/curve448/field.h
+++ b/crypto/ec/curve448/field.h
@@ -10,10 +10,10 @@
* Originally written by Mike Hamburg
*/
-#ifndef HEADER_FIELD_H
-# define HEADER_FIELD_H
+#ifndef OSSL_CRYPTO_EC_CURVE448_FIELD_H
+# define OSSL_CRYPTO_EC_CURVE448_FIELD_H
-# include "internal/constant_time_locl.h"
+# include "internal/constant_time.h"
# include <string.h>
# include <assert.h>
# include "word.h"
@@ -165,4 +165,4 @@ static ossl_inline void gf_cond_swap(gf x, gf_s * RESTRICT y, mask_t swap)
}
}
-#endif /* HEADER_FIELD_H */
+#endif /* OSSL_CRYPTO_EC_CURVE448_FIELD_H */
diff --git a/crypto/ec/curve448/point_448.h b/crypto/ec/curve448/point_448.h
index 399f91b9a1d9..93e715fd9c8d 100644
--- a/crypto/ec/curve448/point_448.h
+++ b/crypto/ec/curve448/point_448.h
@@ -10,8 +10,8 @@
* Originally written by Mike Hamburg
*/
-#ifndef HEADER_POINT_448_H
-# define HEADER_POINT_448_H
+#ifndef OSSL_CRYPTO_EC_CURVE448_POINT_448_H
+# define OSSL_CRYPTO_EC_CURVE448_POINT_448_H
# include "curve448utils.h"
# include "field.h"
@@ -298,4 +298,4 @@ void curve448_scalar_destroy(curve448_scalar_t scalar);
/* Overwrite point with zeros. */
void curve448_point_destroy(curve448_point_t point);
-#endif /* HEADER_POINT_448_H */
+#endif /* OSSL_CRYPTO_EC_CURVE448_POINT_448_H */
diff --git a/crypto/ec/curve448/word.h b/crypto/ec/curve448/word.h
index a48b9e053a5c..237cc9b63139 100644
--- a/crypto/ec/curve448/word.h
+++ b/crypto/ec/curve448/word.h
@@ -10,8 +10,8 @@
* Originally written by Mike Hamburg
*/
-#ifndef HEADER_WORD_H
-# define HEADER_WORD_H
+#ifndef OSSL_CRYPTO_EC_CURVE448_WORD_H
+# define OSSL_CRYPTO_EC_CURVE448_WORD_H
# include <string.h>
# include <assert.h>
@@ -78,4 +78,4 @@ static ossl_inline mask_t bool_to_mask(c448_bool_t m)
return ret;
}
-#endif /* HEADER_WORD_H */
+#endif /* OSSL_CRYPTO_EC_CURVE448_WORD_H */
diff --git a/crypto/ec/ec2_oct.c b/crypto/ec/ec2_oct.c
index ee300518d69c..48543265eeab 100644
--- a/crypto/ec/ec2_oct.c
+++ b/crypto/ec/ec2_oct.c
@@ -10,7 +10,7 @@
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#ifndef OPENSSL_NO_EC2M
diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c
index 898e741fcb97..84e5537a034a 100644
--- a/crypto/ec/ec2_smpl.c
+++ b/crypto/ec/ec2_smpl.c
@@ -10,8 +10,8 @@
#include <openssl/err.h>
-#include "internal/bn_int.h"
-#include "ec_lcl.h"
+#include "crypto/bn.h"
+#include "ec_local.h"
#ifndef OPENSSL_NO_EC2M
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index c086f47ab3cc..221038373921 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -14,9 +14,9 @@
#include <openssl/bn.h>
#include <openssl/cms.h>
#include <openssl/asn1t.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
-#include "ec_lcl.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
+#include "ec_local.h"
#ifndef OPENSSL_NO_CMS
static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 1ce1181fc10a..336afc989d30 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -8,7 +8,7 @@
*/
#include <string.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#include <openssl/err.h>
#include <openssl/asn1t.h>
#include <openssl/objects.h>
@@ -446,6 +446,7 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
unsigned char *buffer = NULL;
const EC_POINT *point = NULL;
point_conversion_form_t form;
+ ASN1_INTEGER *orig;
if (params == NULL) {
if ((ret = ECPARAMETERS_new()) == NULL) {
@@ -496,8 +497,9 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_EC_LIB);
goto err;
}
- ret->order = BN_to_ASN1_INTEGER(tmp, ret->order);
+ ret->order = BN_to_ASN1_INTEGER(tmp, orig = ret->order);
if (ret->order == NULL) {
+ ret->order = orig;
ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB);
goto err;
}
@@ -505,8 +507,9 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
/* set the cofactor (optional) */
tmp = EC_GROUP_get0_cofactor(group);
if (tmp != NULL) {
- ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor);
+ ret->cofactor = BN_to_ASN1_INTEGER(tmp, orig = ret->cofactor);
if (ret->cofactor == NULL) {
+ ret->cofactor = orig;
ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB);
goto err;
}
@@ -846,6 +849,20 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
* serialized using explicit parameters by default.
*/
EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_EXPLICIT_CURVE);
+
+ /*
+ * If the input params do not contain the optional seed field we make
+ * sure it is not added to the returned group.
+ *
+ * The seed field is not really used inside libcrypto anyway, and
+ * adding it to parsed explicit parameter keys would alter their DER
+ * encoding output (because of the extra field) which could impact
+ * applications fingerprinting keys by their DER encoding.
+ */
+ if (params->curve->seed == NULL) {
+ if (EC_GROUP_set_seed(ret, NULL, 0) != 1)
+ goto err;
+ }
}
ok = 1;
diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c
index eeb06ec1cbe3..d0706d2857e6 100644
--- a/crypto/ec/ec_check.c
+++ b/crypto/ec/ec_check.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "ec_lcl.h"
+#include "ec_local.h"
#include <openssl/err.h>
int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c
index 477349d4413e..8de486cbd763 100644
--- a/crypto/ec/ec_curve.c
+++ b/crypto/ec/ec_curve.c
@@ -9,7 +9,7 @@
*/
#include <string.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#include <openssl/err.h>
#include <openssl/obj_mac.h>
#include <openssl/opensslconf.h>
diff --git a/crypto/ec/ec_cvt.c b/crypto/ec/ec_cvt.c
index 0ec346c125ad..944e317d9d14 100644
--- a/crypto/ec/ec_cvt.c
+++ b/crypto/ec/ec_cvt.c
@@ -9,7 +9,7 @@
*/
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx)
diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
index 9349abf03079..08aaac5d8a6f 100644
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -10,7 +10,7 @@
#include "internal/cryptlib.h"
#include <string.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#include "internal/refcount.h"
#include <openssl/err.h>
#include <openssl/engine.h>
diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c
index 64a5d20872e4..53a4a9295201 100644
--- a/crypto/ec/ec_kmeth.c
+++ b/crypto/ec/ec_kmeth.c
@@ -11,7 +11,7 @@
#include <openssl/ec.h>
#include <openssl/engine.h>
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
static const EC_KEY_METHOD openssl_ec_key_method = {
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 1289c8608edd..3554ada82797 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -13,7 +13,7 @@
#include <openssl/err.h>
#include <openssl/opensslv.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
/* functions for EC_GROUP objects */
diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_local.h
index fbdb04ea3a04..e656fbd5e775 100644
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_local.h
@@ -14,7 +14,7 @@
#include <openssl/ec.h>
#include <openssl/bn.h>
#include "internal/refcount.h"
-#include "internal/ec_int.h"
+#include "crypto/ec.h"
#if defined(__SUNPRO_C)
# if __SUNPRO_C >= 0x520
diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index 57bdf116f1b6..7980a6728288 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -12,8 +12,8 @@
#include <openssl/err.h>
#include "internal/cryptlib.h"
-#include "internal/bn_int.h"
-#include "ec_lcl.h"
+#include "crypto/bn.h"
+#include "ec_local.h"
#include "internal/refcount.h"
/*
diff --git a/crypto/ec/ec_oct.c b/crypto/ec/ec_oct.c
index 522f79e67360..7ddc86b047ca 100644
--- a/crypto/ec/ec_oct.c
+++ b/crypto/ec/ec_oct.c
@@ -13,7 +13,7 @@
#include <openssl/err.h>
#include <openssl/opensslv.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
int EC_POINT_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point,
const BIGNUM *x, int y_bit, BN_CTX *ctx)
diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
index 454be16c5439..64d2cc93a620 100644
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@@ -12,9 +12,9 @@
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/ec.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#include <openssl/evp.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
/* EC pkey context structure */
diff --git a/crypto/ec/ec_print.c b/crypto/ec/ec_print.c
index 027a51928aab..660fc400fb75 100644
--- a/crypto/ec/ec_print.c
+++ b/crypto/ec/ec_print.c
@@ -9,7 +9,7 @@
#include <openssl/crypto.h>
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
BIGNUM *EC_POINT_point2bn(const EC_GROUP *group,
const EC_POINT *point,
@@ -39,13 +39,13 @@ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group,
EC_POINT *ret;
if ((buf_len = BN_num_bytes(bn)) == 0)
- return NULL;
+ buf_len = 1;
if ((buf = OPENSSL_malloc(buf_len)) == NULL) {
ECerr(EC_F_EC_POINT_BN2POINT, ERR_R_MALLOC_FAILURE);
return NULL;
}
- if (!BN_bn2bin(bn, buf)) {
+ if (!BN_bn2binpad(bn, buf, buf_len)) {
OPENSSL_free(buf);
return NULL;
}
diff --git a/crypto/ec/ecdh_kdf.c b/crypto/ec/ecdh_kdf.c
index d686f9d897df..96efac62f66f 100644
--- a/crypto/ec/ecdh_kdf.c
+++ b/crypto/ec/ecdh_kdf.c
@@ -10,7 +10,7 @@
#include <string.h>
#include <openssl/ec.h>
#include <openssl/evp.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
/* Key derivation function from X9.63/SECG */
/* Way more than we will ever need */
diff --git a/crypto/ec/ecdh_ossl.c b/crypto/ec/ecdh_ossl.c
index ab51ee7138ff..0be00d43da4e 100644
--- a/crypto/ec/ecdh_ossl.c
+++ b/crypto/ec/ecdh_ossl.c
@@ -17,7 +17,7 @@
#include <openssl/bn.h>
#include <openssl/objects.h>
#include <openssl/ec.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
int ossl_ecdh_compute_key(unsigned char **psec, size_t *pseclen,
const EC_POINT *pub_key, const EC_KEY *ecdh)
diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c
index c35ed2dcd0e7..1da87bfb5e39 100644
--- a/crypto/ec/ecdsa_ossl.c
+++ b/crypto/ec/ecdsa_ossl.c
@@ -11,8 +11,8 @@
#include <openssl/err.h>
#include <openssl/obj_mac.h>
#include <openssl/rand.h>
-#include "internal/bn_int.h"
-#include "ec_lcl.h"
+#include "crypto/bn.h"
+#include "ec_local.h"
int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen,
unsigned char *sig, unsigned int *siglen,
@@ -309,7 +309,7 @@ int ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
goto err;
ret = ECDSA_do_verify(dgst, dgst_len, s, eckey);
err:
- OPENSSL_clear_free(der, derlen);
+ OPENSSL_free(der);
ECDSA_SIG_free(s);
return ret;
}
diff --git a/crypto/ec/ecdsa_sign.c b/crypto/ec/ecdsa_sign.c
index aee06e991bad..dc79c8c8e3df 100644
--- a/crypto/ec/ecdsa_sign.c
+++ b/crypto/ec/ecdsa_sign.c
@@ -8,7 +8,7 @@
*/
#include <openssl/ec.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#include <openssl/err.h>
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
diff --git a/crypto/ec/ecdsa_vrf.c b/crypto/ec/ecdsa_vrf.c
index f61a20063e4b..ff597bdc143c 100644
--- a/crypto/ec/ecdsa_vrf.c
+++ b/crypto/ec/ecdsa_vrf.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -8,7 +8,7 @@
*/
#include <openssl/ec.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
#include <openssl/err.h>
/*-
@@ -23,7 +23,7 @@ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
if (eckey->meth->verify_sig != NULL)
return eckey->meth->verify_sig(dgst, dgst_len, sig, eckey);
ECerr(EC_F_ECDSA_DO_VERIFY, EC_R_OPERATION_NOT_SUPPORTED);
- return 0;
+ return -1;
}
/*-
@@ -39,5 +39,5 @@ int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
return eckey->meth->verify(type, dgst, dgst_len, sigbuf, sig_len,
eckey);
ECerr(EC_F_ECDSA_VERIFY, EC_R_OPERATION_NOT_SUPPORTED);
- return 0;
+ return -1;
}
diff --git a/crypto/ec/ecp_mont.c b/crypto/ec/ecp_mont.c
index 252e66ef3791..bdc39d5efb0e 100644
--- a/crypto/ec/ecp_mont.c
+++ b/crypto/ec/ecp_mont.c
@@ -10,7 +10,7 @@
#include <openssl/err.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
const EC_METHOD *EC_GFp_mont_method(void)
{
diff --git a/crypto/ec/ecp_nist.c b/crypto/ec/ecp_nist.c
index 5eaa99d8402b..9fd01279a891 100644
--- a/crypto/ec/ecp_nist.c
+++ b/crypto/ec/ecp_nist.c
@@ -12,7 +12,7 @@
#include <openssl/err.h>
#include <openssl/obj_mac.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
const EC_METHOD *EC_GFp_nist_method(void)
{
diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c
index fbbdb9d9386c..9a9ced8f1343 100644
--- a/crypto/ec/ecp_nistp224.c
+++ b/crypto/ec/ecp_nistp224.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2010-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -38,7 +38,7 @@ NON_EMPTY_TRANSLATION_UNIT
# include <stdint.h>
# include <string.h>
# include <openssl/err.h>
-# include "ec_lcl.h"
+# include "ec_local.h"
# if defined(__SIZEOF_INT128__) && __SIZEOF_INT128__==16
/* even with gcc, the typedef won't work for 32-bit platforms */
@@ -907,6 +907,7 @@ static void point_add(felem x3, felem y3, felem z3,
felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, x_out, y_out, z_out;
widefelem tmp, tmp2;
limb z1_is_zero, z2_is_zero, x_equal, y_equal;
+ limb points_equal;
if (!mixed) {
/* ftmp2 = z2^2 */
@@ -963,15 +964,41 @@ static void point_add(felem x3, felem y3, felem z3,
felem_reduce(ftmp, tmp);
/*
- * the formulae are incorrect if the points are equal so we check for
- * this and do doubling if this happens
+ * The formulae are incorrect if the points are equal, in affine coordinates
+ * (X_1, Y_1) == (X_2, Y_2), so we check for this and do doubling if this
+ * happens.
+ *
+ * We use bitwise operations to avoid potential side-channels introduced by
+ * the short-circuiting behaviour of boolean operators.
*/
x_equal = felem_is_zero(ftmp);
y_equal = felem_is_zero(ftmp3);
+ /*
+ * The special case of either point being the point at infinity (z1 and/or
+ * z2 are zero), is handled separately later on in this function, so we
+ * avoid jumping to point_double here in those special cases.
+ */
z1_is_zero = felem_is_zero(z1);
z2_is_zero = felem_is_zero(z2);
- /* In affine coordinates, (X_1, Y_1) == (X_2, Y_2) */
- if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
+
+ /*
+ * Compared to `ecp_nistp256.c` and `ecp_nistp521.c`, in this
+ * specific implementation `felem_is_zero()` returns truth as `0x1`
+ * (rather than `0xff..ff`).
+ *
+ * This implies that `~true` in this implementation becomes
+ * `0xff..fe` (rather than `0x0`): for this reason, to be used in
+ * the if expression, we mask out only the last bit in the next
+ * line.
+ */
+ points_equal = (x_equal & y_equal & (~z1_is_zero) & (~z2_is_zero)) & 1;
+
+ if (points_equal) {
+ /*
+ * This is obviously not constant-time but, as mentioned before, this
+ * case never happens during single point multiplication, so there is no
+ * timing leak for ECDH or ECDSA signing.
