aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2014-01-22 19:27:13 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2014-01-22 19:27:13 +0000
commit2dc7f78169ea4545102b8d9b0604f785cdc798f5 (patch)
tree916b5f4a06b1f51b6af3e4437ab74e3d27e9cdd9 /crypto
parentcbbee3a581d0bbf1b738c0805da55a438c265a20 (diff)
downloadsrc-2dc7f78169ea4545102b8d9b0604f785cdc798f5.tar.gz
src-2dc7f78169ea4545102b8d9b0604f785cdc798f5.zip
Import OpenSSL 1.0.1f.vendor/openssl/1.0.1f
Approved by: so (delphij), benl (silence)
Notes
Notes: svn path=/vendor-crypto/openssl/dist/; revision=261035 svn path=/vendor-crypto/openssl/1.0.1f/; revision=261036; tag=vendor/openssl/1.0.1f
Diffstat (limited to 'crypto')
-rw-r--r--crypto/Makefile4
-rwxr-xr-xcrypto/aes/asm/aes-parisc.pl3
-rwxr-xr-xcrypto/aes/asm/bsaes-x86_64.pl73
-rw-r--r--crypto/armcap.c2
-rw-r--r--crypto/asn1/a_int.c2
-rw-r--r--crypto/bio/bss_dgram.c6
-rw-r--r--crypto/bn/Makefile4
-rwxr-xr-xcrypto/bn/asm/mips-mont.pl2
-rwxr-xr-xcrypto/bn/asm/mips.pl44
-rwxr-xr-xcrypto/bn/asm/parisc-mont.pl4
-rwxr-xr-xcrypto/bn/asm/x86_64-gf2m.pl3
-rwxr-xr-xcrypto/bn/asm/x86_64-mont5.pl4
-rw-r--r--crypto/bn/bn_nist.c55
-rw-r--r--crypto/buffer/buffer.c4
-rw-r--r--crypto/buffer/buffer.h2
-rw-r--r--crypto/ec/ec_ameth.c2
-rw-r--r--crypto/ec/ec_asn1.c6
-rw-r--r--crypto/ec/ec_lib.c10
-rw-r--r--crypto/engine/eng_rdrand.c1
-rw-r--r--crypto/evp/Makefile2
-rw-r--r--crypto/evp/digest.c7
-rw-r--r--crypto/evp/e_aes.c16
-rw-r--r--crypto/evp/e_aes_cbc_hmac_sha1.c5
-rw-r--r--crypto/evp/e_des3.c6
-rw-r--r--crypto/evp/p5_crpt2.c40
-rw-r--r--crypto/modes/Makefile5
-rwxr-xr-xcrypto/modes/asm/ghash-parisc.pl1
-rw-r--r--crypto/modes/cbc128.c25
-rw-r--r--crypto/modes/ccm128.c2
-rw-r--r--crypto/modes/cts128.c28
-rw-r--r--crypto/modes/gcm128.c104
-rw-r--r--crypto/modes/modes_lcl.h9
-rw-r--r--crypto/opensslv.h6
-rwxr-xr-xcrypto/pariscid.pl41
-rw-r--r--crypto/pem/pem_info.c1
-rw-r--r--crypto/pkcs12/p12_crt.c7
-rw-r--r--crypto/rand/md_rand.c22
-rw-r--r--crypto/rand/rand.h1
-rw-r--r--crypto/rand/rand_err.c1
-rw-r--r--crypto/rand/rand_lib.c8
-rwxr-xr-xcrypto/rc4/asm/rc4-parisc.pl3
-rw-r--r--crypto/rsa/rsa_ameth.c8
-rw-r--r--crypto/rsa/rsa_chk.c6
-rw-r--r--crypto/rsa/rsa_pmeth.c2
-rw-r--r--crypto/sha/Makefile4
-rwxr-xr-xcrypto/sha/asm/sha1-parisc.pl3
-rwxr-xr-xcrypto/sha/asm/sha1-x86_64.pl4
-rwxr-xr-xcrypto/sha/asm/sha512-mips.pl2
-rwxr-xr-xcrypto/sha/asm/sha512-parisc.pl2
-rw-r--r--crypto/sha/sha512.c9
-rw-r--r--crypto/srp/srp_grps.h816
-rw-r--r--crypto/srp/srp_lib.c18
-rw-r--r--crypto/x509/x509_vfy.c11
-rw-r--r--crypto/x509/x_all.c2
-rw-r--r--crypto/x86cpuid.pl2
55 files changed, 847 insertions, 613 deletions
diff --git a/crypto/Makefile b/crypto/Makefile
index 947dd5d44ec5..a90809b2b833 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -77,7 +77,9 @@ ia64cpuid.s: ia64cpuid.S; $(CC) $(CFLAGS) -E ia64cpuid.S > $@
ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
pariscid.s: pariscid.pl; $(PERL) pariscid.pl $(PERLASM_SCHEME) $@
alphacpuid.s: alphacpuid.pl
- $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
+ (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+ $(PERL) alphacpuid.pl > $$preproc && \
+ $(CC) -E $$preproc > $@ && rm $$preproc)
testapps:
[ -z "$(THIS)" ] || ( if echo $(SDIRS) | fgrep ' des '; \
diff --git a/crypto/aes/asm/aes-parisc.pl b/crypto/aes/asm/aes-parisc.pl
index c36b6a22705c..714dcfbbe3b7 100755
--- a/crypto/aes/asm/aes-parisc.pl
+++ b/crypto/aes/asm/aes-parisc.pl
@@ -1015,7 +1015,8 @@ foreach (split("\n",$code)) {
$SIZE_T==4 ? sprintf("extru%s,%d,8,",$1,31-$2)
: sprintf("extrd,u%s,%d,8,",$1,63-$2)/e;
- s/,\*/,/ if ($SIZE_T==4);
+ s/,\*/,/ if ($SIZE_T==4);
+ s/\bbv\b(.*\(%r2\))/bve$1/ if ($SIZE_T==8);
print $_,"\n";
}
close STDOUT;
diff --git a/crypto/aes/asm/bsaes-x86_64.pl b/crypto/aes/asm/bsaes-x86_64.pl
index ceb02b50ddb6..41b90f08443f 100755
--- a/crypto/aes/asm/bsaes-x86_64.pl
+++ b/crypto/aes/asm/bsaes-x86_64.pl
@@ -83,9 +83,9 @@
# Add decryption procedure. Performance in CPU cycles spent to decrypt
# one byte out of 4096-byte buffer with 128-bit key is:
#
-# Core 2 11.0
-# Nehalem 9.16
-# Atom 20.9
+# Core 2 9.83
+# Nehalem 7.74
+# Atom 19.0
#
# November 2011.
#
@@ -456,6 +456,7 @@ sub MixColumns {
# modified to emit output in order suitable for feeding back to aesenc[last]
my @x=@_[0..7];
my @t=@_[8..15];
+my $inv=@_[16]; # optional
$code.=<<___;
pshufd \$0x93, @x[0], @t[0] # x0 <<< 32
pshufd \$0x93, @x[1], @t[1]
@@ -497,7 +498,8 @@ $code.=<<___;
pxor @t[4], @t[0]
pshufd \$0x4E, @x[2], @x[6]
pxor @t[5], @t[1]
-
+___
+$code.=<<___ if (!$inv);
pxor @t[3], @x[4]
pxor @t[7], @x[5]
pxor @t[6], @x[3]
@@ -505,9 +507,20 @@ $code.=<<___;
pxor @t[2], @x[6]
movdqa @t[1], @x[7]
___
+$code.=<<___ if ($inv);
+ pxor @x[4], @t[3]
+ pxor @t[7], @x[5]
+ pxor @x[3], @t[6]
+ movdqa @t[0], @x[3]
+ pxor @t[2], @x[6]
+ movdqa @t[6], @x[2]
+ movdqa @t[1], @x[7]
+ movdqa @x[6], @x[4]
+ movdqa @t[3], @x[6]
+___
}
-sub InvMixColumns {
+sub InvMixColumns_orig {
my @x=@_[0..7];
my @t=@_[8..15];
@@ -661,6 +674,54 @@ $code.=<<___;
___
}
+sub InvMixColumns {
+my @x=@_[0..7];
+my @t=@_[8..15];
+
+# Thanks to Jussi Kivilinna for providing pointer to
+#
+# | 0e 0b 0d 09 | | 02 03 01 01 | | 05 00 04 00 |
+# | 09 0e 0b 0d | = | 01 02 03 01 | x | 00 05 00 04 |
+# | 0d 09 0e 0b | | 01 01 02 03 | | 04 00 05 00 |
+# | 0b 0d 09 0e | | 03 01 01 02 | | 00 04 00 05 |
+
+$code.=<<___;
+ # multiplication by 0x05-0x00-0x04-0x00
+ pshufd \$0x4E, @x[0], @t[0]
+ pshufd \$0x4E, @x[6], @t[6]
+ pxor @x[0], @t[0]
+ pshufd \$0x4E, @x[7], @t[7]
+ pxor @x[6], @t[6]
+ pshufd \$0x4E, @x[1], @t[1]
+ pxor @x[7], @t[7]
+ pshufd \$0x4E, @x[2], @t[2]
+ pxor @x[1], @t[1]
+ pshufd \$0x4E, @x[3], @t[3]
+ pxor @x[2], @t[2]
+ pxor @t[6], @x[0]
+ pxor @t[6], @x[1]
+ pshufd \$0x4E, @x[4], @t[4]
+ pxor @x[3], @t[3]
+ pxor @t[0], @x[2]
+ pxor @t[1], @x[3]
+ pshufd \$0x4E, @x[5], @t[5]
+ pxor @x[4], @t[4]
+ pxor @t[7], @x[1]
+ pxor @t[2], @x[4]
+ pxor @x[5], @t[5]
+
+ pxor @t[7], @x[2]
+ pxor @t[6], @x[3]
+ pxor @t[6], @x[4]
+ pxor @t[3], @x[5]
+ pxor @t[4], @x[6]
+ pxor @t[7], @x[4]
+ pxor @t[7], @x[5]
+ pxor @t[5], @x[7]
+___
+ &MixColumns (@x,@t,1); # flipped 2<->3 and 4<->6
+}
+
sub aesenc { # not used
my @b=@_[0..7];
my @t=@_[8..15];
@@ -2028,6 +2089,8 @@ ___
# const unsigned char iv[16]);
#
my ($twmask,$twres,$twtmp)=@XMM[13..15];
+$arg6=~s/d$//;
+
$code.=<<___;
.globl bsaes_xts_encrypt
.type bsaes_xts_encrypt,\@abi-omnipotent
diff --git a/crypto/armcap.c b/crypto/armcap.c
index 5258d2fbddfa..9abaf396e53e 100644
--- a/crypto/armcap.c
+++ b/crypto/armcap.c
@@ -23,7 +23,7 @@ unsigned int _armv7_tick(void);
unsigned int OPENSSL_rdtsc(void)
{
- if (OPENSSL_armcap_P|ARMV7_TICK)
+ if (OPENSSL_armcap_P & ARMV7_TICK)
return _armv7_tick();
else
return 0;
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index ad0d2506f632..297c45a9ff12 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -116,7 +116,7 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
int pad=0,ret,i,neg;
unsigned char *p,*n,pb=0;
- if ((a == NULL) || (a->data == NULL)) return(0);
+ if (a == NULL) return(0);
neg=a->type & V_ASN1_NEG;
if (a->length == 0)
ret=1;
diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
index 8990909971ca..54c012c47d7b 100644
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@@ -906,8 +906,8 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag)
memset(authchunks, 0, sizeof(sockopt_len));
ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, &sockopt_len);
OPENSSL_assert(ret >= 0);
-
- for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t);
+
+ for (p = (unsigned char*) authchunks->gauth_chunks;
p < (unsigned char*) authchunks + sockopt_len;
p += sizeof(uint8_t))
{
@@ -1197,7 +1197,7 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS, authchunks, &optlen);
OPENSSL_assert(ii >= 0);
- for (p = (unsigned char*) authchunks + sizeof(sctp_assoc_t);
+ for (p = (unsigned char*) authchunks->gauth_chunks;
p < (unsigned char*) authchunks + optlen;
p += sizeof(uint8_t))
{
diff --git a/crypto/bn/Makefile b/crypto/bn/Makefile
index 672773454cfd..6dd136be5d6b 100644
--- a/crypto/bn/Makefile
+++ b/crypto/bn/Makefile
@@ -125,7 +125,9 @@ ppc-mont.s: asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
ppc64-mont.s: asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
alpha-mont.s: asm/alpha-mont.pl
- $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
+ (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+ $(PERL) asm/alpha-mont.pl > $$preproc && \
+ $(CC) -E $$preproc > $@ && rm $$preproc)
# GNU make "catch all"
%-mont.s: asm/%-mont.pl; $(PERL) $< $(PERLASM_SCHEME) $@
diff --git a/crypto/bn/asm/mips-mont.pl b/crypto/bn/asm/mips-mont.pl
index b944a12b8e29..caae04ed3a86 100755
--- a/crypto/bn/asm/mips-mont.pl
+++ b/crypto/bn/asm/mips-mont.pl
@@ -133,7 +133,7 @@ $code.=<<___;
bnez $at,1f
li $t0,0
slt $at,$num,17 # on in-order CPU
- bnezl $at,bn_mul_mont_internal
+ bnez $at,bn_mul_mont_internal
nop
1: jr $ra
li $a0,0
diff --git a/crypto/bn/asm/mips.pl b/crypto/bn/asm/mips.pl
index 38b51645f067..d2f3ef7bbf2c 100755
--- a/crypto/bn/asm/mips.pl
+++ b/crypto/bn/asm/mips.pl
@@ -140,10 +140,10 @@ $code.=<<___;
.set reorder
li $minus4,-4
and $ta0,$a2,$minus4
- $LD $t0,0($a1)
beqz $ta0,.L_bn_mul_add_words_tail
.L_bn_mul_add_words_loop:
+ $LD $t0,0($a1)
$MULTU $t0,$a3
$LD $t1,0($a0)
$LD $t2,$BNSZ($a1)
@@ -200,10 +200,9 @@ $code.=<<___;
$ADDU $v0,$ta2
sltu $at,$ta3,$at
$ST $ta3,-$BNSZ($a0)
- $ADDU $v0,$at
.set noreorder
- bgtzl $ta0,.L_bn_mul_add_words_loop
- $LD $t0,0($a1)
+ bgtz $ta0,.L_bn_mul_add_words_loop
+ $ADDU $v0,$at
beqz $a2,.L_bn_mul_add_words_return
nop
@@ -300,10 +299,10 @@ $code.=<<___;
.set reorder
li $minus4,-4
and $ta0,$a2,$minus4
- $LD $t0,0($a1)
beqz $ta0,.L_bn_mul_words_tail
.L_bn_mul_words_loop:
+ $LD $t0,0($a1)
$MULTU $t0,$a3
$LD $t2,$BNSZ($a1)
$LD $ta0,2*$BNSZ($a1)
@@ -341,10 +340,9 @@ $code.=<<___;
$ADDU $v0,$at
sltu $ta3,$v0,$at
$ST $v0,-$BNSZ($a0)
- $ADDU $v0,$ta3,$ta2
.set noreorder
- bgtzl $ta0,.L_bn_mul_words_loop
- $LD $t0,0($a1)
+ bgtz $ta0,.L_bn_mul_words_loop
+ $ADDU $v0,$ta3,$ta2
beqz $a2,.L_bn_mul_words_return
nop
@@ -429,10 +427,10 @@ $code.=<<___;
.set reorder
li $minus4,-4
and $ta0,$a2,$minus4
- $LD $t0,0($a1)
beqz $ta0,.L_bn_sqr_words_tail
.L_bn_sqr_words_loop:
+ $LD $t0,0($a1)
$MULTU $t0,$t0
$LD $t2,$BNSZ($a1)
$LD $ta0,2*$BNSZ($a1)
@@ -463,11 +461,10 @@ $code.=<<___;
mflo $ta3
mfhi $ta2
$ST $ta3,-2*$BNSZ($a0)
- $ST $ta2,-$BNSZ($a0)
.set noreorder
- bgtzl $ta0,.L_bn_sqr_words_loop
- $LD $t0,0($a1)
+ bgtz $ta0,.L_bn_sqr_words_loop
+ $ST $ta2,-$BNSZ($a0)
beqz $a2,.L_bn_sqr_words_return
nop
@@ -547,10 +544,10 @@ $code.=<<___;
.set reorder
li $minus4,-4
and $at,$a3,$minus4
- $LD $t0,0($a1)
beqz $at,.L_bn_add_words_tail
.L_bn_add_words_loop:
+ $LD $t0,0($a1)
$LD $ta0,0($a2)
subu $a3,4
$LD $t1,$BNSZ($a1)
@@ -589,11 +586,10 @@ $code.=<<___;
$ADDU $t3,$ta3,$v0
sltu $v0,$t3,$ta3
$ST $t3,-$BNSZ($a0)
- $ADDU $v0,$t9
.set noreorder
- bgtzl $at,.L_bn_add_words_loop
- $LD $t0,0($a1)
+ bgtz $at,.L_bn_add_words_loop
+ $ADDU $v0,$t9
beqz $a3,.L_bn_add_words_return
nop
@@ -679,10 +675,10 @@ $code.=<<___;
.set reorder
li $minus4,-4
and $at,$a3,$minus4
- $LD $t0,0($a1)
beqz $at,.L_bn_sub_words_tail
.L_bn_sub_words_loop:
+ $LD $t0,0($a1)
$LD $ta0,0($a2)
subu $a3,4
$LD $t1,$BNSZ($a1)
@@ -722,11 +718,10 @@ $code.=<<___;
$SUBU $t3,$ta3,$v0
sgtu $v0,$t3,$ta3
$ST $t3,-$BNSZ($a0)
- $ADDU $v0,$t9
.set noreorder
- bgtzl $at,.L_bn_sub_words_loop
- $LD $t0,0($a1)
+ bgtz $at,.L_bn_sub_words_loop
+ $ADDU $v0,$t9
beqz $a3,.L_bn_sub_words_return
nop
@@ -840,8 +835,9 @@ $code.=<<___;
sltu $ta0,$a1,$a2
or $t8,$ta0
.set noreorder
- beqzl $at,.L_bn_div_3_words_inner_loop
+ beqz $at,.L_bn_div_3_words_inner_loop
$SUBU $v0,1
+ $ADDU $v0,1
.set reorder
.L_bn_div_3_words_inner_loop_done:
.set noreorder
@@ -902,7 +898,8 @@ $code.=<<___;
and $t2,$a0
$SRL $at,$a1,$t1
.set noreorder
- bnezl $t2,.+8
+ beqz $t2,.+12
+ nop
break 6 # signal overflow
.set reorder
$SLL $a0,$t9
@@ -917,7 +914,8 @@ $code.=<<___;
$SRL $DH,$a2,4*$BNSZ # bits
sgeu $at,$a0,$a2
.set noreorder
- bnezl $at,.+8
+ beqz $at,.+12
+ nop
$SUBU $a0,$a2
.set reorder
diff --git a/crypto/bn/asm/parisc-mont.pl b/crypto/bn/asm/parisc-mont.pl
index 4a766a87fb2e..c02ef6f01466 100755
--- a/crypto/bn/asm/parisc-mont.pl
+++ b/crypto/bn/asm/parisc-mont.pl
@@ -40,7 +40,7 @@
# of arithmetic operations, most notably multiplications. It requires
# more memory references, most notably to tp[num], but this doesn't
# seem to exhaust memory port capacity. And indeed, dedicated PA-RISC
-# 2.0 code path, provides virtually same performance as pa-risc2[W].s:
+# 2.0 code path provides virtually same performance as pa-risc2[W].s:
