Module Name: src
Committed By: agc
Date: Tue Jun 14 20:47:08 UTC 2016
Modified Files:
src/crypto/external/bsd/netpgp/dist/src/netpgpverify: Makefile.bsd
Makefile.in bignum.c bn.h bzlib.c digest.c digest.h libverify.c
md5.h md5c.c misc.c pgpsum.c rmd160.c rmd160.h rsa.c rsa.h sha1.c
sha1.h sha2.c sha2.h tiger.c tiger.h verify.h
Log Message:
Sync with pkgsrc sources as of version 20160614
+ pick up renaming changes to internal routines
+ fix for issue verifying signatures created by gpg --no-emit-version
+ add test for same
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd
cvs rdiff -u -r1.8 -r1.9 \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in
cvs rdiff -u -r1.2 -r1.3 \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bignum.c \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bn.h \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.c \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.c
cvs rdiff -u -r1.3 -r1.4 \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib.c \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/misc.c
cvs rdiff -u -r1.1 -r1.2 \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.c \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.h \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5.h \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5c.c \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.c \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.h \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.h \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.c \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.h \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.c \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.h \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.h
cvs rdiff -u -r1.7 -r1.8 \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c
cvs rdiff -u -r1.5 -r1.6 \
src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd:1.4 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd:1.5
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd:1.4 Thu Feb 5 01:26:54 2015
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.bsd Tue Jun 14 20:47:08 2016
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.bsd,v 1.4 2015/02/05 01:26:54 agc Exp $
+# $NetBSD: Makefile.bsd,v 1.5 2016/06/14 20:47:08 agc Exp $
PROG=netpgpverify
@@ -43,3 +43,5 @@ tst:
rm -f 1keytest.gpg
@echo "testing signing with a subkey"
./chk.sh -k joyent-pubring.gpg digest-20121220.tgz
+ @echo "testing signatures with no version"
+ ./${PROG} -k pubring.gpg noversion.asc
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in:1.8 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in:1.9
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in:1.8 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/Makefile.in Tue Jun 14 20:47:08 2016
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.in,v 1.8 2014/03/09 00:15:45 agc Exp $
+# $NetBSD: Makefile.in,v 1.9 2016/06/14 20:47:08 agc Exp $
PROG=netpgpverify
@@ -26,8 +26,25 @@ tst:
./${PROG} -k pubring.gpg NetBSD-6.0_RC1_hashes.asc
./${PROG} -k pubring.gpg NetBSD-6.0_RC1_hashes.gpg
./${PROG} -v
- ./${PROG} -S testkey.pub data.gpg
- ./${PROG} -S testkey.pub data.sig
+ ./${PROG} -S sshtest-20140202.pub data.gpg
+ ./${PROG} -S sshtest-20140202.pub data.sig
+ @echo "expected failure, to check bad signatures fail to verify"
+ -sed -e 's|A|B|' data.gpg | ./${PROG} -S sshtest-20140202.pub
+ @echo ""
+ @echo "expected failure, no valid key for verification"
+ -./${PROG} -k /dev/null NetBSD-6.0_RC1_hashes.gpg
+ @echo "dumping now"
+ ./${PROG} -c dump -k pubring.gpg NetBSD-6.0_RC1_hashes.asc > /dev/null
+ @echo "dumping ssh now"
+ ./${PROG} -c dump -S sshtest-20140202.pub data.gpg
+ @echo "testing pubring with one key"
+ uudecode 1keytest.gpg.uu
+ ./${PROG} -k 1keypubring.gpg 1keytest.gpg
+ rm -f 1keytest.gpg
+ @echo "testing signing with a subkey"
+ ./chk.sh -k joyent-pubring.gpg digest-20121220.tgz
+ @echo "testing signatures with no version"
+ ./${PROG} -k pubring.gpg noversion.asc
clean:
rm -rf *.core ${OBJS} ${PROG}
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bignum.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bignum.c:1.2 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bignum.c:1.3
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bignum.c:1.2 Sat Jul 12 15:51:56 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bignum.c Tue Jun 14 20:47:08 2016
@@ -45,6 +45,7 @@
# include <sys/kmem.h>
#else
# include <arpa/inet.h>
+# include <limits.h>
# include <stdarg.h>
# include <stdio.h>
# include <stdlib.h>
@@ -88,6 +89,10 @@
#define __arraycount(__x) (sizeof(__x) / sizeof(__x[0]))
#endif
+#ifndef MIN
+#define MIN(a,b) (((a)<(b))?(a):(b))
+#endif
+
#define MP_ISZERO(a) (((a)->used == 0) ? MP_YES : MP_NO)
typedef int mp_err;
@@ -216,7 +221,7 @@ trim_unused_digits(mp_int * a)
/* copy, b = a */
static int
-mp_copy(BIGNUM *a, BIGNUM *b)
+mp_copy(PGPV_BIGNUM *a, PGPV_BIGNUM *b)
{
int res;
@@ -1333,13 +1338,13 @@ fast_modular_inverse(mp_int * a, mp_int
top:
/* 4. while u is even do */
- while (BN_is_even(&u) == 1) {
+ while (PGPV_BN_is_even(&u) == 1) {
/* 4.1 u = u/2 */
if ((res = half(&u, &u)) != MP_OKAY) {
goto LBL_ERR;
}
/* 4.2 if B is odd then */
- if (BN_is_odd(&B) == 1) {
+ if (PGPV_BN_is_odd(&B) == 1) {
if ((res = signed_subtract(&B, &x, &B)) != MP_OKAY) {
goto LBL_ERR;
}
@@ -1351,13 +1356,13 @@ top:
}
/* 5. while v is even do */
- while (BN_is_even(&v) == 1) {
+ while (PGPV_BN_is_even(&v) == 1) {
/* 5.1 v = v/2 */
if ((res = half(&v, &v)) != MP_OKAY) {
goto LBL_ERR;
}
/* 5.2 if D is odd then */
- if (BN_is_odd(&D) == 1) {
+ if (PGPV_BN_is_odd(&D) == 1) {
/* D = (D-x)/2 */
if ((res = signed_subtract(&D, &x, &D)) != MP_OKAY) {
goto LBL_ERR;
@@ -1446,7 +1451,7 @@ slow_modular_inverse(mp_int * a, mp_int
}
/* 2. [modified] if x,y are both even then return an error! */
- if (BN_is_even(&x) == 1 && BN_is_even(&y) == 1) {
+ if (PGPV_BN_is_even(&x) == 1 && PGPV_BN_is_even(&y) == 1) {
res = MP_VAL;
goto LBL_ERR;
}
@@ -1463,13 +1468,13 @@ slow_modular_inverse(mp_int * a, mp_int
top:
/* 4. while u is even do */
- while (BN_is_even(&u) == 1) {
+ while (PGPV_BN_is_even(&u) == 1) {
/* 4.1 u = u/2 */
if ((res = half(&u, &u)) != MP_OKAY) {
goto LBL_ERR;
}
/* 4.2 if A or B is odd then */
- if (BN_is_odd(&A) == 1 || BN_is_odd(&B) == 1) {
+ if (PGPV_BN_is_odd(&A) == 1 || PGPV_BN_is_odd(&B) == 1) {
/* A = (A+y)/2, B = (B-x)/2 */
if ((res = signed_add(&A, &y, &A)) != MP_OKAY) {
goto LBL_ERR;
@@ -1488,13 +1493,13 @@ top:
}
/* 5. while v is even do */
- while (BN_is_even(&v) == 1) {
+ while (PGPV_BN_is_even(&v) == 1) {
/* 5.1 v = v/2 */
if ((res = half(&v, &v)) != MP_OKAY) {
goto LBL_ERR;
}
/* 5.2 if C or D is odd then */
- if (BN_is_odd(&C) == 1 || BN_is_odd(&D) == 1) {
+ if (PGPV_BN_is_odd(&C) == 1 || PGPV_BN_is_odd(&D) == 1) {
/* C = (C+y)/2, D = (D-x)/2 */
if ((res = signed_add(&C, &y, &C)) != MP_OKAY) {
goto LBL_ERR;
@@ -1542,7 +1547,7 @@ top:
}
/* if not zero goto step 4 */
- if (BN_is_zero(&u) == 0) {
+ if (PGPV_BN_is_zero(&u) == 0) {
goto top;
}
/* now a = C, b = D, gcd == g*v */
@@ -1584,7 +1589,7 @@ modular_inverse(mp_int *c, mp_int *a, mp
}
/* if the modulus is odd we can use a faster routine instead */
- if (BN_is_odd(b) == 1) {
+ if (PGPV_BN_is_odd(b) == 1) {
return fast_modular_inverse(a, b, c);
}
return slow_modular_inverse(a, b, c);
@@ -4351,7 +4356,7 @@ exponent_modulo(mp_int * G, mp_int * X,
}
/* if the modulus is odd or diminished_radix, use the montgomery method */
- if (BN_is_odd(P) == 1 || diminished_radix) {
+ if (PGPV_BN_is_odd(P) == 1 || diminished_radix) {
return fast_exponent_modulo(G, X, P, Y, diminished_radix);
}
/* otherwise use the generic Barrett reduction technique */
@@ -5019,7 +5024,7 @@ mp_toradix_n(mp_int * a, char *str, int
}
static char *
-formatbn(const BIGNUM *a, const int radix)
+formatbn(const PGPV_BIGNUM *a, const int radix)
{
char *s;
int len;
@@ -5081,11 +5086,11 @@ mp_getradix_num(mp_int *a, int radix, ch
}
static int
-getbn(BIGNUM **a, const char *str, int radix)
+getbn(PGPV_BIGNUM **a, const char *str, int radix)
{
int len;
- if (a == NULL || str == NULL || (*a = BN_new()) == NULL) {
+ if (a == NULL || str == NULL || (*a = PGPV_BN_new()) == NULL) {
return 0;
}
if (mp_getradix_num(*a, radix, __UNCONST(str)) != MP_OKAY) {
@@ -5116,32 +5121,120 @@ subtract_modulo(mp_int *a, mp_int *b, mp
return res;
}
+/* bn_mp_gcd.c */
+/* Greatest Common Divisor using the binary method */
+static int
+mp_gcd(mp_int *a, mp_int *b, mp_int *c)
+{
+ mp_int u, v;
+ int k, u_lsb, v_lsb, res;
+
+ /* either zero than gcd is the largest */
+ if (PGPV_BN_is_zero(a) == MP_YES) {
+ return absolute(b, c);
+ }
+ if (PGPV_BN_is_zero(b) == MP_YES) {
+ return absolute(a, c);
+ }
+
+ /* get copies of a and b we can modify */
+ if ((res = mp_init_copy(&u, a)) != MP_OKAY) {
+ return res;
+ }
+
+ if ((res = mp_init_copy(&v, b)) != MP_OKAY) {
+ goto LBL_U;
+ }
+
+ /* must be positive for the remainder of the algorithm */
+ u.sign = v.sign = MP_ZPOS;
+
+ /* B1. Find the common power of two for u and v */
+ u_lsb = mp_cnt_lsb(&u);
+ v_lsb = mp_cnt_lsb(&v);
+ k = MIN(u_lsb, v_lsb);
+
+ if (k > 0) {
+ /* divide the power of two out */
+ if ((res = rshift_bits(&u, k, &u, NULL)) != MP_OKAY) {
+ goto LBL_V;
+ }
+
+ if ((res = rshift_bits(&v, k, &v, NULL)) != MP_OKAY) {
+ goto LBL_V;
+ }
+ }
+
+ /* divide any remaining factors of two out */
+ if (u_lsb != k) {
+ if ((res = rshift_bits(&u, u_lsb - k, &u, NULL)) != MP_OKAY) {
+ goto LBL_V;
+ }
+ }
+
+ if (v_lsb != k) {
+ if ((res = rshift_bits(&v, v_lsb - k, &v, NULL)) != MP_OKAY) {
+ goto LBL_V;
+ }
+ }
+
+ while (PGPV_BN_is_zero(&v) == 0) {
+ /* make sure v is the largest */
+ if (compare_magnitude(&u, &v) == MP_GT) {
+ /* swap u and v to make sure v is >= u */
+ mp_exch(&u, &v);
+ }
+
+ /* subtract smallest from largest */
+ if ((res = signed_subtract(&v, &u, &v)) != MP_OKAY) {
+ goto LBL_V;
+ }
+
+ /* Divide out all factors of two */
+ if ((res = rshift_bits(&v, mp_cnt_lsb(&v), &v, NULL)) != MP_OKAY) {
+ goto LBL_V;
+ }
+ }
+
+ /* multiply by 2**k which we divided out at the beginning */
+ if ((res = lshift_bits(&u, k, c)) != MP_OKAY) {
+ goto LBL_V;
+ }
+ c->sign = MP_ZPOS;
+ res = MP_OKAY;
+LBL_V:
+ mp_clear (&u);
+LBL_U:
+ mp_clear (&v);
+ return res;
+}
+
/**************************************************************************/
-/* BIGNUM emulation layer */
+/* PGPV_BIGNUM emulation layer */
/* essentiually, these are just wrappers around the libtommath functions */
/* usually the order of args changes */
-/* the BIGNUM API tends to have more const poisoning */
+/* the PGPV_BIGNUM API tends to have more const poisoning */
/* these wrappers also check the arguments passed for sanity */
-BIGNUM *
-BN_bin2bn(const uint8_t *data, int len, BIGNUM *ret)
+PGPV_BIGNUM *
+PGPV_BN_bin2bn(const uint8_t *data, int len, PGPV_BIGNUM *ret)
{
if (data == NULL) {
- return BN_new();
+ return PGPV_BN_new();
}
if (ret == NULL) {
- ret = BN_new();
+ ret = PGPV_BN_new();
}
return (mp_read_unsigned_bin(ret, data, len) == MP_OKAY) ? ret : NULL;
}
/* store in unsigned [big endian] format */
int
-BN_bn2bin(const BIGNUM *a, unsigned char *b)
+PGPV_BN_bn2bin(const PGPV_BIGNUM *a, unsigned char *b)
{
- BIGNUM t;
+ PGPV_BIGNUM t;
int x;
if (a == NULL || b == NULL) {
@@ -5150,7 +5243,7 @@ BN_bn2bin(const BIGNUM *a, unsigned char
if (mp_init_copy (&t, __UNCONST(a)) != MP_OKAY) {
return -1;
}
- for (x = 0; !BN_is_zero(&t) ; ) {
+ for (x = 0; !PGPV_BN_is_zero(&t) ; ) {
b[x++] = (unsigned char) (t.dp[0] & 0xff);
if (rshift_bits(&t, 8, &t, NULL) != MP_OKAY) {
mp_clear(&t);
@@ -5163,17 +5256,17 @@ BN_bn2bin(const BIGNUM *a, unsigned char
}
void
-BN_init(BIGNUM *a)
+PGPV_BN_init(PGPV_BIGNUM *a)
{
if (a != NULL) {
mp_init(a);
}
}
-BIGNUM *
-BN_new(void)
+PGPV_BIGNUM *
+PGPV_BN_new(void)
{
- BIGNUM *a;
+ PGPV_BIGNUM *a;
if ((a = allocate(1, sizeof(*a))) != NULL) {
mp_init(a);
@@ -5183,7 +5276,7 @@ BN_new(void)
/* copy, b = a */
int
-BN_copy(BIGNUM *b, const BIGNUM *a)
+PGPV_BN_copy(PGPV_BIGNUM *b, const PGPV_BIGNUM *a)
{
if (a == NULL || b == NULL) {
return MP_VAL;
@@ -5191,22 +5284,22 @@ BN_copy(BIGNUM *b, const BIGNUM *a)
return mp_copy(__UNCONST(a), b);
}
-BIGNUM *
-BN_dup(const BIGNUM *a)
+PGPV_BIGNUM *
+PGPV_BN_dup(const PGPV_BIGNUM *a)
{
- BIGNUM *ret;
+ PGPV_BIGNUM *ret;
if (a == NULL) {
return NULL;
}
- if ((ret = BN_new()) != NULL) {
- BN_copy(ret, a);
+ if ((ret = PGPV_BN_new()) != NULL) {
+ PGPV_BN_copy(ret, a);
}
return ret;
}
void
-BN_swap(BIGNUM *a, BIGNUM *b)
+PGPV_BN_swap(PGPV_BIGNUM *a, PGPV_BIGNUM *b)
{
if (a && b) {
mp_exch(a, b);
@@ -5214,47 +5307,47 @@ BN_swap(BIGNUM *a, BIGNUM *b)
}
int
-BN_lshift(BIGNUM *r, const BIGNUM *a, int n)
+PGPV_BN_lshift(PGPV_BIGNUM *r, const PGPV_BIGNUM *a, int n)
{
if (r == NULL || a == NULL || n < 0) {
return 0;
}
- BN_copy(r, a);
+ PGPV_BN_copy(r, a);
return lshift_digits(r, n) == MP_OKAY;
}
int
-BN_lshift1(BIGNUM *r, BIGNUM *a)
+PGPV_BN_lshift1(PGPV_BIGNUM *r, PGPV_BIGNUM *a)
{
if (r == NULL || a == NULL) {
return 0;
}
- BN_copy(r, a);
+ PGPV_BN_copy(r, a);
return lshift_digits(r, 1) == MP_OKAY;
}
int
-BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
+PGPV_BN_rshift(PGPV_BIGNUM *r, const PGPV_BIGNUM *a, int n)
{
if (r == NULL || a == NULL || n < 0) {
return MP_VAL;
}
- BN_copy(r, a);
+ PGPV_BN_copy(r, a);
return rshift_digits(r, n) == MP_OKAY;
}
int
-BN_rshift1(BIGNUM *r, BIGNUM *a)
+PGPV_BN_rshift1(PGPV_BIGNUM *r, PGPV_BIGNUM *a)
{
if (r == NULL || a == NULL) {
return 0;
}
- BN_copy(r, a);
+ PGPV_BN_copy(r, a);
return rshift_digits(r, 1) == MP_OKAY;
}
int
-BN_set_word(BIGNUM *a, BN_ULONG w)
+PGPV_BN_set_word(PGPV_BIGNUM *a, PGPV_BN_ULONG w)