+ */
point_double(x3, y3, z3, x1, y1, z1);
return;
}
diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c
index 22ba69aa44ba..e23e9d2a0b34 100644
--- a/crypto/ec/ecp_nistp256.c
+++ b/crypto/ec/ecp_nistp256.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -39,7 +39,7 @@ NON_EMPTY_TRANSLATION_UNIT
# include <stdint.h>
# include <string.h>
# include <openssl/err.h>
-# include "ec_lcl.h"
+# include "ec_local.h"
# if defined(__SIZEOF_INT128__) && __SIZEOF_INT128__==16
/* even with gcc, the typedef won't work for 32-bit platforms */
@@ -74,8 +74,8 @@ static const felem_bytearray nistp256_curve_params[5] = {
{0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, /* a = -3 */
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc}, /* b */
- {0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc},
+ {0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7, /* b */
0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b},
@@ -1241,6 +1241,7 @@ static void point_add(felem x3, felem y3, felem z3,
longfelem tmp, tmp2;
smallfelem small1, small2, small3, small4, small5;
limb x_equal, y_equal, z1_is_zero, z2_is_zero;
+ limb points_equal;
felem_shrink(small3, z1);
@@ -1340,7 +1341,26 @@ static void point_add(felem x3, felem y3, felem z3,
felem_shrink(small1, ftmp5);
y_equal = smallfelem_is_zero(small1);
- if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
+ /*
+ * The formulae are incorrect if the points are equal, in affine coordinates
+ * (X_1, Y_1) == (X_2, Y_2), so we check for this and do doubling if this
+ * happens.
+ *
+ * We use bitwise operations to avoid potential side-channels introduced by
+ * the short-circuiting behaviour of boolean operators.
+ *
+ * The special case of either point being the point at infinity (z1 and/or
+ * z2 are zero), is handled separately later on in this function, so we
+ * avoid jumping to point_double here in those special cases.
+ */
+ points_equal = (x_equal & y_equal & (~z1_is_zero) & (~z2_is_zero));
+
+ if (points_equal) {
+ /*
+ * This is obviously not constant-time but, as mentioned before, this
+ * case never happens during single point multiplication, so there is no
+ * timing leak for ECDH or ECDSA signing.
+ */
point_double(x3, y3, z3, x1, y1, z1);
return;
}
diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
index 6340f4827937..75eeba853679 100644
--- a/crypto/ec/ecp_nistp521.c
+++ b/crypto/ec/ecp_nistp521.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2011-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -38,7 +38,7 @@ NON_EMPTY_TRANSLATION_UNIT
# include <string.h>
# include <openssl/err.h>
-# include "ec_lcl.h"
+# include "ec_local.h"
# if defined(__SIZEOF_INT128__) && __SIZEOF_INT128__==16
/* even with gcc, the typedef won't work for 32-bit platforms */
@@ -1158,6 +1158,7 @@ static void point_add(felem x3, felem y3, felem z3,
felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, ftmp6, x_out, y_out, z_out;
largefelem tmp, tmp2;
limb x_equal, y_equal, z1_is_zero, z2_is_zero;
+ limb points_equal;
z1_is_zero = felem_is_zero(z1);
z2_is_zero = felem_is_zero(z2);
@@ -1242,7 +1243,24 @@ static void point_add(felem x3, felem y3, felem z3,
felem_scalar64(ftmp5, 2);
/* ftmp5[i] < 2^61 */
- if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
+ /*
+ * The formulae are incorrect if the points are equal, in affine coordinates
+ * (X_1, Y_1) == (X_2, Y_2), so we check for this and do doubling if this
+ * happens.
+ *
+ * We use bitwise operations to avoid potential side-channels introduced by
+ * the short-circuiting behaviour of boolean operators.
+ *
+ * The special case of either point being the point at infinity (z1 and/or
+ * z2 are zero), is handled separately later on in this function, so we
+ * avoid jumping to point_double here in those special cases.
+ *
+ * Notice the comment below on the implications of this branching for timing
+ * leaks and why it is considered practically irrelevant.
+ */
+ points_equal = (x_equal & y_equal & (~z1_is_zero) & (~z2_is_zero));
+
+ if (points_equal) {
/*
* This is obviously not constant-time but it will almost-never happen
* for ECDH / ECDSA. The case where it can happen is during scalar-mult
diff --git a/crypto/ec/ecp_nistputil.c b/crypto/ec/ecp_nistputil.c
index f89a2f0aacc1..60e1325c340f 100644
--- a/crypto/ec/ecp_nistputil.c
+++ b/crypto/ec/ecp_nistputil.c
@@ -33,7 +33,7 @@ NON_EMPTY_TRANSLATION_UNIT
*/
# include <stddef.h>
-# include "ec_lcl.h"
+# include "ec_local.h"
/*
* Convert an array of points into affine coordinates. (If the point at
diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c
index 7ad5eb627de1..ba9268138862 100644
--- a/crypto/ec/ecp_nistz256.c
+++ b/crypto/ec/ecp_nistz256.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2014, Intel Corporation. All Rights Reserved.
* Copyright (c) 2015, CloudFlare, Inc.
*
@@ -21,8 +21,8 @@
#include <string.h>
#include "internal/cryptlib.h"
-#include "internal/bn_int.h"
-#include "ec_lcl.h"
+#include "crypto/bn.h"
+#include "ec_local.h"
#include "internal/refcount.h"
#if BN_BITS2 != 64
@@ -358,16 +358,47 @@ static void ecp_nistz256_point_add(P256_POINT *r,
ecp_nistz256_sub(H, U2, U1); /* H = U2 - U1 */
/*
- * This should not happen during sign/ecdh, so no constant time violation
+ * The formulae are incorrect if the points are equal so we check for
+ * this and do doubling if this happens.
+ *
+ * Points here are in Jacobian projective coordinates (Xi, Yi, Zi)
+ * that are bound to the affine coordinates (xi, yi) by the following
+ * equations:
+ * - xi = Xi / (Zi)^2
+ * - y1 = Yi / (Zi)^3
+ *
+ * For the sake of optimization, the algorithm operates over
+ * intermediate variables U1, U2 and S1, S2 that are derived from
+ * the projective coordinates:
+ * - U1 = X1 * (Z2)^2 ; U2 = X2 * (Z1)^2
+ * - S1 = Y1 * (Z2)^3 ; S2 = Y2 * (Z1)^3
+ *
+ * It is easy to prove that is_equal(U1, U2) implies that the affine
+ * x-coordinates are equal, or either point is at infinity.
+ * Likewise is_equal(S1, S2) implies that the affine y-coordinates are
+ * equal, or either point is at infinity.
+ *
+ * The special case of either point being the point at infinity (Z1 or Z2
+ * is zero), is handled separately later on in this function, so we avoid
+ * jumping to point_double here in those special cases.
+ *
+ * When both points are inverse of each other, we know that the affine
+ * x-coordinates are equal, and the y-coordinates have different sign.
+ * Therefore since U1 = U2, we know H = 0, and therefore Z3 = H*Z1*Z2
+ * will equal 0, thus the result is infinity, if we simply let this
+ * function continue normally.
+ *
+ * We use bitwise operations to avoid potential side-channels introduced by
+ * the short-circuiting behaviour of boolean operators.
*/
- if (is_equal(U1, U2) && !in1infty && !in2infty) {
- if (is_equal(S1, S2)) {
- ecp_nistz256_point_double(r, a);
- return;
- } else {
- memset(r, 0, sizeof(*r));
- return;
- }
+ if (is_equal(U1, U2) & ~in1infty & ~in2infty & is_equal(S1, S2)) {
+ /*
+ * This is obviously not constant-time but it should never happen during
+ * single point multiplication, so there is no timing leak for ECDH or
+ * ECDSA signing.
+ */
+ ecp_nistz256_point_double(r, a);
+ return;
}
ecp_nistz256_sqr_mont(Rsqr, R); /* R^2 */
diff --git a/crypto/ec/ecp_oct.c b/crypto/ec/ecp_oct.c
index 7ade1b3d2173..9460763256fd 100644
--- a/crypto/ec/ecp_oct.c
+++ b/crypto/ec/ecp_oct.c
@@ -11,7 +11,7 @@
#include <openssl/err.h>
#include <openssl/symhacks.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group,
EC_POINT *point,
diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c
index e6e4c9d2cbb7..b354bfe9ce9e 100644
--- a/crypto/ec/ecp_smpl.c
+++ b/crypto/ec/ecp_smpl.c
@@ -11,7 +11,7 @@
#include <openssl/err.h>
#include <openssl/symhacks.h>
-#include "ec_lcl.h"
+#include "ec_local.h"
const EC_METHOD *EC_GFp_simple_method(void)
{
diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c
index c87419b5db38..9dc5259e4afc 100644
--- a/crypto/ec/ecx_meth.c
+++ b/crypto/ec/ecx_meth.c
@@ -12,10 +12,10 @@
#include <openssl/x509.h>
#include <openssl/ec.h>
#include <openssl/rand.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
-#include "ec_lcl.h"
-#include "curve448/curve448_lcl.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
+#include "ec_local.h"
+#include "curve448/curve448_local.h"
#define X25519_BITS 253
#define X25519_SECURITY_BITS 128
@@ -191,7 +191,7 @@ static int ecx_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
}
rv = ecx_key_op(pkey, pkey->ameth->pkey_id, palg, p, plen, KEY_OP_PRIVATE);
- ASN1_OCTET_STRING_free(oct);
+ ASN1_STRING_clear_free(oct);
return rv;
}
diff --git a/crypto/engine/README b/crypto/engine/README
index c7a5696ca14c..0f8a8fbde410 100644
--- a/crypto/engine/README
+++ b/crypto/engine/README
@@ -9,7 +9,7 @@ for masochists" document *and* a rather extensive commit log message. (I'd get
lynched for sticking all this in CHANGES or the commit mails :-).
ENGINE_TABLE underlies this restructuring, as described in the internal header
-"eng_int.h", implemented in eng_table.c, and used in each of the "class" files;
+"eng_local.h", implemented in eng_table.c, and used in each of the "class" files;
tb_rsa.c, tb_dsa.c, etc.
However, "EVP_CIPHER" underlies the motivation and design of ENGINE_TABLE so
diff --git a/crypto/engine/eng_all.c b/crypto/engine/eng_all.c
index af306ccffc12..b675ed7892e2 100644
--- a/crypto/engine/eng_all.c
+++ b/crypto/engine/eng_all.c
@@ -8,7 +8,7 @@
*/
#include "internal/cryptlib.h"
-#include "eng_int.h"
+#include "eng_local.h"
void ENGINE_load_builtin_engines(void)
{
diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c
index 6f0a066d06d1..df00df6acd61 100644
--- a/crypto/engine/eng_cnf.c
+++ b/crypto/engine/eng_cnf.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
#include <openssl/conf.h>
/* #define ENGINE_CONF_DEBUG */
diff --git a/crypto/engine/eng_ctrl.c b/crypto/engine/eng_ctrl.c
index 3bc4aab16fed..e65e78447b43 100644
--- a/crypto/engine/eng_ctrl.c
+++ b/crypto/engine/eng_ctrl.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
/*
* When querying a ENGINE-specific control command's 'description', this
diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c
index a727c6f64606..49e9ce1af33b 100644
--- a/crypto/engine/eng_devcrypto.c
+++ b/crypto/engine/eng_devcrypto.c
@@ -22,7 +22,7 @@
#include <openssl/objects.h>
#include <crypto/cryptodev.h>
-#include "internal/engine.h"
+#include "crypto/engine.h"
/* #define ENGINE_DEVCRYPTO_DEBUG */
diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
index 843226c077db..06e677290a70 100644
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
#include "internal/dso.h"
#include <openssl/crypto.h>
diff --git a/crypto/engine/eng_fat.c b/crypto/engine/eng_fat.c
index 591fddc8e4fb..fe231a65f658 100644
--- a/crypto/engine/eng_fat.c
+++ b/crypto/engine/eng_fat.c
@@ -8,7 +8,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
#include <openssl/conf.h>
int ENGINE_set_default(ENGINE *e, unsigned int flags)
diff --git a/crypto/engine/eng_init.c b/crypto/engine/eng_init.c
index 7c235fc472a2..6c9063f8f681 100644
--- a/crypto/engine/eng_init.c
+++ b/crypto/engine/eng_init.c
@@ -8,7 +8,7 @@
*/
#include "e_os.h"
-#include "eng_int.h"
+#include "eng_local.h"
/*
* Initialise a engine type for use (or up its functional reference count if
diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c
index d7f2026fac54..b851ff695756 100644
--- a/crypto/engine/eng_lib.c
+++ b/crypto/engine/eng_lib.c
@@ -8,7 +8,7 @@
*/
#include "e_os.h"
-#include "eng_int.h"
+#include "eng_local.h"
#include <openssl/rand.h>
#include "internal/refcount.h"
diff --git a/crypto/engine/eng_list.c b/crypto/engine/eng_list.c
index 45c339c54157..1352fb7c961d 100644
--- a/crypto/engine/eng_list.c
+++ b/crypto/engine/eng_list.c
@@ -8,7 +8,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
/*
* The linked-list of pointers to engine types. engine_list_head incorporates
diff --git a/crypto/engine/eng_int.h b/crypto/engine/eng_local.h
index b95483341e20..8ef7172b9f45 100644
--- a/crypto/engine/eng_int.h
+++ b/crypto/engine/eng_local.h
@@ -8,11 +8,11 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef HEADER_ENGINE_INT_H
-# define HEADER_ENGINE_INT_H
+#ifndef OSSL_CRYPTO_ENGINE_ENG_LOCAL_H
+# define OSSL_CRYPTO_ENGINE_ENG_LOCAL_H
# include "internal/cryptlib.h"
-# include "internal/engine.h"
+# include "crypto/engine.h"
# include "internal/thread_once.h"
# include "internal/refcount.h"
@@ -168,4 +168,4 @@ typedef struct st_engine_pile ENGINE_PILE;
DEFINE_LHASH_OF(ENGINE_PILE);
-#endif /* HEADER_ENGINE_INT_H */
+#endif /* OSSL_CRYPTO_ENGINE_ENG_LOCAL_H */
diff --git a/crypto/engine/eng_openssl.c b/crypto/engine/eng_openssl.c
index d9b3067a1322..25631fb879ee 100644
--- a/crypto/engine/eng_openssl.c
+++ b/crypto/engine/eng_openssl.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -11,7 +11,7 @@
#include <stdio.h>
#include <openssl/crypto.h>
#include "internal/cryptlib.h"
-#include "internal/engine.h"
+#include "crypto/engine.h"
#include <openssl/pem.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
@@ -167,7 +167,7 @@ static int bind_fn(ENGINE *e, const char *id)
}
IMPLEMENT_DYNAMIC_CHECK_FN()
- IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
#endif /* ENGINE_DYNAMIC_SUPPORT */
#ifdef TEST_ENG_OPENSSL_RC4
/*-
diff --git a/crypto/engine/eng_pkey.c b/crypto/engine/eng_pkey.c
index 305a648feb6a..e813bc6db0e6 100644
--- a/crypto/engine/eng_pkey.c
+++ b/crypto/engine/eng_pkey.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
/* Basic get/set stuff */
diff --git a/crypto/engine/eng_rdrand.c b/crypto/engine/eng_rdrand.c
index 261e5debbfd7..9dceb1671099 100644
--- a/crypto/engine/eng_rdrand.c
+++ b/crypto/engine/eng_rdrand.c
@@ -11,7 +11,7 @@
#include <stdio.h>
#include <string.h>
-#include "internal/engine.h"
+#include "crypto/engine.h"
#include <openssl/rand.h>
#include <openssl/err.h>
