Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
2440d8b1
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
2440d8b1
编写于
2月 03, 2011
作者:
B
Bodo Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fix error codes.
上级
ee988465
变更
12
显示空白变更内容
内联
并排
Showing
12 changed file
with
62 addition
and
52 deletion
+62
-52
crypto/asn1/asn1.h
crypto/asn1/asn1.h
+1
-0
crypto/asn1/asn1_err.c
crypto/asn1/asn1_err.c
+1
-0
crypto/asn1/tasn_scn.c
crypto/asn1/tasn_scn.c
+1
-3
crypto/evp/evp.h
crypto/evp/evp.h
+4
-0
crypto/evp/evp_err.c
crypto/evp/evp_err.c
+4
-0
crypto/rsa/rsa.h
crypto/rsa/rsa.h
+4
-2
crypto/rsa/rsa_eay.c
crypto/rsa/rsa_eay.c
+11
-11
crypto/rsa/rsa_err.c
crypto/rsa/rsa_err.c
+4
-2
crypto/rsa/rsa_pss.c
crypto/rsa/rsa_pss.c
+11
-13
fips/rsa/fips_rsa_sign.c
fips/rsa/fips_rsa_sign.c
+12
-12
fips/utl/fips_enc.c
fips/utl/fips_enc.c
+6
-6
fips/utl/fips_md.c
fips/utl/fips_md.c
+3
-3
未找到文件。
crypto/asn1/asn1.h
浏览文件 @
2440d8b1
...
...
@@ -1210,6 +1210,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_ASN1_PACK_STRING 124
#define ASN1_F_ASN1_PCTX_NEW 205
#define ASN1_F_ASN1_PKCS5_PBE_SET 125
#define ASN1_F_ASN1_SCTX_NEW 221
#define ASN1_F_ASN1_SEQ_PACK 126
#define ASN1_F_ASN1_SEQ_UNPACK 127
#define ASN1_F_ASN1_SIGN 128
...
...
crypto/asn1/asn1_err.c
浏览文件 @
2440d8b1
...
...
@@ -116,6 +116,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{
ERR_FUNC
(
ASN1_F_ASN1_PACK_STRING
),
"ASN1_pack_string"
},
{
ERR_FUNC
(
ASN1_F_ASN1_PCTX_NEW
),
"ASN1_PCTX_new"
},
{
ERR_FUNC
(
ASN1_F_ASN1_PKCS5_PBE_SET
),
"ASN1_PKCS5_PBE_SET"
},
{
ERR_FUNC
(
ASN1_F_ASN1_SCTX_NEW
),
"ASN1_SCTX_new"
},
{
ERR_FUNC
(
ASN1_F_ASN1_SEQ_PACK
),
"ASN1_seq_pack"
},
{
ERR_FUNC
(
ASN1_F_ASN1_SEQ_UNPACK
),
"ASN1_seq_unpack"
},
{
ERR_FUNC
(
ASN1_F_ASN1_SIGN
),
"ASN1_sign"
},
...
...
crypto/asn1/tasn_scn.c
浏览文件 @
2440d8b1
...
...
@@ -77,7 +77,7 @@ ASN1_SCTX *ASN1_SCTX_new(int (*scan_cb)(ASN1_SCTX *ctx))
ret
=
OPENSSL_malloc
(
sizeof
(
ASN1_SCTX
));
if
(
ret
==
NULL
)
{
ASN1err
(
ASN1_F_ASN1_
P
CTX_NEW
,
ERR_R_MALLOC_FAILURE
);
ASN1err
(
ASN1_F_ASN1_
S
CTX_NEW
,
ERR_R_MALLOC_FAILURE
);
return
NULL
;
}
ret
->
scan_cb
=
scan_cb
;
...
...
@@ -113,5 +113,3 @@ void *ASN1_SCTX_get_app_data(ASN1_SCTX *p)
{
return
p
->
app_data
;
}
crypto/evp/evp.h
浏览文件 @
2440d8b1
...
...
