Changes between 0.9.6 and 0.9.6a [xx XXX 2001]
+ *) Rename 'des_encrypt' to 'des_encrypt1'. This avoids the clashes
+ with des_encrypt() defined on some operating systems, like Solaris
+ and UnixWare.
+ [Richard Levitte]
+
+ *) Check the result of RSA-CRT (see D. Boneh, R. DeMillo, R. Lipton:
+ On the Importance of Eliminating Errors in Cryptographic
+ Computations, J. Cryptology 14 (2001) 2, 101-119,
+ http://theory.stanford.edu/~dabo/papers/faults.ps.gz).
+ [Ulf Moeller]
+
+ *) MIPS assembler BIGNUM division bug fix.
+ [Andy Polyakov]
+
*) Fix PKCS#7 decode routines so they correctly update the length
after reading an EOC for the EXPLICIT tag.
[Steve Henson]
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a:
+
+ o Security fix: change behavior of OpenSSL to avoid using
+ environment variables when running as root.
+ o Security fix: check the result of RSA-CRT to reduce the
+ possibility of deducing the private key from an incorrectly
+ calculated signature.
+ o Security fix: prevent Bleichenbacher's DSA attack.
+ o Security fix: Zero the premaster secret after deriving the
+ master secret in DH ciphersuites.
+ o Compatibility fix: the function des_encrypt() renamed to
+ des_encrypt1() to avoid clashes with some Unixen libc.
+ o Bug fixes for Win32, HP/UX and Irix.
+ o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
+ memory checking routines.
+ o Bug fixes for RSA operations in threaded enviroments.
+ o Bug fixes in misc. openssl applications.
+ o Remove a few potential memory leaks.
+ o Add tighter checks of BIGNUM routines.
+ o Shared library support has been reworked for generality.
+ o More documentation.
+ o New function BN_rand_range()
+ o Add "-rand" option to openssl s_client and s_server.
+
Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6:
o Some documentation for BIO and SSL libraries.
tin0^=tout0; tin[0]=tin0;
tin1^=tout1; tin[1]=tin1;
- des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
/* fix 15/10/91 eay - thanks to keithr@sco.COM */
tout0=tin[0];
tout1=tin[1];
{
c2l(iv,v0); ti[0]=v0;
c2l(iv,v1); ti[1]=v1;
- des_encrypt(ti,schedule,DES_ENCRYPT);
+ des_encrypt1(ti,schedule,DES_ENCRYPT);
iv = &(*ivec)[0];
v0=ti[0]; l2c(v0,iv);
v0=ti[1]; l2c(v0,iv);
{
c2l(iv,v0); ti[0]=v0;
c2l(iv,v1); ti[1]=v1;
- des_encrypt(ti,schedule,DES_ENCRYPT);
+ des_encrypt1(ti,schedule,DES_ENCRYPT);
iv = &(*ivec)[0];
v0=ti[0]; l2c(v0,iv);
v0=ti[1]; l2c(v0,iv);
l-=n;
ti[0]=v0;
ti[1]=v1;
- des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+ des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
c2ln(in,d0,d1,n);
in+=n;
d0=(d0^ti[0])&mask0;
l-=n;
ti[0]=v0;
ti[1]=v1;
- des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+ des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
c2ln(in,d0,d1,n);
in+=n;
/* 30-08-94 - eay - changed because l>>32 and
Data is a pointer to 2 unsigned long's and ks is the
des_key_schedule to use. enc, is non zero specifies encryption,
zero if decryption. */
-void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt1(DES_LONG *data,des_key_schedule ks, int enc);
-/* This functions is the same as des_encrypt() except that the DES
+/* This functions is the same as des_encrypt1() except that the DES
initial permutation (IP) and final permutation (FP) have been left
- out. As for des_encrypt(), you should not use this function.
+ out. As for des_encrypt1(), you should not use this function.
It is used by the routines in the library that implement triple DES.
IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
- as des_encrypt() des_encrypt() des_encrypt() except faster :-). */
+ as des_encrypt1() des_encrypt1() des_encrypt1() except faster :-). */
void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
#include "des_locl.h"
-void des_encrypt(DES_LONG *data, des_key_schedule ks, int enc)
+void des_encrypt1(DES_LONG *data, des_key_schedule ks, int enc)
{
register DES_LONG l,r,t,u;
#ifdef DES_PTR
count*=2;
Time_F(START);
for (i=count; i; i--)
- des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ des_encrypt1(data,&(sch[0]),DES_ENCRYPT);
d=Time_F(STOP);
} while (d < 3.0);
ca=count;
c2l(in,l); ll[0]=l;
c2l(in,l); ll[1]=l;
- des_encrypt(ll,ks,enc);
+ des_encrypt1(ll,ks,enc);
l=ll[0]; l2c(l,out);
l=ll[1]; l2c(l,out);
l=ll[0]=ll[1]=0;
{
tin[0]=m0;
tin[1]=m1;
- des_encrypt(tin,ks3,1);
+ des_encrypt1(tin,ks3,1);
m0=tin[0];
m1=tin[1];
tin[0]=tin0;
tin[1]=tin1;
- des_encrypt(tin,ks1,1);
+ des_encrypt1(tin,ks1,1);
tin[0]^=m0;
tin[1]^=m1;
- des_encrypt(tin,ks2,0);
+ des_encrypt1(tin,ks2,0);
tin[0]^=m0;
tin[1]^=m1;
- des_encrypt(tin,ks1,1);
+ des_encrypt1(tin,ks1,1);
tout0=tin[0];
tout1=tin[1];
{
tin[0]=m0;
tin[1]=m1;
- des_encrypt(tin,ks3,1);
+ des_encrypt1(tin,ks3,1);
m0=tin[0];
m1=tin[1];
tin[0]=tin0;
tin[1]=tin1;
- des_encrypt(tin,ks1,0);
+ des_encrypt1(tin,ks1,0);
tin[0]^=m0;
tin[1]^=m1;
- des_encrypt(tin,ks2,1);
+ des_encrypt1(tin,ks2,1);
tin[0]^=m0;
tin[1]^=m1;
- des_encrypt(tin,ks1,0);
+ des_encrypt1(tin,ks1,0);
tout0=tin[0];
tout1=tin[1];
c2l(in,tin1);
tin0^=tout0; tin[0]=tin0;
tin1^=tout1; tin[1]=tin1;
- des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
tout0=tin[0]; l2c(tout0,out);
tout1=tin[1]; l2c(tout1,out);
}
c2ln(in,tin0,tin1,l+8);
tin0^=tout0; tin[0]=tin0;
tin1^=tout1; tin[1]=tin1;
- des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
tout0=tin[0]; l2c(tout0,out);
tout1=tin[1]; l2c(tout1,out);
}
{
c2l(in,tin0); tin[0]=tin0;
c2l(in,tin1); tin[1]=tin1;
- des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
tout0=tin[0]^xor0;
tout1=tin[1]^xor1;
l2c(tout0,out);
{
c2l(in,tin0); tin[0]=tin0;
c2l(in,tin1); tin[1]=tin1;
- des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
tout0=tin[0]^xor0;
tout1=tin[1]^xor1;
l2cn(tout0,tout1,out,l+8);
{
if (n == 0)
{
- des_encrypt(ti,schedule,DES_ENCRYPT);
+ des_encrypt1(ti,schedule,DES_ENCRYPT);
dp=d;
t=ti[0]; l2c(t,dp);
t=ti[1]; l2c(t,dp);
{
ti[0]=v0;
ti[1]=v1;
- des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+ des_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
vv0=ti[0];
vv1=ti[1];
c2ln(in,d0,d1,n);
c2ln(in,sin0,sin1,length);
tin[0]=sin0^xor0;
tin[1]=sin1^xor1;
- des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ des_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
tout0=tin[0];
tout1=tin[1];
xor0=sin0^tout0;
c2l(in,sin1);