# it's ~10% better for shortest key length and ~10% worse for longest
# one.
#
@@ -988,6 +988,8 @@ foreach (split("\n",$code)) {
# assemble 2.0 instructions in 32-bit mode...
s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($BN_SZ==4);
+ s/\bbv\b/bve/gm if ($SIZE_T==8);
+
print $_,"\n";
}
close STDOUT;
diff --git a/crypto/bn/asm/x86_64-gf2m.pl b/crypto/bn/asm/x86_64-gf2m.pl
index a30d4ef02958..226c66c35e35 100755
--- a/crypto/bn/asm/x86_64-gf2m.pl
+++ b/crypto/bn/asm/x86_64-gf2m.pl
@@ -31,7 +31,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl";
-open STDOUT,"| \"$^X\" $xlate $flavour $output";
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
($lo,$hi)=("%rax","%rdx"); $a=$lo;
($i0,$i1)=("%rsi","%rdi");
diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl
index 8f8dc5a59798..dae0fe245318 100755
--- a/crypto/bn/asm/x86_64-mont5.pl
+++ b/crypto/bn/asm/x86_64-mont5.pl
@@ -901,8 +901,8 @@ $code.=<<___;
jnz .Lgather
___
$code.=<<___ if ($win64);
- movaps %xmm6,(%rsp)
- movaps %xmm7,0x10(%rsp)
+ movaps (%rsp),%xmm6
+ movaps 0x10(%rsp),%xmm7
lea 0x28(%rsp),%rsp
___
$code.=<<___;
diff --git a/crypto/bn/bn_nist.c b/crypto/bn/bn_nist.c
index 43caee477031..e22968d4a33b 100644
--- a/crypto/bn/bn_nist.c
+++ b/crypto/bn/bn_nist.c
@@ -286,26 +286,25 @@ const BIGNUM *BN_get0_nist_prime_521(void)
}
-static void nist_cp_bn_0(BN_ULONG *buf, BN_ULONG *a, int top, int max)
+static void nist_cp_bn_0(BN_ULONG *dst, const BN_ULONG *src, int top, int max)
{
int i;
- BN_ULONG *_tmp1 = (buf), *_tmp2 = (a);
#ifdef BN_DEBUG
OPENSSL_assert(top <= max);
#endif
- for (i = (top); i != 0; i--)
- *_tmp1++ = *_tmp2++;
- for (i = (max) - (top); i != 0; i--)
- *_tmp1++ = (BN_ULONG) 0;
+ for (i = 0; i < top; i++)
+ dst[i] = src[i];
+ for (; i < max; i++)
+ dst[i] = 0;
}
-static void nist_cp_bn(BN_ULONG *buf, BN_ULONG *a, int top)
+static void nist_cp_bn(BN_ULONG *dst, const BN_ULONG *src, int top)
{
int i;
- BN_ULONG *_tmp1 = (buf), *_tmp2 = (a);
- for (i = (top); i != 0; i--)
- *_tmp1++ = *_tmp2++;
+
+ for (i = 0; i < top; i++)
+ dst[i] = src[i];
}
#if BN_BITS2 == 64
@@ -451,8 +450,9 @@ int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
*/
mask = 0-(PTR_SIZE_INT)bn_sub_words(c_d,r_d,_nist_p_192[0],BN_NIST_192_TOP);
mask &= 0-(PTR_SIZE_INT)carry;
+ res = c_d;
res = (BN_ULONG *)
- (((PTR_SIZE_INT)c_d&~mask) | ((PTR_SIZE_INT)r_d&mask));
+ (((PTR_SIZE_INT)res&~mask) | ((PTR_SIZE_INT)r_d&mask));
nist_cp_bn(r_d, res, BN_NIST_192_TOP);
r->top = BN_NIST_192_TOP;
bn_correct_top(r);
@@ -479,8 +479,11 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
int top = a->top, i;
int carry;
BN_ULONG *r_d, *a_d = a->d;
- BN_ULONG buf[BN_NIST_224_TOP],
- c_d[BN_NIST_224_TOP],
+ union {
+ BN_ULONG bn[BN_NIST_224_TOP];
+ unsigned int ui[BN_NIST_224_TOP*sizeof(BN_ULONG)/sizeof(unsigned int)];
+ } buf;
+ BN_ULONG c_d[BN_NIST_224_TOP],
*res;
PTR_SIZE_INT mask;
union { bn_addsub_f f; PTR_SIZE_INT p; } u;
@@ -519,18 +522,18 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
/* copy upper 256 bits of 448 bit number ... */
nist_cp_bn_0(c_d, a_d + (BN_NIST_224_TOP-1), top - (BN_NIST_224_TOP-1), BN_NIST_224_TOP);
/* ... and right shift by 32 to obtain upper 224 bits */
- nist_set_224(buf, c_d, 14, 13, 12, 11, 10, 9, 8);
+ nist_set_224(buf.bn, c_d, 14, 13, 12, 11, 10, 9, 8);
/* truncate lower part to 224 bits too */
r_d[BN_NIST_224_TOP-1] &= BN_MASK2l;
#else
- nist_cp_bn_0(buf, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP, BN_NIST_224_TOP);
+ nist_cp_bn_0(buf.bn, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP, BN_NIST_224_TOP);
#endif
#if defined(NIST_INT64) && BN_BITS2!=64
{
NIST_INT64 acc; /* accumulator */
unsigned int *rp=(unsigned int *)r_d;
- const unsigned int *bp=(const unsigned int *)buf;
+ const unsigned int *bp=(const unsigned int *)buf.ui;
acc = rp[0]; acc -= bp[7-7];
acc -= bp[11-7]; rp[0] = (unsigned int)acc; acc >>= 32;
@@ -565,13 +568,13 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
{
BN_ULONG t_d[BN_NIST_224_TOP];
- nist_set_224(t_d, buf, 10, 9, 8, 7, 0, 0, 0);
+ nist_set_224(t_d, buf.bn, 10, 9, 8, 7, 0, 0, 0);
carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
- nist_set_224(t_d, buf, 0, 13, 12, 11, 0, 0, 0);
+ nist_set_224(t_d, buf.bn, 0, 13, 12, 11, 0, 0, 0);
carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
- nist_set_224(t_d, buf, 13, 12, 11, 10, 9, 8, 7);
+ nist_set_224(t_d, buf.bn, 13, 12, 11, 10, 9, 8, 7);
carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
- nist_set_224(t_d, buf, 0, 0, 0, 0, 13, 12, 11);
+ nist_set_224(t_d, buf.bn, 0, 0, 0, 0, 13, 12, 11);
carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
#if BN_BITS2==64
@@ -606,7 +609,8 @@ int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
/* otherwise it's effectively same as in BN_nist_mod_192... */
mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_224[0],BN_NIST_224_TOP);
mask &= 0-(PTR_SIZE_INT)carry;
- res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
+ res = c_d;
+ res = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
((PTR_SIZE_INT)r_d&mask));
nist_cp_bn(r_d, res, BN_NIST_224_TOP);
r->top = BN_NIST_224_TOP;
@@ -805,7 +809,8 @@ int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_256[0],BN_NIST_256_TOP);
mask &= 0-(PTR_SIZE_INT)carry;
- res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
+ res = c_d;
+ res = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
((PTR_SIZE_INT)r_d&mask));
nist_cp_bn(r_d, res, BN_NIST_256_TOP);
r->top = BN_NIST_256_TOP;
@@ -1026,7 +1031,8 @@ int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
mask = 0-(PTR_SIZE_INT)(*u.f)(c_d,r_d,_nist_p_384[0],BN_NIST_384_TOP);
mask &= 0-(PTR_SIZE_INT)carry;
- res = (BN_ULONG *)(((PTR_SIZE_INT)c_d&~mask) |
+ res = c_d;
+ res = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
((PTR_SIZE_INT)r_d&mask));
nist_cp_bn(r_d, res, BN_NIST_384_TOP);
r->top = BN_NIST_384_TOP;
@@ -1092,7 +1098,8 @@ int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
bn_add_words(r_d,r_d,t_d,BN_NIST_521_TOP);
mask = 0-(PTR_SIZE_INT)bn_sub_words(t_d,r_d,_nist_p_521,BN_NIST_521_TOP);
- res = (BN_ULONG *)(((PTR_SIZE_INT)t_d&~mask) |
+ res = t_d;
+ res = (BN_ULONG *)(((PTR_SIZE_INT)res&~mask) |
((PTR_SIZE_INT)r_d&mask));
nist_cp_bn(r_d,res,BN_NIST_521_TOP);
r->top = BN_NIST_521_TOP;
diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
index d7aa79ad7f0a..d4a4ce43b3f2 100644
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@@ -179,14 +179,14 @@ int BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
return(len);
}
-void BUF_reverse(unsigned char *out, unsigned char *in, size_t size)
+void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size)
{
size_t i;
if (in)
{
out += size - 1;
for (i = 0; i < size; i++)
- *in++ = *out--;
+ *out-- = *in++;
}
else
{
diff --git a/crypto/buffer/buffer.h b/crypto/buffer/buffer.h
index 178e418282b2..f8da32b48507 100644
--- a/crypto/buffer/buffer.h
+++ b/crypto/buffer/buffer.h
@@ -88,7 +88,7 @@ int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
char * BUF_strdup(const char *str);
char * BUF_strndup(const char *str, size_t siz);
void * BUF_memdup(const void *data, size_t siz);
-void BUF_reverse(unsigned char *out, unsigned char *in, size_t siz);
+void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
/* safe string functions */
size_t BUF_strlcpy(char *dst,const char *src,size_t siz);
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index 83909c185359..0ce4524076f1 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -88,7 +88,7 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
if (!pstr)
return 0;
pstr->length = i2d_ECParameters(ec_key, &pstr->data);
- if (pstr->length < 0)
+ if (pstr->length <= 0)
{
ASN1_STRING_free(pstr);
ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB);
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 175eec53428b..145807b611a5 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -89,7 +89,8 @@ int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
if (group == NULL)
return 0;
- if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
+ NID_X9_62_characteristic_two_field
|| !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0)))
{
ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
@@ -107,7 +108,8 @@ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
if (group == NULL)
return 0;
- if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
+ NID_X9_62_characteristic_two_field
|| !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0)))
{
ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 25247b580332..de9a0cc2b37e 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -480,10 +480,10 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx)
if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) !=
EC_METHOD_get_field_type(EC_GROUP_method_of(b)))
return 1;
- /* compare the curve name (if present) */
+ /* compare the curve name (if present in both) */
if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) &&
- EC_GROUP_get_curve_name(a) == EC_GROUP_get_curve_name(b))
- return 0;
+ EC_GROUP_get_curve_name(a) != EC_GROUP_get_curve_name(b))
+ return 1;
if (!ctx)
ctx_new = ctx = BN_CTX_new();
@@ -993,12 +993,12 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN
if (group->meth->point_cmp == 0)
{
ECerr(EC_F_EC_POINT_CMP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return 0;
+ return -1;
}
if ((group->meth != a->meth) || (a->meth != b->meth))
{
ECerr(EC_F_EC_POINT_CMP, EC_R_INCOMPATIBLE_OBJECTS);
- return 0;
+ return -1;
}
return group->meth->point_cmp(group, a, b, ctx);
}
diff --git a/crypto/engine/eng_rdrand.c b/crypto/engine/eng_rdrand.c
index a9ba5ae6f9ff..4e9e91d54b13 100644
--- a/crypto/engine/eng_rdrand.c
+++ b/crypto/engine/eng_rdrand.c
@@ -104,6 +104,7 @@ static int bind_helper(ENGINE *e)
{
if (!ENGINE_set_id(e, engine_e_rdrand_id) ||
!ENGINE_set_name(e, engine_e_rdrand_name) ||
+ !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) ||
!ENGINE_set_init_function(e, rdrand_init) ||
!ENGINE_set_RAND(e, &rdrand_meth) )
return 0;
diff --git a/crypto/evp/Makefile b/crypto/evp/Makefile
index 1e46cebf5e76..5d0c6b7db4c9 100644
--- a/crypto/evp/Makefile
+++ b/crypto/evp/Makefile
@@ -67,7 +67,7 @@ files:
links:
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
- [ ! -f $(TESTDATA) ] || cp $(TESTDATA) ../../test
+ @[ -f $(TESTDATA) ] && cp $(TESTDATA) ../../test && echo "$(TESTDATA) -> ../../test/$(TESTDATA)"
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 6fc469f9c452..d14e8e48d5af 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -366,8 +366,11 @@ int EVP_Digest(const void *data, size_t count,
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
{
- EVP_MD_CTX_cleanup(ctx);
- OPENSSL_free(ctx);
+ if (ctx)
+ {
+ EVP_MD_CTX_cleanup(ctx);
+ OPENSSL_free(ctx);
+ }
}
/* This call frees resources associated with the context */