@@ -1274,6 +1274,10 @@ void ERR_load_EVP_strings(void);
#define EVP_F_EVP_RIJNDAEL 126
#define EVP_F_EVP_SIGNFINAL 107
#define EVP_F_EVP_VERIFYFINAL 108
#define EVP_F_FIPS_CIPHERINIT 166
#define EVP_F_FIPS_CIPHER_CTX_CTRL 167
#define EVP_F_FIPS_DIGESTINIT 168
#define EVP_F_FIPS_MD_CTX_COPY 169
#define EVP_F_INT_CTX_NEW 157
#define EVP_F_PKCS5_PBE_KEYIVGEN 117
#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118
...
...
crypto/evp/evp_err.c
浏览文件 @
2440d8b1
...
...
@@ -127,6 +127,10 @@ static ERR_STRING_DATA EVP_str_functs[]=
{
ERR_FUNC
(
EVP_F_EVP_RIJNDAEL
),
"EVP_RIJNDAEL"
},
{
ERR_FUNC
(
EVP_F_EVP_SIGNFINAL
),
"EVP_SignFinal"
},
{
ERR_FUNC
(
EVP_F_EVP_VERIFYFINAL
),
"EVP_VerifyFinal"
},
{
ERR_FUNC
(
EVP_F_FIPS_CIPHERINIT
),
"FIPS_CIPHERINIT"
},
{
ERR_FUNC
(
EVP_F_FIPS_CIPHER_CTX_CTRL
),
"FIPS_CIPHER_CTX_CTRL"
},
{
ERR_FUNC
(
EVP_F_FIPS_DIGESTINIT
),
"FIPS_DIGESTINIT"
},
{
ERR_FUNC
(
EVP_F_FIPS_MD_CTX_COPY
),
"FIPS_MD_CTX_COPY"
},
{
ERR_FUNC
(
EVP_F_INT_CTX_NEW
),
"INT_CTX_NEW"
},
{
ERR_FUNC
(
EVP_F_PKCS5_PBE_KEYIVGEN
),
"PKCS5_PBE_keyivgen"
},
{
ERR_FUNC
(
EVP_F_PKCS5_V2_PBE_KEYIVGEN
),
"PKCS5_v2_PBE_keyivgen"
},
...
...
crypto/rsa/rsa.h
浏览文件 @
2440d8b1
...
...
@@ -482,8 +482,9 @@ void ERR_load_RSA_strings(void);
/* Function codes. */
#define RSA_F_CHECK_PADDING_MD 140
#define RSA_F_DO_RSA_PRINT 146
#define RSA_F_FIPS_RSA_SIGN
149
#define RSA_F_FIPS_RSA_SIGN
_DIGEST
149
#define RSA_F_FIPS_RSA_VERIFY 150
#define RSA_F_FIPS_RSA_VERIFY_DIGEST 151
#define RSA_F_INT_RSA_VERIFY 145
#define RSA_F_MEMORY_LOCK 100
#define RSA_F_OLD_RSA_PRIV_DECODE 147
...
...
@@ -510,6 +511,7 @@ void ERR_load_RSA_strings(void);
#define RSA_F_RSA_PADDING_ADD_NONE 107
#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121
#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS 125
#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1 152
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108
#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109
#define RSA_F_RSA_PADDING_ADD_SSLV23 110
...
...
@@ -530,7 +532,7 @@ void ERR_load_RSA_strings(void);
#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118
#define RSA_F_RSA_VERIFY 119
#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120
#define RSA_F_RSA_VERIFY_PKCS1_PSS 126
#define RSA_F_RSA_VERIFY_PKCS1_PSS
_MGF1
126
/* Reason codes. */
#define RSA_R_ALGORITHM_MISMATCH 100
...
...
crypto/rsa/rsa_eay.c
浏览文件 @
2440d8b1
...
...
