svn commit: r273140 - in vendor-crypto/openssl/dist-0.9.8: . apps crypto crypto/bn crypto/bn/asm crypto/ec crypto/err crypto/evp crypto/rsa doc/apps doc/ssl ssl test
Jung-uk Kim
jkim at FreeBSD.org
Wed Oct 15 17:35:45 UTC 2014
Author: jkim
Date: Wed Oct 15 17:35:39 2014
New Revision: 273140
URL: https://svnweb.freebsd.org/changeset/base/273140
Log:
Import OpenSSL 0.9.8zc.
Added:
vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_locl.h (contents, props changed)
vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_test.c (contents, props changed)
vendor-crypto/openssl/dist-0.9.8/test/constant_time_test.c (contents, props changed)
Modified:
vendor-crypto/openssl/dist-0.9.8/CHANGES
vendor-crypto/openssl/dist-0.9.8/FREEBSD-upgrade
vendor-crypto/openssl/dist-0.9.8/Makefile
vendor-crypto/openssl/dist-0.9.8/NEWS
vendor-crypto/openssl/dist-0.9.8/README
vendor-crypto/openssl/dist-0.9.8/apps/s_client.c
vendor-crypto/openssl/dist-0.9.8/crypto/LPdir_vms.c
vendor-crypto/openssl/dist-0.9.8/crypto/LPdir_win.c
vendor-crypto/openssl/dist-0.9.8/crypto/Makefile
vendor-crypto/openssl/dist-0.9.8/crypto/bn/asm/x86_64-gcc.c
vendor-crypto/openssl/dist-0.9.8/crypto/bn/bn_exp.c
vendor-crypto/openssl/dist-0.9.8/crypto/bn/exptest.c
vendor-crypto/openssl/dist-0.9.8/crypto/ec/ec_key.c
vendor-crypto/openssl/dist-0.9.8/crypto/ec/ecp_smpl.c
vendor-crypto/openssl/dist-0.9.8/crypto/err/openssl.ec
vendor-crypto/openssl/dist-0.9.8/crypto/evp/Makefile
vendor-crypto/openssl/dist-0.9.8/crypto/evp/evp_enc.c
vendor-crypto/openssl/dist-0.9.8/crypto/opensslv.h
vendor-crypto/openssl/dist-0.9.8/crypto/rsa/Makefile
vendor-crypto/openssl/dist-0.9.8/crypto/rsa/rsa.h
vendor-crypto/openssl/dist-0.9.8/crypto/rsa/rsa_err.c
vendor-crypto/openssl/dist-0.9.8/crypto/rsa/rsa_oaep.c
vendor-crypto/openssl/dist-0.9.8/crypto/rsa/rsa_pk1.c
vendor-crypto/openssl/dist-0.9.8/crypto/rsa/rsa_sign.c
vendor-crypto/openssl/dist-0.9.8/doc/apps/s_client.pod
vendor-crypto/openssl/dist-0.9.8/doc/ssl/SSL_CTX_set_mode.pod
vendor-crypto/openssl/dist-0.9.8/e_os.h
vendor-crypto/openssl/dist-0.9.8/openssl.spec
vendor-crypto/openssl/dist-0.9.8/ssl/Makefile
vendor-crypto/openssl/dist-0.9.8/ssl/d1_lib.c
vendor-crypto/openssl/dist-0.9.8/ssl/dtls1.h
vendor-crypto/openssl/dist-0.9.8/ssl/s23_clnt.c
vendor-crypto/openssl/dist-0.9.8/ssl/s23_srvr.c
vendor-crypto/openssl/dist-0.9.8/ssl/s2_lib.c
vendor-crypto/openssl/dist-0.9.8/ssl/s3_cbc.c
vendor-crypto/openssl/dist-0.9.8/ssl/s3_clnt.c
vendor-crypto/openssl/dist-0.9.8/ssl/s3_enc.c
vendor-crypto/openssl/dist-0.9.8/ssl/s3_lib.c
vendor-crypto/openssl/dist-0.9.8/ssl/s3_pkt.c
vendor-crypto/openssl/dist-0.9.8/ssl/s3_srvr.c
vendor-crypto/openssl/dist-0.9.8/ssl/ssl.h
vendor-crypto/openssl/dist-0.9.8/ssl/ssl3.h
vendor-crypto/openssl/dist-0.9.8/ssl/ssl_err.c
vendor-crypto/openssl/dist-0.9.8/ssl/ssl_lib.c
vendor-crypto/openssl/dist-0.9.8/ssl/t1_enc.c
vendor-crypto/openssl/dist-0.9.8/ssl/t1_lib.c
vendor-crypto/openssl/dist-0.9.8/ssl/tls1.h
vendor-crypto/openssl/dist-0.9.8/test/Makefile
Modified: vendor-crypto/openssl/dist-0.9.8/CHANGES
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/CHANGES Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/CHANGES Wed Oct 15 17:35:39 2014 (r273140)
@@ -2,6 +2,43 @@
OpenSSL CHANGES
_______________
+ Changes between 0.9.8zb and 0.9.8zc [15 Oct 2014]
+
+ *) Session Ticket Memory Leak.