{
if (a == NULL) {
return 0;
@@ -5264,7 +5357,7 @@ BN_set_word(BIGNUM *a, BN_ULONG w)
}
int
-BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
+PGPV_BN_add(PGPV_BIGNUM *r, const PGPV_BIGNUM *a, const PGPV_BIGNUM *b)
{
if (a == NULL || b == NULL || r == NULL) {
return 0;
@@ -5273,7 +5366,7 @@ BN_add(BIGNUM *r, const BIGNUM *a, const
}
int
-BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
+PGPV_BN_sub(PGPV_BIGNUM *r, const PGPV_BIGNUM *a, const PGPV_BIGNUM *b)
{
if (a == NULL || b == NULL || r == NULL) {
return 0;
@@ -5282,7 +5375,7 @@ BN_sub(BIGNUM *r, const BIGNUM *a, const
}
int
-BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
+PGPV_BN_mul(PGPV_BIGNUM *r, const PGPV_BIGNUM *a, const PGPV_BIGNUM *b, PGPV_BN_CTX *ctx)
{
if (a == NULL || b == NULL || r == NULL) {
return 0;
@@ -5292,7 +5385,7 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const
}
int
-BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d, BN_CTX *ctx)
+PGPV_BN_div(PGPV_BIGNUM *dv, PGPV_BIGNUM *rem, const PGPV_BIGNUM *a, const PGPV_BIGNUM *d, PGPV_BN_CTX *ctx)
{
if ((dv == NULL && rem == NULL) || a == NULL || d == NULL) {
return 0;
@@ -5303,7 +5396,7 @@ BN_div(BIGNUM *dv, BIGNUM *rem, const BI
/* perform a bit operation on the 2 bignums */
int
-BN_bitop(BIGNUM *r, const BIGNUM *a, char op, const BIGNUM *b)
+PGPV_BN_bitop(PGPV_BIGNUM *r, const PGPV_BIGNUM *a, char op, const PGPV_BIGNUM *b)
{
unsigned ndigits;
mp_digit ad;
@@ -5313,11 +5406,11 @@ BN_bitop(BIGNUM *r, const BIGNUM *a, cha
if (a == NULL || b == NULL || r == NULL) {
return 0;
}
- if (BN_cmp(__UNCONST(a), __UNCONST(b)) >= 0) {
- BN_copy(r, a);
+ if (PGPV_BN_cmp(__UNCONST(a), __UNCONST(b)) >= 0) {
+ PGPV_BN_copy(r, a);
ndigits = a->used;
} else {
- BN_copy(r, b);
+ PGPV_BN_copy(r, b);
ndigits = b->used;
}
for (i = 0 ; i < (int)ndigits ; i++) {
@@ -5341,7 +5434,7 @@ BN_bitop(BIGNUM *r, const BIGNUM *a, cha
}
void
-BN_free(BIGNUM *a)
+PGPV_BN_free(PGPV_BIGNUM *a)
{
if (a) {
mp_clear(a);
@@ -5349,7 +5442,7 @@ BN_free(BIGNUM *a)
}
void
-BN_clear(BIGNUM *a)
+PGPV_BN_clear(PGPV_BIGNUM *a)
{
if (a) {
mp_clear(a);
@@ -5357,7 +5450,7 @@ BN_clear(BIGNUM *a)
}
void
-BN_clear_free(BIGNUM *a)
+PGPV_BN_clear_free(PGPV_BIGNUM *a)
{
if (a) {
mp_clear(a);
@@ -5365,7 +5458,7 @@ BN_clear_free(BIGNUM *a)
}
int
-BN_num_bytes(const BIGNUM *a)
+PGPV_BN_num_bytes(const PGPV_BIGNUM *a)
{
if (a == NULL) {
return MP_VAL;
@@ -5374,7 +5467,7 @@ BN_num_bytes(const BIGNUM *a)
}
int
-BN_num_bits(const BIGNUM *a)
+PGPV_BN_num_bits(const PGPV_BIGNUM *a)
{
if (a == NULL) {
return 0;
@@ -5383,7 +5476,7 @@ BN_num_bits(const BIGNUM *a)
}
void
-BN_set_negative(BIGNUM *a, int n)
+PGPV_BN_set_negative(PGPV_BIGNUM *a, int n)
{
if (a) {
a->sign = (n) ? MP_NEG : 0;
@@ -5391,7 +5484,7 @@ BN_set_negative(BIGNUM *a, int n)
}
int
-BN_cmp(BIGNUM *a, BIGNUM *b)
+PGPV_BN_cmp(PGPV_BIGNUM *a, PGPV_BIGNUM *b)
{
if (a == NULL || b == NULL) {
return MP_VAL;
@@ -5408,7 +5501,7 @@ BN_cmp(BIGNUM *a, BIGNUM *b)
}
int
-BN_mod_exp(BIGNUM *Y, BIGNUM *G, BIGNUM *X, BIGNUM *P, BN_CTX *ctx)
+PGPV_BN_mod_exp(PGPV_BIGNUM *Y, PGPV_BIGNUM *G, PGPV_BIGNUM *X, PGPV_BIGNUM *P, PGPV_BN_CTX *ctx)
{
if (Y == NULL || G == NULL || X == NULL || P == NULL) {
return MP_VAL;
@@ -5417,8 +5510,8 @@ BN_mod_exp(BIGNUM *Y, BIGNUM *G, BIGNUM
return exponent_modulo(G, X, P, Y) == MP_OKAY;
}
-BIGNUM *
-BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
+PGPV_BIGNUM *
+PGPV_BN_mod_inverse(PGPV_BIGNUM *r, PGPV_BIGNUM *a, const PGPV_BIGNUM *n, PGPV_BN_CTX *ctx)
{
USE_ARG(ctx);
if (r == NULL || a == NULL || n == NULL) {
@@ -5428,7 +5521,7 @@ BN_mod_inverse(BIGNUM *r, BIGNUM *a, con
}
int
-BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
+PGPV_BN_mod_mul(PGPV_BIGNUM *ret, PGPV_BIGNUM *a, PGPV_BIGNUM *b, const PGPV_BIGNUM *m, PGPV_BN_CTX *ctx)
{
USE_ARG(ctx);
if (ret == NULL || a == NULL || b == NULL || m == NULL) {
@@ -5437,14 +5530,14 @@ BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNU
return multiply_modulo(ret, a, b, __UNCONST(m)) == MP_OKAY;
}
-BN_CTX *
-BN_CTX_new(void)
+PGPV_BN_CTX *
+PGPV_BN_CTX_new(void)
{
- return allocate(1, sizeof(BN_CTX));
+ return allocate(1, sizeof(PGPV_BN_CTX));
}
void
-BN_CTX_init(BN_CTX *c)
+PGPV_BN_CTX_init(PGPV_BN_CTX *c)
{
if (c != NULL) {
c->arraysize = 15;
@@ -5454,61 +5547,61 @@ BN_CTX_init(BN_CTX *c)
}
}
-BIGNUM *
-BN_CTX_get(BN_CTX *ctx)
+PGPV_BIGNUM *
+PGPV_BN_CTX_get(PGPV_BN_CTX *ctx)
{
if (ctx == NULL || ctx->v == NULL || ctx->arraysize == 0 || ctx->count == ctx->arraysize - 1) {
return NULL;
}
- return ctx->v[ctx->count++] = BN_new();
+ return ctx->v[ctx->count++] = PGPV_BN_new();
}
void
-BN_CTX_start(BN_CTX *ctx)
+PGPV_BN_CTX_start(PGPV_BN_CTX *ctx)
{
- BN_CTX_init(ctx);
+ PGPV_BN_CTX_init(ctx);
}
void
-BN_CTX_free(BN_CTX *c)
+PGPV_BN_CTX_free(PGPV_BN_CTX *c)
{
unsigned i;
if (c != NULL && c->v != NULL) {
for (i = 0 ; i < c->count ; i++) {
- BN_clear_free(c->v[i]);
+ PGPV_BN_clear_free(c->v[i]);
}
deallocate(c->v, sizeof(*c->v) * c->arraysize);
}
}
void
-BN_CTX_end(BN_CTX *ctx)
+PGPV_BN_CTX_end(PGPV_BN_CTX *ctx)
{
- BN_CTX_free(ctx);
+ PGPV_BN_CTX_free(ctx);
}
char *
-BN_bn2hex(const BIGNUM *a)
+PGPV_BN_bn2hex(const PGPV_BIGNUM *a)
{
return (a == NULL) ? NULL : formatbn(a, 16);
}
char *
-BN_bn2dec(const BIGNUM *a)
+PGPV_BN_bn2dec(const PGPV_BIGNUM *a)
{
return (a == NULL) ? NULL : formatbn(a, 10);
}
char *
-BN_bn2radix(const BIGNUM *a, unsigned radix)
+PGPV_BN_bn2radix(const PGPV_BIGNUM *a, unsigned radix)
{
return (a == NULL) ? NULL : formatbn(a, (int)radix);
}
#ifndef _KERNEL
int
-BN_print_fp(FILE *fp, const BIGNUM *a)
+PGPV_BN_print_fp(FILE *fp, const PGPV_BIGNUM *a)
{
char *s;
int ret;
@@ -5516,16 +5609,16 @@ BN_print_fp(FILE *fp, const BIGNUM *a)
if (fp == NULL || a == NULL) {
return 0;
}
- s = BN_bn2hex(a);
+ s = PGPV_BN_bn2hex(a);
ret = fprintf(fp, "%s", s);
deallocate(s, strlen(s) + 1);
return ret;
}
#endif
-#ifdef BN_RAND_NEEDED
+#ifdef PGPV_BN_RAND_NEEDED
int
-BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
+PGPV_BN_rand(PGPV_BIGNUM *rnd, int bits, int top, int bottom)
{
uint64_t r;
int digits;
@@ -5540,6 +5633,7 @@ BN_rand(BIGNUM *rnd, int bits, int top,
r <<= 32;
r |= arc4random();
rnd->dp[i] = (r & MP_MASK);
+ rnd->used += 1;
}
if (top == 0) {
rnd->dp[rnd->used - 1] |= (((mp_digit)1)<<((mp_digit)DIGIT_BIT));
@@ -5555,18 +5649,18 @@ BN_rand(BIGNUM *rnd, int bits, int top,
}
int
-BN_rand_range(BIGNUM *rnd, BIGNUM *range)
+PGPV_BN_rand_range(PGPV_BIGNUM *rnd, PGPV_BIGNUM *range)
{
- if (rnd == NULL || range == NULL || BN_is_zero(range)) {
+ if (rnd == NULL || range == NULL || PGPV_BN_is_zero(range)) {
return 0;
}
- BN_rand(rnd, BN_num_bits(range), 1, 0);
+ PGPV_BN_rand(rnd, PGPV_BN_num_bits(range), 1, 0);
return modulo(rnd, range, rnd) == MP_OKAY;
}
#endif
int
-BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg)
+PGPV_BN_is_prime(const PGPV_BIGNUM *a, int checks, void (*callback)(int, int, void *), PGPV_BN_CTX *ctx, void *cb_arg)
{
int primality;
@@ -5579,35 +5673,35 @@ BN_is_prime(const BIGNUM *a, int checks,
return (mp_prime_is_prime(__UNCONST(a), checks, &primality) == MP_OKAY) ? primality : 0;
}
-const BIGNUM *
-BN_value_one(void)
+const PGPV_BIGNUM *
+PGPV_BN_value_one(void)
{
static mp_digit digit = 1UL;
- static const BIGNUM one = { &digit, 1, 1, 0 };
+ static const PGPV_BIGNUM one = { &digit, 1, 1, 0 };
return &one;
}
int
-BN_hex2bn(BIGNUM **a, const char *str)
+PGPV_BN_hex2bn(PGPV_BIGNUM **a, const char *str)
{
return getbn(a, str, 16);
}
int
-BN_dec2bn(BIGNUM **a, const char *str)
+PGPV_BN_dec2bn(PGPV_BIGNUM **a, const char *str)
{
return getbn(a, str, 10);
}
int
-BN_radix2bn(BIGNUM **a, const char *str, unsigned radix)
+PGPV_BN_radix2bn(PGPV_BIGNUM **a, const char *str, unsigned radix)
{
return getbn(a, str, (int)radix);
}
int
-BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx)
+PGPV_BN_mod_sub(PGPV_BIGNUM *r, PGPV_BIGNUM *a, PGPV_BIGNUM *b, const PGPV_BIGNUM *m, PGPV_BN_CTX *ctx)
{
USE_ARG(ctx);
if (r == NULL || a == NULL || b == NULL || m == NULL) {
@@ -5617,7 +5711,7 @@ BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM
}
int
-BN_is_bit_set(const BIGNUM *a, int n)
+PGPV_BN_is_bit_set(const PGPV_BIGNUM *a, int n)
{
if (a == NULL || n < 0 || n >= a->used * DIGIT_BIT) {
return 0;
@@ -5627,52 +5721,59 @@ BN_is_bit_set(const BIGNUM *a, int n)
/* raise 'a' to power of 'b' */
int
-BN_raise(BIGNUM *res, BIGNUM *a, BIGNUM *b)
+PGPV_BN_raise(PGPV_BIGNUM *res, PGPV_BIGNUM *a, PGPV_BIGNUM *b)
{
uint64_t exponent;
- BIGNUM *power;
- BIGNUM *temp;
+ PGPV_BIGNUM *power;
+ PGPV_BIGNUM *temp;
char *t;
- t = BN_bn2dec(b);
+ t = PGPV_BN_bn2dec(b);
exponent = (uint64_t)strtoull(t, NULL, 10);
free(t);
if (exponent == 0) {
- BN_copy(res, BN_value_one());
+ PGPV_BN_copy(res, PGPV_BN_value_one());
} else {
- power = BN_dup(a);
+ power = PGPV_BN_dup(a);
for ( ; (exponent & 1) == 0 ; exponent >>= 1) {
- BN_mul(power, power, power, NULL);
+ PGPV_BN_mul(power, power, power, NULL);
}
- temp = BN_dup(power);
+ temp = PGPV_BN_dup(power);
for (exponent >>= 1 ; exponent > 0 ; exponent >>= 1) {
- BN_mul(power, power, power, NULL);
+ PGPV_BN_mul(power, power, power, NULL);
if (exponent & 1) {
- BN_mul(temp, power, temp, NULL);
+ PGPV_BN_mul(temp, power, temp, NULL);
}
}
- BN_copy(res, temp);
- BN_free(power);
- BN_free(temp);
+ PGPV_BN_copy(res, temp);
+ PGPV_BN_free(power);
+ PGPV_BN_free(temp);
}
return 1;
}
/* compute the factorial */
int
-BN_factorial(BIGNUM *res, BIGNUM *f)
+PGPV_BN_factorial(PGPV_BIGNUM *res, PGPV_BIGNUM *f)
{
- BIGNUM *one;
- BIGNUM *i;
+ PGPV_BIGNUM *one;
+ PGPV_BIGNUM *i;
- i = BN_dup(f);
- one = __UNCONST(BN_value_one());
- BN_sub(i, i, one);
- BN_copy(res, f);
- while (BN_cmp(i, one) > 0) {
- BN_mul(res, res, i, NULL);
- BN_sub(i, i, one);
+ i = PGPV_BN_dup(f);
+ one = __UNCONST(PGPV_BN_value_one());
+ PGPV_BN_sub(i, i, one);
+ PGPV_BN_copy(res, f);
+ while (PGPV_BN_cmp(i, one) > 0) {
+ PGPV_BN_mul(res, res, i, NULL);
+ PGPV_BN_sub(i, i, one);
}
- BN_free(i);
+ PGPV_BN_free(i);
return 1;
}
+
+/* get greatest common divisor */
+int
+PGPV_BN_gcd(PGPV_BIGNUM *r, PGPV_BIGNUM *a, PGPV_BIGNUM *b, PGPV_BN_CTX *ctx)
+{
+ return mp_gcd(a, b, r);
+}
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bn.h
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bn.h:1.2 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bn.h:1.3
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bn.h:1.2 Sat Jul 12 15:51:56 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bn.h Tue Jun 14 20:47:08 2016
@@ -44,6 +44,66 @@
__BEGIN_DECLS
+#ifdef USE_BN_INTERFACE
+#define BIGNUM PGPV_BIGNUM
+#define BN_ULONG PGPV_BN_ULONG
+#define BN_CTX PGPV_BN_CTX
+#define BN_is_negative PGPV_BN_is_negative
+#define BN_is_zero PGPV_BN_is_zero
+#define BN_is_odd PGPV_BN_is_odd
+#define BN_is_even PGPV_BN_is_even
+#define BN_new PGPV_BN_new
+#define BN_dup PGPV_BN_dup
+#define BN_copy PGPV_BN_copy
+#define BN_init PGPV_BN_init
+#define BN_free PGPV_BN_free
+#define BN_clear PGPV_BN_clear
+#define BN_clear_free PGPV_BN_clear_free
+#define BN_cmp PGPV_BN_cmp
+#define BN_bn2bin PGPV_BN_bn2bin
+#define BN_bn2hex PGPV_BN_bn2hex
+#define BN_bn2dec PGPV_BN_bn2dec
+#define BN_bn2radix PGPV_BN_bn2radix
+#define BN_hex2bn PGPV_BN_hex2bn
+#define BN_dec2bn PGPV_BN_dec2bn
+#define BN_radix2bn PGPV_BN_radix2bn
+#ifndef _KERNEL
+#define BN_print_fp PGPV_BN_print_fp
+#endif
+#define BN_add PGPV_BN_add
+#define BN_sub PGPV_BN_sub
+#define BN_mul PGPV_BN_mul
+#define BN_div PGPV_BN_div
+#define BN_swap PGPV_BN_swap
+#define BN_bitop PGPV_BN_bitop
+#define BN_lshift PGPV_BN_lshift
+#define BN_lshift1 PGPV_BN_lshift1
+#define BN_rshift PGPV_BN_rshift
+#define BN_rshift1 PGPV_BN_rshift1
+#define BN_set_word PGPV_BN_set_word
+#define BN_set_negative PGPV_BN_set_negative
+#define BN_num_bytes PGPV_BN_num_bytes
+#define BN_num_bits PGPV_BN_num_bits
+#define BN_mod_exp PGPV_BN_mod_exp
+#define BN_mod_inverse PGPV_BN_mod_inverse
+#define BN_mod_mul PGPV_BN_mod_mul
+#define BN_mod_sub PGPV_BN_mod_sub
+#define BN_raise PGPV_BN_raise
+#define BN_factorial PGPV_BN_factorial
+#define BN_CTX_new PGPV_BN_CTX_new
+#define BN_CTX_get PGPV_BN_CTX_get
+#define BN_CTX_start PGPV_BN_CTX_start
+#define BN_CTX_end PGPV_BN_CTX_end
+#define BN_CTX_init PGPV_BN_CTX_init
+#define BN_CTX_free PGPV_BN_CTX_free
+#define BN_rand PGPV_BN_rand
+#define BN_rand_range PGPV_BN_rand_range
+#define BN_is_prime PGPV_BN_is_prime
+#define BN_value_one PGPV_BN_value_one
+#define BN_is_bit_set PGPV_BN_is_bit_set
+#define BN_gcd PGPV_BN_gcd
+#endif /* USE_BN_INTERFACE */
+
/* should be 32bit on ILP32, 64bit on LP64 */
typedef unsigned long mp_digit;
typedef uint64_t mp_word;
@@ -56,15 +116,15 @@ typedef struct mp_int {
int sign; /* non-zero if negative */
} mp_int;
-#define BIGNUM mp_int
-#define BN_ULONG mp_digit
+#define PGPV_BIGNUM mp_int
+#define PGPV_BN_ULONG mp_digit
/* a "context" of mp integers - never really used */
typedef struct bn_ctx_t {
size_t count;
size_t arraysize;
- BIGNUM **v;
-} BN_CTX;
+ PGPV_BIGNUM **v;
+} PGPV_BN_CTX;
#define MP_LT -1
#define MP_EQ 0
@@ -80,72 +140,74 @@ typedef struct bn_ctx_t {
/*********************************/
-#define BN_is_negative(x) ((x)->sign == MP_NEG)
-#define BN_is_zero(a) (((a)->used == 0) ? 1 : 0)
-#define BN_is_odd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? 1 : 0)
-#define BN_is_even(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? 1 : 0)
-
-BIGNUM *BN_new(void);
-BIGNUM *BN_dup(const BIGNUM */*a*/);
-int BN_copy(BIGNUM */*b*/, const BIGNUM */*a*/);
-
-void BN_init(BIGNUM */*a*/);
-void BN_free(BIGNUM */*a*/);
-void BN_clear(BIGNUM */*a*/);
-void BN_clear_free(BIGNUM */*a*/);
-
-int BN_cmp(BIGNUM */*a*/, BIGNUM */*b*/);
-
-BIGNUM *BN_bin2bn(const uint8_t */*buf*/, int /*size*/, BIGNUM */*bn*/);
