ag/cpython-source-deps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Import OpenSSL 1.1.0i

Browse Source
This commit is contained in:
Steve Dower
2018-08-14 08:22:53 -07:00
parent 807cee26df
commit 6960e8d7c7
282 changed files with 5215 additions and 2261 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/evp/evp_err.c
View File

@@ -70,6 +70,8 @@ static ERR_STRING_DATA EVP_str_functs[] = {
{ERR_FUNC(EVP_F_EVP_PKEY_GET0_RSA), "EVP_PKEY_get0_RSA"},
{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
{ERR_FUNC(EVP_F_EVP_PKEY_METH_ADD0), "EVP_PKEY_meth_add0"},
{ERR_FUNC(EVP_F_EVP_PKEY_METH_NEW), "EVP_PKEY_meth_new"},
{ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
@@ -143,6 +145,7 @@ static ERR_STRING_DATA EVP_str_reasons[] = {
{ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
{ERR_REASON(EVP_R_PARTIALLY_OVERLAPPING),
"partially overlapping buffers"},
{ERR_REASON(EVP_R_PBKDF2_ERROR), "pbkdf2 error"},
{ERR_REASON(EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED),
"pkey application asn1 method already registered"},
{ERR_REASON(EVP_R_PKEY_ASN1_METHOD_ALREADY_REGISTERED),

46
crypto/evp/pmeth_lib.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -151,8 +151,10 @@ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
EVP_PKEY_METHOD *pmeth;
pmeth = OPENSSL_zalloc(sizeof(*pmeth));
if (pmeth == NULL)
if (pmeth == NULL) {
EVPerr(EVP_F_EVP_PKEY_METH_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
pmeth->pkey_id = id;
pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
@@ -238,8 +240,10 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
}
#endif
rctx = OPENSSL_malloc(sizeof(*rctx));
if (rctx == NULL)
if (rctx == NULL) {
EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_MALLOC_FAILURE);
return NULL;
}
rctx->pmeth = pctx->pmeth;
#ifndef OPENSSL_NO_ENGINE
@@ -273,11 +277,15 @@ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
{
if (app_pkey_methods == NULL) {
app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
if (app_pkey_methods == NULL)
if (app_pkey_methods == NULL) {
EVPerr(EVP_F_EVP_PKEY_METH_ADD0, ERR_R_MALLOC_FAILURE);
return 0;
}
}
if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth)) {
EVPerr(EVP_F_EVP_PKEY_METH_ADD0, ERR_R_MALLOC_FAILURE);
return 0;
}
sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
return 1;
}
@@ -557,26 +565,26 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
pmeth->ctrl_str = ctrl_str;
}
void EVP_PKEY_meth_get_init(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
int (**pinit) (EVP_PKEY_CTX *ctx))
{
*pinit = pmeth->init;
}
void EVP_PKEY_meth_get_copy(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
int (**pcopy) (EVP_PKEY_CTX *dst,
EVP_PKEY_CTX *src))
{
*pcopy = pmeth->copy;
}
void EVP_PKEY_meth_get_cleanup(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
void (**pcleanup) (EVP_PKEY_CTX *ctx))
{
*pcleanup = pmeth->cleanup;
}
void EVP_PKEY_meth_get_paramgen(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
int (**pparamgen) (EVP_PKEY_CTX *ctx,
EVP_PKEY *pkey))
@@ -587,7 +595,7 @@ void EVP_PKEY_meth_get_paramgen(EVP_PKEY_METHOD *pmeth,
*pparamgen = pmeth->paramgen;
}
void EVP_PKEY_meth_get_keygen(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
int (**pkeygen) (EVP_PKEY_CTX *ctx,
EVP_PKEY *pkey))
@@ -598,7 +606,7 @@ void EVP_PKEY_meth_get_keygen(EVP_PKEY_METHOD *pmeth,
*pkeygen = pmeth->keygen;
}
void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
int (**psign_init) (EVP_PKEY_CTX *ctx),
int (**psign) (EVP_PKEY_CTX *ctx,
unsigned char *sig, size_t *siglen,
@@ -611,7 +619,7 @@ void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth,
*psign = pmeth->sign;
}
void EVP_PKEY_meth_get_verify(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
int (**pverify_init) (EVP_PKEY_CTX *ctx),
int (**pverify) (EVP_PKEY_CTX *ctx,
const unsigned char *sig,
@@ -625,7 +633,7 @@ void EVP_PKEY_meth_get_verify(EVP_PKEY_METHOD *pmeth,
*pverify = pmeth->verify;
}
void EVP_PKEY_meth_get_verify_recover(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
int (**pverify_recover_init) (EVP_PKEY_CTX
*ctx),
int (**pverify_recover) (EVP_PKEY_CTX
@@ -643,7 +651,7 @@ void EVP_PKEY_meth_get_verify_recover(EVP_PKEY_METHOD *pmeth,
*pverify_recover = pmeth->verify_recover;
}
void EVP_PKEY_meth_get_signctx(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
int (**psignctx_init) (EVP_PKEY_CTX *ctx,
EVP_MD_CTX *mctx),
int (**psignctx) (EVP_PKEY_CTX *ctx,
@@ -657,7 +665,7 @@ void EVP_PKEY_meth_get_signctx(EVP_PKEY_METHOD *pmeth,
*psignctx = pmeth->signctx;
}
void EVP_PKEY_meth_get_verifyctx(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
EVP_MD_CTX *mctx),
int (**pverifyctx) (EVP_PKEY_CTX *ctx,
@@ -671,7 +679,7 @@ void EVP_PKEY_meth_get_verifyctx(EVP_PKEY_METHOD *pmeth,
*pverifyctx = pmeth->verifyctx;
}
void EVP_PKEY_meth_get_encrypt(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
int (**pencryptfn) (EVP_PKEY_CTX *ctx,
unsigned char *out,
@@ -685,7 +693,7 @@ void EVP_PKEY_meth_get_encrypt(EVP_PKEY_METHOD *pmeth,
*pencryptfn = pmeth->encrypt;
}
void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
int (**pdecrypt) (EVP_PKEY_CTX *ctx,
unsigned char *out,
@@ -699,7 +707,7 @@ void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth,
*pdecrypt = pmeth->decrypt;
}
void EVP_PKEY_meth_get_derive(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
int (**pderive_init) (EVP_PKEY_CTX *ctx),
int (**pderive) (EVP_PKEY_CTX *ctx,
unsigned char *key,
@@ -711,7 +719,7 @@ void EVP_PKEY_meth_get_derive(EVP_PKEY_METHOD *pmeth,
*pderive = pmeth->derive;
}
void EVP_PKEY_meth_get_ctrl(EVP_PKEY_METHOD *pmeth,
void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
void *p2),
int (**pctrl_str) (EVP_PKEY_CTX *ctx,