@@ -377,13 +377,13 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
#ifdef OPENSSL_FIPS
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_RSA_EAY_P
UBLIC
_ENCRYPT
,
FIPS_R_FIPS_SELFTEST_FAILED
);
FIPSerr
(
FIPS_F_RSA_EAY_P
RIVATE
_ENCRYPT
,
FIPS_R_FIPS_SELFTEST_FAILED
);
goto
err
;
}
if
(
FIPS_mode
()
&&
(
BN_num_bits
(
rsa
->
n
)
<
OPENSSL_RSA_FIPS_MIN_MODULUS_BITS
))
{
RSAerr
(
RSA_F_RSA_EAY_P
UBLIC
_ENCRYPT
,
RSA_R_KEY_SIZE_TOO_SMALL
);
RSAerr
(
RSA_F_RSA_EAY_P
RIVATE
_ENCRYPT
,
RSA_R_KEY_SIZE_TOO_SMALL
);
return
-
1
;
}
#endif
...
...
@@ -524,13 +524,13 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
#ifdef OPENSSL_FIPS
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_RSA_EAY_P
UBLIC_EN
CRYPT
,
FIPS_R_FIPS_SELFTEST_FAILED
);
FIPSerr
(
FIPS_F_RSA_EAY_P
RIVATE_DE
CRYPT
,
FIPS_R_FIPS_SELFTEST_FAILED
);
goto
err
;
}
if
(
FIPS_mode
()
&&
(
BN_num_bits
(
rsa
->
n
)
<
OPENSSL_RSA_FIPS_MIN_MODULUS_BITS
))
{
RSAerr
(
RSA_F_RSA_EAY_P
UBLIC_EN
CRYPT
,
RSA_R_KEY_SIZE_TOO_SMALL
);
RSAerr
(
RSA_F_RSA_EAY_P
RIVATE_DE
CRYPT
,
RSA_R_KEY_SIZE_TOO_SMALL
);
return
-
1
;
}
#endif
...
...
@@ -667,13 +667,13 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
#ifdef OPENSSL_FIPS
if
(
FIPS_selftest_failed
())
{
FIPSerr
(
FIPS_F_RSA_EAY_PUBLIC_
EN
CRYPT
,
FIPS_R_FIPS_SELFTEST_FAILED
);
FIPSerr
(
FIPS_F_RSA_EAY_PUBLIC_
DE
CRYPT
,
FIPS_R_FIPS_SELFTEST_FAILED
);
goto
err
;
}
if
(
FIPS_mode
()
&&
(
BN_num_bits
(
rsa
->
n
)
<
OPENSSL_RSA_FIPS_MIN_MODULUS_BITS
))
{
RSAerr
(
RSA_F_RSA_EAY_PUBLIC_
EN
CRYPT
,
RSA_R_KEY_SIZE_TOO_SMALL
);
RSAerr
(
RSA_F_RSA_EAY_PUBLIC_
DE
CRYPT
,
RSA_R_KEY_SIZE_TOO_SMALL
);
return
-
1
;
}
#endif
...
...
crypto/rsa/rsa_err.c
浏览文件 @
2440d8b1
...
...
@@ -72,8 +72,9 @@ static ERR_STRING_DATA RSA_str_functs[]=
{
{
ERR_FUNC
(
RSA_F_CHECK_PADDING_MD
),
"CHECK_PADDING_MD"
},
{
ERR_FUNC
(
RSA_F_DO_RSA_PRINT
),
"DO_RSA_PRINT"
},
{
ERR_FUNC
(
RSA_F_FIPS_RSA_SIGN
),
"FIPS_RSA_SIGN
"
},
{
ERR_FUNC
(
RSA_F_FIPS_RSA_SIGN
_DIGEST
),
"FIPS_rsa_sign_digest
"
},
{
ERR_FUNC
(
RSA_F_FIPS_RSA_VERIFY
),
"FIPS_RSA_VERIFY"
},
{
ERR_FUNC
(
RSA_F_FIPS_RSA_VERIFY_DIGEST
),
"FIPS_rsa_verify_digest"
},
{
ERR_FUNC
(
RSA_F_INT_RSA_VERIFY
),
"INT_RSA_VERIFY"
},
{
ERR_FUNC
(
RSA_F_MEMORY_LOCK
),
"MEMORY_LOCK"
},
{
ERR_FUNC
(
RSA_F_OLD_RSA_PRIV_DECODE
),
"OLD_RSA_PRIV_DECODE"
},
...