-int BN_bn2bin(const BIGNUM */*a*/, unsigned char */*b*/);
-char *BN_bn2hex(const BIGNUM */*a*/);
-char *BN_bn2dec(const BIGNUM */*a*/);
-char *BN_bn2radix(const BIGNUM */*a*/, unsigned /*radix*/);
-int BN_hex2bn(BIGNUM **/*a*/, const char */*str*/);
-int BN_dec2bn(BIGNUM **/*a*/, const char */*str*/);
-int BN_radix2bn(BIGNUM **/*a*/, const char */*str*/, unsigned /*radix*/);
+#define PGPV_BN_is_negative(x) ((x)->sign == MP_NEG)
+#define PGPV_BN_is_zero(a) (((a)->used == 0) ? 1 : 0)
+#define PGPV_BN_is_odd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? 1 : 0)
+#define PGPV_BN_is_even(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? 1 : 0)
+
+PGPV_BIGNUM *PGPV_BN_new(void);
+PGPV_BIGNUM *PGPV_BN_dup(const PGPV_BIGNUM */*a*/);
+int PGPV_BN_copy(PGPV_BIGNUM */*b*/, const PGPV_BIGNUM */*a*/);
+
+void PGPV_BN_init(PGPV_BIGNUM */*a*/);
+void PGPV_BN_free(PGPV_BIGNUM */*a*/);
+void PGPV_BN_clear(PGPV_BIGNUM */*a*/);
+void PGPV_BN_clear_free(PGPV_BIGNUM */*a*/);
+
+int PGPV_BN_cmp(PGPV_BIGNUM */*a*/, PGPV_BIGNUM */*b*/);
+
+PGPV_BIGNUM *PGPV_BN_bin2bn(const uint8_t */*buf*/, int /*size*/, PGPV_BIGNUM */*bn*/);
+int PGPV_BN_bn2bin(const PGPV_BIGNUM */*a*/, unsigned char */*b*/);
+char *PGPV_BN_bn2hex(const PGPV_BIGNUM */*a*/);
+char *PGPV_BN_bn2dec(const PGPV_BIGNUM */*a*/);
+char *PGPV_BN_bn2radix(const PGPV_BIGNUM */*a*/, unsigned /*radix*/);
+int PGPV_BN_hex2bn(PGPV_BIGNUM **/*a*/, const char */*str*/);
+int PGPV_BN_dec2bn(PGPV_BIGNUM **/*a*/, const char */*str*/);
+int PGPV_BN_radix2bn(PGPV_BIGNUM **/*a*/, const char */*str*/, unsigned /*radix*/);
#ifndef _KERNEL
-int BN_print_fp(FILE */*fp*/, const BIGNUM */*a*/);
+int PGPV_BN_print_fp(FILE */*fp*/, const PGPV_BIGNUM */*a*/);
#endif
-int BN_add(BIGNUM */*r*/, const BIGNUM */*a*/, const BIGNUM */*b*/);
-int BN_sub(BIGNUM */*r*/, const BIGNUM */*a*/, const BIGNUM */*b*/);
-int BN_mul(BIGNUM */*r*/, const BIGNUM */*a*/, const BIGNUM */*b*/, BN_CTX */*ctx*/);
-int BN_div(BIGNUM */*q*/, BIGNUM */*r*/, const BIGNUM */*a*/, const BIGNUM */*b*/, BN_CTX */*ctx*/);
-void BN_swap(BIGNUM */*a*/, BIGNUM */*b*/);
-int BN_bitop(BIGNUM */*r*/, const BIGNUM */*a*/, char /*op*/, const BIGNUM */*b*/);
-int BN_lshift(BIGNUM */*r*/, const BIGNUM */*a*/, int /*n*/);
-int BN_lshift1(BIGNUM */*r*/, BIGNUM */*a*/);
-int BN_rshift(BIGNUM */*r*/, const BIGNUM */*a*/, int /*n*/);
-int BN_rshift1(BIGNUM */*r*/, BIGNUM */*a*/);
-int BN_set_word(BIGNUM */*a*/, BN_ULONG /*w*/);
-void BN_set_negative(BIGNUM */*a*/, int /*n*/);
-
-int BN_num_bytes(const BIGNUM */*a*/);
-int BN_num_bits(const BIGNUM */*a*/);
-
-int BN_mod_exp(BIGNUM */*r*/, BIGNUM */*a*/, BIGNUM */*p*/, BIGNUM */*m*/, BN_CTX */*ctx*/);
-BIGNUM *BN_mod_inverse(BIGNUM */*ret*/, BIGNUM */*a*/, const BIGNUM */*n*/, BN_CTX */*ctx*/);
-int BN_mod_mul(BIGNUM */*ret*/, BIGNUM */*a*/, BIGNUM */*b*/, const BIGNUM */*m*/, BN_CTX */*ctx*/);
-int BN_mod_sub(BIGNUM */*r*/, BIGNUM */*a*/, BIGNUM */*b*/, const BIGNUM */*m*/, BN_CTX */*ctx*/);
-
-int BN_raise(BIGNUM */*res*/, BIGNUM */*a*/, BIGNUM */*b*/);
-int BN_factorial(BIGNUM */*fact*/, BIGNUM */*f*/);
-
-BN_CTX *BN_CTX_new(void);
-BIGNUM *BN_CTX_get(BN_CTX */*ctx*/);
-void BN_CTX_start(BN_CTX */*ctx*/);
-void BN_CTX_end(BN_CTX */*ctx*/);
-void BN_CTX_init(BN_CTX */*c*/);
-void BN_CTX_free(BN_CTX */*c*/);
+int PGPV_BN_add(PGPV_BIGNUM */*r*/, const PGPV_BIGNUM */*a*/, const PGPV_BIGNUM */*b*/);
+int PGPV_BN_sub(PGPV_BIGNUM */*r*/, const PGPV_BIGNUM */*a*/, const PGPV_BIGNUM */*b*/);
+int PGPV_BN_mul(PGPV_BIGNUM */*r*/, const PGPV_BIGNUM */*a*/, const PGPV_BIGNUM */*b*/, PGPV_BN_CTX */*ctx*/);
+int PGPV_BN_div(PGPV_BIGNUM */*q*/, PGPV_BIGNUM */*r*/, const PGPV_BIGNUM */*a*/, const PGPV_BIGNUM */*b*/, PGPV_BN_CTX */*ctx*/);
+void PGPV_BN_swap(PGPV_BIGNUM */*a*/, PGPV_BIGNUM */*b*/);
+int PGPV_BN_bitop(PGPV_BIGNUM */*r*/, const PGPV_BIGNUM */*a*/, char /*op*/, const PGPV_BIGNUM */*b*/);
+int PGPV_BN_lshift(PGPV_BIGNUM */*r*/, const PGPV_BIGNUM */*a*/, int /*n*/);
+int PGPV_BN_lshift1(PGPV_BIGNUM */*r*/, PGPV_BIGNUM */*a*/);
+int PGPV_BN_rshift(PGPV_BIGNUM */*r*/, const PGPV_BIGNUM */*a*/, int /*n*/);
+int PGPV_BN_rshift1(PGPV_BIGNUM */*r*/, PGPV_BIGNUM */*a*/);
+int PGPV_BN_set_word(PGPV_BIGNUM */*a*/, PGPV_BN_ULONG /*w*/);
+void PGPV_BN_set_negative(PGPV_BIGNUM */*a*/, int /*n*/);
+
+int PGPV_BN_num_bytes(const PGPV_BIGNUM */*a*/);
+int PGPV_BN_num_bits(const PGPV_BIGNUM */*a*/);
+
+int PGPV_BN_mod_exp(PGPV_BIGNUM */*r*/, PGPV_BIGNUM */*a*/, PGPV_BIGNUM */*p*/, PGPV_BIGNUM */*m*/, PGPV_BN_CTX */*ctx*/);
+PGPV_BIGNUM *PGPV_BN_mod_inverse(PGPV_BIGNUM */*ret*/, PGPV_BIGNUM */*a*/, const PGPV_BIGNUM */*n*/, PGPV_BN_CTX */*ctx*/);
+int PGPV_BN_mod_mul(PGPV_BIGNUM */*ret*/, PGPV_BIGNUM */*a*/, PGPV_BIGNUM */*b*/, const PGPV_BIGNUM */*m*/, PGPV_BN_CTX */*ctx*/);
+int PGPV_BN_mod_sub(PGPV_BIGNUM */*r*/, PGPV_BIGNUM */*a*/, PGPV_BIGNUM */*b*/, const PGPV_BIGNUM */*m*/, PGPV_BN_CTX */*ctx*/);
+
+int PGPV_BN_raise(PGPV_BIGNUM */*res*/, PGPV_BIGNUM */*a*/, PGPV_BIGNUM */*b*/);
+int PGPV_BN_factorial(PGPV_BIGNUM */*fact*/, PGPV_BIGNUM */*f*/);
+
+PGPV_BN_CTX *PGPV_BN_CTX_new(void);
+PGPV_BIGNUM *PGPV_BN_CTX_get(PGPV_BN_CTX */*ctx*/);
+void PGPV_BN_CTX_start(PGPV_BN_CTX */*ctx*/);
+void PGPV_BN_CTX_end(PGPV_BN_CTX */*ctx*/);
+void PGPV_BN_CTX_init(PGPV_BN_CTX */*c*/);
+void PGPV_BN_CTX_free(PGPV_BN_CTX */*c*/);
+
+int PGPV_BN_rand(PGPV_BIGNUM */*rnd*/, int /*bits*/, int /*top*/, int /*bottom*/);
+int PGPV_BN_rand_range(PGPV_BIGNUM */*rnd*/, PGPV_BIGNUM */*range*/);
-int BN_rand(BIGNUM */*rnd*/, int /*bits*/, int /*top*/, int /*bottom*/);
-int BN_rand_range(BIGNUM */*rnd*/, BIGNUM */*range*/);
+int PGPV_BN_is_prime(const PGPV_BIGNUM */*a*/, int /*checks*/, void (*callback)(int, int, void *), PGPV_BN_CTX */*ctx*/, void */*cb_arg*/);
-int BN_is_prime(const BIGNUM */*a*/, int /*checks*/, void (*callback)(int, int, void *), BN_CTX */*ctx*/, void */*cb_arg*/);
+const PGPV_BIGNUM *PGPV_BN_value_one(void);
+int PGPV_BN_is_bit_set(const PGPV_BIGNUM */*a*/, int /*n*/);
-const BIGNUM *BN_value_one(void);
-int BN_is_bit_set(const BIGNUM */*a*/, int /*n*/);
+int PGPV_BN_gcd(PGPV_BIGNUM */*r*/, PGPV_BIGNUM */*a*/, PGPV_BIGNUM */*b*/, PGPV_BN_CTX */*ctx*/);
__END_DECLS
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.c:1.2 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.c:1.3
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.c:1.2 Fri Dec 5 04:42:36 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.c Tue Jun 14 20:47:08 2016
@@ -25,7 +25,6 @@
#include "config.h"
#include <sys/types.h>
-#include <sys/syslog.h>
#ifdef _KERNEL
# include <sys/kmem.h>
@@ -64,8 +63,8 @@ rsa_padding_check_none(uint8_t *to, int
static int
lowlevel_rsa_private_encrypt(int plainc, const unsigned char *plain, unsigned char *encbuf, RSA *rsa)
{
- BIGNUM *decbn;
- BIGNUM *signedbn;
+ PGPV_BIGNUM *decbn;
+ PGPV_BIGNUM *signedbn;
uint8_t *decbuf;
int nbytes;
int signc;
@@ -74,37 +73,37 @@ lowlevel_rsa_private_encrypt(int plainc,
decbuf = NULL;
r = -1;
- decbn = BN_new();
- signedbn = BN_new();
- nbytes = BN_num_bytes(rsa->n);
+ decbn = PGPV_BN_new();
+ signedbn = PGPV_BN_new();
+ nbytes = PGPV_BN_num_bytes(rsa->n);
decbuf = netpgp_allocate(1, nbytes);
/* add no padding */
memcpy(decbuf, plain, plainc);
- BN_bin2bn(decbuf, nbytes, decbn);
- if (BN_cmp(decbn, rsa->n) >= 0) {
+ PGPV_BN_bin2bn(decbuf, nbytes, decbn);
+ if (PGPV_BN_cmp(decbn, rsa->n) >= 0) {
printf("decbn too big\n");
goto err;
}
- if (!BN_mod_exp(signedbn, decbn, rsa->d, rsa->n, NULL)) {
+ if (!PGPV_BN_mod_exp(signedbn, decbn, rsa->d, rsa->n, NULL)) {
printf("bad mod_exp\n");
goto err;
}
- signedbytes = BN_num_bytes(signedbn);
- signc = BN_bn2bin(signedbn, &encbuf[nbytes - signedbytes]);
+ signedbytes = PGPV_BN_num_bytes(signedbn);
+ signc = PGPV_BN_bn2bin(signedbn, &encbuf[nbytes - signedbytes]);
memset(encbuf, 0x0, nbytes - signc);
r = nbytes;
err:
netpgp_deallocate(decbuf, nbytes);
- BN_clear_free(decbn);
- BN_clear_free(signedbn);
+ PGPV_BN_clear_free(decbn);
+ PGPV_BN_clear_free(signedbn);
return r;
}
static int
lowlevel_rsa_public_encrypt(int plainc, const unsigned char *plain, unsigned char *encbuf, RSA *rsa)
{
- BIGNUM *decbn;
- BIGNUM *encbn;
+ PGPV_BIGNUM *decbn;
+ PGPV_BIGNUM *encbn;
uint8_t *decbuf;
int nbytes;
int encc;
@@ -112,25 +111,25 @@ lowlevel_rsa_public_encrypt(int plainc,
int i;
r = -1;
- decbn = BN_new();
- encbn = BN_new();
- nbytes = BN_num_bytes(rsa->n);
+ decbn = PGPV_BN_new();
+ encbn = PGPV_BN_new();
+ nbytes = PGPV_BN_num_bytes(rsa->n);
decbuf = netpgp_allocate(1, nbytes);
(void) memcpy(decbuf, plain, plainc);
- if (BN_bin2bn(decbuf, nbytes, decbn) == NULL) {
+ if (PGPV_BN_bin2bn(decbuf, nbytes, decbn) == NULL) {
printf("bin2bn failed\n");
goto err;
}
- if (BN_cmp(decbn, rsa->n) >= 0) {
- printf("BN_cmp failed\n");
+ if (PGPV_BN_cmp(decbn, rsa->n) >= 0) {
+ printf("PGPV_BN_cmp failed\n");
goto err;
}
- if (!BN_mod_exp(encbn, decbn, rsa->e, rsa->n, NULL)) {
- printf("BN_mod_exp failed\n");
+ if (!PGPV_BN_mod_exp(encbn, decbn, rsa->e, rsa->n, NULL)) {
+ printf("PGPV_BN_mod_exp failed\n");
goto err;
}
- encc = BN_num_bytes(encbn);
- i = BN_bn2bin(encbn, &encbuf[nbytes - encc]);
+ encc = PGPV_BN_num_bytes(encbn);
+ i = PGPV_BN_bn2bin(encbn, &encbuf[nbytes - encc]);
(void) memset(encbuf, 0x0, nbytes - i);
r = nbytes;
err:
@@ -138,16 +137,16 @@ err:
memset(decbuf, 0x0, nbytes);
netpgp_deallocate(decbuf, nbytes);
}
- BN_clear_free(decbn);
- BN_clear_free(encbn);
+ PGPV_BN_clear_free(decbn);
+ PGPV_BN_clear_free(encbn);
return r;
}
static int
lowlevel_rsa_private_decrypt(int enclen, const unsigned char *encbuf, unsigned char *to, RSA *rsa)
{
- BIGNUM *encbn;
- BIGNUM *decbn;
+ PGPV_BIGNUM *encbn;
+ PGPV_BIGNUM *decbn;
uint8_t *buf;
int nbytes;
int j;
@@ -156,31 +155,31 @@ lowlevel_rsa_private_decrypt(int enclen,
r = -1;
decbn = encbn = NULL;
buf = NULL;
- if (BN_num_bits(rsa->n) > RSA_MAX_MODULUS_BITS) {
+ if (PGPV_BN_num_bits(rsa->n) > RSA_MAX_MODULUS_BITS) {
return -1;
}
- if (BN_cmp(rsa->n, rsa->e) <= 0) {
+ if (PGPV_BN_cmp(rsa->n, rsa->e) <= 0) {
return -1;
}
- encbn = BN_new();
- decbn = BN_new();
- nbytes = BN_num_bytes(rsa->n);
+ encbn = PGPV_BN_new();
+ decbn = PGPV_BN_new();
+ nbytes = PGPV_BN_num_bytes(rsa->n);
buf = netpgp_allocate(1, nbytes);
if (enclen > nbytes) {
printf("bad enclen\n");
goto err;
}
- BN_bin2bn(encbuf, enclen, encbn);
- if (BN_cmp(encbn, rsa->n) >= 0) {
+ PGPV_BN_bin2bn(encbuf, enclen, encbn);
+ if (PGPV_BN_cmp(encbn, rsa->n) >= 0) {
printf("bad encbn\n");
goto err;
}
- BN_mod_exp(decbn, encbn, rsa->d, rsa->n, NULL);
- j = BN_bn2bin(decbn, buf);
+ PGPV_BN_mod_exp(decbn, encbn, rsa->d, rsa->n, NULL);
+ j = PGPV_BN_bn2bin(decbn, buf);
r = rsa_padding_check_none(to, nbytes, buf, j, nbytes);
err:
- BN_clear_free(encbn);
- BN_clear_free(decbn);
+ PGPV_BN_clear_free(encbn);
+ PGPV_BN_clear_free(decbn);
netpgp_deallocate(buf, nbytes);
return r;
}
@@ -189,8 +188,8 @@ static int
lowlevel_rsa_public_decrypt(const uint8_t *encbuf, int enclen, uint8_t *dec, const rsa_pubkey_t *rsa)
{
uint8_t *decbuf;
- BIGNUM *decbn;
- BIGNUM *encbn;
+ PGPV_BIGNUM *decbn;
+ PGPV_BIGNUM *encbn;
int decbytes;
int nbytes;
int r;
@@ -199,22 +198,22 @@ lowlevel_rsa_public_decrypt(const uint8_
r = -1;
decbuf = NULL;
decbn = encbn = NULL;
- if (BN_num_bits(rsa->n) > RSA_MAX_MODULUS_BITS) {
+ if (PGPV_BN_num_bits(rsa->n) > RSA_MAX_MODULUS_BITS) {
printf("rsa r modulus too large\n");
goto err;
}
- if (BN_cmp(rsa->n, rsa->e) <= 0) {
+ if (PGPV_BN_cmp(rsa->n, rsa->e) <= 0) {
printf("rsa r bad n value\n");
goto err;
}
- if (BN_num_bits(rsa->n) > RSA_SMALL_MODULUS_BITS &&
- BN_num_bits(rsa->e) > RSA_MAX_PUBEXP_BITS) {
+ if (PGPV_BN_num_bits(rsa->n) > RSA_SMALL_MODULUS_BITS &&
+ PGPV_BN_num_bits(rsa->e) > RSA_MAX_PUBEXP_BITS) {
printf("rsa r bad exponent limit\n");
goto err;
}
- if ((encbn = BN_new()) == NULL ||
- (decbn = BN_new()) == NULL ||
- (decbuf = netpgp_allocate(1, nbytes = BN_num_bytes(rsa->n))) == NULL) {
+ if ((encbn = PGPV_BN_new()) == NULL ||
+ (decbn = PGPV_BN_new()) == NULL ||
+ (decbuf = netpgp_allocate(1, nbytes = PGPV_BN_num_bytes(rsa->n))) == NULL) {
printf("allocation failure\n");
goto err;
}
@@ -222,26 +221,26 @@ lowlevel_rsa_public_decrypt(const uint8_
printf("rsa r > mod len\n");
goto err;
}
- if (BN_bin2bn(encbuf, enclen, encbn) == NULL) {
+ if (PGPV_BN_bin2bn(encbuf, enclen, encbn) == NULL) {
printf("null encrypted BN\n");
goto err;
}
- if (BN_cmp(encbn, rsa->n) >= 0) {
+ if (PGPV_BN_cmp(encbn, rsa->n) >= 0) {
printf("rsa r data too large for modulus\n");
goto err;
}
- if (BN_mod_exp(decbn, encbn, rsa->e, rsa->n, NULL) < 0) {
- printf("BN_mod_exp < 0\n");
+ if (PGPV_BN_mod_exp(decbn, encbn, rsa->e, rsa->n, NULL) < 0) {
+ printf("PGPV_BN_mod_exp < 0\n");
goto err;
}
- decbytes = BN_num_bytes(decbn);
- (void) BN_bn2bin(decbn, decbuf);
+ decbytes = PGPV_BN_num_bytes(decbn);
+ (void) PGPV_BN_bn2bin(decbn, decbuf);
if ((r = rsa_padding_check_none(dec, nbytes, decbuf, decbytes, 0)) < 0) {
printf("rsa r padding check failed\n");
}
err:
- BN_free(encbn);
- BN_free(decbn);
+ PGPV_BN_free(encbn);
+ PGPV_BN_free(decbn);
if (decbuf != NULL) {
(void) memset(decbuf, 0x0, nbytes);
netpgp_deallocate(decbuf, nbytes);
@@ -407,9 +406,9 @@ cleanup:
static int
dsa_do_verify(const unsigned char *calculated, int dgst_len, const dsasig_t *sig, mpi_dsa_t *dsa)
{
- BIGNUM *M;
- BIGNUM *W;
- BIGNUM *t1;
+ PGPV_BIGNUM *M;
+ PGPV_BIGNUM *W;
+ PGPV_BIGNUM *t1;
int ret = -1;
int qbits;
@@ -417,7 +416,7 @@ dsa_do_verify(const unsigned char *calcu
return 0;
}
M = W = t1 = NULL;
- qbits = BN_num_bits(dsa->q);
+ qbits = PGPV_BN_num_bits(dsa->q);
switch(qbits) {
case 160:
case 224:
@@ -429,7 +428,7 @@ dsa_do_verify(const unsigned char *calcu