+
+ When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
+ integrity of that ticket is first verified. In the event of a session
+ ticket integrity check failing, OpenSSL will fail to free memory
+ causing a memory leak. By sending a large number of invalid session
+ tickets an attacker could exploit this issue in a Denial Of Service
+ attack.
+ (CVE-2014-3567)
+ [Steve Henson]
+
+ *) Build option no-ssl3 is incomplete.
+
+ When OpenSSL is configured with "no-ssl3" as a build option, servers
+ could accept and complete a SSL 3.0 handshake, and clients could be
+ configured to send them.
+ (CVE-2014-3568)
+ [Akamai and the OpenSSL team]
+
+ *) Add support for TLS_FALLBACK_SCSV.
+ Client applications doing fallback retries should call
+ SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV).
+ (CVE-2014-3566)
+ [Adam Langley, Bodo Moeller]
+
+ *) Add additional DigestInfo checks.
+
+ Reencode DigestInto in DER and check against the original when
+ verifying RSA signature: this will reject any improperly encoded
+ DigestInfo structures.
+
+ Note: this is a precautionary measure and no attacks are currently known.
+
+ [Steve Henson]
+
Changes between 0.9.8za and 0.9.8zb [6 Aug 2014]
*) OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject
Modified: vendor-crypto/openssl/dist-0.9.8/FREEBSD-upgrade
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/FREEBSD-upgrade Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/FREEBSD-upgrade Wed Oct 15 17:35:39 2014 (r273140)
@@ -11,8 +11,8 @@ First, read http://wiki.freebsd.org/Subv
# Xlist
setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist
setenv FSVN "svn+ssh://svn.freebsd.org/base"
-setenv OSSLVER 0.9.8zb
-# OSSLTAG format: v0_9_8zb
+setenv OSSLVER 0.9.8zc
+# OSSLTAG format: v0_9_8zc
###setenv OSSLTAG v`echo ${OSSLVER} | tr . _`
Modified: vendor-crypto/openssl/dist-0.9.8/Makefile
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/Makefile Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/Makefile Wed Oct 15 17:35:39 2014 (r273140)
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=0.9.8zb
+VERSION=0.9.8zc
MAJOR=0
MINOR=9.8
SHLIB_VERSION_NUMBER=0.9.8
Modified: vendor-crypto/openssl/dist-0.9.8/NEWS
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/NEWS Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/NEWS Wed Oct 15 17:35:39 2014 (r273140)
@@ -5,6 +5,13 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 0.9.8zb and OpenSSL 0.9.8zc [15 Oct 2014]:
+
+ o Fix for CVE-2014-3513
+ o Fix for CVE-2014-3567
+ o Mitigation for CVE-2014-3566 (SSL protocol vulnerability)
+ o Fix for CVE-2014-3568
+
Major changes between OpenSSL 0.9.8za and OpenSSL 0.9.8zb [6 Aug 2014]:
o Fix for CVE-2014-3510
Modified: vendor-crypto/openssl/dist-0.9.8/README
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/README Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/README Wed Oct 15 17:35:39 2014 (r273140)
@@ -1,5 +1,5 @@
- OpenSSL 0.9.8zb 6 Aug 2014
+ OpenSSL 0.9.8zc 15 Oct 2014
Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Modified: vendor-crypto/openssl/dist-0.9.8/apps/s_client.c
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/apps/s_client.c Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/apps/s_client.c Wed Oct 15 17:35:39 2014 (r273140)
@@ -226,6 +226,7 @@ static void sc_usage(void)
BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
BIO_printf(bio_err," -tls1 - just use TLSv1\n");
BIO_printf(bio_err," -dtls1 - just use DTLSv1\n");
+ BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n");
BIO_printf(bio_err," -mtu - set the link layer MTU\n");
BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n");
@@ -339,6 +340,7 @@ int MAIN(int argc, char **argv)
char *sess_out = NULL;
struct sockaddr peer;
int peerlen = sizeof(peer);
+ int fallback_scsv = 0;
int enable_timeouts = 0 ;
long socket_mtu = 0;
#ifndef OPENSSL_NO_JPAKE
@@ -488,6 +490,10 @@ int MAIN(int argc, char **argv)
socket_mtu = atol(*(++argv));
}
#endif
+ else if (strcmp(*argv,"-fallback_scsv") == 0)
+ {
+ fallback_scsv = 1;
+ }
else if (strcmp(*argv,"-bugs") == 0)
bugs=1;
else if (strcmp(*argv,"-keyform") == 0)
@@ -778,6 +784,10 @@ bad:
SSL_set_session(con, sess);
SSL_SESSION_free(sess);
}
+
+ if (fallback_scsv)
+ SSL_set_mode(con, SSL_MODE_SEND_FALLBACK_SCSV);
+
#ifndef OPENSSL_NO_TLSEXT
if (servername != NULL)
{
Modified: vendor-crypto/openssl/dist-0.9.8/crypto/LPdir_vms.c
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/crypto/LPdir_vms.c Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/LPdir_vms.c Wed Oct 15 17:35:39 2014 (r273140)
@@ -1,4 +1,3 @@
-/* $LP: LPlib/source/LPdir_vms.c,v 1.20 2004/08/26 13:36:05 _cvs_levitte Exp $ */
/*
* Copyright (c) 2004, Richard Levitte <richard at levitte.org>
* All rights reserved.
