diff options
| author | Bob Beck <beck@cvs.openbsd.org> | 2014-04-17 13:37:51 +0000 |
|---|---|---|
| committer | Bob Beck <beck@cvs.openbsd.org> | 2014-04-17 13:37:51 +0000 |
| commit | 798a6f0972ce4f8ea25aa987dc43e626dc6d4087 (patch) | |
| tree | 557371c7b1514332c466ec6233d3e6af96c88520 | |
| parent | eea79ffdb77e3dd4cdbd3f98ed1b44d9522496fa (diff) | |
Change library to use intrinsic memory allocation functions instead of
OPENSSL_foo wrappers. This changes:
OPENSSL_malloc->malloc
OPENSSL_free->free
OPENSSL_relloc->realloc
OPENSSL_freeFunc->free
218 files changed, 2413 insertions, 1526 deletions
diff --git a/lib/libcrypto/aes/aes_wrap.c b/lib/libcrypto/aes/aes_wrap.c index 198b0be3334..668978425ad 100644 --- a/lib/libcrypto/aes/aes_wrap.c +++ b/lib/libcrypto/aes/aes_wrap.c @@ -141,8 +141,8 @@ AES_wrap_unwrap_test(const unsigned char *kek, int keybits, unsigned char *otmp = NULL, *ptmp = NULL; int r, ret = 0; AES_KEY wctx; - otmp = OPENSSL_malloc(keylen + 8); - ptmp = OPENSSL_malloc(keylen); + otmp = malloc(keylen + 8); + ptmp = malloc(keylen); if (!otmp || !ptmp) return 0; if (AES_set_encrypt_key(kek, keybits, &wctx)) @@ -165,9 +165,9 @@ AES_wrap_unwrap_test(const unsigned char *kek, int keybits, err: if (otmp) - OPENSSL_free(otmp); + free(otmp); if (ptmp) - OPENSSL_free(ptmp); + free(ptmp); return ret; } diff --git a/lib/libcrypto/asn1/a_bitstr.c b/lib/libcrypto/asn1/a_bitstr.c index 34179960b87..e2b65bf2ac4 100644 --- a/lib/libcrypto/asn1/a_bitstr.c +++ b/lib/libcrypto/asn1/a_bitstr.c @@ -144,7 +144,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, if (len-- > 1) /* using one because of the bits left byte */ { - s=(unsigned char *)OPENSSL_malloc((int)len); + s=(unsigned char *)malloc((int)len); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -158,7 +158,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, s=NULL; ret->length=(int)len; - if (ret->data != NULL) OPENSSL_free(ret->data); + if (ret->data != NULL) free(ret->data); ret->data=s; ret->type=V_ASN1_BIT_STRING; if (a != NULL) (*a)=ret; @@ -192,7 +192,7 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) { if (!value) return(1); /* Don't need to set */ if (a->data == NULL) - c=(unsigned char *)OPENSSL_malloc(w+1); + c=(unsigned char *)malloc(w+1); else c=(unsigned char *)OPENSSL_realloc_clean(a->data, a->length, diff --git a/lib/libcrypto/asn1/a_bytes.c b/lib/libcrypto/asn1/a_bytes.c index 92d630cdbaf..8431d89edff 100644 --- a/lib/libcrypto/asn1/a_bytes.c +++ b/lib/libcrypto/asn1/a_bytes.c @@ -101,7 +101,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp, if (len != 0) { - s=(unsigned char *)OPENSSL_malloc((int)len+1); + s=(unsigned char *)malloc((int)len+1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -114,7 +114,7 @@ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp, else s=NULL; - if (ret->data != NULL) OPENSSL_free(ret->data); + if (ret->data != NULL) free(ret->data); ret->length=(int)len; ret->data=s; ret->type=tag; @@ -209,8 +209,8 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, { if ((ret->length < len) || (ret->data == NULL)) { - if (ret->data != NULL) OPENSSL_free(ret->data); - s=(unsigned char *)OPENSSL_malloc((int)len + 1); + if (ret->data != NULL) free(ret->data); + s=(unsigned char *)malloc((int)len + 1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -226,7 +226,7 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, else { s=NULL; - if (ret->data != NULL) OPENSSL_free(ret->data); + if (ret->data != NULL) free(ret->data); } ret->length=(int)len; @@ -301,14 +301,14 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c) if (!asn1_const_Finish(c)) goto err; a->length=num; - if (a->data != NULL) OPENSSL_free(a->data); + if (a->data != NULL) free(a->data); a->data=(unsigned char *)b.data; if (os != NULL) ASN1_STRING_free(os); return(1); err: ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE,c->error); if (os != NULL) ASN1_STRING_free(os); - if (b.data != NULL) OPENSSL_free(b.data); + if (b.data != NULL) free(b.data); return(0); } diff --git a/lib/libcrypto/asn1/a_digest.c b/lib/libcrypto/asn1/a_digest.c index 8a4b24a06bc..0d463d409bc 100644 --- a/lib/libcrypto/asn1/a_digest.c +++ b/lib/libcrypto/asn1/a_digest.c @@ -81,6 +81,6 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn, if (!EVP_Digest(str, i, md, len, type, NULL)) return 0; - OPENSSL_free(str); + free(str); return(1); } diff --git a/lib/libcrypto/asn1/a_dup.c b/lib/libcrypto/asn1/a_dup.c index d98992548ab..e825b9c2d46 100644 --- a/lib/libcrypto/asn1/a_dup.c +++ b/lib/libcrypto/asn1/a_dup.c @@ -72,14 +72,14 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x) if (x == NULL) return(NULL); i=i2d(x,NULL); - b=OPENSSL_malloc(i+10); + b=malloc(i+10); if (b == NULL) { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } p= b; i=i2d(x,&p); p2= b; ret=d2i(NULL,&p2,i); - OPENSSL_free(b); + free(b); return(ret); } @@ -104,6 +104,6 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x) { ASN1err(ASN1_F_ASN1_ITEM_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } p= b; ret=ASN1_item_d2i(NULL,&p,i, it); - OPENSSL_free(b); + free(b); return(ret); } diff --git a/lib/libcrypto/asn1/a_enum.c b/lib/libcrypto/asn1/a_enum.c index fe9aa13b9cd..c1154dde0a0 100644 --- a/lib/libcrypto/asn1/a_enum.c +++ b/lib/libcrypto/asn1/a_enum.c @@ -77,8 +77,8 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) if (a->length < (int)(sizeof(long)+1)) { if (a->data != NULL) - OPENSSL_free(a->data); - if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL) + free(a->data); + if ((a->data=(unsigned char *)malloc(sizeof(long)+1)) != NULL) memset((char *)a->data,0,sizeof(long)+1); } if (a->data == NULL) @@ -155,7 +155,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) len=((j == 0)?0:((j/8)+1)); if (ret->length < len+4) { - unsigned char *new_data=OPENSSL_realloc(ret->data, len+4); + unsigned char *new_data=realloc(ret->data, len+4); if (!new_data) { ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE); diff --git a/lib/libcrypto/asn1/a_gentm.c b/lib/libcrypto/asn1/a_gentm.c index 4f312ee6c9c..86666e7a20e 100644 --- a/lib/libcrypto/asn1/a_gentm.c +++ b/lib/libcrypto/asn1/a_gentm.c @@ -225,7 +225,7 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, p=(char *)s->data; if ((p == NULL) || ((size_t)s->length < len)) { - p=OPENSSL_malloc(len); + p=malloc(len); if (p == NULL) { ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, @@ -233,7 +233,7 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, return(NULL); } if (s->data != NULL) - OPENSSL_free(s->data); + free(s->data); s->data=(unsigned char *)p; } diff --git a/lib/libcrypto/asn1/a_i2d_fp.c b/lib/libcrypto/asn1/a_i2d_fp.c index a3ad76d3568..484bcd66eb8 100644 --- a/lib/libcrypto/asn1/a_i2d_fp.c +++ b/lib/libcrypto/asn1/a_i2d_fp.c @@ -88,7 +88,7 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) int i,j=0,n,ret=1; n=i2d(x,NULL); - b=(char *)OPENSSL_malloc(n); + b=(char *)malloc(n); if (b == NULL) { ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE); @@ -110,7 +110,7 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) j+=i; n-=i; } - OPENSSL_free(b); + free(b); return(ret); } @@ -158,6 +158,6 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x) j+=i; n-=i; } - OPENSSL_free(b); + free(b); return(ret); } diff --git a/lib/libcrypto/asn1/a_int.c b/lib/libcrypto/asn1/a_int.c index 297c45a9ff1..6c38ace8f96 100644 --- a/lib/libcrypto/asn1/a_int.c +++ b/lib/libcrypto/asn1/a_int.c @@ -194,9 +194,9 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, p= *pp; pend = p + len; - /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it + /* We must malloc stuff, even for 0 bytes otherwise it * signifies a missing NULL parameter. */ - s=(unsigned char *)OPENSSL_malloc((int)len+1); + s=(unsigned char *)malloc((int)len+1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -249,7 +249,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, memcpy(s,p,(int)len); } - if (ret->data != NULL) OPENSSL_free(ret->data); + if (ret->data != NULL) free(ret->data); ret->data=s; ret->length=(int)len; if (a != NULL) (*a)=ret; @@ -300,9 +300,9 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, goto err; } - /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it + /* We must malloc stuff, even for 0 bytes otherwise it * signifies a missing NULL parameter. */ - s=(unsigned char *)OPENSSL_malloc((int)len+1); + s=(unsigned char *)malloc((int)len+1); if (s == NULL) { i=ERR_R_MALLOC_FAILURE; @@ -319,7 +319,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, p+=len; } - if (ret->data != NULL) OPENSSL_free(ret->data); + if (ret->data != NULL) free(ret->data); ret->data=s; ret->length=(int)len; if (a != NULL) (*a)=ret; @@ -343,8 +343,8 @@ int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) if (a->length < (int)(sizeof(long)+1)) { if (a->data != NULL) - OPENSSL_free(a->data); - if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL) + free(a->data); + if ((a->data=(unsigned char *)malloc(sizeof(long)+1)) != NULL) memset((char *)a->data,0,sizeof(long)+1); } if (a->data == NULL) @@ -422,7 +422,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) len=((j == 0)?0:((j/8)+1)); if (ret->length < len+4) { - unsigned char *new_data=OPENSSL_realloc(ret->data, len+4); + unsigned char *new_data=realloc(ret->data, len+4); if (!new_data) { ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); diff --git a/lib/libcrypto/asn1/a_mbstr.c b/lib/libcrypto/asn1/a_mbstr.c index dc953c83251..f6d8da8b3c3 100644 --- a/lib/libcrypto/asn1/a_mbstr.c +++ b/lib/libcrypto/asn1/a_mbstr.c @@ -185,7 +185,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, dest = *out; if(dest->data) { dest->length = 0; - OPENSSL_free(dest->data); + free(dest->data); dest->data = NULL; } dest->type = str_type; @@ -231,7 +231,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, cpyfunc = cpy_utf8; break; } - if(!(p = OPENSSL_malloc(outlen + 1))) { + if(!(p = malloc(outlen + 1))) { if(free_out) ASN1_STRING_free(dest); ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,ERR_R_MALLOC_FAILURE); return -1; diff --git a/lib/libcrypto/asn1/a_object.c b/lib/libcrypto/asn1/a_object.c index 3978c9150d8..c30f32442d1 100644 --- a/lib/libcrypto/asn1/a_object.c +++ b/lib/libcrypto/asn1/a_object.c @@ -180,9 +180,9 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) if (blsize > tmpsize) { if (tmp != ftmp) - OPENSSL_free(tmp); + free(tmp); tmpsize = blsize + 32; - tmp = OPENSSL_malloc(tmpsize); + tmp = malloc(tmpsize); if (!tmp) goto err; } @@ -215,13 +215,13 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) len+=i; } if (tmp != ftmp) - OPENSSL_free(tmp); + free(tmp); if (bl) BN_free(bl); return(len); err: if (tmp != ftmp) - OPENSSL_free(tmp); + free(tmp); if (bl) BN_free(bl); return(0); @@ -242,7 +242,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) i=i2t_ASN1_OBJECT(buf,sizeof buf,a); if (i > (int)(sizeof(buf) - 1)) { - p = OPENSSL_malloc(i + 1); + p = malloc(i + 1); if (!p) return -1; i2t_ASN1_OBJECT(p,i + 1,a); @@ -251,7 +251,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) return BIO_write(bp, "<INVALID>", 9); BIO_write(bp,p,i); if (p != buf) - OPENSSL_free(p); + free(p); return(i); } @@ -319,8 +319,8 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, if ((data == NULL) || (ret->length < len)) { ret->length=0; - if (data != NULL) OPENSSL_free(data); - data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1); + if (data != NULL) free(data); + data=(unsigned char *)malloc(len ? (int)len : 1); if (data == NULL) { i=ERR_R_MALLOC_FAILURE; goto err; } ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; @@ -348,7 +348,7 @@ ASN1_OBJECT *ASN1_OBJECT_new(void) { ASN1_OBJECT *ret; - ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT)); + ret=(ASN1_OBJECT *)malloc(sizeof(ASN1_OBJECT)); if (ret == NULL) { ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE); @@ -369,19 +369,19 @@ void ASN1_OBJECT_free(ASN1_OBJECT *a) if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) { #ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */ - if (a->sn != NULL) OPENSSL_free((void *)a->sn); - if (a->ln != NULL) OPENSSL_free((void *)a->ln); + if (a->sn != NULL) free((void *)a->sn); + if (a->ln != NULL) free((void *)a->ln); #endif a->sn=a->ln=NULL; } if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) { - if (a->data != NULL) OPENSSL_free((void *)a->data); + if (a->data != NULL) free((void *)a->data); a->data=NULL; a->length=0; } if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC) - OPENSSL_free(a); + free(a); } ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, diff --git a/lib/libcrypto/asn1/a_sign.c b/lib/libcrypto/asn1/a_sign.c index 01b6292b653..0433b49a64c 100644 --- a/lib/libcrypto/asn1/a_sign.c +++ b/lib/libcrypto/asn1/a_sign.c @@ -211,7 +211,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, inl=ASN1_item_i2d(asn,&buf_in, it); outll=outl=EVP_PKEY_size(pkey); - buf_out=OPENSSL_malloc((unsigned int)outl); + buf_out=malloc((unsigned int)outl); if ((buf_in == NULL) || (buf_out == NULL)) { outl=0; @@ -226,7 +226,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_EVP_LIB); goto err; } - if (signature->data != NULL) OPENSSL_free(signature->data); + if (signature->data != NULL) free(signature->data); signature->data=buf_out; buf_out=NULL; signature->length=outl; @@ -238,8 +238,8 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, err: EVP_MD_CTX_cleanup(ctx); if (buf_in != NULL) - { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); } + { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); free(buf_in); } if (buf_out != NULL) - { OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); } + { OPENSSL_cleanse((char *)buf_out,outll); free(buf_out); } return(outl); } diff --git a/lib/libcrypto/asn1/a_strex.c b/lib/libcrypto/asn1/a_strex.c index d1a587ccc19..713b3cb028e 100644 --- a/lib/libcrypto/asn1/a_strex.c +++ b/lib/libcrypto/asn1/a_strex.c @@ -278,12 +278,12 @@ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING t.type = str->type; t.value.ptr = (char *)str; der_len = i2d_ASN1_TYPE(&t, NULL); - der_buf = OPENSSL_malloc(der_len); + der_buf = malloc(der_len); if(!der_buf) return -1; p = der_buf; i2d_ASN1_TYPE(&t, &p); outlen = do_hex_dump(io_ch, arg, der_buf, der_len); - OPENSSL_free(der_buf); + free(der_buf); if(outlen < 0) return -1; return outlen + 1; } diff --git a/lib/libcrypto/asn1/a_strnid.c b/lib/libcrypto/asn1/a_strnid.c index 2fc48c1551a..74bc7b316cc 100644 --- a/lib/libcrypto/asn1/a_strnid.c +++ b/lib/libcrypto/asn1/a_strnid.c @@ -222,7 +222,7 @@ int ASN1_STRING_TABLE_add(int nid, return 0; } if(!(tmp = ASN1_STRING_TABLE_get(nid))) { - tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE)); + tmp = malloc(sizeof(ASN1_STRING_TABLE)); if(!tmp) { ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE); @@ -250,7 +250,7 @@ void ASN1_STRING_TABLE_cleanup(void) static void st_free(ASN1_STRING_TABLE *tbl) { - if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl); + if(tbl->flags & STABLE_FLAGS_MALLOC) free(tbl); } diff --git a/lib/libcrypto/asn1/a_utctm.c b/lib/libcrypto/asn1/a_utctm.c index f2e7de16af5..0e7aca90a71 100644 --- a/lib/libcrypto/asn1/a_utctm.c +++ b/lib/libcrypto/asn1/a_utctm.c @@ -203,14 +203,14 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, p=(char *)s->data; if ((p == NULL) || ((size_t)s->length < len)) { - p=OPENSSL_malloc(len); + p=malloc(len); if (p == NULL) { ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE); return(NULL); } if (s->data != NULL) - OPENSSL_free(s->data); + free(s->data); s->data=(unsigned char *)p; } diff --git a/lib/libcrypto/asn1/a_verify.c b/lib/libcrypto/asn1/a_verify.c index 5eb47d768cf..8eca970be37 100644 --- a/lib/libcrypto/asn1/a_verify.c +++ b/lib/libcrypto/asn1/a_verify.c @@ -154,7 +154,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, } OPENSSL_cleanse(buf_in,(unsigned int)inl); - OPENSSL_free(buf_in); + free(buf_in); if (EVP_DigestVerifyFinal(&ctx,signature->data, (size_t)signature->length) <= 0) diff --git a/lib/libcrypto/asn1/ameth_lib.c b/lib/libcrypto/asn1/ameth_lib.c index 18957c669e4..228392f1e6a 100644 --- a/lib/libcrypto/asn1/ameth_lib.c +++ b/lib/libcrypto/asn1/ameth_lib.c @@ -69,6 +69,7 @@ extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[]; extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; +extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth; /* Keep this sorted in type order !! */ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = @@ -90,7 +91,8 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = #ifndef OPENSSL_NO_EC &eckey_asn1_meth, #endif - &hmac_asn1_meth + &hmac_asn1_meth, + &cmac_asn1_meth }; typedef int sk_cmp_fn_type(const char * const *a, const char * const *b); @@ -172,7 +174,6 @@ static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type) const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type) { const EVP_PKEY_ASN1_METHOD *t; - ENGINE *e; for (;;) { @@ -184,6 +185,7 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type) if (pe) { #ifndef OPENSSL_NO_ENGINE + ENGINE *e; /* type will contain the final unaliased type */ e = ENGINE_get_pkey_asn1_meth_engine(type); if (e) @@ -287,10 +289,12 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, const char *info) { EVP_PKEY_ASN1_METHOD *ameth; - ameth = OPENSSL_malloc(sizeof(EVP_PKEY_ASN1_METHOD)); + ameth = malloc(sizeof(EVP_PKEY_ASN1_METHOD)); if (!ameth) return NULL; + memset(ameth, 0, sizeof(EVP_PKEY_ASN1_METHOD)); + ameth->pkey_id = id; ameth->pkey_base_id = id; ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC; @@ -301,6 +305,8 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, if (!ameth->info) goto err; } + else + ameth->info = NULL; if (pem_str) { @@ -308,6 +314,8 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, if (!ameth->pem_str) goto err; } + else + ameth->pem_str = NULL; ameth->pub_decode = 0; ameth->pub_encode = 0; @@ -321,6 +329,9 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, ameth->old_priv_encode = 0; ameth->old_priv_decode = 0; + ameth->item_verify = 0; + ameth->item_sign = 0; + ameth->pkey_size = 0; ameth->pkey_bits = 0; @@ -372,6 +383,9 @@ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, dst->pkey_free = src->pkey_free; dst->pkey_ctrl = src->pkey_ctrl; + dst->item_sign = src->item_sign; + dst->item_verify = src->item_verify; + } void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth) @@ -379,10 +393,10 @@ void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth) if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) { if (ameth->pem_str) - OPENSSL_free(ameth->pem_str); + free(ameth->pem_str); if (ameth->info) - OPENSSL_free(ameth->info); - OPENSSL_free(ameth); + free(ameth->info); + free(ameth); } } diff --git a/lib/libcrypto/asn1/asn1_gen.c b/lib/libcrypto/asn1/asn1_gen.c index 81a7a38895a..8194beeb308 100644 --- a/lib/libcrypto/asn1/asn1_gen.c +++ b/lib/libcrypto/asn1/asn1_gen.c @@ -226,7 +226,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) /* Allocate buffer for new encoding */ - new_der = OPENSSL_malloc(len); + new_der = malloc(len); if (!new_der) goto err; @@ -266,9 +266,9 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) err: if (orig_der) - OPENSSL_free(orig_der); + free(orig_der); if (new_der) - OPENSSL_free(new_der); + free(new_der); return ret; @@ -499,7 +499,7 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf) bad: if (der) - OPENSSL_free(der); + free(der); if (sk) sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free); diff --git a/lib/libcrypto/asn1/asn1_lib.c b/lib/libcrypto/asn1/asn1_lib.c index 4d1d6af18d8..7b06b6fdc88 100644 --- a/lib/libcrypto/asn1/asn1_lib.c +++ b/lib/libcrypto/asn1/asn1_lib.c @@ -383,9 +383,9 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) { c=str->data; if (c == NULL) - str->data=OPENSSL_malloc(len+1); + str->data=malloc(len+1); else - str->data=OPENSSL_realloc(c,len+1); + str->data=realloc(c,len+1); if (str->data == NULL) { @@ -407,7 +407,7 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len) { if (str->data) - OPENSSL_free(str->data); + free(str->data); str->data = data; str->length = len; } @@ -422,7 +422,7 @@ ASN1_STRING *ASN1_STRING_type_new(int type) { ASN1_STRING *ret; - ret=(ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING)); + ret=(ASN1_STRING *)malloc(sizeof(ASN1_STRING)); if (ret == NULL) { ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE); @@ -439,8 +439,8 @@ void ASN1_STRING_free(ASN1_STRING *a) { if (a == NULL) return; if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF)) - OPENSSL_free(a->data); - OPENSSL_free(a); + free(a->data); + free(a); } int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b) diff --git a/lib/libcrypto/asn1/asn1_mac.h b/lib/libcrypto/asn1/asn1_mac.h index c60b197552d..ecc2c772289 100644 --- a/lib/libcrypto/asn1/asn1_mac.h +++ b/lib/libcrypto/asn1/asn1_mac.h @@ -289,7 +289,7 @@ err:\ /* New macros */ #define M_ASN1_New_Malloc(ret,type) \ - if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \ + if ((ret=(type *)malloc(sizeof(type))) == NULL) \ { c.line=__LINE__; goto err2; } #define M_ASN1_New(arg,func) \ diff --git a/lib/libcrypto/asn1/asn_mime.c b/lib/libcrypto/asn1/asn_mime.c index 54a704a969e..d94b3cd6f84 100644 --- a/lib/libcrypto/asn1/asn_mime.c +++ b/lib/libcrypto/asn1/asn_mime.c @@ -220,7 +220,7 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs) if (rv > 0) { BIO_puts(out, micstr); - OPENSSL_free(micstr); + free(micstr); continue; } if (rv != -2) @@ -822,7 +822,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value) } } } else tmpval = NULL; - mhdr = (MIME_HEADER *) OPENSSL_malloc(sizeof(MIME_HEADER)); + mhdr = (MIME_HEADER *) malloc(sizeof(MIME_HEADER)); if(!mhdr) return NULL; mhdr->name = tmpname; mhdr->value = tmpval; @@ -851,7 +851,7 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value) if(!tmpval) return 0; } else tmpval = NULL; /* Parameter values are case sensitive so leave as is */ - mparam = (MIME_PARAM *) OPENSSL_malloc(sizeof(MIME_PARAM)); + mparam = (MIME_PARAM *) malloc(sizeof(MIME_PARAM)); if(!mparam) return 0; mparam->param_name = tmpname; mparam->param_value = tmpval; @@ -900,17 +900,17 @@ static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name) static void mime_hdr_free(MIME_HEADER *hdr) { - if(hdr->name) OPENSSL_free(hdr->name); - if(hdr->value) OPENSSL_free(hdr->value); + if(hdr->name) free(hdr->name); + if(hdr->value) free(hdr->value); if(hdr->params) sk_MIME_PARAM_pop_free(hdr->params, mime_param_free); - OPENSSL_free(hdr); + free(hdr); } static void mime_param_free(MIME_PARAM *param) { - if(param->param_name) OPENSSL_free(param->param_name); - if(param->param_value) OPENSSL_free(param->param_value); - OPENSSL_free(param); + if(param->param_name) free(param->param_name); + if(param->param_value) free(param->param_value); + free(param); } /* Check for a multipart boundary. Returns: diff --git a/lib/libcrypto/asn1/asn_moid.c b/lib/libcrypto/asn1/asn_moid.c index 1ea6a592483..fd04d114590 100644 --- a/lib/libcrypto/asn1/asn_moid.c +++ b/lib/libcrypto/asn1/asn_moid.c @@ -145,7 +145,7 @@ static int do_create(char *value, char *name) p--; } p++; - lntmp = OPENSSL_malloc((p - ln) + 1); + lntmp = malloc((p - ln) + 1); if (lntmp == NULL) return 0; memcpy(lntmp, ln, p - ln); diff --git a/lib/libcrypto/asn1/asn_pack.c b/lib/libcrypto/asn1/asn_pack.c index 18865086546..13dc5d46653 100644 --- a/lib/libcrypto/asn1/asn_pack.c +++ b/lib/libcrypto/asn1/asn_pack.c @@ -75,7 +75,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) } else octmp = *oct; if(octmp->data) { - OPENSSL_free(octmp->data); + free(octmp->data); octmp->data = NULL; } diff --git a/lib/libcrypto/asn1/bio_asn1.c b/lib/libcrypto/asn1/bio_asn1.c index dc7efd551c0..fa98dba7283 100644 --- a/lib/libcrypto/asn1/bio_asn1.c +++ b/lib/libcrypto/asn1/bio_asn1.c @@ -150,7 +150,7 @@ BIO_METHOD *BIO_f_asn1(void) static int asn1_bio_new(BIO *b) { BIO_ASN1_BUF_CTX *ctx; - ctx = OPENSSL_malloc(sizeof(BIO_ASN1_BUF_CTX)); + ctx = malloc(sizeof(BIO_ASN1_BUF_CTX)); if (!ctx) return 0; if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) @@ -163,7 +163,7 @@ static int asn1_bio_new(BIO *b) static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size) { - ctx->buf = OPENSSL_malloc(size); + ctx->buf = malloc(size); if (!ctx->buf) return 0; ctx->bufsize = size; @@ -186,8 +186,8 @@ static int asn1_bio_free(BIO *b) if (ctx == NULL) return 0; if (ctx->buf) - OPENSSL_free(ctx->buf); - OPENSSL_free(ctx); + free(ctx->buf); + free(ctx); b->init = 0; b->ptr = NULL; b->flags = 0; diff --git a/lib/libcrypto/asn1/bio_ndef.c b/lib/libcrypto/asn1/bio_ndef.c index 370389b1e6e..60f324bdae0 100644 --- a/lib/libcrypto/asn1/bio_ndef.c +++ b/lib/libcrypto/asn1/bio_ndef.c @@ -57,9 +57,6 @@ #include <openssl/bio.h> #include <openssl/err.h> -#ifndef OPENSSL_SYSNAME_NETWARE -#include <memory.h> -#endif #include <stdio.h> /* Experimental NDEF ASN1 BIO support routines */ @@ -113,7 +110,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it) ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED); return NULL; } - ndef_aux = OPENSSL_malloc(sizeof(NDEF_SUPPORT)); + ndef_aux = malloc(sizeof(NDEF_SUPPORT)); asn_bio = BIO_new(BIO_f_asn1()); /* ASN1 bio needs to be next to output BIO */ @@ -151,7 +148,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it) if (asn_bio) BIO_free(asn_bio); if (ndef_aux) - OPENSSL_free(ndef_aux); + free(ndef_aux); return NULL; } @@ -167,7 +164,7 @@ static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg) ndef_aux = *(NDEF_SUPPORT **)parg; derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it); - p = OPENSSL_malloc(derlen); + p = malloc(derlen); ndef_aux->derbuf = p; *pbuf = p; derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it); @@ -190,7 +187,7 @@ static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg) ndef_aux = *(NDEF_SUPPORT **)parg; if (ndef_aux->derbuf) - OPENSSL_free(ndef_aux->derbuf); + free(ndef_aux->derbuf); ndef_aux->derbuf = NULL; *pbuf = NULL; @@ -203,7 +200,7 @@ static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg) NDEF_SUPPORT **pndef_aux = (NDEF_SUPPORT **)parg; if (!ndef_prefix_free(b, pbuf, plen, parg)) return 0; - OPENSSL_free(*pndef_aux); + free(*pndef_aux); *pndef_aux = NULL; return 1; } @@ -232,7 +229,7 @@ static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg) return 0; derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it); - p = OPENSSL_malloc(derlen); + p = malloc(derlen); ndef_aux->derbuf = p; *pbuf = p; derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it); diff --git a/lib/libcrypto/asn1/f_enum.c b/lib/libcrypto/asn1/f_enum.c index 56e3cc8df2b..caf34ee97e0 100644 --- a/lib/libcrypto/asn1/f_enum.c +++ b/lib/libcrypto/asn1/f_enum.c @@ -153,15 +153,15 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) if (num+i > slen) { if (s == NULL) - sp=(unsigned char *)OPENSSL_malloc( + sp=(unsigned char *)malloc( (unsigned int)num+i*2); else - sp=(unsigned char *)OPENSSL_realloc(s, + sp=(unsigned char *)realloc(s, (unsigned int)num+i*2); if (sp == NULL) { ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE); - if (s != NULL) OPENSSL_free(s); + if (s != NULL) free(s); goto err; } s=sp; diff --git a/lib/libcrypto/asn1/f_int.c b/lib/libcrypto/asn1/f_int.c index 8b92fad9df3..977e3d01b74 100644 --- a/lib/libcrypto/asn1/f_int.c +++ b/lib/libcrypto/asn1/f_int.c @@ -157,14 +157,14 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) if (num+i > slen) { if (s == NULL) - sp=(unsigned char *)OPENSSL_malloc( + sp=(unsigned char *)malloc( (unsigned int)num+i*2); else sp=OPENSSL_realloc_clean(s,slen,num+i*2); if (sp == NULL) { ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); - if (s != NULL) OPENSSL_free(s); + if (s != NULL) free(s); goto err; } s=sp; diff --git a/lib/libcrypto/asn1/f_string.c b/lib/libcrypto/asn1/f_string.c index f7d36adac79..f4bee153355 100644 --- a/lib/libcrypto/asn1/f_string.c +++ b/lib/libcrypto/asn1/f_string.c @@ -149,15 +149,15 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) if (num+i > slen) { if (s == NULL) - sp=(unsigned char *)OPENSSL_malloc( + sp=(unsigned char *)malloc( (unsigned int)num+i*2); else - sp=(unsigned char *)OPENSSL_realloc(s, + sp=(unsigned char *)realloc(s, (unsigned int)num+i*2); if (sp == NULL) { ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE); - if (s != NULL) OPENSSL_free(s); + if (s != NULL) free(s); goto err; } s=sp; diff --git a/lib/libcrypto/asn1/n_pkey.c b/lib/libcrypto/asn1/n_pkey.c index e2517399335..97647d17e1a 100644 --- a/lib/libcrypto/asn1/n_pkey.c +++ b/lib/libcrypto/asn1/n_pkey.c @@ -169,7 +169,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, /* Since its RC4 encrypted length is actual length */ - if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL) + if ((zz=(unsigned char *)malloc(rsalen)) == NULL) { ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); goto err; @@ -179,7 +179,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, /* Write out private key encoding */ i2d_RSAPrivateKey(a,&zz); - if ((zz=OPENSSL_malloc(pkeylen)) == NULL) + if ((zz=malloc(pkeylen)) == NULL) { ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); goto err; diff --git a/lib/libcrypto/asn1/p5_pbev2.c b/lib/libcrypto/asn1/p5_pbev2.c index 4ea683036b1..2d80334e011 100644 --- a/lib/libcrypto/asn1/p5_pbev2.c +++ b/lib/libcrypto/asn1/p5_pbev2.c @@ -214,7 +214,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, if (!saltlen) saltlen = PKCS5_SALT_LEN; - if (!(osalt->data = OPENSSL_malloc (saltlen))) + if (!(osalt->data = malloc (saltlen))) goto merr; osalt->length = saltlen; diff --git a/lib/libcrypto/asn1/t_crl.c b/lib/libcrypto/asn1/t_crl.c index c61169208a3..f6550b2b04f 100644 --- a/lib/libcrypto/asn1/t_crl.c +++ b/lib/libcrypto/asn1/t_crl.c @@ -97,7 +97,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x) X509_signature_print(out, x->sig_alg, NULL); p=X509_NAME_oneline(X509_CRL_get_issuer(x),NULL,0); BIO_printf(out,"%8sIssuer: %s\n","",p); - OPENSSL_free(p); + free(p); BIO_printf(out,"%8sLast Update: ",""); ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x)); BIO_printf(out,"\n%8sNext Update: ",""); diff --git a/lib/libcrypto/asn1/t_x509.c b/lib/libcrypto/asn1/t_x509.c index bbf00c7a29b..8dfda07b92b 100644 --- a/lib/libcrypto/asn1/t_x509.c +++ b/lib/libcrypto/asn1/t_x509.c @@ -239,7 +239,7 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) } ret=1; err: - if (m != NULL) OPENSSL_free(m); + if (m != NULL) free(m); return(ret); } @@ -256,7 +256,7 @@ int X509_ocspid_print (BIO *bp, X509 *x) if (BIO_printf(bp," Subject OCSP hash: ") <= 0) goto err; derlen = i2d_X509_NAME(x->cert_info->subject, NULL); - if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL) + if ((der = dertmp = (unsigned char *)malloc (derlen)) == NULL) goto err; i2d_X509_NAME(x->cert_info->subject, &dertmp); @@ -266,7 +266,7 @@ int X509_ocspid_print (BIO *bp, X509 *x) { if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err; } - OPENSSL_free (der); + free (der); der=NULL; /* display the hash of the public key as it would appear @@ -287,7 +287,7 @@ int X509_ocspid_print (BIO *bp, X509 *x) return (1); err: - if (der != NULL) OPENSSL_free(der); + if (der != NULL) free(der); return(0); } @@ -477,7 +477,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) b=X509_NAME_oneline(name,NULL,0); if (!*b) { - OPENSSL_free(b); + free(b); return 1; } s=b+1; /* skip the first slash */ @@ -513,6 +513,6 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) err: X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB); } - OPENSSL_free(b); + free(b); return(ret); } diff --git a/lib/libcrypto/asn1/tasn_dec.c b/lib/libcrypto/asn1/tasn_dec.c index 87d7dfdf5c3..c594db91403 100644 --- a/lib/libcrypto/asn1/tasn_dec.c +++ b/lib/libcrypto/asn1/tasn_dec.c @@ -910,7 +910,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, *in = p; ret = 1; err: - if (free_cont && buf.data) OPENSSL_free(buf.data); + if (free_cont && buf.data) free(buf.data); return ret; } @@ -1046,7 +1046,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, if (*free_cont) { if (stmp->data) - OPENSSL_free(stmp->data); + free(stmp->data); stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */ stmp->length = len; *free_cont = 0; diff --git a/lib/libcrypto/asn1/tasn_enc.c b/lib/libcrypto/asn1/tasn_enc.c index 936ad1f767c..9ab0473d73e 100644 --- a/lib/libcrypto/asn1/tasn_enc.c +++ b/lib/libcrypto/asn1/tasn_enc.c @@ -110,7 +110,7 @@ static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags); if (len <= 0) return len; - buf = OPENSSL_malloc(len); + buf = malloc(len); if (!buf) return -1; p = buf; @@ -451,9 +451,9 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, do_sort = 0; else { - derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) + derlst = malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst)); - tmpdat = OPENSSL_malloc(skcontlen); + tmpdat = malloc(skcontlen); if (!derlst || !tmpdat) return 0; } @@ -496,8 +496,8 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, i++, tder++) (void)sk_ASN1_VALUE_set(sk, i, tder->field); } - OPENSSL_free(derlst); - OPENSSL_free(tmpdat); + free(derlst); + free(tmpdat); return 1; } diff --git a/lib/libcrypto/asn1/tasn_fre.c b/lib/libcrypto/asn1/tasn_fre.c index 77d3092d31e..b04034ba4c9 100644 --- a/lib/libcrypto/asn1/tasn_fre.c +++ b/lib/libcrypto/asn1/tasn_fre.c @@ -126,7 +126,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); if (!combine) { - OPENSSL_free(*pval); + free(*pval); *pval = NULL; } break; @@ -173,7 +173,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); if (!combine) { - OPENSSL_free(*pval); + free(*pval); *pval = NULL; } break; @@ -254,7 +254,7 @@ void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) case V_ASN1_ANY: ASN1_primitive_free(pval, NULL); - OPENSSL_free(*pval); + free(*pval); break; default: diff --git a/lib/libcrypto/asn1/tasn_new.c b/lib/libcrypto/asn1/tasn_new.c index 0d9e78cc7cd..aab9ef08c4c 100644 --- a/lib/libcrypto/asn1/tasn_new.c +++ b/lib/libcrypto/asn1/tasn_new.c @@ -160,7 +160,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, } if (!combine) { - *pval = OPENSSL_malloc(it->size); + *pval = malloc(it->size); if (!*pval) goto memerr; memset(*pval, 0, it->size); @@ -188,7 +188,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, } if (!combine) { - *pval = OPENSSL_malloc(it->size); + *pval = malloc(it->size); if (!