FIPS merge "crypto" functions.
authorDr. Stephen Henson <steve@openssl.org>
Tue, 16 Sep 2008 15:11:50 +0000 (15:11 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 16 Sep 2008 15:11:50 +0000 (15:11 +0000)
crypto/.cvsignore
crypto/Makefile
crypto/cryptlib.c
crypto/crypto-lib.com
crypto/crypto.h
crypto/dyn_lck.c [new file with mode: 0644]
crypto/install.com
crypto/mem.c
crypto/mem_dbg.c

index 27b00b29d1c3afc34a4545380f2ead4a035d8b6e..1cf6edd3bcbcbe93e837ed6c106efde4b6e0800f 100644 (file)
@@ -4,4 +4,3 @@ opensslconf.h
 Makefile.save
 *.flc
 semantic.cache
-x86cpuid-elf.s
index bb8eaa036c55c9e5ade13b6ca9e43fe8e94edb86..29e2b04b273a5e3dad3fdc68c66975d0a93067c4 100644 (file)
@@ -33,8 +33,8 @@ GENERAL=Makefile README crypto-lib.com install.com
 
 LIB= $(TOP)/libcrypto.a
 SHARED_LIB= libcrypto$(SHLIB_EXT)
-LIBSRC=        cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c
-LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o $(CPUID_OBJ)
+LIBSRC=        cryptlib.c dyn_lck.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c
+LIBOBJ= cryptlib.o dyn_lck.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o $(CPUID_OBJ)
 
 SRC= $(LIBSRC)
 
index 8c686238286c7ecbbe7d5c773240fe932372f3fd..8f9e88e403d0b434b1cab3ac6c998ff9d287ab77 100644 (file)
 static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */
 #endif
 
-DECLARE_STACK_OF(CRYPTO_dynlock)
-IMPLEMENT_STACK_OF(CRYPTO_dynlock)
-
-/* real #defines in crypto.h, keep these upto date */
-static const char* const lock_names[CRYPTO_NUM_LOCKS] =
-       {
-       "<<ERROR>>",
-       "err",
-       "ex_data",
-       "x509",
-       "x509_info",
-       "x509_pkey",
-       "x509_crl",
-       "x509_req",
-       "dsa",
-       "rsa",
-       "evp_pkey",
-       "x509_store",
-       "ssl_ctx",
-       "ssl_cert",
-       "ssl_session",
-       "ssl_sess_cert",
-       "ssl",
-       "ssl_method",
-       "rand",
-       "rand2",
-       "debug_malloc",
-       "BIO",
-       "gethostbyname",
-       "getservbyname",
-       "readdir",
-       "RSA_blinding",
-       "dh",
-       "debug_malloc2",
-       "dso",
-       "dynlock",
-       "engine",
-       "ui",
-       "ecdsa",
-       "ec",
-       "ecdh",
-       "bn",
-       "ec_pre_comp",
-       "store",
-       "comp",
-#if CRYPTO_NUM_LOCKS != 39
-# error "Inconsistency between crypto.h and cryptlib.c"
-#endif
-       };
-
-/* This is for applications to allocate new type names in the non-dynamic
-   array of lock names.  These are numbered with positive numbers.  */
-static STACK *app_locks=NULL;
-
-/* For applications that want a more dynamic way of handling threads, the
-   following stack is used.  These are externally numbered with negative
-   numbers.  */
-static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL;
-
-
 static void (MS_FAR *locking_callback)(int mode,int type,
        const char *file,int line)=NULL;
 static int (MS_FAR *add_lock_callback)(int *pointer,int amount,
        int type,const char *file,int line)=NULL;
 static unsigned long (MS_FAR *id_callback)(void)=NULL;
-static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback)
-       (const char *file,int line)=NULL;
-static void (MS_FAR *dynlock_lock_callback)(int mode,
-       struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL;
-static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l,
-       const char *file,int line)=NULL;
-
-int CRYPTO_get_new_lockid(char *name)
-       {
-       char *str;
-       int i;
-
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
-       /* A hack to make Visual C++ 5.0 work correctly when linking as
-        * a DLL using /MT. Without this, the application cannot use
-        * and floating point printf's.
-        * It also seems to be needed for Visual C 1.5 (win16) */
-       SSLeay_MSVC5_hack=(double)name[0]*(double)name[1];
-#endif
-
-       if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL))
-               {
-               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
-               return(0);
-               }
-       if ((str=BUF_strdup(name)) == NULL)
-               {
-               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
-               return(0);
-               }
-       i=sk_push(app_locks,str);
-       if (!i)
-               OPENSSL_free(str);
-       else
-               i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */
-       return(i);
-       }
 