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 1bfb5d92b340..c7869b69efe2 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -842,7 +842,10 @@ static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
gctx->ctr = NULL;
break;
}
+ else
#endif
+ (void)0; /* terminate potentially open 'else' */
+
AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f)AES_encrypt);
#ifdef AES_CTR_ASM
@@ -1083,14 +1086,17 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
xctx->xts.block1 = (block128_f)vpaes_decrypt;
}
- vpaes_set_encrypt_key(key + ctx->key_len/2,
+ vpaes_set_encrypt_key(key + ctx->key_len/2,
ctx->key_len * 4, &xctx->ks2);
- xctx->xts.block2 = (block128_f)vpaes_encrypt;
+ xctx->xts.block2 = (block128_f)vpaes_encrypt;
- xctx->xts.key1 = &xctx->ks1;
- break;
- }
+ xctx->xts.key1 = &xctx->ks1;
+ break;
+ }
+ else
#endif
+ (void)0; /* terminate potentially open 'else' */
+
if (enc)
{
AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
diff --git a/crypto/evp/e_aes_cbc_hmac_sha1.c b/crypto/evp/e_aes_cbc_hmac_sha1.c
index 483e04b605b7..fb2c884a7860 100644
--- a/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ b/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -328,10 +328,11 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (res!=SHA_CBLOCK) continue;
- mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
+ /* j is not incremented yet */
+ mask = 0-((inp_len+7-j)>>(sizeof(j)*8-1));
data->u[SHA_LBLOCK-1] |= bitlen&mask;
sha1_block_data_order(&key->md,data,1);
- mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
+ mask &= 0-((j-inp_len-72)>>(sizeof(j)*8-1));
pmac->u[0] |= key->md.h0 & mask;
pmac->u[1] |= key->md.h1 & mask;
pmac->u[2] |= key->md.h2 & mask;
diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index 1e699726627d..8d7b7de292bc 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -101,7 +101,7 @@ static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
{
- if (inl>=EVP_MAXCHUNK)
+ while (inl>=EVP_MAXCHUNK)
{
DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
&data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
@@ -132,7 +132,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
printf("\n");
}
#endif /* KSSL_DEBUG */
- if (inl>=EVP_MAXCHUNK)
+ while (inl>=EVP_MAXCHUNK)
{
DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
&data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
@@ -151,7 +151,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl)
{
- if (inl>=EVP_MAXCHUNK)
+ while (inl>=EVP_MAXCHUNK)
{
DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
&data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index 975d004df473..fe3c6c8813cb 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -85,19 +85,24 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
int cplen, j, k, tkeylen, mdlen;
unsigned long i = 1;
- HMAC_CTX hctx;
+ HMAC_CTX hctx_tpl, hctx;
mdlen = EVP_MD_size(digest);
if (mdlen < 0)
return 0;
- HMAC_CTX_init(&hctx);
+ HMAC_CTX_init(&hctx_tpl);
p = out;
tkeylen = keylen;
if(!pass)
passlen = 0;
else if(passlen == -1)
passlen = strlen(pass);
+ if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL))
+ {
+ HMAC_CTX_cleanup(&hctx_tpl);
+ return 0;
+ }
while(tkeylen)
{
if(tkeylen > mdlen)
@@ -111,19 +116,36 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
itmp[1] = (unsigned char)((i >> 16) & 0xff);
itmp[2] = (unsigned char)((i >> 8) & 0xff);
itmp[3] = (unsigned char)(i & 0xff);
- if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL)
- || !HMAC_Update(&hctx, salt, saltlen)
- || !HMAC_Update(&hctx, itmp, 4)
- || !HMAC_Final(&hctx, digtmp, NULL))
+ if (!HMAC_CTX_copy(&hctx, &hctx_tpl))
{
+ HMAC_CTX_cleanup(&hctx_tpl);
+ return 0;
+ }
+ if (!HMAC_Update(&hctx, salt, saltlen)
+ || !HMAC_Update(&hctx, itmp, 4)
+ || !HMAC_Final(&hctx, digtmp, NULL))
+ {
+ HMAC_CTX_cleanup(&hctx_tpl);
HMAC_CTX_cleanup(&hctx);
return 0;
}
+ HMAC_CTX_cleanup(&hctx);
memcpy(p, digtmp, cplen);
for(j = 1; j < iter; j++)
{
- HMAC(digest, pass, passlen,
- digtmp, mdlen, digtmp, NULL);
+ if (!HMAC_CTX_copy(&hctx, &hctx_tpl))
+ {
+ HMAC_CTX_cleanup(&hctx_tpl);
+ return 0;
+ }
+ if (!HMAC_Update(&hctx, digtmp, mdlen)
+ || !HMAC_Final(&hctx, digtmp, NULL))
+ {
+ HMAC_CTX_cleanup(&hctx_tpl);
+ HMAC_CTX_cleanup(&hctx);
+ return 0;
+ }
+ HMAC_CTX_cleanup(&hctx);
for(k = 0; k < cplen; k++)
p[k] ^= digtmp[k];
}
@@ -131,7 +153,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
i++;
p+= cplen;
}
- HMAC_CTX_cleanup(&hctx);
+ HMAC_CTX_cleanup(&hctx_tpl);
#ifdef DEBUG_PKCS5V2
fprintf(stderr, "Password:\n");
h__dump (pass, passlen);
diff --git a/crypto/modes/Makefile b/crypto/modes/Makefile
index c825b12f2585..3d8bafd5716c 100644
--- a/crypto/modes/Makefile
+++ b/crypto/modes/Makefile
@@ -53,7 +53,10 @@ ghash-x86_64.s: asm/ghash-x86_64.pl
ghash-sparcv9.s: asm/ghash-sparcv9.pl
$(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS)
ghash-alpha.s: asm/ghash-alpha.pl
- $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
+ (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+ $(PERL) asm/ghash-alpha.pl > $$preproc && \
+ $(CC) -E $$preproc > $@ && rm $$preproc)
+
ghash-parisc.s: asm/ghash-parisc.pl
$(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
diff --git a/crypto/modes/asm/ghash-parisc.pl b/crypto/modes/asm/ghash-parisc.pl
index 8c7454ee9340..d5ad96b40335 100755
--- a/crypto/modes/asm/ghash-parisc.pl
+++ b/crypto/modes/asm/ghash-parisc.pl
@@ -724,6 +724,7 @@ foreach (split("\n",$code)) {
s/cmpb,\*/comb,/;
s/,\*/,/;
}
+ s/\bbv\b/bve/ if ($SIZE_T==8);
print $_,"\n";
}
diff --git a/crypto/modes/cbc128.c b/crypto/modes/cbc128.c
index 3d3782cbe118..0e54f75470b2 100644
--- a/crypto/modes/cbc128.c
+++ b/crypto/modes/cbc128.c
@@ -117,7 +117,7 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
unsigned char ivec[16], block128_f block)
{
size_t n;
- union { size_t align; unsigned char c[16]; } tmp;
+ union { size_t t[16/sizeof(size_t)]; unsigned char c[16]; } tmp;
assert(in && out && key && ivec);
@@ -137,11 +137,13 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
out += 16;
}
}
- else {
+ else if (16%sizeof(size_t) == 0) { /* always true */
while (len>=16) {
+ size_t *out_t=(size_t *)out, *iv_t=(size_t *)iv;
+
(*block)(in, out, key);
- for(n=0; n<16; n+=sizeof(size_t))
- *(size_t *)(out+n) ^= *(size_t *)(iv+n);
+ for(n=0; n<16/sizeof(size_t); n++)
+ out_t[n] ^= iv_t[n];
iv = in;
len -= 16;
in += 16;
@@ -165,15 +167,16 @@ void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
out += 16;
}
}
- else {
- size_t c;
+ else if (16%sizeof(size_t) == 0) { /* always true */
while (len>=16) {
+ size_t c, *out_t=(size_t *)out, *ivec_t=(size_t *)ivec;
+ const size_t *in_t=(const size_t *)in;
+
(*block)(in, tmp.c, key);
- for(n=0; n<16; n+=sizeof(size_t)) {
- c = *(size_t *)(in+n);
- *(size_t *)(out+n) =
- *(size_t *)(tmp.c+n) ^ *(size_t *)(ivec+n);
- *(size_t *)(ivec+n) = c;
+ for(n=0; n<16/sizeof(size_t); n++) {
+ c = in_t[n];
+ out_t[n] = tmp.t[n] ^ ivec_t[n];
+ ivec_t[n] = c;
}
len -= 16;
in += 16;
diff --git a/crypto/modes/ccm128.c b/crypto/modes/ccm128.c
index c9b35e5b35e5..3ce11d0d984c 100644
--- a/crypto/modes/ccm128.c
+++ b/crypto/modes/ccm128.c
@@ -87,7 +87,7 @@ int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
ctx->nonce.c[11] = (u8)(mlen>>(32%(sizeof(mlen)*8)));
}
else
- *(u32*)(&ctx->nonce.c[8]) = 0;
+ ctx->nonce.u[1] = 0;
ctx->nonce.c[12] = (u8)(mlen>>24);
ctx->nonce.c[13] = (u8)(mlen>>16);
diff --git a/crypto/modes/cts128.c b/crypto/modes/cts128.c
index c0e1f3696c6c..2d583de6f61d 100644
--- a/crypto/modes/cts128.c
+++ b/crypto/modes/cts128.c
@@ -108,12 +108,8 @@ size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
(*cbc)(in,out-16,residue,key,ivec,1);
memcpy(out,tmp.c,residue);
#else
- {
- size_t n;
- for (n=0; n<16; n+=sizeof(size_t))
- *(size_t *)(tmp.c+n) = 0;
+ memset(tmp.c,0,sizeof(tmp));
memcpy(tmp.c,in,residue);
- }
memcpy(out,out-16,residue);
(*cbc)(tmp.c,out-16,16,key,ivec,1);
#endif
@@ -144,12 +140,8 @@ size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
#if defined(CBC_HANDLES_TRUNCATED_IO)
(*cbc)(in,out-16+residue,residue,key,ivec,1);
#else
- {
- size_t n;
- for (n=0; n<16; n+=sizeof(size_t))
- *(size_t *)(tmp.c+n) = 0;
+ memset(tmp.c,0,sizeof(tmp));
memcpy(tmp.c,in,residue);
- }
(*cbc)(tmp.c,out-16+residue,16,key,ivec,1);
#endif
return len+residue;
@@ -177,8 +169,7 @@ size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
(*block)(in,tmp.c+16,key);
- for (n=0; n<16; n+=sizeof(size_t))
- *(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n);
+ memcpy(tmp.c,tmp.c+16,16);
memcpy(tmp.c,in+16,residue);
(*block)(tmp.c,tmp.c,key);
@@ -220,8 +211,7 @@ size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *o
(*block)(in+residue,tmp.c+16,key);
- for (n=0; n<16; n+=sizeof(size_t))
- *(size_t *)(tmp.c+n) = *(size_t *)(tmp.c+16+n);
+ memcpy(tmp.c,tmp.c+16,16);
memcpy(tmp.c,in,residue);
(*block)(tmp.c,tmp.c,key);
@@ -240,7 +230,7 @@ size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *o
size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], cbc128_f cbc)
-{ size_t residue, n;
+{ size_t residue;
union { size_t align; unsigned char c[32]; } tmp;
assert (in && out && key && ivec);
@@ -257,8 +247,7 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
out += len;
}
- for (n=16; n<32; n+=sizeof(size_t))
- *(size_t *)(tmp.c+n) = 0;
+ memset(tmp.c,0,sizeof(tmp));
/* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
(*cbc)(in,tmp.c,16,key,tmp.c+16,0);
@@ -275,7 +264,7 @@ size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
size_t len, const void *key,
unsigned char ivec[16], cbc128_f cbc)
-{ size_t residue, n;
+{ size_t residue;
union { size_t align; unsigned char c[32]; } tmp;
assert (in && out && key && ivec);
@@ -297,8 +286,7 @@ size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
out += len;
}
- for (n=16; n<32; n+=sizeof(size_t))
- *(size_t *)(tmp.c+n) = 0;
+ memset(tmp.c,0,sizeof(tmp));
/* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
(*cbc)(in+residue,tmp.c,16,key,tmp.c+16,0);
diff --git a/crypto/modes/gcm128.c b/crypto/modes/gcm128.c
index 0e6ff8b0a155..250063de86cc 100644
--- a/crypto/modes/gcm128.c
+++ b/crypto/modes/gcm128.c
@@ -941,15 +941,17 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
size_t j=GHASH_CHUNK;
while (j) {
+ size_t *out_t=(size_t *)out;
+ const size_t *in_t=(const size_t *)in;
+
(*block)(ctx->Yi.c,ctx->EKi.c,key);
++ctr;
if (is_endian.little)
PUTU32(ctx->Yi.c+12,ctr);
else
ctx->Yi.d[3] = ctr;
- for (i=0; i<16; i+=sizeof(size_t))
- *(size_t *)(out+i) =
- *(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
+ for (i=0; i<16/sizeof(size_t); ++i)
+ out_t[i] = in_t[i] ^ ctx->EKi.t[i];
out += 16;
in += 16;
j -= 16;
@@ -961,15 +963,17 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
size_t j=i;
while (len>=16) {
+ size_t *out_t=(size_t *)out;
+ const size_t *in_t=(const size_t *)in;
+
(*block)(ctx->Yi.c,ctx->EKi.c,key);
++ctr;
if (is_endian.little)
