[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

[Richard Levitte]

The branch OpenSSL_1_0_2-stable has been updated
   via  474a53b3a36568d19d7b918ee879efd2707e7c67 (commit)
  from  e780ed033659cb1269a49c8952517559cbd76558 (commit)


- Log -
commit 474a53b3a36568d19d7b918ee879efd2707e7c67
Author: Richard Levitte 
Date:   Mon Dec 14 03:53:06 2015 +0100

Fix tarball production to keep test/bctest and util/pod2mantest

Reviewed-by: Matt Caswell 

---

Summary of changes:
 Makefile.org | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Makefile.org b/Makefile.org
index d2deca5..76fdbdf 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -506,7 +506,8 @@ TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from $(TARFILE).list 
\
 $(TARFILE).list:
find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \
   \! -name '*.so' \! -name '*.so.*'  \! -name 'openssl' \
-  \! -name '*test' \! -name '.#*' \! -name '*~' \! -type l \
+  \( \! -name '*test' -o -name bctest -o -name pod2mantest \) \
+  \! -name '.#*' \! -name '*~' \! -type l \
| sort > $(TARFILE).list
 
 tar: $(TARFILE).list
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

[Richard Levitte]

The branch OpenSSL_1_0_1-stable has been updated
   via  36be5f77d0325ded25d0a36caee9860cffe721e8 (commit)
  from  f612bdb34252c3eae4808dd3e1360d0f0a3666bc (commit)


- Log -
commit 36be5f77d0325ded25d0a36caee9860cffe721e8
Author: Richard Levitte 
Date:   Mon Dec 14 03:53:06 2015 +0100

Fix tarball production to keep test/bctest and util/pod2mantest

Reviewed-by: Matt Caswell 
(cherry picked from commit 474a53b3a36568d19d7b918ee879efd2707e7c67)

---

Summary of changes:
 Makefile.org | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Makefile.org b/Makefile.org
index 308a6e6..b0e0f3d 100644
--- a/Makefile.org
+++ b/Makefile.org
@@ -506,7 +506,8 @@ TAR_COMMAND=$(TAR) $(TARFLAGS) --files-from $(TARFILE).list 
\
 $(TARFILE).list:
find * \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \
   \! -name '*.so' \! -name '*.so.*'  \! -name 'openssl' \
-  \! -name '*test' \! -name '.#*' \! -name '*~' \! -type l \
+  \( \! -name '*test' -o -name bctest -o -name pod2mantest \) \
+  \! -name '.#*' \! -name '*~' \! -type l \
| sort > $(TARFILE).list
 
 tar: $(TARFILE).list
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Fixed: openssl/openssl#900 (master - 81eae07)

[Travis CI]

Build Update for openssl/openssl
-

Build: #900
Status: Fixed

Duration: 40 minutes and 19 seconds
Commit: 81eae07 (master)
Author: Andy Polyakov
Message: crpyto/ppccpuid.pl: add FPU probe and fix OPENSSL_rdtsc.

Reviewed-by: Kurt Roeckx 

View the changeset: 
https://github.com/openssl/openssl/compare/f562aedae47c...81eae077ce67

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/96759605

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Andy Polyakov]

The branch master has been updated
   via  81eae077ce679c1d7d29e19991bf055e4888a2fc (commit)
   via  2688d99989902dea884632a8658f3abad0c26d16 (commit)
  from  f562aedae47c5702b37fb842f96f48b95019d106 (commit)


- Log -
commit 81eae077ce679c1d7d29e19991bf055e4888a2fc
Author: Andy Polyakov 
Date:   Sat Nov 14 00:16:37 2015 +0100

crpyto/ppccpuid.pl: add FPU probe and fix OPENSSL_rdtsc.

Reviewed-by: Kurt Roeckx 

commit 2688d99989902dea884632a8658f3abad0c26d16
Author: Andy Polyakov 
Date:   Sat Nov 14 00:10:19 2015 +0100

crypto/ppccap.c: add SIGILL-free processor capability detection code.