 int CRYPTO_num_locks(void)
        {
        return CRYPTO_NUM_LOCKS;
        }
 
-int CRYPTO_get_new_dynlockid(void)
-       {
-       int i = 0;
-       CRYPTO_dynlock *pointer = NULL;
-
-       if (dynlock_create_callback == NULL)
-               {
-               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK);
-               return(0);
-               }
-       CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-       if ((dyn_locks == NULL)
-               && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL))
-               {
-               CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
-               return(0);
-               }
-       CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-       pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock));
-       if (pointer == NULL)
-               {
-               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
-               return(0);
-               }
-       pointer->references = 1;
-       pointer->data = dynlock_create_callback(__FILE__,__LINE__);
-       if (pointer->data == NULL)
-               {
-               OPENSSL_free(pointer);
-               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
-               return(0);
-               }
-
-       CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-       /* First, try to find an existing empty slot */
-       i=sk_CRYPTO_dynlock_find(dyn_locks,NULL);
-       /* If there was none, push, thereby creating a new one */
-       if (i == -1)
-               /* Since sk_push() returns the number of items on the
-                  stack, not the location of the pushed item, we need
-                  to transform the returned number into a position,
-                  by decreasing it.  */
-               i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1;
-       else
-               /* If we found a place with a NULL pointer, put our pointer
-                  in it.  */
-               (void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer);
-       CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-       if (i == -1)
-               {
-               dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
-               OPENSSL_free(pointer);
-               }
-       else
-               i += 1; /* to avoid 0 */
-       return -i;
-       }
-
-void CRYPTO_destroy_dynlockid(int i)
-       {
-       CRYPTO_dynlock *pointer = NULL;
-       if (i)
-               i = -i-1;
-       if (dynlock_destroy_callback == NULL)
-               return;
-
-       CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-
-       if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks))
-               {
-               CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-               return;
-               }
-       pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
-       if (pointer != NULL)
-               {
-               --pointer->references;
-#ifdef REF_CHECK
-               if (pointer->references < 0)
-                       {
-                       fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n");
-                       abort();
-                       }
-               else
-#endif
-                       if (pointer->references <= 0)
-                               {
-                               (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
-                               }
-                       else
-                               pointer = NULL;
-               }
-       CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-       if (pointer)
-               {
-               dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
-               OPENSSL_free(pointer);
-               }
-       }
-
-struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i)
-       {
-       CRYPTO_dynlock *pointer = NULL;
-       if (i)
-               i = -i-1;
-
-       CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-
-       if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks))
-               pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
-       if (pointer)
-               pointer->references++;
-
-       CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-       if (pointer)
-               return pointer->data;
-       return NULL;
-       }
-
-struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))
-       (const char *file,int line)
-       {
-       return(dynlock_create_callback);
-       }
-
-void (*CRYPTO_get_dynlock_lock_callback(void))(int mode,
-       struct CRYPTO_dynlock_value *l, const char *file,int line)
-       {
-       return(dynlock_lock_callback);
-       }
-
-void (*CRYPTO_get_dynlock_destroy_callback(void))
-       (struct CRYPTO_dynlock_value *l, const char *file,int line)
-       {
-       return(dynlock_destroy_callback);
-       }
-
-void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func)
-       (const char *file, int line))
-       {
-       dynlock_create_callback=func;
-       }
-
-void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode,
-       struct CRYPTO_dynlock_value *l, const char *file, int line))
-       {
-       dynlock_lock_callback=func;
-       }
-
-void CRYPTO_set_dynlock_destroy_callback(void (*func)
-       (struct CRYPTO_dynlock_value *l, const char *file, int line))
-       {
-       dynlock_destroy_callback=func;
-       }
-
-
 void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file,
                int line)
        {
@@ -445,6 +187,14 @@ unsigned long CRYPTO_thread_id(void)
        return(ret);
        }
 