PUTU32(ctx->Yi.c+12,ctr);
else
ctx->Yi.d[3] = ctr;
- for (i=0; i<16; i+=sizeof(size_t))
- *(size_t *)(out+i) =
- *(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
+ for (i=0; i<16/sizeof(size_t); ++i)
+ out_t[i] = in_t[i] ^ ctx->EKi.t[i];
out += 16;
in += 16;
len -= 16;
@@ -978,16 +982,18 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
}
#else
while (len>=16) {
+ size_t *out_t=(size_t *)out;
+ const size_t *in_t=(const size_t *)in;
+
(*block)(ctx->Yi.c,ctx->EKi.c,key);
++ctr;
if (is_endian.little)
PUTU32(ctx->Yi.c+12,ctr);
else
ctx->Yi.d[3] = ctr;
- for (i=0; i<16; i+=sizeof(size_t))
- *(size_t *)(ctx->Xi.c+i) ^=
- *(size_t *)(out+i) =
- *(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
+ for (i=0; i<16/sizeof(size_t); ++i)
+ ctx->Xi.t[i] ^=
+ out_t[i] = in_t[i]^ctx->EKi.t[i];
GCM_MUL(ctx,Xi);
out += 16;
in += 16;
@@ -1091,15 +1097,17 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
GHASH(ctx,in,GHASH_CHUNK);
while (j) {
+ size_t *out_t=(size_t *)out;
+ const size_t *in_t=(const size_t *)in;
+
(*block)(ctx->Yi.c,ctx->EKi.c,key);
++ctr;
if (is_endian.little)
PUTU32(ctx->Yi.c+12,ctr);
else
ctx->Yi.d[3] = ctr;
- for (i=0; i<16; i+=sizeof(size_t))
- *(size_t *)(out+i) =
- *(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
+ for (i=0; i<16/sizeof(size_t); ++i)
+ out_t[i] = in_t[i]^ctx->EKi.t[i];
out += 16;
in += 16;
j -= 16;
@@ -1109,15 +1117,17 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
if ((i = (len&(size_t)-16))) {
GHASH(ctx,in,i);
while (len>=16) {
+ size_t *out_t=(size_t *)out;
+ const size_t *in_t=(const size_t *)in;
+
(*block)(ctx->Yi.c,ctx->EKi.c,key);
++ctr;
if (is_endian.little)
PUTU32(ctx->Yi.c+12,ctr);
else
ctx->Yi.d[3] = ctr;
- for (i=0; i<16; i+=sizeof(size_t))
- *(size_t *)(out+i) =
- *(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i);
+ for (i=0; i<16/sizeof(size_t); ++i)
+ out_t[i] = in_t[i]^ctx->EKi.t[i];
out += 16;
in += 16;
len -= 16;
@@ -1125,16 +1135,19 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
}
#else
while (len>=16) {
+ size_t *out_t=(size_t *)out;
+ const size_t *in_t=(const size_t *)in;
+
(*block)(ctx->Yi.c,ctx->EKi.c,key);
++ctr;
if (is_endian.little)
PUTU32(ctx->Yi.c+12,ctr);
else
ctx->Yi.d[3] = ctr;
- for (i=0; i<16; i+=sizeof(size_t)) {
- size_t c = *(size_t *)(in+i);
- *(size_t *)(out+i) = c^*(size_t *)(ctx->EKi.c+i);
- *(size_t *)(ctx->Xi.c+i) ^= c;
+ for (i=0; i<16/sizeof(size_t); ++i) {
+ size_t c = in[i];
+ out[i] = c^ctx->EKi.t[i];
+ ctx->Xi.t[i] ^= c;
}
GCM_MUL(ctx,Xi);
out += 16;
@@ -1669,6 +1682,46 @@ static const u8 IV18[]={0x93,0x13,0x22,0x5d,0xf8,0x84,0x06,0xe5,0x55,0x90,0x9c,0
0xa2,0x41,0x89,0x97,0x20,0x0e,0xf8,0x2e,0x44,0xae,0x7e,0x3f},
T18[]= {0xa4,0x4a,0x82,0x66,0xee,0x1c,0x8e,0xb0,0xc8,0xb5,0xd4,0xcf,0x5a,0xe9,0xf1,0x9a};
+/* Test Case 19 */
+#define K19 K1
+#define P19 P1
+#define IV19 IV1
+#define C19 C1
+static const u8 A19[]= {0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a,
+ 0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72,
+ 0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25,
+ 0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39,0x1a,0xaf,0xd2,0x55,
+ 0x52,0x2d,0xc1,0xf0,0x99,0x56,0x7d,0x07,0xf4,0x7f,0x37,0xa3,0x2a,0x84,0x42,0x7d,
+ 0x64,0x3a,0x8c,0xdc,0xbf,0xe5,0xc0,0xc9,0x75,0x98,0xa2,0xbd,0x25,0x55,0xd1,0xaa,
+ 0x8c,0xb0,0x8e,0x48,0x59,0x0d,0xbb,0x3d,0xa7,0xb0,0x8b,0x10,0x56,0x82,0x88,0x38,
+ 0xc5,0xf6,0x1e,0x63,0x93,0xba,0x7a,0x0a,0xbc,0xc9,0xf6,0x62,0x89,0x80,0x15,0xad},
+ T19[]= {0x5f,0xea,0x79,0x3a,0x2d,0x6f,0x97,0x4d,0x37,0xe6,0x8e,0x0c,0xb8,0xff,0x94,0x92};
+
+/* Test Case 20 */
+#define K20 K1
+#define A20 A1
+static const u8 IV20[64]={0xff,0xff,0xff,0xff}, /* this results in 0xff in counter LSB */
+ P20[288],
+ C20[]= {0x56,0xb3,0x37,0x3c,0xa9,0xef,0x6e,0x4a,0x2b,0x64,0xfe,0x1e,0x9a,0x17,0xb6,0x14,
+ 0x25,0xf1,0x0d,0x47,0xa7,0x5a,0x5f,0xce,0x13,0xef,0xc6,0xbc,0x78,0x4a,0xf2,0x4f,
+ 0x41,0x41,0xbd,0xd4,0x8c,0xf7,0xc7,0x70,0x88,0x7a,0xfd,0x57,0x3c,0xca,0x54,0x18,
+ 0xa9,0xae,0xff,0xcd,0x7c,0x5c,0xed,0xdf,0xc6,0xa7,0x83,0x97,0xb9,0xa8,0x5b,0x49,
+ 0x9d,0xa5,0x58,0x25,0x72,0x67,0xca,0xab,0x2a,0xd0,0xb2,0x3c,0xa4,0x76,0xa5,0x3c,
+ 0xb1,0x7f,0xb4,0x1c,0x4b,0x8b,0x47,0x5c,0xb4,0xf3,0xf7,0x16,0x50,0x94,0xc2,0x29,
+ 0xc9,0xe8,0xc4,0xdc,0x0a,0x2a,0x5f,0xf1,0x90,0x3e,0x50,0x15,0x11,0x22,0x13,0x76,
+ 0xa1,0xcd,0xb8,0x36,0x4c,0x50,0x61,0xa2,0x0c,0xae,0x74,0xbc,0x4a,0xcd,0x76,0xce,
+ 0xb0,0xab,0xc9,0xfd,0x32,0x17,0xef,0x9f,0x8c,0x90,0xbe,0x40,0x2d,0xdf,0x6d,0x86,
+ 0x97,0xf4,0xf8,0x80,0xdf,0xf1,0x5b,0xfb,0x7a,0x6b,0x28,0x24,0x1e,0xc8,0xfe,0x18,
+ 0x3c,0x2d,0x59,0xe3,0xf9,0xdf,0xff,0x65,0x3c,0x71,0x26,0xf0,0xac,0xb9,0xe6,0x42,
+ 0x11,0xf4,0x2b,0xae,0x12,0xaf,0x46,0x2b,0x10,0x70,0xbe,0xf1,0xab,0x5e,0x36,0x06,
+ 0x87,0x2c,0xa1,0x0d,0xee,0x15,0xb3,0x24,0x9b,0x1a,0x1b,0x95,0x8f,0x23,0x13,0x4c,
+ 0x4b,0xcc,0xb7,0xd0,0x32,0x00,0xbc,0xe4,0x20,0xa2,0xf8,0xeb,0x66,0xdc,0xf3,0x64,
+ 0x4d,0x14,0x23,0xc1,0xb5,0x69,0x90,0x03,0xc1,0x3e,0xce,0xf4,0xbf,0x38,0xa3,0xb6,
+ 0x0e,0xed,0xc3,0x40,0x33,0xba,0xc1,0x90,0x27,0x83,0xdc,0x6d,0x89,0xe2,0xe7,0x74,
+ 0x18,0x8a,0x43,0x9c,0x7e,0xbc,0xc0,0x67,0x2d,0xbd,0xa4,0xdd,0xcf,0xb2,0x79,0x46,
+ 0x13,0xb0,0xbe,0x41,0x31,0x5e,0xf7,0x78,0x70,0x8a,0x70,0xee,0x7d,0x75,0x16,0x5c},
+ T20[]= {0x8b,0x30,0x7f,0x6b,0x33,0x28,0x6d,0x0a,0xb0,0x26,0xa9,0xed,0x3f,0xe1,0xe8,0x5f};
+
#define TEST_CASE(n) do { \
u8 out[sizeof(P##n)]; \
AES_set_encrypt_key(K##n,sizeof(K##n)*8,&key); \
@@ -1713,6 +1766,8 @@ int main()
TEST_CASE(16);
TEST_CASE(17);
TEST_CASE(18);
+ TEST_CASE(19);
+ TEST_CASE(20);
#ifdef OPENSSL_CPUID_OBJ
{
@@ -1743,11 +1798,16 @@ int main()
ctr_t/(double)sizeof(buf),
(gcm_t-ctr_t)/(double)sizeof(buf));
#ifdef GHASH
- GHASH(&ctx,buf.c,sizeof(buf));
+ {
+ void (*gcm_ghash_p)(u64 Xi[2],const u128 Htable[16],
+ const u8 *inp,size_t len) = ctx.ghash;
+
+ GHASH((&ctx),buf.c,sizeof(buf));
start = OPENSSL_rdtsc();
- for (i=0;i<100;++i) GHASH(&ctx,buf.c,sizeof(buf));
+ for (i=0;i<100;++i) GHASH((&ctx),buf.c,sizeof(buf));
gcm_t = OPENSSL_rdtsc() - start;
printf("%.2f\n",gcm_t/(double)sizeof(buf)/(double)i);
+ }
#endif
}
#endif
diff --git a/crypto/modes/modes_lcl.h b/crypto/modes/modes_lcl.h
index b6dc3c336fe0..9d83e128444e 100644
--- a/crypto/modes/modes_lcl.h
+++ b/crypto/modes/modes_lcl.h
@@ -29,10 +29,7 @@ typedef unsigned char u8;
#if defined(__i386) || defined(__i386__) || \
defined(__x86_64) || defined(__x86_64__) || \
defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \
- defined(__s390__) || defined(__s390x__) || \
- ( (defined(__arm__) || defined(__arm)) && \
- (defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__) || \
- defined(__ARM_ARCH_7R__) || defined(__ARM_ARCH_7M__)) )
+ defined(__s390__) || defined(__s390x__)
# undef STRICT_ALIGNMENT
#endif
@@ -101,8 +98,8 @@ typedef struct { u64 hi,lo; } u128;
struct gcm128_context {
/* Following 6 names follow names in GCM specification */
- union { u64 u[2]; u32 d[4]; u8 c[16]; } Yi,EKi,EK0,len,
- Xi,H;
+ union { u64 u[2]; u32 d[4]; u8 c[16]; size_t t[16/sizeof(size_t)]; }
+ Yi,EKi,EK0,len,Xi,H;
/* Relative position of Xi, H and pre-computed Htable is used
* in some assembler modules, i.e. don't change the order! */
#if TABLE_BITS==8
diff --git a/crypto/opensslv.h b/crypto/opensslv.h
index 5bc8e53e66ad..b27a5bb8c04c 100644
--- a/crypto/opensslv.h
+++ b/crypto/opensslv.h
@@ -25,11 +25,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-#define OPENSSL_VERSION_NUMBER 0x1000105fL
+#define OPENSSL_VERSION_NUMBER 0x1000106fL
#ifdef OPENSSL_FIPS
-#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e-fips 11 Feb 2013"
+#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1f-fips 6 Jan 2014"
#else
-#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1e 11 Feb 2013"
+#define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1f 6 Jan 2014"
#endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff --git a/crypto/pariscid.pl b/crypto/pariscid.pl
index 477ec9b87dd7..bfc56fdc7fc0 100755
--- a/crypto/pariscid.pl
+++ b/crypto/pariscid.pl
@@ -97,33 +97,33 @@ OPENSSL_cleanse
.PROC
.CALLINFO NO_CALLS
.ENTRY
- cmpib,*= 0,$len,Ldone
+ cmpib,*= 0,$len,L\$done
nop
- cmpib,*>>= 15,$len,Little
+ cmpib,*>>= 15,$len,L\$ittle
ldi $SIZE_T-1,%r1
-Lalign
+L\$align
and,*<> $inp,%r1,%r28
- b,n Laligned
+ b,n L\$aligned
stb %r0,0($inp)
ldo -1($len),$len
- b Lalign
+ b L\$align
ldo 1($inp),$inp
-Laligned
+L\$aligned
andcm $len,%r1,%r28
-Lot
+L\$ot
$ST %r0,0($inp)
- addib,*<> -$SIZE_T,%r28,Lot
+ addib,*<> -$SIZE_T,%r28,L\$ot
ldo $SIZE_T($inp),$inp
and,*<> $len,%r1,$len
- b,n Ldone
-Little
+ b,n L\$done
+L\$ittle
stb %r0,0($inp)
- addib,*<> -1,$len,Little
+ addib,*<> -1,$len,L\$ittle
ldo 1($inp),$inp
-Ldone
+L\$done
bv ($rp)
.EXIT
nop
@@ -151,7 +151,7 @@ OPENSSL_instrument_bus
ldw 0($out),$tick
add $diff,$tick,$tick
stw $tick,0($out)
-Loop
+L\$oop
mfctl %cr16,$tick
sub $tick,$lasttick,$diff
copy $tick,$lasttick
@@ -161,7 +161,7 @@ Loop
add $diff,$tick,$tick
stw $tick,0($out)
- addib,<> -1,$cnt,Loop
+ addib,<> -1,$cnt,L\$oop
addi 4,$out,$out
bv ($rp)
@@ -190,14 +190,14 @@ OPENSSL_instrument_bus2
mfctl %cr16,$tick
sub $tick,$lasttick,$diff
copy $tick,$lasttick
-Loop2
+L\$oop2
copy $diff,$lastdiff
fdc 0($out)
ldw 0($out),$tick
add $diff,$tick,$tick
stw $tick,0($out)
- addib,= -1,$max,Ldone2
+ addib,= -1,$max,L\$done2
nop
mfctl %cr16,$tick
@@ -208,17 +208,18 @@ Loop2
ldi 1,%r1
xor %r1,$tick,$tick
- addb,<> $tick,$cnt,Loop2
+ addb,<> $tick,$cnt,L\$oop2
shladd,l $tick,2,$out,$out
-Ldone2
+L\$done2
bv ($rp)
.EXIT
add $rv,$cnt,$rv
.PROCEND
___
}
-$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
-$code =~ s/,\*/,/gm if ($SIZE_T==4);
+$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
+$code =~ s/,\*/,/gm if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm if ($SIZE_T==8);
print $code;
close STDOUT;
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index 1b2be527edde..cc7f24a9c1cf 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -167,6 +167,7 @@ start:
#ifndef OPENSSL_NO_RSA
if (strcmp(name,PEM_STRING_RSA) == 0)
{
+ d2i=(D2I_OF(void))d2i_RSAPrivateKey;
if (xi->x_pkey != NULL)
{
if (!sk_X509_INFO_push(ret,xi)) goto err;
diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c
index 96b131defa0c..a34915d02d14 100644
--- a/crypto/pkcs12/p12_crt.c
+++ b/crypto/pkcs12/p12_crt.c
@@ -90,7 +90,14 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
/* Set defaults */
if (!nid_cert)
+ {
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+ else
+#endif
nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
+ }
if (!nid_key)
nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
if (!iter)
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 1e3bcb9bc426..dd291637275d 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -380,8 +380,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
* are fed into the hash function and the results are kept in the
* global 'md'.