Reviewed-by: Kurt Roeckx 

---

Summary of changes:
 crypto/ppc_arch.h  |   6 +++
 crypto/ppccap.c| 134 -
 crypto/ppccpuid.pl |  19 
 3 files changed, 138 insertions(+), 21 deletions(-)

diff --git a/crypto/ppc_arch.h b/crypto/ppc_arch.h
index b50ec99..c0b4f18 100644
--- a/crypto/ppc_arch.h
+++ b/crypto/ppc_arch.h
@@ -3,8 +3,14 @@
 
 extern unsigned int OPENSSL_ppccap_P;
 
+/*
+ * Flags' usage can appear ambiguous, because they are set rather
+ * to reflect OpenSSL performance preferences than actual processor
+ * capabilities.
+ */
 # define PPC_FPU64   (1<<0)
 # define PPC_ALTIVEC (1<<1)
 # define PPC_CRYPTO207   (1<<2)
+# define PPC_FPU (1<<3)
 
 #endif
diff --git a/crypto/ppccap.c b/crypto/ppccap.c
index 74af473..c8d012e 100644
--- a/crypto/ppccap.c
+++ b/crypto/ppccap.c
@@ -7,6 +7,12 @@
 #if defined(__linux) || defined(_AIX)
 # include 
 #endif
+#if defined(_AIX53) /* defined even on post-5.3 */
+# include 
+# if !defined(__power_set)
+#  define __power_set(a) (_system_configuration.implementation & (a))
+# endif
+#endif
 #include 
 #include 
 
@@ -79,10 +85,37 @@ static void ill_handler(int sig)
 siglongjmp(ill_jmp, sig);
 }
 
+void OPENSSL_fpu_probe(void);
 void OPENSSL_ppc64_probe(void);
 void OPENSSL_altivec_probe(void);
 void OPENSSL_crypto207_probe(void);
 
+/*
+ * Use a weak reference to getauxval() so we can use it if it is available
+ * but don't break the build if it is not. Note that this is *link-time*
+ * feature detection, not *run-time*. In other words if we link with
+ * symbol present, it's expected to be present even at run-time.
+ */
+#if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__)
+extern unsigned long getauxval(unsigned long type) __attribute__ ((weak));
+#else
+static unsigned long (*getauxval) (unsigned long) = NULL;
+#endif
+
+/* I wish  was universally available */
+#define HWCAP   16  /* AT_HWCAP */
+#define HWCAP_PPC64 (1U << 30)
+#define HWCAP_ALTIVEC   (1U << 28)
+#define HWCAP_FPU   (1U << 27)
+#define HWCAP_POWER6_EXT(1U << 9)
+#define HWCAP_VSX   (1U << 7)
+
+#define HWCAP2  26  /* AT_HWCAP2 */
+#define HWCAP_VEC_CRYPTO(1U << 25)
+
+# if defined(__GNUC__) && __GNUC__>=2
+__attribute__ ((constructor))
+# endif
 void OPENSSL_cpuid_setup(void)
 {
 char *e;
@@ -94,16 +127,6 @@ void OPENSSL_cpuid_setup(void)
 return;
 trigger = 1;
 
-sigfillset(_masked);
-sigdelset(_masked, SIGILL);
-sigdelset(_masked, SIGTRAP);
-#ifdef SIGEMT
-sigdelset(_masked, SIGEMT);
-#endif
-sigdelset(_masked, SIGFPE);
-sigdelset(_masked, SIGBUS);
-sigdelset(_masked, SIGSEGV);
-
 if ((e = getenv("OPENSSL_ppccap"))) {
 OPENSSL_ppccap_P = strtoul(e, NULL, 0);
 return;
@@ -112,6 +135,8 @@ void OPENSSL_cpuid_setup(void)
 OPENSSL_ppccap_P = 0;
 