+static void (*do_dynlock_cb)(int mode, int type, const char *file, int line);
+
+void int_CRYPTO_set_do_dynlock_callback(
+       void (*dyn_cb)(int mode, int type, const char *file, int line))
+       {
+       do_dynlock_cb = dyn_cb;
+       }
+
 void CRYPTO_lock(int mode, int type, const char *file, int line)
        {
 #ifdef LOCK_DEBUG
@@ -472,17 +222,8 @@ void CRYPTO_lock(int mode, int type, const char *file, int line)
 #endif
        if (type < 0)
                {
-               if (dynlock_lock_callback != NULL)
-                       {
-                       struct CRYPTO_dynlock_value *pointer
-                               = CRYPTO_get_dynlock_value(type);
-
-                       OPENSSL_assert(pointer != NULL);
-
-                       dynlock_lock_callback(mode, pointer, file, line);
-
-                       CRYPTO_destroy_dynlockid(type);
-                       }
+               if (do_dynlock_cb)
+                       do_dynlock_cb(mode, type, file, line);
                }
        else
                if (locking_callback != NULL)
@@ -527,21 +268,9 @@ int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
        return(ret);
        }
 
-const char *CRYPTO_get_lock_name(int type)
-       {
-       if (type < 0)
-               return("dynamic");
-       else if (type < CRYPTO_NUM_LOCKS)
-               return(lock_names[type]);
-       else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks))
-               return("ERROR");
-       else
-               return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
-       }
-
 #if    defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
        defined(__INTEL__) || \
-       defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64)
+       defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
 
 unsigned long  OPENSSL_ia32cap_P=0;
 unsigned long *OPENSSL_ia32cap_loc(void) { return &OPENSSL_ia32cap_P; }
@@ -577,6 +306,62 @@ void OPENSSL_cpuid_setup(void) {}
 #endif
 
 #if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL)
+
+#ifdef OPENSSL_FIPS
+
+#include <tlhelp32.h>
+#if defined(__GNUC__) && __GNUC__>=2
+static int DllInit(void) __attribute__((constructor));
+#elif defined(_MSC_VER)
+static int DllInit(void);
+# ifdef _WIN64
+# pragma section(".CRT$XCU",read)
+  __declspec(allocate(".CRT$XCU"))
+# else
+# pragma data_seg(".CRT$XCU")
+# endif
+  static int (*p)(void) = DllInit;
+# pragma data_seg()
+#endif
+
+static int DllInit(void)
+{
+#if defined(_WIN32_WINNT)
+       union   { int(*f)(void); BYTE *p; } t = { DllInit };
+        HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
+       IMAGE_DOS_HEADER *dos_header;
+       IMAGE_NT_HEADERS *nt_headers;
+       MODULEENTRY32 me32 = {sizeof(me32)};
+
+       hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,0);
+       if (hModuleSnap != INVALID_HANDLE_VALUE &&
+           Module32First(hModuleSnap,&me32)) do
+               {
+               if (t.p >= me32.modBaseAddr &&
+                   t.p <  me32.modBaseAddr+me32.modBaseSize)
+                       {
+                       dos_header=(IMAGE_DOS_HEADER *)me32.modBaseAddr;
+                       if (dos_header->e_magic==IMAGE_DOS_SIGNATURE)
+                               {
+                               nt_headers=(IMAGE_NT_HEADERS *)
+                                       ((BYTE *)dos_header+dos_header->e_lfanew);
+                               if (nt_headers->Signature==IMAGE_NT_SIGNATURE &&
+                                   me32.modBaseAddr!=(BYTE*)nt_headers->OptionalHeader.ImageBase)
+                                       OPENSSL_NONPIC_relocated=1;
+                               }
+                       break;
+                       }
+               } while (Module32Next(hModuleSnap,&me32));
+
+       if (hModuleSnap != INVALID_HANDLE_VALUE)
+               CloseHandle(hModuleSnap);
+#endif
+       OPENSSL_cpuid_setup();
+       return 0;
+}
+
+#else
+
 #ifdef __CYGWIN__
 /* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */
 #include <windows.h>
@@ -620,6 +405,8 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason,
        }
 #endif
 