*/
-
- CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+#ifdef OPENSSL_FIPS
+ /* NB: in FIPS mode we are already under a lock */
+ if (!FIPS_mode())
+#endif
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
@@ -460,7 +463,10 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
/* before unlocking, we must clear 'crypto_lock_rand' */
crypto_lock_rand = 0;
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+#ifdef OPENSSL_FIPS
+ if (!FIPS_mode())
+#endif
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
while (num > 0)
{
@@ -512,10 +518,16 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo)
MD_Init(&m);
MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
MD_Update(&m,local_md,MD_DIGEST_LENGTH);
- CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+#ifdef OPENSSL_FIPS
+ if (!FIPS_mode())
+#endif
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
MD_Update(&m,md,MD_DIGEST_LENGTH);
MD_Final(&m,md);
- CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+#ifdef OPENSSL_FIPS
+ if (!FIPS_mode())
+#endif
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
EVP_MD_CTX_cleanup(&m);
if (ok)
diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h
index dc8fcf94c5aa..bb5520e80ac1 100644
--- a/crypto/rand/rand.h
+++ b/crypto/rand/rand.h
@@ -138,6 +138,7 @@ void ERR_load_RAND_strings(void);
#define RAND_F_SSLEAY_RAND_BYTES 100
/* Reason codes. */
+#define RAND_R_DUAL_EC_DRBG_DISABLED 104
#define RAND_R_ERROR_INITIALISING_DRBG 102
#define RAND_R_ERROR_INSTANTIATING_DRBG 103
#define RAND_R_NO_FIPS_RANDOM_METHOD_SET 101
diff --git a/crypto/rand/rand_err.c b/crypto/rand/rand_err.c
index b8586c8f4a9c..c4c80fc8ccad 100644
--- a/crypto/rand/rand_err.c
+++ b/crypto/rand/rand_err.c
@@ -78,6 +78,7 @@ static ERR_STRING_DATA RAND_str_functs[]=
static ERR_STRING_DATA RAND_str_reasons[]=
{
+{ERR_REASON(RAND_R_DUAL_EC_DRBG_DISABLED),"dual ec drbg disabled"},
{ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG),"error initialising drbg"},
{ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG),"error instantiating drbg"},
{ERR_REASON(RAND_R_NO_FIPS_RANDOM_METHOD_SET),"no fips random method set"},
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 476a0cd187ee..5ac0e14caf00 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -269,6 +269,14 @@ int RAND_init_fips(void)
DRBG_CTX *dctx;
size_t plen;
unsigned char pers[32], *p;
+#ifndef OPENSSL_ALLOW_DUAL_EC_DRBG
+ if (fips_drbg_type >> 16)
+ {
+ RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_DUAL_EC_DRBG_DISABLED);
+ return 0;
+ }
+#endif
+
dctx = FIPS_get_default_drbg();
if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0)
{
diff --git a/crypto/rc4/asm/rc4-parisc.pl b/crypto/rc4/asm/rc4-parisc.pl
index 9165067080ef..ad7e65651cf9 100755
--- a/crypto/rc4/asm/rc4-parisc.pl
+++ b/crypto/rc4/asm/rc4-parisc.pl
@@ -307,7 +307,8 @@ L\$opts
.STRINGZ "RC4 for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
+$code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm if ($SIZE_T==8);
print $code;
close STDOUT;
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index 2460910ab278..5a2062f903ae 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -351,27 +351,27 @@ static int rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss,
if (!BIO_indent(bp, indent, 128))
goto err;
- if (BIO_puts(bp, "Salt Length: ") <= 0)
+ if (BIO_puts(bp, "Salt Length: 0x") <= 0)
goto err;
if (pss->saltLength)
{
if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0)
goto err;
}
- else if (BIO_puts(bp, "20 (default)") <= 0)
+ else if (BIO_puts(bp, "0x14 (default)") <= 0)
goto err;
BIO_puts(bp, "\n");
if (!BIO_indent(bp, indent, 128))
goto err;
- if (BIO_puts(bp, "Trailer Field: ") <= 0)
+ if (BIO_puts(bp, "Trailer Field: 0x") <= 0)
goto err;
if (pss->trailerField)
{
if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0)
goto err;
}
- else if (BIO_puts(bp, "0xbc (default)") <= 0)
+ else if (BIO_puts(bp, "BC (default)") <= 0)
goto err;
BIO_puts(bp, "\n");
diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c
index 9d848db8c6c7..cc30e77132fa 100644
--- a/crypto/rsa/rsa_chk.c
+++ b/crypto/rsa/rsa_chk.c
@@ -59,6 +59,12 @@ int RSA_check_key(const RSA *key)
BN_CTX *ctx;
int r;
int ret=1;
+
+ if (!key->p || !key->q || !key->n || !key->e || !key->d)
+ {
+ RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_VALUE_MISSING);
+ return 0;
+ }
i = BN_new();
j = BN_new();
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index 5b2ecf56adc7..157aa5c41d2a 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -611,6 +611,8 @@ static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
pm = RSA_NO_PADDING;
else if (!strcmp(value, "oeap"))
pm = RSA_PKCS1_OAEP_PADDING;
+ else if (!strcmp(value, "oaep"))
+ pm = RSA_PKCS1_OAEP_PADDING;
else if (!strcmp(value, "x931"))
pm = RSA_X931_PADDING;
else if (!strcmp(value, "pss"))
diff --git a/crypto/sha/Makefile b/crypto/sha/Makefile
index 6d191d3936ee..2eb2b7af992b 100644
--- a/crypto/sha/Makefile
+++ b/crypto/sha/Makefile
@@ -60,7 +60,9 @@ sha256-armv4.S: asm/sha256-armv4.pl
$(PERL) $< $(PERLASM_SCHEME) $@
sha1-alpha.s: asm/sha1-alpha.pl
- $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
+ (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+ $(PERL) asm/sha1-alpha.pl > $$preproc && \
+ $(CC) -E $$preproc > $@ && rm $$preproc)
# Solaris make has to be explicitly told
sha1-x86_64.s: asm/sha1-x86_64.pl; $(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@
diff --git a/crypto/sha/asm/sha1-parisc.pl b/crypto/sha/asm/sha1-parisc.pl
index 6d7bf495b20a..6e5a328a6f1f 100755
--- a/crypto/sha/asm/sha1-parisc.pl
+++ b/crypto/sha/asm/sha1-parisc.pl
@@ -254,6 +254,7 @@ $code.=<<___;
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/,\*/,/gm if ($SIZE_T==4);
+$code =~ s/,\*/,/gm if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm if ($SIZE_T==8);
print $code;
close STDOUT;
diff --git a/crypto/sha/asm/sha1-x86_64.pl b/crypto/sha/asm/sha1-x86_64.pl
index cfdc45cce6da..f15c7ec39b20 100755
--- a/crypto/sha/asm/sha1-x86_64.pl
+++ b/crypto/sha/asm/sha1-x86_64.pl
@@ -745,7 +745,7 @@ $code.=<<___;
mov %rdi,$ctx # reassigned argument
mov %rsi,$inp # reassigned argument
mov %rdx,$num # reassigned argument
- vzeroall
+ vzeroupper
shl \$6,$num
add $inp,$num
@@ -1038,7 +1038,7 @@ ___
&Xtail_avx(\&body_20_39);
$code.=<<___;
- vzeroall
+ vzeroupper
add 0($ctx),$A # update context
add 4($ctx),@T[0]
diff --git a/crypto/sha/asm/sha512-mips.pl b/crypto/sha/asm/sha512-mips.pl
index ba5b250890e0..ffa053bb7d36 100755
--- a/crypto/sha/asm/sha512-mips.pl
+++ b/crypto/sha/asm/sha512-mips.pl
@@ -351,7 +351,7 @@ $code.=<<___;
$ST $G,6*$SZ($ctx)
$ST $H,7*$SZ($ctx)
- bnel $inp,@X[15],.Loop
+ bne $inp,@X[15],.Loop
$PTR_SUB $Ktbl,`($rounds-16)*$SZ` # rewind $Ktbl
$REG_L $ra,$FRAMESIZE-1*$SZREG($sp)
diff --git a/crypto/sha/asm/sha512-parisc.pl b/crypto/sha/asm/sha512-parisc.pl
index e24ee58ae97f..fc0e15b3c059 100755
--- a/crypto/sha/asm/sha512-parisc.pl
+++ b/crypto/sha/asm/sha512-parisc.pl
@@ -785,6 +785,8 @@ foreach (split("\n",$code)) {
s/cmpb,\*/comb,/ if ($SIZE_T==4);
+ s/\bbv\b/bve/ if ($SIZE_T==8);
+
print $_,"\n";
}
diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c
index 50dd7dc74437..50c229ddebf2 100644
--- a/crypto/sha/sha512.c
+++ b/crypto/sha/sha512.c
@@ -232,7 +232,14 @@ int SHA384_Update (SHA512_CTX *c, const void *data, size_t len)
{ return SHA512_Update (c,data,len); }
void SHA512_Transform (SHA512_CTX *c, const unsigned char *data)
-{ sha512_block_data_order (c,data,1); }
+ {
+#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
+ if ((size_t)data%sizeof(c->u.d[0]) != 0)
+ memcpy(c->u.p,data,sizeof(c->u.p)),
+ data = c->u.p;
+#endif
+ sha512_block_data_order (c,data,1);
+ }
unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md)
{
diff --git a/crypto/srp/srp_grps.h b/crypto/srp/srp_grps.h
index d77c9fff4ba1..8e3c35e3f53f 100644
--- a/crypto/srp/srp_grps.h
+++ b/crypto/srp/srp_grps.h
@@ -1,22 +1,22 @@
/* start of generated data */
static BN_ULONG bn_group_1024_value[] = {
- bn_pack4(9FC6,1D2F,C0EB,06E3),
- bn_pack4(FD51,38FE,8376,435B),
- bn_pack4(2FD4,CBF4,976E,AA9A),
- bn_pack4(68ED,BC3C,0572,6CC0),
- bn_pack4(C529,F566,660E,57EC),
- bn_pack4(8255,9B29,7BCF,1885),
- bn_pack4(CE8E,F4AD,69B1,5D49),
- bn_pack4(5DC7,D7B4,6154,D6B6),
- bn_pack4(8E49,5C1D,6089,DAD1),
- bn_pack4(E0D5,D8E2,50B9,8BE4),
- bn_pack4(383B,4813,D692,C6E0),
- bn_pack4(D674,DF74,96EA,81D3),
- bn_pack4(9EA2,314C,9C25,6576),
- bn_pack4(6072,6187,75FF,3C0B),
- bn_pack4(9C33,F80A,FA8F,C5E8),
- bn_pack4(EEAF,0AB9,ADB3,8DD6)
+ bn_pack4(0x9FC6,0x1D2F,0xC0EB,0x06E3),
+ bn_pack4(0xFD51,0x38FE,0x8376,0x435B),
+ bn_pack4(0x2FD4,0xCBF4,0x976E,0xAA9A),
+ bn_pack4(0x68ED,0xBC3C,0x0572,0x6CC0),
+ bn_pack4(0xC529,0xF566,0x660E,0x57EC),
+ bn_pack4(0x8255,0x9B29,0x7BCF,0x1885),
+ bn_pack4(0xCE8E,0xF4AD,0x69B1,0x5D49),
+ bn_pack4(0x5DC7,0xD7B4,0x6154,0xD6B6),
+ bn_pack4(0x8E49,0x5C1D,0x6089,0xDAD1),
+ bn_pack4(0xE0D5,0xD8E2,0x50B9,0x8BE4),
+ bn_pack4(0x383B,0x4813,0xD692,0xC6E0),
+ bn_pack4(0xD674,0xDF74,0x96EA,0x81D3),
+ bn_pack4(0x9EA2,0x314C,0x9C25,0x6576),
+ bn_pack4(0x6072,0x6187,0x75FF,0x3C0B),
+ bn_pack4(0x9C33,0xF80A,0xFA8F,0xC5E8),
+ bn_pack4(0xEEAF,0x0AB9,0xADB3,0x8DD6)
};
static BIGNUM bn_group_1024 = {
bn_group_1024_value,
@@ -27,30 +27,30 @@ static BIGNUM bn_group_1024 = {
};
static BN_ULONG bn_group_1536_value[] = {
- bn_pack4(CF76,E3FE,D135,F9BB),
- bn_pack4(1518,0F93,499A,234D),
- bn_pack4(8CE7,A28C,2442,C6F3),
- bn_pack4(5A02,1FFF,5E91,479E),
- bn_pack4(7F8A,2FE9,B8B5,292E),
- bn_pack4(837C,264A,E3A9,BEB8),
- bn_pack4(E442,734A,F7CC,B7AE),
- bn_pack4(6577,2E43,7D6C,7F8C),
- bn_pack4(DB2F,D53D,24B7,C486),
- bn_pack4(6EDF,0195,3934,9627),
- bn_pack4(158B,FD3E,2B9C,8CF5),
- bn_pack4(764E,3F4B,53DD,9DA1),
- bn_pack4(4754,8381,DBC5,B1FC),
- bn_pack4(9B60,9E0B,E3BA,B63D),
- bn_pack4(8134,B1C8,B979,8914),
- bn_pack4(DF02,8A7C,EC67,F0D0),
- bn_pack4(80B6,55BB,9A22,E8DC),
- bn_pack4(1558,903B,A0D0,F843),
- bn_pack4(51C6,A94B,E460,7A29),
- bn_pack4(5F4F,5F55,6E27,CBDE),
- bn_pack4(BEEE,A961,4B19,CC4D),
- bn_pack4(DBA5,1DF4,99AC,4C80),
- bn_pack4(B1F1,2A86,17A4,7BBB),
- bn_pack4(9DEF,3CAF,B939,277A)
+ bn_pack4(0xCF76,0xE3FE,0xD135,0xF9BB),
+ bn_pack4(0x1518,0x0F93,0x499A,0x234D),
+ bn_pack4(0x8CE7,0xA28C,0x2442,0xC6F3),
+ bn_pack4(0x5A02,0x1FFF,0x5E91,0x479E),
+ bn_pack4(0x7F8A,0x2FE9,0xB8B5,0x292E),
+ bn_pack4(0x837C,0x264A,0xE3A9,0xBEB8),
+ bn_pack4(0xE442,0x734A,0xF7CC,0xB7AE),
+ bn_pack4(0x6577,0x2E43,0x7D6C,0x7F8C),
+ bn_pack4(0xDB2F,0xD53D,0x24B7,0xC486),
+ bn_pack4(0x6EDF,0x0195,0x3934,0x9627),
+ bn_pack4(0x158B,0xFD3E,0x2B9C,0x8CF5),
+ bn_pack4(0x764E,0x3F4B,0x53DD,0x9DA1),
+ bn_pack4(0x4754,0x8381,0xDBC5,0xB1FC),
+ bn_pack4(0x9B60,0x9E0B,0xE3BA,0xB63D),
+ bn_pack4(0x8134,0xB1C8,0xB979,0x8914),
+ bn_pack4(0xDF02,0x8A7C,0xEC67,0xF0D0),
+ bn_pack4(0x80B6,0x55BB,0x9A22,0xE8DC),
+ bn_pack4(0x1558,0x903B,0xA0D0,0xF843),
+ bn_pack4(0x51C6,0xA94B,0xE460,0x7A29),
+ bn_pack4(0x5F4F,0x5F55,0x6E27,0xCBDE),
+ bn_pack4(0xBEEE,0xA961,0x4B19,0xCC4D),
+ bn_pack4(0xDBA5,0x1DF4,0x99AC,0x4C80),
+ bn_pack4(0xB1F1,0x2A86,0x17A4,0x7BBB),
+ bn_pack4(0x9DEF,0x3CAF,0xB939,0x277A)