*pval) goto memerr; memset(*pval, 0, it->size); @@ -354,7 +354,7 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) return 1; case V_ASN1_ANY: - typ = OPENSSL_malloc(sizeof(ASN1_TYPE)); + typ = malloc(sizeof(ASN1_TYPE)); if (!typ) return 0; typ->value.ptr = NULL; diff --git a/lib/libcrypto/asn1/tasn_prn.c b/lib/libcrypto/asn1/tasn_prn.c index 542a091a667..ec524edac84 100644 --- a/lib/libcrypto/asn1/tasn_prn.c +++ b/lib/libcrypto/asn1/tasn_prn.c @@ -85,7 +85,7 @@ ASN1_PCTX default_pctx = ASN1_PCTX *ASN1_PCTX_new(void) { ASN1_PCTX *ret; - ret = OPENSSL_malloc(sizeof(ASN1_PCTX)); + ret = malloc(sizeof(ASN1_PCTX)); if (ret == NULL) { ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE); @@ -101,7 +101,7 @@ ASN1_PCTX *ASN1_PCTX_new(void) void ASN1_PCTX_free(ASN1_PCTX *p) { - OPENSSL_free(p); + free(p); } unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p) @@ -480,7 +480,7 @@ static int asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str, s = i2s_ASN1_INTEGER(NULL, str); if (BIO_puts(out, s) <= 0) ret = 0; - OPENSSL_free(s); + free(s); return ret; } diff --git a/lib/libcrypto/asn1/tasn_utl.c b/lib/libcrypto/asn1/tasn_utl.c index ca9ec7a32f5..dfa63fb2bc4 100644 --- a/lib/libcrypto/asn1/tasn_utl.c +++ b/lib/libcrypto/asn1/tasn_utl.c @@ -155,7 +155,7 @@ void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it) if (enc) { if (enc->enc) - OPENSSL_free(enc->enc); + free(enc->enc); enc->enc = NULL; enc->len = 0; enc->modified = 1; @@ -171,8 +171,8 @@ int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, return 1; if (enc->enc) - OPENSSL_free(enc->enc); - enc->enc = OPENSSL_malloc(inlen); + free(enc->enc); + enc->enc = malloc(inlen); if (!enc->enc) return 0; memcpy(enc->enc, in, inlen); diff --git a/lib/libcrypto/asn1/x_crl.c b/lib/libcrypto/asn1/x_crl.c index c51c690ba9d..cf7e69aaaf6 100644 --- a/lib/libcrypto/asn1/x_crl.c +++ b/lib/libcrypto/asn1/x_crl.c @@ -493,7 +493,7 @@ X509_CRL_METHOD *X509_CRL_METHOD_new( int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk)) { X509_CRL_METHOD *m; - m = OPENSSL_malloc(sizeof(X509_CRL_METHOD)); + m = malloc(sizeof(X509_CRL_METHOD)); if (!m) return NULL; m->crl_init = crl_init; @@ -508,7 +508,7 @@ void X509_CRL_METHOD_free(X509_CRL_METHOD *m) { if (!(m->flags & X509_CRL_METHOD_DYNAMIC)) return; - OPENSSL_free(m); + free(m); } void X509_CRL_set_meth_data(X509_CRL *crl, void *dat) diff --git a/lib/libcrypto/asn1/x_info.c b/lib/libcrypto/asn1/x_info.c index d44f6cdb019..c13fad056f2 100644 --- a/lib/libcrypto/asn1/x_info.c +++ b/lib/libcrypto/asn1/x_info.c @@ -66,7 +66,7 @@ X509_INFO *X509_INFO_new(void) { X509_INFO *ret=NULL; - ret=(X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO)); + ret=(X509_INFO *)malloc(sizeof(X509_INFO)); if (ret == NULL) { ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE); @@ -106,8 +106,8 @@ void X509_INFO_free(X509_INFO *x) if (x->x509 != NULL) X509_free(x->x509); if (x->crl != NULL) X509_CRL_free(x->crl); if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey); - if (x->enc_data != NULL) OPENSSL_free(x->enc_data); - OPENSSL_free(x); + if (x->enc_data != NULL) free(x->enc_data); + free(x); } IMPLEMENT_STACK_OF(X509_INFO) diff --git a/lib/libcrypto/asn1/x_name.c b/lib/libcrypto/asn1/x_name.c index d7c2318693f..e14d329639b 100644 --- a/lib/libcrypto/asn1/x_name.c +++ b/lib/libcrypto/asn1/x_name.c @@ -132,7 +132,7 @@ IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME) static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) { X509_NAME *ret = NULL; - ret = OPENSSL_malloc(sizeof(X509_NAME)); + ret = malloc(sizeof(X509_NAME)); if(!ret) goto memerr; if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL) goto memerr; @@ -149,7 +149,7 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) { if (ret->entries) sk_X509_NAME_ENTRY_free(ret->entries); - OPENSSL_free(ret); + free(ret); } return 0; } @@ -164,8 +164,8 @@ static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) BUF_MEM_free(a->bytes); sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free); if (a->canon_enc) - OPENSSL_free(a->canon_enc); - OPENSSL_free(a); + free(a->canon_enc); + free(a); *pval = NULL; } @@ -325,7 +325,7 @@ static int x509_name_canon(X509_NAME *a) if (a->canon_enc) { - OPENSSL_free(a->canon_enc); + free(a->canon_enc); a->canon_enc = NULL; } /* Special case: empty X509_NAME => null encoding */ @@ -362,7 +362,7 @@ static int x509_name_canon(X509_NAME *a) a->canon_enclen = i2d_name_canon(intname, NULL); - p = OPENSSL_malloc(a->canon_enclen); + p = malloc(a->canon_enclen); if (!p) goto err; diff --git a/lib/libcrypto/asn1/x_pkey.c b/lib/libcrypto/asn1/x_pkey.c index 8453618426f..3bf2f5e915b 100644 --- a/lib/libcrypto/asn1/x_pkey.c +++ b/lib/libcrypto/asn1/x_pkey.c @@ -146,6 +146,6 @@ void X509_PKEY_free(X509_PKEY *x) if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor); if (x->enc_pkey != NULL) M_ASN1_OCTET_STRING_free(x->enc_pkey); if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey); - if ((x->key_data != NULL) && (x->key_free)) OPENSSL_free(x->key_data); - OPENSSL_free(x); + if ((x->key_data != NULL) && (x->key_free)) free(x->key_data); + free(x); } diff --git a/lib/libcrypto/asn1/x_pubkey.c b/lib/libcrypto/asn1/x_pubkey.c index b649e1fcf96..684f40899f4 100644 --- a/lib/libcrypto/asn1/x_pubkey.c +++ b/lib/libcrypto/asn1/x_pubkey.c @@ -357,7 +357,7 @@ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, if (penc) { if (pub->public_key->data) - OPENSSL_free(pub->public_key->data); + free(pub->public_key->data); pub->public_key->data = penc; pub->public_key->length = penclen; /* Set number of unused bits to zero */ diff --git a/lib/libcrypto/asn1/x_x509.c b/lib/libcrypto/asn1/x_x509.c index de3df9eb51c..5734f2b069f 100644 --- a/lib/libcrypto/asn1/x_x509.c +++ b/lib/libcrypto/asn1/x_x509.c @@ -105,7 +105,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, break; case ASN1_OP_D2I_POST: - if (ret->name != NULL) OPENSSL_free(ret->name); + if (ret->name != NULL) free(ret->name); ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0); break; @@ -123,7 +123,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, ASIdentifiers_free(ret->rfc3779_asid); #endif - if (ret->name != NULL) OPENSSL_free(ret->name); + if (ret->name != NULL) free(ret->name); break; } diff --git a/lib/libcrypto/bio/b_print.c b/lib/libcrypto/bio/b_print.c index 55a5ca1a327..ff0089e82e9 100644 --- a/lib/libcrypto/bio/b_print.c +++ b/lib/libcrypto/bio/b_print.c @@ -706,7 +706,7 @@ doapr_outch(char **sbuffer, char **buffer, size_t *currlen, size_t *maxlen, if (*buffer == NULL) { if (*maxlen == 0) *maxlen = 1024; - *buffer = OPENSSL_malloc(*maxlen); + *buffer = malloc(*maxlen); if (*currlen > 0) { assert(*sbuffer != NULL); memcpy(*buffer, *sbuffer, *currlen); @@ -714,7 +714,7 @@ doapr_outch(char **sbuffer, char **buffer, size_t *currlen, size_t *maxlen, *sbuffer = NULL; } else { *maxlen += 1024; - *buffer = OPENSSL_realloc(*buffer, *maxlen); + *buffer = realloc(*buffer, *maxlen); } } /* What to do if *buffer is NULL? */ @@ -764,7 +764,7 @@ int BIO_vprintf (BIO *bio, const char *format, va_list args) format, args); if (dynbuf) { ret = BIO_write(bio, dynbuf, (int)retlen); - OPENSSL_free(dynbuf); + free(dynbuf); } else { ret = BIO_write(bio, hugebuf, (int)retlen); } diff --git a/lib/libcrypto/bio/b_sock.c b/lib/libcrypto/bio/b_sock.c index b08226d52ba..1ae9d96577c 100644 --- a/lib/libcrypto/bio/b_sock.c +++ b/lib/libcrypto/bio/b_sock.c @@ -490,7 +490,7 @@ again: ret = 1; err: if (str != NULL) - OPENSSL_free(str); + free(str); if ((ret == 0) && (s != -1)) { close(s); s = -1; @@ -591,9 +591,9 @@ BIO_accept(int sock, char **addr) p = *addr; if (p) { *p = '\0'; - p = OPENSSL_realloc(p, nl); + p = realloc(p, nl); } else { - p = OPENSSL_malloc(nl); + p = malloc(nl); } if (p == NULL) { BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE); @@ -609,7 +609,7 @@ BIO_accept(int sock, char **addr) l = ntohl(sa.from.sa_in.sin_addr.s_addr); port = ntohs(sa.from.sa_in.sin_port); if (*addr == NULL) { - if ((p = OPENSSL_malloc(24)) == NULL) { + if ((p = malloc(24)) == NULL) { BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE); goto end; } diff --git a/lib/libcrypto/bio/bf_buff.c b/lib/libcrypto/bio/bf_buff.c index 937a1c58d56..be2ebab1480 100644 --- a/lib/libcrypto/bio/bf_buff.c +++ b/lib/libcrypto/bio/bf_buff.c @@ -95,18 +95,18 @@ buffer_new(BIO *bi) { BIO_F_BUFFER_CTX *ctx; - ctx = (BIO_F_BUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_F_BUFFER_CTX)); + ctx = (BIO_F_BUFFER_CTX *)malloc(sizeof(BIO_F_BUFFER_CTX)); if (ctx == NULL) return (0); - ctx->ibuf = (char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE); + ctx->ibuf = (char *)malloc(DEFAULT_BUFFER_SIZE); if (ctx->ibuf == NULL) { - OPENSSL_free(ctx); + free(ctx); return (0); } - ctx->obuf = (char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE); + ctx->obuf = (char *)malloc(DEFAULT_BUFFER_SIZE); if (ctx->obuf == NULL) { - OPENSSL_free(ctx->ibuf); - OPENSSL_free(ctx); + free(ctx->ibuf); + free(ctx); return (0); } ctx->ibuf_size = DEFAULT_BUFFER_SIZE; @@ -131,10 +131,10 @@ buffer_free(BIO *a) return (0); b = (BIO_F_BUFFER_CTX *)a->ptr; if (b->ibuf != NULL) - OPENSSL_free(b->ibuf); + free(b->ibuf); if (b->obuf != NULL) - OPENSSL_free(b->obuf); - OPENSSL_free(a->ptr); + free(b->obuf); + free(a->ptr); a->ptr = NULL; a->init = 0; a->flags = 0; @@ -339,11 +339,11 @@ buffer_ctrl(BIO *b, int cmd, long num, void *ptr) break; case BIO_C_SET_BUFF_READ_DATA: if (num > ctx->ibuf_size) { - p1 = OPENSSL_malloc((int)num); + p1 = malloc((int)num); if (p1 == NULL) goto malloc_error; if (ctx->ibuf != NULL) - OPENSSL_free(ctx->ibuf); + free(ctx->ibuf); ctx->ibuf = p1; } ctx->ibuf_off = 0; @@ -370,27 +370,27 @@ buffer_ctrl(BIO *b, int cmd, long num, void *ptr) p1 = ctx->ibuf; p2 = ctx->obuf; if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size)) { - p1 = (char *)OPENSSL_malloc((int)num); + p1 = (char *)malloc((int)num); if (p1 == NULL) goto malloc_error; } if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size)) { - p2 = (char *)OPENSSL_malloc((int)num); + p2 = (char *)malloc((int)num); if (p2 == NULL) { if (p1 != ctx->ibuf) - OPENSSL_free(p1); + free(p1); goto malloc_error; } } if (ctx->ibuf != p1) { - OPENSSL_free(ctx->ibuf); + free(ctx->ibuf); ctx->ibuf = p1; ctx->ibuf_off = 0; ctx->ibuf_len = 0; ctx->ibuf_size = ibs; } if (ctx->obuf != p2) { - OPENSSL_free(ctx->obuf); + free(ctx->obuf); ctx->obuf = p2; ctx->obuf_off = 0; ctx->obuf_len = 0; diff --git a/lib/libcrypto/bio/bf_lbuf.c b/lib/libcrypto/bio/bf_lbuf.c index 006ed9d91cd..5020795ded5 100644 --- a/lib/libcrypto/bio/bf_lbuf.c +++ b/lib/libcrypto/bio/bf_lbuf.c @@ -106,12 +106,12 @@ linebuffer_new(BIO *bi) { BIO_LINEBUFFER_CTX *ctx; - ctx = (BIO_LINEBUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_LINEBUFFER_CTX)); + ctx = (BIO_LINEBUFFER_CTX *)malloc(sizeof(BIO_LINEBUFFER_CTX)); if (ctx == NULL) return (0); - ctx->obuf = (char *)OPENSSL_malloc(DEFAULT_LINEBUFFER_SIZE); + ctx->obuf = (char *)malloc(DEFAULT_LINEBUFFER_SIZE); if (ctx->obuf == NULL) { - OPENSSL_free(ctx); + free(ctx); return (0); } ctx->obuf_size = DEFAULT_LINEBUFFER_SIZE; @@ -132,8 +132,8 @@ linebuffer_free(BIO *a) return (0); b = (BIO_LINEBUFFER_CTX *)a->ptr; if (b->obuf != NULL) - OPENSSL_free(b->obuf); - OPENSSL_free(a->ptr); + free(b->obuf); + free(a->ptr); a->ptr = NULL; a->init = 0; a->flags = 0; @@ -299,7 +299,7 @@ linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr) obs = (int)num; p = ctx->obuf; if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size)) { - p = (char *)OPENSSL_malloc((int)num); + p = (char *)malloc((int)num); if (p == NULL) goto malloc_error; } @@ -308,7 +308,7 @@ linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr) ctx->obuf_len = obs; } memcpy(p, ctx->obuf, ctx->obuf_len); - OPENSSL_free(ctx->obuf); + free(ctx->obuf); ctx->obuf = p; ctx->obuf_size = obs; } diff --git a/lib/libcrypto/bio/bf_nbio.c b/lib/libcrypto/bio/bf_nbio.c index d181f518ec2..200ca706ff6 100644 --- a/lib/libcrypto/bio/bf_nbio.c +++ b/lib/libcrypto/bio/bf_nbio.c @@ -104,7 +104,7 @@ nbiof_new(BIO *bi) { NBIO_TEST *nt; - if (!(nt = (NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST)))) + if (!(nt = (NBIO_TEST *)malloc(sizeof(NBIO_TEST)))) return (0); nt->lrn = -1; nt->lwn = -1; @@ -120,7 +120,7 @@ nbiof_free(BIO *a) if (a == NULL) return (0); if (a->ptr != NULL) - OPENSSL_free(a->ptr); + free(a->ptr); a->ptr = NULL; a->init = 0; a->flags = 0; diff --git a/lib/libcrypto/bio/bio_lib.c b/lib/libcrypto/bio/bio_lib.c index 90f1b1c1eff..c226d943afc 100644 --- a/lib/libcrypto/bio/bio_lib.c +++ b/lib/libcrypto/bio/bio_lib.c @@ -68,13 +68,13 @@ BIO { BIO *ret = NULL; - ret = (BIO *)OPENSSL_malloc(sizeof(BIO)); + ret = (BIO *)malloc(sizeof(BIO)); if (ret == NULL) { BIOerr(BIO_F_BIO_NEW, ERR_R_MALLOC_FAILURE); return (NULL); } if (!BIO_set(ret, method)) { - OPENSSL_free(ret); + free(ret); ret = NULL; } return (ret); @@ -136,7 +136,7 @@ BIO_free(BIO *a) if ((a->method == NULL) || (a->method->destroy == NULL)) return (1); a->method->destroy(a); - OPENSSL_free(a); + free(a); return (1); } diff --git a/lib/libcrypto/bio/bss_acpt.c b/lib/libcrypto/bio/bss_acpt.c index d7c151eaaaa..161b5d01f80 100644 --- a/lib/libcrypto/bio/bss_acpt.c +++ b/lib/libcrypto/bio/bss_acpt.c @@ -137,7 +137,7 @@ static BIO_ACCEPT { BIO_ACCEPT *ret; - if ((ret = (BIO_ACCEPT *)OPENSSL_malloc(sizeof(BIO_ACCEPT))) == NULL) + if ((ret = (BIO_ACCEPT *)malloc(sizeof(BIO_ACCEPT))) == NULL) return (NULL); memset(ret, 0, sizeof(BIO_ACCEPT)); @@ -153,12 +153,12 @@ BIO_ACCEPT_free(BIO_ACCEPT *a) return; if (a->param_addr != NULL) - OPENSSL_free(a->param_addr); + free(a->param_addr); if (a->addr != NULL) - OPENSSL_free(a->addr); + free(a->addr); if (a->bio_chain != NULL) BIO_free(a->bio_chain); - OPENSSL_free(a); + free(a); } static void @@ -357,7 +357,7 @@ acpt_ctrl(BIO *b, int cmd, long num, void *ptr) if (num == 0) { b->init = 1; if (data->param_addr != NULL) - OPENSSL_free(data->param_addr); + free(data->param_addr); data->param_addr = BUF_strdup(ptr); } else if (num == 1) { data->accept_nbio = (ptr != NULL); diff --git a/lib/libcrypto/bio/bss_bio.c b/lib/libcrypto/bio/bss_bio.c index a74fcfdabc5..4d93aba0a4b 100644 --- a/lib/libcrypto/bio/bss_bio.c +++ b/lib/libcrypto/bio/bss_bio.c @@ -146,7 +146,7 @@ bio_new(BIO *bio) { struct bio_bio_st *b; - b = OPENSSL_malloc(sizeof *b); + b = malloc(sizeof *b); if (b == NULL) return 0; @@ -173,10 +173,10 @@ bio_free(BIO *bio) bio_destroy_pair(bio); if (b->buf != NULL) { - OPENSSL_free(b->buf); + free(b->buf); } - OPENSSL_free(b); + free(b); return 1; } @@ -516,7 +516,7 @@ bio_ctrl(BIO *bio, int cmd, long num, void *ptr) if (b->size != new_size) { if (b->buf) { - OPENSSL_free(b->buf); + free(b->buf); b->buf = NULL; } b->size = new_size; @@ -701,7 +701,7 @@ bio_make_pair(BIO *bio1, BIO *bio2) } if (b1->buf == NULL) { - b1->buf = OPENSSL_malloc(b1->size); + b1->buf = malloc(b1->size); if (b1->buf == NULL) { BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE); return 0; @@ -711,7 +711,7 @@ bio_make_pair(BIO *bio1, BIO *bio2) } if (b2->buf == NULL) { - b2->buf = OPENSSL_malloc(b2->size); + b2->buf = malloc(b2->size); if (b2->buf == NULL) { BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE); return 0; diff --git a/lib/libcrypto/bio/bss_conn.c b/lib/libcrypto/bio/bss_conn.c index db877b140be..78ce2406480 100644 --- a/lib/libcrypto/bio/bss_conn.c +++ b/lib/libcrypto/bio/bss_conn.c @@ -147,7 +147,7 @@ conn_state(BIO *b, BIO_CONNECT *c) break; } if (c->param_port != NULL) - OPENSSL_free(c->param_port); + free(c->param_port); c->param_port = BUF_strdup(p); } } @@ -293,7 +293,7 @@ BIO_CONNECT { BIO_CONNECT *ret; - if ((ret = (BIO_CONNECT *)OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL) + if ((ret = (BIO_CONNECT *)malloc(sizeof(BIO_CONNECT))) == NULL) return (NULL); ret->state = BIO_CONN_S_BEFORE; ret->param_hostname = NULL; @@ -316,10 +316,10 @@ BIO_CONNECT_free(BIO_CONNECT *a) return; if (a->param_hostname != NULL) - OPENSSL_free(a->param_hostname); + free(a->param_hostname); if (a->param_port != NULL) - OPENSSL_free(a->param_port); - OPENSSL_free(a); + free(a->param_port); + free(a); } BIO_METHOD @@ -470,11 +470,11 @@ conn_ctrl(BIO *b, int cmd, long num, void *ptr) b->init = 1; if (num == 0) { if (data->param_hostname != NULL) - OPENSSL_free(data->param_hostname); + free(data->param_hostname); data->param_hostname = BUF_strdup(ptr); } else if (num == 1) { if (data->param_port != NULL) - OPENSSL_free(data->param_port); + free(data->param_port); data->param_port = BUF_strdup(ptr); } else if (num == 2) { char buf[16]; @@ -483,7 +483,7 @@ conn_ctrl(BIO *b, int cmd, long num, void *ptr) (void) snprintf(buf, sizeof buf, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); if (data->param_hostname != NULL) - OPENSSL_free(data->param_hostname); + free(data->param_hostname); data->param_hostname = BUF_strdup(buf); memcpy(&(data->ip[0]), ptr, 4); } else if (num == 3) { @@ -492,7 +492,7 @@ conn_ctrl(BIO *b, int cmd, long num, void *ptr) (void) snprintf(buf, sizeof buf, "%d", *(int *)ptr); if (data->param_port != NULL) - OPENSSL_free(data->param_port); + free(data->param_port); data->param_port = BUF_strdup(buf); data->port= *(int *)ptr; } diff --git a/lib/libcrypto/bio/bss_dgram.c b/lib/libcrypto/bio/bss_dgram.c index 478c7653998..e0445fc97e5 100644 --- a/lib/libcrypto/bio/bss_dgram.c +++ b/lib/libcrypto/bio/bss_dgram.c @@ -212,7 +212,7 @@ dgram_new(BIO *bi) bi->init = 0; bi->num = 0; - data = OPENSSL_malloc(sizeof(bio_dgram_data)); + data = malloc(sizeof(bio_dgram_data)); if (data == NULL) return 0; memset(data, 0x00, sizeof(bio_dgram_data)); @@ -234,7 +234,7 @@ dgram_free(BIO *a) data = (bio_dgram_data *)a->ptr; if (data != NULL) - OPENSSL_free(data); + free(data); return (1); } @@ -805,7 +805,7 @@ BIO * SCTP-AUTH has to be activated for the listening socket * already, otherwise the connected socket won't use it. */ sockopt_len = (socklen_t)(sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t)); - authchunks = OPENSSL_malloc(sockopt_len); + authchunks = malloc(sockopt_len); memset(authchunks, 0, sizeof(sockopt_len)); ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, &sockopt_len); OPENSSL_assert(ret >= 0); @@ -819,7 +819,7 @@ BIO auth_forward = 1; } - OPENSSL_free(authchunks); + free(authchunks); OPENSSL_assert(auth_data); OPENSSL_assert(auth_forward); @@ -866,7 +866,7 @@ dgram_sctp_new(BIO *bi) bi->init = 0; bi->num = 0; - data = OPENSSL_malloc(sizeof(bio_dgram_sctp_data)); + data = malloc(sizeof(bio_dgram_sctp_data)); if (data == NULL) return 0; memset(data, 0x00, sizeof(bio_dgram_sctp_data)); @@ -891,7 +891,7 @@ dgram_sctp_free(BIO *a) data = (bio_dgram_sctp_data *)a->ptr; if (data != NULL) - OPENSSL_free(data); + free(data); return (1); } @@ -998,7 +998,7 @@ dgram_sctp_read(BIO *b, char *out, int outl) if (data->saved_message.length > 0) { dgram_sctp_write(data->saved_message.bio, data->saved_message.data, data->saved_message.length); - OPENSSL_free(data->saved_message.data); + free(data->saved_message.data); data->saved_message.length = 0; } @@ -1087,7 +1087,7 @@ dgram_sctp_read(BIO *b, char *out, int outl) struct sctp_authchunks *authchunks; optlen = (socklen_t)(sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t)); - authchunks = OPENSSL_malloc(optlen); + authchunks = malloc(optlen); memset(authchunks, 0, sizeof(optlen)); ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS, authchunks, &optlen); OPENSSL_assert(ii >= 0); @@ -1101,7 +1101,7 @@ dgram_sctp_read(BIO *b, char *out, int outl) auth_forward = 1; } - OPENSSL_free(authchunks); + free(authchunks); if (!auth_data || !auth_forward) { BIOerr(BIO_F_DGRAM_SCTP_READ, BIO_R_CONNECT_ERROR); @@ -1154,7 +1154,7 @@ dgram_sctp_write(BIO *b, const char *in, int inl) if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b)) { data->saved_message.bio = b; data->saved_message.length = inl; - data->saved_message.data = OPENSSL_malloc(inl); + data->saved_message.data = malloc(inl); memcpy(data->saved_message.data, in, inl); return inl; } @@ -1282,7 +1282,7 @@ dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr) /* Add new key */ sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t); - authkey = OPENSSL_malloc(sockopt_len); + authkey = malloc(sockopt_len); memset(authkey, 0x00, sockopt_len); authkey->sca_keynumber = authkeyid.scact_keynumber + 1; #ifndef __FreeBSD__ diff --git a/lib/libcrypto/bio/bss_log.c b/lib/libcrypto/bio/bss_log.c index 2d38837f9ef..cde3c858f14 100644 --- a/lib/libcrypto/bio/bss_log.c +++ b/lib/libcrypto/bio/bss_log.c @@ -157,7 +157,7 @@ slg_write(BIO *b, const char *in, int inl) { 0, "", LOG_ERR } /* The default */ }; - if ((buf = (char *)OPENSSL_malloc(inl + 1)) == NULL) { + if ((buf = (char *)malloc(inl + 1)) == NULL) { return (0); } strlcpy(buf, in, inl + 1); @@ -169,7 +169,7 @@ slg_write(BIO *b, const char *in, int inl) xsyslog(b, priority, pp); - OPENSSL_free(buf); + free(buf); return (ret); } diff --git a/lib/libcrypto/bn/bn_blind.c b/lib/libcrypto/bn/bn_blind.c index 9ed8bc2b40b..264531013ef 100644 --- a/lib/libcrypto/bn/bn_blind.c +++ b/lib/libcrypto/bn/bn_blind.c @@ -140,7 +140,7 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) bn_check_top(mod); - if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) + if ((ret=(BN_BLINDING *)malloc(sizeof(BN_BLINDING))) == NULL) { BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE); return(NULL); @@ -180,7 +180,7 @@ void BN_BLINDING_free(BN_BLINDING *r) if (r->Ai != NULL) BN_free(r->Ai); if (r->e != NULL) BN_free(r->e ); if (r->mod != NULL) BN_free(r->mod); - OPENSSL_free(r); + free(r); } int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) diff --git a/lib/libcrypto/bn/bn_ctx.c b/lib/libcrypto/bn/bn_ctx.c index 3f2256f6757..ef67f4781cc 100644 --- a/lib/libcrypto/bn/bn_ctx.c +++ b/lib/libcrypto/bn/bn_ctx.c @@ -213,7 +213,7 @@ void BN_CTX_init(BN_CTX *ctx) BN_CTX *BN_CTX_new(void) { - BN_CTX *ret = OPENSSL_malloc(sizeof(BN_CTX)); + BN_CTX *ret = malloc(sizeof(BN_CTX)); if(!ret) { BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE); @@ -249,7 +249,7 @@ void BN_CTX_free(BN_CTX *ctx) #endif BN_STACK_finish(&ctx->stack); BN_POOL_finish(&ctx->pool); - OPENSSL_free(ctx); + free(ctx); } void BN_CTX_start(BN_CTX *ctx) @@ -317,7 +317,7 @@ static void BN_STACK_init(BN_STACK *st) static void BN_STACK_finish(BN_STACK *st) { - if(st->size) OPENSSL_free(st->indexes); + if(st->size) free(st->indexes); } #ifndef OPENSSL_NO_DEPRECATED @@ -334,13 +334,13 @@ static int BN_STACK_push(BN_STACK *st, unsigned int idx) { unsigned int newsize = (st->size ? (st->size * 3 / 2) : BN_CTX_START_FRAMES); - unsigned int *newitems = OPENSSL_malloc(newsize * + unsigned int *newitems = malloc(newsize * sizeof(unsigned int)); if(!newitems) return 0; if(st->depth) memcpy(newitems, st->indexes, st->depth * sizeof(unsigned int)); - if(st->size) OPENSSL_free(st->indexes); + if(st->size) free(st->indexes); st->indexes = newitems; st->size = newsize; } @@ -375,7 +375,7 @@ static void BN_POOL_finish(BN_POOL *p) bn++; } p->current = p->head->next; - OPENSSL_free(p->head); + free(p->head); p->head = p->current; } } @@ -406,7 +406,7 @@ static BIGNUM *BN_POOL_get(BN_POOL *p) { BIGNUM *bn; unsigned int loop = 0; - BN_POOL_ITEM *item = OPENSSL_malloc(sizeof(BN_POOL_ITEM)); + BN_POOL_ITEM *item = malloc(sizeof(BN_POOL_ITEM)); if(!item) return NULL; /* Initialise the structure */ bn = item->vals; diff --git a/lib/libcrypto/bn/bn_exp.c b/lib/libcrypto/bn/bn_exp.c index 2abf6fd6787..2047e1cc3f0 100644 --- a/lib/libcrypto/bn/bn_exp.c +++ b/lib/libcrypto/bn/bn_exp.c @@ -636,7 +636,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, powerbufFree = alloca(powerbufLen+MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH); else #endif - if ((powerbufFree=(unsigned char*)OPENSSL_malloc(powerbufLen+MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH)) == NULL) + if ((powerbufFree=(unsigned char*)malloc(powerbufLen+MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH)) == NULL) goto err; powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree); @@ -823,7 +823,7 @@ err: if (powerbuf!=NULL) { OPENSSL_cleanse(powerbuf,powerbufLen); - if (powerbufFree) OPENSSL_free(powerbufFree); + if (powerbufFree) free(powerbufFree); } BN_CTX_end(ctx); return(ret); diff --git a/lib/libcrypto/bn/bn_gf2m.c b/lib/libcrypto/bn/bn_gf2m.c index 8a4dc20ad98..68a5faa52da 100644 --- a/lib/libcrypto/bn/bn_gf2m.c +++ b/lib/libcrypto/bn/bn_gf2m.c @@ -444,7 +444,7 @@ int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p bn_check_top(a); bn_check_top(b); bn_check_top(p); - if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err; + if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -454,7 +454,7 @@ int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p ret = BN_GF2m_mod_mul_arr(r, a, b, arr, ctx); bn_check_top(r); err: - if (arr) OPENSSL_free(arr); + if (arr) free(arr); return ret; } @@ -500,7 +500,7 @@ int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) bn_check_top(a); bn_check_top(p); - if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err; + if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -510,7 +510,7 @@ int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) ret = BN_GF2m_mod_sqr_arr(r, a, arr, ctx); bn_check_top(r); err: - if (arr) OPENSSL_free(arr); + if (arr) free(arr); return ret; } @@ -861,7 +861,7 @@ int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p bn_check_top(a); bn_check_top(b); bn_check_top(p); - if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err; + if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -871,7 +871,7 @@ int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p ret = BN_GF2m_mod_exp_arr(r, a, b, arr, ctx); bn_check_top(r); err: - if (arr) OPENSSL_free(arr); + if (arr) free(arr); return ret; } @@ -919,7 +919,7 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) int *arr=NULL; bn_check_top(a); bn_check_top(p); - if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL) goto err; + if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) { @@ -929,7 +929,7 @@ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) ret = BN_GF2m_mod_sqrt_arr(r, a, arr, ctx); bn_check_top(r); err: - if (arr) OPENSSL_free(arr); + if (arr) free(arr); return ret; } @@ -1037,7 +1037,7 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX * int *arr=NULL; bn_check_top(a); bn_check_top(p); - if ((arr = (int *)OPENSSL_malloc(sizeof(int) * + if ((arr = (int *)malloc(sizeof(int) * max)) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); if (!ret || ret > max) @@ -1048,7 +1048,7 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX * ret = BN_GF2m_mod_solve_quad_arr(r, a, arr, ctx); bn_check_top(r); err: - if (arr) OPENSSL_free(arr); + if (arr) free(arr); return ret; } diff --git a/lib/libcrypto/bn/bn_lib.c b/lib/libcrypto/bn/bn_lib.c index 5461e6ee7db..b491c785d40 100644 --- a/lib/libcrypto/bn/bn_lib.c +++ b/lib/libcrypto/bn/bn_lib.c @@ -245,12 +245,12 @@ void BN_clear_free(BIGNUM *a) { OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0])); if (!(BN_get_flags(a,BN_FLG_STATIC_DATA))) - OPENSSL_free(a->d); + free(a->d); } i=BN_get_flags(a,BN_FLG_MALLOCED); OPENSSL_cleanse(a,sizeof(BIGNUM)); if (i) - OPENSSL_free(a); + free(a); } void BN_free(BIGNUM *a) @@ -258,9 +258,9 @@ void BN_free(BIGNUM *a) if (a == NULL) return; bn_check_top(a); if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA))) - OPENSSL_free(a->d); + free(a->d); if (a->flags & BN_FLG_MALLOCED) - OPENSSL_free(a); + free(a); else { #ifndef OPENSSL_NO_DEPRECATED @@ -280,7 +280,7 @@ BIGNUM *BN_new(void) { BIGNUM *ret; - if ((ret=(BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL) + if ((ret=(BIGNUM *)malloc(sizeof(BIGNUM))) == NULL) { BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE); return(NULL); @@ -314,7 +314,7 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) BNerr(BN_F_BN_EXPAND_INTERNAL,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); return(NULL); } - a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*words); + a=A=(BN_ULONG *)malloc(sizeof(BN_ULONG)*words); if (A == NULL) { BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); @@ -401,7 +401,7 @@ BIGNUM *bn_dup_expand(const BIGNUM *b, int words) else { /* r == NULL, BN_new failure */ - OPENSSL_free(a); + free(a); } } /* If a == NULL, there was an error in allocation in @@ -431,7 +431,7 @@ BIGNUM *bn_expand2(BIGNUM *b, int words) { BN_ULONG *a = bn_expand_internal(b, words); if(!a) return NULL; - if(b->d) OPENSSL_free(b->d); + if(b->d) free(b->d); b->d=a; b->dmax=words; } diff --git a/lib/libcrypto/bn/bn_mont.c b/lib/libcrypto/bn/bn_mont.c index a6713ae5b17..133c597c333 100644 --- a/lib/libcrypto/bn/bn_mont.c +++ b/lib/libcrypto/bn/bn_mont.c @@ -322,7 +322,7 @@ BN_MONT_CTX *BN_MONT_CTX_new(void) { BN_MONT_CTX *ret; - if ((ret=(BN_MONT_CTX *)OPENSSL_malloc(sizeof(BN_MONT_CTX))) == NULL) + if ((ret=(BN_MONT_CTX *)malloc(sizeof(BN_MONT_CTX))) == NULL) return(NULL); BN_MONT_CTX_init(ret); @@ -349,7 +349,7 @@ void BN_MONT_CTX_free(BN_MONT_CTX *mont) BN_free(&(mont->N)); BN_free(&(mont->Ni)); if (mont->flags & BN_FLG_MALLOCED) - OPENSSL_free(mont); + free(mont); } int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) diff --git a/lib/libcrypto/bn/bn_print.c b/lib/libcrypto/bn/bn_print.c index c7c407e4943..e2cab2497f6 100644 --- a/lib/libcrypto/bn/bn_print.c +++ b/lib/libcrypto/bn/bn_print.c @@ -64,14 +64,14 @@ static const char Hex[]="0123456789ABCDEF"; -/* Must 'OPENSSL_free' the returned data */ +/* Must 'free' the returned data */ char *BN_bn2hex(const BIGNUM *a) { int i,j,v,z=0; char *buf; char *p; - buf=(char *)OPENSSL_malloc(a->top*BN_BYTES*2+2); + buf=(char *)malloc(a->top*BN_BYTES*2+2); if (buf == NULL) { BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE); @@ -99,7 +99,7 @@ err: return(buf); } -/* Must 'OPENSSL_free' the returned data */ +/* Must 'free' the returned data */ char *BN_bn2dec(const BIGNUM *a) { int i=0,num, ok = 0; @@ -115,8 +115,8 @@ char *BN_bn2dec(const BIGNUM *a) */ i=BN_num_bits(a)*3; num=(i/10+i/1000+1)+1; - bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); - buf=(char *)OPENSSL_malloc(num+3); + bn_data=(BN_ULONG *)malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); + buf=(char *)malloc(num+3); if ((buf == NULL) || (bn_data == NULL)) { BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE); @@ -158,11 +158,11 @@ char *BN_bn2dec(const BIGNUM *a) } ok = 1; err: - if (bn_data != NULL) OPENSSL_free(bn_data); + if (bn_data != NULL) free(bn_data); if (t != NULL) BN_free(t); if (!ok && buf) { - OPENSSL_free(buf); + free(buf); buf = NULL; } diff --git a/lib/libcrypto/bn/bn_rand.c b/lib/libcrypto/bn/bn_rand.c index 5cbb1f33c1e..baa62d584ca 100644 --- a/lib/libcrypto/bn/bn_rand.c +++ b/lib/libcrypto/bn/bn_rand.c @@ -130,7 +130,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) bit=(bits-1)%8; mask=0xff<<(bit+1); - buf=(unsigned char *)OPENSSL_malloc(bytes); + buf=(unsigned char *)malloc(bytes); if (buf == NULL) { BNerr(BN_F_BNRAND,ERR_R_MALLOC_FAILURE); @@ -199,7 +199,7 @@ err: if (buf != NULL) { OPENSSL_cleanse(buf,bytes); - OPENSSL_free(buf); + free(buf); } bn_check_top(rnd); return(ret); diff --git a/lib/libcrypto/bn/bn_recp.c b/lib/libcrypto/bn/bn_recp.c index 2e8efb8dae2..0f808fca648 100644 --- a/lib/libcrypto/bn/bn_recp.c +++ b/lib/libcrypto/bn/bn_recp.c @@ -72,7 +72,7 @@ BN_RECP_CTX *BN_RECP_CTX_new(void) { BN_RECP_CTX *ret; - if ((ret=(BN_RECP_CTX *)OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL) + if ((ret=(BN_RECP_CTX *)malloc(sizeof(BN_RECP_CTX))) == NULL) return(NULL); BN_RECP_CTX_init(ret); @@ -88,7 +88,7 @@ void BN_RECP_CTX_free(BN_RECP_CTX *recp) BN_free(&(recp->N)); BN_free(&(recp->Nr)); if (recp->flags & BN_FLG_MALLOCED) - OPENSSL_free(recp); + free(recp); } int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx) diff --git a/lib/libcrypto/buffer/buf_str.c b/lib/libcrypto/buffer/buf_str.c index 151f5ea971a..ab5535f476f 100644 --- a/lib/libcrypto/buffer/buf_str.c +++ b/lib/libcrypto/buffer/buf_str.c @@ -72,7 +72,7 @@ char *BUF_strndup(const char *str, size_t siz) if (str == NULL) return(NULL); - ret=OPENSSL_malloc(siz+1); + ret=malloc(siz+1); if (ret == NULL) { BUFerr(BUF_F_BUF_STRNDUP,ERR_R_MALLOC_FAILURE); @@ -88,7 +88,7 @@ void *BUF_memdup(const void *data, size_t siz) if (data == NULL) return(NULL); - ret=OPENSSL_malloc(siz); + ret=malloc(siz); if (ret == NULL) { BUFerr(BUF_F_BUF_MEMDUP,ERR_R_MALLOC_FAILURE); diff --git a/lib/libcrypto/buffer/buffer.c b/lib/libcrypto/buffer/buffer.c index d4a4ce43b3f..b52c59f8a31 100644 --- a/lib/libcrypto/buffer/buffer.c +++ b/lib/libcrypto/buffer/buffer.c @@ -69,7 +69,7 @@ BUF_MEM *BUF_MEM_new(void) { BUF_MEM *ret; - ret=OPENSSL_malloc(sizeof(BUF_MEM)); + ret=malloc(sizeof(BUF_MEM)); if (ret == NULL) { BUFerr(BUF_F_BUF_MEM_NEW,ERR_R_MALLOC_FAILURE); @@ -89,9 +89,9 @@ void BUF_MEM_free(BUF_MEM *a) if (a->data != NULL) { memset(a->data,0,(unsigned int)a->max); - OPENSSL_free(a->data); + free(a->data); } - OPENSSL_free(a); + free(a); } int BUF_MEM_grow(BUF_MEM *str, size_t len) @@ -118,9 +118,9 @@ int BUF_MEM_grow(BUF_MEM *str, size_t len) } n=(len+3)/3*4; if (str->data == NULL) - ret=OPENSSL_malloc(n); + ret=malloc(n); else - ret=OPENSSL_realloc(str->data,n); + ret=realloc(str->data,n); if (ret == NULL) { BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE); @@ -161,7 +161,7 @@ int BUF_MEM_grow_clean(BUF_MEM *str, size_t len) } n=(len+3)/3*4; if (str->data == NULL) - ret=OPENSSL_malloc(n); + ret=malloc(n); else ret=OPENSSL_realloc_clean(str->data,str->max,n); if (ret == NULL) diff --git a/lib/libcrypto/cmac/cm_pmeth.c b/lib/libcrypto/cmac/cm_pmeth.c index 072228ec7fa..00aa4d64d2b 100644 --- a/lib/libcrypto/cmac/cm_pmeth.c +++ b/lib/libcrypto/cmac/cm_pmeth.c @@ -182,7 +182,7 @@ static int pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, if (!key) return 0; r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); - OPENSSL_free(key); + free(key); return r; } return -2; diff --git a/lib/libcrypto/cmac/cmac.c b/lib/libcrypto/cmac/cmac.c index f92a7bb1437..81188c8f5a1 100644 --- a/lib/libcrypto/cmac/cmac.c +++ b/lib/libcrypto/cmac/cmac.c @@ -93,7 +93,7 @@ static void make_kn(unsigned char *k1, unsigned char *l, int bl) CMAC_CTX *CMAC_CTX_new(void) { CMAC_CTX *ctx; - ctx = OPENSSL_malloc(sizeof(CMAC_CTX)); + ctx = malloc(sizeof(CMAC_CTX)); if (!ctx) return NULL; EVP_CIPHER_CTX_init(&ctx->cctx); @@ -119,7 +119,7 @@ EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx) void CMAC_CTX_free(CMAC_CTX *ctx) { CMAC_CTX_cleanup(ctx); - OPENSSL_free(ctx); + free(ctx); } int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in) diff --git a/lib/libcrypto/cms/cms_asn1.c b/lib/libcrypto/cms/cms_asn1.c index 76649218618..bd7466cc1d3 100644 --- a/lib/libcrypto/cms/cms_asn1.c +++ b/lib/libcrypto/cms/cms_asn1.c @@ -87,7 +87,8 @@ ASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) = { } ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo) /* Minor tweak to operation: free up signer key, cert */ -static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { if(operation == ASN1_OP_FREE_POST) { @@ -130,8 +131,8 @@ ASN1_NDEF_SEQUENCE(CMS_SignedData) = { } ASN1_NDEF_SEQUENCE_END(CMS_SignedData) ASN1_SEQUENCE(CMS_OriginatorInfo) = { - ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0), - ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1) + ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0), + ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1) } ASN1_SEQUENCE_END(CMS_OriginatorInfo) ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = { @@ -213,7 +214,8 @@ ASN1_SEQUENCE(CMS_OtherRecipientInfo) = { } ASN1_SEQUENCE_END(CMS_OtherRecipientInfo) /* Free up RecipientInfo additional data */ -static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) { if(operation == ASN1_OP_FREE_PRE) { @@ -232,7 +234,16 @@ static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) if (kekri->key) { OPENSSL_cleanse(kekri->key, kekri->keylen); - OPENSSL_free(kekri->key); + free(kekri->key); + } + } + else if (ri->type == CMS_RECIPINFO_PASS) + { + CMS_PasswordRecipientInfo *pwri = ri->d.pwri; + if (pwri->pass) + { + OPENSSL_cleanse(pwri->pass, pwri->passlen); + free(pwri->pass); } } } @@ -300,10 +311,42 @@ ASN1_ADB(CMS_ContentInfo) = { ADB_ENTRY(NID_id_smime_ct_compressedData, ASN1_NDEF_EXP(CMS_ContentInfo, d.compressedData, CMS_CompressedData, 0)), } ASN1_ADB_END(CMS_ContentInfo, 0, contentType, 0, &cms_default_tt, NULL); -ASN1_NDEF_SEQUENCE(CMS_ContentInfo) = { +/* CMS streaming support */ +static int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, + void *exarg) + { + ASN1_STREAM_ARG *sarg = exarg; + CMS_ContentInfo *cms = NULL; + if (pval) + cms = (CMS_ContentInfo *)*pval; + else + return 1; + switch(operation) + { + + case ASN1_OP_STREAM_PRE: + if (CMS_stream(&sarg->boundary, cms) <= 0) + return 0; + case ASN1_OP_DETACHED_PRE: + sarg->ndef_bio = CMS_dataInit(cms, sarg->out); + if (!sarg->ndef_bio) + return 0; + break; + + case ASN1_OP_STREAM_POST: + case ASN1_OP_DETACHED_POST: + if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0) + return 0; + break; + + } + return 1; + } + +ASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = { ASN1_SIMPLE(CMS_ContentInfo, contentType, ASN1_OBJECT), ASN1_ADB_OBJECT(CMS_ContentInfo) -} ASN1_NDEF_SEQUENCE_END(CMS_ContentInfo) +} ASN1_NDEF_SEQUENCE_END_cb(CMS_ContentInfo, CMS_ContentInfo) /* Specials for signed attributes */ diff --git a/lib/libcrypto/cms/cms_enc.c b/lib/libcrypto/cms/cms_enc.c index bab26235bdc..612fce6dde8 100644 --- a/lib/libcrypto/cms/cms_enc.c +++ b/lib/libcrypto/cms/cms_enc.c @@ -73,6 +73,8 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) const EVP_CIPHER *ciph; X509_ALGOR *calg = ec->contentEncryptionAlgorithm; unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL; + unsigned char *tkey = NULL; + size_t tkeylen = 0; int ok = 0; @@ -137,32 +139,57 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR); goto err; } - - - if (enc && !ec->key) + tkeylen = EVP_CIPHER_CTX_key_length(ctx); + /* Generate random session key */ + if (!enc || !ec->key) { - /* Generate random key */ - if (!ec->keylen) - ec->keylen = EVP_CIPHER_CTX_key_length(ctx); - ec->key = OPENSSL_malloc(ec->keylen); - if (!ec->key) + tkey = malloc(tkeylen); + if (!tkey) { CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE); goto err; } - if (EVP_CIPHER_CTX_rand_key(ctx, ec->key) <= 0) + if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0) goto err; - keep_key = 1; } - else if (ec->keylen != (unsigned int)EVP_CIPHER_CTX_key_length(ctx)) + + if (!ec->key) + { + ec->key = tkey; + ec->keylen = tkeylen; + tkey = NULL; + if (enc) + keep_key = 1; + else + ERR_clear_error(); + + } + + if (ec->keylen != tkeylen) { /* If necessary set key length */ if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) { - CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, - CMS_R_INVALID_KEY_LENGTH); - goto err; + /* Only reveal failure if debugging so we don't + * leak information which may be useful in MMA. + */ + if (enc || ec->debug) + { + CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, + CMS_R_INVALID_KEY_LENGTH); + goto err; + } + else + { + /* Use random key */ + OPENSSL_cleanse(ec->key, ec->keylen); + free(ec->key); + ec->key = tkey; + ec->keylen = tkeylen; + tkey = NULL; + ERR_clear_error(); + } } } @@ -195,9 +222,14 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec) if (ec->key && !keep_key) { OPENSSL_cleanse(ec->key, ec->keylen); - OPENSSL_free(ec->key); + free(ec->key); ec->key = NULL; } + if (tkey) + { + OPENSSL_cleanse(tkey, tkeylen); + free(tkey); + } if (ok) return b; BIO_free(b); @@ -211,7 +243,7 @@ int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, ec->cipher = cipher; if (key) { - ec->key = OPENSSL_malloc(keylen); + ec->key = malloc(keylen); if (!ec->key) return 0; memcpy(ec->key, key, keylen); diff --git a/lib/libcrypto/cms/cms_env.c b/lib/libcrypto/cms/cms_env.c index d499ae85b40..78fa2aa7b73 100644 --- a/lib/libcrypto/cms/cms_env.c +++ b/lib/libcrypto/cms/cms_env.c @@ -60,18 +60,18 @@ #include <openssl/rand.h> #include <openssl/aes.h> #include "cms_lcl.h" +#include "asn1_locl.h" /* CMS EnvelopedData Utilities */ DECLARE_ASN1_ITEM(CMS_EnvelopedData) -DECLARE_ASN1_ITEM(CMS_RecipientInfo) DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo) DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo) DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute) DECLARE_STACK_OF(CMS_RecipientInfo) -static CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms) +CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms) { if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) { @@ -151,7 +151,7 @@ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, CMS_KeyTransRecipientInfo *ktri; CMS_EnvelopedData *env; EVP_PKEY *pk = NULL; - int type; + int i, type; env = cms_get0_enveloped(cms); if (!env) goto err; @@ -200,21 +200,22 @@ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, if (!cms_set1_SignerIdentifier(ktri->rid, recip, type)) goto err; - /* Since we have no EVP_PKEY_ASN1_METHOD in OpenSSL 0.9.8, - * hard code algorithm parameters. - */ - - if (pk->type == EVP_PKEY_RSA) - { - X509_ALGOR_set0(ktri->keyEncryptionAlgorithm, - OBJ_nid2obj(NID_rsaEncryption), - V_ASN1_NULL, 0); - } - else + if (pk->ameth && pk->ameth->pkey_ctrl) { - CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, + i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_ENVELOPE, + 0, ri); + if (i == -2) + { + CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); - goto err; + goto err; + } + if (i <= 0) + { + CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, + CMS_R_CTRL_FAILURE); + goto err; + } } if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri)) @@ -301,8 +302,9 @@ static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, { CMS_KeyTransRecipientInfo *ktri; CMS_EncryptedContentInfo *ec; + EVP_PKEY_CTX *pctx = NULL; unsigned char *ek = NULL; - int eklen; + size_t eklen; int ret = 0; @@ -315,9 +317,24 @@ static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, ktri = ri->d.ktri; ec = cms->d.envelopedData->encryptedContentInfo; - eklen = EVP_PKEY_size(ktri->pkey); + pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL); + if (!pctx) + return 0; + + if (EVP_PKEY_encrypt_init(pctx) <= 0) + goto err; + + if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT, + EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0) + { + CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_CTRL_ERROR); + goto err; + } + + if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0) + goto err; - ek = OPENSSL_malloc(eklen); + ek = malloc(eklen); if (ek == NULL) { @@ -326,9 +343,7 @@ static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, goto err; } - eklen = EVP_PKEY_encrypt(ek, ec->key, ec->keylen, ktri->pkey); - - if (eklen <= 0) + if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0) goto err; ASN1_STRING_set0(ktri->encryptedKey, ek, eklen); @@ -337,8 +352,10 @@ static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, ret = 1; err: + if (pctx) + EVP_PKEY_CTX_free(pctx); if (ek) - OPENSSL_free(ek); + free(ek); return ret; } @@ -349,9 +366,12 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) { CMS_KeyTransRecipientInfo *ktri = ri->d.ktri; + EVP_PKEY_CTX *pctx = NULL; unsigned char *ek = NULL; - int eklen; + size_t eklen; int ret = 0; + CMS_EncryptedContentInfo *ec; + ec = cms->d.envelopedData->encryptedContentInfo; if (ktri->pkey == NULL) { @@ -360,9 +380,26 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, return 0; } - eklen = EVP_PKEY_size(ktri->pkey); + pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL); + if (!pctx) + return 0; - ek = OPENSSL_malloc(eklen); + if (EVP_PKEY_decrypt_init(pctx) <= 0) + goto err; + + if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT, + EVP_PKEY_CTRL_CMS_DECRYPT, 0, ri) <= 0) + { + CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CTRL_ERROR); + goto err; + } + + if (EVP_PKEY_decrypt(pctx, NULL, &eklen, + ktri->encryptedKey->data, + ktri->encryptedKey->length) <= 0) + goto err; + + ek = malloc(eklen); if (ek == NULL) { @@ -371,10 +408,9 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, goto err; } - eklen = EVP_PKEY_decrypt(ek, + if (EVP_PKEY_decrypt(pctx, ek, &eklen, ktri->encryptedKey->data, - ktri->encryptedKey->length, ktri->pkey); - if (eklen <= 0) + ktri->encryptedKey->length) <= 0) { CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CMS_LIB); goto err; @@ -382,12 +418,20 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, ret = 1; - cms->d.envelopedData->encryptedContentInfo->key = ek; - cms->d.envelopedData->encryptedContentInfo->keylen = eklen; + if (ec->key) + { + OPENSSL_cleanse(ec->key, ec->keylen); + free(ec->key); + } + + ec->key = ek; + ec->keylen = eklen; err: + if (pctx) + EVP_PKEY_CTX_free(pctx); if (!ret && ek) - OPENSSL_free(ek); + free(ek); return ret; } @@ -627,7 +671,7 @@ static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms, goto err; } - wkey = OPENSSL_malloc(ec->keylen + 8); + wkey = malloc(ec->keylen + 8); if (!wkey) { @@ -651,7 +695,7 @@ static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms, err: if (!r && wkey) - OPENSSL_free(wkey); + free(wkey); OPENSSL_cleanse(&actx, sizeof(actx)); return r; @@ -704,7 +748,7 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, goto err; } - ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8); + ukey = malloc(kekri->encryptedKey->length - 8); if (!ukey) { @@ -732,7 +776,7 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, err: if (!r && ukey) - OPENSSL_free(ukey); + free(ukey); OPENSSL_cleanse(&actx, sizeof(actx)); return r; @@ -749,6 +793,9 @@ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri) case CMS_RECIPINFO_KEK: return cms_RecipientInfo_kekri_decrypt(cms, ri); + case CMS_RECIPINFO_PASS: + return cms_RecipientInfo_pwri_crypt(cms, ri, 0); + default: CMSerr(CMS_F_CMS_RECIPIENTINFO_DECRYPT, CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE); @@ -792,6 +839,10 @@ BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms) r = cms_RecipientInfo_kekri_encrypt(cms, ri); break; + case CMS_RECIPINFO_PASS: + r = cms_RecipientInfo_pwri_crypt(cms, ri, 1); + break; + default: CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO, CMS_R_UNSUPPORTED_RECIPIENT_TYPE); @@ -813,7 +864,7 @@ BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms) if (ec->key) { OPENSSL_cleanse(ec->key, ec->keylen); - OPENSSL_free(ec->key); + free(ec->key); ec->key = NULL; ec->keylen = 0; } diff --git a/lib/libcrypto/cms/cms_ess.c b/lib/libcrypto/cms/cms_ess.c index ed34ff32282..99a4da63562 100644 --- a/lib/libcrypto/cms/cms_ess.c +++ b/lib/libcrypto/cms/cms_ess.c @@ -63,7 +63,7 @@ DECLARE_ASN1_ITEM(CMS_ReceiptRequest) DECLARE_ASN1_ITEM(CMS_Receipt) -IMPLEMENT_ASN1_FUNCTIONS_const(CMS_ReceiptRequest) +IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest) /* ESS services: for now just Signed Receipt related */ @@ -157,7 +157,7 @@ int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr) CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE); if (rrder) - OPENSSL_free(rrder); + free(rrder); return r; @@ -344,7 +344,7 @@ int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms) /* Get original receipt request details */ - if (!CMS_get1_ReceiptRequest(osi, &rr)) + if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) { CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST); goto err; @@ -385,7 +385,7 @@ ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si) /* Get original receipt request details */ - if (!CMS_get1_ReceiptRequest(si, &rr)) + if (CMS_get1_ReceiptRequest(si, &rr) <= 0) { CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST); goto err; diff --git a/lib/libcrypto/cms/cms_pwri.c b/lib/libcrypto/cms/cms_pwri.c index b79612a12df..36a5db04b83 100644 --- a/lib/libcrypto/cms/cms_pwri.c +++ b/lib/libcrypto/cms/cms_pwri.c @@ -237,7 +237,7 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, /* Invalid size */ return 0; } - tmp = OPENSSL_malloc(inlen); + tmp = malloc(inlen); /* setup IV by decrypting last two blocks */ EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl, in + inlen - 2 * blocklen, blocklen * 2); @@ -270,7 +270,7 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, rv = 1; err: OPENSSL_cleanse(tmp, inlen); - OPENSSL_free(tmp); + free(tmp); return rv; } @@ -405,7 +405,7 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, &kekctx)) goto err; - key = OPENSSL_malloc(keylen); + key = malloc(keylen); if (!key) goto err; @@ -417,7 +417,7 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, } else { - key = OPENSSL_malloc(pwri->encryptedKey->length); + key = malloc(pwri->encryptedKey->length); if (!key) { @@ -446,7 +446,7 @@ int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, EVP_CIPHER_CTX_cleanup(&kekctx); if (!r && key) - OPENSSL_free(key); + free(key); X509_ALGOR_free(kekalg); return r; diff --git a/lib/libcrypto/cms/cms_sd.c b/lib/libcrypto/cms/cms_sd.c index 591bfbec33b..d852af596d3 100644 --- a/lib/libcrypto/cms/cms_sd.c +++ b/lib/libcrypto/cms/cms_sd.c @@ -58,6 +58,7 @@ #include <openssl/err.h> #include <openssl/cms.h> #include "cms_lcl.h" +#include "asn1_locl.h" /* CMS SignedData Utilities */ @@ -218,10 +219,9 @@ int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type) if (!X509_NAME_set(&sid->d.issuerAndSerialNumber->issuer, X509_get_issuer_name(cert))) goto merr; - ASN1_STRING_free(sid->d.issuerAndSerialNumber->serialNumber); - sid->d.issuerAndSerialNumber->serialNumber = - ASN1_STRING_dup(X509_get_serialNumber(cert)); - if(!sid->d.issuerAndSerialNumber->serialNumber) + if (!ASN1_STRING_copy( + sid->d.issuerAndSerialNumber->serialNumber, + X509_get_serialNumber(cert))) goto merr; break; @@ -341,16 +341,22 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, if (!cms_set1_SignerIdentifier(si->sid, signer, type)) goto err; - /* Since no EVP_PKEY_METHOD in 0.9.8 hard code SHA1 as default */ if (md == NULL) - md = EVP_sha1(); - - /* OpenSSL 0.9.8 only supports SHA1 with non-RSA keys */ + { + int def_nid; + if (EVP_PKEY_get_default_digest_nid(pk, &def_nid) <= 0) + goto err; + md = EVP_get_digestbynid(def_nid); + if (md == NULL) + { + CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DEFAULT_DIGEST); + goto err; + } + } - if ((pk->type != EVP_PKEY_RSA) && (EVP_MD_type(md) != NID_sha1)) + if (!md) { - CMSerr(CMS_F_CMS_ADD1_SIGNER, - CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); + CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DIGEST_SET); goto err; } @@ -379,37 +385,21 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, } } - /* Since we have no EVP_PKEY_ASN1_METHOD in OpenSSL 0.9.8, - * hard code algorithm parameters. - */ - - switch (pk->type) + if (pk->ameth && pk->ameth->pkey_ctrl) { - - case EVP_PKEY_RSA: - X509_ALGOR_set0(si->signatureAlgorithm, - OBJ_nid2obj(NID_rsaEncryption), - V_ASN1_NULL, 0); - break; - - case EVP_PKEY_DSA: - X509_ALGOR_set0(si->signatureAlgorithm, - OBJ_nid2obj(NID_dsaWithSHA1), - V_ASN1_UNDEF, 0); - break; - - - case EVP_PKEY_EC: - X509_ALGOR_set0(si->signatureAlgorithm, - OBJ_nid2obj(NID_ecdsa_with_SHA1), - V_ASN1_UNDEF, 0); - break; - - default: - CMSerr(CMS_F_CMS_ADD1_SIGNER, + i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_SIGN, + 0, si); + if (i == -2) + { + CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); - goto err; - + goto err; + } + if (i <= 0) + { + CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_CTRL_FAILURE); + goto err; + } } if (!(flags & CMS_NOATTR)) @@ -626,25 +616,6 @@ void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer, *psig = si->signatureAlgorithm; } -/* In OpenSSL 0.9.8 we have the link between digest types and public - * key types so we need to fixup the digest type if the public key - * type is not appropriate. - */ - -static void cms_fixup_mctx(EVP_MD_CTX *mctx, EVP_PKEY *pkey) - { - if (EVP_MD_CTX_type(mctx) != NID_sha1) - return; -#ifndef OPENSSL_NO_DSA - if (pkey->type == EVP_PKEY_DSA) - mctx->digest = EVP_dss1(); -#endif -#ifndef OPENSSL_NO_ECDSA - if (pkey->type == EVP_PKEY_EC) - mctx->digest = EVP_ecdsa(); -#endif - } - static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms, CMS_SignerInfo *si, BIO *chain) { @@ -670,7 +641,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms, cms->d.signedData->encapContentInfo->eContentType; unsigned char md[EVP_MAX_MD_SIZE]; unsigned int mdlen; - EVP_DigestFinal_ex(&mctx, md, &mdlen); + if (!EVP_DigestFinal_ex(&mctx, md, &mdlen)) + goto err; if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest, V_ASN1_OCTET_STRING, md, mdlen)) @@ -686,19 +658,18 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms, { unsigned char *sig; unsigned int siglen; - sig = OPENSSL_malloc(EVP_PKEY_size(si->pkey)); + sig = malloc(EVP_PKEY_size(si->pkey)); if (!sig) { CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE); goto err; } - cms_fixup_mctx(&mctx, si->pkey); if (!EVP_SignFinal(&mctx, sig, &siglen, si->pkey)) { CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR); - OPENSSL_free(sig); + free(sig); goto err; } ASN1_STRING_set0(si->signature, sig, siglen); @@ -731,9 +702,10 @@ int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain) int CMS_SignerInfo_sign(CMS_SignerInfo *si) { EVP_MD_CTX mctx; + EVP_PKEY_CTX *pctx; unsigned char *abuf = NULL; int alen; - unsigned int siglen; + size_t siglen; const EVP_MD *md = NULL; md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm); @@ -748,40 +720,38 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si) goto err; } - if (EVP_SignInit_ex(&mctx, md, NULL) <= 0) + if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0) goto err; -#if 0 if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, EVP_PKEY_CTRL_CMS_SIGN, 0, si) <= 0) { CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR); goto err; } -#endif alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs,&abuf, ASN1_ITEM_rptr(CMS_Attributes_Sign)); if(!abuf) goto err; - if (EVP_SignUpdate(&mctx, abuf, alen) <= 0) + if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0) goto err; - siglen = EVP_PKEY_size(si->pkey); - OPENSSL_free(abuf); - abuf = OPENSSL_malloc(siglen); + if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0) + goto err; + free(abuf); + abuf = malloc(siglen); if(!abuf) goto err; - cms_fixup_mctx(&mctx, si->pkey); - if (EVP_SignFinal(&mctx, abuf, &siglen, si->pkey) <= 0) + if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0) goto err; -#if 0 + if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, EVP_PKEY_CTRL_CMS_SIGN, 1, si) <= 0) { CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR); goto err; } -#endif + EVP_MD_CTX_cleanup(&mctx); ASN1_STRING_set0(si->signature, abuf, siglen); @@ -790,7 +760,7 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si) err: if (abuf) - OPENSSL_free(abuf); + free(abuf); EVP_MD_CTX_cleanup(&mctx); return 0; @@ -799,6 +769,7 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si) int CMS_SignerInfo_verify(CMS_SignerInfo *si) { EVP_MD_CTX mctx; + EVP_PKEY_CTX *pctx; unsigned char *abuf = NULL; int alen, r = -1; const EVP_MD *md = NULL; @@ -813,24 +784,23 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si) if (md == NULL) return -1; EVP_MD_CTX_init(&mctx); - if (EVP_VerifyInit_ex(&mctx, md, NULL) <= 0) + if (EVP_DigestVerifyInit(&mctx, &pctx, md, NULL, si->pkey) <= 0) goto err; alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs,&abuf, ASN1_ITEM_rptr(CMS_Attributes_Verify)); if(!abuf) goto err; - r = EVP_VerifyUpdate(&mctx, abuf, alen); - OPENSSL_free(abuf); + r = EVP_DigestVerifyUpdate(&mctx, abuf, alen); + free(abuf); if (r <= 0) { r = -1; goto err; } - cms_fixup_mctx(&mctx, si->pkey); - r = EVP_VerifyFinal(&mctx, - si->signature->data, si->signature->length, si->pkey); - if (!r) + r = EVP_DigestVerifyFinal(&mctx, + si->signature->data, si->signature->length); + if (r <= 0) CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE); err: EVP_MD_CTX_cleanup(&mctx); @@ -922,7 +892,6 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain) } else { - cms_fixup_mctx(&mctx, si->pkey); r = EVP_VerifyFinal(&mctx, si->signature->data, si->signature->length, si->pkey); if (r <= 0) @@ -948,7 +917,7 @@ int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs) return 0; r = CMS_signed_add1_attr_by_NID(si, NID_SMIMECapabilities, V_ASN1_SEQUENCE, smder, smderlen); - OPENSSL_free(smder); + free(smder); return r; } @@ -991,17 +960,19 @@ static int cms_add_cipher_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg) return CMS_add_simple_smimecap(sk, nid, arg); return 1; } -#if 0 + static int cms_add_digest_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg) { if (EVP_get_digestbynid(nid)) return CMS_add_simple_smimecap(sk, nid, arg); return 1; } -#endif + int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap) { if (!cms_add_cipher_smcap(smcap, NID_aes_256_cbc, -1) + || !cms_add_digest_smcap(smcap, NID_id_GostR3411_94, -1) + || !cms_add_cipher_smcap(smcap, NID_id_Gost28147_89, -1) || !cms_add_cipher_smcap(smcap, NID_aes_192_cbc, -1) || !cms_add_cipher_smcap(smcap, NID_aes_128_cbc, -1) || !cms_add_cipher_smcap(smcap, NID_des_ede3_cbc, -1) diff --git a/lib/libcrypto/comp/c_zlib.c b/lib/libcrypto/comp/c_zlib.c index 8adf35f3fc9..2ced7c10cc3 100644 --- a/lib/libcrypto/comp/c_zlib.c +++ b/lib/libcrypto/comp/c_zlib.c @@ -37,7 +37,7 @@ static void* zlib_zalloc(void* opaque, unsigned int no, unsigned int size) { void *p; - p=OPENSSL_malloc(no*size); + p=malloc(no*size); if (p) memset(p, 0, no*size); return p; @@ -46,7 +46,7 @@ static void* zlib_zalloc(void* opaque, unsigned int no, unsigned int size) static void zlib_zfree(void* opaque, void* address) { - OPENSSL_free(address); + free(address); } #if 0 @@ -140,7 +140,7 @@ static int zlib_stateful_init(COMP_CTX *ctx) { int err; struct zlib_state *state = - (struct zlib_state *)OPENSSL_malloc(sizeof(struct zlib_state)); + (struct zlib_state *)malloc(sizeof(struct zlib_state)); if (state == NULL) goto err; @@ -173,7 +173,7 @@ static int zlib_stateful_init(COMP_CTX *ctx) CRYPTO_set_ex_data(&ctx->ex_data,zlib_stateful_ex_idx,state); return 1; err: - if (state) OPENSSL_free(state); + if (state) free(state); return 0; } @@ -184,7 +184,7 @@ static void zlib_stateful_finish(COMP_CTX *ctx) zlib_stateful_ex_idx); inflateEnd(&state->istream); deflateEnd(&state->ostream); - OPENSSL_free(state); + free(state); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP,ctx,&ctx->ex_data); } @@ -479,7 +479,7 @@ static int bio_zlib_new(BIO *bi) return 0; } #endif - ctx = OPENSSL_malloc(sizeof(BIO_ZLIB_CTX)); + ctx = malloc(sizeof(BIO_ZLIB_CTX)); if(!ctx) { COMPerr(COMP_F_BIO_ZLIB_NEW, ERR_R_MALLOC_FAILURE); @@ -518,15 +518,15 @@ static int bio_zlib_free(BIO *bi) { /* Destroy decompress context */ inflateEnd(&ctx->zin); - OPENSSL_free(ctx->ibuf); + free(ctx->ibuf); } if(ctx->obuf) { /* Destroy compress context */ deflateEnd(&ctx->zout); - OPENSSL_free(ctx->obuf); + free(ctx->obuf); } - OPENSSL_free(ctx); + free(ctx); bi->ptr = NULL; bi->init = 0; bi->flags = 0; @@ -544,7 +544,7 @@ static int bio_zlib_read(BIO *b, char *out, int outl) BIO_clear_retry_flags(b); if(!ctx->ibuf) { - ctx->ibuf = OPENSSL_malloc(ctx->ibufsize); + ctx->ibuf = malloc(ctx->ibufsize); if(!ctx->ibuf) { COMPerr(COMP_F_BIO_ZLIB_READ, ERR_R_MALLOC_FAILURE); @@ -606,7 +606,7 @@ static int bio_zlib_write(BIO *b, const char *in, int inl) BIO_clear_retry_flags(b); if(!ctx->obuf) { - ctx->obuf = OPENSSL_malloc(ctx->obufsize); + ctx->obuf = malloc(ctx->obufsize); /* Need error here */ if(!ctx->obuf) { @@ -754,7 +754,7 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) { if (ctx->ibuf) { - OPENSSL_free(ctx->ibuf); + free(ctx->ibuf); ctx->ibuf = NULL; } ctx->ibufsize = ibs; @@ -764,7 +764,7 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) { if (ctx->obuf) { - OPENSSL_free(ctx->obuf); + free(ctx->obuf); ctx->obuf = NULL; } ctx->obufsize = obs; diff --git a/lib/libcrypto/comp/comp_lib.c b/lib/libcrypto/comp/comp_lib.c index b60ae371e8d..feb07ea8813 100644 --- a/lib/libcrypto/comp/comp_lib.c +++ b/lib/libcrypto/comp/comp_lib.c @@ -8,7 +8,7 @@ COMP_CTX *COMP_CTX_new(COMP_METHOD *meth) { COMP_CTX *ret; - if ((ret=(COMP_CTX *)OPENSSL_malloc(sizeof(COMP_CTX))) == NULL) + if ((ret=(COMP_CTX *)malloc(sizeof(COMP_CTX))) == NULL) { /* ZZZZZZZZZZZZZZZZ */ return(NULL); @@ -17,7 +17,7 @@ COMP_CTX *COMP_CTX_new(COMP_METHOD *meth) ret->meth=meth; if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { - OPENSSL_free(ret); + free(ret); ret=NULL; } return(ret); @@ -31,7 +31,7 @@ void COMP_CTX_free(COMP_CTX *ctx) if (ctx->meth->finish != NULL) ctx->meth->finish(ctx); - OPENSSL_free(ctx); + free(ctx); } int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen, diff --git a/lib/libcrypto/conf/conf_api.c b/lib/libcrypto/conf/conf_api.c index f5fcbb9f6b1..dc6eb579bf6 100644 --- a/lib/libcrypto/conf/conf_api.c +++ b/lib/libcrypto/conf/conf_api.c @@ -119,9 +119,9 @@ int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value) if (v != NULL) { (void)sk_CONF_VALUE_delete_ptr(ts,v); - OPENSSL_free(v->name); - OPENSSL_free(v->value); - OPENSSL_free(v); + free(v->name); + free(v->value); + free(v); } return 1; } @@ -226,7 +226,7 @@ void _CONF_free_data(CONF *conf) if (conf == NULL || conf->data == NULL) return; lh_CONF_VALUE_down_load(conf->data)=0; /* evil thing to make - * sure the 'OPENSSL_free()' works as + * sure the 'free()' works as * expected */ lh_CONF_VALUE_doall_arg(conf->data, LHASH_DOALL_ARG_FN(value_free_hash), @@ -257,13 +257,13 @@ static void value_free_stack_doall(CONF_VALUE *a) for (i=sk_CONF_VALUE_num(sk)-1; i>=0; i--) { vv=sk_CONF_VALUE_value(sk,i); - OPENSSL_free(vv->value); - OPENSSL_free(vv->name); - OPENSSL_free(vv); + free(vv->value); + free(vv->name); + free(vv); } if (sk != NULL) sk_CONF_VALUE_free(sk); - OPENSSL_free(a->section); - OPENSSL_free(a); + free(a->section); + free(a); } /* Up until OpenSSL 0.9.5a, this was new_section */ @@ -275,10 +275,10 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section) if ((sk=sk_CONF_VALUE_new_null()) == NULL) goto err; - if ((v=OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL) + if ((v=malloc(sizeof(CONF_VALUE))) == NULL) goto err; i=strlen(section)+1; - if ((v->section=OPENSSL_malloc(i)) == NULL) + if ((v->section=malloc(i)) == NULL) goto err; memcpy(v->section,section,i); @@ -292,7 +292,7 @@ err: if (!ok) { if (sk != NULL) sk_CONF_VALUE_free(sk); - if (v != NULL) OPENSSL_free(v); + if (v != NULL) free(v); v=NULL; } return(v); diff --git a/lib/libcrypto/conf/conf_def.c b/lib/libcrypto/conf/conf_def.c index 15e5613e365..32d47458a0d 100644 --- a/lib/libcrypto/conf/conf_def.c +++ b/lib/libcrypto/conf/conf_def.c @@ -129,11 +129,11 @@ static CONF *def_create(CONF_METHOD *meth) { CONF *ret; - ret = OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *)); + ret = malloc(sizeof(CONF) + sizeof(unsigned short *)); if (ret) if (meth->init(ret) == 0) { - OPENSSL_free(ret); + free(ret); ret = NULL; } return ret; @@ -167,7 +167,7 @@ static int def_destroy(CONF *conf) { if (def_destroy_data(conf)) { - OPENSSL_free(conf); + free(conf); return 1; } return 0; @@ -228,7 +228,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) goto err; } - section=(char *)OPENSSL_malloc(10); + section=(char *)malloc(10); if (section == NULL) { CONFerr(CONF_F_DEF_LOAD_BIO,ERR_R_MALLOC_FAILURE); @@ -373,14 +373,14 @@ again: p++; *p='\0'; - if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) + if (!(v=(CONF_VALUE *)malloc(sizeof(CONF_VALUE)))) { CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE); goto err; } if (psection == NULL) psection=section; - v->name=(char *)OPENSSL_malloc(strlen(pname)+1); + v->name=(char *)malloc(strlen(pname)+1); v->value=NULL; if (v->name == NULL) { @@ -424,20 +424,20 @@ again: if (vv != NULL) { sk_CONF_VALUE_delete_ptr(ts,vv); - OPENSSL_free(vv->name); - OPENSSL_free(vv->value); - OPENSSL_free(vv); + free(vv->name); + free(vv->value); + free(vv); } #endif v=NULL; } } if (buff != NULL) BUF_MEM_free(buff); - if (section != NULL) OPENSSL_free(section); + if (section != NULL) free(section); return(1); err: if (buff != NULL) BUF_MEM_free(buff); - if (section != NULL) OPENSSL_free(section); + if (section != NULL) free(section); if (line != NULL) *line=eline; (void) snprintf(btmp,sizeof btmp,"%ld",eline); ERR_add_error_data(2,"line ",btmp); @@ -448,9 +448,9 @@ err: } if (v != NULL) { - if (v->name != NULL) OPENSSL_free(v->name); - if (v->value != NULL) OPENSSL_free(v->value); - if (v != NULL) OPENSSL_free(v); + if (v->name != NULL) free(v->name); + if (v->value != NULL) free(v->value); + if (v != NULL) free(v); } return(0); } @@ -637,9 +637,9 @@ static int str_copy(CONF *conf, char *section, char **pto, char *from) buf->data[to++]= *(from++); } buf->data[to]='\0'; - if (*pto != NULL) OPENSSL_free(*pto); + if (*pto != NULL) free(*pto); *pto=buf->data; - OPENSSL_free(buf); + free(buf); return(1); err: if (buf != NULL) BUF_MEM_free(buf); diff --git a/lib/libcrypto/conf/conf_mod.c b/lib/libcrypto/conf/conf_mod.c index 994294f6558..652ad6469a7 100644 --- a/lib/libcrypto/conf/conf_mod.c +++ b/lib/libcrypto/conf/conf_mod.c @@ -197,7 +197,7 @@ int CONF_modules_load_file(const char *filename, const char *appname, err: if (filename == NULL) - OPENSSL_free(file); + free(file); NCONF_free(conf); return ret; @@ -296,7 +296,7 @@ static CONF_MODULE *module_add(DSO *dso, const char *name, supported_modules = sk_CONF_MODULE_new_null(); if (supported_modules == NULL) return NULL; - tmod = OPENSSL_malloc(sizeof(CONF_MODULE)); + tmod = malloc(sizeof(CONF_MODULE)); if (tmod == NULL) return NULL; @@ -308,7 +308,7 @@ static CONF_MODULE *module_add(DSO *dso, const char *name, if (!sk_CONF_MODULE_push(supported_modules, tmod)) { - OPENSSL_free(tmod); + free(tmod); return NULL; } @@ -352,7 +352,7 @@ static int module_init(CONF_MODULE *pmod, char *name, char *value, CONF_IMODULE *imod = NULL; /* Otherwise add initialized module to list */ - imod = OPENSSL_malloc(sizeof(CONF_IMODULE)); + imod = malloc(sizeof(CONF_IMODULE)); if (!imod) goto err; @@ -404,10 +404,10 @@ static int module_init(CONF_MODULE *pmod, char *name, char *value, if (imod) { if (imod->name) - OPENSSL_free(imod->name); + free(imod->name); if (imod->value) - OPENSSL_free(imod->value); - OPENSSL_free(imod); + free(imod->value); + free(imod); } return -1; @@ -447,8 +447,8 @@ static void module_free(CONF_MODULE *md) { if (md->dso) DSO_free(md->dso); - OPENSSL_free(md->name); - OPENSSL_free(md); + free(md->name); + free(md); } /* finish and free up all modules instances */ @@ -472,9 +472,9 @@ static void module_finish(CONF_IMODULE *imod) if (imod->pmod->finish) imod->pmod->finish(imod); imod->pmod->links--; - OPENSSL_free(imod->name); - OPENSSL_free(imod->value); - OPENSSL_free(imod); + free(imod->name); + free(imod->value); + free(imod); } /* Add a static module to OpenSSL */ @@ -558,7 +558,7 @@ char *CONF_get1_default_config_file(void) #endif len += strlen(OPENSSL_CONF); - file = OPENSSL_malloc(len + 1); + file = malloc(len + 1); if (!file) return NULL; diff --git a/lib/libcrypto/cryptlib.c b/lib/libcrypto/cryptlib.c index 2bf5def17d9..dc3cc2ab025 100644 --- a/lib/libcrypto/cryptlib.c +++ b/lib/libcrypto/cryptlib.c @@ -211,7 +211,7 @@ CRYPTO_get_new_lockid(char *name) } i = sk_OPENSSL_STRING_push(app_locks, str); if (!i) - OPENSSL_free(str); + free(str); else i += CRYPTO_NUM_LOCKS; /* gap of one :-) */ return (i); @@ -242,7 +242,7 @@ CRYPTO_get_new_dynlockid(void) } CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock)); + pointer = (CRYPTO_dynlock *)malloc(sizeof(CRYPTO_dynlock)); if (pointer == NULL) { CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE); return (0); @@ -250,7 +250,7 @@ CRYPTO_get_new_dynlockid(void) pointer->references = 1; pointer->data = dynlock_create_callback(__FILE__, __LINE__); if (pointer->data == NULL) { - OPENSSL_free(pointer); + free(pointer); CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE); return (0); } @@ -273,7 +273,7 @@ CRYPTO_get_new_dynlockid(void) if (i == -1) { dynlock_destroy_callback(pointer->data, __FILE__, __LINE__); - OPENSSL_free(pointer); + free(pointer); } else i += 1; /* to avoid 0 */ return - i; @@ -312,7 +312,7 @@ CRYPTO_destroy_dynlockid(int i) if (pointer) { dynlock_destroy_callback(pointer->data, __FILE__, __LINE__); - OPENSSL_free(pointer); + free(pointer); } } diff --git a/lib/libcrypto/des/enc_read.c b/lib/libcrypto/des/enc_read.c index edb6620d085..23ad458dcf6 100644 --- a/lib/libcrypto/des/enc_read.c +++ b/lib/libcrypto/des/enc_read.c @@ -106,17 +106,17 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched, if (tmpbuf == NULL) { - tmpbuf=OPENSSL_malloc(BSIZE); + tmpbuf=malloc(BSIZE); if (tmpbuf == NULL) return(-1); } if (net == NULL) { - net=OPENSSL_malloc(BSIZE); + net=malloc(BSIZE); if (net == NULL) return(-1); } if (unnet == NULL) { - unnet=OPENSSL_malloc(BSIZE); + unnet=malloc(BSIZE); if (unnet == NULL) return(-1); } /* left over data from last decrypt */ diff --git a/lib/libcrypto/des/enc_writ.c b/lib/libcrypto/des/enc_writ.c index 2353ac1e892..8f6b033c877 100644 --- a/lib/libcrypto/des/enc_writ.c +++ b/lib/libcrypto/des/enc_writ.c @@ -98,7 +98,7 @@ int DES_enc_write(int fd, const void *_buf, int len, if (outbuf == NULL) { - outbuf=OPENSSL_malloc(BSIZE+HDRSIZE); + outbuf=malloc(BSIZE+HDRSIZE); if (outbuf == NULL) return(-1); } /* If we are sending less than 8 bytes, the same char will look diff --git a/lib/libcrypto/dh/dh_ameth.c b/lib/libcrypto/dh/dh_ameth.c index 377caf96c93..d39f4b373d3 100644 --- a/lib/libcrypto/dh/dh_ameth.c +++ b/lib/libcrypto/dh/dh_ameth.c @@ -168,7 +168,7 @@ static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) err: if (penc) - OPENSSL_free(penc); + free(penc); if (pval) ASN1_STRING_free(pval); @@ -277,7 +277,7 @@ static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) err: if (dp != NULL) - OPENSSL_free(dp); + free(dp); if (params != NULL) ASN1_STRING_free(params); if (prkey != NULL) @@ -353,7 +353,7 @@ static int do_dh_print(BIO *bp, const DH *x, int indent, else ktype = "PKCS#3 DH Parameters"; - m= OPENSSL_malloc(buf_len+10); + m= malloc(buf_len+10); if (m == NULL) { reason=ERR_R_MALLOC_FAILURE; @@ -384,7 +384,7 @@ static int do_dh_print(BIO *bp, const DH *x, int indent, err: DHerr(DH_F_DO_DH_PRINT,reason); } - if (m != NULL) OPENSSL_free(m); + if (m != NULL) free(m); return(ret); } @@ -493,6 +493,7 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth = dh_copy_parameters, dh_cmp_parameters, dh_param_print, + 0, int_dh_free, 0 diff --git a/lib/libcrypto/dh/dh_lib.c b/lib/libcrypto/dh/dh_lib.c index a40caaf75b1..4e3d25b7e5e 100644 --- a/lib/libcrypto/dh/dh_lib.c +++ b/lib/libcrypto/dh/dh_lib.c @@ -110,7 +110,7 @@ DH *DH_new_method(ENGINE *engine) { DH *ret; - ret=(DH *)OPENSSL_malloc(sizeof(DH)); + ret=(DH *)malloc(sizeof(DH)); if (ret == NULL) { DHerr(DH_F_DH_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -124,7 +124,7 @@ DH *DH_new_method(ENGINE *engine) if (!ENGINE_init(engine)) { DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB); - OPENSSL_free(ret); + free(ret); return NULL; } ret->engine = engine; @@ -138,7 +138,7 @@ DH *DH_new_method(ENGINE *engine) { DHerr(DH_F_DH_NEW_METHOD,ERR_R_ENGINE_LIB); ENGINE_finish(ret->engine); - OPENSSL_free(ret); + free(ret); return NULL; } } @@ -167,7 +167,7 @@ DH *DH_new_method(ENGINE *engine) ENGINE_finish(ret->engine); #endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); - OPENSSL_free(ret); + free(ret); ret=NULL; } return(ret); @@ -203,11 +203,11 @@ void DH_free(DH *r) if (r->g != NULL) BN_clear_free(r->g); if (r->q != NULL) BN_clear_free(r->q); if (r->j != NULL) BN_clear_free(r->j); - if (r->seed) OPENSSL_free(r->seed); + if (r->seed) free(r->seed); if (r->counter != NULL) BN_clear_free(r->counter); if (r->pub_key != NULL) BN_clear_free(r->pub_key); if (r->priv_key != NULL) BN_clear_free(r->priv_key); - OPENSSL_free(r); + free(r); } int DH_up_ref(DH *r) diff --git a/lib/libcrypto/dh/dh_pmeth.c b/lib/libcrypto/dh/dh_pmeth.c index 5ae72b7d4cc..ec4553c0a89 100644 --- a/lib/libcrypto/dh/dh_pmeth.c +++ b/lib/libcrypto/dh/dh_pmeth.c @@ -80,7 +80,7 @@ typedef struct static int pkey_dh_init(EVP_PKEY_CTX *ctx) { DH_PKEY_CTX *dctx; - dctx = OPENSSL_malloc(sizeof(DH_PKEY_CTX)); + dctx = malloc(sizeof(DH_PKEY_CTX)); if (!dctx) return 0; dctx->prime_len = 1024; @@ -111,7 +111,7 @@ static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx) { DH_PKEY_CTX *dctx = ctx->data; if (dctx) - OPENSSL_free(dctx); + free(dctx); } static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) diff --git a/lib/libcrypto/dsa/dsa_ameth.c b/lib/libcrypto/dsa/dsa_ameth.c index 6413aae46e2..e9c549802d6 100644 --- a/lib/libcrypto/dsa/dsa_ameth.c +++ b/lib/libcrypto/dsa/dsa_ameth.c @@ -176,7 +176,7 @@ static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) err: if (penc) - OPENSSL_free(penc); + free(penc); if (pval) ASN1_STRING_free(pval); @@ -344,7 +344,7 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) err: if (dp != NULL) - OPENSSL_free(dp); + free(dp); if (params != NULL) ASN1_STRING_free(params); if (prkey != NULL) @@ -459,7 +459,7 @@ static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) update_buflen(priv_key, &buf_len); update_buflen(pub_key, &buf_len); - m=(unsigned char *)OPENSSL_malloc(buf_len+10); + m=(unsigned char *)malloc(buf_len+10); if (m == NULL) { DSAerr(DSA_F_DO_DSA_PRINT,ERR_R_MALLOC_FAILURE); @@ -483,7 +483,7 @@ static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) if (!ASN1_bn_print(bp,"G: ",x->g,m,off)) goto err; ret=1; err: - if (m != NULL) OPENSSL_free(m); + if (m != NULL) free(m); return(ret); } @@ -542,6 +542,52 @@ static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) return i2d_DSAPrivateKey(pkey->pkey.dsa, pder); } +static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, + const ASN1_STRING *sig, + int indent, ASN1_PCTX *pctx) + { + DSA_SIG *dsa_sig; + const unsigned char *p; + if (!sig) + { + if (BIO_puts(bp, "\n") <= 0) + return 0; + else + return 1; + } + p = sig->data; + dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length); + if (dsa_sig) + { + int rv = 0; + size_t buf_len = 0; + unsigned char *m=NULL; + update_buflen(dsa_sig->r, &buf_len); + update_buflen(dsa_sig->s, &buf_len); + m = malloc(buf_len+10); + if (m == NULL) + { + DSAerr(DSA_F_DSA_SIG_PRINT,ERR_R_MALLOC_FAILURE); + goto err; + } + + if (BIO_write(bp, "\n", 1) != 1) + goto err; + + if (!ASN1_bn_print(bp,"r: ",dsa_sig->r,m,indent)) + goto err; + if (!ASN1_bn_print(bp,"s: ",dsa_sig->s,m,indent)) + goto err; + rv = 1; + err: + if (m) + free(m); + DSA_SIG_free(dsa_sig); + return rv; + } + return X509_signature_dump(bp, sig, indent); + } + static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) { switch (op) @@ -647,6 +693,7 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = dsa_copy_parameters, dsa_cmp_parameters, dsa_param_print, + dsa_sig_print, int_dsa_free, dsa_pkey_ctrl, diff --git a/lib/libcrypto/dsa/dsa_asn1.c b/lib/libcrypto/dsa/dsa_asn1.c index 19528dcd7ac..f8a918d72cb 100644 --- a/lib/libcrypto/dsa/dsa_asn1.c +++ b/lib/libcrypto/dsa/dsa_asn1.c @@ -69,7 +69,7 @@ static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, { if(operation == ASN1_OP_NEW_PRE) { DSA_SIG *sig; - sig = OPENSSL_malloc(sizeof(DSA_SIG)); + sig = malloc(sizeof(DSA_SIG)); if (!sig) { DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); diff --git a/lib/libcrypto/dsa/dsa_lib.c b/lib/libcrypto/dsa/dsa_lib.c index 897c0859682..27a4c666183 100644 --- a/lib/libcrypto/dsa/dsa_lib.c +++ b/lib/libcrypto/dsa/dsa_lib.c @@ -116,7 +116,7 @@ DSA *DSA_new_method(ENGINE *engine) { DSA *ret; - ret=(DSA *)OPENSSL_malloc(sizeof(DSA)); + ret=(DSA *)malloc(sizeof(DSA)); if (ret == NULL) { DSAerr(DSA_F_DSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -129,7 +129,7 @@ DSA *DSA_new_method(ENGINE *engine) if (!ENGINE_init(engine)) { DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB); - OPENSSL_free(ret); + free(ret); return NULL; } ret->engine = engine; @@ -144,7 +144,7 @@ DSA *DSA_new_method(ENGINE *engine) DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB); ENGINE_finish(ret->engine); - OPENSSL_free(ret); + free(ret); return NULL; } } @@ -174,7 +174,7 @@ DSA *DSA_new_method(ENGINE *engine) ENGINE_finish(ret->engine); #endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data); - OPENSSL_free(ret); + free(ret); ret=NULL; } @@ -216,7 +216,7 @@ void DSA_free(DSA *r) if (r->priv_key != NULL) BN_clear_free(r->priv_key); if (r->kinv != NULL) BN_clear_free(r->kinv); if (r->r != NULL) BN_clear_free(r->r); - OPENSSL_free(r); + free(r); } int DSA_up_ref(DSA *r) diff --git a/lib/libcrypto/dsa/dsa_pmeth.c b/lib/libcrypto/dsa/dsa_pmeth.c index 4ce91e20c64..7076bf7b676 100644 --- a/lib/libcrypto/dsa/dsa_pmeth.c +++ b/lib/libcrypto/dsa/dsa_pmeth.c @@ -81,7 +81,7 @@ typedef struct static int pkey_dsa_init(EVP_PKEY_CTX *ctx) { DSA_PKEY_CTX *dctx; - dctx = OPENSSL_malloc(sizeof(DSA_PKEY_CTX)); + dctx = malloc(sizeof(DSA_PKEY_CTX)); if (!dctx) return 0; dctx->nbits = 1024; @@ -114,7 +114,7 @@ static void pkey_dsa_cleanup(EVP_PKEY_CTX *ctx) { DSA_PKEY_CTX *dctx = ctx->data; if (dctx) - OPENSSL_free(dctx); + free(dctx); } static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, @@ -187,8 +187,11 @@ static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) case EVP_PKEY_CTRL_MD: if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 && EVP_MD_type((const EVP_MD *)p2) != NID_dsa && + EVP_MD_type((const EVP_MD *)p2) != NID_dsaWithSHA && EVP_MD_type((const EVP_MD *)p2) != NID_sha224 && - EVP_MD_type((const EVP_MD *)p2) != NID_sha256) + EVP_MD_type((const EVP_MD *)p2) != NID_sha256 && + EVP_MD_type((const EVP_MD *)p2) != NID_sha384 && + EVP_MD_type((const EVP_MD *)p2) != NID_sha512) { DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE); return 0; @@ -252,7 +255,7 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) if (!dsa) return 0; ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd, - NULL, 0, NULL, NULL, pcb); + NULL, 0, NULL, NULL, NULL, pcb); if (ret) EVP_PKEY_assign_DSA(pkey, dsa); else diff --git a/lib/libcrypto/dsa/dsa_sign.c b/lib/libcrypto/dsa/dsa_sign.c index e02365a8b13..5f48d6b622f 100644 --- a/lib/libcrypto/dsa/dsa_sign.c +++ b/lib/libcrypto/dsa/dsa_sign.c @@ -76,7 +76,7 @@ int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) DSA_SIG *DSA_SIG_new(void) { DSA_SIG *sig; - sig = OPENSSL_malloc(sizeof(DSA_SIG)); + sig = malloc(sizeof(DSA_SIG)); if (!sig) return NULL; sig->r = NULL; @@ -92,7 +92,7 @@ void DSA_SIG_free(DSA_SIG *sig) BN_free(sig->r); if (sig->s) BN_free(sig->s); - OPENSSL_free(sig); + free(sig); } } diff --git a/lib/libcrypto/dso/dso.h b/lib/libcrypto/dso/dso.h index f36f209afd3..9010251bbcf 100644 --- a/lib/libcrypto/dso/dso.h +++ b/lib/libcrypto/dso/dso.h @@ -112,7 +112,7 @@ typedef struct dso_st DSO; * (or NULL if they are to be used independantly of a DSO object) and a * filename to transform. They should either return NULL (if there is an error * condition) or a newly allocated string containing the transformed form that - * the caller will need to free with OPENSSL_free() when done. */ + * the caller will need to free with free() when done. */ typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *); /* The function prototype used for method functions (or caller-provided * callbacks) that merge two file specifications. They are passed a @@ -120,7 +120,7 @@ typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *); * a DSO object) and two file specifications to merge. They should * either return NULL (if there is an error condition) or a newly allocated * string containing the result of merging that the caller will need - * to free with OPENSSL_free() when done. + * to free with free() when done. * Here, merging means that bits and pieces are taken from each of the * file specifications and added together in whatever fashion that is * sensible for the DSO method in question. The only rule that really @@ -136,7 +136,7 @@ typedef struct dso_meth_st const char *name; /* Loads a shared library, NB: new DSO_METHODs must ensure that a * successful load populates the loaded_filename field, and likewise a - * successful unload OPENSSL_frees and NULLs it out. */ + * successful unload frees and NULLs it out. */ int (*dso_load)(DSO *dso); /* Unloads a shared library */ int (*dso_unload)(DSO *dso); @@ -242,12 +242,12 @@ int DSO_set_filename(DSO *dso, const char *filename); * simply duplicated. NB: This function is usually called from within a * DSO_METHOD during the processing of a DSO_load() call, and is exposed so that * caller-created DSO_METHODs can do the same thing. A non-NULL return value - * will need to be OPENSSL_free()'d. */ + * will need to be free()'d. */ char *DSO_convert_filename(DSO *dso, const char *filename); /* This function will invoke the DSO's merger callback to merge two file * specifications, or if the callback isn't set it will instead use the * DSO_METHOD's merger. A non-NULL return value will need to be - * OPENSSL_free()'d. */ + * free()'d. */ char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2); /* If the DSO is currently loaded, this returns the filename that it was loaded * under, otherwise it returns NULL. So it is also useful as a test as to diff --git a/lib/libcrypto/dso/dso_dlfcn.c b/lib/libcrypto/dso/dso_dlfcn.c index fe5f0ffdb0d..648ddb5ac06 100644 --- a/lib/libcrypto/dso/dso_dlfcn.c +++ b/lib/libcrypto/dso/dso_dlfcn.c @@ -153,7 +153,7 @@ static int dlfcn_load(DSO *dso) err: /* Cleanup! */ if(filename != NULL) - OPENSSL_free(filename); + free(filename); if(ptr != NULL) dlclose(ptr); return(0); @@ -264,7 +264,7 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1, if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/')) { len = strlen(filespec1) + 1; - merged = OPENSSL_malloc(len); + merged = malloc(len); if(!merged) { DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE); @@ -276,7 +276,7 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1, else if (!filespec1) { len = strlen(filespec2) + 1; - merged = OPENSSL_malloc(strlen(filespec2) + 1); + merged = malloc(strlen(filespec2) + 1); if(!merged) { DSOerr(DSO_F_DLFCN_MERGER, @@ -302,7 +302,7 @@ static char *dlfcn_merger(DSO *dso, const char *filespec1, spec2len--; len--; } - merged = OPENSSL_malloc(len + 2); + merged = malloc(len + 2); if(!merged) { DSOerr(DSO_F_DLFCN_MERGER, @@ -334,7 +334,7 @@ static char *dlfcn_name_converter(DSO *dso, const char *filename) if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0) rsize += 3; /* The length of "lib" */ } - translated = OPENSSL_malloc(rsize); + translated = malloc(rsize); if(translated == NULL) { DSOerr(DSO_F_DLFCN_NAME_CONVERTER, diff --git a/lib/libcrypto/dso/dso_lib.c b/lib/libcrypto/dso/dso_lib.c index 8a15b794abe..68f5430ea8e 100644 --- a/lib/libcrypto/dso/dso_lib.c +++ b/lib/libcrypto/dso/dso_lib.c @@ -100,7 +100,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) * to stealing the "best available" method. Will fallback * to DSO_METH_null() in the worst case. */ default_DSO_meth = DSO_METHOD_openssl(); - ret = (DSO *)OPENSSL_malloc(sizeof(DSO)); + ret = (DSO *)malloc(sizeof(DSO)); if(ret == NULL) { DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -112,7 +112,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) { /* sk_new doesn't generate any errors so we do */ DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE); - OPENSSL_free(ret); + free(ret); return(NULL); } if(meth == NULL) @@ -122,7 +122,7 @@ DSO *DSO_new_method(DSO_METHOD *meth) ret->references = 1; if((ret->meth->init != NULL) && !ret->meth->init(ret)) { - OPENSSL_free(ret); + free(ret); ret=NULL; } return(ret); @@ -165,11 +165,11 @@ int DSO_free(DSO *dso) sk_void_free(dso->meth_data); if(dso->filename != NULL) - OPENSSL_free(dso->filename); + free(dso->filename); if(dso->loaded_filename != NULL) - OPENSSL_free(dso->loaded_filename); + free(dso->loaded_filename); - OPENSSL_free(dso); + free(dso); return(1); } @@ -377,7 +377,7 @@ int DSO_set_filename(DSO *dso, const char *filename) return(0); } /* We'll duplicate filename */ - copied = OPENSSL_malloc(strlen(filename) + 1); + copied = malloc(strlen(filename) + 1); if(copied == NULL) { DSOerr(DSO_F_DSO_SET_FILENAME,ERR_R_MALLOC_FAILURE); @@ -385,7 +385,7 @@ int DSO_set_filename(DSO *dso, const char *filename) } BUF_strlcpy(copied, filename, strlen(filename) + 1); if(dso->filename) - OPENSSL_free(dso->filename); + free(dso->filename); dso->filename = copied; return(1); } @@ -435,7 +435,7 @@ char *DSO_convert_filename(DSO *dso, const char *filename) } if(result == NULL) { - result = OPENSSL_malloc(strlen(filename) + 1); + result = malloc(strlen(filename) + 1); if(result == NULL) { DSOerr(DSO_F_DSO_CONVERT_FILENAME, diff --git a/lib/libcrypto/ec/ec_ameth.c b/lib/libcrypto/ec/ec_ameth.c index c00f7d746c3..63319031418 100644 --- a/lib/libcrypto/ec/ec_ameth.c +++ b/lib/libcrypto/ec/ec_ameth.c @@ -88,7 +88,7 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key) if (!pstr) return 0; pstr->length = i2d_ECParameters(ec_key, &pstr->data); - if (pstr->length < 0) + if (pstr->length <= 0) { ASN1_STRING_free(pstr); ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB); @@ -116,7 +116,7 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) penclen = i2o_ECPublicKey(ec_key, NULL); if (penclen <= 0) goto err; - penc = OPENSSL_malloc(penclen); + penc = malloc(penclen); if (!penc) goto err; p = penc; @@ -132,7 +132,7 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) else ASN1_STRING_free(pval); if (penc) - OPENSSL_free(penc); + free(penc); return 0; } @@ -339,7 +339,7 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB); return 0; } - ep = (unsigned char *) OPENSSL_malloc(eplen); + ep = (unsigned char *) malloc(eplen); if (!ep) { EC_KEY_set_enc_flags(ec_key, old_flags); @@ -350,7 +350,7 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) if (!i2d_ECPrivateKey(ec_key, &p)) { EC_KEY_set_enc_flags(ec_key, old_flags); - OPENSSL_free(ep); + free(ep); ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB); } /* restore old encoding flags */ @@ -474,7 +474,7 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) if (ktype > 0) { buf_len += 10; - if ((buffer = OPENSSL_malloc(buf_len)) == NULL) + if ((buffer = malloc(buf_len)) == NULL) { reason = ERR_R_MALLOC_FAILURE; goto err; @@ -515,7 +515,7 @@ err: if (ctx) BN_CTX_free(ctx); if (buffer != NULL) - OPENSSL_free(buffer); + free(buffer); return(ret); } @@ -651,6 +651,7 @@ const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = ec_copy_parameters, ec_cmp_parameters, eckey_param_print, + 0, int_ec_free, ec_pkey_ctrl, diff --git a/lib/libcrypto/ec/ec_asn1.c b/lib/libcrypto/ec/ec_asn1.c index ae555398594..2bde9a6a3c5 100644 --- a/lib/libcrypto/ec/ec_asn1.c +++ b/lib/libcrypto/ec/ec_asn1.c @@ -83,13 +83,14 @@ int EC_GROUP_get_basis_type(const EC_GROUP *group) /* everything else is currently not supported */ return 0; } - +#ifndef OPENSSL_NO_EC2M int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k) { if (group == NULL) return 0; - if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != + NID_X9_62_characteristic_two_field || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0))) { ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); @@ -101,14 +102,14 @@ int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k) return 1; } - int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1, unsigned int *k2, unsigned int *k3) { if (group == NULL) return 0; - if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != + NID_X9_62_characteristic_two_field || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0))) { ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); @@ -124,7 +125,7 @@ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1, return 1; } - +#endif /* some structures needed for the asn1 encoding */ @@ -340,6 +341,12 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) } } else /* nid == NID_X9_62_characteristic_two_field */ +#ifdef OPENSSL_NO_EC2M + { + ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED); + goto err; + } +#else { int field_type; X9_62_CHARACTERISTIC_TWO *char_two; @@ -419,6 +426,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) } } } +#endif ok = 1; @@ -456,6 +464,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) goto err; } } +#ifndef OPENSSL_NO_EC2M else /* nid == NID_X9_62_characteristic_two_field */ { if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL)) @@ -464,7 +473,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) goto err; } } - +#endif len_1 = (size_t)BN_num_bytes(tmp_1); len_2 = (size_t)BN_num_bytes(tmp_2); @@ -476,7 +485,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) } else { - if ((buffer_1 = OPENSSL_malloc(len_1)) == NULL) + if ((buffer_1 = malloc(len_1)) == NULL) { ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE); @@ -498,7 +507,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) } else { - if ((buffer_2 = OPENSSL_malloc(len_2)) == NULL) + if ((buffer_2 = malloc(len_2)) == NULL) { ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE); @@ -550,9 +559,9 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) ok = 1; err: if (buffer_1) - OPENSSL_free(buffer_1); + free(buffer_1); if (buffer_2) - OPENSSL_free(buffer_2); + free(buffer_2); if (tmp_1) BN_free(tmp_1); if (tmp_2) @@ -621,7 +630,7 @@ static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group, ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB); goto err; } - if ((buffer = OPENSSL_malloc(len)) == NULL) + if ((buffer = malloc(len)) == NULL) { ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE); goto err; @@ -677,7 +686,7 @@ err : if(!ok) if (tmp) BN_free(tmp); if (buffer) - OPENSSL_free(buffer); + free(buffer); return(ret); } @@ -775,8 +784,13 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params) /* get the field parameters */ tmp = OBJ_obj2nid(params->fieldID->fieldType); - if (tmp == NID_X9_62_characteristic_two_field) +#ifdef OPENSSL_NO_EC2M + { + ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_GF2M_NOT_SUPPORTED); + goto err; + } +#else { X9_62_CHARACTERISTIC_TWO *char_two; @@ -862,6 +876,7 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params) /* create the EC_GROUP structure */ ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL); } +#endif else if (tmp == NID_X9_62_prime_field) { /* we have a curve over a prime field */ @@ -910,8 +925,8 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params) if (params->curve->seed != NULL) { if (ret->seed != NULL) - OPENSSL_free(ret->seed); - if (!(ret->seed = OPENSSL_malloc(params->curve->seed->length))) + free(ret->seed); + if (!(ret->seed = malloc(params->curve->seed->length))) { ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE); @@ -1065,6 +1080,7 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len) if ((group = ec_asn1_pkparameters2group(params)) == NULL) { ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE); + ECPKPARAMETERS_free(params); return NULL; } @@ -1231,7 +1247,7 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out) priv_key->version = a->version; buf_len = (size_t)BN_num_bytes(a->priv_key); - buffer = OPENSSL_malloc(buf_len); + buffer = malloc(buf_len); if (buffer == NULL) { ECerr(EC_F_I2D_ECPRIVATEKEY, @@ -1276,7 +1292,7 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out) if (tmp_len > buf_len) { - unsigned char *tmp_buffer = OPENSSL_realloc(buffer, tmp_len); + unsigned char *tmp_buffer = realloc(buffer, tmp_len); if (!tmp_buffer) { ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE); @@ -1311,7 +1327,7 @@ int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out) ok=1; err: if (buffer) - OPENSSL_free(buffer); + free(buffer); if (priv_key) EC_PRIVATEKEY_free(priv_key); return(ok?ret:0); @@ -1408,7 +1424,7 @@ int i2o_ECPublicKey(EC_KEY *a, unsigned char **out) if (*out == NULL) { - if ((*out = OPENSSL_malloc(buf_len)) == NULL) + if ((*out = malloc(buf_len)) == NULL) { ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_MALLOC_FAILURE); return 0; @@ -1419,7 +1435,7 @@ int i2o_ECPublicKey(EC_KEY *a, unsigned char **out) *out, buf_len, NULL)) { ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB); - OPENSSL_free(*out); + free(*out); *out = NULL; return 0; } diff --git a/lib/libcrypto/ec/ec_key.c b/lib/libcrypto/ec/ec_key.c index d5286010362..4375514ef5b 100644 --- a/lib/libcrypto/ec/ec_key.c +++ b/lib/libcrypto/ec/ec_key.c @@ -69,7 +69,7 @@ EC_KEY *EC_KEY_new(void) { EC_KEY *ret; - ret=(EC_KEY *)OPENSSL_malloc(sizeof(EC_KEY)); + ret=(EC_KEY *)malloc(sizeof(EC_KEY)); if (ret == NULL) { ECerr(EC_F_EC_KEY_NEW, ERR_R_MALLOC_FAILURE); @@ -132,7 +132,7 @@ void EC_KEY_free(EC_KEY *r) OPENSSL_cleanse((void *)r, sizeof(EC_KEY)); - OPENSSL_free(r); + free(r); } EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) diff --git a/lib/libcrypto/ec/ec_lib.c b/lib/libcrypto/ec/ec_lib.c index e2c4741b5b7..546fd08e382 100644 --- a/lib/libcrypto/ec/ec_lib.c +++ b/lib/libcrypto/ec/ec_lib.c @@ -88,7 +88,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) return NULL; } - ret = OPENSSL_malloc(sizeof *ret); + ret = malloc(sizeof *ret); if (ret == NULL) { ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE); @@ -112,7 +112,7 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) if (!meth->group_init(ret)) { - OPENSSL_free(ret); + free(ret); return NULL; } @@ -135,9 +135,9 @@ void EC_GROUP_free(EC_GROUP *group) BN_free(&group->cofactor); if (group->seed) - OPENSSL_free(group->seed); + free(group->seed); - OPENSSL_free(group); + free(group); } @@ -160,11 +160,11 @@ void EC_GROUP_clear_free(EC_GROUP *group) if (group->seed) { OPENSSL_cleanse(group->seed, group->seed_len); - OPENSSL_free(group->seed); + free(group->seed); } OPENSSL_cleanse(group, sizeof *group); - OPENSSL_free(group); + free(group); } @@ -226,8 +226,8 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) if (src->seed) { if (dest->seed) - OPENSSL_free(dest->seed); - dest->seed = OPENSSL_malloc(src->seed_len); + free(dest->seed); + dest->seed = malloc(src->seed_len); if (dest->seed == NULL) return 0; if (!memcpy(dest->seed, src->seed, src->seed_len)) @@ -237,7 +237,7 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) else { if (dest->seed) - OPENSSL_free(dest->seed); + free(dest->seed); dest->seed = NULL; dest->seed_len = 0; } @@ -375,7 +375,7 @@ size_t EC_GROUP_set_seed(EC_GROUP *group, const unsigned char *p, size_t len) { if (group->seed) { - OPENSSL_free(group->seed); + free(group->seed); group->seed = NULL; group->seed_len = 0; } @@ -383,7 +383,7 @@ size_t EC_GROUP_set_seed(EC_GROUP *group, const unsigned char *p, size_t len) if (!len || !p) return 1; - if ((group->seed = OPENSSL_malloc(len)) == NULL) + if ((group->seed = malloc(len)) == NULL) return 0; memcpy(group->seed, p, len); group->seed_len = len; @@ -567,7 +567,7 @@ int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data, /* no explicit entry needed */ return 1; - d = OPENSSL_malloc(sizeof *d); + d = malloc(sizeof *d); if (d == NULL) return 0; @@ -613,7 +613,7 @@ void EC_EX_DATA_free_data(EC_EXTRA_DATA **ex_data, EC_EXTRA_DATA *next = (*p)->next; (*p)->free_func((*p)->data); - OPENSSL_free(*p); + free(*p); *p = next; return; @@ -637,7 +637,7 @@ void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **ex_data, EC_EXTRA_DATA *next = (*p)->next; (*p)->clear_free_func((*p)->data); - OPENSSL_free(*p); + free(*p); *p = next; return; @@ -659,7 +659,7 @@ void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **ex_data) EC_EXTRA_DATA *next = d->next; d->free_func(d->data); - OPENSSL_free(d); + free(d); d = next; } @@ -680,7 +680,7 @@ void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **ex_data) EC_EXTRA_DATA *next = d->next; d->clear_free_func(d->data); - OPENSSL_free(d); + free(d); d = next; } @@ -705,7 +705,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group) return NULL; } - ret = OPENSSL_malloc(sizeof *ret); + ret = malloc(sizeof *ret); if (ret == NULL) { ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE); @@ -716,7 +716,7 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group) if (!ret->meth->point_init(ret)) { - OPENSSL_free(ret); + free(ret); return NULL; } @@ -730,7 +730,7 @@ void EC_POINT_free(EC_POINT *point) if (point->meth->point_finish != 0) point->meth->point_finish(point); - OPENSSL_free(point); + free(point); } @@ -743,7 +743,7 @@ void EC_POINT_clear_free(EC_POINT *point) else if (point->meth->point_finish != 0) point->meth->point_finish(point); OPENSSL_cleanse(point, sizeof *point); - OPENSSL_free(point); + free(point); } diff --git a/lib/libcrypto/ec/ec_mult.c b/lib/libcrypto/ec/ec_mult.c index 19f21675fbd..b48c888048b 100644 --- a/lib/libcrypto/ec/ec_mult.c +++ b/lib/libcrypto/ec/ec_mult.c @@ -102,7 +102,7 @@ static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group) if (!group) return NULL; - ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP)); + ret = (EC_PRE_COMP *)malloc(sizeof(EC_PRE_COMP)); if (!ret) { ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); @@ -147,9 +147,9 @@ static void ec_pre_comp_free(void *pre_) for (p = pre->points; *p != NULL; p++) EC_POINT_free(*p); - OPENSSL_free(pre->points); + free(pre->points); } - OPENSSL_free(pre); + free(pre); } static void ec_pre_comp_clear_free(void *pre_) @@ -173,10 +173,10 @@ static void ec_pre_comp_clear_free(void *pre_) EC_POINT_clear_free(*p); OPENSSL_cleanse(p, sizeof *p); } - OPENSSL_free(pre->points); + free(pre->points); } OPENSSL_cleanse(pre, sizeof *pre); - OPENSSL_free(pre); + free(pre); } @@ -201,7 +201,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) if (BN_is_zero(scalar)) { - r = OPENSSL_malloc(1); + r = malloc(1); if (!r) { ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE); @@ -233,7 +233,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) } len = BN_num_bits(scalar); - r = OPENSSL_malloc(len + 1); /* modified wNAF may be one digit longer than binary representation + r = malloc(len + 1); /* modified wNAF may be one digit longer than binary representation * (*ret_len will be set to the actual length, i.e. at most * BN_num_bits(scalar) + 1) */ if (r == NULL) @@ -315,7 +315,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) err: if (!ok) { - OPENSSL_free(r); + free(r); r = NULL; } if (ok) @@ -441,10 +441,10 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, totalnum = num + numblocks; - wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]); - wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]); - wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space for pivot */ - val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]); + wsize = malloc(totalnum * sizeof wsize[0]); + wNAF_len = malloc(totalnum * sizeof wNAF_len[0]); + wNAF = malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space for pivot */ + val_sub = malloc(totalnum * sizeof val_sub[0]); if (!wsize || !wNAF_len || !wNAF || !val_sub) { @@ -560,11 +560,11 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, wNAF_len[i] = tmp_len; wNAF[i + 1] = NULL; - wNAF[i] = OPENSSL_malloc(wNAF_len[i]); + wNAF[i] = malloc(wNAF_len[i]); if (wNAF[i] == NULL) { ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); - OPENSSL_free(tmp_wNAF); + free(tmp_wNAF); goto err; } memcpy(wNAF[i], pp, wNAF_len[i]); @@ -574,14 +574,14 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (*tmp_points == NULL) { ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR); - OPENSSL_free(tmp_wNAF); + free(tmp_wNAF); goto err; } val_sub[i] = tmp_points; tmp_points += pre_points_per_block; pp += blocksize; } - OPENSSL_free(tmp_wNAF); + free(tmp_wNAF); } } } @@ -589,7 +589,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, /* All points we precompute now go into a single array 'val'. * 'val_sub[i]' is a pointer to the subarray for the i-th point, * or to a subarray of 'pre_comp->points' if we already have precomputation. */ - val = OPENSSL_malloc((num_val + 1) * sizeof val[0]); + val = malloc((num_val + 1) * sizeof val[0]); if (val == NULL) { ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE); @@ -716,28 +716,28 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (tmp != NULL) EC_POINT_free(tmp); if (wsize != NULL) - OPENSSL_free(wsize); + free(wsize); if (wNAF_len != NULL) - OPENSSL_free(wNAF_len); + free(wNAF_len); if (wNAF != NULL) { signed char **w; for (w = wNAF; *w != NULL; w++) - OPENSSL_free(*w); + free(*w); - OPENSSL_free(wNAF); + free(wNAF); } if (val != NULL) { for (v = val; *v != NULL; v++) EC_POINT_clear_free(*v); - OPENSSL_free(val); + free(val); } if (val_sub != NULL) { - OPENSSL_free(val_sub); + free(val_sub); } return ret; } @@ -825,7 +825,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) pre_points_per_block = (size_t)1 << (w - 1); num = pre_points_per_block * numblocks; /* number of points to compute and store */ - points = OPENSSL_malloc(sizeof (EC_POINT*)*(num + 1)); + points = malloc(sizeof (EC_POINT*)*(num + 1)); if (!points) { ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE); @@ -921,7 +921,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) for (p = points; *p != NULL; p++) EC_POINT_free(*p); - OPENSSL_free(points); + free(points); } if (tmp_point) EC_POINT_free(tmp_point); diff --git a/lib/libcrypto/ec/ec_pmeth.c b/lib/libcrypto/ec/ec_pmeth.c index f433076ca12..dfc8ace27b2 100644 --- a/lib/libcrypto/ec/ec_pmeth.c +++ b/lib/libcrypto/ec/ec_pmeth.c @@ -77,7 +77,7 @@ typedef struct static int pkey_ec_init(EVP_PKEY_CTX *ctx) { EC_PKEY_CTX *dctx; - dctx = OPENSSL_malloc(sizeof(EC_PKEY_CTX)); + dctx = malloc(sizeof(EC_PKEY_CTX)); if (!dctx) return 0; dctx->gen_group = NULL; @@ -112,7 +112,7 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx) { if (dctx->gen_group) EC_GROUP_free(dctx->gen_group); - OPENSSL_free(dctx); + free(dctx); } } @@ -188,7 +188,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec); - /* NB: unlike PKS#3 DH, if *outlen is less than maximum size this is + /* NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is * not an error, the result is truncated. */ @@ -221,6 +221,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) case EVP_PKEY_CTRL_MD: if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 && + EVP_MD_type((const EVP_MD *)p2) != NID_ecdsa_with_SHA1 && EVP_MD_type((const EVP_MD *)p2) != NID_sha224 && EVP_MD_type((const EVP_MD *)p2) != NID_sha256 && EVP_MD_type((const EVP_MD *)p2) != NID_sha384 && diff --git a/lib/libcrypto/ec/ec_print.c b/lib/libcrypto/ec/ec_print.c index f7c8a303aca..1655332c3c5 100644 --- a/lib/libcrypto/ec/ec_print.c +++ b/lib/libcrypto/ec/ec_print.c @@ -70,18 +70,18 @@ BIGNUM *EC_POINT_point2bn(const EC_GROUP *group, if (buf_len == 0) return NULL; - if ((buf = OPENSSL_malloc(buf_len)) == NULL) + if ((buf = malloc(buf_len)) == NULL) return NULL; if (!EC_POINT_point2oct(group, point, form, buf, buf_len, ctx)) { - OPENSSL_free(buf); + free(buf); return NULL; } ret = BN_bin2bn(buf, buf_len, ret); - OPENSSL_free(buf); + free(buf); return ret; } @@ -96,13 +96,13 @@ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, EC_POINT *ret; if ((buf_len = BN_num_bytes(bn)) == 0) return NULL; - buf = OPENSSL_malloc(buf_len); + buf = malloc(buf_len); if (buf == NULL) return NULL; if (!BN_bn2bin(bn, buf)) { - OPENSSL_free(buf); + free(buf); return NULL; } @@ -110,7 +110,7 @@ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, { if ((ret = EC_POINT_new(group)) == NULL) { - OPENSSL_free(buf); + free(buf); return NULL; } } @@ -121,17 +121,17 @@ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, { if (point == NULL) EC_POINT_clear_free(ret); - OPENSSL_free(buf); + free(buf); return NULL; } - OPENSSL_free(buf); + free(buf); return ret; } static const char *HEX_DIGITS = "0123456789ABCDEF"; -/* the return value must be freed (using OPENSSL_free()) */ +/* the return value must be freed (using free()) */ char *EC_POINT_point2hex(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form, @@ -146,19 +146,19 @@ char *EC_POINT_point2hex(const EC_GROUP *group, if (buf_len == 0) return NULL; - if ((buf = OPENSSL_malloc(buf_len)) == NULL) + if ((buf = malloc(buf_len)) == NULL) return NULL; if (!EC_POINT_point2oct(group, point, form, buf, buf_len, ctx)) { - OPENSSL_free(buf); + free(buf); return NULL; } - ret = (char *)OPENSSL_malloc(buf_len*2+2); + ret = (char *)malloc(buf_len*2+2); if (ret == NULL) { - OPENSSL_free(buf); + free(buf); return NULL; } p = ret; @@ -171,7 +171,7 @@ char *EC_POINT_point2hex(const EC_GROUP *group, } *p='\0'; - OPENSSL_free(buf); + free(buf); return ret; } diff --git a/lib/libcrypto/ec/eck_prn.c b/lib/libcrypto/ec/eck_prn.c index 7d3e175ae75..4e8c748bbc0 100644 --- a/lib/libcrypto/ec/eck_prn.c +++ b/lib/libcrypto/ec/eck_prn.c @@ -207,7 +207,7 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) reason = ERR_R_MALLOC_FAILURE; goto err; } - +#ifndef OPENSSL_NO_EC2M if (is_char_two) { if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx)) @@ -217,6 +217,7 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) } } else /* prime field */ +#endif { if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx)) { @@ -262,7 +263,7 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) seed_len = EC_GROUP_get_seed_len(x); buf_len += 10; - if ((buffer = OPENSSL_malloc(buf_len)) == NULL) + if ((buffer = malloc(buf_len)) == NULL) { reason = ERR_R_MALLOC_FAILURE; goto err; @@ -348,7 +349,7 @@ err: if (ctx) BN_CTX_free(ctx); if (buffer != NULL) - OPENSSL_free(buffer); + free(buffer); return(ret); } diff --git a/lib/libcrypto/ec/ecp_nistp224.c b/lib/libcrypto/ec/ecp_nistp224.c index b5ff56c2527..03f2d9c1d7b 100644 --- a/lib/libcrypto/ec/ecp_nistp224.c +++ b/lib/libcrypto/ec/ecp_nistp224.c @@ -1148,7 +1148,7 @@ static void batch_mul(felem x_out, felem y_out, felem z_out, static NISTP224_PRE_COMP *nistp224_pre_comp_new() { NISTP224_PRE_COMP *ret = NULL; - ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof *ret); + ret = (NISTP224_PRE_COMP *) malloc(sizeof *ret); if (!ret) { ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); @@ -1181,7 +1181,7 @@ static void nistp224_pre_comp_free(void *pre_) if (i > 0) return; - OPENSSL_free(pre); + free(pre); } static void nistp224_pre_comp_clear_free(void *pre_) @@ -1197,7 +1197,7 @@ static void nistp224_pre_comp_clear_free(void *pre_) return; OPENSSL_cleanse(pre, sizeof *pre); - OPENSSL_free(pre); + free(pre); } /******************************************************************************/ @@ -1382,10 +1382,10 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r, * converting those into affine form is time well spent */ mixed = 1; } - secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray)); - pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(felem)); + secrets = malloc(num_points * sizeof(felem_bytearray)); + pre_comp = malloc(num_points * 17 * 3 * sizeof(felem)); if (mixed) - tmp_felems = OPENSSL_malloc((num_points * 17 + 1) * sizeof(felem)); + tmp_felems = malloc((num_points * 17 + 1) * sizeof(felem)); if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) { ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_MALLOC_FAILURE); @@ -1506,11 +1506,11 @@ err: if (new_ctx != NULL) BN_CTX_free(new_ctx); if (secrets != NULL) - OPENSSL_free(secrets); + free(secrets); if (pre_comp != NULL) - OPENSSL_free(pre_comp); + free(pre_comp); if (tmp_felems != NULL) - OPENSSL_free(tmp_felems); + free(tmp_felems); return ret; } diff --git a/lib/libcrypto/ec/ecp_nistp256.c b/lib/libcrypto/ec/ecp_nistp256.c index 4bc0f5dce02..947fb7eee00 100644 --- a/lib/libcrypto/ec/ecp_nistp256.c +++ b/lib/libcrypto/ec/ecp_nistp256.c @@ -1666,7 +1666,7 @@ const EC_METHOD *EC_GFp_nistp256_method(void) static NISTP256_PRE_COMP *nistp256_pre_comp_new() { NISTP256_PRE_COMP *ret = NULL; - ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof *ret); + ret = (NISTP256_PRE_COMP *) malloc(sizeof *ret); if (!ret) { ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); @@ -1699,7 +1699,7 @@ static void nistp256_pre_comp_free(void *pre_) if (i > 0) return; - OPENSSL_free(pre); + free(pre); } static void nistp256_pre_comp_clear_free(void *pre_) @@ -1715,7 +1715,7 @@ static void nistp256_pre_comp_clear_free(void *pre_) return; OPENSSL_cleanse(pre, sizeof *pre); - OPENSSL_free(pre); + free(pre); } /******************************************************************************/ @@ -1901,10 +1901,10 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, * converting those into affine form is time well spent */ mixed = 1; } - secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray)); - pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(smallfelem)); + secrets = malloc(num_points * sizeof(felem_bytearray)); + pre_comp = malloc(num_points * 17 * 3 * sizeof(smallfelem)); if (mixed) - tmp_smallfelems = OPENSSL_malloc((num_points * 17 + 1) * sizeof(smallfelem)); + tmp_smallfelems = malloc((num_points * 17 + 1) * sizeof(smallfelem)); if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_smallfelems == NULL))) { ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_MALLOC_FAILURE); @@ -2026,11 +2026,11 @@ err: if (new_ctx != NULL) BN_CTX_free(new_ctx); if (secrets != NULL) - OPENSSL_free(secrets); + free(secrets); if (pre_comp != NULL) - OPENSSL_free(pre_comp); + free(pre_comp); if (tmp_smallfelems != NULL) - OPENSSL_free(tmp_smallfelems); + free(tmp_smallfelems); return ret; } diff --git a/lib/libcrypto/ec/ecp_nistp521.c b/lib/libcrypto/ec/ecp_nistp521.c index 178b655f7f1..24eb0329513 100644 --- a/lib/libcrypto/ec/ecp_nistp521.c +++ b/lib/libcrypto/ec/ecp_nistp521.c @@ -1533,7 +1533,7 @@ const EC_METHOD *EC_GFp_nistp521_method(void) static NISTP521_PRE_COMP *nistp521_pre_comp_new() { NISTP521_PRE_COMP *ret = NULL; - ret = (NISTP521_PRE_COMP *)OPENSSL_malloc(sizeof(NISTP521_PRE_COMP)); + ret = (NISTP521_PRE_COMP *)malloc(sizeof(NISTP521_PRE_COMP)); if (!ret) { ECerr(EC_F_NISTP521_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); @@ -1566,7 +1566,7 @@ static void nistp521_pre_comp_free(void *pre_) if (i > 0) return; - OPENSSL_free(pre); + free(pre); } static void nistp521_pre_comp_clear_free(void *pre_) @@ -1582,7 +1582,7 @@ static void nistp521_pre_comp_clear_free(void *pre_) return; OPENSSL_cleanse(pre, sizeof(*pre)); - OPENSSL_free(pre); + free(pre); } /******************************************************************************/ @@ -1766,10 +1766,10 @@ int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r, * converting those into affine form is time well spent */ mixed = 1; } - secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray)); - pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(felem)); + secrets = malloc(num_points * sizeof(felem_bytearray)); + pre_comp = malloc(num_points * 17 * 3 * sizeof(felem)); if (mixed) - tmp_felems = OPENSSL_malloc((num_points * 17 + 1) * sizeof(felem)); + tmp_felems = malloc((num_points * 17 + 1) * sizeof(felem)); if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) { ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_MALLOC_FAILURE); @@ -1891,11 +1891,11 @@ err: if (new_ctx != NULL) BN_CTX_free(new_ctx); if (secrets != NULL) - OPENSSL_free(secrets); + free(secrets); if (pre_comp != NULL) - OPENSSL_free(pre_comp); + free(pre_comp); if (tmp_felems != NULL) - OPENSSL_free(tmp_felems); + free(tmp_felems); return ret; } diff --git a/lib/libcrypto/ec/ecp_smpl.c b/lib/libcrypto/ec/ecp_smpl.c index bf0ad998dd0..a1467528170 100644 --- a/lib/libcrypto/ec/ecp_smpl.c +++ b/lib/libcrypto/ec/ecp_smpl.c @@ -1205,7 +1205,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT * We need twice that. */ pow2 <<= 1; - heap = OPENSSL_malloc(pow2 * sizeof heap[0]); + heap = malloc(pow2 * sizeof heap[0]); if (heap == NULL) goto err; /* The array is used as a binary tree, exactly as in heapsort: @@ -1333,7 +1333,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT if (heap[i] != NULL) BN_clear_free(heap[i]); } - OPENSSL_free(heap); + free(heap); } return ret; } diff --git a/lib/libcrypto/ecdh/ech_lib.c b/lib/libcrypto/ecdh/ech_lib.c index ddf226b1666..51fb7d6afb7 100644 --- a/lib/libcrypto/ecdh/ech_lib.c +++ b/lib/libcrypto/ecdh/ech_lib.c @@ -129,7 +129,7 @@ static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine) { ECDH_DATA *ret; - ret=(ECDH_DATA *)OPENSSL_malloc(sizeof(ECDH_DATA)); + ret=(ECDH_DATA *)malloc(sizeof(ECDH_DATA)); if (ret == NULL) { ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE); @@ -150,7 +150,7 @@ static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine) { ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_ENGINE_LIB); ENGINE_finish(ret->engine); - OPENSSL_free(ret); + free(ret); return NULL; } } @@ -162,7 +162,7 @@ static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine) if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data); - OPENSSL_free(ret); + free(ret); ret=NULL; } #endif @@ -198,7 +198,7 @@ void ecdh_data_free(void *data) OPENSSL_cleanse((void *)r, sizeof(ECDH_DATA)); - OPENSSL_free(r); + free(r); } ECDH_DATA *ecdh_check(EC_KEY *key) diff --git a/lib/libcrypto/ecdh/ech_ossl.c b/lib/libcrypto/ecdh/ech_ossl.c index 2a40ff12dfa..a63eb4922db 100644 --- a/lib/libcrypto/ecdh/ech_ossl.c +++ b/lib/libcrypto/ecdh/ech_ossl.c @@ -157,6 +157,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, goto err; } } +#ifndef OPENSSL_NO_EC2M else { if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) @@ -165,6 +166,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, goto err; } } +#endif buflen = (EC_GROUP_get_degree(group) + 7)/8; len = BN_num_bytes(x); @@ -173,7 +175,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR); goto err; } - if ((buf = OPENSSL_malloc(buflen)) == NULL) + if ((buf = malloc(buflen)) == NULL) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); goto err; @@ -208,6 +210,6 @@ err: if (tmp) EC_POINT_free(tmp); if (ctx) BN_CTX_end(ctx); if (ctx) BN_CTX_free(ctx); - if (buf) OPENSSL_free(buf); + if (buf) free(buf); return(ret); } diff --git a/lib/libcrypto/ecdsa/ecs_lib.c b/lib/libcrypto/ecdsa/ecs_lib.c index 7b53969ffd8..81842a11a6e 100644 --- a/lib/libcrypto/ecdsa/ecs_lib.c +++ b/lib/libcrypto/ecdsa/ecs_lib.c @@ -108,7 +108,7 @@ static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine) { ECDSA_DATA *ret; - ret=(ECDSA_DATA *)OPENSSL_malloc(sizeof(ECDSA_DATA)); + ret=(ECDSA_DATA *)malloc(sizeof(ECDSA_DATA)); if (ret == NULL) { ECDSAerr(ECDSA_F_ECDSA_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE); @@ -129,7 +129,7 @@ static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine) { ECDSAerr(ECDSA_F_ECDSA_DATA_NEW_METHOD, ERR_R_ENGINE_LIB); ENGINE_finish(ret->engine); - OPENSSL_free(ret); + free(ret); return NULL; } } @@ -141,7 +141,7 @@ static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine) if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data); - OPENSSL_free(ret); + free(ret); ret=NULL; } #endif @@ -176,7 +176,7 @@ static void ecdsa_data_free(void *data) OPENSSL_cleanse((void *)r, sizeof(ECDSA_DATA)); - OPENSSL_free(r); + free(r); } ECDSA_DATA *ecdsa_check(EC_KEY *key) diff --git a/lib/libcrypto/engine/eng_dyn.c b/lib/libcrypto/engine/eng_dyn.c index 807da7a5eb8..7878bd802ec 100644 --- a/lib/libcrypto/engine/eng_dyn.c +++ b/lib/libcrypto/engine/eng_dyn.c @@ -153,7 +153,7 @@ struct st_dynamic_data_ctx * structure. */ static int dynamic_ex_data_idx = -1; -static void int_free_str(char *s) { OPENSSL_free(s); } +static void int_free_str(char *s) { free(s); } /* Because our ex_data element may or may not get allocated depending on whether * a "first-use" occurs before the ENGINE is freed, we have a memory leak * problem to solve. We can't declare a "new" handler for the ex_data as we @@ -170,12 +170,12 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr, if(ctx->dynamic_dso) DSO_free(ctx->dynamic_dso); if(ctx->DYNAMIC_LIBNAME) - OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME); + free((void*)ctx->DYNAMIC_LIBNAME); if(ctx->engine_id) - OPENSSL_free((void*)ctx->engine_id); + free((void*)ctx->engine_id); if(ctx->dirs) sk_OPENSSL_STRING_pop_free(ctx->dirs, int_free_str); - OPENSSL_free(ctx); + free(ctx); } } @@ -186,7 +186,7 @@ static void dynamic_data_ctx_free_func(void *parent, void *ptr, static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) { dynamic_data_ctx *c; - c = OPENSSL_malloc(sizeof(dynamic_data_ctx)); + c = malloc(sizeof(dynamic_data_ctx)); if(!c) { ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); @@ -207,7 +207,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) if(!c->dirs) { ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX,ERR_R_MALLOC_FAILURE); - OPENSSL_free(c); + free(c); return 0; } CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); @@ -223,7 +223,7 @@ static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx) /* If we lost the race to set the context, c is non-NULL and *ctx is the * context of the thread that won. */ if(c) - OPENSSL_free(c); + free(c); return 1; } @@ -337,7 +337,7 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) if(p && (strlen((const char *)p) < 1)) p = NULL; if(ctx->DYNAMIC_LIBNAME) - OPENSSL_free((void*)ctx->DYNAMIC_LIBNAME); + free((void*)ctx->DYNAMIC_LIBNAME); if(p) ctx->DYNAMIC_LIBNAME = BUF_strdup(p); else @@ -351,7 +351,7 @@ static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) if(p && (strlen((const char *)p) < 1)) p = NULL; if(ctx->engine_id) - OPENSSL_free((void*)ctx->engine_id); + free((void*)ctx->engine_id); if(p) ctx->engine_id = BUF_strdup(p); else @@ -422,10 +422,10 @@ static int int_load(dynamic_data_ctx *ctx) if(DSO_load(ctx->dynamic_dso, merge, NULL, 0)) { /* Found what we're looking for */ - OPENSSL_free(merge); + free(merge); return 1; } - OPENSSL_free(merge); + free(merge); } return 0; } diff --git a/lib/libcrypto/engine/eng_lib.c b/lib/libcrypto/engine/eng_lib.c index 18a66646458..126bc022966 100644 --- a/lib/libcrypto/engine/eng_lib.c +++ b/lib/libcrypto/engine/eng_lib.c @@ -65,7 +65,7 @@ ENGINE *ENGINE_new(void) { ENGINE *ret; - ret = (ENGINE *)OPENSSL_malloc(sizeof(ENGINE)); + ret = (ENGINE *)malloc(sizeof(ENGINE)); if(ret == NULL) { ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE); @@ -133,7 +133,7 @@ int engine_free_util(ENGINE *e, int locked) if(e->destroy) e->destroy(e); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data); - OPENSSL_free(e); + free(e); return 1; } @@ -158,7 +158,7 @@ static int int_cleanup_check(int create) } static ENGINE_CLEANUP_ITEM *int_cleanup_item(ENGINE_CLEANUP_CB *cb) { - ENGINE_CLEANUP_ITEM *item = OPENSSL_malloc(sizeof( + ENGINE_CLEANUP_ITEM *item = malloc(sizeof( ENGINE_CLEANUP_ITEM)); if(!item) return NULL; item->cb = cb; @@ -184,7 +184,7 @@ void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb) static void engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item) { (*(item->cb))(); - OPENSSL_free(item); + free(item); } void ENGINE_cleanup(void) { diff --git a/lib/libcrypto/engine/eng_rsax.c b/lib/libcrypto/engine/eng_rsax.c index 96e63477eed..fa9159499db 100644 --- a/lib/libcrypto/engine/eng_rsax.c +++ b/lib/libcrypto/engine/eng_rsax.c @@ -282,7 +282,7 @@ static E_RSAX_MOD_CTX *e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM* m) hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx); if (!hptr) { - hptr = OPENSSL_malloc(3*sizeof(E_RSAX_MOD_CTX)); + hptr = malloc(3*sizeof(E_RSAX_MOD_CTX)); if (!hptr) return NULL; hptr[2].type = hptr[1].type= hptr[0].type = 0; RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr); @@ -307,7 +307,7 @@ static int e_rsax_rsa_finish(RSA *rsa) E_RSAX_MOD_CTX *hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx); if(hptr) { - OPENSSL_free(hptr); + free(hptr); RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL); } if (rsa->_method_mod_n) diff --git a/lib/libcrypto/engine/eng_table.c b/lib/libcrypto/engine/eng_table.c index 4fde9481852..b7e77f76252 100644 --- a/lib/libcrypto/engine/eng_table.c +++ b/lib/libcrypto/engine/eng_table.c @@ -146,14 +146,14 @@ int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate); if(!fnd) { - fnd = OPENSSL_malloc(sizeof(ENGINE_PILE)); + fnd = malloc(sizeof(ENGINE_PILE)); if(!fnd) goto end; fnd->uptodate = 1; fnd->nid = *nids; fnd->sk = sk_ENGINE_new_null(); if(!fnd->sk) { - OPENSSL_free(fnd); + free(fnd); goto end; } fnd->funct = NULL; @@ -218,7 +218,7 @@ static void int_cleanup_cb_doall(ENGINE_PILE *p) sk_ENGINE_free(p->sk); if(p->funct) engine_unlocked_finish(p->funct, 0); - OPENSSL_free(p); + free(p); } static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE) diff --git a/lib/libcrypto/err/err.c b/lib/libcrypto/err/err.c index f6f9d2c080c..93ed1da943c 100644 --- a/lib/libcrypto/err/err.c +++ b/lib/libcrypto/err/err.c @@ -572,7 +572,7 @@ static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; static void build_SYS_str_reasons(void) { - /* OPENSSL_malloc cannot be used here, use static storage instead */ + /* malloc cannot be used here, use static storage instead */ static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; int i; static int init = 1; @@ -625,7 +625,7 @@ static void build_SYS_str_reasons(void) if (((p)->err_data[i] != NULL) && \ (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ { \ - OPENSSL_free((p)->err_data[i]); \ + free((p)->err_data[i]); \ (p)->err_data[i]=NULL; \ } \ (p)->err_data_flags[i]=0; \ @@ -651,7 +651,7 @@ static void ERR_STATE_free(ERR_STATE *s) { err_clear_data(s,i); } - OPENSSL_free(s); + free(s); } void ERR_load_ERR_strings(void) @@ -1015,7 +1015,7 @@ ERR_STATE *ERR_get_state(void) /* ret == the error state, if NULL, make a new one */ if (ret == NULL) { - ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE)); + ret=(ERR_STATE *)malloc(sizeof(ERR_STATE)); if (ret == NULL) return(&fallback); CRYPTO_THREADID_cpy(&ret->tid, &tid); ret->top=0; @@ -1076,7 +1076,7 @@ void ERR_add_error_vdata(int num, va_list args) char *str,*p,*a; s=80; - str=OPENSSL_malloc(s+1); + str=malloc(s+1); if (str == NULL) return; str[0]='\0'; @@ -1091,10 +1091,10 @@ void ERR_add_error_vdata(int num, va_list args) if (n > s) { s=n+20; - p=OPENSSL_realloc(str,s+1); + p=realloc(str,s+1); if (p == NULL) { - OPENSSL_free(str); + free(str); return; } else diff --git a/lib/libcrypto/evp/bio_b64.c b/lib/libcrypto/evp/bio_b64.c index ac6d441aadb..27fc587ca80 100644 --- a/lib/libcrypto/evp/bio_b64.c +++ b/lib/libcrypto/evp/bio_b64.c @@ -113,7 +113,7 @@ static int b64_new(BIO *bi) { BIO_B64_CTX *ctx; - ctx=(BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX)); + ctx=(BIO_B64_CTX *)malloc(sizeof(BIO_B64_CTX)); if (ctx == NULL) return(0); ctx->buf_len=0; @@ -134,7 +134,7 @@ static int b64_new(BIO *bi) static int b64_free(BIO *a) { if (a == NULL) return(0); - OPENSSL_free(a->ptr); + free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/lib/libcrypto/evp/bio_enc.c b/lib/libcrypto/evp/bio_enc.c index b6efb5fbc4b..8fe9a45e481 100644 --- a/lib/libcrypto/evp/bio_enc.c +++ b/lib/libcrypto/evp/bio_enc.c @@ -109,7 +109,7 @@ static int enc_new(BIO *bi) { BIO_ENC_CTX *ctx; - ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX)); + ctx=(BIO_ENC_CTX *)malloc(sizeof(BIO_ENC_CTX)); if (ctx == NULL) return(0); EVP_CIPHER_CTX_init(&ctx->cipher); @@ -133,7 +133,7 @@ static int enc_free(BIO *a) b=(BIO_ENC_CTX *)a->ptr; EVP_CIPHER_CTX_cleanup(&(b->cipher)); OPENSSL_cleanse(a->ptr,sizeof(BIO_ENC_CTX)); - OPENSSL_free(a->ptr); + free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/lib/libcrypto/evp/bio_ok.c b/lib/libcrypto/evp/bio_ok.c index e64335353fd..fdb742f5544 100644 --- a/lib/libcrypto/evp/bio_ok.c +++ b/lib/libcrypto/evp/bio_ok.c @@ -178,7 +178,7 @@ static int ok_new(BIO *bi) { BIO_OK_CTX *ctx; - ctx=(BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX)); + ctx=(BIO_OK_CTX *)malloc(sizeof(BIO_OK_CTX)); if (ctx == NULL) return(0); ctx->buf_len=0; @@ -203,7 +203,7 @@ static int ok_free(BIO *a) if (a == NULL) return(0); EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md); OPENSSL_cleanse(a->ptr,sizeof(BIO_OK_CTX)); - OPENSSL_free(a->ptr); + free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/lib/libcrypto/evp/digest.c b/lib/libcrypto/evp/digest.c index 782d3199a5a..2fae68ef5ef 100644 --- a/lib/libcrypto/evp/digest.c +++ b/lib/libcrypto/evp/digest.c @@ -124,7 +124,7 @@ void EVP_MD_CTX_init(EVP_MD_CTX *ctx) EVP_MD_CTX *EVP_MD_CTX_create(void) { - EVP_MD_CTX *ctx=OPENSSL_malloc(sizeof *ctx); + EVP_MD_CTX *ctx=malloc(sizeof *ctx); if (ctx) EVP_MD_CTX_init(ctx); @@ -198,12 +198,12 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) if (ctx->digest != type) { if (ctx->digest && ctx->digest->ctx_size) - OPENSSL_free(ctx->md_data); + free(ctx->md_data); ctx->digest=type; if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) { ctx->update = type->update; - ctx->md_data=OPENSSL_malloc(type->ctx_size); + ctx->md_data=malloc(type->ctx_size); if (ctx->md_data == NULL) { EVPerr(EVP_F_EVP_DIGESTINIT_EX, @@ -298,7 +298,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) out->md_data = tmp_buf; else { - out->md_data=OPENSSL_malloc(out->digest->ctx_size); + out->md_data=malloc(out->digest->ctx_size); if (!out->md_data) { EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_MALLOC_FAILURE); @@ -347,7 +347,7 @@ void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx) if (ctx) { EVP_MD_CTX_cleanup(ctx); - OPENSSL_free(ctx); + free(ctx); } } @@ -364,7 +364,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) { OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); - OPENSSL_free(ctx->md_data); + free(ctx->md_data); } if (ctx->pctx) EVP_PKEY_CTX_free(ctx->pctx); diff --git a/lib/libcrypto/evp/e_aes.c b/lib/libcrypto/evp/e_aes.c index c7eaafe89b2..d6f0124a945 100644 --- a/lib/libcrypto/evp/e_aes.c +++ b/lib/libcrypto/evp/e_aes.c @@ -679,7 +679,7 @@ static int aes_gcm_cleanup(EVP_CIPHER_CTX *c) EVP_AES_GCM_CTX *gctx = c->cipher_data; OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm)); if (gctx->iv != c->iv) - OPENSSL_free(gctx->iv); + free(gctx->iv); return 1; } @@ -724,8 +724,8 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) { if (gctx->iv != c->iv) - OPENSSL_free(gctx->iv); - gctx->iv = OPENSSL_malloc(arg); + free(gctx->iv); + gctx->iv = malloc(arg); if (!gctx->iv) return 0; } diff --git a/lib/libcrypto/evp/evp_enc.c b/lib/libcrypto/evp/evp_enc.c index 50403a75780..e8ca5026332 100644 --- a/lib/libcrypto/evp/evp_enc.c +++ b/lib/libcrypto/evp/evp_enc.c @@ -78,7 +78,7 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) { - EVP_CIPHER_CTX *ctx=OPENSSL_malloc(sizeof *ctx); + EVP_CIPHER_CTX *ctx=malloc(sizeof *ctx); if (ctx) EVP_CIPHER_CTX_init(ctx); return ctx; @@ -164,7 +164,7 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp ctx->cipher=cipher; if (ctx->cipher->ctx_size) { - ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); + ctx->cipher_data=malloc(ctx->cipher->ctx_size); if (!ctx->cipher_data) { EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE); @@ -546,7 +546,7 @@ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) if (ctx) { EVP_CIPHER_CTX_cleanup(ctx); - OPENSSL_free(ctx); + free(ctx); } } @@ -561,7 +561,7 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); } if (c->cipher_data) - OPENSSL_free(c->cipher_data); + free(c->cipher_data); #ifndef OPENSSL_NO_ENGINE if (c->engine) /* The EVP_CIPHER we used belongs to an ENGINE, release the @@ -644,7 +644,7 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) if (in->cipher_data && in->cipher->ctx_size) { - out->cipher_data=OPENSSL_malloc(in->cipher->ctx_size); + out->cipher_data=malloc(in->cipher->ctx_size); if (!out->cipher_data) { EVPerr(EVP_F_EVP_CIPHER_CTX_COPY,ERR_R_MALLOC_FAILURE); diff --git a/lib/libcrypto/evp/evp_pbe.c b/lib/libcrypto/evp/evp_pbe.c index f8c32d825e7..c808b96fef8 100644 --- a/lib/libcrypto/evp/evp_pbe.c +++ b/lib/libcrypto/evp/evp_pbe.c @@ -238,7 +238,7 @@ int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid, EVP_PBE_CTL *pbe_tmp; if (!pbe_algs) pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp); - if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) + if (!(pbe_tmp = (EVP_PBE_CTL*) malloc (sizeof(EVP_PBE_CTL)))) { EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE,ERR_R_MALLOC_FAILURE); return 0; @@ -306,7 +306,7 @@ int EVP_PBE_find(int type, int pbe_nid, static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe) { - OPENSSL_freeFunc(pbe); + free(pbe); } void EVP_PBE_cleanup(void) diff --git a/lib/libcrypto/evp/p_lib.c b/lib/libcrypto/evp/p_lib.c index e26ccd0d086..7a9da3487a8 100644 --- a/lib/libcrypto/evp/p_lib.c +++ b/lib/libcrypto/evp/p_lib.c @@ -183,7 +183,7 @@ EVP_PKEY *EVP_PKEY_new(void) { EVP_PKEY *ret; - ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY)); + ret=(EVP_PKEY *)malloc(sizeof(EVP_PKEY)); if (ret == NULL) { EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE); @@ -405,7 +405,7 @@ void EVP_PKEY_free(EVP_PKEY *x) EVP_PKEY_free_it(x); if (x->attributes) sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); - OPENSSL_free(x); + free(x); } static void EVP_PKEY_free_it(EVP_PKEY *x) diff --git a/lib/libcrypto/evp/p_open.c b/lib/libcrypto/evp/p_open.c index c748fbea877..2a5ab2b6cc5 100644 --- a/lib/libcrypto/evp/p_open.c +++ b/lib/libcrypto/evp/p_open.c @@ -87,7 +87,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, } size=RSA_size(priv->pkey.rsa); - key=(unsigned char *)OPENSSL_malloc(size+2); + key=(unsigned char *)malloc(size+2); if (key == NULL) { /* ERROR */ @@ -106,7 +106,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, ret=1; err: if (key != NULL) OPENSSL_cleanse(key,size); - OPENSSL_free(key); + free(key); return(ret); } diff --git a/lib/libcrypto/evp/pmeth_lib.c b/lib/libcrypto/evp/pmeth_lib.c index b2d8de3a8de..a9fb15fdfe3 100644 --- a/lib/libcrypto/evp/pmeth_lib.c +++ b/lib/libcrypto/evp/pmeth_lib.c @@ -73,7 +73,7 @@ DECLARE_STACK_OF(EVP_PKEY_METHOD) STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth; -extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth; +extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth; static const EVP_PKEY_METHOD *standard_methods[] = { @@ -90,6 +90,7 @@ static const EVP_PKEY_METHOD *standard_methods[] = &ec_pkey_meth, #endif &hmac_pkey_meth, + &cmac_pkey_meth }; DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *, @@ -134,6 +135,8 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) id = pkey->ameth->pkey_id; } #ifndef OPENSSL_NO_ENGINE + if (pkey && pkey->engine) + e = pkey->engine; /* Try to find an ENGINE which implements this method */ if (e) { @@ -162,7 +165,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) return NULL; } - ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX)); + ret = malloc(sizeof(EVP_PKEY_CTX)); if (!ret) { #ifndef OPENSSL_NO_ENGINE @@ -197,10 +200,12 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags) { EVP_PKEY_METHOD *pmeth; - pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD)); + pmeth = malloc(sizeof(EVP_PKEY_METHOD)); if (!pmeth) return NULL; + memset(pmeth, 0, sizeof(EVP_PKEY_METHOD)); + pmeth->pkey_id = id; pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC; @@ -233,10 +238,60 @@ EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags) return pmeth; } +void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, + const EVP_PKEY_METHOD *meth) + { + if (ppkey_id) + *ppkey_id = meth->pkey_id; + if (pflags) + *pflags = meth->flags; + } + +void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src) + { + + dst->init = src->init; + dst->copy = src->copy; + dst->cleanup = src->cleanup; + + dst->paramgen_init = src->paramgen_init; + dst->paramgen = src->paramgen; + + dst->keygen_init = src->keygen_init; + dst->keygen = src->keygen; + + dst->sign_init = src->sign_init; + dst->sign = src->sign; + + dst->verify_init = src->verify_init; + dst->verify = src->verify; + + dst->verify_recover_init = src->verify_recover_init; + dst->verify_recover = src->verify_recover; + + dst->signctx_init = src->signctx_init; + dst->signctx = src->signctx; + + dst->verifyctx_init = src->verifyctx_init; + dst->verifyctx = src->verifyctx; + + dst->encrypt_init = src->encrypt_init; + dst->encrypt = src->encrypt; + + dst->decrypt_init = src->decrypt_init; + dst->decrypt = src->decrypt; + + dst->derive_init = src->derive_init; + dst->derive = src->derive; + + dst->ctrl = src->ctrl; + dst->ctrl_str = src->ctrl_str; + } + void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth) { if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC)) - OPENSSL_free(pmeth); + free(pmeth); } EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e) @@ -262,7 +317,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) return 0; } #endif - rctx = OPENSSL_malloc(sizeof(EVP_PKEY_CTX)); + rctx = malloc(sizeof(EVP_PKEY_CTX)); if (!rctx) return NULL; @@ -323,7 +378,7 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) * functional reference we held for this reason. */ ENGINE_finish(ctx->engine); #endif - OPENSSL_free(ctx); + free(ctx); } int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, diff --git a/lib/libcrypto/ex_data.c b/lib/libcrypto/ex_data.c index 44bad59527d..4c09f9ee020 100644 --- a/lib/libcrypto/ex_data.c +++ b/lib/libcrypto/ex_data.c @@ -290,7 +290,7 @@ ex_data_check(void) static void def_cleanup_util_cb(CRYPTO_EX_DATA_FUNCS *funcs) { - OPENSSL_free(funcs); + free(funcs); } /* This callback is used in lh_doall to destroy all EX_CLASS_ITEM values from @@ -301,7 +301,7 @@ def_cleanup_cb(void *a_void) { EX_CLASS_ITEM *item = (EX_CLASS_ITEM *)a_void; sk_CRYPTO_EX_DATA_FUNCS_pop_free(item->meth, def_cleanup_util_cb); - OPENSSL_free(item); + free(item); } /* Return the EX_CLASS_ITEM from the "ex_data" hash table that corresponds to a @@ -315,13 +315,13 @@ static EX_CLASS_ITEM CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA); p = lh_EX_CLASS_ITEM_retrieve(ex_data, &d); if (!p) { - gen = OPENSSL_malloc(sizeof(EX_CLASS_ITEM)); + gen = malloc(sizeof(EX_CLASS_ITEM)); if (gen) { gen->class_index = class_index; gen->meth_num = 0; gen->meth = sk_CRYPTO_EX_DATA_FUNCS_new_null(); if (!gen->meth) - OPENSSL_free(gen); + free(gen); else { /* Because we're inside the ex_data lock, the * return value from the insert will be NULL */ @@ -343,7 +343,7 @@ def_add_index(EX_CLASS_ITEM *item, long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) { int toret = -1; - CRYPTO_EX_DATA_FUNCS *a = (CRYPTO_EX_DATA_FUNCS *)OPENSSL_malloc( + CRYPTO_EX_DATA_FUNCS *a = (CRYPTO_EX_DATA_FUNCS *)malloc( sizeof(CRYPTO_EX_DATA_FUNCS)); if (!a) { CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX, ERR_R_MALLOC_FAILURE); @@ -358,7 +358,7 @@ def_add_index(EX_CLASS_ITEM *item, long argl, void *argp, while (sk_CRYPTO_EX_DATA_FUNCS_num(item->meth) <= item->meth_num) { if (!sk_CRYPTO_EX_DATA_FUNCS_push(item->meth, NULL)) { CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX, ERR_R_MALLOC_FAILURE); - OPENSSL_free(a); + free(a); goto err; } } @@ -422,7 +422,7 @@ int_new_ex_data(int class_index, void *obj, CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth); if (mx > 0) { - storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); + storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); if (!storage) goto skip; for (i = 0; i < mx; i++) @@ -442,7 +442,7 @@ skip: } } if (storage) - OPENSSL_free(storage); + free(storage); return 1; } @@ -466,7 +466,7 @@ int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, if (j < mx) mx = j; if (mx > 0) { - storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); + storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); if (!storage) goto skip; for (i = 0; i < mx; i++) @@ -486,7 +486,7 @@ skip: CRYPTO_set_ex_data(to, i, ptr); } if (storage) - OPENSSL_free(storage); + free(storage); return 1; } @@ -503,7 +503,7 @@ int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad) CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA); mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth); if (mx > 0) { - storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); + storage = malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS*)); if (!storage) goto skip; for (i = 0; i < mx; i++) @@ -523,7 +523,7 @@ skip: } } if (storage) - OPENSSL_free(storage); + free(storage); if (ad->sk) { sk_void_free(ad->sk); ad->sk = NULL; diff --git a/lib/libcrypto/hmac/hm_ameth.c b/lib/libcrypto/hmac/hm_ameth.c index 6d8a89149ee..fbada40d9cc 100644 --- a/lib/libcrypto/hmac/hm_ameth.c +++ b/lib/libcrypto/hmac/hm_ameth.c @@ -122,7 +122,7 @@ static int old_hmac_encode(const EVP_PKEY *pkey, unsigned char **pder) { if (!