From f10aa4cb8b21d4035cff58c7073899c584e665aa Mon Sep 17 00:00:00 2001 From: purplerain Date: Sat, 11 May 2024 17:49:32 +0000 Subject: [PATCH] sync with OpenBSD -current --- lib/libcrypto/dsa/dsa_gen.c | 29 +++++++---------- lib/libcrypto/dsa/dsa_key.c | 5 +-- lib/libcrypto/dsa/dsa_local.h | 13 +------- lib/libcrypto/dsa/dsa_ossl.c | 25 ++++----------- lib/libcrypto/man/DSA_set_method.3 | 51 +++++++++--------------------- lib/libcrypto/pem/pem.h | 51 +----------------------------- sys/dev/ic/iosfvar.h | 4 +-- 7 files changed, 38 insertions(+), 140 deletions(-) diff --git a/lib/libcrypto/dsa/dsa_gen.c b/lib/libcrypto/dsa/dsa_gen.c index 8b966871b..dc04eba03 100644 --- a/lib/libcrypto/dsa/dsa_gen.c +++ b/lib/libcrypto/dsa/dsa_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_gen.c,v 1.31 2024/03/02 09:33:14 tb Exp $ */ +/* $OpenBSD: dsa_gen.c,v 1.32 2024/05/11 06:43:50 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -75,24 +75,19 @@ int DSA_generate_parameters_ex(DSA *ret, int bits, const unsigned char *seed_in, int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) { - if (ret->meth->dsa_paramgen) - return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, - counter_ret, h_ret, cb); - else { - const EVP_MD *evpmd; - size_t qbits; + const EVP_MD *evpmd; + size_t qbits; - if (bits >= 2048) { - qbits = 256; - evpmd = EVP_sha256(); - } else { - qbits = 160; - evpmd = EVP_sha1(); - } - - return dsa_builtin_paramgen(ret, bits, qbits, evpmd, seed_in, - seed_len, NULL, counter_ret, h_ret, cb); + if (bits >= 2048) { + qbits = 256; + evpmd = EVP_sha256(); + } else { + qbits = 160; + evpmd = EVP_sha1(); } + + return dsa_builtin_paramgen(ret, bits, qbits, evpmd, seed_in, seed_len, + NULL, counter_ret, h_ret, cb); } LCRYPTO_ALIAS(DSA_generate_parameters_ex); diff --git a/lib/libcrypto/dsa/dsa_key.c b/lib/libcrypto/dsa/dsa_key.c index 46ec9cfce..5fbedcf70 100644 --- a/lib/libcrypto/dsa/dsa_key.c +++ b/lib/libcrypto/dsa/dsa_key.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_key.c,v 1.36 2024/05/10 04:53:55 tb Exp $ */ +/* $OpenBSD: dsa_key.c,v 1.37 2024/05/11 06:43:50 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -76,9 +76,6 @@ DSA_generate_key(DSA *dsa) BN_CTX *ctx = NULL; int ok = 0; - if (dsa->meth->dsa_keygen != NULL) - return dsa->meth->dsa_keygen(dsa); - if ((priv_key = BN_new()) == NULL) goto err; if ((pub_key = BN_new()) == NULL) diff --git a/lib/libcrypto/dsa/dsa_local.h b/lib/libcrypto/dsa/dsa_local.h index 0ca9a2770..8d6d2781b 100644 --- a/lib/libcrypto/dsa/dsa_local.h +++ b/lib/libcrypto/dsa/dsa_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_local.h,v 1.3 2023/11/29 21:35:57 tb Exp $ */ +/* $OpenBSD: dsa_local.h,v 1.4 2024/05/11 06:43:50 tb Exp $ */ /* ==================================================================== * Copyright (c) 2007 The OpenSSL Project. All rights reserved. * @@ -69,20 +69,9 @@ struct dsa_method { BIGNUM **rp); int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa); - int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont); - int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ int (*init)(DSA *dsa); int (*finish)(DSA *dsa); int flags; - char *app_data; - /* If this is non-NULL, it is used to generate DSA parameters */ - int (*dsa_paramgen)(DSA *dsa, int bits, const unsigned char *seed, - int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); - /* If this is non-NULL, it is used to generate DSA keys */ - int (*dsa_keygen)(DSA *dsa); } /* DSA_METHOD */; struct dsa_st { diff --git a/lib/libcrypto/dsa/dsa_ossl.c b/lib/libcrypto/dsa/dsa_ossl.c index 943d03879..c53c8b900 100644 --- a/lib/libcrypto/dsa/dsa_ossl.c +++ b/lib/libcrypto/dsa/dsa_ossl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_ossl.c,v 1.55 2024/05/09 20:57:49 tb Exp $ */ +/* $OpenBSD: dsa_ossl.c,v 1.56 2024/05/11 06:43:50 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -268,15 +268,8 @@ dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) !bn_copy(k, BN_num_bits(l) > q_bits ? l : m)) goto err; - if (dsa->meth->bn_mod_exp != NULL) { - if (!dsa->meth->bn_mod_exp(dsa, r, dsa->g, k, dsa->p, ctx, - dsa->method_mont_p)) - goto err; - } else { - if (!BN_mod_exp_mont_ct(r, dsa->g, k, dsa->p, ctx, - dsa->method_mont_p)) - goto err; - } + if (!BN_mod_exp_mont_ct(r, dsa->g, k, dsa->p, ctx, dsa->method_mont_p)) + goto err; if (!BN_mod_ct(r, r, dsa->q, ctx)) goto err; @@ -372,15 +365,9 @@ dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) goto err; } - if (dsa->meth->dsa_mod_exp != NULL) { - if (!dsa->meth->dsa_mod_exp(dsa, t1, dsa->g, u1, dsa->pub_key, - u2, dsa->p, ctx, mont)) - goto err; - } else { - if (!BN_mod_exp2_mont(t1, dsa->g, u1, dsa->pub_key, u2, - dsa->p, ctx, mont)) - goto err; - } + if (!BN_mod_exp2_mont(t1, dsa->g, u1, dsa->pub_key, u2, dsa->p, + ctx, mont)) + goto err; /* let u1 = u1 mod q */ if (!BN_mod_ct(u1, t1, dsa->q, ctx)) diff --git a/lib/libcrypto/man/DSA_set_method.3 b/lib/libcrypto/man/DSA_set_method.3 index ec6d2b4cd..c60a3e29c 100644 --- a/lib/libcrypto/man/DSA_set_method.3 +++ b/lib/libcrypto/man/DSA_set_method.