 #if defined(_AIX)
+OPENSSL_ppccap_P |= PPC_FPU;
+
 if (sizeof(size_t) == 4) {
 struct utsname uts;
 # if defined(_SC_AIX_KERNEL_BITMODE)
@@ -121,7 +146,69 @@ void OPENSSL_cpuid_setup(void)
 if (uname() != 0 || atoi(uts.version) < 6)
 return;
 }
+
+# if defined(__power_set)
+/*
+ * Value used in __power_set is a single-bit 1

[openssl-commits] [openssl] master update

[Matt Caswell]

The branch master has been updated
   via  f562aedae47c5702b37fb842f96f48b95019d106 (commit)
  from  b311b74d78ebaa6e72d4fa3cfc92d33d926e7a27 (commit)


- Log -
commit f562aedae47c5702b37fb842f96f48b95019d106
Author: Hongze Zhu 
Date:   Mon Dec 14 17:38:56 2015 +0800

add malloc fail check & fix memory leak

Signed-off-by: Hongze Zhu 

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

---

Summary of changes:
 test/dhtest.c | 57 ++---
 1 file changed, 42 insertions(+), 15 deletions(-)

diff --git a/test/dhtest.c b/test/dhtest.c
index 896af85..0ca5175 100644
--- a/test/dhtest.c
+++ b/test/dhtest.c
@@ -86,13 +86,15 @@ static int run_rfc5114_tests(void);
 
 int main(int argc, char *argv[])
 {
-BN_GENCB *_cb;
+BN_GENCB *_cb = NULL;
 DH *a = NULL;
 DH *b = NULL;
-char buf[12];
-unsigned char *abuf = NULL, *bbuf = NULL;
-int i, alen, blen, aout, bout, ret = 1;
-BIO *out;
+char buf[12] = {0};
+unsigned char *abuf = NULL;
+unsigned char *bbuf = NULL;
+int i, alen, blen, aout, bout;
+int ret = 1;
+BIO *out = NULL;
 
 CRYPTO_malloc_debug_init();
 CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
@@ -110,12 +112,11 @@ int main(int argc, char *argv[])
 BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
 
 _cb = BN_GENCB_new();
-if (!_cb)
+if (_cb == NULL)
 goto err;
 BN_GENCB_set(_cb, , out);
-if (((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64,
-   DH_GENERATOR_5,
-   _cb))
+if (((a = DH_new()) == NULL)
+|| (!DH_generate_parameters_ex(a, 64, DH_GENERATOR_5, _cb)))
 goto err;
 
 if (!DH_check(a, ))
@@ -166,6 +167,9 @@ int main(int argc, char *argv[])
 
 alen = DH_size(a);
 abuf = OPENSSL_malloc(alen);
+if (abuf == NULL)
+goto err;
+
 aout = DH_compute_key(abuf, b->pub_key, a);
 
 BIO_puts(out, "key1 =");
@@ -177,6 +181,9 @@ int main(int argc, char *argv[])
 
 blen = DH_size(b);
 bbuf = OPENSSL_malloc(blen);
+if (bbuf == NULL)
+goto err;
+
 bout = DH_compute_key(bbuf, a->pub_key, b);
 
 BIO_puts(out, "key2 =");
@@ -485,14 +492,22 @@ static const rfc5114_td rfctd[] = {
 static int run_rfc5114_tests(void)
 {
 int i;
+DH *dhA = NULL;
+DH *dhB = NULL;
+unsigned char *Z1 = NULL;
+unsigned char *Z2 = NULL;
+const rfc5114_td *td = NULL;
+
 for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) {
-DH *dhA, *dhB;
-unsigned char *Z1 = NULL, *Z2 = NULL;
-const rfc5114_td *td = rfctd + i;
+dhA = NULL;
+dhB = NULL;
+Z1 = NULL;
+Z2 = NULL;
+td = rfctd + i;
 /* Set up DH structures setting key components */
 dhA = td->get_param();
 dhB = td->get_param();
-if (!dhA || !dhB)
+if ((dhA == NULL) || (dhB == NULL))
 goto bad_err;
 
 dhA->priv_key = BN_bin2bn(td->xA, td->xA_len, NULL);
@@ -501,8 +516,8 @@ static int run_rfc5114_tests(void)
 dhB->priv_key = BN_bin2bn(td->xB, td->xB_len, NULL);
 dhB->pub_key = BN_bin2bn(td->yB, td->yB_len, NULL);
 