};
static BIGNUM bn_group_1536 = {
bn_group_1536_value,
@@ -61,38 +61,38 @@ static BIGNUM bn_group_1536 = {
};
static BN_ULONG bn_group_2048_value[] = {
- bn_pack4(0FA7,111F,9E4A,FF73),
- bn_pack4(9B65,E372,FCD6,8EF2),
- bn_pack4(35DE,236D,525F,5475),
- bn_pack4(94B5,C803,D89F,7AE4),
- bn_pack4(71AE,35F8,E9DB,FBB6),
- bn_pack4(2A56,98F3,A8D0,C382),
- bn_pack4(9CCC,041C,7BC3,08D8),
- bn_pack4(AF87,4E73,03CE,5329),
- bn_pack4(6160,2790,04E5,7AE6),
- bn_pack4(032C,FBDB,F52F,B378),
- bn_pack4(5EA7,7A27,75D2,ECFA),
- bn_pack4(5445,23B5,24B0,D57D),
- bn_pack4(5B9D,32E6,88F8,7748),
- bn_pack4(F1D2,B907,8717,461A),
- bn_pack4(76BD,207A,436C,6481),
- bn_pack4(CA97,B43A,23FB,8016),
- bn_pack4(1D28,1E44,6B14,773B),
- bn_pack4(7359,D041,D5C3,3EA7),
- bn_pack4(A80D,740A,DBF4,FF74),
- bn_pack4(55F9,7993,EC97,5EEA),
- bn_pack4(2918,A996,2F0B,93B8),
- bn_pack4(661A,05FB,D5FA,AAE8),
- bn_pack4(CF60,9517,9A16,3AB3),
- bn_pack4(E808,3969,EDB7,67B0),
- bn_pack4(CD7F,48A9,DA04,FD50),
- bn_pack4(D523,12AB,4B03,310D),
- bn_pack4(8193,E075,7767,A13D),
- bn_pack4(A373,29CB,B4A0,99ED),
- bn_pack4(FC31,9294,3DB5,6050),
- bn_pack4(AF72,B665,1987,EE07),
- bn_pack4(F166,DE5E,1389,582F),
- bn_pack4(AC6B,DB41,324A,9A9B)
+ bn_pack4(0x0FA7,0x111F,0x9E4A,0xFF73),
+ bn_pack4(0x9B65,0xE372,0xFCD6,0x8EF2),
+ bn_pack4(0x35DE,0x236D,0x525F,0x5475),
+ bn_pack4(0x94B5,0xC803,0xD89F,0x7AE4),
+ bn_pack4(0x71AE,0x35F8,0xE9DB,0xFBB6),
+ bn_pack4(0x2A56,0x98F3,0xA8D0,0xC382),
+ bn_pack4(0x9CCC,0x041C,0x7BC3,0x08D8),
+ bn_pack4(0xAF87,0x4E73,0x03CE,0x5329),
+ bn_pack4(0x6160,0x2790,0x04E5,0x7AE6),
+ bn_pack4(0x032C,0xFBDB,0xF52F,0xB378),
+ bn_pack4(0x5EA7,0x7A27,0x75D2,0xECFA),
+ bn_pack4(0x5445,0x23B5,0x24B0,0xD57D),
+ bn_pack4(0x5B9D,0x32E6,0x88F8,0x7748),
+ bn_pack4(0xF1D2,0xB907,0x8717,0x461A),
+ bn_pack4(0x76BD,0x207A,0x436C,0x6481),
+ bn_pack4(0xCA97,0xB43A,0x23FB,0x8016),
+ bn_pack4(0x1D28,0x1E44,0x6B14,0x773B),
+ bn_pack4(0x7359,0xD041,0xD5C3,0x3EA7),
+ bn_pack4(0xA80D,0x740A,0xDBF4,0xFF74),
+ bn_pack4(0x55F9,0x7993,0xEC97,0x5EEA),
+ bn_pack4(0x2918,0xA996,0x2F0B,0x93B8),
+ bn_pack4(0x661A,0x05FB,0xD5FA,0xAAE8),
+ bn_pack4(0xCF60,0x9517,0x9A16,0x3AB3),
+ bn_pack4(0xE808,0x3969,0xEDB7,0x67B0),
+ bn_pack4(0xCD7F,0x48A9,0xDA04,0xFD50),
+ bn_pack4(0xD523,0x12AB,0x4B03,0x310D),
+ bn_pack4(0x8193,0xE075,0x7767,0xA13D),
+ bn_pack4(0xA373,0x29CB,0xB4A0,0x99ED),
+ bn_pack4(0xFC31,0x9294,0x3DB5,0x6050),
+ bn_pack4(0xAF72,0xB665,0x1987,0xEE07),
+ bn_pack4(0xF166,0xDE5E,0x1389,0x582F),
+ bn_pack4(0xAC6B,0xDB41,0x324A,0x9A9B)
};
static BIGNUM bn_group_2048 = {
bn_group_2048_value,
@@ -103,54 +103,54 @@ static BIGNUM bn_group_2048 = {
};
static BN_ULONG bn_group_3072_value[] = {
- bn_pack4(FFFF,FFFF,FFFF,FFFF),
- bn_pack4(4B82,D120,A93A,D2CA),
- bn_pack4(43DB,5BFC,E0FD,108E),
- bn_pack4(08E2,4FA0,74E5,AB31),
- bn_pack4(7709,88C0,BAD9,46E2),
- bn_pack4(BBE1,1757,7A61,5D6C),
- bn_pack4(521F,2B18,177B,200C),
- bn_pack4(D876,0273,3EC8,6A64),
- bn_pack4(F12F,FA06,D98A,0864),
- bn_pack4(CEE3,D226,1AD2,EE6B),
- bn_pack4(1E8C,94E0,4A25,619D),
- bn_pack4(ABF5,AE8C,DB09,33D7),
- bn_pack4(B397,0F85,A6E1,E4C7),
- bn_pack4(8AEA,7157,5D06,0C7D),
- bn_pack4(ECFB,8504,58DB,EF0A),
- bn_pack4(A855,21AB,DF1C,BA64),
- bn_pack4(AD33,170D,0450,7A33),
- bn_pack4(1572,8E5A,8AAA,C42D),
- bn_pack4(15D2,2618,98FA,0510),
- bn_pack4(3995,497C,EA95,6AE5),
- bn_pack4(DE2B,CBF6,9558,1718),
- bn_pack4(B5C5,5DF0,6F4C,52C9),
- bn_pack4(9B27,83A2,EC07,A28F),
- bn_pack4(E39E,772C,180E,8603),
- bn_pack4(3290,5E46,2E36,CE3B),
- bn_pack4(F174,6C08,CA18,217C),
- bn_pack4(670C,354E,4ABC,9804),
- bn_pack4(9ED5,2907,7096,966D),
- bn_pack4(1C62,F356,2085,52BB),
- bn_pack4(8365,5D23,DCA3,AD96),
- bn_pack4(6916,3FA8,FD24,CF5F),
- bn_pack4(98DA,4836,1C55,D39A),
- bn_pack4(C200,7CB8,A163,BF05),
- bn_pack4(4928,6651,ECE4,5B3D),
- bn_pack4(AE9F,2411,7C4B,1FE6),
- bn_pack4(EE38,6BFB,5A89,9FA5),
- bn_pack4(0BFF,5CB6,F406,B7ED),
- bn_pack4(F44C,42E9,A637,ED6B),
- bn_pack4(E485,B576,625E,7EC6),
- bn_pack4(4FE1,356D,6D51,C245),
- bn_pack4(302B,0A6D,F25F,1437),
- bn_pack4(EF95,19B3,CD3A,431B),
- bn_pack4(514A,0879,8E34,04DD),
- bn_pack4(020B,BEA6,3B13,9B22),
- bn_pack4(2902,4E08,8A67,CC74),
- bn_pack4(C4C6,628B,80DC,1CD1),
- bn_pack4(C90F,DAA2,2168,C234),
- bn_pack4(FFFF,FFFF,FFFF,FFFF)
+ bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
+ bn_pack4(0x4B82,0xD120,0xA93A,0xD2CA),
+ bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
+ bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
+ bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
+ bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
+ bn_pack4(0x521F,0x2B18,0x177B,0x200C),
+ bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
+ bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
+ bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
+ bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
+ bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
+ bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
+ bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
+ bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
+ bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
+ bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
+ bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
+ bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
+ bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
+ bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
+ bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
+ bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
+ bn_pack4(0xE39E,0x772C,0x180E,0x8603),
+ bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
+ bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
+ bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
+ bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
+ bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
+ bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
+ bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
+ bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
+ bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
+ bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
+ bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
+ bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
+ bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
+ bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
+ bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
+ bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
+ bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
+ bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
+ bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
+ bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
+ bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
+ bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
+ bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
+ bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
};
static BIGNUM bn_group_3072 = {
bn_group_3072_value,
@@ -161,70 +161,70 @@ static BIGNUM bn_group_3072 = {
};
static BN_ULONG bn_group_4096_value[] = {
- bn_pack4(FFFF,FFFF,FFFF,FFFF),
- bn_pack4(4DF4,35C9,3406,3199),
- bn_pack4(86FF,B7DC,90A6,C08F),
- bn_pack4(93B4,EA98,8D8F,DDC1),
- bn_pack4(D006,9127,D5B0,5AA9),
- bn_pack4(B81B,DD76,2170,481C),
- bn_pack4(1F61,2970,CEE2,D7AF),
- bn_pack4(233B,A186,515B,E7ED),
- bn_pack4(99B2,964F,A090,C3A2),
- bn_pack4(287C,5947,4E6B,C05D),
- bn_pack4(2E8E,FC14,1FBE,CAA6),
- bn_pack4(DBBB,C2DB,04DE,8EF9),
- bn_pack4(2583,E9CA,2AD4,4CE8),
- bn_pack4(1A94,6834,B615,0BDA),
- bn_pack4(99C3,2718,6AF4,E23C),
- bn_pack4(8871,9A10,BDBA,5B26),
- bn_pack4(1A72,3C12,A787,E6D7),
- bn_pack4(4B82,D120,A921,0801),
- bn_pack4(43DB,5BFC,E0FD,108E),
- bn_pack4(08E2,4FA0,74E5,AB31),
- bn_pack4(7709,88C0,BAD9,46E2),
- bn_pack4(BBE1,1757,7A61,5D6C),
- bn_pack4(521F,2B18,177B,200C),
- bn_pack4(D876,0273,3EC8,6A64),
- bn_pack4(F12F,FA06,D98A,0864),
- bn_pack4(CEE3,D226,1AD2,EE6B),
- bn_pack4(1E8C,94E0,4A25,619D),
- bn_pack4(ABF5,AE8C,DB09,33D7),
- bn_pack4(B397,0F85,A6E1,E4C7),
- bn_pack4(8AEA,7157,5D06,0C7D),
- bn_pack4(ECFB,8504,58DB,EF0A),
- bn_pack4(A855,21AB,DF1C,BA64),
- bn_pack4(AD33,170D,0450,7A33),
- bn_pack4(1572,8E5A,8AAA,C42D),
- bn_pack4(15D2,2618,98FA,0510),
- bn_pack4(3995,497C,EA95,6AE5),
- bn_pack4(DE2B,CBF6,9558,1718),
- bn_pack4(B5C5,5DF0,6F4C,52C9),
- bn_pack4(9B27,83A2,EC07,A28F),
- bn_pack4(E39E,772C,180E,8603),
- bn_pack4(3290,5E46,2E36,CE3B),
- bn_pack4(F174,6C08,CA18,217C),
- bn_pack4(670C,354E,4ABC,9804),
- bn_pack4(9ED5,2907,7096,966D),
- bn_pack4(1C62,F356,2085,52BB),
- bn_pack4(8365,5D23,DCA3,AD96),
- bn_pack4(6916,3FA8,FD24,CF5F),
- bn_pack4(98DA,4836,1C55,D39A),
- bn_pack4(C200,7CB8,A163,BF05),
- bn_pack4(4928,6651,ECE4,5B3D),
- bn_pack4(AE9F,2411,7C4B,1FE6),
- bn_pack4(EE38,6BFB,5A89,9FA5),
- bn_pack4(0BFF,5CB6,F406,B7ED),
- bn_pack4(F44C,42E9,A637,ED6B),
- bn_pack4(E485,B576,625E,7EC6),
- bn_pack4(4FE1,356D,6D51,C245),
- bn_pack4(302B,0A6D,F25F,1437),
- bn_pack4(EF95,19B3,CD3A,431B),
- bn_pack4(514A,0879,8E34,04DD),
- bn_pack4(020B,BEA6,3B13,9B22),
- bn_pack4(2902,4E08,8A67,CC74),
- bn_pack4(C4C6,628B,80DC,1CD1),
- bn_pack4(C90F,DAA2,2168,C234),
- bn_pack4(FFFF,FFFF,FFFF,FFFF)
+ bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
+ bn_pack4(0x4DF4,0x35C9,0x3406,0x3199),
+ bn_pack4(0x86FF,0xB7DC,0x90A6,0xC08F),
+ bn_pack4(0x93B4,0xEA98,0x8D8F,0xDDC1),
+ bn_pack4(0xD006,0x9127,0xD5B0,0x5AA9),
+ bn_pack4(0xB81B,0xDD76,0x2170,0x481C),
+ bn_pack4(0x1F61,0x2970,0xCEE2,0xD7AF),
+ bn_pack4(0x233B,0xA186,0x515B,0xE7ED),
+ bn_pack4(0x99B2,0x964F,0xA090,0xC3A2),
+ bn_pack4(0x287C,0x5947,0x4E6B,0xC05D),
+ bn_pack4(0x2E8E,0xFC14,0x1FBE,0xCAA6),
+ bn_pack4(0xDBBB,0xC2DB,0x04DE,0x8EF9),
+ bn_pack4(0x2583,0xE9CA,0x2AD4,0x4CE8),
+ bn_pack4(0x1A94,0x6834,0xB615,0x0BDA),
+ bn_pack4(0x99C3,0x2718,0x6AF4,0xE23C),
+ bn_pack4(0x8871,0x9A10,0xBDBA,0x5B26),
+ bn_pack4(0x1A72,0x3C12,0xA787,0xE6D7),
+ bn_pack4(0x4B82,0xD120,0xA921,0x0801),
+ bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
+ bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
+ bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
+ bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
+ bn_pack4(0x521F,0x2B18,0x177B,0x200C),
+ bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
+ bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
+ bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
+ bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
+ bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
+ bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
+ bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
+ bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
+ bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
+ bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
+ bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
+ bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
+ bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
+ bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
+ bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
+ bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
+ bn_pack4(0xE39E,0x772C,0x180E,0x8603),
+ bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
+ bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
+ bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
+ bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
+ bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
+ bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
+ bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
+ bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
+ bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
+ bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
+ bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
+ bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
+ bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
+ bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
+ bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
+ bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
+ bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
+ bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
+ bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
+ bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
+ bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
+ bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
+ bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
+ bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
};
static BIGNUM bn_group_4096 = {
bn_group_4096_value,
@@ -235,102 +235,102 @@ static BIGNUM bn_group_4096 = {
};
static BN_ULONG bn_group_6144_value[] = {
- bn_pack4(FFFF,FFFF,FFFF,FFFF),
- bn_pack4(E694,F91E,6DCC,4024),
- bn_pack4(12BF,2D5B,0B74,74D6),
- bn_pack4(043E,8F66,3F48,60EE),
- bn_pack4(387F,E8D7,6E3C,0468),
- bn_pack4(DA56,C9EC,2EF2,9632),
- bn_pack4(EB19,CCB1,A313,D55C),
- bn_pack4(F550,AA3D,8A1F,BFF0),
- bn_pack4(06A1,D58B,B7C5,DA76),
- bn_pack4(A797,15EE,F29B,E328),
- bn_pack4(14CC,5ED2,0F80,37E0),
- bn_pack4(CC8F,6D7E,BF48,E1D8),
- bn_pack4(4BD4,07B2,2B41,54AA),
- bn_pack4(0F1D,45B7,FF58,5AC5),
- bn_pack4(23A9,7A7E,36CC,88BE),
- bn_pack4(59E7,C97F,BEC7,E8F3),
- bn_pack4(B5A8,4031,900B,1C9E),
- bn_pack4(D55E,702F,4698,0C82),
- bn_pack4(F482,D7CE,6E74,FEF6),
- bn_pack4(F032,EA15,D172,1D03),
- bn_pack4(5983,CA01,C64B,92EC),
- bn_pack4(6FB8,F401,378C,D2BF),
- bn_pack4(3320,5151,2BD7,AF42),
- bn_pack4(DB7F,1447,E6CC,254B),
- bn_pack4(44CE,6CBA,CED4,BB1B),
- bn_pack4(DA3E,DBEB,CF9B,14ED),
- bn_pack4(1797,27B0,865A,8918),
- bn_pack4(B06A,53ED,9027,D831),
- bn_pack4(E5DB,382F,4130,01AE),
- bn_pack4(F8FF,9406,AD9E,530E),
- bn_pack4(C975,1E76,3DBA,37BD),
- bn_pack4(C1D4,DCB2,6026,46DE),
- bn_pack4(36C3,FAB4,D27C,7026),
- bn_pack4(4DF4,35C9,3402,8492),
- bn_pack4(86FF,B7DC,90A6,C08F),
- bn_pack4(93B4,EA98,8D8F,DDC1),
- bn_pack4(D006,9127,D5B0,5AA9),
- bn_pack4(B81B,DD76,2170,481C),
- bn_pack4(1F61,2970,CEE2,D7AF),
- bn_pack4(233B,A186,515B,E7ED),
- bn_pack4(99B2,964F,A090,C3A2),
- bn_pack4(287C,5947,4E6B,C05D),
- bn_pack4(2E8E,FC14,1FBE,CAA6),
- bn_pack4(DBBB,C2DB,04DE,8EF9),
- bn_pack4(2583,E9CA,2AD4,4CE8),
- bn_pack4(1A94,6834,B615,0BDA),
- bn_pack4(99C3,2718,6AF4,E23C),
- bn_pack4(8871,9A10,BDBA,5B26),
- bn_pack4(1A72,3C12,A787,E6D7),
- bn_pack4(4B82,D120,A921,0801),
- bn_pack4(43DB,5BFC,E0FD,108E),
- bn_pack4(08E2,4FA0,74E5,AB31),
- bn_pack4(7709,88C0,BAD9,46E2),
- bn_pack4(BBE1,1757,7A61,5D6C),
- bn_pack4(521F,2B18,177B,200C),
- bn_pack4(D876,0273,3EC8,6A64),
- bn_pack4(F12F,FA06,D98A,0864),
- bn_pack4(CEE3,D226,1AD2,EE6B),
- bn_pack4(1E8C,94E0,4A25,619D),
- bn_pack4(ABF5,AE8C,DB09,33D7),
- bn_pack4(B397,0F85,A6E1,E4C7),
- bn_pack4(8AEA,7157,5D06,0C7D),
- bn_pack4(ECFB,8504,58DB,EF0A),
- bn_pack4(A855,21AB,DF1C,BA64),
- bn_pack4(AD33,170D,0450,7A33),
- bn_pack4(1572,8E5A,8AAA,C42D),
- bn_pack4(15D2,2618,98FA,0510),
- bn_pack4(3995,497C,EA95,6AE5),
- bn_pack4(DE2B,CBF6,9558,1718),
- bn_pack4(B5C5,5DF0,6F4C,52C9),
- bn_pack4(9B27,83A2,EC07,A28F),
- bn_pack4(E39E,772C,180E,8603),
- bn_pack4(3290,5E46,2E36,CE3B),
- bn_pack4(F174,6C08,CA18,217C),
- bn_pack4(670C,354E,4ABC,9804),
- bn_pack4(9ED5,2907,7096,966D),
- bn_pack4(1C62,F356,2085,52BB),
- bn_pack4(8365,5D23,DCA3,AD96),
- bn_pack4(6916,3FA8,FD24,CF5F),
- bn_pack4(98DA,4836,1C55,D39A),
- bn_pack4(C200,7CB8,A163,BF05),
- bn_pack4(4928,6651,ECE4,5B3D),
- bn_pack4(AE9F,2411,7C4B,1FE6),
- bn_pack4(EE38,6BFB,5A89,9FA5),
- bn_pack4(0BFF,5CB6,F406,B7ED),
- bn_pack4(F44C,42E9,A637,ED6B),
- bn_pack4(E485,B576,625E,7EC6),
- bn_pack4(4FE1,356D,6D51,C245),
- bn_pack4(302B,0A6D,F25F,1437),
- bn_pack4(EF95,19B3,CD3A,431B),
- bn_pack4(514A,0879,8E34,04DD),
- bn_pack4(020B,BEA6,3B13,9B22),
- bn_pack4(2902,4E08,8A67,CC74),
- bn_pack4(C4C6,628B,80DC,1CD1),
- bn_pack4(C90F,DAA2,2168,C234),
- bn_pack4(FFFF,FFFF,FFFF,FFFF)
+ bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
+ bn_pack4(0xE694,0xF91E,0x6DCC,0x4024),
+ bn_pack4(0x12BF,0x2D5B,0x0B74,0x74D6),
+ bn_pack4(0x043E,0x8F66,0x3F48,0x60EE),
+ bn_pack4(0x387F,0xE8D7,0x6E3C,0x0468),
+ bn_pack4(0xDA56,0xC9EC,0x2EF2,0x9632),
+ bn_pack4(0xEB19,0xCCB1,0xA313,0xD55C),
+ bn_pack4(0xF550,0xAA3D,0x8A1F,0xBFF0),
+ bn_pack4(0x06A1,0xD58B,0xB7C5,0xDA76),
+ bn_pack4(0xA797,0x15EE,0xF29B,0xE328),
+ bn_pack4(0x14CC,0x5ED2,0x0F80,0x37E0),
+ bn_pack4(0xCC8F,0x6D7E,0xBF48,0xE1D8),
+ bn_pack4(0x4BD4,0x07B2,0x2B41,0x54AA),
+ bn_pack4(0x0F1D,0x45B7,0xFF58,0x5AC5),
+ bn_pack4(0x23A9,0x7A7E,0x36CC,0x88BE),
+ bn_pack4(0x59E7,0xC97F,0xBEC7,0xE8F3),
+ bn_pack4(0xB5A8,0x4031,0x900B,0x1C9E),
+ bn_pack4(0xD55E,0x702F,0x4698,0x0C82),
+ bn_pack4(0xF482,0xD7CE,0x6E74,0xFEF6),
+ bn_pack4(0xF032,0xEA15,0xD172,0x1D03),
+ bn_pack4(0x5983,0xCA01,0xC64B,0x92EC),
+ bn_pack4(0x6FB8,0xF401,0x378C,0xD2BF),
+ bn_pack4(0x3320,0x5151,0x2BD7,0xAF42),
+ bn_pack4(0xDB7F,0x1447,0xE6CC,0x254B),
+ bn_pack4(0x44CE,0x6CBA,0xCED4,0xBB1B),
+ bn_pack4(0xDA3E,0xDBEB,0xCF9B,0x14ED),
+ bn_pack4(0x1797,0x27B0,0x865A,0x8918),
+ bn_pack4(0xB06A,0x53ED,0x9027,0xD831),
+ bn_pack4(0xE5DB,0x382F,0x4130,0x01AE),
+ bn_pack4(0xF8FF,0x9406,0xAD9E,0x530E),
+ bn_pack4(0xC975,0x1E76,0x3DBA,0x37BD),
+ bn_pack4(0xC1D4,0xDCB2,0x6026,0x46DE),
+ bn_pack4(0x36C3,0xFAB4,0xD27C,0x7026),
+ bn_pack4(0x4DF4,0x35C9,0x3402,0x8492),
+ bn_pack4(0x86FF,0xB7DC,0x90A6,0xC08F),
+ bn_pack4(0x93B4,0xEA98,0x8D8F,0xDDC1),
+ bn_pack4(0xD006,0x9127,0xD5B0,0x5AA9),
+ bn_pack4(0xB81B,0xDD76,0x2170,0x481C),
+ bn_pack4(0x1F61,0x2970,0xCEE2,0xD7AF),
+ bn_pack4(0x233B,0xA186,0x515B,0xE7ED),
+ bn_pack4(0x99B2,0x964F,0xA090,0xC3A2),
+ bn_pack4(0x287C,0x5947,0x4E6B,0xC05D),
+ bn_pack4(0x2E8E,0xFC14,0x1FBE,0xCAA6),
+ bn_pack4(0xDBBB,0xC2DB,0x04DE,0x8EF9),
+ bn_pack4(0x2583,0xE9CA,0x2AD4,0x4CE8),
+ bn_pack4(0x1A94,0x6834,0xB615,0x0BDA),
+ bn_pack4(0x99C3,0x2718,0x6AF4,0xE23C),
+ bn_pack4(0x8871,0x9A10,0xBDBA,0x5B26),
+ bn_pack4(0x1A72,0x3C12,0xA787,0xE6D7),
+ bn_pack4(0x4B82,0xD120,0xA921,0x0801),
+ bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
+ bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
+ bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
+ bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
+ bn_pack4(0x521F,0x2B18,0x177B,0x200C),
+ bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
+ bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
+ bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
+ bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
+ bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
+ bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
+ bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
+ bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
+ bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
+ bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
+ bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
+ bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
+ bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
+ bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
+ bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
+ bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
+ bn_pack4(0xE39E,0x772C,0x180E,0x8603),
+ bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
+ bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
+ bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
+ bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
+ bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
+ bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
+ bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
+ bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
+ bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
+ bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
+ bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
+ bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
+ bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
+ bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
+ bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
+ bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
+ bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
+ bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
+ bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
+ bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
+ bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
+ bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
+ bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
+ bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
};
static BIGNUM bn_group_6144 = {
bn_group_6144_value,
@@ -341,134 +341,134 @@ static BIGNUM bn_group_6144 = {
};
static BN_ULONG bn_group_8192_value[] = {
- bn_pack4(FFFF,FFFF,FFFF,FFFF),
- bn_pack4(60C9,80DD,98ED,D3DF),
- bn_pack4(C81F,56E8,80B9,6E71),
- bn_pack4(9E30,50E2,7656,94DF),
- bn_pack4(9558,E447,5677,E9AA),
- bn_pack4(C919,0DA6,FC02,6E47),
- bn_pack4(889A,002E,D5EE,382B),
- bn_pack4(4009,438B,481C,6CD7),
- bn_pack4(3590,46F4,EB87,9F92),
- bn_pack4(FAF3,6BC3,1ECF,A268),
- bn_pack4(B1D5,10BD,7EE7,4D73),
- bn_pack4(F9AB,4819,5DED,7EA1),
- bn_pack4(64F3,1CC5,0846,851D),
- bn_pack4(4597,E899,A025,5DC1),
- bn_pack4(DF31,0EE0,74AB,6A36),
- bn_pack4(6D2A,13F8,3F44,F82D),
- bn_pack4(062B,3CF5,B3A2,78A6),
- bn_pack4(7968,3303,ED5B,DD3A),
- bn_pack4(FA9D,4B7F,A2C0,87E8),
- bn_pack4(4BCB,C886,2F83,85DD),
- bn_pack4(3473,FC64,6CEA,306B),
- bn_pack4(13EB,57A8,1A23,F0C7),
- bn_pack4(2222,2E04,A403,7C07),
- bn_pack4(E3FD,B8BE,FC84,8AD9),
- bn_pack4(238F,16CB,E39D,652D),
- bn_pack4(3423,B474,2BF1,C978),
- bn_pack4(3AAB,639C,5AE4,F568),
- bn_pack4(2576,F693,6BA4,2466),
- bn_pack4(741F,A7BF,8AFC,47ED),
- bn_pack4(3BC8,32B6,8D9D,D300),
- bn_pack4(D8BE,C4D0,73B9,31BA),
- bn_pack4(3877,7CB6,A932,DF8C),
- bn_pack4(74A3,926F,12FE,E5E4),
- bn_pack4(E694,F91E,6DBE,1159),
- bn_pack4(12BF,2D5B,0B74,74D6),
- bn_pack4(043E,8F66,3F48,60EE),
- bn_pack4(387F,E8D7,6E3C,0468),
- bn_pack4(DA56,C9EC,2EF2,9632),
- bn_pack4(EB19,CCB1,A313,D55C),
- bn_pack4(F550,AA3D,8A1F,BFF0),
- bn_pack4(06A1,D58B,B7C5,DA76),
- bn_pack4(A797,15EE,F29B,E328),
- bn_pack4(14CC,5ED2,0F80,37E0),
- bn_pack4(CC8F,6D7E,BF48,E1D8),
- bn_pack4(4BD4,07B2,2B41,54AA),