#include <openssl/crypto.h>
diff --git a/crypto/engine/eng_table.c b/crypto/engine/eng_table.c
index ac4b02fc12a8..72f393dbe143 100644
--- a/crypto/engine/eng_table.c
+++ b/crypto/engine/eng_table.c
@@ -10,7 +10,7 @@
#include "internal/cryptlib.h"
#include <openssl/evp.h>
#include <openssl/lhash.h>
-#include "eng_int.h"
+#include "eng_local.h"
/* The type of the items in the table */
struct st_engine_pile {
@@ -26,7 +26,7 @@ struct st_engine_pile {
int uptodate;
};
-/* The type exposed in eng_int.h */
+/* The type exposed in eng_local.h */
struct st_engine_table {
LHASH_OF(ENGINE_PILE) piles;
}; /* ENGINE_TABLE */
@@ -76,7 +76,7 @@ static int int_table_check(ENGINE_TABLE **t, int create)
}
/*
- * Privately exposed (via eng_int.h) functions for adding and/or removing
+ * Privately exposed (via eng_local.h) functions for adding and/or removing
* ENGINEs from the implementation table
*/
int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
diff --git a/crypto/engine/tb_asnmth.c b/crypto/engine/tb_asnmth.c
index 4bcc76136a10..72850b9398e3 100644
--- a/crypto/engine/tb_asnmth.c
+++ b/crypto/engine/tb_asnmth.c
@@ -8,9 +8,9 @@
*/
#include "e_os.h"
-#include "eng_int.h"
+#include "eng_local.h"
#include <openssl/evp.h>
-#include "internal/asn1_int.h"
+#include "crypto/asn1.h"
/*
* If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the
@@ -147,7 +147,8 @@ const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
nidcount = e->pkey_asn1_meths(e, NULL, &nids, 0);
for (i = 0; i < nidcount; i++) {
e->pkey_asn1_meths(e, &ameth, NULL, nids[i]);
- if (((int)strlen(ameth->pem_str) == len)
+ if (ameth != NULL
+ && ((int)strlen(ameth->pem_str) == len)
&& strncasecmp(ameth->pem_str, str, len) == 0)
return ameth;
}
diff --git a/crypto/engine/tb_cipher.c b/crypto/engine/tb_cipher.c
index faa967c475f5..236da346cd4c 100644
--- a/crypto/engine/tb_cipher.c
+++ b/crypto/engine/tb_cipher.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
static ENGINE_TABLE *cipher_table = NULL;
diff --git a/crypto/engine/tb_dh.c b/crypto/engine/tb_dh.c
index 785119f65af9..a13a13950083 100644
--- a/crypto/engine/tb_dh.c
+++ b/crypto/engine/tb_dh.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
static ENGINE_TABLE *dh_table = NULL;
static const int dummy_nid = 1;
diff --git a/crypto/engine/tb_digest.c b/crypto/engine/tb_digest.c
index d644b1b0a825..a6e6337a01d9 100644
--- a/crypto/engine/tb_digest.c
+++ b/crypto/engine/tb_digest.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
static ENGINE_TABLE *digest_table = NULL;
diff --git a/crypto/engine/tb_dsa.c b/crypto/engine/tb_dsa.c
index 65b6ea8d3a0e..2c77f0f3e151 100644
--- a/crypto/engine/tb_dsa.c
+++ b/crypto/engine/tb_dsa.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
static ENGINE_TABLE *dsa_table = NULL;
static const int dummy_nid = 1;
diff --git a/crypto/engine/tb_eckey.c b/crypto/engine/tb_eckey.c
index 1e5073685410..907d55ae8c44 100644
--- a/crypto/engine/tb_eckey.c
+++ b/crypto/engine/tb_eckey.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
static ENGINE_TABLE *dh_table = NULL;
static const int dummy_nid = 1;
diff --git a/crypto/engine/tb_pkmeth.c b/crypto/engine/tb_pkmeth.c
index 03cd1e69dd6d..c5c001c5cbec 100644
--- a/crypto/engine/tb_pkmeth.c
+++ b/crypto/engine/tb_pkmeth.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
#include <openssl/evp.h>
static ENGINE_TABLE *pkey_meth_table = NULL;
diff --git a/crypto/engine/tb_rand.c b/crypto/engine/tb_rand.c
index 98a98073cdd0..92f61c5a8840 100644
--- a/crypto/engine/tb_rand.c
+++ b/crypto/engine/tb_rand.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
static ENGINE_TABLE *rand_table = NULL;
static const int dummy_nid = 1;
diff --git a/crypto/engine/tb_rsa.c b/crypto/engine/tb_rsa.c
index d8d2e34f848b..43e865e6d6d1 100644
--- a/crypto/engine/tb_rsa.c
+++ b/crypto/engine/tb_rsa.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "eng_int.h"
+#include "eng_local.h"
static ENGINE_TABLE *rsa_table = NULL;
static const int dummy_nid = 1;
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 3a58ccb95882..1372d52f80ee 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -10,17 +10,17 @@
#include <stdio.h>
#include <stdarg.h>
#include <string.h>
-#include "internal/cryptlib_int.h"
+#include "crypto/cryptlib.h"
#include "internal/err.h"
-#include "internal/err_int.h"
+#include "crypto/err.h"
#include <openssl/err.h>
#include <openssl/crypto.h>
#include <openssl/buffer.h>
#include <openssl/bio.h>
#include <openssl/opensslconf.h>
#include "internal/thread_once.h"
-#include "internal/ctype.h"
-#include "internal/constant_time_locl.h"
+#include "crypto/ctype.h"
+#include "internal/constant_time.h"
#include "e_os.h"
static int err_load_strings(const ERR_STRING_DATA *str);
diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c
index d9ec04b60676..7c0a5f0b9c5f 100644
--- a/crypto/err/err_all.c
+++ b/crypto/err/err_all.c
@@ -8,7 +8,7 @@
*/
#include <stdio.h>
-#include "internal/err_int.h"
+#include "crypto/err.h"
#include <openssl/asn1err.h>
#include <openssl/bnerr.h>
#include <openssl/ecerr.h>
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index a433b0324078..f5324c6819d8 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1,4 +1,4 @@
-# Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1002,6 +1002,7 @@ PKCS7_F_PKCS7_SIGNER_INFO_SIGN:139:PKCS7_SIGNER_INFO_sign
PKCS7_F_PKCS7_SIGN_ADD_SIGNER:137:PKCS7_sign_add_signer
PKCS7_F_PKCS7_SIMPLE_SMIMECAP:119:PKCS7_simple_smimecap
PKCS7_F_PKCS7_VERIFY:117:PKCS7_verify
+RAND_F_DATA_COLLECT_METHOD:127:data_collect_method
RAND_F_DRBG_BYTES:101:drbg_bytes
RAND_F_DRBG_GET_ENTROPY:105:drbg_get_entropy
RAND_F_DRBG_SETUP:117:drbg_setup
@@ -1027,6 +1028,7 @@ RAND_F_RAND_POOL_ATTACH:124:rand_pool_attach
RAND_F_RAND_POOL_BYTES_NEEDED:115:rand_pool_bytes_needed
RAND_F_RAND_POOL_GROW:125:rand_pool_grow
RAND_F_RAND_POOL_NEW:116:rand_pool_new
+RAND_F_RAND_PSEUDO_BYTES:126:RAND_pseudo_bytes
RAND_F_RAND_WRITE_FILE:112:RAND_write_file
RSA_F_CHECK_PADDING_MD:140:check_padding_md
RSA_F_ENCODE_PKCS1:146:encode_pkcs1
@@ -1178,6 +1180,7 @@ SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE:431:*
SSL_F_OSSL_STATEM_SERVER_POST_PROCESS_MESSAGE:601:\
ossl_statem_server_post_process_message
SSL_F_OSSL_STATEM_SERVER_POST_WORK:602:ossl_statem_server_post_work
+SSL_F_OSSL_STATEM_SERVER_PRE_WORK:640:
SSL_F_OSSL_STATEM_SERVER_PROCESS_MESSAGE:603:ossl_statem_server_process_message
SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION:418:ossl_statem_server_read_transition
SSL_F_OSSL_STATEM_SERVER_WRITE_TRANSITION:604:\
@@ -2254,6 +2257,7 @@ EVP_R_INITIALIZATION_ERROR:134:initialization error
EVP_R_INPUT_NOT_INITIALIZED:111:input not initialized
EVP_R_INVALID_DIGEST:152:invalid digest
EVP_R_INVALID_FIPS_MODE:168:invalid fips mode
+EVP_R_INVALID_IV_LENGTH:194:invalid iv length
EVP_R_INVALID_KEY:163:invalid key
EVP_R_INVALID_KEY_LENGTH:130:invalid key length
EVP_R_INVALID_OPERATION:148:invalid operation
@@ -2848,6 +2852,7 @@ SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES:242:unable to load ssl3 md5 routines
SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES:243:unable to load ssl3 sha1 routines
SSL_R_UNEXPECTED_CCS_MESSAGE:262:unexpected ccs message
SSL_R_UNEXPECTED_END_OF_EARLY_DATA:178:unexpected end of early data
+SSL_R_UNEXPECTED_EOF_WHILE_READING:294:unexpected eof while reading
SSL_R_UNEXPECTED_MESSAGE:244:unexpected message
SSL_R_UNEXPECTED_RECORD:245:unexpected record
SSL_R_UNINITIALIZED:276:uninitialized
diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c
index 288dee01b220..fed4cf1eb1ff 100644
--- a/crypto/evp/bio_md.c
+++ b/crypto/evp/bio_md.c
@@ -12,8 +12,8 @@
#include "internal/cryptlib.h"
#include <openssl/buffer.h>
#include <openssl/evp.h>
-#include "internal/evp_int.h"
-#include "evp_locl.h"
+#include "crypto/evp.h"
+#include "evp_local.h"
#include "internal/bio.h"
/*
diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c
index 300db6cd320d..a77cfb1552de 100644
--- a/crypto/evp/bio_ok.c
+++ b/crypto/evp/bio_ok.c
@@ -76,7 +76,7 @@
#include "internal/bio.h"
#include <openssl/evp.h>
#include <openssl/rand.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
static int ok_write(BIO *h, const char *buf, int num);
static int ok_read(BIO *h, char *buf, int size);
diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
index 086b3c4d51b4..22fdcc409c16 100644
--- a/crypto/evp/c_allc.c
+++ b/crypto/evp/c_allc.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
#include <openssl/pkcs12.h>
#include <openssl/objects.h>
diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c
index 1267531a7d23..16ac1b67f465 100644
--- a/crypto/evp/c_alld.c
+++ b/crypto/evp/c_alld.c
@@ -10,7 +10,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
#include <openssl/pkcs12.h>
#include <openssl/objects.h>
diff --git a/crypto/evp/cmeth_lib.c b/crypto/evp/cmeth_lib.c
index e2295c4dc589..272e48249e42 100644
--- a/crypto/evp/cmeth_lib.c
+++ b/crypto/evp/cmeth_lib.c
@@ -10,8 +10,8 @@
#include <string.h>
#include <openssl/evp.h>
-#include "internal/evp_int.h"
-#include "evp_locl.h"
+#include "crypto/evp.h"
+#include "evp_local.h"
EVP_CIPHER *EVP_CIPHER_meth_new(int cipher_type, int block_size, int key_len)
{
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 6693f270b694..d1bfa274ca81 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -12,8 +12,8 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/engine.h>
-#include "internal/evp_int.h"
-#include "evp_locl.h"
+#include "crypto/evp.h"
+#include "evp_local.h"
/* This call frees resources associated with the context */
int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 1db346fc864b..405ddbf9bf09 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -14,10 +14,10 @@
#include <string.h>
#include <assert.h>
#include <openssl/aes.h>
-#include "internal/evp_int.h"
-#include "modes_lcl.h"
+#include "crypto/evp.h"
+#include "modes_local.h"
#include <openssl/rand.h>
-#include "evp_locl.h"
+#include "evp_local.h"
typedef struct {
union {
@@ -176,7 +176,7 @@ static void ctr64_inc(unsigned char *counter)
# define HWAES_xts_decrypt aes_p8_xts_decrypt
#endif
-#if !defined(OPENSSL_NO_ASM) && ( \
+#if defined(OPENSSL_CPUID_OBJ) && ( \
((defined(__i386) || defined(__i386__) || \
defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
defined(__x86_64) || defined(__x86_64__) || \
@@ -1127,7 +1127,7 @@ typedef struct {
} icv;
unsigned char k[32];
} kmac_param;
- /* KMAC-AES paramater block - end */
+ /* KMAC-AES parameter block - end */
union {
unsigned long long g[2];
@@ -1414,7 +1414,7 @@ static int s390x_aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
(OPENSSL_s390xcap_P.kma[0] & \
S390X_CAPBIT(S390X_AES_256)))
-/* iv + padding length for iv lenghts != 12 */
+/* iv + padding length for iv lengths != 12 */
# define S390X_gcm_ivpadlen(i) ((((i) + 15) >> 4 << 4) + 16)
/*-
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
index 09d24dc3d02a..27c36b46e7a4 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -17,9 +17,9 @@
#include <openssl/aes.h>
#include <openssl/sha.h>
#include <openssl/rand.h>
-#include "modes_lcl.h"
-#include "internal/evp_int.h"
-#include "internal/constant_time_locl.h"
+#include "modes_local.h"
+#include "crypto/evp.h"
+#include "internal/constant_time.h"
typedef struct {
AES_KEY ks;
@@ -33,7 +33,7 @@ typedef struct {
#define NO_PAYLOAD_LENGTH ((size_t)-1)
-#if defined(AES_ASM) && ( \
+#if defined(AESNI_ASM) && ( \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) )
diff --git a/crypto/evp/e_aes_cbc_hmac_sha256.c b/crypto/evp/e_aes_cbc_hmac_sha256.c
index caac0c9d3da2..cc622b6faa8c 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha256.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -18,9 +18,9 @@
#include <openssl/aes.h>
#include <openssl/sha.h>
#include <openssl/rand.h>
-#include "modes_lcl.h"
-#include "internal/constant_time_locl.h"
-#include "internal/evp_int.h"
+#include "modes_local.h"
+#include "internal/constant_time.h"
+#include "crypto/evp.h"
typedef struct {
AES_KEY ks;
@@ -34,7 +34,7 @@ typedef struct {
# define NO_PAYLOAD_LENGTH ((size_t)-1)
-#if defined(AES_ASM) && ( \
+#if defined(AESNI_ASM) && ( \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_AMD64) || defined(_M_X64) )
@@ -947,4 +947,4 @@ const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void)
{
return NULL;
}
-#endif
+#endif /* AESNI_ASM */
diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c
index fcaceb3bcadf..1cc6dd91a95a 100644
--- a/crypto/evp/e_aria.c
+++ b/crypto/evp/e_aria.c
@@ -14,10 +14,10 @@
# include <openssl/modes.h>
# include <openssl/rand.h>
# include <openssl/rand_drbg.h>
-# include "internal/aria.h"
-# include "internal/evp_int.h"
-# include "modes_lcl.h"
-# include "evp_locl.h"
+# include "crypto/aria.h"
+# include "crypto/evp.h"
+# include "modes_local.h"
+# include "evp_local.h"
/* ARIA subkey Structure */
typedef struct {
@@ -695,8 +695,6 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (!cctx->iv_set)
return -1;
- if (!EVP_CIPHER_CTX_encrypting(ctx) && !cctx->tag_set)
- return -1;
if (!out) {
if (!in) {
if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx),
@@ -711,6 +709,11 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
CRYPTO_ccm128_aad(ccm, in, len);
return len;
}
+
+ /* The tag must be set before actually decrypting data */
+ if (!EVP_CIPHER_CTX_encrypting(ctx) && !cctx->tag_set)
+ return -1;
+
/* If not set length yet do it */
if (!cctx->len_set) {
if (CRYPTO_ccm128_setiv(ccm, EVP_CIPHER_CTX_iv_noconst(ctx),
diff --git a/crypto/evp/e_bf.c b/crypto/evp/e_bf.c
index dc386905c5cb..9a065582c6c8 100644
--- a/crypto/evp/e_bf.c
+++ b/crypto/evp/e_bf.c
@@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#ifndef OPENSSL_NO_BF
# include <openssl/evp.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
# include <openssl/objects.h>
# include <openssl/blowfish.h>
diff --git a/crypto/evp/e_camellia.c b/crypto/evp/e_camellia.c