-if (!dhA->priv_key || !dhA->pub_key
-|| !dhB->priv_key || !dhB->pub_key)
+if ((dhA->priv_key == NULL) || (dhA->pub_key == NULL)
+|| (dhB->priv_key == NULL) || (dhB->pub_key == NULL))
 goto bad_err;
 
 if ((td->Z_len != (size_t)DH_size(dhA))
@@ -511,6 +526,8 @@ static int run_rfc5114_tests(void)
 
 Z1 = OPENSSL_malloc(DH_size(dhA));
 Z2 = OPENSSL_malloc(DH_size(dhB));
+if ((Z1 == NULL) || (Z2 == NULL))
+goto bad_err;
 /*
  * Work out shared secrets using both sides and compare with expected
  * values.
@@ -535,10 +552,20 @@ static int run_rfc5114_tests(void)
 }
 return 1;
  bad_err:
+DH_free(dhA);
+DH_free(dhB);
+OPENSSL_free(Z1);
+OPENSSL_free(Z2);
+
 fprintf(stderr, "Initalisation error RFC5114 set %d\n", i + 1);
 ERR_print_errors_fp(stderr);
 return 0;
  err:
+DH_free(dhA);
+DH_free(dhB);
+OPENSSL_free(Z1);
+OPENSSL_free(Z2);
+
 fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1);
 return 0;
 }
_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] Broken: openssl/openssl#899 (master - f562aed)

[Travis CI]

Build Update for openssl/openssl
-

Build: #899
Status: Broken

Duration: 38 minutes and 6 seconds
Commit: f562aed (master)
Author: Hongze Zhu
Message: add malloc fail check & fix memory leak

Signed-off-by: Hongze Zhu 

Reviewed-by: Rich Salz 
Reviewed-by: Matt Caswell 

View the changeset: 
https://github.com/openssl/openssl/compare/b311b74d78eb...f562aedae47c

View the full build log and details: 
https://travis-ci.org/openssl/openssl/builds/96746654

--

You can configure recipients for build notifications in your .travis.yml file. 
See https://docs.travis-ci.com/user/notifications

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

[Emilia Kasper]

The branch OpenSSL_1_0_2-stable has been updated
   via  44e4f5b04b43054571e278381662cebd3f3555e6 (commit)
  from  474a53b3a36568d19d7b918ee879efd2707e7c67 (commit)


- Log -
commit 44e4f5b04b43054571e278381662cebd3f3555e6
Author: Emilia Kasper 
Date:   Mon Dec 14 16:38:15 2015 +0100

Fix a ** 0 mod 1 = 0 for real this time.

Commit 2b0180c37fa6ffc48ee40caa831ca398b828e680 attempted to do this but
only hit one of many BN_mod_exp codepaths. Fix remaining variants and add
a test for each method.

Thanks to Hanno Boeck for reporting this issue.

