X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=engines%2Fe_ubsec.c;h=458f37e996ec53a43ba5640882d44a8828d3107b;hb=1e8f69c6a5b52ac2f3941b49d710912ffe0f04ca;hp=f0e4f736ad5330259541b1195d4209f22b78e18c;hpb=edb0600583efc33840baf52c374882b91c937b05;p=oweals%2Fopenssl.git

diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c
index f0e4f736ad..458f37e996 100644
--- a/engines/e_ubsec.c
+++ b/engines/e_ubsec.c
@@ -64,9 +64,15 @@
 #include <openssl/buffer.h>
 #include <openssl/dso.h>
 #include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
+#endif
 #include <openssl/bn.h>
 
 #ifndef OPENSSL_NO_HW
@@ -89,14 +95,14 @@ static int ubsec_finish(ENGINE *e);
 static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
 static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx);
+#ifndef OPENSSL_NO_RSA
 static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			const BIGNUM *q, const BIGNUM *dp,
 			const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx);
-#ifndef OPENSSL_NO_RSA
 static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
-#endif
 static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#endif
 #ifndef OPENSSL_NO_DSA
 #ifdef NOT_USED
 static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
@@ -296,10 +302,10 @@ static t_UBSEC_diffie_hellman_generate_ioctl
 	*p_UBSEC_diffie_hellman_generate_ioctl = NULL;
 static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl = NULL;
 #endif
-/* #ifndef OPENSSL_NO_RSA */
+#ifndef OPENSSL_NO_RSA
 static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL;
 static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
-/* #endif */
+#endif
 #ifndef OPENSSL_NO_DSA
 static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL;
 static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL;
@@ -400,29 +406,38 @@ static int ubsec_init(ENGINE *e)
 		goto err;
 		}
 
-	if (
-	!(p1 = (t_UBSEC_ubsec_bytes_to_bits *) DSO_bind_func(ubsec_dso, UBSEC_F1)) ||
-	!(p2 = (t_UBSEC_ubsec_bits_to_bytes *) DSO_bind_func(ubsec_dso, UBSEC_F2)) ||
-	!(p3 = (t_UBSEC_ubsec_open *) DSO_bind_func(ubsec_dso, UBSEC_F3)) ||
-	!(p4 = (t_UBSEC_ubsec_close *) DSO_bind_func(ubsec_dso, UBSEC_F4)) ||
+	if (!(p1 = (t_UBSEC_ubsec_bytes_to_bits *)
+			DSO_bind_func(ubsec_dso, UBSEC_F1))
+	   || !(p2 = (t_UBSEC_ubsec_bits_to_bytes *)
+	   		DSO_bind_func(ubsec_dso, UBSEC_F2))
+	   || !(p3 = (t_UBSEC_ubsec_open *)
+	   		DSO_bind_func(ubsec_dso, UBSEC_F3))
+	   || !(p4 = (t_UBSEC_ubsec_close *)
+	   		DSO_bind_func(ubsec_dso, UBSEC_F4))
 #ifndef OPENSSL_NO_DH
-	!(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *) 
-				DSO_bind_func(ubsec_dso, UBSEC_F5)) ||
-	!(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *) 
-				DSO_bind_func(ubsec_dso, UBSEC_F6)) ||
+	   || !(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *) 
+			DSO_bind_func(ubsec_dso, UBSEC_F5))
+	   || !(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *) 
+			DSO_bind_func(ubsec_dso, UBSEC_F6))
 #endif
 /* #ifndef OPENSSL_NO_RSA */
-	!(p7 = (t_UBSEC_rsa_mod_exp_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F7)) ||
-	!(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F8)) ||
+	   || !(p7 = (t_UBSEC_rsa_mod_exp_ioctl *)
+	   		DSO_bind_func(ubsec_dso, UBSEC_F7))
+	   || !(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *)
+	   		DSO_bind_func(ubsec_dso, UBSEC_F8))
 /* #endif */
 #ifndef OPENSSL_NO_DSA
-	!(p9 = (t_UBSEC_dsa_sign_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F9)) ||
-	!(p10 = (t_UBSEC_dsa_verify_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F10)) ||
+	   || !(p9 = (t_UBSEC_dsa_sign_ioctl *)
+	   		DSO_bind_func(ubsec_dso, UBSEC_F9))
+	   || !(p10 = (t_UBSEC_dsa_verify_ioctl *)
+	   		DSO_bind_func(ubsec_dso, UBSEC_F10))
 #endif
-	!(p11 = (t_UBSEC_math_accelerate_ioctl *) 
-				DSO_bind_func(ubsec_dso, UBSEC_F11)) ||
-	!(p12 = (t_UBSEC_rng_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F12)) ||
-        !(p13 = (t_UBSEC_max_key_len_ioctl *) DSO_bind_func(ubsec_dso, UBSEC_F13)))
+	   || !(p11 = (t_UBSEC_math_accelerate_ioctl *) 
+			DSO_bind_func(ubsec_dso, UBSEC_F11))
+	   || !(p12 = (t_UBSEC_rng_ioctl *)
+	   		DSO_bind_func(ubsec_dso, UBSEC_F12))
+           || !(p13 = (t_UBSEC_max_key_len_ioctl *)
+	   		DSO_bind_func(ubsec_dso, UBSEC_F13)))
 		{
 		UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
 		goto err;
@@ -618,17 +633,14 @@ static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
 err:
 	return to_return;
 	}
-#endif
 