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: DSA_set_method.3,v 1.11 2023/11/19 10:34:26 tb Exp $ +.\" $OpenBSD: DSA_set_method.3,v 1.12 2024/05/11 06:53:19 tb Exp $ .\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 .\" .\" This file was written by Ulf Moeller . @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 19 2023 $ +.Dd $Mdocdate: May 11 2024 $ .Dt DSA_SET_METHOD 3 .Os .Sh NAME @@ -127,44 +127,23 @@ The .Vt DSA_METHOD structure is defined as follows: .Bd -literal -struct -{ - /* name of the implementation */ +struct { + /* name of the implementation */ const char *name; - - /* sign */ + /* sign */ DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen, - DSA *dsa); - - /* pre-compute k^-1 and r */ + DSA *dsa); + /* pre-compute k^-1 and r */ int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, - BIGNUM **rp); - - /* verify */ + BIGNUM **rp); + /* verify */ int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); - - /* compute rr = a1^p1 * a2^p2 mod m (May be NULL for some - implementations) */ - int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont); - - /* compute r = a ^ p mod m (May be NULL for some implementations) */ - int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *m_ctx); - - /* called at DSA_new */ - int (*init)(DSA *DSA); - - /* called at DSA_free */ - int (*finish)(DSA *DSA); - - int flags; - - char *app_data; /* ?? */ - + DSA_SIG *sig, DSA *dsa); + /* called at DSA_new */ + int (*init)(DSA *DSA); + /* called at DSA_free */ + int (*finish)(DSA *DSA); + int flags; } DSA_METHOD; .Ed .Sh RETURN VALUES diff --git a/lib/libcrypto/pem/pem.h b/lib/libcrypto/pem/pem.h index af841caee..4fdab48bb 100644 --- a/lib/libcrypto/pem/pem.h +++ b/lib/libcrypto/pem/pem.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pem.h,v 1.27 2024/03/29 02:22:18 jsing Exp $ */ +/* $OpenBSD: pem.h,v 1.28 2024/05/11 05:41:28 tb Exp $ */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -142,55 +142,6 @@ extern "C" { #define PEM_TYPE_MIC_CLEAR 30 #define PEM_TYPE_CLEAR 40 -typedef struct pem_recip_st { - char *name; - X509_NAME *dn; - - int cipher; - int key_enc; - /* char iv[8]; unused and wrong size */ -} PEM_USER; - -typedef struct pem_ctx_st { - int type; /* what type of object */ - - struct { - int version; - int mode; - } proc_type; - - char *domain; - - struct { - int cipher; - /* unused, and wrong size - unsigned char iv[8]; */ - } DEK_info; - - PEM_USER *originator; - - int num_recipient; - PEM_USER **recipient; - - /* XXX(ben): don#t think this is used! - STACK *x509_chain; / * certificate chain */ - EVP_MD *md; /* signature type */ - - int md_enc; /* is the md encrypted or not? */ - int md_len; /* length of md_data */ - char *md_data; /* message digest, could be pkey encrypted */ - - EVP_CIPHER *dec; /* date encryption cipher */ - int key_len; /* key length */ - unsigned char *key; /* key */ - /* unused, and wrong size - unsigned char iv[8]; */ - - int data_enc; /* is the data encrypted */ - int data_len; - unsigned char *data; -} PEM_CTX; - #ifndef LIBRESSL_INTERNAL /* These macros make the PEM_read/PEM_write functions easier to maintain and * write. Now they are all implemented with either: diff --git a/sys/dev/ic/iosfvar.h b/sys/dev/ic/iosfvar.h index a0c241789..a23c963c2 100644 --- a/sys/dev/ic/iosfvar.h +++ b/sys/dev/ic/iosfvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: iosfvar.h,v 1.1 2023/04/23 00:20:26 dlg Exp $ */ +/* $OpenBSD: iosfvar.h,v 1.2 2024/05/11 14:49:56 jsg Exp $ */ /* * Copyright (c) 2023 David Gwynne @@ -43,7 +43,7 @@ int iosf_mbi_available(void); /* for i2c */ int iosf_i2c_acquire(int); -void iosf_i2c_relese(int); +void iosf_i2c_release(int); /* for drm to coordinate with the rest of the kernel */ void iosf_mbi_punit_acquire(void);