Reviewed-by: Rich Salz 
Reviewed-by: Dr. Stephen Henson 
(cherry picked from commit d911097d7c93e4cfeab624b34d73fe51da158b69)

---

Summary of changes:
 crypto/bn/bn_exp.c  | 39 +++--
 crypto/bn/exptest.c | 82 +++--
 2 files changed, 104 insertions(+), 17 deletions(-)

diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index 50cf323..98db765 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -282,9 +282,14 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const 
BIGNUM *p,
 }
 
 bits = BN_num_bits(p);
-
 if (bits == 0) {
-ret = BN_one(r);
+/* x**0 mod 1 is still zero. */
+if (BN_is_one(m)) {
+ret = 1;
+BN_zero(r);
+} else {
+ret = BN_one(r);
+}
 return ret;
 }
 
@@ -418,7 +423,13 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const 
BIGNUM *p,
 }
 bits = BN_num_bits(p);
 if (bits == 0) {
-ret = BN_one(rr);
+/* x**0 mod 1 is still zero. */
+if (BN_is_one(m)) {
+ret = 1;
+BN_zero(rr);
+} else {
+ret = BN_one(rr);
+}
 return ret;
 }
 
@@ -671,7 +682,13 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, 
const BIGNUM *p,
 
 bits = BN_num_bits(p);
 if (bits == 0) {
-ret = BN_one(rr);
+/* x**0 mod 1 is still zero. */
+if (BN_is_one(m)) {
+ret = 1;
+BN_zero(rr);
+} else {
+ret = BN_one(rr);
+}
 return ret;
 }
 
@@ -1182,8 +1199,9 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const 
BIGNUM *p,
 if (BN_is_one(m)) {
 ret = 1;
 BN_zero(rr);
-} else
+} else {
 ret = BN_one(rr);
+}
 return ret;
 }
 if (a == 0) {
@@ -1297,9 +1315,14 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const 
BIGNUM *p,
 }
 
 bits = BN_num_bits(p);
-
-if (bits == 0) {
-ret = BN_one(r);
+   if (bits == 0) {
+/* x**0 mod 1 is still zero. */
+if (BN_is_one(m)) {
+ret = 1;
+BN_zero(r);
+} else {
+ret = BN_one(r);
+}
 return ret;
 }
 
diff --git a/crypto/bn/exptest.c b/crypto/bn/exptest.c
index 8b3a4ba..ac611c2 100644
--- a/crypto/bn/exptest.c
+++ b/crypto/bn/exptest.c
@@ -73,14 +73,34 @@ static const char rnd_seed[] =
 "string to make the random number generator think it has entropy";
 
 /*
+ * Test that r == 0 in test_exp_mod_zero(). Returns one on success,
+ * returns zero and prints debug output otherwise.
+ */
+static int a_is_zero_mod_one(const char *method, const BIGNUM *r,
+ const BIGNUM *a) {
+if (!BN_is_zero(r)) {
+fprintf(stderr, "%s failed:\n", method);
+fprintf(stderr, "a ** 0 mod 1 = r (should be 0)\n");
+fprintf(stderr, "a = ");
+BN_print_fp(stderr, a);
+fprintf(stderr, "\nr = ");
+BN_print_fp(stderr, r);
+fprintf(stderr, "\n");
+return 0;
+}
+return 1;
+}
+
+/*
  * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success.
  */
 static int test_exp_mod_zero()
 {
 BIGNUM a, p, m;
 BIGNUM r;
+BN_ULONG one_word = 1;
 BN_CTX *ctx = BN_CTX_new();
-int ret = 1;
+int ret = 1, failed = 0;
 
 BN_init();
 BN_one();
@@ -92,21 +112,65 @@ static int test_exp_mod_zero()
 BN_zero();
 
 BN_init();
-BN_mod_exp(, , , , ctx);
-BN_CTX_free(ctx);
 
-if (BN_is_zero())
-ret = 0;
-else {
-printf("1**0 mod 1 = ");
-BN_print_fp(stdout, );
-printf(", should be 0\n");
+if (!BN_rand(, 1024, 0, 0))
+goto err;
+
+if (!BN_mod_exp(, , , , ctx))
+goto err;
+
+if (!a_is_zero_mod_one("BN_mod_exp", , ))
+failed = 1;
+
+if (!BN_mod_exp_recp(, , , , ctx))
+goto err;
+
+if (!a_is_zero_mod_one("BN_mod_exp_recp", , ))
+failed = 1;
+
+if (!BN_mod_exp_simple(, , , , ctx))
+goto err;
+
+if (!a_is_zero_mod_one("BN_mod_exp_simple", , ))
+   