 static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 			const BIGNUM *q, const BIGNUM *dp,
 			const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx)
 	{
 	int	y_len,
-		m_len,
 		fd;
 
-	m_len = BN_num_bytes(p) + BN_num_bytes(q) + 1;
 	y_len = BN_num_bits(p) + BN_num_bits(q);
 
 	/* Check if hardware can't handle this argument. */
@@ -666,6 +678,7 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 	r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1)/BN_BITS2;
 	return 1;
 }
+#endif
 
 #ifndef OPENSSL_NO_DSA
 #ifdef NOT_USED
@@ -698,6 +711,8 @@ static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
 #endif
 #endif
 
+#ifndef OPENSSL_NO_RSA
+
 /*
  * This function is aliased to mod_exp (with the mont stuff dropped).
  */
@@ -706,7 +721,6 @@ static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
         {
 	int ret = 0;
 
-#ifndef OPENSSL_NO_RSA
  	/* Do in software if the key is too large for the hardware. */
 	if (BN_num_bits(m) > max_key_len)
                 {
@@ -714,13 +728,13 @@ static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 		ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx);
                 }
         else
-#endif
                 {
 		ret = ubsec_mod_exp(r, a, p, m, ctx);
                 }
 	
 	return ret;
         }
+#endif
 
 #ifndef OPENSSL_NO_DH
 /* This function is aliased to mod_exp (with the dh and mont dropped). */
@@ -816,11 +830,11 @@ static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
 	int v_len, d_len;
 	int to_return = 0;
 	int fd;
-	BIGNUM v;
+	BIGNUM v, *pv = &v;
 
 	BN_init(&v);
 
-	if(!bn_wexpand(&v, dsa->p->top)) {
+	if(!bn_wexpand(pv, dsa->p->top)) {
 		UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_BN_EXPAND_FAIL);
 		goto err;
 	}
@@ -928,7 +942,7 @@ static int ubsec_dh_generate_key(DH *dh)
                 priv_key = BN_new();
                 if (priv_key == NULL) goto err;
                 priv_key_len = BN_num_bits(dh->p);
-                bn_wexpand(priv_key, dh->p->top);
+                if(bn_wexpand(priv_key, dh->p->top) == NULL) goto err;
                 do
                         if (!BN_rand_range(priv_key, dh->p)) goto err;
                 while (BN_is_zero(priv_key));
@@ -943,7 +957,7 @@ static int ubsec_dh_generate_key(DH *dh)
                 {
                 pub_key = BN_new();
                 pub_key_len = BN_num_bits(dh->p);
-                bn_wexpand(pub_key, dh->p->top);
+                if(bn_wexpand(pub_key, dh->p->top) == NULL) goto err;
                 if(pub_key == NULL) goto err;
                 }
         else