+#endif
+
 #if defined(_WIN32) && !defined(__CYGWIN__)
 #include <tchar.h>
 
index 8898f30c1f72e1584613ca57aa85c1139195564d..44a99af04fe66d3cb1a5a34aedcbcea271be10fc 100644 (file)
@@ -83,7 +83,7 @@ $ ENCRYPT_TYPES = "Basic,"+ -
                  "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ -
                  "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
                  "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ -
-                 "STORE,CMS,PQUEUE"
+                 "STORE,PQUEUE"
 $!
 $! Check To Make Sure We Have Valid Command Line Parameters.
 $!
@@ -211,7 +211,7 @@ $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ -
        "tb_cipher,tb_digest,"+ -
        "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev,eng_padlock"
 $ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,"+ -
-       "aes_ctr,aes_ige,aes_wrap"
+       "aes_ctr,aes_ige"
 $ LIB_BUFFER = "buffer,buf_err"
 $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
        "bss_mem,bss_null,bss_fd,"+ -
@@ -245,7 +245,7 @@ $ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ -
 $ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ -
        "tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ -
        "f_int,f_string,n_pkey,"+ -
-       "f_enum,a_hdr,x_pkey,a_bool,x_exten,asn_mime,"+ -
+       "f_enum,a_hdr,x_pkey,a_bool,x_exten,"+ -
        "asn1_gen,asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ -
        "evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid"
 $ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ -
@@ -277,8 +277,6 @@ $ LIB_UI_COMPAT = ",ui_compat"
 $ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util"+LIB_UI_COMPAT
 $ LIB_KRB5 = "krb5_asn"
 $ LIB_STORE = "str_err,str_lib,str_meth,str_mem"
-$ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ -
-       "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess"
 $ LIB_PQUEUE = "pqueue"
 $!
 $! Setup exceptional compilations
index 1b6c5df3291e590dfe4dbcfb5f94b15809cf3c0e..e86d20f1e26c332da5892480b0868a47ce0ff418 100644 (file)
@@ -219,7 +219,9 @@ typedef struct openssl_item_st
 #define CRYPTO_LOCK_EC_PRE_COMP                36
 #define CRYPTO_LOCK_STORE              37
 #define CRYPTO_LOCK_COMP               38
-#define CRYPTO_NUM_LOCKS               39
+#define CRYPTO_LOCK_FIPS               39
+#define CRYPTO_LOCK_FIPS2              40
+#define CRYPTO_NUM_LOCKS               41
 
 #define CRYPTO_LOCK            1
 #define CRYPTO_UNLOCK          2
@@ -341,14 +343,7 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
 
