Cast and then negate, don't negate an unsigned.
Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NTim Hudson <tjh@openssl.org>

This provides support for building in the EDK II reference implementation
of UEFI. Most UEFI firmware in existence uses OpenSSL for implementing
the core cryptographic functionality needed for Secure Boot.

This has always previously been handled with external patches to OpenSSL
but we are now making a concerted effort to eliminate those.

In this mode, we don't actually use the OpenSSL makefiles; we process
the MINFO file generated by 'make files' and incorporate it into the
EDK2 build system.

Since EDK II builds for various targets with varying word size and we
need to have a single prepackaged configuration, we deliberately don't
hard-code the setting of SIXTY_FOUR_BIT vs. THIRTY_TWO_BIT in
opensslconf.h. We bypass that for OPENSSL_SYS_UEFI and allow EDK II
itself to set those, depending on the architecture.

For x86_64, EDK II sets SIXTY_FOUR_BIT and thus uses 'long long' for the
64-bit type, even when building with GCC where 'long' is also 64-bit. We
do this because the Microsoft toolchain has 32-bit 'long'.
Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NTim Hudson <tjh@openssl.org>

Ensure that EBCDIC support works and update a comment.
Reviewed-by: NTim Hudson <tjh@openssl.org>

GOST requires improved NumericString support.
Reviewed-by: NTim Hudson <tjh@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Most of the accessors existed and were already used so it was easy.
TS_VERIFY_CTX didn't have accessors/settors so I added the simple and
obvious ones, and changed the app to use them.  Also, within crypto/ts,
replaced the functions with direct access to the structure members
since we generally aren't opaque within a directory.

Also fix RT3901.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Use malloc/free instead of big onstack buffers.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NTim Hudson <tjh@openssl.org>

In some environments, such as firmware, the current system time is entirely
meaningless. Provide a clean mechanism to suppress the checks against it.
Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

This does 64-bit division and multiplication, and on 32-bit platforms
pulls in libgcc symbols (and MSVC does similar) which may not be
available.  Mostly done by David Woodhouse.
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Found on GitHub by dimman
Reviewed-by: NRichard Levitte <levitte@openssl.org>

This reverts the non-cleanup parts of commit c73ad690. We do actually
have a reasonable use case for OPENSSL_NO_RFC3779 in the EDK2 UEFI
build, since we don't have a strspn() function in our runtime environment
and we don't want the RFC3779 functionality anyway.

In addition, it changes the default behaviour of the Configure script so
that RFC3779 support isn't disabled by default. It was always disabled
from when it was first added in 2006, right up until the point where
OPENSSL_NO_RFC3779 was turned into a no-op, and the code in the
Configure script was left *trying* to disable it, but not actually
working.
Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NTim Hudson <tjh@openssl.org>

After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Add OPENSSL_SYS_UEFI flag for RAND handling;
Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Also has changes from from David Woodhouse <David.Woodhouse@intel.com>
and some tweaks from me.
Signed-off-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NTim Hudson <tjh@openssl.org>

Add test to check PBE lookups: these can fail if the PBE table is not
correctly orders. Add to "make test".
Reviewed-by: NMatt Caswell <matt@openssl.org>

It's test code that only runs on 64bit time_t machines.
Move it to a standalone test/gmdifftest
Reviewed-by: NRichard Levitte <levitte@openssl.org>

There are many places (nearly 50) where we malloc and then memset.
Add an OPENSSL_zalloc routine to encapsulate that.
(Missed one conversion; thanks Richard)
Also fixes GH328
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Avoid using cnid = 0, use NID_undef instead, and return early instead
of trying to find an instance of that in the subject DN.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Initialize pointers in param id by the book (explicit NULL assignment,
rather than just memset 0).

In x509_verify_param_zero() set peername to NULL after freeing it.

In x509_vfy.c's internal check_hosts(), avoid potential leak of
possibly already non-NULL peername.  This is only set when a check
succeeds, so don't need to do this repeatedly in the loop.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

The NULL cipher case can't actually happen because we have no
EVP_PBE_CTL combinations where cipher_nid is -1 and keygen is
PKCS12_PBE_keyivgen. But make the code more obviously correct.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Slightly modified from the original PR.
Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Don't dereference |d| when |top| is zero. Also test that various BIGNUM methods behave correctly on zero/even inputs.

Follow-up to b11980d79a52ec08844f08bea0e66c04b691840b
Reviewed-by: NRich Salz <rsalz@openssl.org>

Fix more potential leaks in X509_verify_cert()
Fix memory leak in ClientHello test
Fix memory leak in gost2814789 test
Fix potential memory leak in PKCS7_verify()
Fix potential memory leaks in X509_add1_reject_object()
Refactor to use "goto err" in cleanup.
Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

If the seed value for dsa key generation is too short (< qsize),
return an error. Also update the documentation.
Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Fix from David Baggett via tweet.
Signed-off-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Signed-off-by: NRich Salz <rsalz@akamai.com>
Reviewed-by: NTim Hudson <tjh@openssl.org>