printf("dsa: bad # of Q bits\n");
return 0;
}
- if (BN_num_bits(dsa->p) > DSA_MAX_MODULUS_BITS) {
+ if (PGPV_BN_num_bits(dsa->p) > DSA_MAX_MODULUS_BITS) {
printf("dsa: p too large\n");
return 0;
}
@@ -439,52 +438,52 @@ dsa_do_verify(const unsigned char *calcu
return 0;
}
ret = 0;
- if ((M = BN_new()) == NULL ||
- (W = BN_new()) == NULL ||
- (t1 = BN_new()) == NULL) {
+ if ((M = PGPV_BN_new()) == NULL ||
+ (W = PGPV_BN_new()) == NULL ||
+ (t1 = PGPV_BN_new()) == NULL) {
goto err;
}
- if (BN_is_zero(sig->r) ||
- BN_is_negative(sig->r) ||
- BN_cmp(sig->r, dsa->q) >= 0) {
+ if (PGPV_BN_is_zero(sig->r) ||
+ PGPV_BN_is_negative(sig->r) ||
+ PGPV_BN_cmp(sig->r, dsa->q) >= 0) {
goto err;
}
- if (BN_is_zero(sig->s) ||
- BN_is_negative(sig->s) ||
- BN_cmp(sig->s, dsa->q) >= 0) {
+ if (PGPV_BN_is_zero(sig->s) ||
+ PGPV_BN_is_negative(sig->s) ||
+ PGPV_BN_cmp(sig->s, dsa->q) >= 0) {
goto err;
}
- if (BN_mod_inverse(W, sig->s, dsa->q, NULL) != MP_OKAY) {
+ if (PGPV_BN_mod_inverse(W, sig->s, dsa->q, NULL) != MP_OKAY) {
goto err;
}
if (dgst_len > qbits / 8) {
dgst_len = qbits / 8;
}
- if (BN_bin2bn(calculated, dgst_len, M) == NULL) {
+ if (PGPV_BN_bin2bn(calculated, dgst_len, M) == NULL) {
goto err;
}
- if (!BN_mod_mul(M, M, W, dsa->q, NULL)) {
+ if (!PGPV_BN_mod_mul(M, M, W, dsa->q, NULL)) {
goto err;
}
- if (!BN_mod_mul(W, sig->r, W, dsa->q, NULL)) {
+ if (!PGPV_BN_mod_mul(W, sig->r, W, dsa->q, NULL)) {
goto err;
}
- if (!BN_mod_exp(dsa->p, t1, dsa->g, M, NULL)) {
+ if (!PGPV_BN_mod_exp(dsa->p, t1, dsa->g, M, NULL)) {
goto err;
}
- if (!BN_div(NULL, M, t1, dsa->q, NULL)) {
+ if (!PGPV_BN_div(NULL, M, t1, dsa->q, NULL)) {
goto err;
}
- ret = (BN_cmp(M, sig->r) == 0);
+ ret = (PGPV_BN_cmp(M, sig->r) == 0);
err:
if (M) {
- BN_free(M);
+ PGPV_BN_free(M);
}
if (W) {
- BN_free(W);
+ PGPV_BN_free(W);
}
if (t1) {
- BN_free(t1);
+ PGPV_BN_free(t1);
}
return ret;
}
@@ -494,13 +493,13 @@ err:
int
RSA_size(const RSA *rsa)
{
- return (rsa == NULL) ? 0 : BN_num_bits(rsa->n);
+ return (rsa == NULL) ? 0 : PGPV_BN_num_bits(rsa->n);
}
int
DSA_size(const DSA *dsa)
{
- return (dsa == NULL) ? 0 : BN_num_bits(dsa->p);
+ return (dsa == NULL) ? 0 : PGPV_BN_num_bits(dsa->p);
}
unsigned
@@ -516,26 +515,26 @@ dsa_verify(const signature_t *signature,
}
(void) memset(&osig, 0x0, sizeof(osig));
(void) memset(&odsa, 0x0, sizeof(odsa));
- BN_copy(osig.r, signature->dsa.r);
- BN_copy(osig.s, signature->dsa.s);
+ PGPV_BN_copy(osig.r, signature->dsa.r);
+ PGPV_BN_copy(osig.s, signature->dsa.s);
odsa.p = pubdsa->p;
odsa.q = pubdsa->q;
odsa.g = pubdsa->g;
odsa.pub_key = pubdsa->y;
- if ((qlen = BN_num_bytes(odsa.q)) < hash_length) {
+ if ((qlen = PGPV_BN_num_bytes(odsa.q)) < hash_length) {
hash_length = qlen;
}
ret = dsa_do_verify(calculated, (int)hash_length, &signature->dsa, &odsa);
if (ret < 0) {
return 0;
}
- BN_free(odsa.p);
- BN_free(odsa.q);
- BN_free(odsa.g);
- BN_free(odsa.pub_key);
+ PGPV_BN_free(odsa.p);
+ PGPV_BN_free(odsa.q);
+ PGPV_BN_free(odsa.g);
+ PGPV_BN_free(odsa.pub_key);
odsa.p = odsa.q = odsa.g = odsa.pub_key = NULL;
- BN_free(osig.r);
- BN_free(osig.s);
+ PGPV_BN_free(osig.r);
+ PGPV_BN_free(osig.s);
osig.r = osig.s = NULL;
return (unsigned)ret;
}
@@ -557,7 +556,7 @@ RSA_free(RSA *rsa)
int
RSA_check_key(RSA *rsa)
{
- BIGNUM *calcn;
+ PGPV_BIGNUM *calcn;
int ret;
ret = 0;
@@ -565,19 +564,19 @@ RSA_check_key(RSA *rsa)
return -1;
}
/* check that p and q are coprime, and that n = p*q. */
- if (!BN_is_prime(rsa->p, 1, NULL, NULL, NULL) ||
- !BN_is_prime(rsa->q, 1, NULL, NULL, NULL)) {
+ if (!PGPV_BN_is_prime(rsa->p, 1, NULL, NULL, NULL) ||
+ !PGPV_BN_is_prime(rsa->q, 1, NULL, NULL, NULL)) {
return 0;
}
- calcn = BN_new();
- BN_mul(calcn, rsa->p, rsa->q, NULL);
- if (BN_cmp(calcn, rsa->n) != 0) {
+ calcn = PGPV_BN_new();
+ PGPV_BN_mul(calcn, rsa->p, rsa->q, NULL);
+ if (PGPV_BN_cmp(calcn, rsa->n) != 0) {
goto errout;
}
/* XXX - check that d*e = 1 mod (p-1*q-1) */
ret = 1;
errout:
- BN_clear_free(calcn);
+ PGPV_BN_clear_free(calcn);
return ret;
}
@@ -638,11 +637,11 @@ RSA_public_decrypt(int enclen, const uns
}
USE_ARG(padding);
(void) memset(&pub, 0x0, sizeof(pub));
- pub.n = BN_dup(rsa->n);
- pub.e = BN_dup(rsa->e);
+ pub.n = PGPV_BN_dup(rsa->n);
+ pub.e = PGPV_BN_dup(rsa->e);
ret = lowlevel_rsa_public_decrypt(enc, enclen, dec, &pub);
- BN_free(pub.n);
- BN_free(pub.e);
+ PGPV_BN_free(pub.n);
+ PGPV_BN_free(pub.e);
return ret;
}
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.c:1.2 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.c:1.3
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.c:1.2 Sat Nov 29 20:18:44 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.c Tue Jun 14 20:47:08 2016
@@ -719,7 +719,7 @@ sprint_uint64(char *buf, uint64_t val)
/* common function to initialise context */
static void
-initcontext(TIGER_CTX *ctx, uint8_t pad)
+initcontext(NETPGPV_TIGER_CTX *ctx, uint8_t pad)
{
(void) memset(ctx, 0x0, sizeof(*ctx));
ctx->ctx[0] = 0x0123456789ABCDEFLL;
@@ -731,7 +731,7 @@ initcontext(TIGER_CTX *ctx, uint8_t pad)
/* set the version number (0 is same as 1 for Tiger) */
static int
-setversion(TIGER_CTX *ctx, int version)
+setversion(NETPGPV_TIGER_CTX *ctx, int version)
{
switch(version) {
case 0:
@@ -751,7 +751,7 @@ setversion(TIGER_CTX *ctx, int version)
/*****************************************************************************/
void
-TIGER_Init(TIGER_CTX *ctx)
+netpgpv_TIGER_Init(NETPGPV_TIGER_CTX *ctx)
{
if (ctx) {
initcontext(ctx, 0x01);
@@ -759,7 +759,7 @@ TIGER_Init(TIGER_CTX *ctx)
}
void
-TIGER2_Init(TIGER_CTX *ctx)
+netpgpv_TIGER2_Init(NETPGPV_TIGER_CTX *ctx)
{
if (ctx) {
initcontext(ctx, 0x80);
@@ -767,7 +767,7 @@ TIGER2_Init(TIGER_CTX *ctx)
}
void
-TIGER_Update(TIGER_CTX *ctx, const void *data, size_t length)
+netpgpv_TIGER_Update(NETPGPV_TIGER_CTX *ctx, const void *data, size_t length)
{
const uint64_t *str = (const uint64_t *)data;
uint64_t i;
@@ -824,7 +824,7 @@ TIGER_Update(TIGER_CTX *ctx, const void
}
void
-TIGER_Final(uint8_t *digest, TIGER_CTX *ctx)
+netpgpv_TIGER_Final(uint8_t *digest, NETPGPV_TIGER_CTX *ctx)
{
uint64_t le[3];
int indian = 1;
@@ -834,8 +834,8 @@ TIGER_Final(uint8_t *digest, TIGER_CTX *
return;
}
if (!ctx->init) {
- TIGER_Init(ctx);
- TIGER_Update(ctx, NULL, 0);
+ netpgpv_TIGER_Init(ctx);
+ netpgpv_TIGER_Update(ctx, NULL, 0);
}
if (IS_LITTLE_ENDIAN(indian)) {
for (i = 0; i < 3; ++i) {
@@ -848,7 +848,7 @@ TIGER_Final(uint8_t *digest, TIGER_CTX *
}
char *
-TIGER_End(TIGER_CTX *ctx, char *buf)
+netpgpv_TIGER_End(NETPGPV_TIGER_CTX *ctx, char *buf)
{
int i;
@@ -859,8 +859,8 @@ TIGER_End(TIGER_CTX *ctx, char *buf)
return NULL;
}
if (!ctx->init) {
- TIGER_Init(ctx);
- TIGER_Update(ctx, NULL, 0);
+ netpgpv_TIGER_Init(ctx);
+ netpgpv_TIGER_Update(ctx, NULL, 0);
}
for (i = 0; i < 3; ++i) {
sprint_uint64(buf + i * 16, ctx->ctx[i]);
@@ -870,9 +870,9 @@ TIGER_End(TIGER_CTX *ctx, char *buf)
}
char *
-TIGER_File(char *filename, char *buf, int version)
+netpgpv_TIGER_File(char *filename, char *buf, int version)
{
- TIGER_CTX ctx;
+ NETPGPV_TIGER_CTX ctx;
uint8_t buffer[BUFSIZ];
ssize_t num;
int fd;
@@ -885,22 +885,22 @@ TIGER_File(char *filename, char *buf, in
return NULL;
}
while ((num = read(fd, buffer, sizeof(buffer))) > 0) {
- TIGER_Update(&ctx, buffer, (size_t)num);
+ netpgpv_TIGER_Update(&ctx, buffer, (size_t)num);
}
oerrno = errno;
close(fd);
errno = oerrno;
- return (num < 0) ? NULL : TIGER_End(&ctx, buf);
+ return (num < 0) ? NULL : netpgpv_TIGER_End(&ctx, buf);
}
char *
-TIGER_Data(const uint8_t *data, size_t len, char *buf, int version)
+netpgpv_TIGER_Data(const uint8_t *data, size_t len, char *buf, int version)
{
- TIGER_CTX ctx;
+ NETPGPV_TIGER_CTX ctx;
if (data == NULL || buf == NULL || !setversion(&ctx, version)) {
return NULL;
}
- TIGER_Update(&ctx, data, len);
- return TIGER_End(&ctx, buf);
+ netpgpv_TIGER_Update(&ctx, data, len);
+ return netpgpv_TIGER_End(&ctx, buf);
}
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib.c:1.3 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib.c:1.4
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib.c:1.3 Thu Feb 5 01:26:54 2015
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/bzlib.c Tue Jun 14 20:47:08 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: bzlib.c,v 1.3 2015/02/05 01:26:54 agc Exp $ */
+/* $NetBSD: bzlib.c,v 1.4 2016/06/14 20:47:08 agc Exp $ */
/*-------------------------------------------------------------*/
@@ -35,7 +35,11 @@
#include "bzlib_private.h"
-/* $NetBSD: bzlib.c,v 1.3 2015/02/05 01:26:54 agc Exp $ */
+#ifndef USE_ARG
+#define USE_ARG(x) /*LINTED*/(void)&(x)
+#endif
+
+/* $NetBSD: bzlib.c,v 1.4 2016/06/14 20:47:08 agc Exp $ */
/*-------------------------------------------------------------*/
@@ -1082,7 +1086,7 @@ const char * BZ_API(BZ2_bzerror) (BZFILE
/*-------------------------------------------------------------*/
/*--- end bzlib.c ---*/
/*-------------------------------------------------------------*/
-/* $NetBSD: bzlib.c,v 1.3 2015/02/05 01:26:54 agc Exp $ */
+/* $NetBSD: bzlib.c,v 1.4 2016/06/14 20:47:08 agc Exp $ */
/*-------------------------------------------------------------*/
@@ -1728,7 +1732,7 @@ Int32 BZ2_decompress ( DState* s )
/*-------------------------------------------------------------*/
/*--- end decompress.c ---*/
/*-------------------------------------------------------------*/
-/* $NetBSD: bzlib.c,v 1.3 2015/02/05 01:26:54 agc Exp $ */
+/* $NetBSD: bzlib.c,v 1.4 2016/06/14 20:47:08 agc Exp $ */
/*-------------------------------------------------------------*/
@@ -1832,7 +1836,7 @@ UInt32 BZ2_crc32Table[256] = {
/*-------------------------------------------------------------*/
/*--- end crctable.c ---*/
/*-------------------------------------------------------------*/
-/* $NetBSD: bzlib.c,v 1.3 2015/02/05 01:26:54 agc Exp $ */
+/* $NetBSD: bzlib.c,v 1.4 2016/06/14 20:47:08 agc Exp $ */
/*-------------------------------------------------------------*/
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/misc.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/misc.c:1.3 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/misc.c:1.4
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/misc.c:1.3 Fri Jan 30 18:58:59 2015
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/misc.c Tue Jun 14 20:47:08 2016
@@ -24,7 +24,6 @@
*/
#include <sys/types.h>
#include <sys/param.h>
-#include <sys/syslog.h>
#ifdef _KERNEL
# include <sys/kmem.h>
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.c:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.c:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.c:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.c Tue Jun 14 20:47:08 2016
@@ -27,7 +27,6 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/param.h>
-#include <sys/syslog.h>
#include <arpa/inet.h>
#include <ctype.h>
@@ -46,6 +45,10 @@
#include "digest.h"
+#ifndef USE_ARG
+#define USE_ARG(x) /*LINTED*/(void)&(x)
+#endif
+
static uint8_t prefix_md5[] = {
0x30, 0x20, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10
@@ -114,49 +117,49 @@ digest_init(digest_t *hash, const uint32
}
switch(hash->alg = hashalg) {
case MD5_HASH_ALG:
- MD5Init(&hash->u.md5ctx);
+ netpgpv_MD5Init(&hash->u.md5ctx);
hash->size = 16;
hash->prefix = prefix_md5;
hash->len = sizeof(prefix_md5);
hash->ctx = &hash->u.md5ctx;
return 1;
case SHA1_HASH_ALG:
- SHA1Init(&hash->u.sha1ctx);
+ netpgpv_SHA1Init(&hash->u.sha1ctx);
hash->size = 20;
hash->prefix = prefix_sha1;
hash->len = sizeof(prefix_sha1);
hash->ctx = &hash->u.sha1ctx;
return 1;
case RIPEMD_HASH_ALG:
- RMD160Init(&hash->u.rmd160ctx);
+ netpgpv_RMD160Init(&hash->u.rmd160ctx);
hash->size = 20;
hash->prefix = prefix_rmd160;
hash->len = sizeof(prefix_rmd160);
hash->ctx = &hash->u.rmd160ctx;
return 1;
case SHA256_HASH_ALG:
- SHA256_Init(&hash->u.sha256ctx);
+ netpgpv_SHA256_Init(&hash->u.sha256ctx);
hash->size = 32;
hash->prefix = prefix_sha256;
hash->len = sizeof(prefix_sha256);
hash->ctx = &hash->u.sha256ctx;
return 1;
case SHA512_HASH_ALG:
- SHA512_Init(&hash->u.sha512ctx);
+ netpgpv_SHA512_Init(&hash->u.sha512ctx);
hash->size = 64;
hash->prefix = prefix_sha512;
hash->len = sizeof(prefix_sha512);
hash->ctx = &hash->u.sha512ctx;
return 1;
case TIGER_HASH_ALG:
- TIGER_Init(&hash->u.tigerctx);
+ netpgpv_TIGER_Init(&hash->u.tigerctx);
hash->size = TIGER_DIGEST_LENGTH;
hash->prefix = prefix_tiger;
hash->len = sizeof(prefix_tiger);
hash->ctx = &hash->u.tigerctx;
return 1;
case TIGER2_HASH_ALG:
- TIGER2_Init(&hash->u.tigerctx);
+ netpgpv_TIGER2_Init(&hash->u.tigerctx);
hash->size = TIGER_DIGEST_LENGTH;
hash->prefix = prefix_tiger;
hash->len = sizeof(prefix_tiger);
@@ -206,23 +209,23 @@ digest_update(digest_t *hash, const uint
}
switch(hash->alg) {
case MD5_HASH_ALG:
- MD5Update(hash->ctx, data, (unsigned)length);
+ netpgpv_MD5Update(hash->ctx, data, (unsigned)length);
return 1;
case SHA1_HASH_ALG:
- SHA1Update(hash->ctx, data, (unsigned)length);
+ netpgpv_SHA1Update(hash->ctx, data, (unsigned)length);
return 1;
case RIPEMD_HASH_ALG:
- RMD160Update(hash->ctx, data, (unsigned)length);
+ netpgpv_RMD160Update(hash->ctx, data, (unsigned)length);
return 1;
case SHA256_HASH_ALG:
- SHA256_Update(hash->ctx, data, length);
+ netpgpv_SHA256_Update(hash->ctx, data, length);
return 1;
case SHA512_HASH_ALG:
- SHA512_Update(hash->ctx, data, length);
+ netpgpv_SHA512_Update(hash->ctx, data, length);
return 1;
case TIGER_HASH_ALG:
case TIGER2_HASH_ALG:
- TIGER_Update(hash->ctx, data, length);
+ netpgpv_TIGER_Update(hash->ctx, data, length);
return 1;
default:
printf("hash_any: bad algorithm\n");
@@ -238,22 +241,22 @@ digest_final(uint8_t *out, digest_t *has
}
switch(hash->alg) {
case MD5_HASH_ALG:
- MD5Final(out, hash->ctx);
+ netpgpv_MD5Final(out, hash->ctx);