...
@@ -100,6 +101,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
{
ERR_FUNC
(
RSA_F_RSA_PADDING_ADD_NONE
),
"RSA_padding_add_none"
},
{
ERR_FUNC
(
RSA_F_RSA_PADDING_ADD_PKCS1_OAEP
),
"RSA_padding_add_PKCS1_OAEP"
},
{
ERR_FUNC
(
RSA_F_RSA_PADDING_ADD_PKCS1_PSS
),
"RSA_padding_add_PKCS1_PSS"
},
{
ERR_FUNC
(
RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1
),
"RSA_padding_add_PKCS1_PSS_mgf1"
},
{
ERR_FUNC
(
RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1
),
"RSA_padding_add_PKCS1_type_1"
},
{
ERR_FUNC
(
RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2
),
"RSA_padding_add_PKCS1_type_2"
},
{
ERR_FUNC
(
RSA_F_RSA_PADDING_ADD_SSLV23
),
"RSA_padding_add_SSLv23"
},
...
...
@@ -120,7 +122,7 @@ static ERR_STRING_DATA RSA_str_functs[]=
{
ERR_FUNC
(
RSA_F_RSA_SIGN_ASN1_OCTET_STRING
),
"RSA_sign_ASN1_OCTET_STRING"
},
{
ERR_FUNC
(
RSA_F_RSA_VERIFY
),
"RSA_verify"
},
{
ERR_FUNC
(
RSA_F_RSA_VERIFY_ASN1_OCTET_STRING
),
"RSA_verify_ASN1_OCTET_STRING"
},
{
ERR_FUNC
(
RSA_F_RSA_VERIFY_PKCS1_PSS
),
"RSA_verify_PKCS1_PSS
"
},
{
ERR_FUNC
(
RSA_F_RSA_VERIFY_PKCS1_PSS
_MGF1
),
"RSA_verify_PKCS1_PSS_mgf1
"
},
{
0
,
NULL
}
};
...
...
crypto/rsa/rsa_pss.c
浏览文件 @
2440d8b1
...
...
@@ -112,7 +112,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
else
if
(
sLen
==
-
2
)
sLen
=
-
2
;
else
if
(
sLen
<
-
2
)
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_SLEN_CHECK_FAILED
);
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
_MGF1
,
RSA_R_SLEN_CHECK_FAILED
);
goto
err
;
}
...
...
@@ -120,7 +120,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
emLen
=
RSA_size
(
rsa
);
if
(
EM
[
0
]
&
(
0xFF
<<
MSBits
))
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_FIRST_OCTET_INVALID
);
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
_MGF1
,
RSA_R_FIRST_OCTET_INVALID
);
goto
err
;
}
if
(
MSBits
==
0
)
...
...
@@ -130,12 +130,12 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
}
if
(
emLen
<
(
hLen
+
sLen
+
2
))
/* sLen can be small negative */
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_DATA_TOO_LARGE
);
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
_MGF1
,
RSA_R_DATA_TOO_LARGE
);
goto
err
;
}
if
(
EM
[
emLen
-
1
]
!=
0xbc
)
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_LAST_OCTET_INVALID
);
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
_MGF1
,
RSA_R_LAST_OCTET_INVALID
);
goto
err
;
}
maskedDBLen
=
emLen
-
hLen
-
1
;
...
...
@@ -143,7 +143,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
DB
=
OPENSSL_malloc
(
maskedDBLen
);
if
(
!
DB
)
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
ERR_R_MALLOC_FAILURE
);
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
_MGF1
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
}
if
(
PKCS1_MGF1
(
DB
,
maskedDBLen
,
H
,
hLen
,
mgf1Hash
)
<
0
)
...
...
@@ -155,12 +155,12 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
for
(
i
=
0
;
DB
[
i
]
==
0
&&
i
<
(
maskedDBLen
-
1
);
i
++
)
;
if
(
DB
[
i
++
]
!=
0x1
)
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_SLEN_RECOVERY_FAILED
);
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
_MGF1
,
RSA_R_SLEN_RECOVERY_FAILED
);
goto
err
;
}
if
(
sLen
>=
0
&&
(
maskedDBLen
-
i
)
!=
sLen
)
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_SLEN_CHECK_FAILED
);
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
_MGF1
,
RSA_R_SLEN_CHECK_FAILED
);
goto
err
;
}
if
(
!