index 2df4a6e3e011..502d6936cc13 100644
--- a/crypto/evp/e_camellia.c
+++ b/crypto/evp/e_camellia.c
@@ -17,8 +17,8 @@ NON_EMPTY_TRANSLATION_UNIT
# include <string.h>
# include <assert.h>
# include <openssl/camellia.h>
-# include "internal/evp_int.h"
-# include "modes_lcl.h"
+# include "crypto/evp.h"
+# include "modes_local.h"
static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
diff --git a/crypto/evp/e_cast.c b/crypto/evp/e_cast.c
index 259d44059b20..df9f445bd0a2 100644
--- a/crypto/evp/e_cast.c
+++ b/crypto/evp/e_cast.c
@@ -13,7 +13,7 @@
#ifndef OPENSSL_NO_CAST
# include <openssl/evp.h>
# include <openssl/objects.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
# include <openssl/cast.h>
static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c
index 435a38d3658d..bdc406bb69dc 100644
--- a/crypto/evp/e_chacha20_poly1305.c
+++ b/crypto/evp/e_chacha20_poly1305.c
@@ -14,9 +14,9 @@
# include <openssl/evp.h>
# include <openssl/objects.h>
-# include "evp_locl.h"
-# include "internal/evp_int.h"
-# include "internal/chacha.h"
+# include "evp_local.h"
+# include "crypto/evp.h"
+# include "crypto/chacha.h"
typedef struct {
union {
@@ -146,7 +146,7 @@ const EVP_CIPHER *EVP_chacha20(void)
}
# ifndef OPENSSL_NO_POLY1305
-# include "internal/poly1305.h"
+# include "crypto/poly1305.h"
typedef struct {
EVP_CHACHA_KEY key;
diff --git a/crypto/evp/e_des.c b/crypto/evp/e_des.c
index c13fb3e25a9b..6d6e919af696 100644
--- a/crypto/evp/e_des.c
+++ b/crypto/evp/e_des.c
@@ -12,7 +12,7 @@
#ifndef OPENSSL_NO_DES
# include <openssl/evp.h>
# include <openssl/objects.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
# include <openssl/des.h>
# include <openssl/rand.h>
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index 6b492ce47023..2a5597fee527 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -12,10 +12,10 @@
#ifndef OPENSSL_NO_DES
# include <openssl/evp.h>
# include <openssl/objects.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
# include <openssl/des.h>
# include <openssl/rand.h>
-# include "evp_locl.h"
+# include "evp_local.h"
typedef struct {
union {
diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c
index 93f6a4131fa8..1068378ddc75 100644
--- a/crypto/evp/e_idea.c
+++ b/crypto/evp/e_idea.c
@@ -13,7 +13,7 @@
#ifndef OPENSSL_NO_IDEA
# include <openssl/evp.h>
# include <openssl/objects.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
# include <openssl/idea.h>
/* Can't use IMPLEMENT_BLOCK_CIPHER because IDEA_ecb_encrypt is different */
diff --git a/crypto/evp/e_null.c b/crypto/evp/e_null.c
index 18a8468216a0..0725454a3a4a 100644
--- a/crypto/evp/e_null.c
+++ b/crypto/evp/e_null.c
@@ -11,7 +11,7 @@
#include "internal/cryptlib.h"
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c
index aa0d14018687..4d8a0ee4b015 100644
--- a/crypto/evp/e_rc2.c
+++ b/crypto/evp/e_rc2.c
@@ -14,7 +14,7 @@
# include <openssl/evp.h>
# include <openssl/objects.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
# include <openssl/rc2.h>
static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c
index d16abdd0d2d7..c24bc8fe5982 100644
--- a/crypto/evp/e_rc4.c
+++ b/crypto/evp/e_rc4.c
@@ -16,7 +16,7 @@
# include <openssl/objects.h>
# include <openssl/rc4.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
typedef struct {
RC4_KEY ks; /* working key */
diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c
index b1e8ccd6ddca..201ce443435c 100644
--- a/crypto/evp/e_rc4_hmac_md5.c
+++ b/crypto/evp/e_rc4_hmac_md5.c
@@ -19,7 +19,7 @@
# include <openssl/objects.h>
# include <openssl/rc4.h>
# include <openssl/md5.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
typedef struct {
RC4_KEY ks;
diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c
index dc5589b68813..c86e87b65ab4 100644
--- a/crypto/evp/e_rc5.c
+++ b/crypto/evp/e_rc5.c
@@ -13,9 +13,9 @@
#ifndef OPENSSL_NO_RC5
# include <openssl/evp.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
# include <openssl/objects.h>
-# include "evp_locl.h"
+# include "evp_local.h"
# include <openssl/rc5.h>
static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
diff --git a/crypto/evp/e_seed.c b/crypto/evp/e_seed.c
index 40aec5fc6ac0..aeb2363beade 100644
--- a/crypto/evp/e_seed.c
+++ b/crypto/evp/e_seed.c
@@ -16,7 +16,7 @@ NON_EMPTY_TRANSLATION_UNIT
# include <string.h>
# include <assert.h>
# include <openssl/seed.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
diff --git a/crypto/evp/e_sm4.c b/crypto/evp/e_sm4.c
index 79deb6563646..fce32794fc51 100644
--- a/crypto/evp/e_sm4.c
+++ b/crypto/evp/e_sm4.c
@@ -13,8 +13,8 @@
#ifndef OPENSSL_NO_SM4
# include <openssl/evp.h>
# include <openssl/modes.h>
-# include "internal/sm4.h"
-# include "internal/evp_int.h"
+# include "crypto/sm4.h"
+# include "crypto/evp.h"
typedef struct {
SM4_KEY ks;
diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c
index 57ce813da824..b73077542264 100644
--- a/crypto/evp/e_xcbc_d.c
+++ b/crypto/evp/e_xcbc_d.c
@@ -14,7 +14,7 @@
# include <openssl/evp.h>
# include <openssl/objects.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
# include <openssl/des.h>
static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c
index da32d4fd1973..9307ff046424 100644
--- a/crypto/evp/encode.c
+++ b/crypto/evp/encode.c
@@ -11,8 +11,8 @@
#include <limits.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
-#include "evp_locl.h"
-#include "internal/evp_int.h"
+#include "evp_local.h"
+#include "crypto/evp.h"
static unsigned char conv_ascii2bin(unsigned char a,
const unsigned char *table);
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 05dd791b6cb0..b9b6490fe069 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -15,8 +15,8 @@
#include <openssl/rand.h>
#include <openssl/rand_drbg.h>
#include <openssl/engine.h>
-#include "internal/evp_int.h"
-#include "evp_locl.h"
+#include "crypto/evp.h"
+#include "evp_local.h"
int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c)
{
@@ -305,6 +305,17 @@ static int evp_EncryptDecryptUpdate(EVP_CIPHER_CTX *ctx,
bl = ctx->cipher->block_size;
+ /*
+ * CCM mode needs to know about the case where inl == 0 && in == NULL - it
+ * means the plaintext/ciphertext length is 0
+ */
+ if (inl < 0
+ || (inl == 0
+ && EVP_CIPHER_mode(ctx->cipher) != EVP_CIPH_CCM_MODE)) {
+ *outl = 0;
+ return inl == 0;
+ }
+
if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
/* If block size > 1 then the cipher will have to do this check */
if (bl == 1 && is_partially_overlapping(out, in, cmpl)) {
@@ -320,10 +331,6 @@ static int evp_EncryptDecryptUpdate(EVP_CIPHER_CTX *ctx,
return 1;
}
- if (inl <= 0) {
- *outl = 0;
- return inl == 0;
- }
if (is_partially_overlapping(out + ctx->buf_len, in, cmpl)) {
EVPerr(EVP_F_EVP_ENCRYPTDECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
return 0;
@@ -457,6 +464,17 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
if (EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS))
cmpl = (cmpl + 7) / 8;
+ /*
+ * CCM mode needs to know about the case where inl == 0 - it means the
+ * plaintext/ciphertext length is 0
+ */
+ if (inl < 0
+ || (inl == 0
+ && EVP_CIPHER_mode(ctx->cipher) != EVP_CIPH_CCM_MODE)) {
+ *outl = 0;
+ return inl == 0;
+ }
+
if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
if (b == 1 && is_partially_overlapping(out, in, cmpl)) {
EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_PARTIALLY_OVERLAPPING);
@@ -472,11 +490,6 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
return 1;
}
- if (inl <= 0) {
- *outl = 0;
- return inl == 0;
- }
-
if (ctx->flags & EVP_CIPH_NO_PADDING)
return evp_EncryptDecryptUpdate(ctx, out, outl, in, inl);
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 84bd3c2dab27..05481d827fb4 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -213,6 +213,7 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
"input not initialized"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_DIGEST), "invalid digest"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_IV_LENGTH), "invalid iv length"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_KEY), "invalid key"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_OPERATION), "invalid operation"},
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 4935c2a94a1a..45cde0da8bfc 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -11,8 +11,8 @@
#include "internal/cryptlib.h"
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "internal/evp_int.h"
-#include "evp_locl.h"
+#include "crypto/evp.h"
+#include "evp_local.h"
int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
{
diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_local.h
index f1589d682894..f1589d682894 100644
--- a/crypto/evp/evp_locl.h
+++ b/crypto/evp/evp_local.h
diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c
index 5a88817b4aa9..967203f373c9 100644
--- a/crypto/evp/evp_pbe.c
+++ b/crypto/evp/evp_pbe.c
@@ -12,7 +12,7 @@
#include <openssl/evp.h>
#include <openssl/pkcs12.h>
#include <openssl/x509.h>
-#include "evp_locl.h"
+#include "evp_local.h"
/* Password based encryption (PBE) functions */
diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index e61a8761a92d..586b74605cbd 100644
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -12,9 +12,9 @@
#include "internal/cryptlib.h"
#include <openssl/x509.h>
#include <openssl/rand.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
-#include "internal/x509_int.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
+#include "crypto/x509.h"
/* Extract a private key from a PKCS8 structure */
diff --git a/crypto/evp/m_md2.c b/crypto/evp/m_md2.c
index c4e28ae17af2..1aec5185239d 100644
--- a/crypto/evp/m_md2.c
+++ b/crypto/evp/m_md2.c
@@ -18,7 +18,7 @@
# include <openssl/md2.h>
# include <openssl/rsa.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
static int init(EVP_MD_CTX *ctx)
{
diff --git a/crypto/evp/m_md4.c b/crypto/evp/m_md4.c
index 0efc586dbaff..45d2cafee101 100644
--- a/crypto/evp/m_md4.c
+++ b/crypto/evp/m_md4.c
@@ -17,7 +17,7 @@
# include <openssl/x509.h>
# include <openssl/md4.h>
# include <openssl/rsa.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
static int init(EVP_MD_CTX *ctx)
{
diff --git a/crypto/evp/m_md5.c b/crypto/evp/m_md5.c
index 3d96ae93b6c4..d26b5a4d31dc 100644
--- a/crypto/evp/m_md5.c
+++ b/crypto/evp/m_md5.c
@@ -17,7 +17,7 @@
# include <openssl/x509.h>
# include <openssl/md5.h>
# include <openssl/rsa.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
static int init(EVP_MD_CTX *ctx)
{
diff --git a/crypto/evp/m_md5_sha1.c b/crypto/evp/m_md5_sha1.c
index 2d98886ba0e7..eeec2b13e9ed 100644
--- a/crypto/evp/m_md5_sha1.c
+++ b/crypto/evp/m_md5_sha1.c
@@ -15,7 +15,7 @@
# include <openssl/md5.h>
# include <openssl/sha.h>
# include "internal/cryptlib.h"
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
# include <openssl/rsa.h>
struct md5_sha1_ctx {
diff --git a/crypto/evp/m_mdc2.c b/crypto/evp/m_mdc2.c
index 1051a9070f97..fffa751efd18 100644
--- a/crypto/evp/m_mdc2.c
+++ b/crypto/evp/m_mdc2.c
@@ -17,7 +17,7 @@
# include <openssl/x509.h>
# include <openssl/mdc2.h>
# include <openssl/rsa.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
static int init(EVP_MD_CTX *ctx)
{
diff --git a/crypto/evp/m_null.c b/crypto/evp/m_null.c
index 5dce1d510e28..0847139df17b 100644
--- a/crypto/evp/m_null.c
+++ b/crypto/evp/m_null.c
@@ -12,7 +12,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
static int init(EVP_MD_CTX *ctx)
{
diff --git a/crypto/evp/m_ripemd.c b/crypto/evp/m_ripemd.c
index 7ab320843cee..d93ad24fe58a 100644
--- a/crypto/evp/m_ripemd.c
+++ b/crypto/evp/m_ripemd.c
@@ -17,7 +17,7 @@
# include <openssl/objects.h>
# include <openssl/x509.h>
# include <openssl/rsa.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
static int init(EVP_MD_CTX *ctx)
{
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c
index ac52417855b3..22b9bbc7d861 100644
--- a/crypto/evp/m_sha1.c
+++ b/crypto/evp/m_sha1.c
@@ -14,8 +14,8 @@
#include <openssl/objects.h>
#include <openssl/sha.h>
#include <openssl/rsa.h>
-#include "internal/evp_int.h"
-#include "internal/sha.h"
+#include "crypto/evp.h"
+#include "crypto/sha.h"
static int init(EVP_MD_CTX *ctx)
{
diff --git a/crypto/evp/m_sha3.c b/crypto/evp/m_sha3.c
index 01cf57d313d0..54c592a3cce2 100644
--- a/crypto/evp/m_sha3.c
+++ b/crypto/evp/m_sha3.c
@@ -12,8 +12,8 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
-#include "internal/evp_int.h"
-#include "evp_locl.h"
+#include "crypto/evp.h"
+#include "evp_local.h"
size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len,
size_t r);
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 94e37f02b22e..04643acc8837 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -12,8 +12,8 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "internal/evp_int.h"
-#include "evp_locl.h"
+#include "crypto/evp.h"
+#include "evp_local.h"
static int update(EVP_MD_CTX *ctx, const void *data, size_t datalen)
{
diff --git a/crypto/evp/m_wp.c b/crypto/evp/m_wp.c
index 27e2b3c5cab8..5ce15d2d5e57 100644
--- a/crypto/evp/m_wp.c
+++ b/crypto/evp/m_wp.c
@@ -16,7 +16,7 @@
# include <openssl/objects.h>
# include <openssl/x509.h>
# include <openssl/whrlpool.h>
-# include "internal/evp_int.h"
+# include "crypto/evp.h"
static int init(EVP_MD_CTX *ctx)
{
diff --git a/crypto/evp/names.c b/crypto/evp/names.c
index 077c2a6c4b9a..90c7b73b7a49 100644
--- a/crypto/evp/names.c
+++ b/crypto/evp/names.c
@@ -10,9 +10,9 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
-#include "internal/objects.h"
+#include "crypto/objects.h"
#include <openssl/x509.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
int EVP_add_cipher(const EVP_CIPHER *c)
{
diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c
index 7e55d0bfb817..6c5f45f73368 100644
--- a/crypto/evp/p5_crpt.c
+++ b/crypto/evp/p5_crpt.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -28,7 +28,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