 /* Set standard debugging functions (not done by default
  * unless CRYPTO_MDEBUG is defined) */
-#define CRYPTO_malloc_debug_init()     do {\
-       CRYPTO_set_mem_debug_functions(\
-               CRYPTO_dbg_malloc,\
-               CRYPTO_dbg_realloc,\
-               CRYPTO_dbg_free,\
-               CRYPTO_dbg_set_options,\
-               CRYPTO_dbg_get_options);\
-       } while(0)
+void CRYPTO_malloc_debug_init(void);
 
 int CRYPTO_mem_ctrl(int mode);
 int CRYPTO_is_mem_check_on(void);
@@ -427,6 +422,9 @@ const char *CRYPTO_get_lock_name(int type);
 int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file,
                    int line);
 
+void int_CRYPTO_set_do_dynlock_callback(
+       void (*do_dynlock_cb)(int mode, int type, const char *file, int line));
+
 int CRYPTO_get_new_dynlockid(void);
 void CRYPTO_destroy_dynlockid(int i);
 struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
@@ -451,6 +449,10 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int),
                                   void (*f)(void *,int),
                                   void (*so)(long),
                                   long (*go)(void));
+void CRYPTO_set_mem_info_functions(
+       int  (*push_info_fn)(const char *info, const char *file, int line),
+       int  (*pop_info_fn)(void),
+       int (*remove_all_info_fn)(void));
 void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *));
 void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *));
 void CRYPTO_get_mem_ex_functions(void *(**m)(size_t,const char *,int),
@@ -506,6 +508,9 @@ void CRYPTO_dbg_free(void *addr,int before_p);
 void CRYPTO_dbg_set_options(long bits);
 long CRYPTO_dbg_get_options(void);
 
+int CRYPTO_dbg_push_info(const char *info, const char *file, int line);
+int CRYPTO_dbg_pop_info(void);
+int CRYPTO_dbg_remove_all_info(void);
 
 #ifndef OPENSSL_NO_FP_API
 void CRYPTO_mem_leaks_fp(FILE *);
@@ -583,6 +588,9 @@ int OPENSSL_isservice(void);
  */
 void ERR_load_CRYPTO_strings(void);
 
+#define OPENSSL_HAVE_INIT      1
+void OPENSSL_init(void);
+
 /* Error codes for the CRYPTO functions. */
 