@@ -82,6 +81,12 @@ const char *LP_find_file(LP_DIR_CTX **ct
size_t filespeclen = strlen(directory);
char *filespec = NULL;
+ if (filespeclen == 0)
+ {
+ errno = ENOENT;
+ return 0;
+ }
+
/* MUST be a VMS directory specification! Let's estimate if it is. */
if (directory[filespeclen-1] != ']'
&& directory[filespeclen-1] != '>'
Modified: vendor-crypto/openssl/dist-0.9.8/crypto/LPdir_win.c
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/crypto/LPdir_win.c Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/LPdir_win.c Wed Oct 15 17:35:39 2014 (r273140)
@@ -1,4 +1,3 @@
-/* $LP: LPlib/source/LPdir_win.c,v 1.10 2004/08/26 13:36:05 _cvs_levitte Exp $ */
/*
* Copyright (c) 2004, Richard Levitte <richard at levitte.org>
* All rights reserved.
@@ -65,6 +64,16 @@ const char *LP_find_file(LP_DIR_CTX **ct
errno = 0;
if (*ctx == NULL)
{
+ const char *extdir = directory;
+ char *extdirbuf = NULL;
+ size_t dirlen = strlen (directory);
+
+ if (dirlen == 0)
+ {
+ errno = ENOENT;
+ return 0;
+ }
+
*ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
if (*ctx == NULL)
{
@@ -73,15 +82,35 @@ const char *LP_find_file(LP_DIR_CTX **ct
}
memset(*ctx, '\0', sizeof(LP_DIR_CTX));
+ if (directory[dirlen-1] != '*')
+ {
+ extdirbuf = (char *)malloc(dirlen + 3);
+ if (extdirbuf == NULL)
+ {
+ free(*ctx);
+ *ctx = NULL;
+ errno = ENOMEM;
+ return 0;
+ }
+ if (directory[dirlen-1] != '/' && directory[dirlen-1] != '\\')
+ extdir = strcat(strcpy (extdirbuf,directory),"/*");
+ else
+ extdir = strcat(strcpy (extdirbuf,directory),"*");
+ }
+
if (sizeof(TCHAR) != sizeof(char))
{
TCHAR *wdir = NULL;
/* len_0 denotes string length *with* trailing 0 */
- size_t index = 0,len_0 = strlen(directory) + 1;
+ size_t index = 0,len_0 = strlen(extdir) + 1;
- wdir = (TCHAR *)malloc(len_0 * sizeof(TCHAR));
+ wdir = (TCHAR *)calloc(len_0, sizeof(TCHAR));
if (wdir == NULL)
{
+ if (extdirbuf != NULL)
+ {
+ free (extdirbuf);
+ }
free(*ctx);
*ctx = NULL;
errno = ENOMEM;
@@ -89,17 +118,23 @@ const char *LP_find_file(LP_DIR_CTX **ct
}
#ifdef LP_MULTIBYTE_AVAILABLE
- if (!MultiByteToWideChar(CP_ACP, 0, directory, len_0, (WCHAR *)wdir, len_0))
+ if (!MultiByteToWideChar(CP_ACP, 0, extdir, len_0, (WCHAR *)wdir, len_0))
#endif
for (index = 0; index < len_0; index++)
- wdir[index] = (TCHAR)directory[index];
+ wdir[index] = (TCHAR)extdir[index];
(*ctx)->handle = FindFirstFile(wdir, &(*ctx)->ctx);
free(wdir);
}
else
- (*ctx)->handle = FindFirstFile((TCHAR *)directory, &(*ctx)->ctx);
+ {
+ (*ctx)->handle = FindFirstFile((TCHAR *)extdir, &(*ctx)->ctx);
+ }
+ if (extdirbuf != NULL)
+ {
+ free (extdirbuf);
+ }
if ((*ctx)->handle == INVALID_HANDLE_VALUE)
{
@@ -116,7 +151,6 @@ const char *LP_find_file(LP_DIR_CTX **ct
return 0;
}
}
-
if (sizeof(TCHAR) != sizeof(char))
{
TCHAR *wdir = (*ctx)->ctx.cFileName;
Modified: vendor-crypto/openssl/dist-0.9.8/crypto/Makefile
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/crypto/Makefile Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/Makefile Wed Oct 15 17:35:39 2014 (r273140)
@@ -30,6 +30,7 @@ AFLAGS=$(ASFLAGS)
LIBS=
GENERAL=Makefile README crypto-lib.com install.com
+TEST=constant_time_test.c