EVP_DigestInit_ex
(
&
ctx
,
Hash
,
NULL
)
...
...
@@ -176,7 +176,7 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
goto
err
;
if
(
memcmp
(
H_
,
H
,
hLen
))
{
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
,
RSA_R_BAD_SIGNATURE
);
RSAerr
(
RSA_F_RSA_VERIFY_PKCS1_PSS
_MGF1
,
RSA_R_BAD_SIGNATURE
);
ret
=
0
;
}
else
...
...
@@ -224,7 +224,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
else
if
(
sLen
==
-
2
)
sLen
=
-
2
;
else
if
(
sLen
<
-
2
)
{
RSAerr
(
RSA_F_RSA_PADDING_ADD_PKCS1_PSS
,
RSA_R_SLEN_CHECK_FAILED
);
RSAerr
(
RSA_F_RSA_PADDING_ADD_PKCS1_PSS
_MGF1
,
RSA_R_SLEN_CHECK_FAILED
);
goto
err
;
}
...
...
@@ -241,8 +241,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
}
else
if
(
emLen
<
(
hLen
+
sLen
+
2
))
{
RSAerr
(
RSA_F_RSA_PADDING_ADD_PKCS1_PSS
,
RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE
);
RSAerr
(
RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1
,
RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE
);
goto
err
;
}
if
(
sLen
>
0
)
...
...
@@ -250,8 +249,7 @@ int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
salt
=
OPENSSL_malloc
(
sLen
);
if
(
!
salt
)
{
RSAerr
(
RSA_F_RSA_PADDING_ADD_PKCS1_PSS
,
ERR_R_MALLOC_FAILURE
);
RSAerr
(
RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
}
if
(
RAND_bytes
(
salt
,
sLen
)
<=
0
)
...
...
fips/rsa/fips_rsa_sign.c
浏览文件 @
2440d8b1
...
...
@@ -228,7 +228,7 @@ int FIPS_rsa_sign_digest(RSA *rsa, const unsigned char *md, int md_len,
hash_id
=
RSA_X931_hash_id
(
md_type
);
if
(
hash_id
==
-
1
)
{
RSAerr
(
RSA_F_FIPS_RSA_SIGN
,
RSA_R_UNKNOWN_ALGORITHM_TYPE
);
RSAerr
(
RSA_F_FIPS_RSA_SIGN
_DIGEST
,
RSA_R_UNKNOWN_ALGORITHM_TYPE
);
return
0
;
}
tmpdinfo
[
md_len
]
=
(
unsigned
char
)
hash_id
;
...
...
@@ -241,7 +241,7 @@ int FIPS_rsa_sign_digest(RSA *rsa, const unsigned char *md, int md_len,
if
(
!
der
)
{
RSAerr
(
RSA_F_FIPS_RSA_SIGN
,
RSA_R_UNKNOWN_ALGORITHM_TYPE
);
RSAerr
(
RSA_F_FIPS_RSA_SIGN
_DIGEST
,
RSA_R_UNKNOWN_ALGORITHM_TYPE
);
return
0
;
}
memcpy
(
tmpdinfo
,
der
,
dlen
);
...
...
@@ -257,7 +257,7 @@ int FIPS_rsa_sign_digest(RSA *rsa, const unsigned char *md, int md_len,
sbuf
=
OPENSSL_malloc
(
RSA_size
(
rsa
));
if
(
!
sbuf
)
{
RSAerr
(
RSA_F_FIPS_RSA_SIGN
,
ERR_R_MALLOC_FAILURE
);
RSAerr
(
RSA_F_FIPS_RSA_SIGN
_DIGEST
,
ERR_R_MALLOC_FAILURE
);
goto
psserr
;
}
if
(
!
RSA_padding_add_PKCS1_PSS_mgf1
(
rsa
,
sbuf
,
md
,
mhash
,
...