 /* Function codes. */
diff --git a/crypto/dyn_lck.c b/crypto/dyn_lck.c
new file mode 100644 (file)
index 0000000..926b0b7
--- /dev/null
@@ -0,0 +1,422 @@
+/* crypto/cryptlib.c */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#include "cryptlib.h"
+#include <openssl/safestack.h>
+
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
+static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */
+#endif
+
+DECLARE_STACK_OF(CRYPTO_dynlock)
+IMPLEMENT_STACK_OF(CRYPTO_dynlock)
+
+/* real #defines in crypto.h, keep these upto date */
+static const char* const lock_names[CRYPTO_NUM_LOCKS] =
+       {
+       "<<ERROR>>",
+       "err",
+       "ex_data",
+       "x509",
+       "x509_info",
+       "x509_pkey",
+       "x509_crl",
+       "x509_req",
+       "dsa",
+       "rsa",
+       "evp_pkey",
+       "x509_store",
+       "ssl_ctx",
+       "ssl_cert",
+       "ssl_session",
+       "ssl_sess_cert",
+       "ssl",
+       "ssl_method",
+       "rand",
+       "rand2",
+       "debug_malloc",
+       "BIO",
+       "gethostbyname",
+       "getservbyname",
+       "readdir",
+       "RSA_blinding",
+       "dh",
+       "debug_malloc2",
+       "dso",
+       "dynlock",
+       "engine",
+       "ui",
+       "ecdsa",
+       "ec",
+       "ecdh",
+       "bn",
+       "ec_pre_comp",
+       "store",
+       "comp",
+       "fips",
+       "fips2",
+#if CRYPTO_NUM_LOCKS != 41
+# error "Inconsistency between crypto.h and cryptlib.c"
+#endif
+       };
+
+/* This is for applications to allocate new type names in the non-dynamic
+   array of lock names.  These are numbered with positive numbers.  */
+static STACK *app_locks=NULL;
+
+/* For applications that want a more dynamic way of handling threads, the
+   following stack is used.  These are externally numbered with negative
+   numbers.  */
+static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL;
+
+
+static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback)
+       (const char *file,int line)=NULL;
+static void (MS_FAR *dynlock_lock_callback)(int mode,
+       struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL;
+static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l,
+       const char *file,int line)=NULL;
+
+int CRYPTO_get_new_lockid(char *name)
+       {
+       char *str;
+       int i;
+
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
+       /* A hack to make Visual C++ 5.0 work correctly when linking as
+        * a DLL using /MT. Without this, the application cannot use
+        * and floating point printf's.
+        * It also seems to be needed for Visual C 1.5 (win16) */
+       SSLeay_MSVC5_hack=(double)name[0]*(double)name[1];
+#endif
+
+       if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL))
+               {
+               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
+               return(0);
+               }
+       if ((str=BUF_strdup(name)) == NULL)
+               {
+               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
+               return(0);
+               }
+       i=sk_push(app_locks,str);
+       if (!i)
+               OPENSSL_free(str);
+       else
+               i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */
+       return(i);
+       }
+
+int CRYPTO_get_new_dynlockid(void)
+       {
+       int i = 0;
+       CRYPTO_dynlock *pointer = NULL;
+
+       if (dynlock_create_callback == NULL)
+               {
+               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK);
+               return(0);
+               }
+       CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+       if ((dyn_locks == NULL)
+               && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL))
+               {
+               CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
+               return(0);
+               }
+       CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+       pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock));
+       if (pointer == NULL)
+               {
+               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
+               return(0);
+               }
+       pointer->references = 1;
+       pointer->data = dynlock_create_callback(__FILE__,__LINE__);
+       if (pointer->data == NULL)
+               {
+               OPENSSL_free(pointer);
+               CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE);
+               return(0);
+               }
+
+       CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+       /* First, try to find an existing empty slot */
+       i=sk_CRYPTO_dynlock_find(dyn_locks,NULL);
+       /* If there was none, push, thereby creating a new one */
+       if (i == -1)
+               /* Since sk_push() returns the number of items on the
+                  stack, not the location of the pushed item, we need
+                  to transform the returned number into a position,
+                  by decreasing it.  */
+               i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1;
+       else
+               /* If we found a place with a NULL pointer, put our pointer
+                  in it.  */
+               (void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer);
+       CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+       if (i == -1)
+               {
+               dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
+               OPENSSL_free(pointer);
+               }
+       else
+               i += 1; /* to avoid 0 */
+       return -i;
+       }
+
+void CRYPTO_destroy_dynlockid(int i)
+       {
+       CRYPTO_dynlock *pointer = NULL;
+       if (i)
+               i = -i-1;
+       if (dynlock_destroy_callback == NULL)
+               return;
+
+       CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+
+       if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks))
+               {
+               CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+               return;
+               }
+       pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
+       if (pointer != NULL)
+               {
+               --pointer->references;
+#ifdef REF_CHECK
+               if (pointer->references < 0)
+                       {
+                       fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n");
+                       abort();
+                       }
+               else
+#endif
+                       if (pointer->references <= 0)
+                               {
+                               (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
+                               }
+                       else
+                               pointer = NULL;
+               }
+       CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+       if (pointer)
+               {
+               dynlock_destroy_callback(pointer->data,__FILE__,__LINE__);
+               OPENSSL_free(pointer);
+               }
+       }
+
+struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i)
+       {
+       CRYPTO_dynlock *pointer = NULL;
+       if (i)
+               i = -i-1;
+
+       CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+
+       if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks))
+               pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
+       if (pointer)
+               pointer->references++;
+
+       CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+       if (pointer)
+               return pointer->data;
+       return NULL;
+       }
+
+struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))
+       (const char *file,int line)
+       {
+       return(dynlock_create_callback);
+       }
+
+void (*CRYPTO_get_dynlock_lock_callback(void))(int mode,
+       struct CRYPTO_dynlock_value *l, const char *file,int line)
+       {
+       return(dynlock_lock_callback);
+       }
+
+void (*CRYPTO_get_dynlock_destroy_callback(void))
+       (struct CRYPTO_dynlock_value *l, const char *file,int line)
+       {
+       return(dynlock_destroy_callback);
+       }
+
+void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func)
+       (const char *file, int line))
+       {
+       dynlock_create_callback=func;
+       }
+
+static void do_dynlock(int mode, int type, const char *file, int line)
+       {
+       if (dynlock_lock_callback != NULL)
+               {
+               struct CRYPTO_dynlock_value *pointer
+                               = CRYPTO_get_dynlock_value(type);
+
+               OPENSSL_assert(pointer != NULL);
+
+               dynlock_lock_callback(mode, pointer, file, line);
+
+               CRYPTO_destroy_dynlockid(type);
+               }
+       }
+
+void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode,
+       struct CRYPTO_dynlock_value *l, const char *file, int line))
+       {
+       /* Set callback so CRYPTO_lock() can now handle dynamic locks.
+        * This is OK because at this point and application shouldn't be using
+        * OpenSSL from multiple threads because it is setting up the locking
+        * callbacks.
+        */
+       static int done = 0;
+       if (!done)
+               {
+               int_CRYPTO_set_do_dynlock_callback(do_dynlock);
+               done = 1;
+               }
+               
+       dynlock_lock_callback=func;
+       }
+
+void CRYPTO_set_dynlock_destroy_callback(void (*func)
+       (struct CRYPTO_dynlock_value *l, const char *file, int line))
+       {
+       dynlock_destroy_callback=func;
+       }
+
+const char *CRYPTO_get_lock_name(int type)
+       {
+       if (type < 0)
+               return("dynamic");
+       else if (type < CRYPTO_NUM_LOCKS)
+               return(lock_names[type]);
+       else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks))
+               return("ERROR");
+       else
+               return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
+       }
+
index 58a4fecdaa4bd1390e0d19a811cc6832ae66c3ac..44390e0f94e70e0967e4b90542353f474bcebf4d 100644 (file)
@@ -40,7 +40,7 @@ $     SDIRS := ,-
                 BUFFER,BIO,STACK,LHASH,RAND,ERR,-
                 EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,-
                 UI,KRB5,-
-                STORE,CMS,PQUEUE
+                STORE,PQUEUE
 $      EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,-
                symhacks.h,ossl_typ.h
 $      EXHEADER_OBJECTS := objects.h,obj_mac.h
@@ -92,7 +92,6 @@ $     EXHEADER_KRB5 := krb5_asn.h
 $!     EXHEADER_STORE := store.h,str_compat.h
 $      EXHEADER_STORE := store.h
 $      EXHEADER_PQUEUE := pqueue.h,pq_compat.h
-$      EXHEADER_CMS := cms.h
 $      LIBS := LIBCRYPTO
 $
 $      VEXE_DIR := [-.VAX.EXE.CRYPTO]
index 6635167228da1c9eb4ee6be3b4a147a1c3bc2af4..00ebaf0b9b5e304b860b4443c07dc2a45837da6b 100644 (file)
@@ -101,7 +101,7 @@ static void (*free_locked_func)(void *)     = free;
 