LIB= $(TOP)/libcrypto.a
SHARED_LIB= libcrypto$(SHLIB_EXT)
Modified: vendor-crypto/openssl/dist-0.9.8/crypto/bn/asm/x86_64-gcc.c
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/crypto/bn/asm/x86_64-gcc.c Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/bn/asm/x86_64-gcc.c Wed Oct 15 17:35:39 2014 (r273140)
@@ -185,7 +185,7 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con
if (n <= 0) return 0;
- asm (
+ asm volatile (
" subq %2,%2 \n"
".align 16 \n"
"1: movq (%4,%2,8),%0 \n"
@@ -196,7 +196,7 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con
" sbbq %0,%0 \n"
: "=&a"(ret),"+c"(n),"=&r"(i)
: "r"(rp),"r"(ap),"r"(bp)
- : "cc"
+ : "cc", "memory"
);
return ret&1;
@@ -208,7 +208,7 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con
if (n <= 0) return 0;
- asm (
+ asm volatile (
" subq %2,%2 \n"
".align 16 \n"
"1: movq (%4,%2,8),%0 \n"
@@ -219,7 +219,7 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con
" sbbq %0,%0 \n"
: "=&a"(ret),"+c"(n),"=&r"(i)
: "r"(rp),"r"(ap),"r"(bp)
- : "cc"
+ : "cc", "memory"
);
return ret&1;
Modified: vendor-crypto/openssl/dist-0.9.8/crypto/bn/bn_exp.c
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/crypto/bn/bn_exp.c Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/bn/bn_exp.c Wed Oct 15 17:35:39 2014 (r273140)
@@ -767,7 +767,14 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_
bits = BN_num_bits(p);
if (bits == 0)
{
- ret = BN_one(rr);
+ /* x**0 mod 1 is still zero. */
+ if (BN_is_one(m))
+ {
+ ret = 1;
+ BN_zero(rr);
+ }
+ else
+ ret = BN_one(rr);
return ret;
}
if (a == 0)
Modified: vendor-crypto/openssl/dist-0.9.8/crypto/bn/exptest.c
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/crypto/bn/exptest.c Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/bn/exptest.c Wed Oct 15 17:35:39 2014 (r273140)
@@ -71,6 +71,43 @@
static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+/* test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success. */
+static int test_exp_mod_zero() {
+ BIGNUM a, p, m;
+ BIGNUM r;
+ BN_CTX *ctx = BN_CTX_new();
+ int ret = 1;
+
+ BN_init(&m);
+ BN_one(&m);
+
+ BN_init(&a);
+ BN_one(&a);
+
+ BN_init(&p);
+ BN_zero(&p);
+
+ BN_init(&r);
+ BN_mod_exp(&r, &a, &p, &m, ctx);
+ BN_CTX_free(ctx);
+
+ if (BN_is_zero(&r))
+ ret = 0;
+ else
+ {
+ printf("1**0 mod 1 = ");
+ BN_print_fp(stdout, &r);
+ printf(", should be 0\n");
+ }
+
+ BN_free(&r);
+ BN_free(&a);
+ BN_free(&p);
+ BN_free(&m);
+
+ return ret;
+}
+
int main(int argc, char *argv[])
{
BN_CTX *ctx;
@@ -190,7 +227,13 @@ int main(int argc, char *argv[])
ERR_remove_state(0);
CRYPTO_mem_leaks(out);
BIO_free(out);
- printf(" done\n");
+ printf("\n");
+
+ if (test_exp_mod_zero() != 0)
+ goto err;
+
+ printf("done\n");
+
EXIT(0);
err:
ERR_load_crypto_strings();
Added: vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_locl.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_locl.h Wed Oct 15 17:35:39 2014 (r273140)
@@ -0,0 +1,216 @@
+/* crypto/constant_time_locl.h */
+/*
+ * Utilities for constant-time cryptography.
+ *
+ * Author: Emilia Kasper (emilia at openssl.org)
+ * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
+ * (Google).
+ * ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CONSTANT_TIME_LOCL_H
+#define HEADER_CONSTANT_TIME_LOCL_H
+
+#include "e_os.h" /* For 'inline' */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * The boolean methods return a bitmask of all ones (0xff...f) for true
+ * and 0 for false. This is useful for choosing a value based on the result
+ * of a conditional in constant time. For example,
+ *
+ * if (a < b) {
+ * c = a;
+ * } else {
+ * c = b;
+ * }
+ *
+ * can be written as
+ *
+ * unsigned int lt = constant_time_lt(a, b);
+ * c = constant_time_select(lt, a, b);
+ */
+
+/*
+ * Returns the given value with the MSB copied to all the other
+ * bits. Uses the fact that arithmetic shift shifts-in the sign bit.
+ * However, this is not ensured by the C standard so you may need to
+ * replace this with something else on odd CPUs.
+ */
+static inline unsigned int constant_time_msb(unsigned int a);
+
+/*
+ * Returns 0xff..f if a < b and 0 otherwise.
+ */
+static inline unsigned int constant_time_lt(unsigned int a, unsigned int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b);
+
+/*
+ * Returns 0xff..f if a >= b and 0 otherwise.
+ */
+static inline unsigned int constant_time_ge(unsigned int a, unsigned int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b);
+
+/*
+ * Returns 0xff..f if a == 0 and 0 otherwise.
+ */
+static inline unsigned int constant_time_is_zero(unsigned int a);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_is_zero_8(unsigned int a);
+
+
+/*
+ * Returns 0xff..f if a == b and 0 otherwise.
+ */
+static inline unsigned int constant_time_eq(unsigned int a, unsigned int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b);
+/* Signed integers. */
+static inline unsigned int constant_time_eq_int(int a, int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_eq_int_8(int a, int b);
+
+
+/*
+ * Returns (mask & a) | (~mask & b).
+ *
+ * When |mask| is all 1s or all 0s (as returned by the methods above),
+ * the select methods return either |a| (if |mask| is nonzero) or |b|
+ * (if |mask| is zero).
+ */
+static inline unsigned int constant_time_select(unsigned int mask,
+ unsigned int a, unsigned int b);
+/* Convenience method for unsigned chars. */
+static inline unsigned char constant_time_select_8(unsigned char mask,
+ unsigned char a, unsigned char b);
+/* Convenience method for signed integers. */
+static inline int constant_time_select_int(unsigned int mask, int a, int b);
+
+static inline unsigned int constant_time_msb(unsigned int a)
+ {
+ return (unsigned int)((int)(a) >> (sizeof(int) * 8 - 1));
+ }
+
+static inline unsigned int constant_time_lt(unsigned int a, unsigned int b)
+ {
+ unsigned int lt;
+ /* Case 1: msb(a) == msb(b). a < b iff the MSB of a - b is set.*/
+ lt = ~(a ^ b) & (a - b);
+ /* Case 2: msb(a) != msb(b). a < b iff the MSB of b is set. */
+ lt |= ~a & b;
+ return constant_time_msb(lt);
+ }
+
+static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b)
+ {
+ return (unsigned char)(constant_time_lt(a, b));
+ }
+
+static inline unsigned int constant_time_ge(unsigned int a, unsigned int b)
+ {
+ unsigned int ge;
+ /* Case 1: msb(a) == msb(b). a >= b iff the MSB of a - b is not set.*/
+ ge = ~((a ^ b) | (a - b));
+ /* Case 2: msb(a) != msb(b). a >= b iff the MSB of a is set. */
+ ge |= a & ~b;
+ return constant_time_msb(ge);
+ }
+
+static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b)
+ {
+ return (unsigned char)(constant_time_ge(a, b));
+ }
+
+static inline unsigned int constant_time_is_zero(unsigned int a)
+ {
+ return constant_time_msb(~a & (a - 1));
+ }
+
+static inline unsigned char constant_time_is_zero_8(unsigned int a)
+ {
+ return (unsigned char)(constant_time_is_zero(a));
+ }
+
+static inline unsigned int constant_time_eq(unsigned int a, unsigned int b)
+ {
+ return constant_time_is_zero(a ^ b);
+ }
+
+static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b)
+ {
+ return (unsigned char)(constant_time_eq(a, b));
+ }
+
+static inline unsigned int constant_time_eq_int(int a, int b)
+ {
+ return constant_time_eq((unsigned)(a), (unsigned)(b));
+ }
+
+static inline unsigned char constant_time_eq_int_8(int a, int b)
+ {
+ return constant_time_eq_8((unsigned)(a), (unsigned)(b));
+ }
+
+static inline unsigned int constant_time_select(unsigned int mask,
+ unsigned int a, unsigned int b)
+ {
+ return (mask & a) | (~mask & b);
+ }
+
+static inline unsigned char constant_time_select_8(unsigned char mask,
+ unsigned char a, unsigned char b)
+ {
+ return (unsigned char)(constant_time_select(mask, a, b));
+ }
+
+inline int constant_time_select_int(unsigned int mask, int a, int b)
+ {
+ return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b)));
+ }
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* HEADER_CONSTANT_TIME_LOCL_H */
Added: vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_test.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_test.c Wed Oct 15 17:35:39 2014 (r273140)
@@ -0,0 +1,330 @@
+/* crypto/constant_time_test.c */
+/*
+ * Utilities for constant-time cryptography.