break;
case SHA1_HASH_ALG:
- SHA1Final(out, hash->ctx);
+ netpgpv_SHA1Final(out, hash->ctx);
break;
case RIPEMD_HASH_ALG:
- RMD160Final(out, hash->ctx);
+ netpgpv_RMD160Final(out, hash->ctx);
break;
case SHA256_HASH_ALG:
- SHA256_Final(out, hash->ctx);
+ netpgpv_SHA256_Final(out, hash->ctx);
break;
case SHA512_HASH_ALG:
- SHA512_Final(out, hash->ctx);
+ netpgpv_SHA512_Final(out, hash->ctx);
break;
case TIGER_HASH_ALG:
- TIGER_Final(out, hash->ctx);
+ netpgpv_TIGER_Final(out, hash->ctx);
break;
default:
printf("hash_any: bad algorithm\n");
@@ -298,6 +301,9 @@ digest_get_prefix(unsigned hashalg, uint
case SHA256_HASH_ALG:
memcpy(prefix, prefix_sha256, sizeof(prefix_sha256));
return sizeof(prefix_sha256);
+ case SHA512_HASH_ALG:
+ memcpy(prefix, prefix_sha512, sizeof(prefix_sha512));
+ return sizeof(prefix_sha512);
default:
printf("digest_get_prefix: unknown hash algorithm: %d\n", hashalg);
return 0;
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.h
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.h:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.h:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.h:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/digest.h Tue Jun 14 20:47:08 2016
@@ -62,12 +62,12 @@ typedef struct digest_t {
uint32_t alg; /* algorithm */
size_t size; /* size */
union {
- MD5_CTX md5ctx; /* MD5 */
- SHA1_CTX sha1ctx; /* SHA1 */
- RMD160_CTX rmd160ctx; /* RIPEMD */
- SHA256_CTX sha256ctx; /* SHA256 */
- SHA512_CTX sha512ctx; /* SHA512 */
- TIGER_CTX tigerctx; /* TIGER/TIGER2 */
+ NETPGPV_MD5_CTX md5ctx; /* MD5 */
+ NETPGPV_SHA1_CTX sha1ctx; /* SHA1 */
+ NETPGPV_RMD160_CTX rmd160ctx; /* RIPEMD */
+ NETPGPV_SHA256_CTX sha256ctx; /* SHA256 */
+ NETPGPV_SHA512_CTX sha512ctx; /* SHA512 */
+ NETPGPV_TIGER_CTX tigerctx; /* TIGER/TIGER2 */
} u;
void *prefix; /* points to specific prefix */
uint32_t len; /* prefix length */
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5.h
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5.h:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5.h:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5.h:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5.h Tue Jun 14 20:47:08 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: md5.h,v 1.1 2014/03/09 00:15:45 agc Exp $ */
+/* $NetBSD: md5.h,v 1.2 2016/06/14 20:47:08 agc Exp $ */
/*
* This file is derived from the RSA Data Security, Inc. MD5 Message-Digest
@@ -39,21 +39,31 @@
#define MD5_DIGEST_LENGTH 16
#define MD5_DIGEST_STRING_LENGTH 33
+#ifndef __BEGIN_DECLS
+# if defined(__cplusplus)
+# define __BEGIN_DECLS extern "C" {
+# define __END_DECLS }
+# else
+# define __BEGIN_DECLS
+# define __END_DECLS
+# endif
+#endif
+
/* MD5 context. */
typedef struct MD5Context {
uint32_t state[4]; /* state (ABCD) */
uint32_t count[2]; /* number of bits, modulo 2^64 (lsb first) */
unsigned char buffer[64]; /* input buffer */
-} MD5_CTX;
+} NETPGPV_MD5_CTX;
__BEGIN_DECLS
-void MD5Init(MD5_CTX *);
-void MD5Update(MD5_CTX *, const unsigned char *, unsigned int);
-void MD5Final(unsigned char[MD5_DIGEST_LENGTH], MD5_CTX *);
+void netpgpv_MD5Init(NETPGPV_MD5_CTX *);
+void netpgpv_MD5Update(NETPGPV_MD5_CTX *, const unsigned char *, unsigned int);
+void netpgpv_MD5Final(unsigned char[MD5_DIGEST_LENGTH], NETPGPV_MD5_CTX *);
#ifndef _KERNEL
-char *MD5End(MD5_CTX *, char *);
-char *MD5File(const char *, char *);
-char *MD5Data(const unsigned char *, unsigned int, char *);
+char *netpgpv_MD5End(NETPGPV_MD5_CTX *, char *);
+char *netpgpv_MD5File(const char *, char *);
+char *netpgpv_MD5Data(const unsigned char *, unsigned int, char *);
#endif /* _KERNEL */
__END_DECLS
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5c.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5c.c:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5c.c:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5c.c:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/md5c.c Tue Jun 14 20:47:08 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: md5c.c,v 1.1 2014/03/09 00:15:45 agc Exp $ */
+/* $NetBSD: md5c.c,v 1.2 2016/06/14 20:47:08 agc Exp $ */
/*
* This file is derived from the RSA Data Security, Inc. MD5 Message-Digest
@@ -29,7 +29,6 @@
* documentation and/or software.
*/
-#include <sys/cdefs.h>
#include <sys/types.h>
#include <assert.h>
#include <string.h>
@@ -155,7 +154,7 @@ static const unsigned char PADDING[64] =
* MD5 initialization. Begins an MD5 operation, writing a new context.
*/
void
-MD5Init(MD5_CTX *context)
+netpgpv_MD5Init(NETPGPV_MD5_CTX *context)
{
context->count[0] = context->count[1] = 0;
@@ -173,7 +172,7 @@ MD5Init(MD5_CTX *context)
* context.
*/
void
-MD5Update(MD5_CTX *context,
+netpgpv_MD5Update(NETPGPV_MD5_CTX *context,
const unsigned char *input, /* input block */
unsigned int inputLen) /* length of input block */
{
@@ -211,8 +210,8 @@ MD5Update(MD5_CTX *context,
* message digest and zeroing the context.
*/
void
-MD5Final(unsigned char digest[16], /* message digest */
- MD5_CTX *context) /* context */
+netpgpv_MD5Final(unsigned char digest[16], /* message digest */
+ NETPGPV_MD5_CTX *context) /* context */
{
unsigned char bits[8];
unsigned int idx, padLen;
@@ -223,10 +222,10 @@ MD5Final(unsigned char digest[16], /* me
/* Pad out to 56 mod 64. */
idx = (unsigned int)((context->count[0] >> 3) & 0x3f);
padLen = (idx < 56) ? (56 - idx) : (120 - idx);
- MD5Update (context, PADDING, padLen);
+ netpgpv_MD5Update (context, PADDING, padLen);
/* Append length (before padding) */
- MD5Update(context, bits, 8);
+ netpgpv_MD5Update(context, bits, 8);
/* Store state in digest */
Encode(digest, context->state, 16);
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/pgpsum.c Tue Jun 14 20:47:08 2016
@@ -41,6 +41,9 @@
#define USE_ARG(x) /*LINTED*/(void)&(x)
#endif
+#undef swap16
+#undef swap32
+
/* add the ascii armor line endings (except for last line) */
static size_t
don_armor(digest_t *hash, uint8_t *in, size_t insize, int doarmor)
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.c:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.c:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.c:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.c Tue Jun 14 20:47:08 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: rmd160.c,v 1.1 2014/03/09 00:15:45 agc Exp $ */
+/* $NetBSD: rmd160.c,v 1.2 2016/06/14 20:47:08 agc Exp $ */
/* $KAME: rmd160.c,v 1.2 2003/07/25 09:37:55 itojun Exp $ */
/* $OpenBSD: rmd160.c,v 1.3 2001/09/26 21:40:13 markus Exp $ */
/*
@@ -30,8 +30,6 @@
* ftp://ftp.rsasecurity.com/pub/cryptobytes/crypto3n2.pdf
*/
-#include <sys/cdefs.h>
-
#include <string.h>
#include <sys/types.h>
@@ -97,7 +95,7 @@ static const u_char PADDING[64] = {
};
void
-RMD160Init(RMD160_CTX *ctx)
+netpgpv_RMD160Init(NETPGPV_RMD160_CTX *ctx)
{
ctx->count = 0;
ctx->state[0] = H0;
@@ -108,7 +106,7 @@ RMD160Init(RMD160_CTX *ctx)
}
void
-RMD160Update(RMD160_CTX *ctx, const u_char *input, uint32_t len)
+netpgpv_RMD160Update(NETPGPV_RMD160_CTX *ctx, const u_char *input, uint32_t len)
{
uint32_t have, off, need;
@@ -120,13 +118,13 @@ RMD160Update(RMD160_CTX *ctx, const u_ch
if (len >= need) {
if (have) {
memcpy(ctx->buffer + have, input, (size_t)need);
- RMD160Transform(ctx->state, ctx->buffer);
+ netpgpv_RMD160Transform(ctx->state, ctx->buffer);
off = need;
have = 0;
}
/* now the buffer is empty */
while (off + 64 <= len) {
- RMD160Transform(ctx->state, input+off);
+ netpgpv_RMD160Transform(ctx->state, input+off);
off += 64;
}
}
@@ -135,7 +133,7 @@ RMD160Update(RMD160_CTX *ctx, const u_ch
}
void
-RMD160Final(u_char digest[20], RMD160_CTX *ctx)
+netpgpv_RMD160Final(u_char digest[20], NETPGPV_RMD160_CTX *ctx)
{
int i;
u_char size[8];
@@ -150,8 +148,8 @@ RMD160Final(u_char digest[20], RMD160_CT
padlen = (uint32_t)(64 - ((ctx->count/8) % 64));
if (padlen < 1 + 8)
padlen += 64;
- RMD160Update(ctx, PADDING, padlen - 8); /* padlen - 8 <= 64 */
- RMD160Update(ctx, size, 8);
+ netpgpv_RMD160Update(ctx, PADDING, padlen - 8); /* padlen - 8 <= 64 */
+ netpgpv_RMD160Update(ctx, size, 8);
if (digest != NULL)
for (i = 0; i < 5; i++)
@@ -161,7 +159,7 @@ RMD160Final(u_char digest[20], RMD160_CT
}
void
-RMD160Transform(uint32_t state[5], const u_char block[64])
+netpgpv_RMD160Transform(uint32_t state[5], const u_char block[64])
{
uint32_t a, b, c, d, e, aa, bb, cc, dd, ee, t, x[16];
@@ -170,8 +168,13 @@ RMD160Transform(uint32_t state[5], const
#else
int i;
- for (i = 0; i < 16; i++)
- x[i] = le32dec(block+i*4);
+ for (i = 0; i < 16; i++) {
+ x[i] = (uint32_t)(
+ (uint32_t)(block[i*4 + 0]) |
+ (uint32_t)(block[i*4 + 1]) << 8 |
+ (uint32_t)(block[i*4 + 2]) << 16 |
+ (uint32_t)(block[i*4 + 3]) << 24);
+ }
#endif
a = state[0];
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.h
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.h:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.h:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.h:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rmd160.h Tue Jun 14 20:47:08 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: rmd160.h,v 1.1 2014/03/09 00:15:45 agc Exp $ */
+/* $NetBSD: rmd160.h,v 1.2 2016/06/14 20:47:08 agc Exp $ */
/* $KAME: rmd160.h,v 1.2 2003/07/25 09:37:55 itojun Exp $ */
/* $OpenBSD: rmd160.h,v 1.3 2002/03/14 01:26:51 millert Exp $ */
/*
@@ -27,7 +27,6 @@
#ifndef _RMD160_H
#define _RMD160_H
-#include <sys/cdefs.h>
#include <sys/types.h>
#include <inttypes.h>
@@ -35,23 +34,33 @@
#define RMD160_DIGEST_LENGTH 20
#define RMD160_DIGEST_STRING_LENGTH 41
+#ifndef __BEGIN_DECLS
+# if defined(__cplusplus)
+# define __BEGIN_DECLS extern "C" {
+# define __END_DECLS }
+# else
+# define __BEGIN_DECLS
+# define __END_DECLS
+# endif
+#endif
+
/* RMD160 context. */
typedef struct RMD160Context {
uint32_t state[5]; /* state */
uint64_t count; /* number of bits, modulo 2^64 */
u_char buffer[64]; /* input buffer */
-} RMD160_CTX;
+} NETPGPV_RMD160_CTX;
__BEGIN_DECLS
-void RMD160Init(RMD160_CTX *);
-void RMD160Transform(uint32_t [5], const u_char [64]);
-void RMD160Update(RMD160_CTX *, const u_char *, uint32_t);
-void RMD160Final(u_char [RMD160_DIGEST_LENGTH], RMD160_CTX *);
+void netpgpv_RMD160Init(NETPGPV_RMD160_CTX *);
+void netpgpv_RMD160Transform(uint32_t [5], const u_char [64]);
+void netpgpv_RMD160Update(NETPGPV_RMD160_CTX *, const u_char *, uint32_t);
+void netpgpv_RMD160Final(u_char [RMD160_DIGEST_LENGTH], NETPGPV_RMD160_CTX *);
#ifndef _KERNEL
-char *RMD160End(RMD160_CTX *, char *);
-char *RMD160FileChunk(const char *, char *, off_t, off_t);
-char *RMD160File(const char *, char *);
-char *RMD160Data(const u_char *, size_t, char *);
+char *netpgpv_RMD160End(NETPGPV_RMD160_CTX *, char *);
+char *netpgpv_RMD160FileChunk(const char *, char *, off_t, off_t);
+char *netpgpv_RMD160File(const char *, char *);
+char *netpgpv_RMD160Data(const u_char *, size_t, char *);
#endif /* _KERNEL */
__END_DECLS
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.h
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.h:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.h:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.h:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/rsa.h Tue Jun 14 20:47:08 2016
@@ -40,8 +40,8 @@
__BEGIN_DECLS
typedef struct rsa_pubkey_t {
- BIGNUM *n; /* RSA public modulus n */
- BIGNUM *e; /* RSA public encryption exponent e */
+ PGPV_BIGNUM *n; /* RSA public modulus n */
+ PGPV_BIGNUM *e; /* RSA public encryption exponent e */
} rsa_pubkey_t;
typedef struct mpi_rsa_t {
@@ -49,44 +49,44 @@ typedef struct mpi_rsa_t {
long f2; /* openssl version */
const void *f3; /* openssl method */
void *f4; /* openssl engine */
- BIGNUM *n;
- BIGNUM *e;
- BIGNUM *d;
- BIGNUM *p;
- BIGNUM *q;
- BIGNUM *dmp1;
- BIGNUM *dmq1;
- BIGNUM *iqmp;
+ PGPV_BIGNUM *n;
+ PGPV_BIGNUM *e;
+ PGPV_BIGNUM *d;
+ PGPV_BIGNUM *p;
+ PGPV_BIGNUM *q;
+ PGPV_BIGNUM *dmp1;
+ PGPV_BIGNUM *dmq1;
+ PGPV_BIGNUM *iqmp;
} mpi_rsa_t;
#define RSA mpi_rsa_t
typedef struct dsa_pubkey_t {
- BIGNUM *p; /* DSA public modulus n */
- BIGNUM *q; /* DSA public encryption exponent e */
- BIGNUM *g;
- BIGNUM *y;
+ PGPV_BIGNUM *p; /* DSA public modulus n */
+ PGPV_BIGNUM *q; /* DSA public encryption exponent e */
+ PGPV_BIGNUM *g;
+ PGPV_BIGNUM *y;
} dsa_pubkey_t;
typedef struct mpi_dsa_t {
- BIGNUM *p;
- BIGNUM *q;
- BIGNUM *g;
- BIGNUM *y;
- BIGNUM *x;
- BIGNUM *pub_key;
- BIGNUM *priv_key;
+ PGPV_BIGNUM *p;
+ PGPV_BIGNUM *q;
+ PGPV_BIGNUM *g;
+ PGPV_BIGNUM *y;
+ PGPV_BIGNUM *x;
+ PGPV_BIGNUM *pub_key;
+ PGPV_BIGNUM *priv_key;
} mpi_dsa_t;
#define DSA mpi_dsa_t
typedef struct rsasig_t {
- BIGNUM *sig; /* mpi which is actual signature */
+ PGPV_BIGNUM *sig; /* mpi which is actual signature */
} rsasig_t;
typedef struct dsasig_t {
- BIGNUM *r; /* mpi which is actual signature */
- BIGNUM *s; /* mpi which is actual signature */
+ PGPV_BIGNUM *r; /* mpi which is actual signature */
+ PGPV_BIGNUM *s; /* mpi which is actual signature */
} dsasig_t;
#define DSA_SIG dsasig_t
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.c:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.c:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.c:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.c Tue Jun 14 20:47:08 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: sha1.c,v 1.1 2014/03/09 00:15:45 agc Exp $ */
+/* $NetBSD: sha1.c,v 1.2 2016/06/14 20:47:08 agc Exp $ */
/* $OpenBSD: sha1.c,v 1.9 1997/07/23 21:12:32 kstailey Exp $ */
/*
@@ -17,8 +17,6 @@
#define SHA1HANDSOFF /* Copies data before messing with it. */
-#include <sys/cdefs.h>
-
#include <string.h>
#include <sys/types.h>
@@ -119,7 +117,7 @@ do_R4(uint32_t *a, uint32_t *b, uint32_t
/*
* Hash a single 512-bit block. This is the core of the algorithm.