*pder) { - *pder = OPENSSL_malloc(os->length); + *pder = malloc(os->length); inc = 0; } else inc = 1; @@ -153,7 +153,7 @@ const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = hmac_size, 0, - 0,0,0,0,0,0, + 0,0,0,0,0,0,0, hmac_key_free, hmac_pkey_ctrl, diff --git a/lib/libcrypto/hmac/hm_pmeth.c b/lib/libcrypto/hmac/hm_pmeth.c index 985921ca1ae..f1c67329d03 100644 --- a/lib/libcrypto/hmac/hm_pmeth.c +++ b/lib/libcrypto/hmac/hm_pmeth.c @@ -75,7 +75,7 @@ typedef struct static int pkey_hmac_init(EVP_PKEY_CTX *ctx) { HMAC_PKEY_CTX *hctx; - hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX)); + hctx = malloc(sizeof(HMAC_PKEY_CTX)); if (!hctx) return 0; hctx->md = NULL; @@ -100,7 +100,8 @@ static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) dctx = dst->data; dctx->md = sctx->md; HMAC_CTX_init(&dctx->ctx); - HMAC_CTX_copy(&dctx->ctx, &sctx->ctx); + if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx)) + return 0; if (sctx->ktmp.data) { if (!ASN1_OCTET_STRING_set(&dctx->ktmp, @@ -118,10 +119,10 @@ static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx) { if (hctx->ktmp.length) OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length); - OPENSSL_free(hctx->ktmp.data); + free(hctx->ktmp.data); hctx->ktmp.data = NULL; } - OPENSSL_free(hctx); + free(hctx); } static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) @@ -141,12 +142,15 @@ static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count) { HMAC_PKEY_CTX *hctx = ctx->pctx->data; - HMAC_Update(&hctx->ctx, data, count); + if (!HMAC_Update(&hctx->ctx, data, count)) + return 0; return 1; } static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) { + HMAC_PKEY_CTX *hctx = ctx->data; + HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT); EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); mctx->update = int_update; return 1; @@ -165,7 +169,8 @@ static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, if (!sig) return 1; - HMAC_Final(&hctx->ctx, sig, &hlen); + if (!HMAC_Final(&hctx->ctx, sig, &hlen)) + return 0; *siglen = (size_t)hlen; return 1; } @@ -190,8 +195,9 @@ static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) case EVP_PKEY_CTRL_DIGESTINIT: key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; - HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, - ctx->engine); + if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md, + ctx->engine)) + return 0; break; default: @@ -223,7 +229,7 @@ static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, if (!key) return 0; r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key); - OPENSSL_free(key); + free(key); return r; } return -2; diff --git a/lib/libcrypto/lhash/lh_test.c b/lib/libcrypto/lhash/lh_test.c index 85700c859bf..2224a216abd 100644 --- a/lib/libcrypto/lhash/lh_test.c +++ b/lib/libcrypto/lhash/lh_test.c @@ -76,7 +76,7 @@ main() fgets(buf,256,stdin); if (buf[0] == '\0') break; i=strlen(buf); - p=OPENSSL_malloc(i+1); + p=malloc(i+1); memcpy(p,buf,i+1); lh_insert(conf,p); } diff --git a/lib/libcrypto/lhash/lhash.c b/lib/libcrypto/lhash/lhash.c index 47f748081bb..78ba26db836 100644 --- a/lib/libcrypto/lhash/lhash.c +++ b/lib/libcrypto/lhash/lhash.c @@ -116,9 +116,9 @@ _LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c) _LHASH *ret; int i; - if ((ret=OPENSSL_malloc(sizeof(_LHASH))) == NULL) + if ((ret=malloc(sizeof(_LHASH))) == NULL) goto err0; - if ((ret->b=OPENSSL_malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) + if ((ret->b=malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) goto err1; for (i=0; i<MIN_NODES; i++) ret->b[i]=NULL; @@ -149,7 +149,7 @@ _LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c) ret->error=0; return(ret); err1: - OPENSSL_free(ret); + free(ret); err0: return(NULL); } @@ -168,12 +168,12 @@ void lh_free(_LHASH *lh) while (n != NULL) { nn=n->next; - OPENSSL_free(n); + free(n); n=nn; } } - OPENSSL_free(lh->b); - OPENSSL_free(lh); + free(lh->b); + free(lh); } void *lh_insert(_LHASH *lh, void *data) @@ -190,7 +190,7 @@ void *lh_insert(_LHASH *lh, void *data) if (*rn == NULL) { - if ((nn=(LHASH_NODE *)OPENSSL_malloc(sizeof(LHASH_NODE))) == NULL) + if ((nn=(LHASH_NODE *)malloc(sizeof(LHASH_NODE))) == NULL) { lh->error++; return(NULL); @@ -233,7 +233,7 @@ void *lh_delete(_LHASH *lh, const void *data) nn= *rn; *rn=nn->next; ret=nn->data; - OPENSSL_free(nn); + free(nn); lh->num_delete++; } @@ -343,7 +343,7 @@ static void expand(_LHASH *lh) if ((lh->p) >= lh->pmax) { j=(int)lh->num_alloc_nodes*2; - n=(LHASH_NODE **)OPENSSL_realloc(lh->b, + n=(LHASH_NODE **)realloc(lh->b, (int)(sizeof(LHASH_NODE *)*j)); if (n == NULL) { @@ -371,7 +371,7 @@ static void contract(_LHASH *lh) lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */ if (lh->p == 0) { - n=(LHASH_NODE **)OPENSSL_realloc(lh->b, + n=(LHASH_NODE **)realloc(lh->b, (unsigned int)(sizeof(LHASH_NODE *)*lh->pmax)); if (n == NULL) { diff --git a/lib/libcrypto/modes/gcm128.c b/lib/libcrypto/modes/gcm128.c index 7d6d0349702..52de0843182 100644 --- a/lib/libcrypto/modes/gcm128.c +++ b/lib/libcrypto/modes/gcm128.c @@ -723,7 +723,7 @@ void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx,void *key,block128_f block) # endif gcm_init_4bit(ctx->Htable,ctx->H.u); # if defined(GHASH_ASM_X86) /* x86 only */ -# if defined(OPENSSL_IA32_SSE2) +# if defined(OPENSSL_IA32_SSE2) if (OPENSSL_ia32cap_P[0]&(1<<25)) { /* check SSE bit */ # else if (OPENSSL_ia32cap_P[0]&(1<<23)) { /* check MMX bit */ @@ -810,7 +810,11 @@ void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx,const unsigned char *iv,size_t len) GCM_MUL(ctx,Yi); if (is_endian.little) +#ifdef BSWAP4 + ctr = BSWAP4(ctx->Yi.d[3]); +#else ctr = GETU32(ctx->Yi.c+12); +#endif else ctr = ctx->Yi.d[3]; } @@ -818,7 +822,11 @@ void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx,const unsigned char *iv,size_t len) (*ctx->block)(ctx->Yi.c,ctx->EK0.c,ctx->key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; } @@ -913,7 +921,11 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, } if (is_endian.little) +#ifdef BSWAP4 + ctr = BSWAP4(ctx->Yi.d[3]); +#else ctr = GETU32(ctx->Yi.c+12); +#endif else ctr = ctx->Yi.d[3]; @@ -941,15 +953,21 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, size_t j=GHASH_CHUNK; while (j) { + size_t *out_t=(size_t *)out; + const size_t *in_t=(const size_t *)in; + (*block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; - for (i=0; i<16; i+=sizeof(size_t)) - *(size_t *)(out+i) = - *(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i); + for (i=0; i<16/sizeof(size_t); ++i) + out_t[i] = in_t[i] ^ ctx->EKi.t[i]; out += 16; in += 16; j -= 16; @@ -961,15 +979,21 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, size_t j=i; while (len>=16) { + size_t *out_t=(size_t *)out; + const size_t *in_t=(const size_t *)in; + (*block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; - for (i=0; i<16; i+=sizeof(size_t)) - *(size_t *)(out+i) = - *(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i); + for (i=0; i<16/sizeof(size_t); ++i) + out_t[i] = in_t[i] ^ ctx->EKi.t[i]; out += 16; in += 16; len -= 16; @@ -978,16 +1002,22 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, } #else while (len>=16) { + size_t *out_t=(size_t *)out; + const size_t *in_t=(const size_t *)in; + (*block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; - for (i=0; i<16; i+=sizeof(size_t)) - *(size_t *)(ctx->Xi.c+i) ^= - *(size_t *)(out+i) = - *(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i); + for (i=0; i<16/sizeof(size_t); ++i) + ctx->Xi.t[i] ^= + out_t[i] = in_t[i]^ctx->EKi.t[i]; GCM_MUL(ctx,Xi); out += 16; in += 16; @@ -998,7 +1028,11 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, (*block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; while (len--) { @@ -1016,7 +1050,11 @@ int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, (*block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; } @@ -1060,7 +1098,11 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, } if (is_endian.little) +#ifdef BSWAP4 + ctr = BSWAP4(ctx->Yi.d[3]); +#else ctr = GETU32(ctx->Yi.c+12); +#endif else ctr = ctx->Yi.d[3]; @@ -1091,15 +1133,21 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, GHASH(ctx,in,GHASH_CHUNK); while (j) { + size_t *out_t=(size_t *)out; + const size_t *in_t=(const size_t *)in; + (*block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; - for (i=0; i<16; i+=sizeof(size_t)) - *(size_t *)(out+i) = - *(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i); + for (i=0; i<16/sizeof(size_t); ++i) + out_t[i] = in_t[i]^ctx->EKi.t[i]; out += 16; in += 16; j -= 16; @@ -1109,15 +1157,21 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, if ((i = (len&(size_t)-16))) { GHASH(ctx,in,i); while (len>=16) { + size_t *out_t=(size_t *)out; + const size_t *in_t=(const size_t *)in; + (*block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; - for (i=0; i<16; i+=sizeof(size_t)) - *(size_t *)(out+i) = - *(size_t *)(in+i)^*(size_t *)(ctx->EKi.c+i); + for (i=0; i<16/sizeof(size_t); ++i) + out_t[i] = in_t[i]^ctx->EKi.t[i]; out += 16; in += 16; len -= 16; @@ -1125,16 +1179,23 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, } #else while (len>=16) { + size_t *out_t=(size_t *)out; + const size_t *in_t=(const size_t *)in; + (*block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; - for (i=0; i<16; i+=sizeof(size_t)) { - size_t c = *(size_t *)(in+i); - *(size_t *)(out+i) = c^*(size_t *)(ctx->EKi.c+i); - *(size_t *)(ctx->Xi.c+i) ^= c; + for (i=0; i<16/sizeof(size_t); ++i) { + size_t c = in[i]; + out[i] = c^ctx->EKi.t[i]; + ctx->Xi.t[i] ^= c; } GCM_MUL(ctx,Xi); out += 16; @@ -1146,7 +1207,11 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, (*block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; while (len--) { @@ -1167,7 +1232,11 @@ int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, (*block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; } @@ -1212,7 +1281,11 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, } if (is_endian.little) +#ifdef BSWAP4 + ctr = BSWAP4(ctx->Yi.d[3]); +#else ctr = GETU32(ctx->Yi.c+12); +#endif else ctr = ctx->Yi.d[3]; @@ -1234,7 +1307,11 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, (*stream)(in,out,GHASH_CHUNK/16,key,ctx->Yi.c); ctr += GHASH_CHUNK/16; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; GHASH(ctx,out,GHASH_CHUNK); @@ -1249,7 +1326,11 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, (*stream)(in,out,j,key,ctx->Yi.c); ctr += (unsigned int)j; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; in += i; @@ -1269,7 +1350,11 @@ int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, (*ctx->block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; while (len--) { @@ -1311,7 +1396,11 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, } if (is_endian.little) +#ifdef BSWAP4 + ctr = BSWAP4(ctx->Yi.d[3]); +#else ctr = GETU32(ctx->Yi.c+12); +#endif else ctr = ctx->Yi.d[3]; @@ -1336,7 +1425,11 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, (*stream)(in,out,GHASH_CHUNK/16,key,ctx->Yi.c); ctr += GHASH_CHUNK/16; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; out += GHASH_CHUNK; @@ -1362,7 +1455,11 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, (*stream)(in,out,j,key,ctx->Yi.c); ctr += (unsigned int)j; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; out += i; @@ -1373,7 +1470,11 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, (*ctx->block)(ctx->Yi.c,ctx->EKi.c,key); ++ctr; if (is_endian.little) +#ifdef BSWAP4 + ctx->Yi.d[3] = BSWAP4(ctr); +#else PUTU32(ctx->Yi.c+12,ctr); +#endif else ctx->Yi.d[3] = ctr; while (len--) { @@ -1398,7 +1499,7 @@ int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx,const unsigned char *tag, void (*gcm_gmult_p)(u64 Xi[2],const u128 Htable[16]) = ctx->gmult; #endif - if (ctx->mres) + if (ctx->mres || ctx->ares) GCM_MUL(ctx,Xi); if (is_endian.little) { @@ -1439,7 +1540,7 @@ GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block) { GCM128_CONTEXT *ret; - if ((ret = (GCM128_CONTEXT *)OPENSSL_malloc(sizeof(GCM128_CONTEXT)))) + if ((ret = (GCM128_CONTEXT *)malloc(sizeof(GCM128_CONTEXT)))) CRYPTO_gcm128_init(ret,key,block); return ret; @@ -1449,7 +1550,7 @@ void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx) { if (ctx) { OPENSSL_cleanse(ctx,sizeof(*ctx)); - OPENSSL_free(ctx); + free(ctx); } } @@ -1669,6 +1770,46 @@ static const u8 IV18[]={0x93,0x13,0x22,0x5d,0xf8,0x84,0x06,0xe5,0x55,0x90,0x9c,0 0xa2,0x41,0x89,0x97,0x20,0x0e,0xf8,0x2e,0x44,0xae,0x7e,0x3f}, T18[]= {0xa4,0x4a,0x82,0x66,0xee,0x1c,0x8e,0xb0,0xc8,0xb5,0xd4,0xcf,0x5a,0xe9,0xf1,0x9a}; +/* Test Case 19 */ +#define K19 K1 +#define P19 P1 +#define IV19 IV1 +#define C19 C1 +static const u8 A19[]= {0xd9,0x31,0x32,0x25,0xf8,0x84,0x06,0xe5,0xa5,0x59,0x09,0xc5,0xaf,0xf5,0x26,0x9a, + 0x86,0xa7,0xa9,0x53,0x15,0x34,0xf7,0xda,0x2e,0x4c,0x30,0x3d,0x8a,0x31,0x8a,0x72, + 0x1c,0x3c,0x0c,0x95,0x95,0x68,0x09,0x53,0x2f,0xcf,0x0e,0x24,0x49,0xa6,0xb5,0x25, + 0xb1,0x6a,0xed,0xf5,0xaa,0x0d,0xe6,0x57,0xba,0x63,0x7b,0x39,0x1a,0xaf,0xd2,0x55, + 0x52,0x2d,0xc1,0xf0,0x99,0x56,0x7d,0x07,0xf4,0x7f,0x37,0xa3,0x2a,0x84,0x42,0x7d, + 0x64,0x3a,0x8c,0xdc,0xbf,0xe5,0xc0,0xc9,0x75,0x98,0xa2,0xbd,0x25,0x55,0xd1,0xaa, + 0x8c,0xb0,0x8e,0x48,0x59,0x0d,0xbb,0x3d,0xa7,0xb0,0x8b,0x10,0x56,0x82,0x88,0x38, + 0xc5,0xf6,0x1e,0x63,0x93,0xba,0x7a,0x0a,0xbc,0xc9,0xf6,0x62,0x89,0x80,0x15,0xad}, + T19[]= {0x5f,0xea,0x79,0x3a,0x2d,0x6f,0x97,0x4d,0x37,0xe6,0x8e,0x0c,0xb8,0xff,0x94,0x92}; + +/* Test Case 20 */ +#define K20 K1 +#define A20 A1 +static const u8 IV20[64]={0xff,0xff,0xff,0xff}, /* this results in 0xff in counter LSB */ + P20[288], + C20[]= {0x56,0xb3,0x37,0x3c,0xa9,0xef,0x6e,0x4a,0x2b,0x64,0xfe,0x1e,0x9a,0x17,0xb6,0x14, + 0x25,0xf1,0x0d,0x47,0xa7,0x5a,0x5f,0xce,0x13,0xef,0xc6,0xbc,0x78,0x4a,0xf2,0x4f, + 0x41,0x41,0xbd,0xd4,0x8c,0xf7,0xc7,0x70,0x88,0x7a,0xfd,0x57,0x3c,0xca,0x54,0x18, + 0xa9,0xae,0xff,0xcd,0x7c,0x5c,0xed,0xdf,0xc6,0xa7,0x83,0x97,0xb9,0xa8,0x5b,0x49, + 0x9d,0xa5,0x58,0x25,0x72,0x67,0xca,0xab,0x2a,0xd0,0xb2,0x3c,0xa4,0x76,0xa5,0x3c, + 0xb1,0x7f,0xb4,0x1c,0x4b,0x8b,0x47,0x5c,0xb4,0xf3,0xf7,0x16,0x50,0x94,0xc2,0x29, + 0xc9,0xe8,0xc4,0xdc,0x0a,0x2a,0x5f,0xf1,0x90,0x3e,0x50,0x15,0x11,0x22,0x13,0x76, + 0xa1,0xcd,0xb8,0x36,0x4c,0x50,0x61,0xa2,0x0c,0xae,0x74,0xbc,0x4a,0xcd,0x76,0xce, + 0xb0,0xab,0xc9,0xfd,0x32,0x17,0xef,0x9f,0x8c,0x90,0xbe,0x40,0x2d,0xdf,0x6d,0x86, + 0x97,0xf4,0xf8,0x80,0xdf,0xf1,0x5b,0xfb,0x7a,0x6b,0x28,0x24,0x1e,0xc8,0xfe,0x18, + 0x3c,0x2d,0x59,0xe3,0xf9,0xdf,0xff,0x65,0x3c,0x71,0x26,0xf0,0xac,0xb9,0xe6,0x42, + 0x11,0xf4,0x2b,0xae,0x12,0xaf,0x46,0x2b,0x10,0x70,0xbe,0xf1,0xab,0x5e,0x36,0x06, + 0x87,0x2c,0xa1,0x0d,0xee,0x15,0xb3,0x24,0x9b,0x1a,0x1b,0x95,0x8f,0x23,0x13,0x4c, + 0x4b,0xcc,0xb7,0xd0,0x32,0x00,0xbc,0xe4,0x20,0xa2,0xf8,0xeb,0x66,0xdc,0xf3,0x64, + 0x4d,0x14,0x23,0xc1,0xb5,0x69,0x90,0x03,0xc1,0x3e,0xce,0xf4,0xbf,0x38,0xa3,0xb6, + 0x0e,0xed,0xc3,0x40,0x33,0xba,0xc1,0x90,0x27,0x83,0xdc,0x6d,0x89,0xe2,0xe7,0x74, + 0x18,0x8a,0x43,0x9c,0x7e,0xbc,0xc0,0x67,0x2d,0xbd,0xa4,0xdd,0xcf,0xb2,0x79,0x46, + 0x13,0xb0,0xbe,0x41,0x31,0x5e,0xf7,0x78,0x70,0x8a,0x70,0xee,0x7d,0x75,0x16,0x5c}, + T20[]= {0x8b,0x30,0x7f,0x6b,0x33,0x28,0x6d,0x0a,0xb0,0x26,0xa9,0xed,0x3f,0xe1,0xe8,0x5f}; + #define TEST_CASE(n) do { \ u8 out[sizeof(P##n)]; \ AES_set_encrypt_key(K##n,sizeof(K##n)*8,&key); \ @@ -1713,6 +1854,8 @@ int main() TEST_CASE(16); TEST_CASE(17); TEST_CASE(18); + TEST_CASE(19); + TEST_CASE(20); #ifdef OPENSSL_CPUID_OBJ { @@ -1743,11 +1886,16 @@ int main() ctr_t/(double)sizeof(buf), (gcm_t-ctr_t)/(double)sizeof(buf)); #ifdef GHASH - GHASH(&ctx,buf.c,sizeof(buf)); + { + void (*gcm_ghash_p)(u64 Xi[2],const u128 Htable[16], + const u8 *inp,size_t len) = ctx.ghash; + + GHASH((&ctx),buf.c,sizeof(buf)); start = OPENSSL_rdtsc(); - for (i=0;i<100;++i) GHASH(&ctx,buf.c,sizeof(buf)); + for (i=0;i<100;++i) GHASH((&ctx),buf.c,sizeof(buf)); gcm_t = OPENSSL_rdtsc() - start; printf("%.2f\n",gcm_t/(double)sizeof(buf)/(double)i); + } #endif } #endif diff --git a/lib/libcrypto/objects/o_names.c b/lib/libcrypto/objects/o_names.c index 4a548c2ed49..4c959db2dac 100644 --- a/lib/libcrypto/objects/o_names.c +++ b/lib/libcrypto/objects/o_names.c @@ -83,7 +83,7 @@ int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), for (i=sk_NAME_FUNCS_num(name_funcs_stack); i<names_type_num; i++) { MemCheck_off(); - name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS)); + name_funcs = malloc(sizeof(NAME_FUNCS)); MemCheck_on(); if (!name_funcs) { @@ -192,7 +192,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data) alias=type&OBJ_NAME_ALIAS; type&= ~OBJ_NAME_ALIAS; - onp=(OBJ_NAME *)OPENSSL_malloc(sizeof(OBJ_NAME)); + onp=(OBJ_NAME *)malloc(sizeof(OBJ_NAME)); if (onp == NULL) { /* ERROR */ @@ -217,7 +217,7 @@ int OBJ_NAME_add(const char *name, int type, const char *data) sk_NAME_FUNCS_value(name_funcs_stack, ret->type)->free_func(ret->name,ret->type,ret->data); } - OPENSSL_free(ret); + free(ret); } else { @@ -252,7 +252,7 @@ int OBJ_NAME_remove(const char *name, int type) sk_NAME_FUNCS_value(name_funcs_stack, ret->type)->free_func(ret->name,ret->type,ret->data); } - OPENSSL_free(ret); + free(ret); return(1); } else @@ -318,7 +318,7 @@ void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg), int n; d.type=type; - d.names=OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh)*sizeof *d.names); + d.names=malloc(lh_OBJ_NAME_num_items(names_lh)*sizeof *d.names); d.n=0; OBJ_NAME_do_all(type,do_all_sorted_fn,&d); @@ -327,7 +327,7 @@ void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg), for(n=0 ; n < d.n ; ++n) fn(d.names[n],arg); - OPENSSL_free((void *)d.names); + free((void *)d.names); } static int free_type; @@ -345,7 +345,7 @@ static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME) static void name_funcs_free(NAME_FUNCS *ptr) { - OPENSSL_free(ptr); + free(ptr); } void OBJ_NAME_cleanup(int type) diff --git a/lib/libcrypto/objects/obj_dat.c b/lib/libcrypto/objects/obj_dat.c index bced796e624..641a97c8aa8 100644 --- a/lib/libcrypto/objects/obj_dat.c +++ b/lib/libcrypto/objects/obj_dat.c @@ -199,7 +199,7 @@ static void cleanup3_doall(ADDED_OBJ *a) { if (--a->obj->nid == 0) ASN1_OBJECT_free(a->obj); - OPENSSL_free(a); + free(a); } static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ) @@ -253,13 +253,13 @@ int OBJ_add_object(const ASN1_OBJECT *obj) if (added == NULL) if (!init_added()) return(0); if ((o=OBJ_dup(obj)) == NULL) goto err; - if (!(ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2; + if (!(ao[ADDED_NID]=(ADDED_OBJ *)malloc(sizeof(ADDED_OBJ)))) goto err2; if ((o->length != 0) && (obj->data != NULL)) - if (!(ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2; + if (!(ao[ADDED_DATA]=(ADDED_OBJ *)malloc(sizeof(ADDED_OBJ)))) goto err2; if (o->sn != NULL) - if (!(ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2; + if (!(ao[ADDED_SNAME]=(ADDED_OBJ *)malloc(sizeof(ADDED_OBJ)))) goto err2; if (o->ln != NULL) - if (!(ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)))) goto err2; + if (!(ao[ADDED_LNAME]=(ADDED_OBJ *)malloc(sizeof(ADDED_OBJ)))) goto err2; for (i=ADDED_DATA; i<=ADDED_NID; i++) { @@ -270,7 +270,7 @@ int OBJ_add_object(const ASN1_OBJECT *obj) aop=lh_ADDED_OBJ_insert(added,ao[i]); /* memory leak, buit should not normally matter */ if (aop != NULL) - OPENSSL_free(aop); + free(aop); } } o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| @@ -281,8 +281,8 @@ err2: OBJerr(OBJ_F_OBJ_ADD_OBJECT,ERR_R_MALLOC_FAILURE); err: for (i=ADDED_DATA; i<=ADDED_NID; i++) - if (ao[i] != NULL) OPENSSL_free(ao[i]); - if (o != NULL) OPENSSL_free(o); + if (ao[i] != NULL) free(ao[i]); + if (o != NULL) free(o); return(NID_undef); } @@ -449,7 +449,7 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) /* Work out total size */ j = ASN1_object_size(0,i,V_ASN1_OBJECT); - if((buf=(unsigned char *)OPENSSL_malloc(j)) == NULL) return NULL; + if((buf=(unsigned char *)malloc(j)) == NULL) return NULL; p = buf; /* Write out tag+length */ @@ -459,7 +459,7 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) cp=buf; op=d2i_ASN1_OBJECT(NULL,&cp,j); - OPENSSL_free(buf); + free(buf); return op; } @@ -590,7 +590,7 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) } n++; n += i; - OPENSSL_free(bndec); + free(bndec); } else { @@ -774,7 +774,7 @@ int OBJ_create(const char *oid, const char *sn, const char *ln) i=a2d_ASN1_OBJECT(NULL,0,oid,-1); if (i <= 0) return(0); - if ((buf=(unsigned char *)OPENSSL_malloc(i)) == NULL) + if ((buf=(unsigned char *)malloc(i)) == NULL) { OBJerr(OBJ_F_OBJ_CREATE,ERR_R_MALLOC_FAILURE); return(0); @@ -788,7 +788,7 @@ int OBJ_create(const char *oid, const char *sn, const char *ln) ok=OBJ_add_object(op); err: ASN1_OBJECT_free(op); - OPENSSL_free(buf); + free(buf); return(ok); } diff --git a/lib/libcrypto/objects/obj_lib.c b/lib/libcrypto/objects/obj_lib.c index 23e9d48cdf3..338fe851fc6 100644 --- a/lib/libcrypto/objects/obj_lib.c +++ b/lib/libcrypto/objects/obj_lib.c @@ -80,7 +80,7 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB); return(NULL); } - data=OPENSSL_malloc(o->length); + data=malloc(o->length); if (data == NULL) goto err; if (o->data != NULL) @@ -93,7 +93,7 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) if (o->ln != NULL) { i=strlen(o->ln)+1; - ln=OPENSSL_malloc(i); + ln=malloc(i); if (ln == NULL) goto err; memcpy(ln,o->ln,i); r->ln=ln; @@ -102,7 +102,7 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) if (o->sn != NULL) { i=strlen(o->sn)+1; - sn=OPENSSL_malloc(i); + sn=malloc(i); if (sn == NULL) goto err; memcpy(sn,o->sn,i); r->sn=sn; @@ -112,10 +112,10 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) return(r); err: OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE); - if (ln != NULL) OPENSSL_free(ln); - if (sn != NULL) OPENSSL_free(sn); - if (data != NULL) OPENSSL_free(data); - if (r != NULL) OPENSSL_free(r); + if (ln != NULL) free(ln); + if (sn != NULL) free(sn); + if (data != NULL) free(data); + if (r != NULL) free(r); return(NULL); } diff --git a/lib/libcrypto/objects/obj_xref.c b/lib/libcrypto/objects/obj_xref.c index 152eca5c671..797adc8d108 100644 --- a/lib/libcrypto/objects/obj_xref.c +++ b/lib/libcrypto/objects/obj_xref.c @@ -110,8 +110,10 @@ int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid) #endif if (rv == NULL) return 0; - *pdig_nid = rv->hash_id; - *ppkey_nid = rv->pkey_id; + if (pdig_nid) + *pdig_nid = rv->hash_id; + if (ppkey_nid) + *ppkey_nid = rv->pkey_id; return 1; } @@ -144,7 +146,8 @@ int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid) #endif if (rv == NULL) return 0; - *psignid = (*rv)->sign_id; + if (psignid) + *psignid = (*rv)->sign_id; return 1; } @@ -159,7 +162,7 @@ int OBJ_add_sigid(int signid, int dig_id, int pkey_id) sigx_app = sk_nid_triple_new(sigx_cmp); if (!sigx_app) return 0; - ntr = OPENSSL_malloc(sizeof(int) * 3); + ntr = malloc(sizeof(int) * 3); if (!ntr) return 0; ntr->sign_id = signid; @@ -168,7 +171,7 @@ int OBJ_add_sigid(int signid, int dig_id, int pkey_id) if (!sk_nid_triple_push(sig_app, ntr)) { - OPENSSL_free(ntr); + free(ntr); return 0; } @@ -183,7 +186,7 @@ int OBJ_add_sigid(int signid, int dig_id, int pkey_id) static void sid_free(nid_triple *tt) { - OPENSSL_free(tt); + free(tt); } void OBJ_sigid_free(void) diff --git a/lib/libcrypto/ocsp/ocsp_ext.c b/lib/libcrypto/ocsp/ocsp_ext.c index ec884cb08f4..9c7832b3011 100644 --- a/lib/libcrypto/ocsp/ocsp_ext.c +++ b/lib/libcrypto/ocsp/ocsp_ext.c @@ -274,7 +274,7 @@ ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, if (data) { if ((i=i2d(data,NULL)) <= 0) goto err; - if (!(b=p=OPENSSL_malloc((unsigned int)i))) + if (!(b=p=malloc((unsigned int)i))) goto err; if (i2d(data, &p) <= 0) goto err; } @@ -285,7 +285,7 @@ ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE))<=0) goto err; - if (!(b=p=OPENSSL_malloc((unsigned int)i))) + if (!(b=p=malloc((unsigned int)i))) goto err; if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk,&p,(I2D_OF(ASN1_OBJECT))i2d, V_ASN1_SEQUENCE, @@ -299,10 +299,10 @@ ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, } if (!s && !(s = ASN1_STRING_new())) goto err; if (!(ASN1_STRING_set(s, b, i))) goto err; - OPENSSL_free(b); + free(b); return s; err: - if (b) OPENSSL_free(b); + if (b) free(b); return NULL; } #endif @@ -327,7 +327,7 @@ static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val, * it relies on library internals. */ os.length = ASN1_object_size(0, len, V_ASN1_OCTET_STRING); - os.data = OPENSSL_malloc(os.length); + os.data = malloc(os.length); if (os.data == NULL) goto err; tmpval = os.data; @@ -342,7 +342,7 @@ static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val, ret = 1; err: if (os.data) - OPENSSL_free(os.data); + free(os.data); return ret; } diff --git a/lib/libcrypto/ocsp/ocsp_ht.c b/lib/libcrypto/ocsp/ocsp_ht.c index af5fc16691d..17b252d6a86 100644 --- a/lib/libcrypto/ocsp/ocsp_ht.c +++ b/lib/libcrypto/ocsp/ocsp_ht.c @@ -114,8 +114,8 @@ void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx) if (rctx->mem) BIO_free(rctx->mem); if (rctx->iobuf) - OPENSSL_free(rctx->iobuf); - OPENSSL_free(rctx); + free(rctx->iobuf); + free(rctx); } int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req) @@ -157,7 +157,7 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, static const char post_hdr[] = "POST %s HTTP/1.0\r\n"; OCSP_REQ_CTX *rctx; - rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX)); + rctx = malloc(sizeof(OCSP_REQ_CTX)); rctx->state = OHS_ERROR; rctx->mem = BIO_new(BIO_s_mem()); rctx->io = io; @@ -166,7 +166,7 @@ OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, rctx->iobuflen = maxline; else rctx->iobuflen = OCSP_MAX_LINE_LEN; - rctx->iobuf = OPENSSL_malloc(rctx->iobuflen); + rctx->iobuf = malloc(rctx->iobuflen); if (!rctx->iobuf) return 0; if (!path) diff --git a/lib/libcrypto/ocsp/ocsp_lib.c b/lib/libcrypto/ocsp/ocsp_lib.c index a94dc838eec..514cdabf2d6 100644 --- a/lib/libcrypto/ocsp/ocsp_lib.c +++ b/lib/libcrypto/ocsp/ocsp_lib.c @@ -242,7 +242,7 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss if (!*phost) goto mem_err; - OPENSSL_free(buf); + free(buf); return 1; @@ -255,10 +255,10 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss err: - if (buf) OPENSSL_free(buf); - if (*ppath) OPENSSL_free(*ppath); - if (*pport) OPENSSL_free(*pport); - if (*phost) OPENSSL_free(*phost); + if (buf) free(buf); + if (*ppath) free(*ppath); + if (*pport) free(*pport); + if (*phost) free(*phost); return 0; } diff --git a/lib/libcrypto/pem/pem_info.c b/lib/libcrypto/pem/pem_info.c index cc7f24a9c1c..4351260dfb6 100644 --- a/lib/libcrypto/pem/pem_info.c +++ b/lib/libcrypto/pem/pem_info.c @@ -272,9 +272,9 @@ start: else { /* unknown */ } - if (name != NULL) OPENSSL_free(name); - if (header != NULL) OPENSSL_free(header); - if (data != NULL) OPENSSL_free(data); + if (name != NULL) free(name); + if (header != NULL) free(header); + if (data != NULL) free(data); name=NULL; header=NULL; data=NULL; @@ -303,9 +303,9 @@ err: ret=NULL; } - if (name != NULL) OPENSSL_free(name); - if (header != NULL) OPENSSL_free(header); - if (data != NULL) OPENSSL_free(data); + if (name != NULL) free(name); + if (header != NULL) free(header); + if (data != NULL) free(data); return(ret); } diff --git a/lib/libcrypto/pem/pem_lib.c b/lib/libcrypto/pem/pem_lib.c index 0dfa7c73761..aa6a4c93870 100644 --- a/lib/libcrypto/pem/pem_lib.c +++ b/lib/libcrypto/pem/pem_lib.c @@ -288,9 +288,9 @@ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char return 0; } if(check_pem(nm, name)) break; - OPENSSL_free(nm); - OPENSSL_free(header); - OPENSSL_free(data); + free(nm); + free(header); + free(data); } if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err; if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err; @@ -304,9 +304,9 @@ int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm, const char ret = 1; err: - if (!ret || !pnm) OPENSSL_free(nm); - OPENSSL_free(header); - if (!ret) OPENSSL_free(data); + if (!ret || !pnm) free(nm); + free(header); + if (!ret) free(data); return ret; } @@ -360,7 +360,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, } /* dzise + 8 bytes are needed */ /* actually it needs the cipher block size extra... */ - data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20); + data=(unsigned char *)malloc((unsigned int)dsize+20); if (data == NULL) { PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE); @@ -427,7 +427,7 @@ err: if (data != NULL) { OPENSSL_cleanse(data,(unsigned int)dsize); - OPENSSL_free(data); + free(data); } return(ret); } @@ -599,7 +599,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, goto err; } - buf = OPENSSL_malloc(PEM_BUFSIZE*8); + buf = malloc(PEM_BUFSIZE*8); if (buf == NULL) { reason=ERR_R_MALLOC_FAILURE; @@ -620,7 +620,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, EVP_EncodeFinal(&ctx,buf,&outl); if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; OPENSSL_cleanse(buf, PEM_BUFSIZE*8); - OPENSSL_free(buf); + free(buf); buf = NULL; if ( (BIO_write(bp,"-----END ",9) != 9) || (BIO_write(bp,name,nlen) != nlen) || @@ -630,7 +630,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, err: if (buf) { OPENSSL_cleanse(buf, PEM_BUFSIZE*8); - OPENSSL_free(buf); + free(buf); } PEMerr(PEM_F_PEM_WRITE_BIO,reason); return(0); @@ -809,9 +809,9 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, *header=headerB->data; *data=(unsigned char *)dataB->data; *len=bl; - OPENSSL_free(nameB); - OPENSSL_free(headerB); - OPENSSL_free(dataB); + free(nameB); + free(headerB); + free(dataB); return(1); err: BUF_MEM_free(nameB); diff --git a/lib/libcrypto/pem/pem_oth.c b/lib/libcrypto/pem/pem_oth.c index b33868d25ac..69d281aa9da 100644 --- a/lib/libcrypto/pem/pem_oth.c +++ b/lib/libcrypto/pem/pem_oth.c @@ -81,6 +81,6 @@ void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, ret=d2i(x,&p,len); if (ret == NULL) PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); - OPENSSL_free(data); + free(data); return(ret); } diff --git a/lib/libcrypto/pem/pem_pkey.c b/lib/libcrypto/pem/pem_pkey.c index ef152be2641..a3b609b2f36 100644 --- a/lib/libcrypto/pem/pem_pkey.c +++ b/lib/libcrypto/pem/pem_pkey.c @@ -131,9 +131,9 @@ p8err: if (ret == NULL) PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,ERR_R_ASN1_LIB); err: - OPENSSL_free(nm); + free(nm); OPENSSL_cleanse(data, len); - OPENSSL_free(data); + free(data); return(ret); } @@ -188,8 +188,8 @@ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x) err: if (ret == NULL) PEMerr(PEM_F_PEM_READ_BIO_PARAMETERS,ERR_R_ASN1_LIB); - OPENSSL_free(nm); - OPENSSL_free(data); + free(nm); + free(data); return(ret); } diff --git a/lib/libcrypto/pem/pem_seal.c b/lib/libcrypto/pem/pem_seal.c index b6b4e13498e..bac7b16b441 100644 --- a/lib/libcrypto/pem/pem_seal.c +++ b/lib/libcrypto/pem/pem_seal.c @@ -86,7 +86,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, j=RSA_size(pubk[i]->pkey.rsa); if (j > max) max=j; } - s=(char *)OPENSSL_malloc(max*2); + s=(char *)malloc(max*2); if (s == NULL) { PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE); @@ -114,7 +114,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, ret=npubk; err: - if (s != NULL) OPENSSL_free(s); + if (s != NULL) free(s); OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH); return(ret); } @@ -157,7 +157,7 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, } i=RSA_size(priv->pkey.rsa); if (i < 100) i=100; - s=(unsigned char *)OPENSSL_malloc(i*2); + s=(unsigned char *)malloc(i*2); if (s == NULL) { PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE); @@ -179,7 +179,7 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, err: EVP_MD_CTX_cleanup(&ctx->md); EVP_CIPHER_CTX_cleanup(&ctx->cipher); - if (s != NULL) OPENSSL_free(s); + if (s != NULL) free(s); return(ret); } #else /* !OPENSSL_NO_RSA */ diff --git a/lib/libcrypto/pem/pem_sign.c b/lib/libcrypto/pem/pem_sign.c index c3b9808cb20..cbd3cd0793c 100644 --- a/lib/libcrypto/pem/pem_sign.c +++ b/lib/libcrypto/pem/pem_sign.c @@ -82,7 +82,7 @@ int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, int i,ret=0; unsigned int m_len; - m=(unsigned char *)OPENSSL_malloc(EVP_PKEY_size(pkey)+2); + m=(unsigned char *)malloc(EVP_PKEY_size(pkey)+2); if (m == NULL) { PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE); @@ -96,7 +96,7 @@ int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, ret=1; err: /* ctx has been zeroed by EVP_SignFinal() */ - if (m != NULL) OPENSSL_free(m); + if (m != NULL) free(m); return(ret); } diff --git a/lib/libcrypto/pem/pvkfmt.c b/lib/libcrypto/pem/pvkfmt.c index d998a67fa52..8da8e77973c 100644 --- a/lib/libcrypto/pem/pvkfmt.c +++ b/lib/libcrypto/pem/pvkfmt.c @@ -93,14 +93,14 @@ static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r) unsigned char *tmpbuf, *q; unsigned int i; p = *in + nbyte - 1; - tmpbuf = OPENSSL_malloc(nbyte); + tmpbuf = malloc(nbyte); if (!tmpbuf) return 0; q = tmpbuf; for (i = 0; i < nbyte; i++) *q++ = *p--; *r = BN_bin2bn(tmpbuf, nbyte, NULL); - OPENSSL_free(tmpbuf); + free(tmpbuf); if (*r) { *in += nbyte; @@ -284,7 +284,7 @@ static EVP_PKEY *do_b2i_bio(BIO *in, int ispub) return NULL; length = blob_length(bitlen, isdss, ispub); - buf = OPENSSL_malloc(length); + buf = malloc(length); if (!buf) { PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE); @@ -304,7 +304,7 @@ static EVP_PKEY *do_b2i_bio(BIO *in, int ispub) err: if (buf) - OPENSSL_free(buf); + free(buf); return ret; } @@ -508,7 +508,7 @@ static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub) p = *out; else { - p = OPENSSL_malloc(outlen); + p = malloc(outlen); if (!p) return -1; *out = p; @@ -541,7 +541,7 @@ static int do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub) if (outlen < 0) return -1; wrlen = BIO_write(out, tmp, outlen); - OPENSSL_free(tmp); + free(tmp); if (wrlen == outlen) return outlen; return -1; @@ -662,7 +662,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length, { const unsigned char *p = *in; - unsigned int pvk_magic, keytype, is_encrypted; + unsigned int pvk_magic, is_encrypted; if (skip_magic) { if (length < 20) @@ -689,7 +689,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length, } /* Skip reserved */ p += 4; - keytype = read_ledword(&p); + /*keytype = */read_ledword(&p); is_encrypted = read_ledword(&p); *psaltlen = read_ledword(&p); *pkeylen = read_ledword(&p); @@ -709,13 +709,16 @@ static int derive_pvk_key(unsigned char *key, const unsigned char *pass, int passlen) { EVP_MD_CTX mctx; + int rv = 1; EVP_MD_CTX_init(&mctx); - EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL); - EVP_DigestUpdate(&mctx, salt, saltlen); - EVP_DigestUpdate(&mctx, pass, passlen); - EVP_DigestFinal_ex(&mctx, key, NULL); + if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL) + || !EVP_DigestUpdate(&mctx, salt, saltlen) + || !EVP_DigestUpdate(&mctx, pass, passlen) + || !EVP_DigestFinal_ex(&mctx, key, NULL)) + rv = 0; + EVP_MD_CTX_cleanup(&mctx); - return 1; + return rv; } @@ -727,11 +730,12 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, const unsigned char *p = *in; unsigned int magic; unsigned char *enctmp = NULL, *q; + EVP_CIPHER_CTX cctx; + EVP_CIPHER_CTX_init(&cctx); if (saltlen) { char psbuf[PEM_BUFSIZE]; unsigned char keybuf[20]; - EVP_CIPHER_CTX cctx; int enctmplen, inlen; if (cb) inlen=cb(psbuf,PEM_BUFSIZE,0,u); @@ -742,7 +746,7 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, PEMerr(PEM_F_DO_PVK_BODY,PEM_R_BAD_PASSWORD_READ); return NULL; } - enctmp = OPENSSL_malloc(keylen + 8); + enctmp = malloc(keylen + 8); if (!enctmp) { PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE); @@ -757,39 +761,43 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in, p += 8; inlen = keylen - 8; q = enctmp + 8; - EVP_CIPHER_CTX_init(&cctx); - EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL); - EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen); - EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen); + if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) + goto err; + if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen)) + goto err; + if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen)) + goto err; magic = read_ledword((const unsigned char **)&q); if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) { q = enctmp + 8; memset(keybuf + 5, 0, 11); - EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, - NULL); + if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, + NULL)) + goto err; OPENSSL_cleanse(keybuf, 20); - EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen); - EVP_DecryptFinal_ex(&cctx, q + enctmplen, - &enctmplen); + if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen)) + goto err; + if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, + &enctmplen)) + goto err; magic = read_ledword((const unsigned char **)&q); if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) { - EVP_CIPHER_CTX_cleanup(&cctx); PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT); goto err; } } else OPENSSL_cleanse(keybuf, 20); - EVP_CIPHER_CTX_cleanup(&cctx); p = enctmp; } ret = b2i_PrivateKey(&p, keylen); err: + EVP_CIPHER_CTX_cleanup(&cctx); if (enctmp && saltlen) - OPENSSL_free(enctmp); + free(enctmp); return ret; } @@ -811,7 +819,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u) if (!do_PVK_header(&p, 24, 0, &saltlen, &keylen)) return 0; buflen = (int) keylen + saltlen; - buf = OPENSSL_malloc(buflen); + buf = malloc(buflen); if (!buf) { PEMerr(PEM_F_B2I_PVK_BIO, ERR_R_MALLOC_FAILURE); @@ -829,7 +837,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u) if (buf) { OPENSSL_cleanse(buf, buflen); - OPENSSL_free(buf); + free(buf); } return ret; } @@ -839,8 +847,10 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u) static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel, pem_password_cb *cb, void *u) { - int outlen = 24, noinc, pklen; + int outlen = 24, pklen; unsigned char *p, *salt = NULL; + EVP_CIPHER_CTX cctx; + EVP_CIPHER_CTX_init(&cctx); if (enclevel) outlen += PVK_SALTLEN; pklen = do_i2b(NULL, pk, 0); @@ -850,20 +860,16 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel, if (!out) return outlen; if (*out) - { p = *out; - noinc = 0; - } else { - p = OPENSSL_malloc(outlen); + p = malloc(outlen); if (!p) { PEMerr(PEM_F_I2B_PVK,ERR_R_MALLOC_FAILURE); return -1; } *out = p; - noinc = 1; } write_ledword(&p, MS_PVKMAGIC); @@ -889,7 +895,6 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel, { char psbuf[PEM_BUFSIZE]; unsigned char keybuf[20]; - EVP_CIPHER_CTX cctx; int enctmplen, inlen; if (cb) inlen=cb(psbuf,PEM_BUFSIZE,1,u); @@ -906,16 +911,19 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel, if (enclevel == 1) memset(keybuf + 5, 0, 11); p = salt + PVK_SALTLEN + 8; - EVP_CIPHER_CTX_init(&cctx); - EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL); + if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL)) + goto error; OPENSSL_cleanse(keybuf, 20); - EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8); - EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen); - EVP_CIPHER_CTX_cleanup(&cctx); + if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8)) + goto error; + if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen)) + goto error; } + EVP_CIPHER_CTX_cleanup(&cctx); return outlen; error: + EVP_CIPHER_CTX_cleanup(&cctx); return -1; } @@ -928,7 +936,7 @@ int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, if (outlen < 0) return -1; wrlen = BIO_write(out, tmp, outlen); - OPENSSL_free(tmp); + free(tmp); if (wrlen == outlen) { PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE); diff --git a/lib/libcrypto/pkcs12/p12_decr.c b/lib/libcrypto/pkcs12/p12_decr.c index 9d3557e8d7e..9a73c218660 100644 --- a/lib/libcrypto/pkcs12/p12_decr.c +++ b/lib/libcrypto/pkcs12/p12_decr.c @@ -65,7 +65,7 @@ /* Encrypt/Decrypt a buffer based on password and algor, result in a - * OPENSSL_malloc'ed buffer + * malloc'ed buffer */ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, @@ -84,14 +84,14 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, return NULL; } - if(!