...
@@ -278,7 +278,7 @@ int FIPS_rsa_sign_digest(RSA *rsa, const unsigned char *md, int md_len,
j
=
RSA_size
(
rsa
);
if
(
i
>
(
j
-
RSA_PKCS1_PADDING_SIZE
))
{
RSAerr
(
RSA_F_FIPS_RSA_SIGN
,
RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY
);
RSAerr
(
RSA_F_FIPS_RSA_SIGN
_DIGEST
,
RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY
);
goto
done
;
}
/* NB: call underlying method directly to avoid FIPS blocking */
...
...
@@ -322,7 +322,7 @@ int FIPS_rsa_verify_digest(RSA *rsa, const unsigned char *dig, int diglen,
if
(
siglen
!=
(
unsigned
int
)
RSA_size
(
rsa
))
{
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
,
RSA_R_WRONG_SIGNATURE_LENGTH
);
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
_DIGEST
,
RSA_R_WRONG_SIGNATURE_LENGTH
);
return
(
0
);
}
...
...
@@ -331,7 +331,7 @@ int FIPS_rsa_verify_digest(RSA *rsa, const unsigned char *dig, int diglen,
s
=
OPENSSL_malloc
((
unsigned
int
)
siglen
);
if
(
s
==
NULL
)
{
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
,
ERR_R_MALLOC_FAILURE
);
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
_DIGEST
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
}
...
...
@@ -350,23 +350,23 @@ int FIPS_rsa_verify_digest(RSA *rsa, const unsigned char *dig, int diglen,
int
hash_id
;
if
(
i
!=
(
int
)(
diglen
+
1
))
{
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
,
RSA_R_BAD_SIGNATURE
);
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
_DIGEST
,
RSA_R_BAD_SIGNATURE
);
goto
err
;
}
hash_id
=
RSA_X931_hash_id
(
md_type
);
if
(
hash_id
==
-
1
)
{
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
,
RSA_R_UNKNOWN_ALGORITHM_TYPE
);
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
_DIGEST
,
RSA_R_UNKNOWN_ALGORITHM_TYPE
);
goto
err
;
}
if
(
s
[
diglen
]
!=
(
unsigned
char
)
hash_id
)
{
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
,
RSA_R_BAD_SIGNATURE
);
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
_DIGEST
,
RSA_R_BAD_SIGNATURE
);
goto
err
;
}
if
(
memcmp
(
s
,
dig
,
diglen
))
{
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
,
RSA_R_BAD_SIGNATURE
);
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
_DIGEST
,
RSA_R_BAD_SIGNATURE
);
goto
err
;
}
ret
=
1
;
...
...
@@ -378,7 +378,7 @@ int FIPS_rsa_verify_digest(RSA *rsa, const unsigned char *dig, int diglen,
if
(
!
der
)
{
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
,
RSA_R_UNKNOWN_ALGORITHM_TYPE
);
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
_DIGEST
,
RSA_R_UNKNOWN_ALGORITHM_TYPE
);
return
(
0
);
}
...
...
@@ -393,7 +393,7 @@ int FIPS_rsa_verify_digest(RSA *rsa, const unsigned char *dig, int diglen,
if
((
i
!=
(
int
)(
dlen
+
diglen
))
||
memcmp
(
der
,
s
,
dlen
)
||
memcmp
(
s
+
dlen
,
dig
,
diglen
))
{
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
,
RSA_R_BAD_SIGNATURE
);
RSAerr
(
RSA_F_FIPS_RSA_VERIFY
_DIGEST
,
RSA_R_BAD_SIGNATURE
);
goto
err
;
}
ret
=
1
;
...
...
fips/utl/fips_enc.c
浏览文件 @
2440d8b1
...
...
@@ -105,7 +105,7 @@ int FIPS_cipherinit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
ctx
->
cipher_data
=
OPENSSL_malloc
(
ctx
->
cipher
->
ctx_size
);
if
(
!
ctx
->
cipher_data
)
{
EVPerr
(
EVP_F_
EVP_CIPHERINIT_EX
,
ERR_R_MALLOC_FAILURE
);
EVPerr
(
EVP_F_
FIPS_CIPHERINIT
,
ERR_R_MALLOC_FAILURE
);
return
0
;
}
}
...