EVP_MD_CTX *ctx;
unsigned char md_tmp[EVP_MAX_MD_SIZE];
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
- int i;
+ int i, ivl, kl;
PBEPARAM *pbe;
int saltlen, iter;
unsigned char *salt;
@@ -48,6 +48,19 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
return 0;
}
+ ivl = EVP_CIPHER_iv_length(cipher);
+ if (ivl < 0 || ivl > 16) {
+ EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_INVALID_IV_LENGTH);
+ PBEPARAM_free(pbe);
+ return 0;
+ }
+ kl = EVP_CIPHER_key_length(cipher);
+ if (kl < 0 || kl > (int)sizeof(md_tmp)) {
+ EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_INVALID_KEY_LENGTH);
+ PBEPARAM_free(pbe);
+ return 0;
+ }
+
if (!pbe->iter)
iter = 1;
else
@@ -73,6 +86,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
if (!EVP_DigestUpdate(ctx, salt, saltlen))
goto err;
PBEPARAM_free(pbe);
+ pbe = NULL;
if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL))
goto err;
mdsize = EVP_MD_size(md);
@@ -86,11 +100,8 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
if (!EVP_DigestFinal_ex(ctx, md_tmp, NULL))
goto err;
}
- OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
- memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
- OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
- memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
- EVP_CIPHER_iv_length(cipher));
+ memcpy(key, md_tmp, kl);
+ memcpy(iv, md_tmp + (16 - ivl), ivl);
if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
goto err;
OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
@@ -98,6 +109,7 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
rv = 1;
err:
+ PBEPARAM_free(pbe);
EVP_MD_CTX_free(ctx);
return rv;
}
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index e819eb9b47dc..7f625b3d57f3 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -13,7 +13,7 @@
# include <openssl/x509.h>
# include <openssl/evp.h>
# include <openssl/hmac.h>
-# include "evp_locl.h"
+# include "evp_local.h"
/* set this to print out info about the keygen algorithm */
/* #define OPENSSL_DEBUG_PKCS5V2 */
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 3cd7ca8d54ca..9f1a485a5b83 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -21,8 +21,8 @@
#include <openssl/cmac.h>
#include <openssl/engine.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
static void EVP_PKEY_free_it(EVP_PKEY *x);
@@ -102,7 +102,7 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
{
- if (pkey->ameth && pkey->ameth->param_missing)
+ if (pkey != NULL && pkey->ameth && pkey->ameth->param_missing)
return pkey->ameth->param_missing(pkey);
return 0;
}
@@ -465,7 +465,7 @@ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
{
- if (pkey->type != EVP_PKEY_RSA) {
+ if (pkey->type != EVP_PKEY_RSA && pkey->type != EVP_PKEY_RSA_PSS) {
EVPerr(EVP_F_EVP_PKEY_GET0_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
return NULL;
}
@@ -540,7 +540,9 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
{
- int ret = EVP_PKEY_assign_DH(pkey, key);
+ int type = DH_get0_q(key) == NULL ? EVP_PKEY_DH : EVP_PKEY_DHX;
+ int ret = EVP_PKEY_assign(pkey, type, key);
+
if (ret)
DH_up_ref(key);
return ret;
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c
index 6cb442e4f91d..0383294a87c8 100644
--- a/crypto/evp/p_sign.c
+++ b/crypto/evp/p_sign.c
@@ -12,7 +12,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, EVP_PKEY *pkey)
diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
index 6e8c565dfd6b..e27196f7c2e6 100644
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -12,7 +12,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey)
diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c
index de1c07e17114..02f4093461d8 100644
--- a/crypto/evp/pmeth_fn.c
+++ b/crypto/evp/pmeth_fn.c
@@ -12,7 +12,7 @@
#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
#define M_check_autoarg(ctx, arg, arglen, err) \
if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
index e14965f33384..3ad6d5c7c7a0 100644
--- a/crypto/evp/pmeth_gn.c
+++ b/crypto/evp/pmeth_gn.c
@@ -12,9 +12,9 @@
#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
-#include "internal/bn_int.h"
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "crypto/bn.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
{
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 7fbf895e0732..603ccd835219 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -13,8 +13,8 @@
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/x509v3.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
#include "internal/numbers.h"
typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
@@ -642,6 +642,21 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
pmeth->ctrl_str = ctrl_str;
}
+void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
+ int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen))
+{
+ pmeth->digestsign = digestsign;
+}
+
+void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
+ int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs,
+ size_t tbslen))
+{
+ pmeth->digestverify = digestverify;
+}
+
void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
int (*check) (EVP_PKEY *pkey))
{
@@ -834,6 +849,23 @@ void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
*pctrl_str = pmeth->ctrl_str;
}
+void EVP_PKEY_meth_get_digestsign(EVP_PKEY_METHOD *pmeth,
+ int (**digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
+ const unsigned char *tbs, size_t tbslen))
+{
+ if (digestsign)
+ *digestsign = pmeth->digestsign;
+}
+
+void EVP_PKEY_meth_get_digestverify(EVP_PKEY_METHOD *pmeth,
+ int (**digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
+ size_t siglen, const unsigned char *tbs,
+ size_t tbslen))
+{
+ if (digestverify)
+ *digestverify = pmeth->digestverify;
+}
+
void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
int (**pcheck) (EVP_PKEY *pkey))
{
diff --git a/crypto/ex_data.c b/crypto/ex_data.c
index 08dc7c40734d..22f3b70edf14 100644
--- a/crypto/ex_data.c
+++ b/crypto/ex_data.c
@@ -7,7 +7,7 @@
* https://www.openssl.org/source/license.html
*/
-#include "internal/cryptlib_int.h"
+#include "crypto/cryptlib.h"
#include "internal/thread_once.h"
/*
diff --git a/crypto/hmac/hm_ameth.c b/crypto/hmac/hm_ameth.c
index fa204e9068e4..638f61b5863a 100644
--- a/crypto/hmac/hm_ameth.c
+++ b/crypto/hmac/hm_ameth.c
@@ -10,8 +10,8 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
-#include "internal/asn1_int.h"
-#include "internal/evp_int.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
/*
* HMAC "ASN1" method. This is just here to indicate the maximum HMAC output
diff --git a/crypto/hmac/hm_pmeth.c b/crypto/hmac/hm_pmeth.c
index 55dd27d63b5c..56f98707f539 100644
--- a/crypto/hmac/hm_pmeth.c
+++ b/crypto/hmac/hm_pmeth.c
@@ -14,7 +14,7 @@
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/err.h>
-#include "internal/evp_int.h"
+#include "crypto/evp.h"
/* HMAC pkey context structure */
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 0c0a7133fb5a..5e087bf92ff2 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -13,21 +13,22 @@
#include "internal/cryptlib.h"
#include <openssl/hmac.h>
#include <openssl/opensslconf.h>
-#include "hmac_lcl.h"
+#include "hmac_local.h"
int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
const EVP_MD *md, ENGINE *impl)
{
- int rv = 0;
- int i, j, reset = 0;
+ int rv = 0, reset = 0;
+ int i, j;
unsigned char pad[HMAC_MAX_MD_CBLOCK_SIZE];
+ unsigned int keytmp_length;
+ unsigned char keytmp[HMAC_MAX_MD_CBLOCK_SIZE];
/* If we are changing MD then we must have a key */
if (md != NULL && md != ctx->md && (key == NULL || len < 0))
return 0;
if (md != NULL) {
- reset = 1;
ctx->md = md;
} else if (ctx->md) {
md = ctx->md;
@@ -44,35 +45,34 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
if (key != NULL) {
reset = 1;
+
j = EVP_MD_block_size(md);
- if (!ossl_assert(j <= (int)sizeof(ctx->key)))
+ if (!ossl_assert(j <= (int)sizeof(keytmp)))
return 0;
if (j < len) {
if (!EVP_DigestInit_ex(ctx->md_ctx, md, impl)
|| !EVP_DigestUpdate(ctx->md_ctx, key, len)
- || !EVP_DigestFinal_ex(ctx->md_ctx, ctx->key,
- &ctx->key_length))
+ || !EVP_DigestFinal_ex(ctx->md_ctx, keytmp,
+ &keytmp_length))
return 0;
} else {
- if (len < 0 || len > (int)sizeof(ctx->key))
+ if (len < 0 || len > (int)sizeof(keytmp))
return 0;
- memcpy(ctx->key, key, len);
- ctx->key_length = len;
+ memcpy(keytmp, key, len);
+ keytmp_length = len;
}
- if (ctx->key_length != HMAC_MAX_MD_CBLOCK_SIZE)
- memset(&ctx->key[ctx->key_length], 0,
- HMAC_MAX_MD_CBLOCK_SIZE - ctx->key_length);
- }
+ if (keytmp_length != HMAC_MAX_MD_CBLOCK_SIZE)
+ memset(&keytmp[keytmp_length], 0,
+ HMAC_MAX_MD_CBLOCK_SIZE - keytmp_length);
- if (reset) {
for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++)
- pad[i] = 0x36 ^ ctx->key[i];
+ pad[i] = 0x36 ^ keytmp[i];
if (!EVP_DigestInit_ex(ctx->i_ctx, md, impl)
|| !EVP_DigestUpdate(ctx->i_ctx, pad, EVP_MD_block_size(md)))
goto err;
for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++)
- pad[i] = 0x5c ^ ctx->key[i];
+ pad[i] = 0x5c ^ keytmp[i];
if (!EVP_DigestInit_ex(ctx->o_ctx, md, impl)
|| !EVP_DigestUpdate(ctx->o_ctx, pad, EVP_MD_block_size(md)))
goto err;
@@ -81,8 +81,10 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
goto err;
rv = 1;
err:
- if (reset)
+ if (reset) {
+ OPENSSL_cleanse(keytmp, sizeof(keytmp));
OPENSSL_cleanse(pad, sizeof(pad));
+ }
return rv;
}
@@ -149,8 +151,6 @@ static void hmac_ctx_cleanup(HMAC_CTX *ctx)
EVP_MD_CTX_reset(ctx->o_ctx);
EVP_MD_CTX_reset(ctx->md_ctx);
ctx->md = NULL;
- ctx->key_length = 0;
- OPENSSL_cleanse(ctx->key, sizeof(ctx->key));
}
void HMAC_CTX_free(HMAC_CTX *ctx)
@@ -201,8 +201,6 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
goto err;
if (!EVP_MD_CTX_copy_ex(dctx->md_ctx, sctx->md_ctx))
goto err;
- memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK_SIZE);
- dctx->key_length = sctx->key_length;
dctx->md = sctx->md;
return 1;
err:
diff --git a/crypto/hmac/hmac_lcl.h b/crypto/hmac/hmac_local.h
index 8fd8345694a2..8bcc55817ae5 100644
--- a/crypto/hmac/hmac_lcl.h
+++ b/crypto/hmac/hmac_local.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,8 +7,8 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef HEADER_HMAC_LCL_H
-# define HEADER_HMAC_LCL_H
+#ifndef OSSL_CRYPTO_HMAC_LOCAL_H
+# define OSSL_CRYPTO_HMAC_LOCAL_H
/* The current largest case is for SHA3-224 */
#define HMAC_MAX_MD_CBLOCK_SIZE 144
@@ -18,8 +18,6 @@ struct hmac_ctx_st {
EVP_MD_CTX *md_ctx;
EVP_MD_CTX *i_ctx;
EVP_MD_CTX *o_ctx;
- unsigned int key_length;
- unsigned char key[HMAC_MAX_MD_CBLOCK_SIZE];
};
#endif
diff --git a/crypto/idea/i_cbc.c b/crypto/idea/i_cbc.c
index a70a8682a780..4eff467111be 100644
--- a/crypto/idea/i_cbc.c
+++ b/crypto/idea/i_cbc.c
@@ -8,7 +8,7 @@
*/
#include <openssl/idea.h>
-#include "idea_lcl.h"
+#include "idea_local.h"
void IDEA_cbc_encrypt(const unsigned char *in, unsigned char *out,
long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
diff --git a/crypto/idea/i_cfb64.c b/crypto/idea/i_cfb64.c
index daf467eb5c26..61c723015b99 100644
--- a/crypto/idea/i_cfb64.c
+++ b/crypto/idea/i_cfb64.c
@@ -8,7 +8,7 @@
*/
#include <openssl/idea.h>
-#include "idea_lcl.h"
+#include "idea_local.h"
/*
* The input and output encrypted as though 64bit cfb mode is being used.
diff --git a/crypto/idea/i_ecb.c b/crypto/idea/i_ecb.c
index 058d0c14c005..cb724e1a6c0b 100644
--- a/crypto/idea/i_ecb.c
+++ b/crypto/idea/i_ecb.c
@@ -8,7 +8,7 @@
*/
#include <openssl/idea.h>
-#include "idea_lcl.h"
+#include "idea_local.h"
#include <openssl/opensslv.h>
const char *IDEA_options(void)
diff --git a/crypto/idea/i_ofb64.c b/crypto/idea/i_ofb64.c
index 997a7b88edf4..f000ced58620 100644
--- a/crypto/idea/i_ofb64.c
+++ b/crypto/idea/i_ofb64.c
@@ -8,7 +8,7 @@
*/
#include <openssl/idea.h>
-#include "idea_lcl.h"
+#include "idea_local.h"
/*
* The input and output encrypted as though 64bit ofb mode is being used.
diff --git a/crypto/idea/i_skey.c b/crypto/idea/i_skey.c
index 9d9145580fcf..230338d7e3ab 100644
--- a/crypto/idea/i_skey.c
+++ b/crypto/idea/i_skey.c
@@ -8,7 +8,7 @@
*/
#include <openssl/idea.h>
-#include "idea_lcl.h"
+#include "idea_local.h"
static IDEA_INT inverse(unsigned int xin);
void IDEA_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
diff --git a/crypto/idea/idea_lcl.h b/crypto/idea/idea_local.h
index 50f81dfd8dee..50f81dfd8dee 100644
--- a/crypto/idea/idea_lcl.h
+++ b/crypto/idea/idea_local.h
diff --git a/crypto/include/internal/__DECC_INCLUDE_EPILOGUE.H b/crypto/include/internal/__DECC_INCLUDE_EPILOGUE.H
deleted file mode 100644
index c350018ad190..000000000000
--- a/crypto/include/internal/__DECC_INCLUDE_EPILOGUE.H
+++ /dev/null
@@ -1,16 +0,0 @@
-/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * This file is only used by HP C on VMS, and is included automatically
- * after each header file from this directory
- */
-
-/* restore state. Must correspond to the save in __decc_include_prologue.h */
-#pragma names restore
diff --git a/crypto/include/internal/__DECC_INCLUDE_PROLOGUE.H b/crypto/include/internal/__DECC_INCLUDE_PROLOGUE.H
deleted file mode 100644
index 9a9c777f93f8..000000000000
--- a/crypto/include/internal/__DECC_INCLUDE_PROLOGUE.H
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * This file is only used by HP C on VMS, and is included automatically
- * after each header file from this directory
- */
-
-/* save state */
-#pragma names save
-/* have the compiler shorten symbols larger than 31 chars to 23 chars
- * followed by a 8 hex char CRC
- */
-#pragma names as_is,shortened
diff --git a/crypto/include/internal/aria.h b/crypto/include/internal/aria.h
deleted file mode 100644
index 355abe539805..000000000000
--- a/crypto/include/internal/aria.h
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
- /* Copyright (c) 2017 National Security Research Institute. All rights reserved. */
-
-#ifndef HEADER_ARIA_H
-# define HEADER_ARIA_H
-
-# include <openssl/opensslconf.h>
-
-# ifdef OPENSSL_NO_ARIA
-# error ARIA is disabled.