- bn_pack4(0F1D,45B7,FF58,5AC5),
- bn_pack4(23A9,7A7E,36CC,88BE),
- bn_pack4(59E7,C97F,BEC7,E8F3),
- bn_pack4(B5A8,4031,900B,1C9E),
- bn_pack4(D55E,702F,4698,0C82),
- bn_pack4(F482,D7CE,6E74,FEF6),
- bn_pack4(F032,EA15,D172,1D03),
- bn_pack4(5983,CA01,C64B,92EC),
- bn_pack4(6FB8,F401,378C,D2BF),
- bn_pack4(3320,5151,2BD7,AF42),
- bn_pack4(DB7F,1447,E6CC,254B),
- bn_pack4(44CE,6CBA,CED4,BB1B),
- bn_pack4(DA3E,DBEB,CF9B,14ED),
- bn_pack4(1797,27B0,865A,8918),
- bn_pack4(B06A,53ED,9027,D831),
- bn_pack4(E5DB,382F,4130,01AE),
- bn_pack4(F8FF,9406,AD9E,530E),
- bn_pack4(C975,1E76,3DBA,37BD),
- bn_pack4(C1D4,DCB2,6026,46DE),
- bn_pack4(36C3,FAB4,D27C,7026),
- bn_pack4(4DF4,35C9,3402,8492),
- bn_pack4(86FF,B7DC,90A6,C08F),
- bn_pack4(93B4,EA98,8D8F,DDC1),
- bn_pack4(D006,9127,D5B0,5AA9),
- bn_pack4(B81B,DD76,2170,481C),
- bn_pack4(1F61,2970,CEE2,D7AF),
- bn_pack4(233B,A186,515B,E7ED),
- bn_pack4(99B2,964F,A090,C3A2),
- bn_pack4(287C,5947,4E6B,C05D),
- bn_pack4(2E8E,FC14,1FBE,CAA6),
- bn_pack4(DBBB,C2DB,04DE,8EF9),
- bn_pack4(2583,E9CA,2AD4,4CE8),
- bn_pack4(1A94,6834,B615,0BDA),
- bn_pack4(99C3,2718,6AF4,E23C),
- bn_pack4(8871,9A10,BDBA,5B26),
- bn_pack4(1A72,3C12,A787,E6D7),
- bn_pack4(4B82,D120,A921,0801),
- bn_pack4(43DB,5BFC,E0FD,108E),
- bn_pack4(08E2,4FA0,74E5,AB31),
- bn_pack4(7709,88C0,BAD9,46E2),
- bn_pack4(BBE1,1757,7A61,5D6C),
- bn_pack4(521F,2B18,177B,200C),
- bn_pack4(D876,0273,3EC8,6A64),
- bn_pack4(F12F,FA06,D98A,0864),
- bn_pack4(CEE3,D226,1AD2,EE6B),
- bn_pack4(1E8C,94E0,4A25,619D),
- bn_pack4(ABF5,AE8C,DB09,33D7),
- bn_pack4(B397,0F85,A6E1,E4C7),
- bn_pack4(8AEA,7157,5D06,0C7D),
- bn_pack4(ECFB,8504,58DB,EF0A),
- bn_pack4(A855,21AB,DF1C,BA64),
- bn_pack4(AD33,170D,0450,7A33),
- bn_pack4(1572,8E5A,8AAA,C42D),
- bn_pack4(15D2,2618,98FA,0510),
- bn_pack4(3995,497C,EA95,6AE5),
- bn_pack4(DE2B,CBF6,9558,1718),
- bn_pack4(B5C5,5DF0,6F4C,52C9),
- bn_pack4(9B27,83A2,EC07,A28F),
- bn_pack4(E39E,772C,180E,8603),
- bn_pack4(3290,5E46,2E36,CE3B),
- bn_pack4(F174,6C08,CA18,217C),
- bn_pack4(670C,354E,4ABC,9804),
- bn_pack4(9ED5,2907,7096,966D),
- bn_pack4(1C62,F356,2085,52BB),
- bn_pack4(8365,5D23,DCA3,AD96),
- bn_pack4(6916,3FA8,FD24,CF5F),
- bn_pack4(98DA,4836,1C55,D39A),
- bn_pack4(C200,7CB8,A163,BF05),
- bn_pack4(4928,6651,ECE4,5B3D),
- bn_pack4(AE9F,2411,7C4B,1FE6),
- bn_pack4(EE38,6BFB,5A89,9FA5),
- bn_pack4(0BFF,5CB6,F406,B7ED),
- bn_pack4(F44C,42E9,A637,ED6B),
- bn_pack4(E485,B576,625E,7EC6),
- bn_pack4(4FE1,356D,6D51,C245),
- bn_pack4(302B,0A6D,F25F,1437),
- bn_pack4(EF95,19B3,CD3A,431B),
- bn_pack4(514A,0879,8E34,04DD),
- bn_pack4(020B,BEA6,3B13,9B22),
- bn_pack4(2902,4E08,8A67,CC74),
- bn_pack4(C4C6,628B,80DC,1CD1),
- bn_pack4(C90F,DAA2,2168,C234),
- bn_pack4(FFFF,FFFF,FFFF,FFFF)
+ bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF),
+ bn_pack4(0x60C9,0x80DD,0x98ED,0xD3DF),
+ bn_pack4(0xC81F,0x56E8,0x80B9,0x6E71),
+ bn_pack4(0x9E30,0x50E2,0x7656,0x94DF),
+ bn_pack4(0x9558,0xE447,0x5677,0xE9AA),
+ bn_pack4(0xC919,0x0DA6,0xFC02,0x6E47),
+ bn_pack4(0x889A,0x002E,0xD5EE,0x382B),
+ bn_pack4(0x4009,0x438B,0x481C,0x6CD7),
+ bn_pack4(0x3590,0x46F4,0xEB87,0x9F92),
+ bn_pack4(0xFAF3,0x6BC3,0x1ECF,0xA268),
+ bn_pack4(0xB1D5,0x10BD,0x7EE7,0x4D73),
+ bn_pack4(0xF9AB,0x4819,0x5DED,0x7EA1),
+ bn_pack4(0x64F3,0x1CC5,0x0846,0x851D),
+ bn_pack4(0x4597,0xE899,0xA025,0x5DC1),
+ bn_pack4(0xDF31,0x0EE0,0x74AB,0x6A36),
+ bn_pack4(0x6D2A,0x13F8,0x3F44,0xF82D),
+ bn_pack4(0x062B,0x3CF5,0xB3A2,0x78A6),
+ bn_pack4(0x7968,0x3303,0xED5B,0xDD3A),
+ bn_pack4(0xFA9D,0x4B7F,0xA2C0,0x87E8),
+ bn_pack4(0x4BCB,0xC886,0x2F83,0x85DD),
+ bn_pack4(0x3473,0xFC64,0x6CEA,0x306B),
+ bn_pack4(0x13EB,0x57A8,0x1A23,0xF0C7),
+ bn_pack4(0x2222,0x2E04,0xA403,0x7C07),
+ bn_pack4(0xE3FD,0xB8BE,0xFC84,0x8AD9),
+ bn_pack4(0x238F,0x16CB,0xE39D,0x652D),
+ bn_pack4(0x3423,0xB474,0x2BF1,0xC978),
+ bn_pack4(0x3AAB,0x639C,0x5AE4,0xF568),
+ bn_pack4(0x2576,0xF693,0x6BA4,0x2466),
+ bn_pack4(0x741F,0xA7BF,0x8AFC,0x47ED),
+ bn_pack4(0x3BC8,0x32B6,0x8D9D,0xD300),
+ bn_pack4(0xD8BE,0xC4D0,0x73B9,0x31BA),
+ bn_pack4(0x3877,0x7CB6,0xA932,0xDF8C),
+ bn_pack4(0x74A3,0x926F,0x12FE,0xE5E4),
+ bn_pack4(0xE694,0xF91E,0x6DBE,0x1159),
+ bn_pack4(0x12BF,0x2D5B,0x0B74,0x74D6),
+ bn_pack4(0x043E,0x8F66,0x3F48,0x60EE),
+ bn_pack4(0x387F,0xE8D7,0x6E3C,0x0468),
+ bn_pack4(0xDA56,0xC9EC,0x2EF2,0x9632),
+ bn_pack4(0xEB19,0xCCB1,0xA313,0xD55C),
+ bn_pack4(0xF550,0xAA3D,0x8A1F,0xBFF0),
+ bn_pack4(0x06A1,0xD58B,0xB7C5,0xDA76),
+ bn_pack4(0xA797,0x15EE,0xF29B,0xE328),
+ bn_pack4(0x14CC,0x5ED2,0x0F80,0x37E0),
+ bn_pack4(0xCC8F,0x6D7E,0xBF48,0xE1D8),
+ bn_pack4(0x4BD4,0x07B2,0x2B41,0x54AA),
+ bn_pack4(0x0F1D,0x45B7,0xFF58,0x5AC5),
+ bn_pack4(0x23A9,0x7A7E,0x36CC,0x88BE),
+ bn_pack4(0x59E7,0xC97F,0xBEC7,0xE8F3),
+ bn_pack4(0xB5A8,0x4031,0x900B,0x1C9E),
+ bn_pack4(0xD55E,0x702F,0x4698,0x0C82),
+ bn_pack4(0xF482,0xD7CE,0x6E74,0xFEF6),
+ bn_pack4(0xF032,0xEA15,0xD172,0x1D03),
+ bn_pack4(0x5983,0xCA01,0xC64B,0x92EC),
+ bn_pack4(0x6FB8,0xF401,0x378C,0xD2BF),
+ bn_pack4(0x3320,0x5151,0x2BD7,0xAF42),
+ bn_pack4(0xDB7F,0x1447,0xE6CC,0x254B),
+ bn_pack4(0x44CE,0x6CBA,0xCED4,0xBB1B),
+ bn_pack4(0xDA3E,0xDBEB,0xCF9B,0x14ED),
+ bn_pack4(0x1797,0x27B0,0x865A,0x8918),
+ bn_pack4(0xB06A,0x53ED,0x9027,0xD831),
+ bn_pack4(0xE5DB,0x382F,0x4130,0x01AE),
+ bn_pack4(0xF8FF,0x9406,0xAD9E,0x530E),
+ bn_pack4(0xC975,0x1E76,0x3DBA,0x37BD),
+ bn_pack4(0xC1D4,0xDCB2,0x6026,0x46DE),
+ bn_pack4(0x36C3,0xFAB4,0xD27C,0x7026),
+ bn_pack4(0x4DF4,0x35C9,0x3402,0x8492),
+ bn_pack4(0x86FF,0xB7DC,0x90A6,0xC08F),
+ bn_pack4(0x93B4,0xEA98,0x8D8F,0xDDC1),
+ bn_pack4(0xD006,0x9127,0xD5B0,0x5AA9),
+ bn_pack4(0xB81B,0xDD76,0x2170,0x481C),
+ bn_pack4(0x1F61,0x2970,0xCEE2,0xD7AF),
+ bn_pack4(0x233B,0xA186,0x515B,0xE7ED),
+ bn_pack4(0x99B2,0x964F,0xA090,0xC3A2),
+ bn_pack4(0x287C,0x5947,0x4E6B,0xC05D),
+ bn_pack4(0x2E8E,0xFC14,0x1FBE,0xCAA6),
+ bn_pack4(0xDBBB,0xC2DB,0x04DE,0x8EF9),
+ bn_pack4(0x2583,0xE9CA,0x2AD4,0x4CE8),
+ bn_pack4(0x1A94,0x6834,0xB615,0x0BDA),
+ bn_pack4(0x99C3,0x2718,0x6AF4,0xE23C),
+ bn_pack4(0x8871,0x9A10,0xBDBA,0x5B26),
+ bn_pack4(0x1A72,0x3C12,0xA787,0xE6D7),
+ bn_pack4(0x4B82,0xD120,0xA921,0x0801),
+ bn_pack4(0x43DB,0x5BFC,0xE0FD,0x108E),
+ bn_pack4(0x08E2,0x4FA0,0x74E5,0xAB31),
+ bn_pack4(0x7709,0x88C0,0xBAD9,0x46E2),
+ bn_pack4(0xBBE1,0x1757,0x7A61,0x5D6C),
+ bn_pack4(0x521F,0x2B18,0x177B,0x200C),
+ bn_pack4(0xD876,0x0273,0x3EC8,0x6A64),
+ bn_pack4(0xF12F,0xFA06,0xD98A,0x0864),
+ bn_pack4(0xCEE3,0xD226,0x1AD2,0xEE6B),
+ bn_pack4(0x1E8C,0x94E0,0x4A25,0x619D),
+ bn_pack4(0xABF5,0xAE8C,0xDB09,0x33D7),
+ bn_pack4(0xB397,0x0F85,0xA6E1,0xE4C7),
+ bn_pack4(0x8AEA,0x7157,0x5D06,0x0C7D),
+ bn_pack4(0xECFB,0x8504,0x58DB,0xEF0A),
+ bn_pack4(0xA855,0x21AB,0xDF1C,0xBA64),
+ bn_pack4(0xAD33,0x170D,0x0450,0x7A33),
+ bn_pack4(0x1572,0x8E5A,0x8AAA,0xC42D),
+ bn_pack4(0x15D2,0x2618,0x98FA,0x0510),
+ bn_pack4(0x3995,0x497C,0xEA95,0x6AE5),
+ bn_pack4(0xDE2B,0xCBF6,0x9558,0x1718),
+ bn_pack4(0xB5C5,0x5DF0,0x6F4C,0x52C9),
+ bn_pack4(0x9B27,0x83A2,0xEC07,0xA28F),
+ bn_pack4(0xE39E,0x772C,0x180E,0x8603),
+ bn_pack4(0x3290,0x5E46,0x2E36,0xCE3B),
+ bn_pack4(0xF174,0x6C08,0xCA18,0x217C),
+ bn_pack4(0x670C,0x354E,0x4ABC,0x9804),
+ bn_pack4(0x9ED5,0x2907,0x7096,0x966D),
+ bn_pack4(0x1C62,0xF356,0x2085,0x52BB),
+ bn_pack4(0x8365,0x5D23,0xDCA3,0xAD96),
+ bn_pack4(0x6916,0x3FA8,0xFD24,0xCF5F),
+ bn_pack4(0x98DA,0x4836,0x1C55,0xD39A),
+ bn_pack4(0xC200,0x7CB8,0xA163,0xBF05),
+ bn_pack4(0x4928,0x6651,0xECE4,0x5B3D),
+ bn_pack4(0xAE9F,0x2411,0x7C4B,0x1FE6),
+ bn_pack4(0xEE38,0x6BFB,0x5A89,0x9FA5),
+ bn_pack4(0x0BFF,0x5CB6,0xF406,0xB7ED),
+ bn_pack4(0xF44C,0x42E9,0xA637,0xED6B),
+ bn_pack4(0xE485,0xB576,0x625E,0x7EC6),
+ bn_pack4(0x4FE1,0x356D,0x6D51,0xC245),
+ bn_pack4(0x302B,0x0A6D,0xF25F,0x1437),
+ bn_pack4(0xEF95,0x19B3,0xCD3A,0x431B),
+ bn_pack4(0x514A,0x0879,0x8E34,0x04DD),
+ bn_pack4(0x020B,0xBEA6,0x3B13,0x9B22),
+ bn_pack4(0x2902,0x4E08,0x8A67,0xCC74),
+ bn_pack4(0xC4C6,0x628B,0x80DC,0x1CD1),
+ bn_pack4(0xC90F,0xDAA2,0x2168,0xC234),
+ bn_pack4(0xFFFF,0xFFFF,0xFFFF,0xFFFF)
};
static BIGNUM bn_group_8192 = {
bn_group_8192_value,
diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
index 92cea98dcd6a..7c1dcc5111cf 100644
--- a/crypto/srp/srp_lib.c
+++ b/crypto/srp/srp_lib.c
@@ -63,13 +63,17 @@
#include <openssl/evp.h>
#if (BN_BYTES == 8)
-#define bn_pack4(a1,a2,a3,a4) 0x##a1##a2##a3##a4##ul
-#endif
-#if (BN_BYTES == 4)
-#define bn_pack4(a1,a2,a3,a4) 0x##a3##a4##ul, 0x##a1##a2##ul
-#endif
-#if (BN_BYTES == 2)
-#define bn_pack4(a1,a2,a3,a4) 0x##a4##u,0x##a3##u,0x##a2##u,0x##a1##u
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
+# elif defined(__arch64__)
+# define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
+# else
+# define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
+# endif
+#elif (BN_BYTES == 4)
+# define bn_pack4(a1,a2,a3,a4) ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
+#else
+# error "unsupported BN_BYTES"
#endif
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 12d71f54e2e5..5195ffef264d 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -694,6 +694,7 @@ static int check_cert(X509_STORE_CTX *ctx)
X509_CRL *crl = NULL, *dcrl = NULL;
X509 *x;
int ok, cnum;
+ unsigned int last_reasons;
cnum = ctx->error_depth;
x = sk_X509_value(ctx->chain, cnum);
ctx->current_cert = x;
@@ -702,6 +703,7 @@ static int check_cert(X509_STORE_CTX *ctx)
ctx->current_reasons = 0;
while (ctx->current_reasons != CRLDP_ALL_REASONS)
{
+ last_reasons = ctx->current_reasons;
/* Try to retrieve relevant CRL */
if (ctx->get_crl)
ok = ctx->get_crl(ctx, &crl, x);
@@ -745,6 +747,15 @@ static int check_cert(X509_STORE_CTX *ctx)
X509_CRL_free(dcrl);
crl = NULL;
dcrl = NULL;
+ /* If reasons not updated we wont get anywhere by
+ * another iteration, so exit loop.
+ */
+ if (last_reasons == ctx->current_reasons)
+ {
+ ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
+ ok = ctx->verify_cb(0, ctx);
+ goto err;
+ }
}
err:
X509_CRL_free(crl);
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
index b94aeeb873fd..e06602d65abc 100644
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c
@@ -97,6 +97,7 @@ int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
{
+ x->cert_info->enc.modified = 1;
return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
x->cert_info->signature,
x->sig_alg, x->signature, x->cert_info, ctx);
@@ -123,6 +124,7 @@ int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
{
+ x->crl->enc.modified = 1;
return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
x->crl->sig_alg, x->sig_alg, x->signature, x->crl, ctx);
}
diff --git a/crypto/x86cpuid.pl b/crypto/x86cpuid.pl
index c18b0e2486d6..b270b44337d1 100644
--- a/crypto/x86cpuid.pl
+++ b/crypto/x86cpuid.pl
@@ -67,6 +67,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
&inc ("esi"); # number of cores
&mov ("eax",1);
+ &xor ("ecx","ecx");
&cpuid ();
&bt ("edx",28);
&jnc (&label("generic"));
@@ -91,6 +92,7 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
&set_label("nocacheinfo");
&mov ("eax",1);
+ &xor ("ecx","ecx");
&cpuid ();
&and ("edx",0xbfefffff); # force reserved bits #20, #30 to 0
&cmp ("ebp",0);