(out = OPENSSL_malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { + if(!(out = malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_MALLOC_FAILURE); goto err; } if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen)) { - OPENSSL_free(out); + free(out); out = NULL; PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_EVP_LIB); goto err; @@ -99,7 +99,7 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, outlen = i; if(!EVP_CipherFinal_ex(&ctx, out + i, &i)) { - OPENSSL_free(out); + free(out); out = NULL; PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_CIPHERFINAL_ERROR); goto err; @@ -146,7 +146,7 @@ void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, ret = ASN1_item_d2i(NULL, &p, outlen, it); if (zbuf) OPENSSL_cleanse(out, outlen); if(!ret) PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); - OPENSSL_free(out); + free(out); return ret; } @@ -173,11 +173,11 @@ ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *i if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data, &oct->length, 1)) { PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR); - OPENSSL_free(in); + free(in); return NULL; } if (zbuf) OPENSSL_cleanse(in, inlen); - OPENSSL_free(in); + free(in); return oct; } diff --git a/lib/libcrypto/pkcs12/p12_key.c b/lib/libcrypto/pkcs12/p12_key.c index 61d58502fd1..b3672a95e50 100644 --- a/lib/libcrypto/pkcs12/p12_key.c +++ b/lib/libcrypto/pkcs12/p12_key.c @@ -95,7 +95,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, return 0; if(unipass) { OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */ - OPENSSL_free(unipass); + free(unipass); } return ret; } @@ -135,14 +135,14 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, u = EVP_MD_size (md_type); if (u < 0) return 0; - D = OPENSSL_malloc (v); - Ai = OPENSSL_malloc (u); - B = OPENSSL_malloc (v + 1); + D = malloc (v); + Ai = malloc (u); + B = malloc (v + 1); Slen = v * ((saltlen+v-1)/v); if(passlen) Plen = v * ((passlen+v-1)/v); else Plen = 0; Ilen = Slen + Plen; - I = OPENSSL_malloc (Ilen); + I = malloc (Ilen); Ij = BN_new(); Bpl1 = BN_new(); if (!D || !Ai || !B || !I || !Ij || !Bpl1) @@ -209,10 +209,10 @@ err: PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE); end: - OPENSSL_free (Ai); - OPENSSL_free (B); - OPENSSL_free (D); - OPENSSL_free (I); + free (Ai); + free (B); + free (D); + free (I); BN_free (Ij); BN_free (Bpl1); EVP_MD_CTX_cleanup(&ctx); diff --git a/lib/libcrypto/pkcs12/p12_kiss.c b/lib/libcrypto/pkcs12/p12_kiss.c index 206b1b0b18a..bc1fcff45df 100644 --- a/lib/libcrypto/pkcs12/p12_kiss.c +++ b/lib/libcrypto/pkcs12/p12_kiss.c @@ -271,7 +271,7 @@ static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, len = ASN1_STRING_to_UTF8(&data, fname); if(len > 0) { r = X509_alias_set1(x509, data, len); - OPENSSL_free(data); + free(data); if (!r) { X509_free(x509); diff --git a/lib/libcrypto/pkcs12/p12_mutl.c b/lib/libcrypto/pkcs12/p12_mutl.c index 96de1bd11e7..98128e31cb4 100644 --- a/lib/libcrypto/pkcs12/p12_mutl.c +++ b/lib/libcrypto/pkcs12/p12_mutl.c @@ -169,7 +169,7 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, } if (!saltlen) saltlen = PKCS12_SALT_LEN; p12->mac->salt->length = saltlen; - if (!(p12->mac->salt->data = OPENSSL_malloc (saltlen))) { + if (!(p12->mac->salt->data = malloc (saltlen))) { PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); return 0; } diff --git a/lib/libcrypto/pkcs12/p12_utl.c b/lib/libcrypto/pkcs12/p12_utl.c index 59c6f453f6e..9c580361690 100644 --- a/lib/libcrypto/pkcs12/p12_utl.c +++ b/lib/libcrypto/pkcs12/p12_utl.c @@ -68,7 +68,7 @@ unsigned char *OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, unsigned char *unitmp; if (asclen == -1) asclen = strlen(asc); ulen = asclen*2 + 2; - if (!(unitmp = OPENSSL_malloc(ulen))) return NULL; + if (!(unitmp = malloc(ulen))) return NULL; for (i = 0; i < ulen - 2; i+=2) { unitmp[i] = 0; unitmp[i + 1] = asc[i>>1]; @@ -89,7 +89,7 @@ char *OPENSSL_uni2asc(unsigned char *uni, int unilen) /* If no terminating zero allow for one */ if (!unilen || uni[unilen - 1]) asclen++; uni++; - if (!(asctmp = OPENSSL_malloc(asclen))) return NULL; + if (!(asctmp = malloc(asclen))) return NULL; for (i = 0; i < unilen; i+=2) asctmp[i>>1] = uni[i]; asctmp[asclen - 1] = 0; return asctmp; diff --git a/lib/libcrypto/pkcs7/bio_ber.c b/lib/libcrypto/pkcs7/bio_ber.c index 31973fcd1fc..04dc5c9b966 100644 --- a/lib/libcrypto/pkcs7/bio_ber.c +++ b/lib/libcrypto/pkcs7/bio_ber.c @@ -128,7 +128,7 @@ static int ber_new(BIO *bi) { BIO_BER_CTX *ctx; - ctx=(BIO_BER_CTX *)OPENSSL_malloc(sizeof(BIO_BER_CTX)); + ctx=(BIO_BER_CTX *)malloc(sizeof(BIO_BER_CTX)); if (ctx == NULL) return(0); memset((char *)ctx,0,sizeof(BIO_BER_CTX)); @@ -146,7 +146,7 @@ static int ber_free(BIO *a) if (a == NULL) return(0); b=(BIO_BER_CTX *)a->ptr; OPENSSL_cleanse(a->ptr,sizeof(BIO_BER_CTX)); - OPENSSL_free(a->ptr); + free(a->ptr); a->ptr=NULL; a->init=0; a->flags=0; diff --git a/lib/libcrypto/pkcs7/pk7_doit.c b/lib/libcrypto/pkcs7/pk7_doit.c index 77fda3b82a0..396a863f3bb 100644 --- a/lib/libcrypto/pkcs7/pk7_doit.c +++ b/lib/libcrypto/pkcs7/pk7_doit.c @@ -169,7 +169,7 @@ static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0) goto err; - ek = OPENSSL_malloc(eklen); + ek = malloc(eklen); if (ek == NULL) { @@ -191,7 +191,7 @@ static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, if (pctx) EVP_PKEY_CTX_free(pctx); if (ek) - OPENSSL_free(ek); + free(ek); return ret; } @@ -224,7 +224,7 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, ri->enc_key->data, ri->enc_key->length) <= 0) goto err; - ek = OPENSSL_malloc(eklen); + ek = malloc(eklen); if (ek == NULL) { @@ -245,7 +245,7 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, if (*pek) { OPENSSL_cleanse(*pek, *peklen); - OPENSSL_free(*pek); + free(*pek); } *pek = ek; @@ -255,7 +255,7 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, if (pctx) EVP_PKEY_CTX_free(pctx); if (!ret && ek) - OPENSSL_free(ek); + free(ek); return ret; } @@ -573,7 +573,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) goto err; /* Generate random key as MMA defence */ tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx); - tkey = OPENSSL_malloc(tkeylen); + tkey = malloc(tkeylen); if (!tkey) goto err; if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0) @@ -594,7 +594,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) { /* Use random key as MMA defence */ OPENSSL_cleanse(ek, eklen); - OPENSSL_free(ek); + free(ek); ek = tkey; eklen = tkeylen; tkey = NULL; @@ -608,13 +608,13 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) if (ek) { OPENSSL_cleanse(ek,eklen); - OPENSSL_free(ek); + free(ek); ek = NULL; } if (tkey) { OPENSSL_cleanse(tkey,tkeylen); - OPENSSL_free(tkey); + free(tkey); tkey = NULL; } @@ -661,12 +661,12 @@ err: if (ek) { OPENSSL_cleanse(ek,eklen); - OPENSSL_free(ek); + free(ek); } if (tkey) { OPENSSL_cleanse(tkey,tkeylen); - OPENSSL_free(tkey); + free(tkey); } if (out != NULL) BIO_free_all(out); if (btmp != NULL) BIO_free_all(btmp); @@ -846,7 +846,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) unsigned char *abuf = NULL; unsigned int abuflen; abuflen = EVP_PKEY_size(si->pkey); - abuf = OPENSSL_malloc(abuflen); + abuf = malloc(abuflen); if (!abuf) goto err; @@ -927,10 +927,10 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) goto err; if (EVP_DigestSignUpdate(&mctx,abuf,alen) <= 0) goto err; - OPENSSL_free(abuf); + free(abuf); if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0) goto err; - abuf = OPENSSL_malloc(siglen); + abuf = malloc(siglen); if(!abuf) goto err; if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0) @@ -951,7 +951,7 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) err: if (abuf) - OPENSSL_free(abuf); + free(abuf); EVP_MD_CTX_cleanup(&mctx); return 0; @@ -1113,7 +1113,7 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n"); if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen)) goto err; - OPENSSL_free(abuf); + free(abuf); } os=si->enc_digest; diff --git a/lib/libcrypto/pqueue/pqueue.c b/lib/libcrypto/pqueue/pqueue.c index 5cc18527f8d..3ca8e049e40 100644 --- a/lib/libcrypto/pqueue/pqueue.c +++ b/lib/libcrypto/pqueue/pqueue.c @@ -68,13 +68,12 @@ typedef struct _pqueue } pqueue_s; pitem * -pitem_new(PQ_64BIT priority, void *data) +pitem_new(unsigned char *prio64be, void *data) { - pitem *item = (pitem *) OPENSSL_malloc(sizeof(pitem)); + pitem *item = (pitem *) malloc(sizeof(pitem)); if (item == NULL) return NULL; - pq_64bit_init(&(item->priority)); - pq_64bit_assign(&item->priority, &priority); + memcpy(item->priority,prio64be,sizeof(item->priority)); item->data = data; item->next = NULL; @@ -87,14 +86,13 @@ pitem_free(pitem *item) { if (item == NULL) return; - pq_64bit_free(&(item->priority)); - OPENSSL_free(item); + free(item); } pqueue_s * pqueue_new() { - pqueue_s *pq = (pqueue_s *) OPENSSL_malloc(sizeof(pqueue_s)); + pqueue_s *pq = (pqueue_s *) malloc(sizeof(pqueue_s)); if (pq == NULL) return NULL; memset(pq, 0x00, sizeof(pqueue_s)); @@ -106,7 +104,7 @@ pqueue_free(pqueue_s *pq) { if (pq == NULL) return; - OPENSSL_free(pq); + free(pq); } pitem * @@ -124,7 +122,10 @@ pqueue_insert(pqueue_s *pq, pitem *item) next != NULL; curr = next, next = next->next) { - if (pq_64bit_gt(&(next->priority), &(item->priority))) + /* we can compare 64-bit value in big-endian encoding + * with memcmp:-) */ + int cmp = memcmp(next->priority, item->priority,8); + if (cmp > 0) /* next > item */ { item->next = next; @@ -135,8 +136,8 @@ pqueue_insert(pqueue_s *pq, pitem *item) return item; } - /* duplicates not allowed */ - if (pq_64bit_eq(&(item->priority), &(next->priority))) + + else if (cmp == 0) /* duplicates not allowed */ return NULL; } @@ -164,18 +165,17 @@ pqueue_pop(pqueue_s *pq) } pitem * -pqueue_find(pqueue_s *pq, PQ_64BIT priority) +pqueue_find(pqueue_s *pq, unsigned char *prio64be) { - pitem *next, *prev = NULL; + pitem *next; pitem *found = NULL; if ( pq->items == NULL) return NULL; - for ( next = pq->items; next->next != NULL; - prev = next, next = next->next) + for ( next = pq->items; next->next != NULL; next = next->next) { - if ( pq_64bit_eq(&(next->priority), &priority)) + if ( memcmp(next->priority, prio64be,8) == 0) { found = next; break; @@ -183,7 +183,7 @@ pqueue_find(pqueue_s *pq, PQ_64BIT priority) } /* check the one last node */ - if ( pq_64bit_eq(&(next->priority), &priority)) + if ( memcmp(next->priority, prio64be,8) ==0) found = next; if ( ! found) @@ -199,7 +199,6 @@ pqueue_find(pqueue_s *pq, PQ_64BIT priority) return found; } -#if PQ_64BIT_IS_INTEGER void pqueue_print(pqueue_s *pq) { @@ -207,11 +206,14 @@ pqueue_print(pqueue_s *pq) while(item != NULL) { - printf("item\t" PQ_64BIT_PRINT "\n", item->priority); + printf("item\t%02x%02x%02x%02x%02x%02x%02x%02x\n", + item->priority[0],item->priority[1], + item->priority[2],item->priority[3], + item->priority[4],item->priority[5], + item->priority[6],item->priority[7]); item = item->next; } } -#endif pitem * pqueue_iterator(pqueue_s *pq) @@ -234,3 +236,17 @@ pqueue_next(pitem **item) return ret; } + +int +pqueue_size(pqueue_s *pq) +{ + pitem *item = pq->items; + int count = 0; + + while(item != NULL) + { + count++; + item = item->next; + } + return count; +} diff --git a/lib/libcrypto/rsa/rsa_ameth.c b/lib/libcrypto/rsa/rsa_ameth.c index 8c3209885ea..fdd11835ad9 100644 --- a/lib/libcrypto/rsa/rsa_ameth.c +++ b/lib/libcrypto/rsa/rsa_ameth.c @@ -78,7 +78,7 @@ static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) V_ASN1_NULL, NULL, penc, penclen)) return 1; - OPENSSL_free(penc); + free(penc); return 0; } @@ -201,7 +201,7 @@ static int do_rsa_print(BIO *bp, const RSA *x, int off, int priv) update_buflen(x->iqmp, &buf_len); } - m=(unsigned char *)OPENSSL_malloc(buf_len+10); + m=(unsigned char *)malloc(buf_len+10); if (m == NULL) { RSAerr(RSA_F_DO_RSA_PRINT,ERR_R_MALLOC_FAILURE); @@ -248,7 +248,7 @@ static int do_rsa_print(BIO *bp, const RSA *x, int off, int priv) } ret=1; err: - if (m != NULL) OPENSSL_free(m); + if (m != NULL) free(m); return(ret); } @@ -265,6 +265,147 @@ static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, return do_rsa_print(bp, pkey->pkey.rsa, indent, 1); } +static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg, + X509_ALGOR **pmaskHash) + { + const unsigned char *p; + int plen; + RSA_PSS_PARAMS *pss; + + *pmaskHash = NULL; + + if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE) + return NULL; + p = alg->parameter->value.sequence->data; + plen = alg->parameter->value.sequence->length; + pss = d2i_RSA_PSS_PARAMS(NULL, &p, plen); + + if (!pss) + return NULL; + + if (pss->maskGenAlgorithm) + { + ASN1_TYPE *param = pss->maskGenAlgorithm->parameter; + if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1 + && param->type == V_ASN1_SEQUENCE) + { + p = param->value.sequence->data; + plen = param->value.sequence->length; + *pmaskHash = d2i_X509_ALGOR(NULL, &p, plen); + } + } + + return pss; + } + +static int rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss, + X509_ALGOR *maskHash, int indent) + { + int rv = 0; + if (!pss) + { + if (BIO_puts(bp, " (INVALID PSS PARAMETERS)\n") <= 0) + return 0; + return 1; + } + if (BIO_puts(bp, "\n") <= 0) + goto err; + if (!BIO_indent(bp, indent, 128)) + goto err; + if (BIO_puts(bp, "Hash Algorithm: ") <= 0) + goto err; + + if (pss->hashAlgorithm) + { + if (i2a_ASN1_OBJECT(bp, pss->hashAlgorithm->algorithm) <= 0) + goto err; + } + else if (BIO_puts(bp, "sha1 (default)") <= 0) + goto err; + + if (BIO_puts(bp, "\n") <= 0) + goto err; + + if (!BIO_indent(bp, indent, 128)) + goto err; + + if (BIO_puts(bp, "Mask Algorithm: ") <= 0) + goto err; + if (pss->maskGenAlgorithm) + { + if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0) + goto err; + if (BIO_puts(bp, " with ") <= 0) + goto err; + if (maskHash) + { + if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0) + goto err; + } + else if (BIO_puts(bp, "INVALID") <= 0) + goto err; + } + else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0) + goto err; + BIO_puts(bp, "\n"); + + if (!BIO_indent(bp, indent, 128)) + goto err; + if (BIO_puts(bp, "Salt Length: 0x") <= 0) + goto err; + if (pss->saltLength) + { + if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0) + goto err; + } + else if (BIO_puts(bp, "0x14 (default)") <= 0) + goto err; + BIO_puts(bp, "\n"); + + if (!BIO_indent(bp, indent, 128)) + goto err; + if (BIO_puts(bp, "Trailer Field: 0x") <= 0) + goto err; + if (pss->trailerField) + { + if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0) + goto err; + } + else if (BIO_puts(bp, "BC (default)") <= 0) + goto err; + BIO_puts(bp, "\n"); + + rv = 1; + + err: + return rv; + + } + +static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, + const ASN1_STRING *sig, + int indent, ASN1_PCTX *pctx) + { + if (OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss) + { + int rv; + RSA_PSS_PARAMS *pss; + X509_ALGOR *maskHash; + pss = rsa_pss_decode(sigalg, &maskHash); + rv = rsa_pss_param_print(bp, pss, maskHash, indent); + if (pss) + RSA_PSS_PARAMS_free(pss); + if (maskHash) + X509_ALGOR_free(maskHash); + if (!rv) + return 0; + } + else if (!sig && BIO_puts(bp, "\n") <= 0) + return 0; + if (sig) + return X509_signature_dump(bp, sig, indent); + return 1; + } static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) { @@ -310,6 +451,211 @@ static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) } +/* Customised RSA item verification routine. This is called + * when a signature is encountered requiring special handling. We + * currently only handle PSS. + */ + + +static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, + X509_ALGOR *sigalg, ASN1_BIT_STRING *sig, + EVP_PKEY *pkey) + { + int rv = -1; + int saltlen; + const EVP_MD *mgf1md = NULL, *md = NULL; + RSA_PSS_PARAMS *pss; + X509_ALGOR *maskHash; + EVP_PKEY_CTX *pkctx; + /* Sanity check: make sure it is PSS */ + if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) + { + RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE); + return -1; + } + /* Decode PSS parameters */ + pss = rsa_pss_decode(sigalg, &maskHash); + + if (pss == NULL) + { + RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_PSS_PARAMETERS); + goto err; + } + /* Check mask and lookup mask hash algorithm */ + if (pss->maskGenAlgorithm) + { + if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) != NID_mgf1) + { + RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_MASK_ALGORITHM); + goto err; + } + if (!maskHash) + { + RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_MASK_PARAMETER); + goto err; + } + mgf1md = EVP_get_digestbyobj(maskHash->algorithm); + if (mgf1md == NULL) + { + RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNKNOWN_MASK_DIGEST); + goto err; + } + } + else + mgf1md = EVP_sha1(); + + if (pss->hashAlgorithm) + { + md = EVP_get_digestbyobj(pss->hashAlgorithm->algorithm); + if (md == NULL) + { + RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNKNOWN_PSS_DIGEST); + goto err; + } + } + else + md = EVP_sha1(); + + if (pss->saltLength) + { + saltlen = ASN1_INTEGER_get(pss->saltLength); + + /* Could perform more salt length sanity checks but the main + * RSA routines will trap other invalid values anyway. + */ + if (saltlen < 0) + { + RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_SALT_LENGTH); + goto err; + } + } + else + saltlen = 20; + + /* low-level routines support only trailer field 0xbc (value 1) + * and PKCS#1 says we should reject any other value anyway. + */ + if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1) + { + RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_TRAILER); + goto err; + } + + /* We have all parameters now set up context */ + + if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey)) + goto err; + + if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING) <= 0) + goto err; + + if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkctx, saltlen) <= 0) + goto err; + + if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0) + goto err; + /* Carry on */ + rv = 2; + + err: + RSA_PSS_PARAMS_free(pss); + if (maskHash) + X509_ALGOR_free(maskHash); + return rv; + } + +static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, + X509_ALGOR *alg1, X509_ALGOR *alg2, + ASN1_BIT_STRING *sig) + { + int pad_mode; + EVP_PKEY_CTX *pkctx = ctx->pctx; + if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0) + return 0; + if (pad_mode == RSA_PKCS1_PADDING) + return 2; + if (pad_mode == RSA_PKCS1_PSS_PADDING) + { + const EVP_MD *sigmd, *mgf1md; + RSA_PSS_PARAMS *pss = NULL; + X509_ALGOR *mgf1alg = NULL; + ASN1_STRING *os1 = NULL, *os2 = NULL; + EVP_PKEY *pk = EVP_PKEY_CTX_get0_pkey(pkctx); + int saltlen, rv = 0; + sigmd = EVP_MD_CTX_md(ctx); + if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0) + goto err; + if (!EVP_PKEY_CTX_get_rsa_pss_saltlen(pkctx, &saltlen)) + goto err; + if (saltlen == -1) + saltlen = EVP_MD_size(sigmd); + else if (saltlen == -2) + { + saltlen = EVP_PKEY_size(pk) - EVP_MD_size(sigmd) - 2; + if (((EVP_PKEY_bits(pk) - 1) & 0x7) == 0) + saltlen--; + } + pss = RSA_PSS_PARAMS_new(); + if (!pss) + goto err; + if (saltlen != 20) + { + pss->saltLength = ASN1_INTEGER_new(); + if (!pss->saltLength) + goto err; + if (!ASN1_INTEGER_set(pss->saltLength, saltlen)) + goto err; + } + if (EVP_MD_type(sigmd) != NID_sha1) + { + pss->hashAlgorithm = X509_ALGOR_new(); + if (!pss->hashAlgorithm) + goto err; + X509_ALGOR_set_md(pss->hashAlgorithm, sigmd); + } + if (EVP_MD_type(mgf1md) != NID_sha1) + { + ASN1_STRING *stmp = NULL; + /* need to embed algorithm ID inside another */ + mgf1alg = X509_ALGOR_new(); + X509_ALGOR_set_md(mgf1alg, mgf1md); + if (!ASN1_item_pack(mgf1alg, ASN1_ITEM_rptr(X509_ALGOR), + &stmp)) + goto err; + pss->maskGenAlgorithm = X509_ALGOR_new(); + if (!pss->maskGenAlgorithm) + goto err; + X509_ALGOR_set0(pss->maskGenAlgorithm, + OBJ_nid2obj(NID_mgf1), + V_ASN1_SEQUENCE, stmp); + } + /* Finally create string with pss parameter encoding. */ + if (!ASN1_item_pack(pss, ASN1_ITEM_rptr(RSA_PSS_PARAMS), &os1)) + goto err; + if (alg2) + { + os2 = ASN1_STRING_dup(os1); + if (!os2) + goto err; + X509_ALGOR_set0(alg2, OBJ_nid2obj(NID_rsassaPss), + V_ASN1_SEQUENCE, os2); + } + X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_rsassaPss), + V_ASN1_SEQUENCE, os1); + os1 = os2 = NULL; + rv = 3; + err: + if (mgf1alg) + X509_ALGOR_free(mgf1alg); + if (pss) + RSA_PSS_PARAMS_free(pss); + if (os1) + ASN1_STRING_free(os1); + return rv; + + } + return 2; + } const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = { @@ -335,10 +681,13 @@ const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = 0,0,0,0,0,0, + rsa_sig_print, int_rsa_free, rsa_pkey_ctrl, old_rsa_priv_decode, - old_rsa_priv_encode + old_rsa_priv_encode, + rsa_item_verify, + rsa_item_sign }, { diff --git a/lib/libcrypto/rsa/rsa_eay.c b/lib/libcrypto/rsa/rsa_eay.c index 88ee2cb557f..dcf0c16a8f6 100644 --- a/lib/libcrypto/rsa/rsa_eay.c +++ b/lib/libcrypto/rsa/rsa_eay.c @@ -185,7 +185,7 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from, f = BN_CTX_get(ctx); ret = BN_CTX_get(ctx); num=BN_num_bytes(rsa->n); - buf = OPENSSL_malloc(num); + buf = malloc(num); if (!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); @@ -247,7 +247,7 @@ err: if (buf != NULL) { OPENSSL_cleanse(buf,num); - OPENSSL_free(buf); + free(buf); } return(r); } @@ -366,7 +366,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, f = BN_CTX_get(ctx); ret = BN_CTX_get(ctx); num = BN_num_bytes(rsa->n); - buf = OPENSSL_malloc(num); + buf = malloc(num); if(!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); @@ -484,7 +484,7 @@ err: if (buf != NULL) { OPENSSL_cleanse(buf,num); - OPENSSL_free(buf); + free(buf); } return(r); } @@ -509,7 +509,7 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, f = BN_CTX_get(ctx); ret = BN_CTX_get(ctx); num = BN_num_bytes(rsa->n); - buf = OPENSSL_malloc(num); + buf = malloc(num); if(!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); @@ -624,7 +624,7 @@ err: if (buf != NULL) { OPENSSL_cleanse(buf,num); - OPENSSL_free(buf); + free(buf); } return(r); } @@ -666,7 +666,7 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, f = BN_CTX_get(ctx); ret = BN_CTX_get(ctx); num=BN_num_bytes(rsa->n); - buf = OPENSSL_malloc(num); + buf = malloc(num); if(!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); @@ -729,7 +729,7 @@ err: if (buf != NULL) { OPENSSL_cleanse(buf,num); - OPENSSL_free(buf); + free(buf); } return(r); } diff --git a/lib/libcrypto/rsa/rsa_lib.c b/lib/libcrypto/rsa/rsa_lib.c index 9e3f7dafcda..e99a3627dc7 100644 --- a/lib/libcrypto/rsa/rsa_lib.c +++ b/lib/libcrypto/rsa/rsa_lib.c @@ -125,7 +125,7 @@ RSA *RSA_new_method(ENGINE *engine) { RSA *ret; - ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); + ret=(RSA *)malloc(sizeof(RSA)); if (ret == NULL) { RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -139,7 +139,7 @@ RSA *RSA_new_method(ENGINE *engine) if (!ENGINE_init(engine)) { RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); - OPENSSL_free(ret); + free(ret); return NULL; } ret->engine = engine; @@ -154,7 +154,7 @@ RSA *RSA_new_method(ENGINE *engine) RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); ENGINE_finish(ret->engine); - OPENSSL_free(ret); + free(ret); return NULL; } } @@ -184,7 +184,7 @@ RSA *RSA_new_method(ENGINE *engine) if (ret->engine) ENGINE_finish(ret->engine); #endif - OPENSSL_free(ret); + free(ret); return(NULL); } @@ -195,7 +195,7 @@ RSA *RSA_new_method(ENGINE *engine) ENGINE_finish(ret->engine); #endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); - OPENSSL_free(ret); + free(ret); ret=NULL; } return(ret); @@ -240,7 +240,7 @@ void RSA_free(RSA *r) if (r->blinding != NULL) BN_BLINDING_free(r->blinding); if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding); if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); - OPENSSL_free(r); + free(r); } int RSA_up_ref(RSA *r) diff --git a/lib/libcrypto/rsa/rsa_oaep.c b/lib/libcrypto/rsa/rsa_oaep.c index af4d24a56ef..a107e89b81c 100644 --- a/lib/libcrypto/rsa/rsa_oaep.c +++ b/lib/libcrypto/rsa/rsa_oaep.c @@ -70,7 +70,7 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, 20); #endif - dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH); + dbmask = malloc(emlen - SHA_DIGEST_LENGTH); if (dbmask == NULL) { RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); @@ -87,7 +87,7 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, for (i = 0; i < SHA_DIGEST_LENGTH; i++) seed[i] ^= seedmask[i]; - OPENSSL_free(dbmask); + free(dbmask); return 1; } @@ -121,7 +121,7 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, } dblen = num - SHA_DIGEST_LENGTH; - db = OPENSSL_malloc(dblen + num); + db = malloc(dblen + num); if (db == NULL) { RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); @@ -172,14 +172,14 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, memcpy(to, db + i, mlen); } } - OPENSSL_free(db); + free(db); return mlen; decoding_err: /* to avoid chosen ciphertext attacks, the error message should not reveal * which kind of decoding error happened */ RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR); - if (db != NULL) OPENSSL_free(db); + if (db != NULL) free(db); return -1; } diff --git a/lib/libcrypto/rsa/rsa_pmeth.c b/lib/libcrypto/rsa/rsa_pmeth.c index d706d35ff6b..adec632b3bf 100644 --- a/lib/libcrypto/rsa/rsa_pmeth.c +++ b/lib/libcrypto/rsa/rsa_pmeth.c @@ -93,7 +93,7 @@ typedef struct static int pkey_rsa_init(EVP_PKEY_CTX *ctx) { RSA_PKEY_CTX *rctx; - rctx = OPENSSL_malloc(sizeof(RSA_PKEY_CTX)); + rctx = malloc(sizeof(RSA_PKEY_CTX)); if (!rctx) return 0; rctx->nbits = 1024; @@ -135,7 +135,7 @@ static int setup_tbuf(RSA_PKEY_CTX *ctx, EVP_PKEY_CTX *pk) { if (ctx->tbuf) return 1; - ctx->tbuf = OPENSSL_malloc(EVP_PKEY_size(pk->pkey)); + ctx->tbuf = malloc(EVP_PKEY_size(pk->pkey)); if (!ctx->tbuf) return 0; return 1; @@ -149,8 +149,8 @@ static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx) if (rctx->pub_exp) BN_free(rctx->pub_exp); if (rctx->tbuf) - OPENSSL_free(rctx->tbuf); - OPENSSL_free(rctx); + free(rctx->tbuf); + free(rctx); } } static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, diff --git a/lib/libcrypto/rsa/rsa_pss.c b/lib/libcrypto/rsa/rsa_pss.c index 2815628f5f7..75e8c185335 100644 --- a/lib/libcrypto/rsa/rsa_pss.c +++ b/lib/libcrypto/rsa/rsa_pss.c @@ -1,5 +1,5 @@ /* rsa_pss.