-# endif
-
-# define ARIA_ENCRYPT 1
-# define ARIA_DECRYPT 0
-
-# define ARIA_BLOCK_SIZE 16 /* Size of each encryption/decryption block */
-# define ARIA_MAX_KEYS 17 /* Number of keys needed in the worst case */
-
-typedef union {
- unsigned char c[ARIA_BLOCK_SIZE];
- unsigned int u[ARIA_BLOCK_SIZE / sizeof(unsigned int)];
-} ARIA_u128;
-
-typedef unsigned char ARIA_c128[ARIA_BLOCK_SIZE];
-
-struct aria_key_st {
- ARIA_u128 rd_key[ARIA_MAX_KEYS];
- unsigned int rounds;
-};
-typedef struct aria_key_st ARIA_KEY;
-
-
-int aria_set_encrypt_key(const unsigned char *userKey, const int bits,
- ARIA_KEY *key);
-int aria_set_decrypt_key(const unsigned char *userKey, const int bits,
- ARIA_KEY *key);
-
-void aria_encrypt(const unsigned char *in, unsigned char *out,
- const ARIA_KEY *key);
-
-#endif
diff --git a/crypto/include/internal/asn1_int.h b/crypto/include/internal/asn1_int.h
deleted file mode 100644
index 9c9b4d897456..000000000000
--- a/crypto/include/internal/asn1_int.h
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/* Internal ASN1 structures and functions: not for application use */
-
-/* ASN1 public key method structure */
-
-struct evp_pkey_asn1_method_st {
- int pkey_id;
- int pkey_base_id;
- unsigned long pkey_flags;
- char *pem_str;
- char *info;
- int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
- int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
- int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
- int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx);
- int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
- int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
- int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx);
- int (*pkey_size) (const EVP_PKEY *pk);
- int (*pkey_bits) (const EVP_PKEY *pk);
- int (*pkey_security_bits) (const EVP_PKEY *pk);
- int (*param_decode) (EVP_PKEY *pkey,
- const unsigned char **pder, int derlen);
- int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
- int (*param_missing) (const EVP_PKEY *pk);
- int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
- int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
- int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
- ASN1_PCTX *pctx);
- int (*sig_print) (BIO *out,
- const X509_ALGOR *sigalg, const ASN1_STRING *sig,
- int indent, ASN1_PCTX *pctx);
- void (*pkey_free) (EVP_PKEY *pkey);
- int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);
- /* Legacy functions for old PEM */
- int (*old_priv_decode) (EVP_PKEY *pkey,
- const unsigned char **pder, int derlen);
- int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);
- /* Custom ASN1 signature verification */
- int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
- X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
- int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
- X509_ALGOR *alg1, X509_ALGOR *alg2,
- ASN1_BIT_STRING *sig);
- int (*siginf_set) (X509_SIG_INFO *siginf, const X509_ALGOR *alg,
- const ASN1_STRING *sig);
- /* Check */
- int (*pkey_check) (const EVP_PKEY *pk);
- int (*pkey_public_check) (const EVP_PKEY *pk);
- int (*pkey_param_check) (const EVP_PKEY *pk);
- /* Get/set raw private/public key data */
- int (*set_priv_key) (EVP_PKEY *pk, const unsigned char *priv, size_t len);
- int (*set_pub_key) (EVP_PKEY *pk, const unsigned char *pub, size_t len);
- int (*get_priv_key) (const EVP_PKEY *pk, unsigned char *priv, size_t *len);
- int (*get_pub_key) (const EVP_PKEY *pk, unsigned char *pub, size_t *len);
-} /* EVP_PKEY_ASN1_METHOD */ ;
-
-DEFINE_STACK_OF_CONST(EVP_PKEY_ASN1_METHOD)
-
-extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5];
-extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD ecx25519_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD ecx448_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD ed448_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD sm2_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD poly1305_asn1_meth;
-
-extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[2];
-extern const EVP_PKEY_ASN1_METHOD rsa_pss_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD siphash_asn1_meth;
-
-/*
- * These are used internally in the ASN1_OBJECT to keep track of whether the
- * names and data need to be free()ed
- */
-# define ASN1_OBJECT_FLAG_DYNAMIC 0x01/* internal use */
-# define ASN1_OBJECT_FLAG_CRITICAL 0x02/* critical x509v3 object id */
-# define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */
-# define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08/* internal use */
-struct asn1_object_st {
- const char *sn, *ln;
- int nid;
- int length;
- const unsigned char *data; /* data remains const after init */
- int flags; /* Should we free this one */
-};
-
-/* ASN1 print context structure */
-
-struct asn1_pctx_st {
- unsigned long flags;
- unsigned long nm_flags;
- unsigned long cert_flags;
- unsigned long oid_flags;
- unsigned long str_flags;
-} /* ASN1_PCTX */ ;
-
-int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
diff --git a/crypto/include/internal/async.h b/crypto/include/internal/async.h
deleted file mode 100644
index dc8e937b0ced..000000000000
--- a/crypto/include/internal/async.h
+++ /dev/null
@@ -1,15 +0,0 @@
-/*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/async.h>
-
-int async_init(void);
-void async_deinit(void);
-void async_delete_thread_state(void);
-
diff --git a/crypto/include/internal/bn_conf.h.in b/crypto/include/internal/bn_conf.h.in
deleted file mode 100644
index ec6e4f6c1b5e..000000000000
--- a/crypto/include/internal/bn_conf.h.in
+++ /dev/null
@@ -1,27 +0,0 @@
-{- join("\n",map { "/* $_ */" } @autowarntext) -}
-/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef HEADER_BN_CONF_H
-# define HEADER_BN_CONF_H
-
-/*
- * The contents of this file are not used in the UEFI build, as
- * both 32-bit and 64-bit builds are supported from a single run
- * of the Configure script.
- */
-
-/* Should we define BN_DIV2W here? */
-
-/* Only one for the following should be defined */
-{- $config{b64l} ? "#define" : "#undef" -} SIXTY_FOUR_BIT_LONG
-{- $config{b64} ? "#define" : "#undef" -} SIXTY_FOUR_BIT
-{- $config{b32} ? "#define" : "#undef" -} THIRTY_TWO_BIT
-
-#endif
diff --git a/crypto/include/internal/bn_dh.h b/crypto/include/internal/bn_dh.h
deleted file mode 100644
index 70ebca28753c..000000000000
--- a/crypto/include/internal/bn_dh.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#define declare_dh_bn(x) \
- extern const BIGNUM _bignum_dh##x##_p; \
- extern const BIGNUM _bignum_dh##x##_g; \
- extern const BIGNUM _bignum_dh##x##_q;
-
-declare_dh_bn(1024_160)
-declare_dh_bn(2048_224)
-declare_dh_bn(2048_256)
-
-extern const BIGNUM _bignum_ffdhe2048_p;
-extern const BIGNUM _bignum_ffdhe3072_p;
-extern const BIGNUM _bignum_ffdhe4096_p;
-extern const BIGNUM _bignum_ffdhe6144_p;
-extern const BIGNUM _bignum_ffdhe8192_p;
-extern const BIGNUM _bignum_const_2;
diff --git a/crypto/include/internal/bn_int.h b/crypto/include/internal/bn_int.h
deleted file mode 100644
index 30be7efe14d8..000000000000
--- a/crypto/include/internal/bn_int.h
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef HEADER_BN_INT_H
-# define HEADER_BN_INT_H
-
-# include <openssl/bn.h>
-# include <limits.h>
-
-BIGNUM *bn_wexpand(BIGNUM *a, int words);
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-
-void bn_correct_top(BIGNUM *a);
-
-/*
- * Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
- * This is an array r[] of values that are either zero or odd with an
- * absolute value less than 2^w satisfying scalar = \sum_j r[j]*2^j where at
- * most one of any w+1 consecutive digits is non-zero with the exception that
- * the most significant digit may be only w-1 zeros away from that next
- * non-zero digit.
- */
-signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len);
-
-int bn_get_top(const BIGNUM *a);
-
-int bn_get_dmax(const BIGNUM *a);
-
-/* Set all words to zero */
-void bn_set_all_zero(BIGNUM *a);
-
-/*
- * Copy the internal BIGNUM words into out which holds size elements (and size
- * must be bigger than top)
- */
-int bn_copy_words(BN_ULONG *out, const BIGNUM *in, int size);
-
-BN_ULONG *bn_get_words(const BIGNUM *a);
-
-/*
- * Set the internal data words in a to point to words which contains size
- * elements. The BN_FLG_STATIC_DATA flag is set
- */
-void bn_set_static_words(BIGNUM *a, const BN_ULONG *words, int size);
-
-/*
- * Copy words into the BIGNUM |a|, reallocating space as necessary.
- * The negative flag of |a| is not modified.
- * Returns 1 on success and 0 on failure.
- */
-/*
- * |num_words| is int because bn_expand2 takes an int. This is an internal
- * function so we simply trust callers not to pass negative values.
- */
-int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words);
-
-/*
- * Some BIGNUM functions assume most significant limb to be non-zero, which
- * is customarily arranged by bn_correct_top. Output from below functions
- * is not processed with bn_correct_top, and for this reason it may not be
- * returned out of public API. It may only be passed internally into other
- * functions known to support non-minimal or zero-padded BIGNUMs. Even
- * though the goal is to facilitate constant-time-ness, not each subroutine
- * is constant-time by itself. They all have pre-conditions, consult source
- * code...
- */
-int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- BN_MONT_CTX *mont, BN_CTX *ctx);
-int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
- BN_CTX *ctx);
-int bn_from_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
- BN_CTX *ctx);
-int bn_mod_add_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *m);
-int bn_mod_sub_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *m);
-int bn_mul_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int bn_sqr_fixed_top(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
-int bn_lshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n);
-int bn_rshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n);
-int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
- const BIGNUM *d, BN_CTX *ctx);
-
-#endif
diff --git a/crypto/include/internal/bn_srp.h b/crypto/include/internal/bn_srp.h
deleted file mode 100644
index d4b282a6bbbe..000000000000
--- a/crypto/include/internal/bn_srp.h
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef OPENSSL_NO_SRP
-
-extern const BIGNUM bn_group_1024;
-
-extern const BIGNUM bn_group_1536;
-
-extern const BIGNUM bn_group_2048;
-
-extern const BIGNUM bn_group_3072;
-
-extern const BIGNUM bn_group_4096;
-
-extern const BIGNUM bn_group_6144;
-
-extern const BIGNUM bn_group_8192;
-
-extern const BIGNUM bn_generator_19;
-
-extern const BIGNUM bn_generator_5;
-
-extern const BIGNUM bn_generator_2;
-
-#endif
diff --git a/crypto/include/internal/chacha.h b/crypto/include/internal/chacha.h
deleted file mode 100644
index 67243f222801..000000000000
--- a/crypto/include/internal/chacha.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef HEADER_CHACHA_H
-#define HEADER_CHACHA_H
-
-#include <stddef.h>
-
-/*
- * ChaCha20_ctr32 encrypts |len| bytes from |inp| with the given key and
- * nonce and writes the result to |out|, which may be equal to |inp|.
- * The |key| is not 32 bytes of verbatim key material though, but the
- * said material collected into 8 32-bit elements array in host byte
- * order. Same approach applies to nonce: the |counter| argument is
- * pointer to concatenated nonce and counter values collected into 4
- * 32-bit elements. This, passing crypto material collected into 32-bit
- * elements as opposite to passing verbatim byte vectors, is chosen for
- * efficiency in multi-call scenarios.
- */
-void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp,
- size_t len, const unsigned int key[8],
- const unsigned int counter[4]);
-/*
- * You can notice that there is no key setup procedure. Because it's
- * as trivial as collecting bytes into 32-bit elements, it's reckoned
- * that below macro is sufficient.
- */
-#define CHACHA_U8TOU32(p) ( \
- ((unsigned int)(p)[0]) | ((unsigned int)(p)[1]<<8) | \
- ((unsigned int)(p)[2]<<16) | ((unsigned int)(p)[3]<<24) )
-
-#define CHACHA_KEY_SIZE 32
-#define CHACHA_CTR_SIZE 16
-#define CHACHA_BLK_SIZE 64
-
-#endif
diff --git a/crypto/include/internal/cryptlib_int.h b/crypto/include/internal/cryptlib_int.h
deleted file mode 100644
index 38b5dac9a364..000000000000
--- a/crypto/include/internal/cryptlib_int.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include "internal/cryptlib.h"
-
-/* This file is not scanned by mkdef.pl, whereas cryptlib.h is */
-
-struct thread_local_inits_st {
- int async;
- int err_state;
- int rand;
-};
-
-int ossl_init_thread_start(uint64_t opts);
-
-/*
- * OPENSSL_INIT flags. The primary list of these is in crypto.h. Flags below
- * are those omitted from crypto.h because they are "reserved for internal
- * use".
- */
-# define OPENSSL_INIT_ZLIB 0x00010000L
-# define OPENSSL_INIT_BASE_ONLY 0x00040000L
-
-/* OPENSSL_INIT_THREAD flags */
-# define OPENSSL_INIT_THREAD_ASYNC 0x01
-# define OPENSSL_INIT_THREAD_ERR_STATE 0x02
-# define OPENSSL_INIT_THREAD_RAND 0x04
-
-void ossl_malloc_setup_failures(void);
diff --git a/crypto/include/internal/ctype.h b/crypto/include/internal/ctype.h
deleted file mode 100644
index 9f3a58339c4f..000000000000
--- a/crypto/include/internal/ctype.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * This version of ctype.h provides a standardised and platform
- * independent implementation that supports seven bit ASCII characters.
- * The specific intent is to not pass extended ASCII characters (> 127)
- * even if the host operating system would.
- *
- * There is EBCDIC support included for machines which use this. However,
- * there are a number of concerns about how well EBCDIC is supported
- * throughout the rest of the source code. Refer to issue #4154 for
- * details.
- */
-#ifndef INTERNAL_CTYPE_H
-# define INTERNAL_CTYPE_H
-
-# define CTYPE_MASK_lower 0x1
-# define CTYPE_MASK_upper 0x2
-# define CTYPE_MASK_digit 0x4
-# define CTYPE_MASK_space 0x8
-# define CTYPE_MASK_xdigit 0x10
-# define CTYPE_MASK_blank 0x20
-# define CTYPE_MASK_cntrl 0x40
-# define CTYPE_MASK_graph 0x80
-# define CTYPE_MASK_print 0x100
-# define CTYPE_MASK_punct 0x200
-# define CTYPE_MASK_base64 0x400
-# define CTYPE_MASK_asn1print 0x800
-
-# define CTYPE_MASK_alpha (CTYPE_MASK_lower | CTYPE_MASK_upper)
-# define CTYPE_MASK_alnum (CTYPE_MASK_alpha | CTYPE_MASK_digit)
-
-/*
- * The ascii mask assumes that any other classification implies that
- * the character is ASCII and that there are no ASCII characters
- * that aren't in any of the classifications.
- *
- * This assumption holds at the moment, but it might not in the future.
- */
-# define CTYPE_MASK_ascii (~0)
-
-# ifdef CHARSET_EBCDIC
-int ossl_toascii(int c);
-int ossl_fromascii(int c);
-# else
-# define ossl_toascii(c) (c)
-# define ossl_fromascii(c) (c)
-# endif
-int ossl_ctype_check(int c, unsigned int mask);
-int ossl_tolower(int c);
-int ossl_toupper(int c);
-
-int ascii_isdigit(const char inchar);
-
-# define ossl_isalnum(c) (ossl_ctype_check((c), CTYPE_MASK_alnum))
-# define ossl_isalpha(c) (ossl_ctype_check((c), CTYPE_MASK_alpha))
-# ifdef CHARSET_EBCDIC
-# define ossl_isascii(c) (ossl_ctype_check((c), CTYPE_MASK_ascii))
-# else
-# define ossl_isascii(c) (((c) & ~127) == 0)
-# endif
-# define ossl_isblank(c) (ossl_ctype_check((c), CTYPE_MASK_blank))
-# define ossl_iscntrl(c) (ossl_ctype_check((c), CTYPE_MASK_cntrl))
-# define ossl_isdigit(c) (ossl_ctype_check((c), CTYPE_MASK_digit))
-# define ossl_isgraph(c) (ossl_ctype_check((c), CTYPE_MASK_graph))
-# define ossl_islower(c) (ossl_ctype_check((c), CTYPE_MASK_lower))
-# define ossl_isprint(c) (ossl_ctype_check((c), CTYPE_MASK_print))
-# define ossl_ispunct(c) (ossl_ctype_check((c), CTYPE_MASK_punct))
-# define ossl_isspace(c) (ossl_ctype_check((c), CTYPE_MASK_space))
-# define ossl_isupper(c) (ossl_ctype_check((c), CTYPE_MASK_upper))
-# define ossl_isxdigit(c) (ossl_ctype_check((c), CTYPE_MASK_xdigit))
-# define ossl_isbase64(c) (ossl_ctype_check((c), CTYPE_MASK_base64))
-# define ossl_isasn1print(c) (ossl_ctype_check((c), CTYPE_MASK_asn1print))
-
-#endif
diff --git a/crypto/include/internal/dso_conf.h.in b/crypto/include/internal/dso_conf.h.in
deleted file mode 100644
index 2a76818b50d9..000000000000
--- a/crypto/include/internal/dso_conf.h.in
+++ /dev/null
@@ -1,31 +0,0 @@
-{- join("\n",map { "/* $_ */" } @autowarntext) -}
-/*
- * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef HEADER_DSO_CONF_H
-# define HEADER_DSO_CONF_H
-{- # The DSO code currently always implements all functions so that no
- # applications will have to worry about that from a compilation point
- # of view. However, the "method"s may return zero unless that platform
- # has support compiled in for them. Currently each method is enabled
- # by a define "DSO_<name>" ... we translate the "dso_scheme" config
- # string entry into using the following logic;
- my $scheme = uc $target{dso_scheme};
- if (!$scheme) {
- $scheme = "NONE";
- }
- my @macros = ( "DSO_$scheme" );
- if ($scheme eq 'DLFCN') {
- @macros = ( "DSO_DLFCN", "HAVE_DLFCN_H" );
- } elsif ($scheme eq "DLFCN_NO_H") {
- @macros = ( "DSO_DLFCN" );
- }
- join("\n", map { "# define $_" } @macros); -}
-# define DSO_EXTENSION "{- $target{dso_extension} -}"
-#endif
diff --git a/crypto/include/internal/ec_int.h b/crypto/include/internal/ec_int.h
deleted file mode 100644
index 182c39cc8056..000000000000
--- a/crypto/include/internal/ec_int.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/* Internal EC functions for other submodules: not for application use */
-
-#ifndef HEADER_OSSL_EC_INTERNAL_H
-# define HEADER_OSSL_EC_INTERNAL_H
-# include <openssl/opensslconf.h>
-
-# ifndef OPENSSL_NO_EC
-
-# include <openssl/ec.h>
-
-/*-
- * Computes the multiplicative inverse of x in the range
- * [1,EC_GROUP::order), where EC_GROUP::order is the cardinality of the
- * subgroup generated by the generator G:
- *
- * res := x^(-1) (mod EC_GROUP::order).