 /* may be changed as long as 'allow_customize_debug' is set */
 /* XXX use correct function pointer types */
-#ifdef CRYPTO_MDEBUG
+#if defined(CRYPTO_MDEBUG) && !defined(OPENSSL_FIPS)
 /* use default functions from mem_dbg.c */
 static void (*malloc_debug_func)(void *,int,const char *,int,int)
        = CRYPTO_dbg_malloc;
@@ -110,6 +110,14 @@ static void (*realloc_debug_func)(void *,void *,int,const char *,int,int)
 static void (*free_debug_func)(void *,int) = CRYPTO_dbg_free;
 static void (*set_debug_options_func)(long) = CRYPTO_dbg_set_options;
 static long (*get_debug_options_func)(void) = CRYPTO_dbg_get_options;
+
+static int  (*push_info_func)(const char *info, const char *file, int line)
+       = CRYPTO_dbg_push_info;
+static int  (*pop_info_func)(void)
+       = CRYPTO_dbg_pop_info;
+static int (*remove_all_info_func)(void)
+       = CRYPTO_dbg_remove_all_info;
+
 #else
 /* applications can use CRYPTO_malloc_debug_init() to select above case
  * at run-time */
@@ -119,6 +127,13 @@ static void (*realloc_debug_func)(void *,void *,int,const char *,int,int)
 static void (*free_debug_func)(void *,int) = NULL;
 static void (*set_debug_options_func)(long) = NULL;
 static long (*get_debug_options_func)(void) = NULL;
+
+
+static int  (*push_info_func)(const char *info, const char *file, int line)
+       = NULL;
+static int  (*pop_info_func)(void) = NULL;
+static int (*remove_all_info_func)(void) = NULL;
+
 #endif
 
