From 5cbe75a3facfe8256454595ca3abbff7ad6076b0 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Tue, 19 Aug 2014 14:20:23 -0400 Subject: Update openssl to 0.9.8zb Also update to Tiano Cryptlib r15802 and remove the execute mode bits from the C and header files of openssl --- Cryptlib/OpenSSL/crypto/bn/bn_add.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_asm.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_blind.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_const.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_ctx.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_depr.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_div.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_err.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_exp.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_exp2.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_gcd.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_gf2m.c | 51 +++++++++++++++++++++++++++++ Cryptlib/OpenSSL/crypto/bn/bn_kron.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_lib.c | 61 ++++++----------------------------- Cryptlib/OpenSSL/crypto/bn/bn_mod.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_mont.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_mpi.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_mul.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_nist.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_opt.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_prime.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_print.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_rand.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_recp.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_shift.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_sqr.c | 1 + Cryptlib/OpenSSL/crypto/bn/bn_sqrt.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_word.c | 0 Cryptlib/OpenSSL/crypto/bn/bn_x931p.c | 0 29 files changed, 61 insertions(+), 52 deletions(-) mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_add.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_asm.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_blind.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_const.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_ctx.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_depr.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_div.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_err.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_exp.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_exp2.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_gcd.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_gf2m.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_kron.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_lib.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_mod.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_mont.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_mpi.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_mul.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_nist.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_opt.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_prime.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_print.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_rand.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_recp.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_shift.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_sqr.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_sqrt.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_word.c mode change 100755 => 100644 Cryptlib/OpenSSL/crypto/bn/bn_x931p.c (limited to 'Cryptlib/OpenSSL/crypto/bn') diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_add.c b/Cryptlib/OpenSSL/crypto/bn/bn_add.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_asm.c b/Cryptlib/OpenSSL/crypto/bn/bn_asm.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_blind.c b/Cryptlib/OpenSSL/crypto/bn/bn_blind.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_const.c b/Cryptlib/OpenSSL/crypto/bn/bn_const.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_ctx.c b/Cryptlib/OpenSSL/crypto/bn/bn_ctx.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_depr.c b/Cryptlib/OpenSSL/crypto/bn/bn_depr.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_div.c b/Cryptlib/OpenSSL/crypto/bn/bn_div.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_err.c b/Cryptlib/OpenSSL/crypto/bn/bn_err.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_exp.c b/Cryptlib/OpenSSL/crypto/bn/bn_exp.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_exp2.c b/Cryptlib/OpenSSL/crypto/bn/bn_exp2.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_gcd.c b/Cryptlib/OpenSSL/crypto/bn/bn_gcd.