tin[0]=sin0;
tin[1]=sin1;
- des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ des_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
tout0=tin[0]^xor0;
tout1=tin[1]^xor1;
if (length >= 8)
count*=2;
Time_F(START);
for (i=count; i; i--)
- des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ des_encrypt1(data,&(sch[0]),DES_ENCRYPT);
d=Time_F(STOP);
} while (d < 3.0);
ca=count;
{
DES_LONG data[2];
- des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ des_encrypt1(data,&(sch[0]),DES_ENCRYPT);
}
d=Time_F(STOP);
printf("%ld des_encrypt's in %.2f second\n",count,d);
c2l(in,tin1);
tin0^=tout0^inW0; tin[0]=tin0;
tin1^=tout1^inW1; tin[1]=tin1;
- des_encrypt(tin,schedule,DES_ENCRYPT);
+ des_encrypt1(tin,schedule,DES_ENCRYPT);
tout0=tin[0]^outW0; l2c(tout0,out);
tout1=tin[1]^outW1; l2c(tout1,out);
}
c2ln(in,tin0,tin1,l+8);
tin0^=tout0^inW0; tin[0]=tin0;
tin1^=tout1^inW1; tin[1]=tin1;
- des_encrypt(tin,schedule,DES_ENCRYPT);
+ des_encrypt1(tin,schedule,DES_ENCRYPT);
tout0=tin[0]^outW0; l2c(tout0,out);
tout1=tin[1]^outW1; l2c(tout1,out);
}
{
c2l(in,tin0); tin[0]=tin0^outW0;
c2l(in,tin1); tin[1]=tin1^outW1;
- des_encrypt(tin,schedule,DES_DECRYPT);
+ des_encrypt1(tin,schedule,DES_DECRYPT);
tout0=tin[0]^xor0^inW0;
tout1=tin[1]^xor1^inW1;
l2c(tout0,out);
{
c2l(in,tin0); tin[0]=tin0^outW0;
c2l(in,tin1); tin[1]=tin1^outW1;
- des_encrypt(tin,schedule,DES_DECRYPT);
+ des_encrypt1(tin,schedule,DES_DECRYPT);
tout0=tin[0]^xor0^inW0;
tout1=tin[1]^xor1^inW1;
l2cn(tout0,tout1,out,l+8);
des_set_odd_parity(&c->h);
des_set_key_unchecked(&c->h,k);
- des_encrypt(d,k,1);
+ des_encrypt1(d,k,1);
des_set_odd_parity(&c->hh);
des_set_key_unchecked(&c->hh,k);
- des_encrypt(dd,k,1);
+ des_encrypt1(dd,k,1);
ttin0=tin0^dd[0];
ttin1=tin1^dd[1];
static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
{
const RSA_METHOD *meth;
- BIGNUM r1,m1;
+ BIGNUM r1,m1,vrfy;
int ret=0;
BN_CTX *ctx;
if ((ctx=BN_CTX_new()) == NULL) goto err;
BN_init(&m1);
BN_init(&r1);
+ BN_init(&vrfy);
if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
{
if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err;
if (!BN_add(r0,&r1,&m1)) goto err;
+ if (rsa->e && rsa->n)
+ {
+ if (!meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err;
+ if (BN_cmp(I, &vrfy) != 0)
+ {
+ if (!meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err;
+ }
+ }
ret=1;
err:
BN_clear_free(&m1);
BN_clear_free(&r1);
+ BN_clear_free(&vrfy);
BN_CTX_free(ctx);
return(ret);
}
des_ede3_ofb64_encrypt 787 EXIST::FUNCTION:DES
des_enc_read 788 EXIST::FUNCTION:DES
des_enc_write 789 EXIST::FUNCTION:DES
-des_encrypt 790 EXIST::FUNCTION:DES
+des_encrypt1 790 EXIST::FUNCTION:DES
des_encrypt2 791 EXIST::FUNCTION:DES
des_encrypt3 792 EXIST::FUNCTION:DES
des_fcrypt 793 EXIST::FUNCTION:DES
projects / oweals / openssl.git / commitdiff