*/
-void SHA1Transform(uint32_t state[5], const uint8_t buffer[64])
+void netpgpv_SHA1Transform(uint32_t state[5], const uint8_t buffer[64])
{
uint32_t a, b, c, d, e;
CHAR64LONG16 *block;
@@ -186,7 +184,7 @@ void SHA1Transform(uint32_t state[5], co
/*
* SHA1Init - Initialize new context
*/
-void SHA1Init(SHA1_CTX *context)
+void netpgpv_SHA1Init(NETPGPV_SHA1_CTX *context)
{
/* SHA1 initialization constants */
@@ -202,7 +200,7 @@ void SHA1Init(SHA1_CTX *context)
/*
* Run your data through this.
*/
-void SHA1Update(SHA1_CTX *context, const uint8_t *data, unsigned int len)
+void netpgpv_SHA1Update(NETPGPV_SHA1_CTX *context, const uint8_t *data, unsigned int len)
{
unsigned int i, j;
@@ -212,9 +210,9 @@ void SHA1Update(SHA1_CTX *context, const
j = (j >> 3) & 63;
if ((j + len) > 63) {
(void)memcpy(&context->buffer[j], data, (i = 64-j));
- SHA1Transform(context->state, context->buffer);
+ netpgpv_SHA1Transform(context->state, context->buffer);
for ( ; i + 63 < len; i += 64)
- SHA1Transform(context->state, &data[i]);
+ netpgpv_SHA1Transform(context->state, &data[i]);
j = 0;
} else {
i = 0;
@@ -226,7 +224,7 @@ void SHA1Update(SHA1_CTX *context, const
/*
* Add padding and return the message digest.
*/
-void SHA1Final(uint8_t digest[20], SHA1_CTX *context)
+void netpgpv_SHA1Final(uint8_t digest[20], NETPGPV_SHA1_CTX *context)
{
unsigned int i;
uint8_t finalcount[8];
@@ -235,10 +233,10 @@ void SHA1Final(uint8_t digest[20], SHA1_
finalcount[i] = (uint8_t)((context->count[(i >= 4 ? 0 : 1)]
>> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
}
- SHA1Update(context, (const uint8_t *)"\200", 1);
+ netpgpv_SHA1Update(context, (const uint8_t *)"\200", 1);
while ((context->count[0] & 504) != 448)
- SHA1Update(context, (const uint8_t *)"\0", 1);
- SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
+ netpgpv_SHA1Update(context, (const uint8_t *)"\0", 1);
+ netpgpv_SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
if (digest) {
for (i = 0; i < 20; i++)
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.h
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.h:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.h:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.h:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha1.h Tue Jun 14 20:47:08 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: sha1.h,v 1.1 2014/03/09 00:15:45 agc Exp $ */
+/* $NetBSD: sha1.h,v 1.2 2016/06/14 20:47:08 agc Exp $ */
/*
* SHA-1 in C
@@ -9,7 +9,6 @@
#ifndef _SYS_SHA1_H_
#define _SYS_SHA1_H_
-#include <sys/cdefs.h>
#include <sys/types.h>
#include <inttypes.h>
@@ -17,22 +16,32 @@
#define SHA1_DIGEST_LENGTH 20
#define SHA1_DIGEST_STRING_LENGTH 41
+#ifndef __BEGIN_DECLS
+# if defined(__cplusplus)
+# define __BEGIN_DECLS extern "C" {
+# define __END_DECLS }
+# else
+# define __BEGIN_DECLS
+# define __END_DECLS
+# endif
+#endif
+
typedef struct {
uint32_t state[5];
uint32_t count[2];
uint8_t buffer[64];
-} SHA1_CTX;
+} NETPGPV_SHA1_CTX;
__BEGIN_DECLS
-void SHA1Transform(uint32_t[5], const uint8_t[64]);
-void SHA1Init(SHA1_CTX *);
-void SHA1Update(SHA1_CTX *, const uint8_t *, unsigned int);
-void SHA1Final(uint8_t[SHA1_DIGEST_LENGTH], SHA1_CTX *);
+void netpgpv_SHA1Transform(uint32_t[5], const uint8_t[64]);
+void netpgpv_SHA1Init(NETPGPV_SHA1_CTX *);
+void netpgpv_SHA1Update(NETPGPV_SHA1_CTX *, const uint8_t *, unsigned int);
+void netpgpv_SHA1Final(uint8_t[SHA1_DIGEST_LENGTH], NETPGPV_SHA1_CTX *);
#ifndef _KERNEL
-char *SHA1End(SHA1_CTX *, char *);
-char *SHA1FileChunk(const char *, char *, off_t, off_t);
-char *SHA1File(const char *, char *);
-char *SHA1Data(const uint8_t *, size_t, char *);
+char *netpgpv_SHA1End(NETPGPV_SHA1_CTX *, char *);
+char *netpgpv_SHA1FileChunk(const char *, char *, off_t, off_t);
+char *netpgpv_SHA1File(const char *, char *);
+char *netpgpv_SHA1Data(const uint8_t *, size_t, char *);
#endif /* _KERNEL */
__END_DECLS
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.c:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.c:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.c:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.c Tue Jun 14 20:47:08 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: sha2.c,v 1.1 2014/03/09 00:15:45 agc Exp $ */
+/* $NetBSD: sha2.c,v 1.2 2016/06/14 20:47:08 agc Exp $ */
/* $KAME: sha2.c,v 1.9 2003/07/20 00:28:38 itojun Exp $ */
/*
@@ -36,8 +36,6 @@
*
*/
-#include <sys/cdefs.h>
-
#include <sys/types.h>
#include <inttypes.h>
@@ -161,11 +159,11 @@ be64toh(uint64_t x)
* library -- they are intended for private internal visibility/use
* only.
*/
-static void SHA512_Last(SHA512_CTX *);
-void SHA224_Transform(SHA224_CTX *, const uint32_t*);
-void SHA256_Transform(SHA256_CTX *, const uint32_t*);
-void SHA384_Transform(SHA384_CTX *, const uint64_t*);
-void SHA512_Transform(SHA512_CTX *, const uint64_t*);
+static void netpgpv_SHA512_Last(NETPGPV_SHA512_CTX *);
+void netpgpv_SHA224_Transform(NETPGPV_SHA224_CTX *, const uint32_t*);
+void netpgpv_SHA256_Transform(NETPGPV_SHA256_CTX *, const uint32_t*);
+void netpgpv_SHA384_Transform(NETPGPV_SHA384_CTX *, const uint64_t*);
+void netpgpv_SHA512_Transform(NETPGPV_SHA512_CTX *, const uint64_t*);
/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/
@@ -283,7 +281,7 @@ static const uint64_t sha512_initial_has
/*** SHA-256: *********************************************************/
int
-SHA256_Init(SHA256_CTX *context)
+netpgpv_SHA256_Init(NETPGPV_SHA256_CTX *context)
{
if (context == NULL)
return 1;
@@ -321,7 +319,7 @@ SHA256_Init(SHA256_CTX *context)
j++
void
-SHA256_Transform(SHA256_CTX *context, const uint32_t *data)
+netpgpv_SHA256_Transform(NETPGPV_SHA256_CTX *context, const uint32_t *data)
{
uint32_t a, b, c, d, e, f, g, h, s0, s1;
uint32_t T1, *W256;
@@ -381,7 +379,7 @@ SHA256_Transform(SHA256_CTX *context, co
#else /* SHA2_UNROLL_TRANSFORM */
void
-SHA256_Transform(SHA256_CTX *context, const uint32_t *data)
+netpgpv_SHA256_Transform(NETPGPV_SHA256_CTX *context, const uint32_t *data)
{
uint32_t a, b, c, d, e, f, g, h, s0, s1;
uint32_t T1, T2, *W256;
@@ -458,7 +456,7 @@ SHA256_Transform(SHA256_CTX *context, co
#endif /* SHA2_UNROLL_TRANSFORM */
int
-SHA256_Update(SHA256_CTX *context, const uint8_t *data, size_t len)
+netpgpv_SHA256_Update(NETPGPV_SHA256_CTX *context, const uint8_t *data, size_t len)
{
unsigned int freespace, usedspace;
@@ -480,7 +478,7 @@ SHA256_Update(SHA256_CTX *context, const
context->bitcount += freespace << 3;
len -= freespace;
data += freespace;
- SHA256_Transform(context,
+ netpgpv_SHA256_Transform(context,
(uint32_t *)(void *)context->buffer);
} else {
/* The buffer is not yet full */
@@ -500,7 +498,7 @@ SHA256_Update(SHA256_CTX *context, const
*/
if ((uintptr_t)data % 4 == 0) {
while (len >= SHA256_BLOCK_LENGTH) {
- SHA256_Transform(context,
+ netpgpv_SHA256_Transform(context,
(const uint32_t *)(const void *)data);
context->bitcount += SHA256_BLOCK_LENGTH << 3;
len -= SHA256_BLOCK_LENGTH;
@@ -509,7 +507,7 @@ SHA256_Update(SHA256_CTX *context, const
} else {
while (len >= SHA256_BLOCK_LENGTH) {
memcpy(context->buffer, data, SHA256_BLOCK_LENGTH);
- SHA256_Transform(context,
+ netpgpv_SHA256_Transform(context,
(const uint32_t *)(const void *)context->buffer);
context->bitcount += SHA256_BLOCK_LENGTH << 3;
len -= SHA256_BLOCK_LENGTH;
@@ -528,7 +526,7 @@ SHA256_Update(SHA256_CTX *context, const
}
static int
-SHA224_256_Final(uint8_t digest[], SHA256_CTX *context, size_t len)
+netpgpv_SHA224_256_Final(uint8_t digest[], NETPGPV_SHA256_CTX *context, size_t len)
{
unsigned int usedspace;
size_t i;
@@ -554,7 +552,7 @@ SHA224_256_Final(uint8_t digest[], SHA25
usedspace));
}
/* Do second-to-last transform: */
- SHA256_Transform(context,
+ netpgpv_SHA256_Transform(context,
(uint32_t *)(void *)context->buffer);
/* And set-up for the last transform: */
@@ -574,7 +572,7 @@ SHA224_256_Final(uint8_t digest[], SHA25
&context->bitcount, sizeof(context->bitcount));
/* Final transform: */
- SHA256_Transform(context, (uint32_t *)(void *)context->buffer);
+ netpgpv_SHA256_Transform(context, (uint32_t *)(void *)context->buffer);
for (i = 0; i < len / 4; i++)
be32encode(digest + 4 * i, context->state[i]);
@@ -588,14 +586,14 @@ SHA224_256_Final(uint8_t digest[], SHA25
}
int
-SHA256_Final(uint8_t digest[], SHA256_CTX *context)
+netpgpv_SHA256_Final(uint8_t digest[], NETPGPV_SHA256_CTX *context)
{
- return SHA224_256_Final(digest, context, SHA256_DIGEST_LENGTH);
+ return netpgpv_SHA224_256_Final(digest, context, SHA256_DIGEST_LENGTH);
}
/*** SHA-224: *********************************************************/
int
-SHA224_Init(SHA224_CTX *context)
+netpgpv_SHA224_Init(NETPGPV_SHA224_CTX *context)
{
if (context == NULL)
return 1;
@@ -610,27 +608,27 @@ SHA224_Init(SHA224_CTX *context)
}
int
-SHA224_Update(SHA224_CTX *context, const uint8_t *data, size_t len)
+netpgpv_SHA224_Update(NETPGPV_SHA224_CTX *context, const uint8_t *data, size_t len)
{
- return SHA256_Update((SHA256_CTX *)context, data, len);
+ return netpgpv_SHA256_Update((NETPGPV_SHA256_CTX *)context, data, len);
}
void
-SHA224_Transform(SHA224_CTX *context, const uint32_t *data)
+netpgpv_SHA224_Transform(NETPGPV_SHA224_CTX *context, const uint32_t *data)
{
- SHA256_Transform((SHA256_CTX *)context, data);
+ netpgpv_SHA256_Transform((NETPGPV_SHA256_CTX *)context, data);
}
int
-SHA224_Final(uint8_t digest[], SHA224_CTX *context)
+netpgpv_SHA224_Final(uint8_t digest[], NETPGPV_SHA224_CTX *context)
{
- return SHA224_256_Final(digest, (SHA256_CTX *)context,
+ return netpgpv_SHA224_256_Final(digest, (NETPGPV_SHA256_CTX *)context,
SHA224_DIGEST_LENGTH);
}
/*** SHA-512: *********************************************************/
int
-SHA512_Init(SHA512_CTX *context)
+netpgpv_SHA512_Init(NETPGPV_SHA512_CTX *context)
{
if (context == NULL)
return 1;
@@ -667,7 +665,7 @@ SHA512_Init(SHA512_CTX *context)
j++
void
-SHA512_Transform(SHA512_CTX *context, const uint64_t *data)
+netpgpv_SHA512_Transform(NETPGPV_SHA512_CTX *context, const uint64_t *data)
{
uint64_t a, b, c, d, e, f, g, h, s0, s1;
uint64_t T1, *W512 = (uint64_t *)context->buffer;
@@ -724,7 +722,7 @@ SHA512_Transform(SHA512_CTX *context, co
#else /* SHA2_UNROLL_TRANSFORM */
void
-SHA512_Transform(SHA512_CTX *context, const uint64_t *data)
+netpgpv_SHA512_Transform(NETPGPV_SHA512_CTX *context, const uint64_t *data)
{
uint64_t a, b, c, d, e, f, g, h, s0, s1;
uint64_t T1, T2, *W512 = (void *)context->buffer;
@@ -799,7 +797,7 @@ SHA512_Transform(SHA512_CTX *context, co
#endif /* SHA2_UNROLL_TRANSFORM */
int
-SHA512_Update(SHA512_CTX *context, const uint8_t *data, size_t len)
+netpgpv_SHA512_Update(NETPGPV_SHA512_CTX *context, const uint8_t *data, size_t len)
{
unsigned int freespace, usedspace;
@@ -821,7 +819,7 @@ SHA512_Update(SHA512_CTX *context, const
ADDINC128(context->bitcount, freespace << 3);
len -= freespace;
data += freespace;
- SHA512_Transform(context,
+ netpgpv_SHA512_Transform(context,
(uint64_t *)(void *)context->buffer);
} else {
/* The buffer is not yet full */
@@ -841,7 +839,7 @@ SHA512_Update(SHA512_CTX *context, const
*/
if ((uintptr_t)data % 8 == 0) {
while (len >= SHA512_BLOCK_LENGTH) {
- SHA512_Transform(context,
+ netpgpv_SHA512_Transform(context,
(const uint64_t*)(const void *)data);
ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
len -= SHA512_BLOCK_LENGTH;
@@ -850,7 +848,7 @@ SHA512_Update(SHA512_CTX *context, const
} else {
while (len >= SHA512_BLOCK_LENGTH) {
memcpy(context->buffer, data, SHA512_BLOCK_LENGTH);
- SHA512_Transform(context,
+ netpgpv_SHA512_Transform(context,
(const void *)context->buffer);
ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
len -= SHA512_BLOCK_LENGTH;
@@ -869,7 +867,7 @@ SHA512_Update(SHA512_CTX *context, const
}
static void
-SHA512_Last(SHA512_CTX *context)
+netpgpv_SHA512_Last(NETPGPV_SHA512_CTX *context)
{
unsigned int usedspace;
@@ -890,7 +888,7 @@ SHA512_Last(SHA512_CTX *context)
(size_t)(SHA512_BLOCK_LENGTH - usedspace));
}
/* Do second-to-last transform: */
- SHA512_Transform(context,
+ netpgpv_SHA512_Transform(context,
(uint64_t *)(void *)context->buffer);
/* And set-up for the last transform: */
@@ -911,17 +909,17 @@ SHA512_Last(SHA512_CTX *context)
&context->bitcount[0], sizeof(context->bitcount[0]));
/* Final transform: */
- SHA512_Transform(context, (uint64_t *)(void *)context->buffer);
+ netpgpv_SHA512_Transform(context, (uint64_t *)(void *)context->buffer);
}
int
-SHA512_Final(uint8_t digest[], SHA512_CTX *context)
+netpgpv_SHA512_Final(uint8_t digest[], NETPGPV_SHA512_CTX *context)
{
size_t i;
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL) {
- SHA512_Last(context);
+ netpgpv_SHA512_Last(context);
/* Save the hash data for output: */
for (i = 0; i < 8; ++i)
@@ -936,7 +934,7 @@ SHA512_Final(uint8_t digest[], SHA512_CT
/*** SHA-384: *********************************************************/
int
-SHA384_Init(SHA384_CTX *context)
+netpgpv_SHA384_Init(NETPGPV_SHA384_CTX *context)
{
if (context == NULL)
return 1;
@@ -950,25 +948,25 @@ SHA384_Init(SHA384_CTX *context)
}
int
-SHA384_Update(SHA384_CTX *context, const uint8_t *data, size_t len)
+netpgpv_SHA384_Update(NETPGPV_SHA384_CTX *context, const uint8_t *data, size_t len)
{
- return SHA512_Update((SHA512_CTX *)context, data, len);
+ return netpgpv_SHA512_Update((NETPGPV_SHA512_CTX *)context, data, len);
}
void
-SHA384_Transform(SHA512_CTX *context, const uint64_t *data)
+netpgpv_SHA384_Transform(NETPGPV_SHA512_CTX *context, const uint64_t *data)
{
- SHA512_Transform((SHA512_CTX *)context, data);
+ netpgpv_SHA512_Transform((NETPGPV_SHA512_CTX *)context, data);
}
int
-SHA384_Final(uint8_t digest[], SHA384_CTX *context)
+netpgpv_SHA384_Final(uint8_t digest[], NETPGPV_SHA384_CTX *context)
{
size_t i;
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL) {
- SHA512_Last((SHA512_CTX *)context);
+ netpgpv_SHA512_Last((NETPGPV_SHA512_CTX *)context);
/* Save the hash data for output: */
for (i = 0; i < 6; ++i)
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.h