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_gf2m.c b/Cryptlib/OpenSSL/crypto/bn/bn_gf2m.c old mode 100755 new mode 100644 index 5d90f1e8..28f1fa8f --- a/Cryptlib/OpenSSL/crypto/bn/bn_gf2m.c +++ b/Cryptlib/OpenSSL/crypto/bn/bn_gf2m.c @@ -1095,3 +1095,54 @@ int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a) return 1; } +/* + * Constant-time conditional swap of a and b. + * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set. + * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b, + * and that no more than nwords are used by either a or b. + * a and b cannot be the same number + */ +void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords) + { + BN_ULONG t; + int i; + + bn_wcheck_size(a, nwords); + bn_wcheck_size(b, nwords); + + assert(a != b); + assert((condition & (condition - 1)) == 0); + assert(sizeof(BN_ULONG) >= sizeof(int)); + + condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1; + + t = (a->top^b->top) & condition; + a->top ^= t; + b->top ^= t; + +#define BN_CONSTTIME_SWAP(ind) \ + do { \ + t = (a->d[ind] ^ b->d[ind]) & condition; \ + a->d[ind] ^= t; \ + b->d[ind] ^= t; \ + } while (0) + + + switch (nwords) { + default: + for (i = 10; i < nwords; i++) + BN_CONSTTIME_SWAP(i); + /* Fallthrough */ + case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */ + case 9: BN_CONSTTIME_SWAP(8); /* Fallthrough */ + case 8: BN_CONSTTIME_SWAP(7); /* Fallthrough */ + case 7: BN_CONSTTIME_SWAP(6); /* Fallthrough */ + case 6: BN_CONSTTIME_SWAP(5); /* Fallthrough */ + case 5: BN_CONSTTIME_SWAP(4); /* Fallthrough */ + case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */ + case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */ + case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */ + case 1: BN_CONSTTIME_SWAP(0); + } +#undef BN_CONSTTIME_SWAP +} diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_kron.c b/Cryptlib/OpenSSL/crypto/bn/bn_kron.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_lib.c b/Cryptlib/OpenSSL/crypto/bn/bn_lib.c old mode 100755 new mode 100644 index b66f5075..c288844a --- a/Cryptlib/OpenSSL/crypto/bn/bn_lib.c +++ b/Cryptlib/OpenSSL/crypto/bn/bn_lib.c @@ -320,6 +320,15 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); return(NULL); } +#ifdef PURIFY + /* Valgrind complains in BN_consttime_swap because we process the whole + * array even if it's not initialised yet. This doesn't matter in that + * function - what's important is constant time operation (we're not + * actually going to use the data) + */ + memset(a, 0, sizeof(BN_ULONG)*words); +#endif + #if 1 B=b->d; /* Check if the previous number needs to be copied */ @@ -824,55 +833,3 @@ int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, } return bn_cmp_words(a,b,cl); } - -/* - * Constant-time conditional swap of a and b. - * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set. - * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b, - * and that no more than nwords are used by either a or b. - * a and b cannot be the same number - */ -void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords) - { - BN_ULONG t; - int i; - - bn_wcheck_size(a, nwords); - bn_wcheck_size(b, nwords); - - assert(a != b); - assert((condition & (condition - 1)) == 0); - assert(sizeof(BN_ULONG) >= sizeof(int)); - - condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1; - - t = (a->top^b->top) & condition; - a->top ^= t; - b->top ^= t; - -#define BN_CONSTTIME_SWAP(ind) \ - do { \ - t = (a->d[ind] ^ b->d[ind]) & condition; \ - a->d[ind] ^= t; \ - b->d[ind] ^= t; \ - } while (0) - - - switch (nwords) { - default: - for (i = 10; i < nwords; i++) - BN_CONSTTIME_SWAP(i); - /* Fallthrough */ - case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */ - case 9: BN_CONSTTIME_SWAP(8); /* Fallthrough */ - case 8: BN_CONSTTIME_SWAP(7); /* Fallthrough */ - case 7: BN_CONSTTIME_SWAP(6); /* Fallthrough */ - case 6: BN_CONSTTIME_SWAP(5); /* Fallthrough */ - case 5: BN_CONSTTIME_SWAP(4); /* Fallthrough */ - case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */ - case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */ - case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */ - case 1: BN_CONSTTIME_SWAP(0); - } -#undef BN_CONSTTIME_SWAP -} diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_mod.c b/Cryptlib/OpenSSL/crypto/bn/bn_mod.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_mont.c b/Cryptlib/OpenSSL/crypto/bn/bn_mont.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_mpi.c b/Cryptlib/OpenSSL/crypto/bn/bn_mpi.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_mul.c b/Cryptlib/OpenSSL/crypto/bn/bn_mul.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_nist.c b/Cryptlib/OpenSSL/crypto/bn/bn_nist.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_opt.c b/Cryptlib/OpenSSL/crypto/bn/bn_opt.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_prime.c b/Cryptlib/OpenSSL/crypto/bn/bn_prime.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_print.c b/Cryptlib/OpenSSL/crypto/bn/bn_print.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_rand.c b/Cryptlib/OpenSSL/crypto/bn/bn_rand.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_recp.c b/Cryptlib/OpenSSL/crypto/bn/bn_recp.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_shift.c b/Cryptlib/OpenSSL/crypto/bn/bn_shift.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_sqr.c b/Cryptlib/OpenSSL/crypto/bn/bn_sqr.c old mode 100755 new mode 100644 index 270d0cd3..65bbf165 --- a/Cryptlib/OpenSSL/crypto/bn/bn_sqr.c +++ b/Cryptlib/OpenSSL/crypto/bn/bn_sqr.c @@ -77,6 +77,7 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) if (al <= 0) { r->top=0; + r->neg = 0; return 1; } diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_sqrt.c b/Cryptlib/OpenSSL/crypto/bn/bn_sqrt.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_word.c b/Cryptlib/OpenSSL/crypto/bn/bn_word.c old mode 100755 new mode 100644 diff --git a/Cryptlib/OpenSSL/crypto/bn/bn_x931p.c b/Cryptlib/OpenSSL/crypto/bn/bn_x931p.c old mode 100755 new mode 100644 -- cgit v1.2.3