[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

[Emilia Kasper]

The branch OpenSSL_1_0_1-stable has been updated
   via  d6af325d5192acf8aef91671c4f39c09b0f9 (commit)
  from  36be5f77d0325ded25d0a36caee9860cffe721e8 (commit)


- Log -
commit d6af325d5192acf8aef91671c4f39c09b0f9
Author: Emilia Kasper 
Date:   Mon Dec 14 16:38:15 2015 +0100

Fix a ** 0 mod 1 = 0 for real this time.

Commit 2b0180c37fa6ffc48ee40caa831ca398b828e680 attempted to do this but
only hit one of many BN_mod_exp codepaths. Fix remaining variants and add
a test for each method.

Thanks to Hanno Boeck for reporting this issue.

Reviewed-by: Rich Salz 
Reviewed-by: Dr. Stephen Henson 
(cherry picked from commit d911097d7c93e4cfeab624b34d73fe51da158b69)
(cherry picked from commit 44e4f5b04b43054571e278381662cebd3f3555e6)

---

Summary of changes:
 crypto/bn/bn_exp.c  | 39 +++--
 crypto/bn/exptest.c | 82 +++--
 2 files changed, 104 insertions(+), 17 deletions(-)

diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index 7e33ba9..14a3689 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -271,9 +271,14 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const 
BIGNUM *p,
 }
 
 bits = BN_num_bits(p);
-
 if (bits == 0) {
-ret = BN_one(r);
+/* x**0 mod 1 is still zero. */
+if (BN_is_one(m)) {
+ret = 1;
+BN_zero(r);
+} else {
+ret = BN_one(r);
+}
 return ret;
 }
 
@@ -407,7 +412,13 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const 
BIGNUM *p,
 }
 bits = BN_num_bits(p);
 if (bits == 0) {
-ret = BN_one(rr);
+/* x**0 mod 1 is still zero. */
+if (BN_is_one(m)) {
+ret = 1;
+BN_zero(rr);
+} else {
+ret = BN_one(rr);
+}
 return ret;
 }
 
@@ -608,7 +619,13 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, 
const BIGNUM *p,
 
 bits = BN_num_bits(p);
 if (bits == 0) {
-ret = BN_one(rr);
+/* x**0 mod 1 is still zero. */
+if (BN_is_one(m)) {
+ret = 1;
+BN_zero(rr);
+} else {
+ret = BN_one(rr);
+}
 return ret;
 }
 
@@ -908,8 +925,9 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const 
BIGNUM *p,
 if (BN_is_one(m)) {
 ret = 1;
 BN_zero(rr);
-} else
+} else {
 ret = BN_one(rr);
+}
 return ret;
 }
 if (a == 0) {
@@ -1023,9 +1041,14 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const 
BIGNUM *p,
 }
 
 bits = BN_num_bits(p);
-
-if (bits == 0) {
-ret = BN_one(r);
+   if (bits == 0) {
+/* x**0 mod 1 is still zero. */
+if (BN_is_one(m)) {
+ret = 1;
+BN_zero(r);
+} else {
+ret = BN_one(r);
+}
 return ret;
 }
 
diff --git a/crypto/bn/exptest.c b/crypto/bn/exptest.c
index 8b3a4ba..ac611c2 100644
--- a/crypto/bn/exptest.c
+++ b/crypto/bn/exptest.c
@@ -73,14 +73,34 @@ static const char rnd_seed[] =
 "string to make the random number generator think it has entropy";
 