25
crypto/evp/scrypt.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -171,8 +171,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
if (r == 0 || p == 0 || N < 2 || (N & (N - 1)))
return 0;
/* Check p * r < SCRYPT_PR_MAX avoiding overflow */
if (p > SCRYPT_PR_MAX / r)
if (p > SCRYPT_PR_MAX / r) {
EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
return 0;
}
/*
* Need to check N: if 2^(128 * r / 8) overflows limit this is
@@ -180,8 +182,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
*/
if (16 * r <= LOG2_UINT64_MAX) {
if (N >= (((uint64_t)1) << (16 * r)))
if (N >= (((uint64_t)1) << (16 * r))) {
EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
return 0;
}
}
/* Memory checks: check total allocated buffer size fits in uint64_t */
@@ -199,13 +203,17 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
* This is combined size V, X and T (section 4)
*/
i = UINT64_MAX / (32 * sizeof(uint32_t));
if (N + 2 > i / r)
if (N + 2 > i / r) {
EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
return 0;
}
Vlen = 32 * r * (N + 2) * sizeof(uint32_t);
/* check total allocated size fits in uint64_t */
if (Blen > UINT64_MAX - Vlen)
if (Blen > UINT64_MAX - Vlen) {
EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
return 0;
}
/* check total allocated size fits in size_t */
if (Blen > SIZE_MAX - Vlen)
return 0;
@@ -225,8 +233,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
return 1;
B = OPENSSL_malloc(allocsize);
if (B == NULL)
if (B == NULL) {
EVPerr(EVP_F_EVP_PBE_SCRYPT, ERR_R_MALLOC_FAILURE);
return 0;
}
X = (uint32_t *)(B + Blen);
T = X + 32 * r;
V = T + 32 * r;
@@ -242,6 +252,9 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
goto err;
rv = 1;
err:
if (rv == 0)
EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PBKDF2_ERROR);
OPENSSL_clear_free(B, allocsize);
return rv;
}