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.h:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.h:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.h:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/sha2.h Tue Jun 14 20:47:08 2016
@@ -1,4 +1,4 @@
-/* $NetBSD: sha2.h,v 1.1 2014/03/09 00:15:45 agc Exp $ */
+/* $NetBSD: sha2.h,v 1.2 2016/06/14 20:47:08 agc Exp $ */
/* $KAME: sha2.h,v 1.4 2003/07/20 00:28:38 itojun Exp $ */
/*
@@ -40,7 +40,6 @@
#define __SHA2_H__
#include <sys/types.h>
-#include <sys/cdefs.h>
/*** SHA-224/256/384/512 Various Length Definitions ***********************/
#define SHA224_BLOCK_LENGTH 64
@@ -56,64 +55,73 @@
#define SHA512_DIGEST_LENGTH 64
#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1)
+#ifndef __BEGIN_DECLS
+# if defined(__cplusplus)
+# define __BEGIN_DECLS extern "C" {
+# define __END_DECLS }
+# else
+# define __BEGIN_DECLS
+# define __END_DECLS
+# endif
+#endif
/*** SHA-256/384/512 Context Structures *******************************/
-typedef struct _SHA256_CTX {
+typedef struct _NETPGPV_SHA256_CTX {
uint32_t state[8];
uint64_t bitcount;
uint8_t buffer[SHA256_BLOCK_LENGTH];
-} SHA256_CTX;
+} NETPGPV_SHA256_CTX;
-typedef struct _SHA512_CTX {
+typedef struct _NETPGPV_SHA512_CTX {
uint64_t state[8];
uint64_t bitcount[2];
uint8_t buffer[SHA512_BLOCK_LENGTH];
-} SHA512_CTX;
+} NETPGPV_SHA512_CTX;
-typedef SHA256_CTX SHA224_CTX;
-typedef SHA512_CTX SHA384_CTX;
+typedef NETPGPV_SHA256_CTX NETPGPV_SHA224_CTX;
+typedef NETPGPV_SHA512_CTX NETPGPV_SHA384_CTX;
/*** SHA-256/384/512 Function Prototypes ******************************/
__BEGIN_DECLS
-int SHA224_Init(SHA224_CTX *);
-int SHA224_Update(SHA224_CTX*, const uint8_t*, size_t);
-int SHA224_Final(uint8_t[SHA224_DIGEST_LENGTH], SHA224_CTX*);
+int netpgpv_SHA224_Init(NETPGPV_SHA224_CTX *);
+int netpgpv_SHA224_Update(NETPGPV_SHA224_CTX*, const uint8_t*, size_t);
+int netpgpv_SHA224_Final(uint8_t[SHA224_DIGEST_LENGTH], NETPGPV_SHA224_CTX*);
#ifndef _KERNEL
-char *SHA224_End(SHA224_CTX *, char[SHA224_DIGEST_STRING_LENGTH]);
-char *SHA224_FileChunk(const char *, char *, off_t, off_t);
-char *SHA224_File(const char *, char *);
-char *SHA224_Data(const uint8_t *, size_t, char[SHA224_DIGEST_STRING_LENGTH]);
+char *netpgpv_SHA224_End(NETPGPV_SHA224_CTX *, char[SHA224_DIGEST_STRING_LENGTH]);
+char *netpgpv_SHA224_FileChunk(const char *, char *, off_t, off_t);
+char *netpgpv_SHA224_File(const char *, char *);
+char *netpgpv_SHA224_Data(const uint8_t *, size_t, char[SHA224_DIGEST_STRING_LENGTH]);
#endif /* !_KERNEL */
-int SHA256_Init(SHA256_CTX *);
-int SHA256_Update(SHA256_CTX*, const uint8_t*, size_t);
-int SHA256_Final(uint8_t[SHA256_DIGEST_LENGTH], SHA256_CTX*);
+int netpgpv_SHA256_Init(NETPGPV_SHA256_CTX *);
+int netpgpv_SHA256_Update(NETPGPV_SHA256_CTX*, const uint8_t*, size_t);
+int netpgpv_SHA256_Final(uint8_t[SHA256_DIGEST_LENGTH], NETPGPV_SHA256_CTX*);
#ifndef _KERNEL
-char *SHA256_End(SHA256_CTX *, char[SHA256_DIGEST_STRING_LENGTH]);
-char *SHA256_FileChunk(const char *, char *, off_t, off_t);
-char *SHA256_File(const char *, char *);
-char *SHA256_Data(const uint8_t *, size_t, char[SHA256_DIGEST_STRING_LENGTH]);
+char *netpgpv_SHA256_End(NETPGPV_SHA256_CTX *, char[SHA256_DIGEST_STRING_LENGTH]);
+char *netpgpv_SHA256_FileChunk(const char *, char *, off_t, off_t);
+char *netpgpv_SHA256_File(const char *, char *);
+char *netpgpv_SHA256_Data(const uint8_t *, size_t, char[SHA256_DIGEST_STRING_LENGTH]);
#endif /* !_KERNEL */
-int SHA384_Init(SHA384_CTX*);
-int SHA384_Update(SHA384_CTX*, const uint8_t*, size_t);
-int SHA384_Final(uint8_t[SHA384_DIGEST_LENGTH], SHA384_CTX*);
+int netpgpv_SHA384_Init(NETPGPV_SHA384_CTX*);
+int netpgpv_SHA384_Update(NETPGPV_SHA384_CTX*, const uint8_t*, size_t);
+int netpgpv_SHA384_Final(uint8_t[SHA384_DIGEST_LENGTH], NETPGPV_SHA384_CTX*);
#ifndef _KERNEL
-char *SHA384_End(SHA384_CTX *, char[SHA384_DIGEST_STRING_LENGTH]);
-char *SHA384_FileChunk(const char *, char *, off_t, off_t);
-char *SHA384_File(const char *, char *);
-char *SHA384_Data(const uint8_t *, size_t, char[SHA384_DIGEST_STRING_LENGTH]);
+char *netpgpv_SHA384_End(NETPGPV_SHA384_CTX *, char[SHA384_DIGEST_STRING_LENGTH]);
+char *netpgpv_SHA384_FileChunk(const char *, char *, off_t, off_t);
+char *netpgpv_SHA384_File(const char *, char *);
+char *netpgpv_SHA384_Data(const uint8_t *, size_t, char[SHA384_DIGEST_STRING_LENGTH]);
#endif /* !_KERNEL */
-int SHA512_Init(SHA512_CTX*);
-int SHA512_Update(SHA512_CTX*, const uint8_t*, size_t);
-int SHA512_Final(uint8_t[SHA512_DIGEST_LENGTH], SHA512_CTX*);
+int netpgpv_SHA512_Init(NETPGPV_SHA512_CTX*);
+int netpgpv_SHA512_Update(NETPGPV_SHA512_CTX*, const uint8_t*, size_t);
+int netpgpv_SHA512_Final(uint8_t[SHA512_DIGEST_LENGTH], NETPGPV_SHA512_CTX*);
#ifndef _KERNEL
-char *SHA512_End(SHA512_CTX *, char[SHA512_DIGEST_STRING_LENGTH]);
-char *SHA512_FileChunk(const char *, char *, off_t, off_t);
-char *SHA512_File(const char *, char *);
-char *SHA512_Data(const uint8_t *, size_t, char[SHA512_DIGEST_STRING_LENGTH]);
+char *netpgpv_SHA512_End(NETPGPV_SHA512_CTX *, char[SHA512_DIGEST_STRING_LENGTH]);
+char *netpgpv_SHA512_FileChunk(const char *, char *, off_t, off_t);
+char *netpgpv_SHA512_File(const char *, char *);
+char *netpgpv_SHA512_Data(const uint8_t *, size_t, char[SHA512_DIGEST_STRING_LENGTH]);
#endif /* !_KERNEL */
__END_DECLS
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.h
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.h:1.1 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.h:1.2
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.h:1.1 Sun Mar 9 00:15:45 2014
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/tiger.h Tue Jun 14 20:47:08 2016
@@ -44,21 +44,21 @@ __BEGIN_DECLS
#define TIGER_DIGEST_LENGTH 24
#define TIGER_DIGEST_STRING_LENGTH ((TIGER_DIGEST_LENGTH * 2) + 1)
-typedef struct TIGER_CTX {
+typedef struct NETPGPV_TIGER_CTX {
uint64_t ctx[3];
int init;
uint8_t pad;
-} TIGER_CTX;
+} NETPGPV_TIGER_CTX;
-void TIGER_Init(TIGER_CTX *);
-void TIGER2_Init(TIGER_CTX *);
-void TIGER_Update(TIGER_CTX *, const void *, size_t);
-void TIGER_Final(uint8_t *, TIGER_CTX *);
+void netpgpv_TIGER_Init(NETPGPV_TIGER_CTX *);
+void netpgpv_TIGER2_Init(NETPGPV_TIGER_CTX *);
+void netpgpv_TIGER_Update(NETPGPV_TIGER_CTX *, const void *, size_t);
+void netpgpv_TIGER_Final(uint8_t *, NETPGPV_TIGER_CTX *);
-char *TIGER_End(TIGER_CTX *, char *);
+char *netpgpv_TIGER_End(NETPGPV_TIGER_CTX *, char *);
-char *TIGER_File(char *, char *, int);
-char *TIGER_Data(const uint8_t *, size_t, char *, int);
+char *netpgpv_TIGER_File(char *, char *, int);
+char *netpgpv_TIGER_Data(const uint8_t *, size_t, char *, int);
__END_DECLS
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.7 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.8
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.7 Thu Feb 5 01:26:54 2015
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c Tue Jun 14 20:47:08 2016
@@ -32,6 +32,8 @@
#include <arpa/inet.h>
#include <inttypes.h>
+#include <limits.h>
+#include <stdbool.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
@@ -64,6 +66,10 @@
#define __printflike(n, m) __attribute__((format(printf,n,m)))
#endif
+#ifndef MIN
+#define MIN(a,b) (((a)<(b))?(a):(b))
+#endif
+
#define BITS_TO_BYTES(b) (((b) + (CHAR_BIT - 1)) / CHAR_BIT)
/* packet types */
@@ -162,6 +168,71 @@ static int read_all_packets(pgpv_t */*pg
static int read_binary_file(pgpv_t */*pgp*/, const char */*op*/, const char */*fmt*/, ...) __printflike(3, 4);
static int read_binary_memory(pgpv_t */*pgp*/, const char */*op*/, const void */*memory*/, size_t /*size*/);
+/* output buffer structure */
+typedef struct obuf_t {
+ size_t alloc; /* amount of memory allocated */
+ size_t c; /* # of chars used so far */
+ uint8_t *v; /* array of bytes */
+ uint32_t endian; /* byte order of output stream */
+} obuf_t;
+
+/* grow the buffer, if needed */
+static bool
+growbuf(obuf_t *obuf, size_t cc)
+{
+ size_t newalloc;
+ uint8_t *newv;
+
+ if (obuf->c + cc > obuf->alloc) {
+ newalloc = howmany(obuf->alloc + cc, 128) * 128;
+ newv = realloc(obuf->v, newalloc);
+ if (newv == NULL) {
+ return false;
+ }
+ obuf->v = newv;
+ obuf->alloc = newalloc;
+ }
+ return true;
+}
+
+/* add a fixed-length area of memory */
+static bool
+obuf_add_mem(obuf_t *obuf, const char *s, size_t len)
+{
+ if (obuf && s && len > 0) {
+ if (!growbuf(obuf, len)) {
+ return false;
+ }
+ memcpy(&obuf->v[obuf->c], s, len);
+ obuf->c += len;
+ return true;
+ }
+ return false;
+}
+
+/* varargs-based printf to string */
+static bool
+obuf_printf(obuf_t *obuf, const char *fmt, ...)
+{
+ va_list args;
+ char *cp;
+ bool ret;
+ int cc;
+
+ if (obuf && fmt) {
+ ret = true;
+ va_start(args, fmt);
+ cc = vasprintf(&cp, fmt, args);
+ va_end(args);
+ if (cc > 0) {
+ ret = obuf_add_mem(obuf, cp, (size_t)cc);
+ free(cp);
+ }
+ return ret;
+ }
+ return false;
+}
+
/* read a file into the pgpv_mem_t struct */
static int
read_file(pgpv_t *pgp, const char *f)
@@ -410,15 +481,16 @@ fmt_16(uint8_t *p, uint16_t a)
/* format a binary string in memory */
static size_t
-fmt_binary(char *s, size_t size, const uint8_t *bin, unsigned len)
+fmt_binary(obuf_t *obuf, const uint8_t *bin, unsigned len)
{
unsigned i;
- size_t cc;
- for (cc = 0, i = 0 ; i < len && cc < size ; i++) {
- cc += snprintf(&s[cc], size - cc, "%02x", bin[i]);
+ for (i = 0 ; i < len ; i++) {
+ if (!obuf_printf(obuf, "%02hhx", bin[i])) {
+ return false;
+ }
}
- return cc;
+ return true;
}
/* format an mpi into memory */
@@ -426,20 +498,20 @@ static unsigned
fmt_binary_mpi(pgpv_bignum_t *mpi, uint8_t *p, size_t size)
{
unsigned bytes;
- BIGNUM *bn;
+ PGPV_BIGNUM *bn;
bytes = BITS_TO_BYTES(mpi->bits);
if ((size_t)bytes + 2 + 1 > size) {
fprintf(stderr, "truncated mpi");
return 0;
}
- bn = (BIGNUM *)mpi->bn;
- if (bn == NULL || BN_is_zero(bn)) {
+ bn = (PGPV_BIGNUM *)mpi->bn;
+ if (bn == NULL || PGPV_BN_is_zero(bn)) {
fmt_32(p, 0);
return 2 + 1;
}
fmt_16(p, mpi->bits);
- BN_bn2bin(bn, &p[2]);
+ PGPV_BN_bn2bin(bn, &p[2]);
return bytes + 2;
}
@@ -454,7 +526,7 @@ fmt_mpi(char *s, size_t size, pgpv_bignu
if (pbits) {
cc += snprintf(&s[cc], size - cc, "[%u bits] ", bn->bits);
}
- buf = BN_bn2hex(bn->bn);
+ buf = PGPV_BN_bn2hex(bn->bn);
cc += snprintf(&s[cc], size - cc, "%s\n", buf);
free(buf);
return cc;
@@ -547,19 +619,21 @@ pgpv_calc_fingerprint(pgpv_fingerprint_t
}
/* format a fingerprint into memory */
-static size_t
-fmt_fingerprint(char *s, size_t size, pgpv_fingerprint_t *fingerprint, const char *name)
+static bool
+fmt_fingerprint(obuf_t *obuf, pgpv_fingerprint_t *fingerprint, const char *name)
{
unsigned i;
- size_t cc;
- cc = snprintf(s, size, "%s ", name);
+ if (!obuf_printf(obuf, "%s ", name)) {
+ return false;
+ }
for (i = 0 ; i < fingerprint->len ; i++) {
- cc += snprintf(&s[cc], size - cc, "%02hhx%s",
- fingerprint->v[i], (i % 2 == 1) ? " " : "");
+ if (!obuf_printf(obuf, "%02hhx%s",
+ fingerprint->v[i], (i % 2 == 1) ? " " : "")) {
+ return false;
+ }
}
- cc += snprintf(&s[cc], size - cc, "\n");
- return cc;
+ return obuf_printf(obuf, "\n");
}
/* calculate keyid from a pubkey */
@@ -654,30 +728,32 @@ get_32(uint8_t *p)
/* format (human readable) time into memory */
static size_t
-fmt_time(char *s, size_t size, const char *header, int64_t n, const char *trailer, int relative)
+fmt_time(obuf_t *obuf, const char *header, int64_t n, const char *trailer, int relative)
{
struct tm tm;
time_t elapsed;
time_t now;
time_t t;
- size_t cc;
t = (time_t)n;
now = time(NULL);
elapsed = now - t;
gmtime_r(&t, &tm);
- cc = snprintf(s, size, "%s%04d-%02d-%02d", header,
- tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday);
+ if (!obuf_printf(obuf, "%s%04d-%02d-%02d", header,
+ tm.tm_year + 1900, tm.tm_mon + 1, tm.tm_mday)) {
+ return false;
+ }
if (relative) {
- cc += snprintf(&s[cc], size - cc, " (%lldy %lldm %lldd %lldh %s)",
+ if (!obuf_printf(obuf, " (%lldy %lldm %lldd %lldh %s)",
llabs((long long)elapsed / YEARSECS),
llabs(((long long)elapsed % YEARSECS) / MONSECS),
llabs(((long long)elapsed % MONSECS) / DAYSECS),
llabs(((long long)elapsed % DAYSECS) / HOURSECS),
- (now > t) ? "ago" : "ahead");
+ (now > t) ? "ago" : "ahead")) {
+ return false;
+ }
}
- cc += snprintf(&s[cc], size - cc, "%s", trailer);
- return cc;
+ return obuf_printf(obuf, "%s", trailer);
}
/* dump key mpis to stdout */
@@ -728,7 +804,7 @@ get_mpi(pgpv_bignum_t *mpi, uint8_t *p,
return 0;
}
*off += sizeof(mpi->bits);
- mpi->bn = BN_bin2bn(&p[sizeof(mpi->bits)], (int)bytes, NULL);
+ mpi->bn = PGPV_BN_bin2bn(&p[sizeof(mpi->bits)], (int)bytes, NULL);
*off += bytes;
return 1;
}
@@ -1426,82 +1502,100 @@ numkeybits(const pgpv_pubkey_t *pubkey)
}
/* print a public key */
-static size_t
-fmt_pubkey(char *s, size_t size, pgpv_pubkey_t *pubkey, const char *leader)
+static bool
+fmt_pubkey(obuf_t *obuf, pgpv_pubkey_t *pubkey, const char *leader)
{
- size_t cc;
-
- cc = snprintf(s, size, "%s %u/%s ", leader, numkeybits(pubkey), fmtkeyalg(pubkey->keyalg));
- cc += fmt_binary(&s[cc], size - cc, pubkey->keyid, PGPV_KEYID_LEN);
- cc += fmt_time(&s[cc], size - cc, " ", pubkey->birth, "", 0);
+ if (!obuf_printf(obuf, "%s %u/%s ", leader, numkeybits(pubkey), fmtkeyalg(pubkey->keyalg))) {
+ return false;
+ }
+ if (!fmt_binary(obuf, pubkey->keyid, PGPV_KEYID_LEN)) {
+ return false;
+ }
+ if (!fmt_time(obuf, " ", pubkey->birth, "", 0)) {
+ return false;
+ }
if (pubkey->expiry) {
- cc += fmt_time(&s[cc], size - cc, " [Expiry ", pubkey->birth + pubkey->expiry, "]", 0);
+ if (!fmt_time(obuf, " [Expiry ", pubkey->birth + pubkey->expiry, "]", 0)) {
+ return false;
+ }
}
- cc += snprintf(&s[cc], size - cc, "\n");
- cc += fmt_fingerprint(&s[cc], size - cc, &pubkey->fingerprint, "fingerprint ");
- return cc;
+ if (!obuf_printf(obuf, "\n")) {
+ return false;
+ }
+ return fmt_fingerprint(obuf, &pubkey->fingerprint, "fingerprint ");
}
/* we add 1 to revocation value to denote compromised */
#define COMPROMISED (0x02 + 1)
/* format a userid - used to order the userids when formatting */
-static size_t