...
@@ -119,14 +119,14 @@ int FIPS_cipherinit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
{
if
(
!
FIPS_cipher_ctx_ctrl
(
ctx
,
EVP_CTRL_INIT
,
0
,
NULL
))
{
EVPerr
(
EVP_F_
EVP_CIPHERINIT_EX
,
EVP_R_INITIALIZATION_ERROR
);
EVPerr
(
EVP_F_
FIPS_CIPHERINIT
,
EVP_R_INITIALIZATION_ERROR
);
return
0
;
}
}
}
else
if
(
!
ctx
->
cipher
)
{
EVPerr
(
EVP_F_
EVP_CIPHERINIT_EX
,
EVP_R_NO_CIPHER_SET
);
EVPerr
(
EVP_F_
FIPS_CIPHERINIT
,
EVP_R_NO_CIPHER_SET
);
return
0
;
}
/* we assume block size is a power of 2 in *cryptUpdate */
...
...
@@ -205,18 +205,18 @@ int FIPS_cipher_ctx_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
{
int
ret
;
if
(
!
ctx
->
cipher
)
{
EVPerr
(
EVP_F_
EVP
_CIPHER_CTX_CTRL
,
EVP_R_NO_CIPHER_SET
);
EVPerr
(
EVP_F_
FIPS
_CIPHER_CTX_CTRL
,
EVP_R_NO_CIPHER_SET
);
return
0
;
}
if
(
!
ctx
->
cipher
->
ctrl
)
{
EVPerr
(
EVP_F_
EVP
_CIPHER_CTX_CTRL
,
EVP_R_CTRL_NOT_IMPLEMENTED
);
EVPerr
(
EVP_F_
FIPS
_CIPHER_CTX_CTRL
,
EVP_R_CTRL_NOT_IMPLEMENTED
);
return
0
;
}
ret
=
ctx
->
cipher
->
ctrl
(
ctx
,
type
,
arg
,
ptr
);
if
(
ret
==
-
1
)
{
EVPerr
(
EVP_F_
EVP
_CIPHER_CTX_CTRL
,
EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED
);
EVPerr
(
EVP_F_
FIPS
_CIPHER_CTX_CTRL
,
EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED
);
return
0
;
}
return
ret
;
...
...
fips/utl/fips_md.c
浏览文件 @
2440d8b1
...
...
@@ -149,7 +149,7 @@ int FIPS_digestinit(EVP_MD_CTX *ctx, const EVP_MD *type)
ctx
->
md_data
=
OPENSSL_malloc
(
type
->
ctx_size
);
if
(
ctx
->
md_data
==
NULL
)
{
EVPerr
(
EVP_F_
EVP_DIGESTINIT_EX
,
EVPerr
(
EVP_F_
FIPS_DIGESTINIT
,
ERR_R_MALLOC_FAILURE
);
return
0
;
}
...
...
@@ -230,7 +230,7 @@ int FIPS_md_ctx_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
unsigned
char
*
tmp_buf
;
if
((
in
==
NULL
)
||
(
in
->
digest
==
NULL
))
{
EVPerr
(
EVP_F_
EVP_MD_CTX_COPY_EX
,
EVP_R_INPUT_NOT_INITIALIZED
);
EVPerr
(
EVP_F_
FIPS_MD_CTX_COPY
,
EVP_R_INPUT_NOT_INITIALIZED
);
return
0
;
}
...
...
@@ -252,7 +252,7 @@ int FIPS_md_ctx_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
out
->
md_data
=
OPENSSL_malloc
(
out
->
digest
->
ctx_size
);
if
(
!
out
->
md_data
)
{
EVPerr
(
EVP_F_
EVP_MD_CTX_COPY_EX
,
ERR_R_MALLOC_FAILURE
);
EVPerr
(
EVP_F_
FIPS_MD_CTX_COPY
,
ERR_R_MALLOC_FAILURE
);
return
0
;
}
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录