 /*
+ * Test that r == 0 in test_exp_mod_zero(). Returns one on success,
+ * returns zero and prints debug output otherwise.
+ */
+static int a_is_zero_mod_one(const char *method, const BIGNUM *r,
+ const BIGNUM *a) {
+if (!BN_is_zero(r)) {
+fprintf(stderr, "%s failed:\n", method);
+fprintf(stderr, "a ** 0 mod 1 = r (should be 0)\n");
+fprintf(stderr, "a = ");
+BN_print_fp(stderr, a);
+fprintf(stderr, "\nr = ");
+BN_print_fp(stderr, r);
+fprintf(stderr, "\n");
+return 0;
+}
+return 1;
+}
+
+/*
  * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success.
  */
 static int test_exp_mod_zero()
 {
 BIGNUM a, p, m;
 BIGNUM r;
+BN_ULONG one_word = 1;
 BN_CTX *ctx = BN_CTX_new();
-int ret = 1;
+int ret = 1, failed = 0;
 
 BN_init();
 BN_one();
@@ -92,21 +112,65 @@ static int test_exp_mod_zero()
 BN_zero();
 
 BN_init();
-BN_mod_exp(, , , , ctx);
-BN_CTX_free(ctx);
 
-if (BN_is_zero())
-ret = 0;
-else {
-printf("1**0 mod 1 = ");
-BN_print_fp(stdout, );
-printf(", should be 0\n");
+if (!BN_rand(, 1024, 0, 0))
+goto err;
+
+if (!BN_mod_exp(, , , , ctx))
+goto err;
+
+if (!a_is_zero_mod_one("BN_mod_exp", , ))
+failed = 1;
+
+if (!BN_mod_exp_recp(, , , , ctx))
+goto err;
+
+if (!a_is_zero_mod_one("BN_mod_exp_recp", , ))
+failed = 1;
+
+if (!BN_mod_exp_simple(, , , , ctx))
+

[openssl-commits] Build completed: openssl OpenSSL_1_0_2-stable.208

[AppVeyor]

Build openssl OpenSSL_1_0_2-stable.208 completed



Commit 44e4f5b04b by Emilia Kasper on 12/14/2015 4:57 PM:

Fix a ** 0 mod 1 = 0 for real this time.


Configure your notification preferences

_
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

[Dr . Stephen Henson]

The branch master has been updated
   via  0c497e96c42c4b466676d495b0c9bd72e27f7bd8 (commit)
   via  6745fcf62784005edd5532c009e789440b8d8964 (commit)
   via  c01ff880d47392b82cce2f93ac4a9bb8c68f8cc7 (commit)
   via  2872dbe1c46eceb20c38bc55a5fe2a4c4c52fe9d (commit)
   via  2986ecdc08016de978f1134315623778420b51e5 (commit)
  from  d911097d7c93e4cfeab624b34d73fe51da158b69 (commit)


- Log -
commit 0c497e96c42c4b466676d495b0c9bd72e27f7bd8
Author: Dr. Stephen Henson 
Date:   Mon Dec 14 18:10:16 2015 +

Update EVP_PKEY documentation.

Add EVP_PKEY_up_ref() documentation and fix various typos.

Reviewed-by: Viktor Dukhovni 

commit 6745fcf62784005edd5532c009e789440b8d8964
Author: Dr. Stephen Henson 
Date:   Mon Dec 14 14:15:45 2015 +

make update

Reviewed-by: Viktor Dukhovni 

commit c01ff880d47392b82cce2f93ac4a9bb8c68f8cc7
Author: Dr. Stephen Henson 
Date:   Mon Dec 14 13:13:32 2015 +

New function X509_get0_pubkey

Reviewed-by: Viktor Dukhovni 

commit 2872dbe1c46eceb20c38bc55a5fe2a4c4c52fe9d
Author: Dr. Stephen Henson 
Date:   Sun Dec 13 17:57:01 2015 +

Add EVP_PKEY_get0_* functions.