-fmt_userid(char *s, size_t size, pgpv_primarykey_t *primary, uint8_t u)
+static bool
+fmt_userid(obuf_t *obuf, pgpv_primarykey_t *primary, uint8_t u)
{
pgpv_signed_userid_t *userid;
userid = &ARRAY_ELEMENT(primary->signed_userids, u);
- return snprintf(s, size, "uid %.*s%s\n",
+ return obuf_printf(obuf, "uid %.*s%s\n",
(int)userid->userid.size, userid->userid.data,
(userid->revoked == COMPROMISED) ? " [COMPROMISED AND REVOKED]" :
(userid->revoked) ? " [REVOKED]" : "");
}
/* format a trust sig - used to order the userids when formatting */
-static size_t
-fmt_trust(char *s, size_t size, pgpv_signed_userid_t *userid, uint32_t u)
+static bool
+fmt_trust(obuf_t *obuf, pgpv_signed_userid_t *userid, uint32_t u)
{
pgpv_signature_t *sig;
- size_t cc;
sig = &ARRAY_ELEMENT(userid->sigs, u);
- cc = snprintf(s, size, "trust ");
- cc += fmt_binary(&s[cc], size - cc, sig->signer, 8);
- return cc + snprintf(&s[cc], size - cc, "\n");
+ if (!obuf_printf(obuf, "trust ")) {
+ return false;
+ }
+ if (!fmt_binary(obuf, sig->signer, 8)) {
+ return false;
+ }
+ return obuf_printf(obuf, "\n");
}
/* print a primary key, per RFC 4880 */
-static size_t
-fmt_primary(char *s, size_t size, pgpv_primarykey_t *primary, unsigned subkey, const char *modifiers)
+static bool
+fmt_primary(obuf_t *obuf, pgpv_primarykey_t *primary, unsigned subkey, const char *modifiers)
{
pgpv_signed_userid_t *userid;
pgpv_pubkey_t *pubkey;
unsigned i;
unsigned j;
- size_t cc;
pubkey = (subkey == 0) ? &primary->primary : &ARRAY_ELEMENT(primary->signed_subkeys, subkey - 1).subkey;
- cc = fmt_pubkey(s, size, pubkey, "signature ");
- cc += fmt_userid(&s[cc], size - cc, primary, primary->primary_userid);
+ if (!fmt_pubkey(obuf, pubkey, "signature ")) {
+ return false;
+ }
+ if (!fmt_userid(obuf, primary, primary->primary_userid)) {
+ return false;
+ }
for (i = 0 ; i < ARRAY_COUNT(primary->signed_userids) ; i++) {
if (i != primary->primary_userid) {
- cc += fmt_userid(&s[cc], size - cc, primary, i);
+ if (!fmt_userid(obuf, primary, i)) {
+ return false;
+ }
if (strcasecmp(modifiers, "trust") == 0) {
userid = &ARRAY_ELEMENT(primary->signed_userids, i);
for (j = 0 ; j < ARRAY_COUNT(userid->sigs) ; j++) {
- cc += fmt_trust(&s[cc], size - cc, userid, j);
+ if (!fmt_trust(obuf, userid, j)) {
+ return false;
+ }
}
}
}
}
if (strcasecmp(modifiers, "subkeys") == 0) {
for (i = 0 ; i < ARRAY_COUNT(primary->signed_subkeys) ; i++) {
- cc += fmt_pubkey(&s[cc], size - cc, &ARRAY_ELEMENT(primary->signed_subkeys, i).subkey, "encryption");
+ if (!fmt_pubkey(obuf, &ARRAY_ELEMENT(primary->signed_subkeys, i).subkey, "encryption")) {
+ return false;
+ }
}
}
- cc += snprintf(&s[cc], size - cc, "\n");
- return cc;
+ return obuf_printf(obuf, "\n");
}
@@ -1528,8 +1622,8 @@ static int
lowlevel_rsa_public_check(const uint8_t *encbuf, int enclen, uint8_t *dec, const rsa_pubkey_t *rsa)
{
uint8_t *decbuf;
- BIGNUM *decbn;
- BIGNUM *encbn;
+ PGPV_BIGNUM *decbn;
+ PGPV_BIGNUM *encbn;
int decbytes;
int nbytes;
int r;
@@ -1538,22 +1632,22 @@ lowlevel_rsa_public_check(const uint8_t
r = -1;
decbuf = NULL;
decbn = encbn = NULL;
- if (BN_num_bits(rsa->n) > RSA_MAX_MODULUS_BITS) {
+ if (PGPV_BN_num_bits(rsa->n) > RSA_MAX_MODULUS_BITS) {
printf("rsa r modulus too large\n");
goto err;
}
- if (BN_cmp(rsa->n, rsa->e) <= 0) {
+ if (PGPV_BN_cmp(rsa->n, rsa->e) <= 0) {
printf("rsa r bad n value\n");
goto err;
}
- if (BN_num_bits(rsa->n) > RSA_SMALL_MODULUS_BITS &&
- BN_num_bits(rsa->e) > RSA_MAX_PUBEXP_BITS) {
+ if (PGPV_BN_num_bits(rsa->n) > RSA_SMALL_MODULUS_BITS &&
+ PGPV_BN_num_bits(rsa->e) > RSA_MAX_PUBEXP_BITS) {
printf("rsa r bad exponent limit\n");
goto err;
}
- nbytes = BN_num_bytes(rsa->n);
- if ((encbn = BN_new()) == NULL ||
- (decbn = BN_new()) == NULL ||
+ nbytes = PGPV_BN_num_bytes(rsa->n);
+ if ((encbn = PGPV_BN_new()) == NULL ||
+ (decbn = PGPV_BN_new()) == NULL ||
(decbuf = calloc(1, (size_t)nbytes)) == NULL) {
printf("allocation failure\n");
goto err;
@@ -1562,26 +1656,26 @@ lowlevel_rsa_public_check(const uint8_t
printf("rsa r > mod len\n");
goto err;
}
- if (BN_bin2bn(encbuf, enclen, encbn) == NULL) {
+ if (PGPV_BN_bin2bn(encbuf, enclen, encbn) == NULL) {
printf("null encrypted BN\n");
goto err;
}
- if (BN_cmp(encbn, rsa->n) >= 0) {
+ if (PGPV_BN_cmp(encbn, rsa->n) >= 0) {
printf("rsa r data too large for modulus\n");
goto err;
}
- if (BN_mod_exp(decbn, encbn, rsa->e, rsa->n, NULL) < 0) {
- printf("BN_mod_exp < 0\n");
+ if (PGPV_BN_mod_exp(decbn, encbn, rsa->e, rsa->n, NULL) < 0) {
+ printf("PGPV_BN_mod_exp < 0\n");
goto err;
}
- decbytes = BN_num_bytes(decbn);
- (void) BN_bn2bin(decbn, decbuf);
+ decbytes = PGPV_BN_num_bytes(decbn);
+ (void) PGPV_BN_bn2bin(decbn, decbuf);
if ((r = rsa_padding_check_none(dec, nbytes, decbuf, decbytes, 0)) < 0) {
printf("rsa r padding check failed\n");
}
err:
- BN_free(encbn);
- BN_free(decbn);
+ PGPV_BN_free(encbn);
+ PGPV_BN_free(decbn);
if (decbuf != NULL) {
(void) memset(decbuf, 0x0, nbytes);
free(decbuf);
@@ -1601,11 +1695,11 @@ rsa_public_decrypt(int enclen, const uns
}
USE_ARG(padding);
(void) memset(&pub, 0x0, sizeof(pub));
- pub.n = BN_dup(rsa->n);
- pub.e = BN_dup(rsa->e);
+ pub.n = PGPV_BN_dup(rsa->n);
+ pub.e = PGPV_BN_dup(rsa->e);
ret = lowlevel_rsa_public_check(enc, enclen, dec, &pub);
- BN_free(pub.n);
- BN_free(pub.e);
+ PGPV_BN_free(pub.n);
+ PGPV_BN_free(pub.e);
return ret;
}
@@ -1656,7 +1750,7 @@ rsa_verify(uint8_t *calculated, unsigned
size_t keysize;
keysize = BITS_TO_BYTES(pubkey->bn[RSA_N].bits);
- BN_bn2bin(bn[RSA_SIG].bn, sigbn);
+ PGPV_BN_bn2bin(bn[RSA_SIG].bn, sigbn);
decryptc = pgpv_rsa_public_decrypt(decrypted, sigbn, BITS_TO_BYTES(bn[RSA_SIG].bits), pubkey);
if (decryptc != keysize || (decrypted[0] != 0 || decrypted[1] != 1)) {
return 0;
@@ -1682,13 +1776,13 @@ rsa_verify(uint8_t *calculated, unsigned
/* return 1 if bn <= 0 */
static int
-bignum_is_bad(BIGNUM *bn)
+bignum_is_bad(PGPV_BIGNUM *bn)
{
- return BN_is_zero(bn) || BN_is_negative(bn);
+ return PGPV_BN_is_zero(bn) || PGPV_BN_is_negative(bn);
}
#define BAD_BIGNUM(s, k) \
- (bignum_is_bad((s)->bn) || BN_cmp((s)->bn, (k)->bn) >= 0)
+ (bignum_is_bad((s)->bn) || PGPV_BN_cmp((s)->bn, (k)->bn) >= 0)
#ifndef DSA_MAX_MODULUS_BITS
#define DSA_MAX_MODULUS_BITS 10000
@@ -1701,9 +1795,9 @@ verify_dsa_sig(uint8_t *calculated, unsi
unsigned qbits;
uint8_t calcnum[128];
uint8_t signum[128];
- BIGNUM *M;
- BIGNUM *W;
- BIGNUM *t1;
+ PGPV_BIGNUM *M;
+ PGPV_BIGNUM *W;
+ PGPV_BIGNUM *t1;
int ret;
if (pubkey->bn[DSA_P].bn == NULL ||
@@ -1731,37 +1825,37 @@ verify_dsa_sig(uint8_t *calculated, unsi
return 0;
}
ret = 0;
- if ((M = BN_new()) == NULL || (W = BN_new()) == NULL || (t1 = BN_new()) == NULL ||
+ if ((M = PGPV_BN_new()) == NULL || (W = PGPV_BN_new()) == NULL || (t1 = PGPV_BN_new()) == NULL ||
BAD_BIGNUM(&sig[DSA_R], &pubkey->bn[DSA_Q]) ||
BAD_BIGNUM(&sig[DSA_S], &pubkey->bn[DSA_Q]) ||
- BN_mod_inverse(W, sig[DSA_S].bn, pubkey->bn[DSA_Q].bn, NULL) == NULL) {
+ PGPV_BN_mod_inverse(W, sig[DSA_S].bn, pubkey->bn[DSA_Q].bn, NULL) == NULL) {
goto done;
}
if (calclen > qbits / 8) {
calclen = qbits / 8;
}
- if (BN_bin2bn(calculated, (int)calclen, M) == NULL ||
- !BN_mod_mul(M, M, W, pubkey->bn[DSA_Q].bn, NULL) ||
- !BN_mod_mul(W, sig[DSA_R].bn, W, pubkey->bn[DSA_Q].bn, NULL) ||
- !BN_mod_exp(t1, pubkey->bn[DSA_G].bn, M, pubkey->bn[DSA_P].bn, NULL) ||
- !BN_mod_exp(W, pubkey->bn[DSA_Y].bn, W, pubkey->bn[DSA_P].bn, NULL) ||
- !BN_mod_mul(t1, t1, W, pubkey->bn[DSA_P].bn, NULL) ||
- !BN_div(NULL, t1, t1, pubkey->bn[DSA_Q].bn, NULL)) {
+ if (PGPV_BN_bin2bn(calculated, (int)calclen, M) == NULL ||
+ !PGPV_BN_mod_mul(M, M, W, pubkey->bn[DSA_Q].bn, NULL) ||
+ !PGPV_BN_mod_mul(W, sig[DSA_R].bn, W, pubkey->bn[DSA_Q].bn, NULL) ||
+ !PGPV_BN_mod_exp(t1, pubkey->bn[DSA_G].bn, M, pubkey->bn[DSA_P].bn, NULL) ||
+ !PGPV_BN_mod_exp(W, pubkey->bn[DSA_Y].bn, W, pubkey->bn[DSA_P].bn, NULL) ||
+ !PGPV_BN_mod_mul(t1, t1, W, pubkey->bn[DSA_P].bn, NULL) ||
+ !PGPV_BN_div(NULL, t1, t1, pubkey->bn[DSA_Q].bn, NULL)) {
goto done;
}
/* only compare the first q bits */
- BN_bn2bin(t1, calcnum);
- BN_bn2bin(sig[DSA_R].bn, signum);
+ PGPV_BN_bn2bin(t1, calcnum);
+ PGPV_BN_bn2bin(sig[DSA_R].bn, signum);
ret = memcmp(calcnum, signum, BITS_TO_BYTES(qbits)) == 0;
done:
if (M) {
- BN_free(M);
+ PGPV_BN_free(M);
}
if (W) {
- BN_free(W);
+ PGPV_BN_free(W);
}
if (t1) {
- BN_free(t1);
+ PGPV_BN_free(t1);
}
return ret;
}
@@ -1928,12 +2022,17 @@ read_ascii_armor(pgpv_cursor_t *cursor,
}
litdata.u.litdata.len = litdata.s.size = (size_t)(p - datastart);
p += strlen(SIGSTART);
- if ((p = find_bin_string(p, mem->size, "\n\n", 2)) == NULL) {
- snprintf(cursor->why, sizeof(cursor->why),
- "malformed armed signature at %zu", (size_t)(p - mem->mem));
- return 0;
+ /* Work out whther there's a version line */
+ if (memcmp(p, "Version:", 8) == 0) {
+ if ((p = find_bin_string(p, mem->size, "\n\n", 2)) == NULL) {
+ snprintf(cursor->why, sizeof(cursor->why),
+ "malformed armed signature at %zu", (size_t)(p - mem->mem));
+ return 0;
+ }
+ p += 2;
+ } else {
+ p += 1;
}
- p += 2;
sigend = find_bin_string(p, mem->size, SIGEND, strlen(SIGEND));
binsigsize = b64decode((char *)p, (size_t)(sigend - p), binsig, sizeof(binsig));
@@ -2197,8 +2296,8 @@ getbignum(pgpv_bignum_t *bignum, bufgap_
len = pgp_ntoh32(len);
(void) bufgap_seek(bg, sizeof(len), BGFromHere, BGByte);
(void) bufgap_getbin(bg, buf, len);
- bignum->bn = BN_bin2bn((const uint8_t *)buf, (int)len, NULL);
- bignum->bits = BN_num_bits(bignum->bn);
+ bignum->bn = PGPV_BN_bin2bn((const uint8_t *)buf, (int)len, NULL);
+ bignum->bits = PGPV_BN_num_bits(bignum->bn);
(void) bufgap_seek(bg, len, BGFromHere, BGByte);
return 1;
}
@@ -2526,7 +2625,7 @@ pgpv_get_entry(pgpv_t *pgp, unsigned ent
{
unsigned subkey;
unsigned prim;
- size_t cc;
+ obuf_t obuf;
prim = ((ent >> 8) & 0xffffff);
subkey = (ent & 0xff);
@@ -2534,17 +2633,15 @@ pgpv_get_entry(pgpv_t *pgp, unsigned ent
return 0;
}
*s = NULL;
- cc = ARRAY_ELEMENT(pgp->primaries, prim).fmtsize;
if (modifiers == NULL || (strcasecmp(modifiers, "trust") != 0 && strcasecmp(modifiers, "subkeys") != 0)) {
modifiers = "no-subkeys";
}
- if (strcasecmp(modifiers, "trust") == 0) {
- cc *= 2048;
- }
- if ((*s = calloc(1, cc)) == NULL) {
+ memset(&obuf, 0x0, sizeof(obuf));
+ if (!fmt_primary(&obuf, &ARRAY_ELEMENT(pgp->primaries, prim), subkey, modifiers)) {
return 0;
}
- return fmt_primary(*s, cc, &ARRAY_ELEMENT(pgp->primaries, prim), subkey, modifiers);
+ *s = (char *)obuf.v;
+ return obuf.c;
}
/* fixup key id, with birth, keyalg and hashalg value from signature */
@@ -2673,7 +2770,7 @@ pgpv_verify(pgpv_cursor_t *cursor, pgpv_
pgpv_litdata_t *litdata;
unsigned sub;
size_t pkt;
- char strkeyid[PGPV_STR_KEYID_LEN];
+ obuf_t obuf;
int j;
if (cursor == NULL || pgp == NULL || p == NULL) {
@@ -2700,23 +2797,32 @@ pgpv_verify(pgpv_cursor_t *cursor, pgpv_
signature = &ARRAY_ELEMENT(cursor->pgp->pkts, pkt + 2).u.sigpkt.sig;
/* sanity check values in signature and onepass agree */
if (signature->birth == 0) {
- fmt_time(cursor->why, sizeof(cursor->why), "Signature creation time [",
- signature->birth, "] out of range", 0);
+ if (!fmt_time(&obuf, "Signature creation time [",
+ signature->birth, "] out of range", 0)) {
+ }
+ snprintf(cursor->why, sizeof(cursor->why), "%.*s", (int)obuf.c, (char *)obuf.v);
return 0;
}
+ memset(&obuf, 0x0, sizeof(obuf));
if (memcmp(onepass->keyid, signature->signer, PGPV_KEYID_LEN) != 0) {
- fmt_binary(strkeyid, sizeof(strkeyid), onepass->keyid, (unsigned)sizeof(onepass->keyid));
- snprintf(cursor->why, sizeof(cursor->why), "Signature key id %s does not match onepass keyid",
- strkeyid);
+ if (!fmt_binary(&obuf, onepass->keyid, (unsigned)sizeof(onepass->keyid))) {
+ snprintf(cursor->why, sizeof(cursor->why), "Memory allocation failure");
+ return 0;
+ }
+ snprintf(cursor->why, sizeof(cursor->why),
+ "Signature key id %.*s does not match onepass keyid",
+ (int)obuf.c, (char *)obuf.v);
return 0;
}
if (onepass->hashalg != signature->hashalg) {
- snprintf(cursor->why, sizeof(cursor->why), "Signature hashalg %u does not match onepass hashalg %u",
+ snprintf(cursor->why, sizeof(cursor->why),
+ "Signature hashalg %u does not match onepass hashalg %u",
signature->hashalg, onepass->hashalg);
return 0;
}
if (onepass->keyalg != signature->keyalg) {
- snprintf(cursor->why, sizeof(cursor->why), "Signature keyalg %u does not match onepass keyalg %u",
+ snprintf(cursor->why, sizeof(cursor->why),
+ "Signature keyalg %u does not match onepass keyalg %u",
signature->keyalg, onepass->keyalg);
return 0;
}
@@ -2725,11 +2831,19 @@ pgpv_verify(pgpv_cursor_t *cursor, pgpv_
}
sub = 0;
if ((j = find_keyid(cursor->pgp, NULL, onepass->keyid, &sub)) < 0) {
- fmt_binary(strkeyid, sizeof(strkeyid), onepass->keyid, (unsigned)sizeof(onepass->keyid));
- snprintf(cursor->why, sizeof(cursor->why), "Signature key id %s not found ", strkeyid);
+ if (!fmt_binary(&obuf, onepass->keyid, (unsigned)sizeof(onepass->keyid))) {
+ snprintf(cursor->why, sizeof(cursor->why), "Memory allocation failure");
+ return 0;
+ }
+ snprintf(cursor->why, sizeof(cursor->why),
+ "Signature key id %.*s not found ",
+ (int)obuf.c, (char *)obuf.v);
return 0;
}
if (!match_sig_id(cursor, signature, litdata, (unsigned)j, sub)) {
+ snprintf(cursor->why, sizeof(cursor->why),
+ "Signature does not match %.*s",
+ (int)obuf.c, (char *)obuf.v);
return 0;
}
ARRAY_APPEND(cursor->datacookies, pkt);
Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h
diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h:1.5 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h:1.6
--- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h:1.5 Thu Feb 5 01:26:54 2015
+++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/verify.h Tue Jun 14 20:47:08 2016
@@ -23,9 +23,9 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef NETPGP_VERIFY_H_
-#define NETPGP_VERIFY_H_ 20150205
+#define NETPGP_VERIFY_H_ 20160614
-#define NETPGPVERIFY_VERSION "netpgpverify portable 20150205"
+#define NETPGPVERIFY_VERSION "netpgpverify portable 20160614"
#include <sys/types.h>