+ *
+ * Author: Emilia Kasper (emilia at openssl.org)
+ * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
+ * (Google).
+ * ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay at cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh at cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "../crypto/constant_time_locl.h"
+
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+static const unsigned int CONSTTIME_TRUE = (unsigned)(~0);
+static const unsigned int CONSTTIME_FALSE = 0;
+static const unsigned char CONSTTIME_TRUE_8 = 0xff;
+static const unsigned char CONSTTIME_FALSE_8 = 0;
+
+static int test_binary_op(unsigned int (*op)(unsigned int a, unsigned int b),
+ const char* op_name, unsigned int a, unsigned int b, int is_true)
+ {
+ unsigned c = op(a, b);
+ if (is_true && c != CONSTTIME_TRUE)
+ {
+ fprintf(stderr, "Test failed for %s(%du, %du): expected %du "
+ "(TRUE), got %du\n", op_name, a, b, CONSTTIME_TRUE, c);
+ return 1;
+ }
+ else if (!is_true && c != CONSTTIME_FALSE)
+ {
+ fprintf(stderr, "Test failed for %s(%du, %du): expected %du "
+ "(FALSE), got %du\n", op_name, a, b, CONSTTIME_FALSE,
+ c);
+ return 1;
+ }
+ return 0;
+ }
+
+static int test_binary_op_8(unsigned char (*op)(unsigned int a, unsigned int b),
+ const char* op_name, unsigned int a, unsigned int b, int is_true)
+ {
+ unsigned char c = op(a, b);
+ if (is_true && c != CONSTTIME_TRUE_8)
+ {
+ fprintf(stderr, "Test failed for %s(%du, %du): expected %u "
+ "(TRUE), got %u\n", op_name, a, b, CONSTTIME_TRUE_8, c);
+ return 1;
+ }
+ else if (!is_true && c != CONSTTIME_FALSE_8)
+ {
+ fprintf(stderr, "Test failed for %s(%du, %du): expected %u "
+ "(FALSE), got %u\n", op_name, a, b, CONSTTIME_FALSE_8,
+ c);
+ return 1;
+ }
+ return 0;
+ }
+
+static int test_is_zero(unsigned int a)
+ {
+ unsigned int c = constant_time_is_zero(a);
+ if (a == 0 && c != CONSTTIME_TRUE)
+ {
+ fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+ "expected %du (TRUE), got %du\n", a, CONSTTIME_TRUE, c);
+ return 1;
+ }
+ else if (a != 0 && c != CONSTTIME_FALSE)
+ {
+ fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+ "expected %du (FALSE), got %du\n", a, CONSTTIME_FALSE,
+ c);
+ return 1;
+ }
+ return 0;
+ }
+
+static int test_is_zero_8(unsigned int a)
+ {
+ unsigned char c = constant_time_is_zero_8(a);
+ if (a == 0 && c != CONSTTIME_TRUE_8)
+ {
+ fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+ "expected %u (TRUE), got %u\n", a, CONSTTIME_TRUE_8, c);
+ return 1;
+ }
+ else if (a != 0 && c != CONSTTIME_FALSE)
+ {
+ fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+ "expected %u (FALSE), got %u\n", a, CONSTTIME_FALSE_8,
+ c);
+ return 1;
+ }
+ return 0;
+ }
+
+static int test_select(unsigned int a, unsigned int b)
+ {
+ unsigned int selected = constant_time_select(CONSTTIME_TRUE, a, b);
+ if (selected != a)
+ {
+ fprintf(stderr, "Test failed for constant_time_select(%du, %du,"
+ "%du): expected %du(first value), got %du\n",
+ CONSTTIME_TRUE, a, b, a, selected);
+ return 1;
+ }
+ selected = constant_time_select(CONSTTIME_FALSE, a, b);
+ if (selected != b)
+ {
+ fprintf(stderr, "Test failed for constant_time_select(%du, %du,"
+ "%du): expected %du(second value), got %du\n",
+ CONSTTIME_FALSE, a, b, b, selected);
+ return 1;
+ }
+ return 0;
+ }
+
+static int test_select_8(unsigned char a, unsigned char b)
+ {
+ unsigned char selected = constant_time_select_8(CONSTTIME_TRUE_8, a, b);
+ if (selected != a)
+ {
+ fprintf(stderr, "Test failed for constant_time_select(%u, %u,"
+ "%u): expected %u(first value), got %u\n",
+ CONSTTIME_TRUE, a, b, a, selected);
+ return 1;
+ }
+ selected = constant_time_select_8(CONSTTIME_FALSE_8, a, b);
+ if (selected != b)
+ {
+ fprintf(stderr, "Test failed for constant_time_select(%u, %u,"