Reviewed-by: Viktor Dukhovni 

commit 2986ecdc08016de978f1134315623778420b51e5
Author: Dr. Stephen Henson 
Date:   Sun Dec 13 17:28:40 2015 +

Extend EVP_PKEY_copy_parameters()

Make EVP_PKEY_copy_parameters() work if the destination has no type
(e.g. if obtained from EVP_PKEY_new()) or the underlying key is NULL.
This is useful where we want to copy the parameters from an existing
key to a new key.

Reviewed-by: Viktor Dukhovni 

---

Summary of changes:
 apps/ca.c|  6 ++--
 apps/crl.c   |  3 +-
 apps/s_cb.c  |  3 +-
 apps/s_client.c  |  3 +-
 apps/x509.c  |  9 ++
 crypto/asn1/x_pubkey.c   | 23 +--
 crypto/async/Makefile| 12 
 crypto/dh/dh_ameth.c |  5 
 crypto/dsa/dsa_ameth.c   |  6 
 crypto/ec/ec_ameth.c |  5 
 crypto/evp/evp_err.c | 10 +++
 crypto/evp/p_lib.c   | 62 +++-
 crypto/x509/t_x509.c |  3 +-
 crypto/x509/x509_cmp.c   | 18 +++-
 crypto/x509/x509_err.c   |  2 +-
 crypto/x509/x509_vfy.c   | 19 
 doc/crypto/EVP_PKEY_new.pod  | 34 --
 doc/crypto/EVP_PKEY_set1_RSA.pod | 12 
 doc/crypto/X509_get_pubkey.pod   | 11 ---
 include/openssl/evp.h| 15 ++
 include/openssl/x509.h   |  4 ++-
 util/libeay.num  |  7 +
 22 files changed, 174 insertions(+), 98 deletions(-)

diff --git a/apps/ca.c b/apps/ca.c
index 535526c..6404e48 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1402,12 +1402,11 @@ static int certify_cert(X509 **xret, char *infile, 
EVP_PKEY *pkey, X509 *x509,
 
 BIO_printf(bio_err, "Check that the request matches the signature\n");
 
-if ((pktmp = X509_get_pubkey(req)) == NULL) {
+if ((pktmp = X509_get0_pubkey(req)) == NULL) {
 BIO_printf(bio_err, "error unpacking public key\n");
 goto end;
 }
 i = X509_verify(req, pktmp);
-EVP_PKEY_free(pktmp);
 if (i < 0) {
 ok = 0;
 BIO_printf(bio_err, "Signature verification problems\n");
@@ -1890,11 +1889,10 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 
*x509,
 }
 }
 
-pktmp = X509_get_pubkey(ret);
+pktmp = X509_get0_pubkey(ret);
 if (EVP_PKEY_missing_parameters(pktmp) &&
 !EVP_PKEY_missing_parameters(pkey))
 EVP_PKEY_copy_parameters(pktmp, pkey);
-EVP_PKEY_free(pktmp);
 
 if (!do_X509_sign(ret, pkey, dgst, sigopts))
 goto end;
diff --git a/apps/crl.c b/apps/crl.c
index b2a5d7f..3f64cdd 100644
--- a/apps/crl.c
+++ b/apps/crl.c
@@ -253,14 +253,13 @@ int crl_main(int argc, char **argv)
 BIO_printf(bio_err, "Error getting CRL issuer certificate\n");
 goto end;
 }
-pkey = X509_get_pubkey(xobj.data.x509);
+pkey = X509_get0_pubkey(xobj.data.x509);
 X509_OBJECT_free_contents();
 if (!pkey) {
 BIO_printf(bio_err, "Error getting CRL issuer public key\n");
 goto end;
 }
 i = X509_CRL_verify(x, pkey);
-EVP_PKEY_free(pkey);
 if (i < 0)
 goto end;
 if (i == 0)
diff --git a/apps/s_cb.c b/apps/s_cb.c
index 734d57f..7a4bf29 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -1402,13 +1402,12 @@ static