- *
- * This function expects the following two conditions to hold:
- * - the EC_GROUP order is prime, and
- * - x is included in the range [1, EC_GROUP::order).
- *
- * This function returns 1 on success, 0 on error.
- *
- * If the EC_GROUP order is even, this function explicitly returns 0 as
- * an error.
- * In case any of the two conditions stated above is not satisfied,
- * the correctness of its output is not guaranteed, even if the return
- * value could still be 1 (as primality testing and a conditional modular
- * reduction round on the input can be omitted by the underlying
- * implementations for better SCA properties on regular input values).
- */
-__owur int ec_group_do_inverse_ord(const EC_GROUP *group, BIGNUM *res,
- const BIGNUM *x, BN_CTX *ctx);
-
-/*-
- * ECDH Key Derivation Function as defined in ANSI X9.63
- */
-int ecdh_KDF_X9_63(unsigned char *out, size_t outlen,
- const unsigned char *Z, size_t Zlen,
- const unsigned char *sinfo, size_t sinfolen,
- const EVP_MD *md);
-
-# endif /* OPENSSL_NO_EC */
-#endif
diff --git a/crypto/include/internal/engine.h b/crypto/include/internal/engine.h
deleted file mode 100644
index f80ae3ec30c9..000000000000
--- a/crypto/include/internal/engine.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/engine.h>
-
-void engine_load_openssl_int(void);
-void engine_load_devcrypto_int(void);
-void engine_load_rdrand_int(void);
-void engine_load_dynamic_int(void);
-void engine_load_padlock_int(void);
-void engine_load_capi_int(void);
-void engine_load_dasync_int(void);
-void engine_load_afalg_int(void);
-void engine_cleanup_int(void);
diff --git a/crypto/include/internal/err_int.h b/crypto/include/internal/err_int.h
deleted file mode 100644
index 44ac94462750..000000000000
--- a/crypto/include/internal/err_int.h
+++ /dev/null
@@ -1,19 +0,0 @@
-/*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef INTERNAL_ERR_INT_H
-# define INTERNAL_ERR_INT_H
-
-int err_load_crypto_strings_int(void);
-void err_cleanup(void);
-void err_delete_thread_state(void);
-int err_shelve_state(void **);
-void err_unshelve_state(void *);
-
-#endif
diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h
deleted file mode 100644
index d86aed36f075..000000000000
--- a/crypto/include/internal/evp_int.h
+++ /dev/null
@@ -1,442 +0,0 @@
-/*
- * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/evp.h>
-#include "internal/refcount.h"
-
-/*
- * Don't free up md_ctx->pctx in EVP_MD_CTX_reset, use the reserved flag
- * values in evp.h
- */
-#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
-
-struct evp_pkey_ctx_st {
- /* Method associated with this operation */
- const EVP_PKEY_METHOD *pmeth;
- /* Engine that implements this method or NULL if builtin */
- ENGINE *engine;
- /* Key: may be NULL */
- EVP_PKEY *pkey;
- /* Peer key for key agreement, may be NULL */
- EVP_PKEY *peerkey;
- /* Actual operation */
- int operation;
- /* Algorithm specific data */
- void *data;
- /* Application specific data */
- void *app_data;
- /* Keygen callback */
- EVP_PKEY_gen_cb *pkey_gencb;
- /* implementation specific keygen data */
- int *keygen_info;
- int keygen_info_count;
-} /* EVP_PKEY_CTX */ ;
-
-#define EVP_PKEY_FLAG_DYNAMIC 1
-
-struct evp_pkey_method_st {
- int pkey_id;
- int flags;
- int (*init) (EVP_PKEY_CTX *ctx);
- int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
- void (*cleanup) (EVP_PKEY_CTX *ctx);
- int (*paramgen_init) (EVP_PKEY_CTX *ctx);
- int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
- int (*keygen_init) (EVP_PKEY_CTX *ctx);
- int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
- int (*sign_init) (EVP_PKEY_CTX *ctx);
- int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen);
- int (*verify_init) (EVP_PKEY_CTX *ctx);
- int (*verify) (EVP_PKEY_CTX *ctx,
- const unsigned char *sig, size_t siglen,
- const unsigned char *tbs, size_t tbslen);
- int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
- int (*verify_recover) (EVP_PKEY_CTX *ctx,
- unsigned char *rout, size_t *routlen,
- const unsigned char *sig, size_t siglen);
- int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
- int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
- EVP_MD_CTX *mctx);
- int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
- int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
- EVP_MD_CTX *mctx);
- int (*encrypt_init) (EVP_PKEY_CTX *ctx);
- int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen);
- int (*decrypt_init) (EVP_PKEY_CTX *ctx);
- int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
- const unsigned char *in, size_t inlen);
- int (*derive_init) (EVP_PKEY_CTX *ctx);
- int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
- int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
- int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
- int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
- const unsigned char *tbs, size_t tbslen);
- int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
- size_t siglen, const unsigned char *tbs,
- size_t tbslen);
- int (*check) (EVP_PKEY *pkey);
- int (*public_check) (EVP_PKEY *pkey);
- int (*param_check) (EVP_PKEY *pkey);
-
- int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
-} /* EVP_PKEY_METHOD */ ;
-
-DEFINE_STACK_OF_CONST(EVP_PKEY_METHOD)
-
-void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
-
-extern const EVP_PKEY_METHOD cmac_pkey_meth;
-extern const EVP_PKEY_METHOD dh_pkey_meth;
-extern const EVP_PKEY_METHOD dhx_pkey_meth;
-extern const EVP_PKEY_METHOD dsa_pkey_meth;
-extern const EVP_PKEY_METHOD ec_pkey_meth;
-extern const EVP_PKEY_METHOD sm2_pkey_meth;
-extern const EVP_PKEY_METHOD ecx25519_pkey_meth;
-extern const EVP_PKEY_METHOD ecx448_pkey_meth;
-extern const EVP_PKEY_METHOD ed25519_pkey_meth;
-extern const EVP_PKEY_METHOD ed448_pkey_meth;
-extern const EVP_PKEY_METHOD hmac_pkey_meth;
-extern const EVP_PKEY_METHOD rsa_pkey_meth;
-extern const EVP_PKEY_METHOD rsa_pss_pkey_meth;
-extern const EVP_PKEY_METHOD scrypt_pkey_meth;
-extern const EVP_PKEY_METHOD tls1_prf_pkey_meth;
-extern const EVP_PKEY_METHOD hkdf_pkey_meth;
-extern const EVP_PKEY_METHOD poly1305_pkey_meth;
-extern const EVP_PKEY_METHOD siphash_pkey_meth;
-
-struct evp_md_st {
- int type;
- int pkey_type;
- int md_size;
- unsigned long flags;
- int (*init) (EVP_MD_CTX *ctx);
- int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
- int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
- int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
- int (*cleanup) (EVP_MD_CTX *ctx);
- int block_size;
- int ctx_size; /* how big does the ctx->md_data need to be */
- /* control function */
- int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
-} /* EVP_MD */ ;
-
-struct evp_cipher_st {
- int nid;
- int block_size;
- /* Default value for variable length ciphers */
- int key_len;
- int iv_len;
- /* Various flags */
- unsigned long flags;
- /* init key */
- int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
- const unsigned char *iv, int enc);
- /* encrypt/decrypt data */
- int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t inl);
- /* cleanup ctx */
- int (*cleanup) (EVP_CIPHER_CTX *);
- /* how big ctx->cipher_data needs to be */
- int ctx_size;
- /* Populate a ASN1_TYPE with parameters */
- int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
- /* Get parameters from a ASN1_TYPE */
- int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
- /* Miscellaneous operations */
- int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
- /* Application data */
- void *app_data;
-} /* EVP_CIPHER */ ;
-
-/* Macros to code block cipher wrappers */
-
-/* Wrapper functions for each cipher mode */
-
-#define EVP_C_DATA(kstruct, ctx) \
- ((kstruct *)EVP_CIPHER_CTX_get_cipher_data(ctx))
-
-#define BLOCK_CIPHER_ecb_loop() \
- size_t i, bl; \
- bl = EVP_CIPHER_CTX_cipher(ctx)->block_size; \
- if (inl < bl) return 1;\
- inl -= bl; \
- for (i=0; i <= inl; i+=bl)
-
-#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
-static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
- BLOCK_CIPHER_ecb_loop() \
- cprefix##_ecb_encrypt(in + i, out + i, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_encrypting(ctx)); \
- return 1;\
-}
-
-#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
-
-#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
- static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
- while(inl>=EVP_MAXCHUNK) {\
- int num = EVP_CIPHER_CTX_num(ctx);\
- cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
- EVP_CIPHER_CTX_set_num(ctx, num);\
- inl-=EVP_MAXCHUNK;\
- in +=EVP_MAXCHUNK;\
- out+=EVP_MAXCHUNK;\
- }\
- if (inl) {\
- int num = EVP_CIPHER_CTX_num(ctx);\
- cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num); \
- EVP_CIPHER_CTX_set_num(ctx, num);\
- }\
- return 1;\
-}
-
-#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
-static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
- while(inl>=EVP_MAXCHUNK) \
- {\
- cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
- inl-=EVP_MAXCHUNK;\
- in +=EVP_MAXCHUNK;\
- out+=EVP_MAXCHUNK;\
- }\
- if (inl)\
- cprefix##_cbc_encrypt(in, out, (long)inl, &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), EVP_CIPHER_CTX_encrypting(ctx));\
- return 1;\
-}
-
-#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
-static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
- size_t chunk = EVP_MAXCHUNK;\
- if (cbits == 1) chunk >>= 3;\
- if (inl < chunk) chunk = inl;\
- while (inl && inl >= chunk)\
- {\
- int num = EVP_CIPHER_CTX_num(ctx);\
- cprefix##_cfb##cbits##_encrypt(in, out, (long) \
- ((cbits == 1) \
- && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \
- ? chunk*8 : chunk), \
- &EVP_C_DATA(kstruct, ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx),\
- &num, EVP_CIPHER_CTX_encrypting(ctx));\
- EVP_CIPHER_CTX_set_num(ctx, num);\
- inl -= chunk;\
- in += chunk;\
- out += chunk;\
- if (inl < chunk) chunk = inl;\
- }\
- return 1;\
-}
-
-#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
- BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
- BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
- BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
- BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
-
-#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
- key_len, iv_len, flags, init_key, cleanup, \
- set_asn1, get_asn1, ctrl) \
-static const EVP_CIPHER cname##_##mode = { \
- nid##_##nmode, block_size, key_len, iv_len, \
- flags | EVP_CIPH_##MODE##_MODE, \
- init_key, \
- cname##_##mode##_cipher, \
- cleanup, \
- sizeof(kstruct), \
- set_asn1, get_asn1,\
- ctrl, \
- NULL \
-}; \
-const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
-
-#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
- iv_len, flags, init_key, cleanup, set_asn1, \
- get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
- iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
- iv_len, cbits, flags, init_key, cleanup, \
- set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
- key_len, iv_len, flags, init_key, cleanup, set_asn1, \
- get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
- iv_len, cbits, flags, init_key, cleanup, \
- set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
- key_len, iv_len, flags, init_key, cleanup, set_asn1, \
- get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
- flags, init_key, cleanup, set_asn1, \
- get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
- 0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-#define BLOCK_CIPHER_defs(cname, kstruct, \
- nid, block_size, key_len, iv_len, cbits, flags, \
- init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
- init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
- flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
- flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
- init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-/*-
-#define BLOCK_CIPHER_defs(cname, kstruct, \
- nid, block_size, key_len, iv_len, flags,\
- init_key, cleanup, set_asn1, get_asn1, ctrl)\
-static const EVP_CIPHER cname##_cbc = {\
- nid##_cbc, block_size, key_len, iv_len, \
- flags | EVP_CIPH_CBC_MODE,\
- init_key,\
- cname##_cbc_cipher,\
- cleanup,\
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
- set_asn1, get_asn1,\
- ctrl, \
- NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
-static const EVP_CIPHER cname##_cfb = {\
- nid##_cfb64, 1, key_len, iv_len, \
- flags | EVP_CIPH_CFB_MODE,\
- init_key,\
- cname##_cfb_cipher,\
- cleanup,\
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
- set_asn1, get_asn1,\
- ctrl,\
- NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
-static const EVP_CIPHER cname##_ofb = {\
- nid##_ofb64, 1, key_len, iv_len, \
- flags | EVP_CIPH_OFB_MODE,\
- init_key,\
- cname##_ofb_cipher,\
- cleanup,\
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
- set_asn1, get_asn1,\
- ctrl,\
- NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
-static const EVP_CIPHER cname##_ecb = {\
- nid##_ecb, block_size, key_len, iv_len, \
- flags | EVP_CIPH_ECB_MODE,\
- init_key,\
- cname##_ecb_cipher,\
- cleanup,\
- sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
- sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
- set_asn1, get_asn1,\
- ctrl,\
- NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
-*/
-
-#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
- block_size, key_len, iv_len, cbits, \
- flags, init_key, \
- cleanup, set_asn1, get_asn1, ctrl) \
- BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
- BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
- cbits, flags, init_key, cleanup, set_asn1, \
- get_asn1, ctrl)
-
-#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \
- BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
- BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
- NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
- (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \
- cipher##_init_key, NULL, NULL, NULL, NULL)
-
-
-# ifndef OPENSSL_NO_EC
-
-#define X25519_KEYLEN 32
-#define X448_KEYLEN 56
-#define ED448_KEYLEN 57
-
-#define MAX_KEYLEN ED448_KEYLEN
-
-typedef struct {
- unsigned char pubkey[MAX_KEYLEN];
- unsigned char *privkey;
-} ECX_KEY;
-
-#endif
-
-/*
- * Type needs to be a bit field Sub-type needs to be for variations on the
- * method, as in, can it do arbitrary encryption....
- */
-struct evp_pkey_st {
- int type;
- int save_type;
- CRYPTO_REF_COUNT references;
- const EVP_PKEY_ASN1_METHOD *ameth;
- ENGINE *engine;
- ENGINE *pmeth_engine; /* If not NULL public key ENGINE to use */
- union {
- void *ptr;
-# ifndef OPENSSL_NO_RSA
- struct rsa_st *rsa; /* RSA */
-# endif
-# ifndef OPENSSL_NO_DSA
- struct dsa_st *dsa; /* DSA */
-# endif
-# ifndef OPENSSL_NO_DH
- struct dh_st *dh; /* DH */
-# endif
-# ifndef OPENSSL_NO_EC
- struct ec_key_st *ec; /* ECC */
- ECX_KEY *ecx; /* X25519, X448, Ed25519, Ed448 */
-# endif
- } pkey;
- int save_parameters;
- STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
- CRYPTO_RWLOCK *lock;
-} /* EVP_PKEY */ ;
-
-
-void openssl_add_all_ciphers_int(void);
-void openssl_add_all_digests_int(void);
-void evp_cleanup_int(void);
-void evp_app_cleanup_int(void);
-
-/* Pulling defines out of C source files */
-
-#define EVP_RC4_KEY_SIZE 16
-#ifndef TLS1_1_VERSION
-# define TLS1_1_VERSION 0x0302
-#endif
-
-void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags);
-
-/* EVP_ENCODE_CTX flags */
-/* Don't generate new lines when encoding */
-#define EVP_ENCODE_CTX_NO_NEWLINES 1
-/* Use the SRP base64 alphabet instead of the standard one */
-#define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2
diff --git a/crypto/include/internal/lhash.h b/crypto/include/internal/lhash.h
deleted file mode 100644
index 200ba8685da2..000000000000
--- a/crypto/include/internal/lhash.h
+++ /dev/null
@@ -1,15 +0,0 @@
-/*
- * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef INTERNAL_LHASH_H
-# define INTERNAL_LHASH_H
-
-unsigned long openssl_lh_strcasehash(const char *);
-
-#endif
diff --git a/crypto/include/internal/md32_common.h b/crypto/include/internal/md32_common.h
deleted file mode 100644
index 1124e9c24b2a..000000000000
--- a/crypto/include/internal/md32_common.h
+++ /dev/null
@@ -1,256 +0,0 @@
-/*
- * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*-
- * This is a generic 32 bit "collector" for message digest algorithms.