+ "%u): expected %u(second value), got %u\n",
+ CONSTTIME_FALSE, a, b, b, selected);
+ return 1;
+ }
+ return 0;
+ }
+
+static int test_select_int(int a, int b)
+ {
+ int selected = constant_time_select_int(CONSTTIME_TRUE, a, b);
+ if (selected != a)
+ {
+ fprintf(stderr, "Test failed for constant_time_select(%du, %d,"
+ "%d): expected %d(first value), got %d\n",
+ CONSTTIME_TRUE, a, b, a, selected);
+ return 1;
+ }
+ selected = constant_time_select_int(CONSTTIME_FALSE, a, b);
+ if (selected != b)
+ {
+ fprintf(stderr, "Test failed for constant_time_select(%du, %d,"
+ "%d): expected %d(second value), got %d\n",
+ CONSTTIME_FALSE, a, b, b, selected);
+ return 1;
+ }
+ return 0;
+ }
+
+static int test_eq_int(int a, int b)
+ {
+ unsigned int equal = constant_time_eq_int(a, b);
+ if (a == b && equal != CONSTTIME_TRUE)
+ {
+ fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): "
+ "expected %du(TRUE), got %du\n",
+ a, b, CONSTTIME_TRUE, equal);
+ return 1;
+ }
+ else if (a != b && equal != CONSTTIME_FALSE)
+ {
+ fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): "
+ "expected %du(FALSE), got %du\n",
+ a, b, CONSTTIME_FALSE, equal);
+ return 1;
+ }
+ return 0;
+ }
+
+static int test_eq_int_8(int a, int b)
+ {
+ unsigned char equal = constant_time_eq_int_8(a, b);
+ if (a == b && equal != CONSTTIME_TRUE_8)
+ {
+ fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): "
+ "expected %u(TRUE), got %u\n",
+ a, b, CONSTTIME_TRUE_8, equal);
+ return 1;
+ }
+ else if (a != b && equal != CONSTTIME_FALSE_8)
+ {
+ fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): "
+ "expected %u(FALSE), got %u\n",
+ a, b, CONSTTIME_FALSE_8, equal);
+ return 1;
+ }
+ return 0;
+ }
+
+static unsigned int test_values[] = {0, 1, 1024, 12345, 32000, UINT_MAX/2-1,
+ UINT_MAX/2, UINT_MAX/2+1, UINT_MAX-1,
+ UINT_MAX};
+
+static unsigned char test_values_8[] = {0, 1, 2, 20, 32, 127, 128, 129, 255};
+
+static int signed_test_values[] = {0, 1, -1, 1024, -1024, 12345, -12345,
+ 32000, -32000, INT_MAX, INT_MIN, INT_MAX-1,
+ INT_MIN+1};
+
+
+int main(int argc, char *argv[])
+ {
+ unsigned int a, b, i, j;
+ int c, d;
+ unsigned char e, f;
+ int num_failed = 0, num_all = 0;
+ fprintf(stdout, "Testing constant time operations...\n");
+
+ for (i = 0; i < sizeof(test_values)/sizeof(int); ++i)
+ {
+ a = test_values[i];
+ num_failed += test_is_zero(a);
+ num_failed += test_is_zero_8(a);
+ num_all += 2;
+ for (j = 0; j < sizeof(test_values)/sizeof(int); ++j)
+ {
+ b = test_values[j];
+ num_failed += test_binary_op(&constant_time_lt,
+ "constant_time_lt", a, b, a < b);
+ num_failed += test_binary_op_8(&constant_time_lt_8,
+ "constant_time_lt_8", a, b, a < b);
+ num_failed += test_binary_op(&constant_time_lt,
+ "constant_time_lt_8", b, a, b < a);
+ num_failed += test_binary_op_8(&constant_time_lt_8,
+ "constant_time_lt_8", b, a, b < a);
+ num_failed += test_binary_op(&constant_time_ge,
+ "constant_time_ge", a, b, a >= b);
+ num_failed += test_binary_op_8(&constant_time_ge_8,
+ "constant_time_ge_8", a, b, a >= b);
+ num_failed += test_binary_op(&constant_time_ge,
+ "constant_time_ge", b, a, b >= a);
+ num_failed += test_binary_op_8(&constant_time_ge_8,
+ "constant_time_ge_8", b, a, b >= a);
+ num_failed += test_binary_op(&constant_time_eq,
+ "constant_time_eq", a, b, a == b);
+ num_failed += test_binary_op_8(&constant_time_eq_8,
+ "constant_time_eq_8", a, b, a == b);
+ num_failed += test_binary_op(&constant_time_eq,
+ "constant_time_eq", b, a, b == a);
+ num_failed += test_binary_op_8(&constant_time_eq_8,
+ "constant_time_eq_8", b, a, b == a);
+ num_failed += test_select(a, b);
+ num_all += 13;
+ }
+ }
+
+ for (i = 0; i < sizeof(signed_test_values)/sizeof(int); ++i)
+ {
+ c = signed_test_values[i];
+ for (j = 0; j < sizeof(signed_test_values)/sizeof(int); ++j)