 
@@ -194,6 +209,15 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int),
        return 1;
        }
 
+void CRYPTO_set_mem_info_functions(
+       int  (*push_info_fn)(const char *info, const char *file, int line),
+       int  (*pop_info_fn)(void),
+       int (*remove_all_info_fn)(void))
+       {
+       push_info_func = push_info_fn;
+       pop_info_func = pop_info_fn;
+       remove_all_info_func = remove_all_info_fn;
+       }
 
 void CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t),
        void (**f)(void *))
@@ -399,3 +423,24 @@ long CRYPTO_get_mem_debug_options(void)
                return get_debug_options_func();
        return 0;
        }
+
+int CRYPTO_push_info_(const char *info, const char *file, int line)
+       {
+       if (push_info_func)
+               return push_info_func(info, file, line);
+       return 1;
+       }
+
+int CRYPTO_pop_info(void)
+       {
+       if (pop_info_func)
+               return pop_info_func();
+       return 1;
+       }
+
+int CRYPTO_remove_all_info(void)
+       {
+       if (remove_all_info_func)
+               return remove_all_info_func();
+       return 1;
+       }
index 8316485217ac48847f59ce5ce8a51ba86df2ff97..19376a1814562a6b142b2ac45d7a12b1fb08ff16 100644 (file)
@@ -330,7 +330,7 @@ static APP_INFO *pop_info(void)
        return(ret);
        }
 
-int CRYPTO_push_info_(const char *info, const char *file, int line)
+int CRYPTO_dbg_push_info(const char *info, const char *file, int line)
        {
        APP_INFO *ami, *amim;
        int ret=0;
@@ -380,7 +380,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line)
        return(ret);
        }
 
-int CRYPTO_pop_info(void)
+int CRYPTO_dbg_pop_info(void)
        {
        int ret=0;
 
@@ -395,7 +395,7 @@ int CRYPTO_pop_info(void)
        return(ret);
        }
 
-int CRYPTO_remove_all_info(void)
+int CRYPTO_dbg_remove_all_info(void)
        {
        int ret=0;
 
@@ -793,3 +793,17 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb)
        lh_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), &cb);
        CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
        }
+
+void CRYPTO_malloc_debug_init(void)
+       {
+       CRYPTO_set_mem_debug_functions(
+               CRYPTO_dbg_malloc,
+               CRYPTO_dbg_realloc,
+               CRYPTO_dbg_free,
+               CRYPTO_dbg_set_options,
+               CRYPTO_dbg_get_options);
+       CRYPTO_set_mem_info_functions(
+               CRYPTO_dbg_push_info,
+               CRYPTO_dbg_pop_info,
+               CRYPTO_dbg_remove_all_info);
+       }