- * Whenever needed it collects input character stream into chunks of
- * 32 bit values and invokes a block function that performs actual hash
- * calculations.
- *
- * Porting guide.
- *
- * Obligatory macros:
- *
- * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
- * this macro defines byte order of input stream.
- * HASH_CBLOCK
- * size of a unit chunk HASH_BLOCK operates on.
- * HASH_LONG
- * has to be at least 32 bit wide.
- * HASH_CTX
- * context structure that at least contains following
- * members:
- * typedef struct {
- * ...
- * HASH_LONG Nl,Nh;
- * either {
- * HASH_LONG data[HASH_LBLOCK];
- * unsigned char data[HASH_CBLOCK];
- * };
- * unsigned int num;
- * ...
- * } HASH_CTX;
- * data[] vector is expected to be zeroed upon first call to
- * HASH_UPDATE.
- * HASH_UPDATE
- * name of "Update" function, implemented here.
- * HASH_TRANSFORM
- * name of "Transform" function, implemented here.
- * HASH_FINAL
- * name of "Final" function, implemented here.
- * HASH_BLOCK_DATA_ORDER
- * name of "block" function capable of treating *unaligned* input
- * message in original (data) byte order, implemented externally.
- * HASH_MAKE_STRING
- * macro converting context variables to an ASCII hash string.
- *
- * MD5 example:
- *
- * #define DATA_ORDER_IS_LITTLE_ENDIAN
- *
- * #define HASH_LONG MD5_LONG
- * #define HASH_CTX MD5_CTX
- * #define HASH_CBLOCK MD5_CBLOCK
- * #define HASH_UPDATE MD5_Update
- * #define HASH_TRANSFORM MD5_Transform
- * #define HASH_FINAL MD5_Final
- * #define HASH_BLOCK_DATA_ORDER md5_block_data_order
- */
-
-#include <openssl/crypto.h>
-
-#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-# error "DATA_ORDER must be defined!"
-#endif
-
-#ifndef HASH_CBLOCK
-# error "HASH_CBLOCK must be defined!"
-#endif
-#ifndef HASH_LONG
-# error "HASH_LONG must be defined!"
-#endif
-#ifndef HASH_CTX
-# error "HASH_CTX must be defined!"
-#endif
-
-#ifndef HASH_UPDATE
-# error "HASH_UPDATE must be defined!"
-#endif
-#ifndef HASH_TRANSFORM
-# error "HASH_TRANSFORM must be defined!"
-#endif
-#ifndef HASH_FINAL
-# error "HASH_FINAL must be defined!"
-#endif
-
-#ifndef HASH_BLOCK_DATA_ORDER
-# error "HASH_BLOCK_DATA_ORDER must be defined!"
-#endif
-
-#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
-
-#if defined(DATA_ORDER_IS_BIG_ENDIAN)
-
-# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
- l|=(((unsigned long)(*((c)++)))<<16), \
- l|=(((unsigned long)(*((c)++)))<< 8), \
- l|=(((unsigned long)(*((c)++))) ) )
-# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l) )&0xff), \
- l)
-
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-
-# define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
- l|=(((unsigned long)(*((c)++)))<< 8), \
- l|=(((unsigned long)(*((c)++)))<<16), \
- l|=(((unsigned long)(*((c)++)))<<24) )
-# define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
- *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
- *((c)++)=(unsigned char)(((l)>>16)&0xff), \
- *((c)++)=(unsigned char)(((l)>>24)&0xff), \
- l)
-
-#endif
-
-/*
- * Time for some action :-)
- */
-
-int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len)
-{
- const unsigned char *data = data_;
- unsigned char *p;
- HASH_LONG l;
- size_t n;
-
- if (len == 0)
- return 1;
-
- l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL;
- if (l < c->Nl) /* overflow */
- c->Nh++;
- c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on
- * 16-bit */
- c->Nl = l;
-
- n = c->num;
- if (n != 0) {
- p = (unsigned char *)c->data;
-
- if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
- memcpy(p + n, data, HASH_CBLOCK - n);
- HASH_BLOCK_DATA_ORDER(c, p, 1);
- n = HASH_CBLOCK - n;
- data += n;
- len -= n;
- c->num = 0;
- /*
- * We use memset rather than OPENSSL_cleanse() here deliberately.
- * Using OPENSSL_cleanse() here could be a performance issue. It
- * will get properly cleansed on finalisation so this isn't a
- * security problem.
- */
- memset(p, 0, HASH_CBLOCK); /* keep it zeroed */
- } else {
- memcpy(p + n, data, len);
- c->num += (unsigned int)len;
- return 1;
- }
- }
-
- n = len / HASH_CBLOCK;
- if (n > 0) {
- HASH_BLOCK_DATA_ORDER(c, data, n);
- n *= HASH_CBLOCK;
- data += n;
- len -= n;
- }
-
- if (len != 0) {
- p = (unsigned char *)c->data;
- c->num = (unsigned int)len;
- memcpy(p, data, len);
- }
- return 1;
-}
-
-void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data)
-{
- HASH_BLOCK_DATA_ORDER(c, data, 1);
-}
-
-int HASH_FINAL(unsigned char *md, HASH_CTX *c)
-{
- unsigned char *p = (unsigned char *)c->data;
- size_t n = c->num;
-
- p[n] = 0x80; /* there is always room for one */
- n++;
-
- if (n > (HASH_CBLOCK - 8)) {
- memset(p + n, 0, HASH_CBLOCK - n);
- n = 0;
- HASH_BLOCK_DATA_ORDER(c, p, 1);
- }
- memset(p + n, 0, HASH_CBLOCK - 8 - n);
-
- p += HASH_CBLOCK - 8;
-#if defined(DATA_ORDER_IS_BIG_ENDIAN)
- (void)HOST_l2c(c->Nh, p);
- (void)HOST_l2c(c->Nl, p);
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
- (void)HOST_l2c(c->Nl, p);
- (void)HOST_l2c(c->Nh, p);
-#endif
- p -= HASH_CBLOCK;
- HASH_BLOCK_DATA_ORDER(c, p, 1);
- c->num = 0;
- OPENSSL_cleanse(p, HASH_CBLOCK);
-
-#ifndef HASH_MAKE_STRING
-# error "HASH_MAKE_STRING must be defined!"
-#else
- HASH_MAKE_STRING(c, md);
-#endif
-
- return 1;
-}
-
-#ifndef MD32_REG_T
-# if defined(__alpha) || defined(__sparcv9) || defined(__mips)
-# define MD32_REG_T long
-/*
- * This comment was originally written for MD5, which is why it
- * discusses A-D. But it basically applies to all 32-bit digests,
- * which is why it was moved to common header file.
- *
- * In case you wonder why A-D are declared as long and not
- * as MD5_LONG. Doing so results in slight performance
- * boost on LP64 architectures. The catch is we don't
- * really care if 32 MSBs of a 64-bit register get polluted
- * with eventual overflows as we *save* only 32 LSBs in
- * *either* case. Now declaring 'em long excuses the compiler
- * from keeping 32 MSBs zeroed resulting in 13% performance
- * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
- * Well, to be honest it should say that this *prevents*
- * performance degradation.
- */
-# else
-/*
- * Above is not absolute and there are LP64 compilers that
- * generate better code if MD32_REG_T is defined int. The above
- * pre-processor condition reflects the circumstances under which
- * the conclusion was made and is subject to further extension.
- */
-# define MD32_REG_T int
-# endif
-#endif
diff --git a/crypto/include/internal/objects.h b/crypto/include/internal/objects.h
deleted file mode 100644
index 76e1b4d98838..000000000000
--- a/crypto/include/internal/objects.h
+++ /dev/null
@@ -1,12 +0,0 @@
-/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <openssl/objects.h>
-
-void obj_cleanup_int(void);
diff --git a/crypto/include/internal/poly1305.h b/crypto/include/internal/poly1305.h
deleted file mode 100644
index 5fef239d0f8f..000000000000
--- a/crypto/include/internal/poly1305.h
+++ /dev/null
@@ -1,21 +0,0 @@
-/*
- * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <stddef.h>
-
-#define POLY1305_BLOCK_SIZE 16
-#define POLY1305_DIGEST_SIZE 16
-#define POLY1305_KEY_SIZE 32
-
-typedef struct poly1305_context POLY1305;
-
-size_t Poly1305_ctx_size(void);
-void Poly1305_Init(POLY1305 *ctx, const unsigned char key[32]);
-void Poly1305_Update(POLY1305 *ctx, const unsigned char *inp, size_t len);
-void Poly1305_Final(POLY1305 *ctx, unsigned char mac[16]);
diff --git a/crypto/include/internal/rand_int.h b/crypto/include/internal/rand_int.h
deleted file mode 100644
index 10347ab0e374..000000000000
--- a/crypto/include/internal/rand_int.h
+++ /dev/null
@@ -1,134 +0,0 @@
-/*
- * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-/*
- * Licensed under the OpenSSL licenses, (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * https://www.openssl.org/source/license.html
- * or in the file LICENSE in the source distribution.
- */
-
-#ifndef HEADER_RAND_INT_H
-# define HEADER_RAND_INT_H
-
-# include <openssl/rand.h>
-
-/* forward declaration */
-typedef struct rand_pool_st RAND_POOL;
-
-void rand_cleanup_int(void);
-void rand_drbg_cleanup_int(void);
-void drbg_delete_thread_state(void);
-
-/* Hardware-based seeding functions. */
-size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool);
-size_t rand_acquire_entropy_from_cpu(RAND_POOL *pool);
-
-/* DRBG entropy callbacks. */
-size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
- unsigned char **pout,
- int entropy, size_t min_len, size_t max_len,
- int prediction_resistance);
-void rand_drbg_cleanup_entropy(RAND_DRBG *drbg,
- unsigned char *out, size_t outlen);
-size_t rand_drbg_get_nonce(RAND_DRBG *drbg,
- unsigned char **pout,
- int entropy, size_t min_len, size_t max_len);
-void rand_drbg_cleanup_nonce(RAND_DRBG *drbg,
- unsigned char *out, size_t outlen);
-
-size_t rand_drbg_get_additional_data(RAND_POOL *pool, unsigned char **pout);
-
-void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);
-
-/*
- * RAND_POOL functions
- */
-RAND_POOL *rand_pool_new(int entropy_requested, int secure,
- size_t min_len, size_t max_len);
-RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len,
- size_t entropy);
-void rand_pool_free(RAND_POOL *pool);
-
-const unsigned char *rand_pool_buffer(RAND_POOL *pool);
-unsigned char *rand_pool_detach(RAND_POOL *pool);
-void rand_pool_reattach(RAND_POOL *pool, unsigned char *buffer);
-
-size_t rand_pool_entropy(RAND_POOL *pool);
-size_t rand_pool_length(RAND_POOL *pool);
-
-size_t rand_pool_entropy_available(RAND_POOL *pool);
-size_t rand_pool_entropy_needed(RAND_POOL *pool);
-/* |entropy_factor| expresses how many bits of data contain 1 bit of entropy */
-size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor);
-size_t rand_pool_bytes_remaining(RAND_POOL *pool);
-
-int rand_pool_add(RAND_POOL *pool,
- const unsigned char *buffer, size_t len, size_t entropy);
-unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len);
-int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy);
-
-
-/*
- * Add random bytes to the pool to acquire requested amount of entropy
- *
- * This function is platform specific and tries to acquire the requested
- * amount of entropy by polling platform specific entropy sources.
- *
- * If the function succeeds in acquiring at least |entropy_requested| bits
- * of entropy, the total entropy count is returned. If it fails, it returns
- * an entropy count of 0.
- */
-size_t rand_pool_acquire_entropy(RAND_POOL *pool);
-
-/*
- * Add some application specific nonce data
- *
- * This function is platform specific and adds some application specific
- * data to the nonce used for instantiating the drbg.
- *
- * This data currently consists of the process and thread id, and a high
- * resolution timestamp. The data does not include an atomic counter,
- * because that is added by the calling function rand_drbg_get_nonce().
- *
- * Returns 1 on success and 0 on failure.
- */
-int rand_pool_add_nonce_data(RAND_POOL *pool);
-
-
-/*
- * Add some platform specific additional data
- *
- * This function is platform specific and adds some random noise to the
- * additional data used for generating random bytes and for reseeding
- * the drbg.
- *
- * Returns 1 on success and 0 on failure.
- */
-int rand_pool_add_additional_data(RAND_POOL *pool);
-
-/*
- * Initialise the random pool reseeding sources.
- *
- * Returns 1 on success and 0 on failure.
- */
-int rand_pool_init(void);
-
-/*
- * Finalise the random pool reseeding sources.
- */
-void rand_pool_cleanup(void);
-
-/*
- * Control the random pool use of open file descriptors.
- */
-void rand_pool_keep_random_devices_open(int keep);
-
-#endif
diff --git a/crypto/include/internal/sha.h b/crypto/include/internal/sha.h
deleted file mode 100644
index 458a75e89d4a..000000000000
--- a/crypto/include/internal/sha.h
+++ /dev/null
@@ -1,19 +0,0 @@
-/*
- * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef HEADER_INTERNAL_SHA_H
-# define HEADER_INTERNAL_SHA_H
-
-# include <openssl/opensslconf.h>
-
-int sha512_224_init(SHA512_CTX *);
-int sha512_256_init(SHA512_CTX *);
-
-#endif
diff --git a/crypto/include/internal/siphash.h b/crypto/include/internal/siphash.h
deleted file mode 100644
index 9573680f0f15..000000000000
--- a/crypto/include/internal/siphash.h
+++ /dev/null
@@ -1,25 +0,0 @@
-/*
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <stddef.h>
-
-#define SIPHASH_BLOCK_SIZE 8
-#define SIPHASH_KEY_SIZE 16
-#define SIPHASH_MIN_DIGEST_SIZE 8
-#define SIPHASH_MAX_DIGEST_SIZE 16
-
-typedef struct siphash_st SIPHASH;
-
-size_t SipHash_ctx_size(void);
-size_t SipHash_hash_size(SIPHASH *ctx);
-int SipHash_set_hash_size(SIPHASH *ctx, size_t hash_size);
-int SipHash_Init(SIPHASH *ctx, const unsigned char *k,
- int crounds, int drounds);
-void SipHash_Update(SIPHASH *ctx, const unsigned char *in, size_t inlen);
-int SipHash_Final(SIPHASH *ctx, unsigned char *out, size_t outlen);
diff --git a/crypto/include/internal/sm2.h b/crypto/include/internal/sm2.h
deleted file mode 100644
index 5c5cd4b4f567..000000000000
--- a/crypto/include/internal/sm2.h
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
- * Copyright 2017 Ribose Inc. All Rights Reserved.
- * Ported from Ribose contributions from Botan.
- *
- * Licensed under the OpenSSL license (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#ifndef HEADER_SM2_H
-# define HEADER_SM2_H
-# include <openssl/opensslconf.h>
-
-# ifndef OPENSSL_NO_SM2
-
-# include <openssl/ec.h>
-
-/* The default user id as specified in GM/T 0009-2012 */
-# define SM2_DEFAULT_USERID "1234567812345678"
-
-int sm2_compute_z_digest(uint8_t *out,
- const EVP_MD *digest,
- const uint8_t *id,
- const size_t id_len,
- const EC_KEY *key);
-
-/*
- * SM2 signature operation. Computes Z and then signs H(Z || msg) using SM2
- */
-ECDSA_SIG *sm2_do_sign(const EC_KEY *key,
- const EVP_MD *digest,
- const uint8_t *id,
- const size_t id_len,
- const uint8_t *msg, size_t msg_