+ {
+ d = signed_test_values[j];
+ num_failed += test_select_int(c, d);
+ num_failed += test_eq_int(c, d);
+ num_failed += test_eq_int_8(c, d);
+ num_all += 3;
+ }
+ }
+
+ for (i = 0; i < sizeof(test_values_8); ++i)
+ {
+ e = test_values_8[i];
+ for (j = 0; j < sizeof(test_values_8); ++j)
+ {
+ f = test_values_8[j];
+ num_failed += test_select_8(e, f);
+ num_all += 1;
+ }
+ }
+
+ if (!num_failed)
+ {
+ fprintf(stdout, "ok (ran %d tests)\n", num_all);
+ return EXIT_SUCCESS;
+ }
+ else
+ {
+ fprintf(stdout, "%d of %d tests failed!\n", num_failed, num_all);
+ return EXIT_FAILURE;
+ }
+ }
Modified: vendor-crypto/openssl/dist-0.9.8/crypto/ec/ec_key.c
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/crypto/ec/ec_key.c Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/ec/ec_key.c Wed Oct 15 17:35:39 2014 (r273140)
@@ -64,7 +64,6 @@
#include <string.h>
#include "ec_lcl.h"
#include <openssl/err.h>
-#include <string.h>
EC_KEY *EC_KEY_new(void)
{
Modified: vendor-crypto/openssl/dist-0.9.8/crypto/ec/ecp_smpl.c
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/crypto/ec/ecp_smpl.c Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/ec/ecp_smpl.c Wed Oct 15 17:35:39 2014 (r273140)
@@ -1676,8 +1676,8 @@ int ec_GFp_simple_points_make_affine(con
{
for (i = 0; i < num; i++)
{
- if (prod_Z[i] != NULL)
- BN_clear_free(prod_Z[i]);
+ if (prod_Z[i] == NULL) break;
+ BN_clear_free(prod_Z[i]);
}
OPENSSL_free(prod_Z);
}
Modified: vendor-crypto/openssl/dist-0.9.8/crypto/err/openssl.ec
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/crypto/err/openssl.ec Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/err/openssl.ec Wed Oct 15 17:35:39 2014 (r273140)
@@ -69,6 +69,7 @@ R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION
R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070
R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071
R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080
+R SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086
R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090
R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100
R SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110
Modified: vendor-crypto/openssl/dist-0.9.8/crypto/evp/Makefile
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/crypto/evp/Makefile Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/evp/Makefile Wed Oct 15 17:35:39 2014 (r273140)
@@ -385,7 +385,8 @@ evp_enc.o: ../../include/openssl/ossl_ty
evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
evp_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
evp_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-evp_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_enc.c evp_locl.h
+evp_enc.o: ../../include/openssl/x509_vfy.h ../constant_time_locl.h
+evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
Modified: vendor-crypto/openssl/dist-0.9.8/crypto/evp/evp_enc.c
==============================================================================
--- vendor-crypto/openssl/dist-0.9.8/crypto/evp/evp_enc.c Wed Oct 15 17:33:49 2014 (r273139)
+++ vendor-crypto/openssl/dist-0.9.8/crypto/evp/evp_enc.c Wed Oct 15 17:35:39 2014 (r273140)
@@ -64,6 +64,7 @@
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
+#include "../constant_time_locl.h"
#include "evp_locl.h"
#ifdef OPENSSL_FIPS
@@ -301,11 +302,11 @@ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx
int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{
- int i,n;
- unsigned int b;
+ unsigned int i, b;
+ unsigned char pad, padding_good;
*outl=0;
- b=ctx->cipher->block_size;
+ b=(unsigned int)(ctx->cipher->block_size);
if (ctx->flags & EVP_CIPH_NO_PADDING)
{
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-vendor
mailing list