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ /* ==================================================================== @@ -64,11 +64,22 @@ #include <openssl/rand.h> #include <openssl/sha.h> -const static unsigned char zeroes[] = {0,0,0,0,0,0,0,0}; +static const unsigned char zeroes[] = {0,0,0,0,0,0,0,0}; + +#if defined(_MSC_VER) && defined(_ARM_) +#pragma optimize("g", off) +#endif int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, const EVP_MD *Hash, const unsigned char *EM, int sLen) { + return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, NULL, EM, sLen); + } + +int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, + const EVP_MD *Hash, const EVP_MD *mgf1Hash, + const unsigned char *EM, int sLen) + { int i; int ret = 0; int hLen, maskedDBLen, MSBits, emLen; @@ -76,8 +87,14 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, unsigned char *DB = NULL; EVP_MD_CTX ctx; unsigned char H_[EVP_MAX_MD_SIZE]; + EVP_MD_CTX_init(&ctx); + + if (mgf1Hash == NULL) + mgf1Hash = Hash; hLen = EVP_MD_size(Hash); + if (hLen < 0) + goto err; /* * Negative sLen has special meanings: * -1 sLen == hLen @@ -88,7 +105,7 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, else if (sLen == -2) sLen = -2; else if (sLen < -2) { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED); goto err; } @@ -96,7 +113,7 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, emLen = RSA_size(rsa); if (EM[0] & (0xFF << MSBits)) { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_FIRST_OCTET_INVALID); + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_FIRST_OCTET_INVALID); goto err; } if (MSBits == 0) @@ -106,23 +123,24 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, } if (emLen < (hLen + sLen + 2)) /* sLen can be small negative */ { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_DATA_TOO_LARGE); + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_DATA_TOO_LARGE); goto err; } if (EM[emLen - 1] != 0xbc) { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_LAST_OCTET_INVALID); + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_LAST_OCTET_INVALID); goto err; } maskedDBLen = emLen - hLen - 1; H = EM + maskedDBLen; - DB = OPENSSL_malloc(maskedDBLen); + DB = malloc(maskedDBLen); if (!DB) { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, ERR_R_MALLOC_FAILURE); + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, ERR_R_MALLOC_FAILURE); goto err; } - PKCS1_MGF1(DB, maskedDBLen, H, hLen, Hash); + if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0) + goto err; for (i = 0; i < maskedDBLen; i++) DB[i] ^= EM[i]; if (MSBits) @@ -130,25 +148,28 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, for (i = 0; DB[i] == 0 && i < (maskedDBLen-1); i++) ; if (DB[i++] != 0x1) { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_RECOVERY_FAILED); + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_RECOVERY_FAILED); goto err; } if (sLen >= 0 && (maskedDBLen - i) != sLen) { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED); goto err; } - EVP_MD_CTX_init(&ctx); - EVP_DigestInit_ex(&ctx, Hash, NULL); - EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes); - EVP_DigestUpdate(&ctx, mHash, hLen); + if (!EVP_DigestInit_ex(&ctx, Hash, NULL) + || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) + || !EVP_DigestUpdate(&ctx, mHash, hLen)) + goto err; if (maskedDBLen - i) - EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i); - EVP_DigestFinal(&ctx, H_, NULL); - EVP_MD_CTX_cleanup(&ctx); + { + if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i)) + goto err; + } + if (!EVP_DigestFinal_ex(&ctx, H_, NULL)) + goto err; if (memcmp(H_, H, hLen)) { - RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_SIGNATURE); + RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_BAD_SIGNATURE); ret = 0; } else @@ -156,7 +177,8 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, err: if (DB) - OPENSSL_free(DB); + free(DB); + EVP_MD_CTX_cleanup(&ctx); return ret; @@ -166,13 +188,25 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, const unsigned char *mHash, const EVP_MD *Hash, int sLen) { + return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, NULL, sLen); + } + +int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, + const unsigned char *mHash, + const EVP_MD *Hash, const EVP_MD *mgf1Hash, int sLen) + { int i; int ret = 0; int hLen, maskedDBLen, MSBits, emLen; unsigned char *H, *salt = NULL, *p; EVP_MD_CTX ctx; + if (mgf1Hash == NULL) + mgf1Hash = Hash; + hLen = EVP_MD_size(Hash); + if (hLen < 0) + goto err; /* * Negative sLen has special meanings: * -1 sLen == hLen @@ -183,7 +217,7 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, else if (sLen == -2) sLen = -2; else if (sLen < -2) { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED); + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED); goto err; } @@ -200,35 +234,36 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, } else if (emLen < (hLen + sLen + 2)) { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); goto err; } if (sLen > 0) { - salt = OPENSSL_malloc(sLen); + salt = malloc(sLen); if (!salt) { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS, - ERR_R_MALLOC_FAILURE); + RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,ERR_R_MALLOC_FAILURE); goto err; } - if (!RAND_bytes(salt, sLen)) + if (RAND_bytes(salt, sLen) <= 0) goto err; } maskedDBLen = emLen - hLen - 1; H = EM + maskedDBLen; EVP_MD_CTX_init(&ctx); - EVP_DigestInit_ex(&ctx, Hash, NULL); - EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes); - EVP_DigestUpdate(&ctx, mHash, hLen); - if (sLen) - EVP_DigestUpdate(&ctx, salt, sLen); - EVP_DigestFinal(&ctx, H, NULL); + if (!EVP_DigestInit_ex(&ctx, Hash, NULL) + || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) + || !EVP_DigestUpdate(&ctx, mHash, hLen)) + goto err; + if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen)) + goto err; + if (!EVP_DigestFinal_ex(&ctx, H, NULL)) + goto err; EVP_MD_CTX_cleanup(&ctx); /* Generate dbMask in place then perform XOR on it */ - PKCS1_MGF1(EM, maskedDBLen, H, hLen, Hash); + if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash)) + goto err; p = EM; @@ -254,8 +289,12 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM, err: if (salt) - OPENSSL_free(salt); + free(salt); return ret; } + +#if defined(_MSC_VER) +#pragma optimize("",on) +#endif diff --git a/lib/libcrypto/rsa/rsa_saos.c b/lib/libcrypto/rsa/rsa_saos.c index f98e0a80a6c..ee5473a184b 100644 --- a/lib/libcrypto/rsa/rsa_saos.c +++ b/lib/libcrypto/rsa/rsa_saos.c @@ -82,7 +82,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); return(0); } - s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); + s=(unsigned char *)malloc((unsigned int)j+1); if (s == NULL) { RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); @@ -97,7 +97,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, *siglen=i; OPENSSL_cleanse(s,(unsigned int)j+1); - OPENSSL_free(s); + free(s); return(ret); } @@ -117,7 +117,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, return(0); } - s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); + s=(unsigned char *)malloc((unsigned int)siglen); if (s == NULL) { RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); @@ -143,7 +143,7 @@ err: if (s != NULL) { OPENSSL_cleanse(s,(unsigned int)siglen); - OPENSSL_free(s); + free(s); } return(ret); } diff --git a/lib/libcrypto/rsa/rsa_sign.c b/lib/libcrypto/rsa/rsa_sign.c index fa3239ab30a..71d6bb3ce42 100644 --- a/lib/libcrypto/rsa/rsa_sign.c +++ b/lib/libcrypto/rsa/rsa_sign.c @@ -120,7 +120,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, return(0); } if(type != NID_md5_sha1) { - tmps=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); + tmps=(unsigned char *)malloc((unsigned int)j+1); if (tmps == NULL) { RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); @@ -138,7 +138,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, if(type != NID_md5_sha1) { OPENSSL_cleanse(tmps,(unsigned int)j+1); - OPENSSL_free(tmps); + free(tmps); } return(ret); } @@ -169,7 +169,7 @@ int int_rsa_verify(int dtype, const unsigned char *m, return 1; } - s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); + s=(unsigned char *)malloc((unsigned int)siglen); if (s == NULL) { RSAerr(RSA_F_INT_RSA_VERIFY,ERR_R_MALLOC_FAILURE); @@ -281,7 +281,7 @@ err: if (s != NULL) { OPENSSL_cleanse(s,(unsigned int)siglen); - OPENSSL_free(s); + free(s); } return(ret); } diff --git a/lib/libcrypto/srp/srp_lib.c b/lib/libcrypto/srp/srp_lib.c index 92cea98dcd6..8cc94f51db8 100644 --- a/lib/libcrypto/srp/srp_lib.c +++ b/lib/libcrypto/srp/srp_lib.c @@ -63,13 +63,17 @@ #include <openssl/evp.h> #if (BN_BYTES == 8) -#define bn_pack4(a1,a2,a3,a4) 0x##a1##a2##a3##a4##ul -#endif -#if (BN_BYTES == 4) -#define bn_pack4(a1,a2,a3,a4) 0x##a3##a4##ul, 0x##a1##a2##ul -#endif -#if (BN_BYTES == 2) -#define bn_pack4(a1,a2,a3,a4) 0x##a4##u,0x##a3##u,0x##a2##u,0x##a1##u +# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__) +# define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64) +# elif defined(__arch64__) +# define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL) +# else +# define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL) +# endif +#elif (BN_BYTES == 4) +# define bn_pack4(a1,a2,a3,a4) ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL) +#else +# error "unsupported BN_BYTES" #endif @@ -85,7 +89,7 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g) int longg ; int longN = BN_num_bytes(N); - if ((tmp = OPENSSL_malloc(longN)) == NULL) + if ((tmp = malloc(longN)) == NULL) return NULL; BN_bn2bin(N,tmp) ; @@ -98,7 +102,7 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g) /* use the zeros behind to pad on left */ EVP_DigestUpdate(&ctxt, tmp + longg, longN-longg); EVP_DigestUpdate(&ctxt, tmp, longg); - OPENSSL_free(tmp); + free(tmp); EVP_DigestFinal_ex(&ctxt, digest, NULL); EVP_MD_CTX_cleanup(&ctxt); @@ -119,7 +123,7 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) longN= BN_num_bytes(N); - if ((cAB = OPENSSL_malloc(2*longN)) == NULL) + if ((cAB = malloc(2*longN)) == NULL) return NULL; memset(cAB, 0, longN); @@ -128,7 +132,7 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N) EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL); EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(A,cAB+longN), longN); EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(B,cAB+longN), longN); - OPENSSL_free(cAB); + free(cAB); EVP_DigestFinal_ex(&ctxt, cu, NULL); EVP_MD_CTX_cleanup(&ctxt); @@ -211,7 +215,7 @@ BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass) (pass == NULL)) return NULL; - if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL) + if ((cs = malloc(BN_num_bytes(s))) == NULL) return NULL; EVP_MD_CTX_init(&ctxt); @@ -224,7 +228,7 @@ BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass) EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL); BN_bn2bin(s,cs); EVP_DigestUpdate(&ctxt, cs, BN_num_bytes(s)); - OPENSSL_free(cs); + free(cs); EVP_DigestUpdate(&ctxt, dig, sizeof(dig)); EVP_DigestFinal_ex(&ctxt, dig, NULL); EVP_MD_CTX_cleanup(&ctxt); diff --git a/lib/libcrypto/srp/srp_vfy.c b/lib/libcrypto/srp/srp_vfy.c index c8be907d7f7..de7dbe5bbd4 100644 --- a/lib/libcrypto/srp/srp_vfy.c +++ b/lib/libcrypto/srp/srp_vfy.c @@ -185,14 +185,14 @@ static void SRP_user_pwd_free(SRP_user_pwd *user_pwd) return; BN_free(user_pwd->s); BN_clear_free(user_pwd->v); - OPENSSL_free(user_pwd->id); - OPENSSL_free(user_pwd->info); - OPENSSL_free(user_pwd); + free(user_pwd->id); + free(user_pwd->info); + free(user_pwd); } static SRP_user_pwd *SRP_user_pwd_new() { - SRP_user_pwd *ret = OPENSSL_malloc(sizeof(SRP_user_pwd)); + SRP_user_pwd *ret = malloc(sizeof(SRP_user_pwd)); if (ret == NULL) return NULL; ret->N = NULL; @@ -243,14 +243,14 @@ static int SRP_user_pwd_set_sv_BN(SRP_user_pwd *vinfo, BIGNUM *s, BIGNUM *v) SRP_VBASE *SRP_VBASE_new(char *seed_key) { - SRP_VBASE *vb = (SRP_VBASE *) OPENSSL_malloc(sizeof(SRP_VBASE)); + SRP_VBASE *vb = (SRP_VBASE *) malloc(sizeof(SRP_VBASE)); if (vb == NULL) return NULL; if (!(vb->users_pwd = sk_SRP_user_pwd_new_null()) || !(vb->gN_cache = sk_SRP_gN_cache_new_null())) { - OPENSSL_free(vb); + free(vb); return NULL; } vb->default_g = NULL; @@ -261,7 +261,7 @@ SRP_VBASE *SRP_VBASE_new(char *seed_key) { sk_SRP_user_pwd_free(vb->users_pwd); sk_SRP_gN_cache_free(vb->gN_cache); - OPENSSL_free(vb); + free(vb); return NULL; } return vb; @@ -272,8 +272,8 @@ int SRP_VBASE_free(SRP_VBASE *vb) { sk_SRP_user_pwd_pop_free(vb->users_pwd,SRP_user_pwd_free); sk_SRP_gN_cache_free(vb->gN_cache); - OPENSSL_free(vb->seed_key); - OPENSSL_free(vb); + free(vb->seed_key); + free(vb); return 0; } @@ -283,7 +283,7 @@ static SRP_gN_cache *SRP_gN_new_init(const char *ch) unsigned char tmp[MAX_LEN]; int len; - SRP_gN_cache *newgN = (SRP_gN_cache *)OPENSSL_malloc(sizeof(SRP_gN_cache)); + SRP_gN_cache *newgN = (SRP_gN_cache *)malloc(sizeof(SRP_gN_cache)); if (newgN == NULL) return NULL; @@ -294,9 +294,9 @@ static SRP_gN_cache *SRP_gN_new_init(const char *ch) if ((newgN->bn = BN_bin2bn(tmp, len, NULL))) return newgN; - OPENSSL_free(newgN->b64_bn); + free(newgN->b64_bn); err: - OPENSSL_free(newgN); + free(newgN); return NULL; } @@ -305,9 +305,9 @@ static void SRP_gN_free(SRP_gN_cache *gN_cache) { if (gN_cache == NULL) return; - OPENSSL_free(gN_cache->b64_bn); + free(gN_cache->b64_bn); BN_free(gN_cache->bn); - OPENSSL_free(gN_cache); + free(gN_cache); } static SRP_gN *SRP_get_gN_by_id(const char *id, STACK_OF(SRP_gN) *gN_tab) @@ -390,12 +390,12 @@ int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file) } for (i = 0; i < sk_OPENSSL_PSTRING_num(tmpdb->data); i++) { - pp = (char **)sk_OPENSSL_PSTRING_value(tmpdb->data,i); + pp = sk_OPENSSL_PSTRING_value(tmpdb->data,i); if (pp[DB_srptype][0] == DB_SRP_INDEX) { /*we add this couple in the internal Stack */ - if ((gN = (SRP_gN *)OPENSSL_malloc(sizeof(SRP_gN))) == NULL) + if ((gN = (SRP_gN *)malloc(sizeof(SRP_gN))) == NULL) goto err; if (!(gN->id = BUF_strdup(pp[DB_srpid])) @@ -456,8 +456,8 @@ int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file) if (gN != NULL) { - OPENSSL_free(gN->id); - OPENSSL_free(gN); + free(gN->id); + free(gN); } SRP_user_pwd_free(user_pwd); @@ -573,7 +573,7 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt, if(!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn)) goto err; BN_bn2bin(v,tmp); - if (((vf = OPENSSL_malloc(BN_num_bytes(v)*2)) == NULL)) + if (((vf = malloc(BN_num_bytes(v)*2)) == NULL)) goto err; t_tob64(vf, tmp, BN_num_bytes(v)); @@ -581,9 +581,10 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt, if (*salt == NULL) { char *tmp_salt; - if ((tmp_salt = (char *)OPENSSL_malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL) + + if ((tmp_salt = malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL) { - OPENSSL_free(vf); + free(vf); goto err; } t_tob64(tmp_salt, tmp2, SRP_RANDOM_SALT_LEN); diff --git a/lib/libcrypto/stack/stack.c b/lib/libcrypto/stack/stack.c index 76cf1a11689..dabf26d2cd9 100644 --- a/lib/libcrypto/stack/stack.c +++ b/lib/libcrypto/stack/stack.c @@ -95,7 +95,7 @@ _STACK *sk_dup(_STACK *sk) char **s; if ((ret=sk_new(sk->comp)) == NULL) goto err; - s=(char **)OPENSSL_realloc((char *)ret->data, + s=(char **)realloc((char *)ret->data, (unsigned int)sizeof(char *)*sk->num_alloc); if (s == NULL) goto err; ret->data=s; @@ -122,9 +122,9 @@ _STACK *sk_new(int (*c)(const void *, const void *)) _STACK *ret; int i; - if ((ret=OPENSSL_malloc(sizeof(_STACK))) == NULL) + if ((ret=malloc(sizeof(_STACK))) == NULL) goto err; - if ((ret->data=OPENSSL_malloc(sizeof(char *)*MIN_NODES)) == NULL) + if ((ret->data=malloc(sizeof(char *)*MIN_NODES)) == NULL) goto err; for (i=0; i<MIN_NODES; i++) ret->data[i]=NULL; @@ -135,7 +135,7 @@ _STACK *sk_new(int (*c)(const void *, const void *)) return(ret); err: if(ret) - OPENSSL_free(ret); + free(ret); return(NULL); } @@ -146,7 +146,7 @@ int sk_insert(_STACK *st, void *data, int loc) if(st == NULL) return 0; if (st->num_alloc <= st->num+1) { - s=OPENSSL_realloc((char *)st->data, + s=realloc((char *)st->data, (unsigned int)sizeof(char *)*st->num_alloc*2); if (s == NULL) return(0); @@ -287,8 +287,8 @@ void sk_pop_free(_STACK *st, void (*func)(void *)) void sk_free(_STACK *st) { if (st == NULL) return; - if (st->data != NULL) OPENSSL_free(st->data); - OPENSSL_free(st); + if (st->data != NULL) free(st->data); + free(st); } int sk_num(const _STACK *st) diff --git a/lib/libcrypto/store/str_lib.c b/lib/libcrypto/store/str_lib.c index e92dc1f51c2..a451e9cb743 100644 --- a/lib/libcrypto/store/str_lib.c +++ b/lib/libcrypto/store/str_lib.c @@ -112,7 +112,7 @@ STORE *STORE_new_method(const STORE_METHOD *method) return NULL; } - ret=(STORE *)OPENSSL_malloc(sizeof(STORE)); + ret=(STORE *)malloc(sizeof(STORE)); if (ret == NULL) { STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -185,7 +185,7 @@ void STORE_free(STORE *store) if (store->meth->clean) store->meth->clean(store); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data); - OPENSSL_free(store); + free(store); } int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f)(void)) @@ -1227,7 +1227,7 @@ int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[], STORE_OBJECT *STORE_OBJECT_new(void) { - STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT)); + STORE_OBJECT *object = malloc(sizeof(STORE_OBJECT)); if (object) memset(object, 0, sizeof(STORE_OBJECT)); return object; } @@ -1253,7 +1253,7 @@ void STORE_OBJECT_free(STORE_OBJECT *data) BUF_MEM_free(data->data.arbitrary); break; } - OPENSSL_free(data); + free(data); } IMPLEMENT_STACK_OF(STORE_OBJECT*) @@ -1280,7 +1280,7 @@ struct STORE_attr_info_st STORE_ATTR_INFO *STORE_ATTR_INFO_new(void) { - return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO)); + return (STORE_ATTR_INFO *)malloc(sizeof(STORE_ATTR_INFO)); } static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code) @@ -1320,7 +1320,7 @@ int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs) STORE_ATTR_TYPES i; for(i = 0; i++ < STORE_ATTR_TYPE_NUM;) STORE_ATTR_INFO_attr_free(attrs, i); - OPENSSL_free(attrs); + free(attrs); } return 1; } @@ -1474,7 +1474,7 @@ int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code, } if (ATTR_IS_SET(attrs,code)) { - OPENSSL_free(attrs->values[code].cstring); + free(attrs->values[code].cstring); attrs->values[code].cstring = NULL; CLEAR_ATTRBIT(attrs, code); } @@ -1491,7 +1491,7 @@ int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code } if (ATTR_IS_SET(attrs,code)) { - OPENSSL_free(attrs->values[code].sha1string); + free(attrs->values[code].sha1string); attrs->values[code].sha1string = NULL; CLEAR_ATTRBIT(attrs, code); } @@ -1508,7 +1508,7 @@ int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code, } if (ATTR_IS_SET(attrs,code)) { - OPENSSL_free(attrs->values[code].dn); + free(attrs->values[code].dn); attrs->values[code].dn = NULL; CLEAR_ATTRBIT(attrs, code); } @@ -1525,7 +1525,7 @@ int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code, } if (ATTR_IS_SET(attrs,code)) { - OPENSSL_free(attrs->values[code].number); + free(attrs->values[code].number); attrs->values[code].number = NULL; CLEAR_ATTRBIT(attrs, code); } @@ -1541,7 +1541,7 @@ void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes) if (attributes) { struct attr_list_ctx_st *context = - (struct attr_list_ctx_st *)OPENSSL_malloc(sizeof(struct attr_list_ctx_st)); + (struct attr_list_ctx_st *)malloc(sizeof(struct attr_list_ctx_st)); if (context) context->attributes = attributes; else @@ -1650,7 +1650,7 @@ int STORE_parse_attrs_end(void *handle) #if 0 OPENSSL_ITEM *attributes = context->attributes; #endif - OPENSSL_free(context); + free(context); return 1; } STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER); diff --git a/lib/libcrypto/store/str_mem.c b/lib/libcrypto/store/str_mem.c index 527757ae099..997e60fe930 100644 --- a/lib/libcrypto/store/str_mem.c +++ b/lib/libcrypto/store/str_mem.c @@ -76,30 +76,35 @@ attribute type code). */ -struct mem_object_data_st +typedef struct mem_object_data_st { STORE_OBJECT *object; STORE_ATTR_INFO *attr_info; int references; - }; + } MEM_OBJECT_DATA; +DECLARE_STACK_OF(MEM_OBJECT_DATA) struct mem_data_st { - STACK *data; /* A stack of mem_object_data_st, - sorted with STORE_ATTR_INFO_compare(). */ + STACK_OF(MEM_OBJECT_DATA) *data; /* sorted with + * STORE_ATTR_INFO_compare(). */ unsigned int compute_components : 1; /* Currently unused, but can be used to add attributes from parts of the data. */ }; +DECLARE_STACK_OF(STORE_ATTR_INFO) struct mem_ctx_st { int type; /* The type we're searching for */ - STACK *search_attributes; /* Sets of attributes to search for. - Each element is a STORE_ATTR_INFO. */ - int search_index; /* which of the search attributes we found a match - for, -1 when we still haven't found any */ - int index; /* -1 as long as we're searching for the first */ + STACK_OF(STORE_ATTR_INFO) *search_attributes; /* Sets of + attributes to search for. Each + element is a STORE_ATTR_INFO. */ + int search_index; /* which of the search attributes we + found a match for, -1 when we still + haven't found any */ + int index; /* -1 as long as we're searching for + the first */ }; static int mem_init(STORE *s); @@ -217,7 +222,7 @@ static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type, OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]) { struct mem_ctx_st *context = - (struct mem_ctx_st *)OPENSSL_malloc(sizeof(struct mem_ctx_st)); + (struct mem_ctx_st *)malloc(sizeof(struct mem_ctx_st)); void *attribute_context = NULL; STORE_ATTR_INFO *attrs = NULL; @@ -240,7 +245,7 @@ static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type, if (context->search_attributes == NULL) { context->search_attributes = - sk_new((int (*)(const char * const *, const char * const *))STORE_ATTR_INFO_compare); + sk_STORE_ATTR_INFO_new(STORE_ATTR_INFO_compare); if (!context->search_attributes) { STOREerr(STORE_F_MEM_LIST_START, @@ -248,7 +253,7 @@ static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type, goto err; } } - sk_push(context->search_attributes,(char *)attrs); + sk_STORE_ATTR_INFO_push(context->search_attributes,attrs); } if (!STORE_parse_attrs_endp(attribute_context)) goto err; @@ -284,11 +289,14 @@ static STORE_OBJECT *mem_list_next(STORE *s, void *handle) if (context->search_index == -1) { - for (i = 0; i < sk_num(context->search_attributes); i++) + for (i = 0; + i < sk_STORE_ATTR_INFO_num(context->search_attributes); + i++) { - key.attr_info = - (STORE_ATTR_INFO *)sk_value(context->search_attributes, i); - srch = sk_find_ex(store->data, (char *)&key); + key.attr_info + = sk_STORE_ATTR_INFO_value(context->search_attributes, + i); + srch = sk_MEM_OBJECT_DATA_find_ex(store->data, &key); if (srch >= 0) { @@ -301,21 +309,20 @@ static STORE_OBJECT *mem_list_next(STORE *s, void *handle) return NULL; key.attr_info = - (STORE_ATTR_INFO *)sk_value(context->search_attributes, - context->search_index); + sk_STORE_ATTR_INFO_value(context->search_attributes, + context->search_index); for(srch = context->search_index; - srch < sk_num(store->data) + srch < sk_MEM_OBJECT_DATA_num(store->data) && STORE_ATTR_INFO_in_range(key.attr_info, - (STORE_ATTR_INFO *)sk_value(store->data, srch)) + sk_MEM_OBJECT_DATA_value(store->data, srch)->attr_info) && !(cres = STORE_ATTR_INFO_in_ex(key.attr_info, - (STORE_ATTR_INFO *)sk_value(store->data, srch))); + sk_MEM_OBJECT_DATA_value(store->data, srch)->attr_info)); srch++) ; context->search_index = srch; if (cres) - return ((struct mem_object_data_st *)sk_value(store->data, - srch))->object; + return (sk_MEM_OBJECT_DATA_value(store->data, srch))->object; return NULL; } static int mem_list_end(STORE *s, void *handle) @@ -328,8 +335,8 @@ static int mem_list_end(STORE *s, void *handle) return 0; } if (context && context->search_attributes) - sk_free(context->search_attributes); - if (context) OPENSSL_free(context); + sk_STORE_ATTR_INFO_free(context->search_attributes); + if (context) free(context); return 1; } static int mem_list_endp(STORE *s, void *handle) @@ -337,7 +344,8 @@ static int mem_list_endp(STORE *s, void *handle) struct mem_ctx_st *context = (struct mem_ctx_st *)handle; if (!context - || context->search_index == sk_num(context->search_attributes)) + || context->search_index + == sk_STORE_ATTR_INFO_num(context->search_attributes)) return 1; return 0; } diff --git a/lib/libcrypto/store/str_meth.c b/lib/libcrypto/store/str_meth.c index a46de03a260..8944824618e 100644 --- a/lib/libcrypto/store/str_meth.c +++ b/lib/libcrypto/store/str_meth.c @@ -62,7 +62,7 @@ STORE_METHOD *STORE_create_method(char *name) { - STORE_METHOD *store_method = (STORE_METHOD *)OPENSSL_malloc(sizeof(STORE_METHOD)); + STORE_METHOD *store_method = (STORE_METHOD *)malloc(sizeof(STORE_METHOD)); if (store_method) { @@ -78,9 +78,9 @@ STORE_METHOD *STORE_create_method(char *name) void STORE_destroy_method(STORE_METHOD *store_method) { if (!store_method) return; - OPENSSL_free(store_method->name); + free(store_method->name); store_method->name = NULL; - OPENSSL_free(store_method); + free(store_method); } int STORE_method_set_initialise_function(STORE_METHOD *sm, STORE_INITIALISE_FUNC_PTR init_f) diff --git a/lib/libcrypto/ts/ts_lib.c b/lib/libcrypto/ts/ts_lib.c index e8608dbf711..a8de801e28f 100644 --- a/lib/libcrypto/ts/ts_lib.c +++ b/lib/libcrypto/ts/ts_lib.c @@ -79,7 +79,7 @@ int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num) { result = BIO_write(bio, "0x", 2) > 0; result = result && BIO_write(bio, hex, strlen(hex)) > 0; - OPENSSL_free(hex); + free(hex); } BN_free(&num_bn); diff --git a/lib/libcrypto/ts/ts_rsp_sign.c b/lib/libcrypto/ts/ts_rsp_sign.c index e7186a8ce01..e52c9ff03bc 100644 --- a/lib/libcrypto/ts/ts_rsp_sign.c +++ b/lib/libcrypto/ts/ts_rsp_sign.c @@ -167,7 +167,7 @@ TS_RESP_CTX *TS_RESP_CTX_new() { TS_RESP_CTX *ctx; - if (!(ctx = (TS_RESP_CTX *) OPENSSL_malloc(sizeof(TS_RESP_CTX)))) + if (!(ctx = (TS_RESP_CTX *) malloc(sizeof(TS_RESP_CTX)))) { TSerr(TS_F_TS_RESP_CTX_NEW, ERR_R_MALLOC_FAILURE); return NULL; @@ -195,7 +195,7 @@ void TS_RESP_CTX_free(TS_RESP_CTX *ctx) ASN1_INTEGER_free(ctx->seconds); ASN1_INTEGER_free(ctx->millis); ASN1_INTEGER_free(ctx->micros); - OPENSSL_free(ctx); + free(ctx); } int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer) @@ -922,7 +922,7 @@ static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc) int len; len = i2d_ESS_SIGNING_CERT(sc, NULL); - if (!(pp = (unsigned char *) OPENSSL_malloc(len))) + if (!(pp = (unsigned char *) malloc(len))) { TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE); goto err; @@ -934,13 +934,13 @@ static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc) TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE); goto err; } - OPENSSL_free(pp); pp = NULL; + free(pp); pp = NULL; return PKCS7_add_signed_attribute(si, NID_id_smime_aa_signingCertificate, V_ASN1_SEQUENCE, seq); err: ASN1_STRING_free(seq); - OPENSSL_free(pp); + free(pp); return 0; } diff --git a/lib/libcrypto/ts/ts_rsp_verify.c b/lib/libcrypto/ts/ts_rsp_verify.c index f241230ef4a..d51500b5d44 100644 --- a/lib/libcrypto/ts/ts_rsp_verify.c +++ b/lib/libcrypto/ts/ts_rsp_verify.c @@ -472,7 +472,7 @@ static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx, err: X509_free(signer); X509_ALGOR_free(md_alg); - OPENSSL_free(imprint); + free(imprint); return ret; } @@ -528,7 +528,7 @@ static int TS_check_status_info(TS_RESP *response) ", status text: ", embedded_status_text ? embedded_status_text : "unspecified", ", failure codes: ", failure_text); - OPENSSL_free(embedded_status_text); + free(embedded_status_text); return 0; } @@ -547,7 +547,7 @@ static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text) length += 1; /* separator character */ } /* Allocate memory (closing '\0' included). */ - if (!(result = OPENSSL_malloc(length))) + if (!(result = malloc(length))) { TSerr(TS_F_TS_GET_STATUS_TEXT, ERR_R_MALLOC_FAILURE); return NULL; @@ -606,7 +606,7 @@ static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info, if (length < 0) goto err; *imprint_len = length; - if (!(*imprint = OPENSSL_malloc(*imprint_len))) + if (!(*imprint = malloc(*imprint_len))) { TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE); goto err; @@ -625,7 +625,7 @@ static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info, return 1; err: X509_ALGOR_free(*md_alg); - OPENSSL_free(*imprint); + free(*imprint); *imprint_len = 0; return 0; } diff --git a/lib/libcrypto/ts/ts_verify_ctx.c b/lib/libcrypto/ts/ts_verify_ctx.c index b079b50fc37..629107aeec2 100644 --- a/lib/libcrypto/ts/ts_verify_ctx.c +++ b/lib/libcrypto/ts/ts_verify_ctx.c @@ -56,7 +56,6 @@ * */ -#include <assert.h> #include "cryptlib.h" #include <openssl/objects.h> #include <openssl/ts.h> @@ -64,7 +63,7 @@ TS_VERIFY_CTX *TS_VERIFY_CTX_new(void) { TS_VERIFY_CTX *ctx = - (TS_VERIFY_CTX *) OPENSSL_malloc(sizeof(TS_VERIFY_CTX)); + (TS_VERIFY_CTX *) malloc(sizeof(TS_VERIFY_CTX)); if (ctx) memset(ctx, 0, sizeof(TS_VERIFY_CTX)); else @@ -74,7 +73,7 @@ TS_VERIFY_CTX *TS_VERIFY_CTX_new(void) void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx) { - assert(ctx != NULL); + OPENSSL_assert(ctx != NULL); memset(ctx, 0, sizeof(TS_VERIFY_CTX)); } @@ -83,7 +82,7 @@ void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx) if (!ctx) return; TS_VERIFY_CTX_cleanup(ctx); - OPENSSL_free(ctx); + free(ctx); } void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx) @@ -96,7 +95,7 @@ void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx) ASN1_OBJECT_free(ctx->policy); X509_ALGOR_free(ctx->md_alg); - OPENSSL_free(ctx->imprint); + free(ctx->imprint); BIO_free_all(ctx->data); @@ -116,7 +115,7 @@ TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx) ASN1_OCTET_STRING *msg; const ASN1_INTEGER *nonce; - assert(req != NULL); + OPENSSL_assert(req != NULL); if (ret) TS_VERIFY_CTX_cleanup(ret); else @@ -139,7 +138,7 @@ TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx) if (!(ret->md_alg = X509_ALGOR_dup(md_alg))) goto err; msg = TS_MSG_IMPRINT_get_msg(imprint); ret->imprint_len = ASN1_STRING_length(msg); - if (!(ret->imprint = OPENSSL_malloc(ret->imprint_len))) goto err; + if (!(ret->imprint = malloc(ret->imprint_len))) goto err; memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len); /* Setting nonce. */ diff --git a/lib/libcrypto/txt_db/txt_db.c b/lib/libcrypto/txt_db/txt_db.c index 6f2ce3b5a49..c1e7a79a1a6 100644 --- a/lib/libcrypto/txt_db/txt_db.c +++ b/lib/libcrypto/txt_db/txt_db.c @@ -84,16 +84,16 @@ TXT_DB *TXT_DB_read(BIO *in, int num) if ((buf=BUF_MEM_new()) == NULL) goto err; if (!BUF_MEM_grow(buf,size)) goto err; - if ((ret=OPENSSL_malloc(sizeof(TXT_DB))) == NULL) + if ((ret=malloc(sizeof(TXT_DB))) == NULL) goto err; ret->num_fields=num; ret->index=NULL; ret->qual=NULL; if ((ret->data=sk_OPENSSL_PSTRING_new_null()) == NULL) goto err; - if ((ret->index=OPENSSL_malloc(sizeof(*ret->index)*num)) == NULL) + if ((ret->index=malloc(sizeof(*ret->index)*num)) == NULL) goto err; - if ((ret->qual=OPENSSL_malloc(sizeof(*(ret->qual))*num)) == NULL) + if ((ret->qual=malloc(sizeof(*(ret->qual))*num)) == NULL) goto err; for (i=0; i<num; i++) { @@ -123,7 +123,7 @@ TXT_DB *TXT_DB_read(BIO *in, int num) else { buf->data[offset-1]='\0'; /* blat the '\n' */ - if (!(p=OPENSSL_malloc(add+offset))) goto err; + if (!(p=malloc(add+offset))) goto err; offset=0; } pp=(char **)p; @@ -178,14 +178,14 @@ err: if (er) { #if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) - if (er == 1) fprintf(stderr,"OPENSSL_malloc failure\n"); + if (er == 1) fprintf(stderr,"malloc failure\n"); #endif if (ret != NULL) { if (ret->data != NULL) sk_OPENSSL_PSTRING_free(ret->data); - if (ret->index != NULL) OPENSSL_free(ret->index); - if (ret->qual != NULL) OPENSSL_free(ret->qual); - if (ret != NULL) OPENSSL_free(ret); + if (ret->index != NULL) free(ret->index); + if (ret->qual != NULL) free(ret->qual); + if (ret != NULL) free(ret); } return(NULL); } @@ -354,10 +354,10 @@ void TXT_DB_free(TXT_DB *db) { for (i=db->num_fields-1; i>=0; i--) if (db->index[i] != NULL) lh_OPENSSL_STRING_free(db->index[i]); - OPENSSL_free(db->index); + free(db->index); } if (db->qual != NULL) - OPENSSL_free(db->qual); + free(db->qual); if (db->data != NULL) { for (i=sk_OPENSSL_PSTRING_num(db->data)-1; i>=0; i--) @@ -369,7 +369,7 @@ void TXT_DB_free(TXT_DB *db) if (max == NULL) /* new row */ { for (n=0; n<db->num_fields; n++) - if (p[n] != NULL) OPENSSL_free(p[n]); + if (p[n] != NULL) free(p[n]); } else { @@ -377,12 +377,12 @@ void TXT_DB_free(TXT_DB *db) { if (((p[n] < (char *)p) || (p[n] > max)) && (p[n] != NULL)) - OPENSSL_free(p[n]); + free(p[n]); } } - OPENSSL_free(sk_OPENSSL_PSTRING_value(db->data,i)); + free(sk_OPENSSL_PSTRING_value(db->data,i)); } sk_OPENSSL_PSTRING_free(db->data); } - OPENSSL_free(db); + free(db); } diff --git a/lib/libcrypto/ui/ui.h b/lib/libcrypto/ui/ui.h index bd78aa413f8..ed35e50eb45 100644 --- a/lib/libcrypto/ui/ui.h +++ b/lib/libcrypto/ui/ui.h @@ -173,7 +173,7 @@ int UI_dup_error_string(UI *ui, const char *text); and object_name is the name of the object (might be a card name or a file name. The returned string shall always be allocated on the heap with - OPENSSL_malloc(), and need to be free'd with OPENSSL_free(). + malloc(), and need to be free'd with free(). If the ui_method doesn't contain a pointer to a user-defined prompt constructor, a default string is built, looking like this: diff --git a/lib/libcrypto/ui/ui_lib.c b/lib/libcrypto/ui/ui_lib.c index 6113060aa90..d3cadd51f6d 100644 --- a/lib/libcrypto/ui/ui_lib.c +++ b/lib/libcrypto/ui/ui_lib.c @@ -77,7 +77,7 @@ UI *UI_new_method(const UI_METHOD *method) { UI *ret; - ret=(UI *)OPENSSL_malloc(sizeof(UI)); + ret=(UI *)malloc(sizeof(UI)); if (ret == NULL) { UIerr(UI_F_UI_NEW_METHOD,ERR_R_MALLOC_FAILURE); @@ -99,19 +99,19 @@ static void free_string(UI_STRING *uis) { if (uis->flags & OUT_STRING_FREEABLE) { - OPENSSL_free((char *)uis->out_string); + free((char *)uis->out_string); switch(uis->type) { case UIT_BOOLEAN: - OPENSSL_free((char *)uis->_.boolean_data.action_desc); - OPENSSL_free((char *)uis->_.boolean_data.ok_chars); - OPENSSL_free((char *)uis->_.boolean_data.cancel_chars); + free((char *)uis->_.boolean_data.action_desc); + free((char *)uis->_.boolean_data.ok_chars); + free((char *)uis->_.boolean_data.cancel_chars); break; default: break; } } - OPENSSL_free(uis); + free(uis); } void UI_free(UI *ui) @@ -120,7 +120,7 @@ void UI_free(UI *ui) return; sk_UI_STRING_pop_free(ui->strings,free_string); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_UI, ui, &ui->ex_data); - OPENSSL_free(ui); + free(ui); } static int allocate_string_stack(UI *ui) @@ -151,7 +151,7 @@ static UI_STRING *general_allocate_prompt(UI *ui, const char *prompt, { UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,UI_R_NO_RESULT_BUFFER); } - else if ((ret = (UI_STRING *)OPENSSL_malloc(sizeof(UI_STRING)))) + else if ((ret = (UI_STRING *)malloc(sizeof(UI_STRING)))) { ret->out_string=prompt; ret->flags=prompt_freeable ? OUT_STRING_FREEABLE : 0; @@ -354,10 +354,10 @@ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc, ok_chars_copy, cancel_chars_copy, 1, UIT_BOOLEAN, flags, result_buf); err: - if (prompt_copy) OPENSSL_free(prompt_copy); - if (action_desc_copy) OPENSSL_free(action_desc_copy); - if (ok_chars_copy) OPENSSL_free(ok_chars_copy); - if (cancel_chars_copy) OPENSSL_free(cancel_chars_copy); + if (prompt_copy) free(prompt_copy); + if (action_desc_copy) free(action_desc_copy); + if (ok_chars_copy) free(ok_chars_copy); + if (cancel_chars_copy) free(cancel_chars_copy); return -1; } @@ -430,7 +430,7 @@ char *UI_construct_prompt(UI *ui, const char *object_desc, len += sizeof(prompt2) - 1 + strlen(object_name); len += sizeof(prompt3) - 1; - prompt = (char *)OPENSSL_malloc(len + 1); + prompt = (char *)malloc(len + 1); BUF_strlcpy(prompt, prompt1, len + 1); BUF_strlcat(prompt, object_desc, len + 1); if (object_name) @@ -618,7 +618,7 @@ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth) UI_METHOD *UI_create_method(char *name) { - UI_METHOD *ui_method = (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD)); + UI_METHOD *ui_method = (UI_METHOD *)malloc(sizeof(UI_METHOD)); if (ui_method) { @@ -633,9 +633,9 @@ UI_METHOD *UI_create_method(char *name) anything Murphy can throw at you and more! You have been warned. */ void UI_destroy_method(UI_METHOD *ui_method) { - OPENSSL_free(ui_method->name); + free(ui_method->name); ui_method->name = NULL; - OPENSSL_free(ui_method); + free(ui_method); } int UI_method_set_opener(UI_METHOD *method, int (*opener)(UI *ui)) diff --git a/lib/libcrypto/ui/ui_locl.h b/lib/libcrypto/ui/ui_locl.h index aa4a55637d9..39789e26380 100644 --- a/lib/libcrypto/ui/ui_locl.h +++ b/lib/libcrypto/ui/ui_locl.h @@ -94,7 +94,7 @@ struct ui_method_st and object_name is the name of the object (might be a card name or a file name. The returned string shall always be allocated on the heap with - OPENSSL_malloc(), and need to be free'd with OPENSSL_free(). */ + malloc(), and need to be free'd with free(). */ char *(*ui_construct_prompt)(UI *ui, const char *object_desc, const char *object_name); }; diff --git a/lib/libcrypto/x509/by_dir.c b/lib/libcrypto/x509/by_dir.c index ccf2f6e0bf6..3b72fd302fd 100644 --- a/lib/libcrypto/x509/by_dir.c +++ b/lib/libcrypto/x509/by_dir.c @@ -153,10 +153,10 @@ new_dir(X509_LOOKUP *lu) { BY_DIR *a; - if ((a = (BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL) + if ((a = (BY_DIR *)malloc(sizeof(BY_DIR))) == NULL) return (0); if ((a->buffer = BUF_MEM_new()) == NULL) { - OPENSSL_free(a); + free(a); return (0); } a->dirs = NULL; @@ -167,7 +167,7 @@ new_dir(X509_LOOKUP *lu) static void by_dir_hash_free(BY_DIR_HASH *hash) { - OPENSSL_free(hash); + free(hash); } static int @@ -185,10 +185,10 @@ static void by_dir_entry_free(BY_DIR_ENTRY *ent) { if (ent->dir) - OPENSSL_free(ent->dir); + free(ent->dir); if (ent->hashes) sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free); - OPENSSL_free(ent); + free(ent); } static void @@ -201,7 +201,7 @@ free_dir(X509_LOOKUP *lu) sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free); if (a->buffer != NULL) BUF_MEM_free(a->buffer); - OPENSSL_free(a); + free(a); } static int @@ -241,7 +241,7 @@ add_cert_dir(BY_DIR *ctx, const char *dir, int type) return 0; } } - ent = OPENSSL_malloc(sizeof(BY_DIR_ENTRY)); + ent = malloc(sizeof(BY_DIR_ENTRY)); if (!ent) return 0; ent->dir_type = type; @@ -411,12 +411,12 @@ get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, ent->hashes, idx); } if (!hent) { - hent = OPENSSL_malloc(sizeof(BY_DIR_HASH)); + hent = malloc(sizeof(BY_DIR_HASH)); hent->hash = h; hent->suffix = k; if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) { CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - OPENSSL_free(hent); + free(hent); ok = 0; goto finish; } diff --git a/lib/libcrypto/x509/x509_cmp.c b/lib/libcrypto/x509/x509_cmp.c index 352aa374343..2f1b8953e55 100644 --- a/lib/libcrypto/x509/x509_cmp.c +++ b/lib/libcrypto/x509/x509_cmp.c @@ -90,7 +90,7 @@ unsigned long X509_issuer_and_serial_hash(X509 *a) goto err; if (!EVP_DigestUpdate(&ctx,(unsigned char *)f,strlen(f))) goto err; - OPENSSL_free(f); + free(f); if(!EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data, (unsigned long)a->cert_info->serialNumber->length)) goto err; diff --git a/lib/libcrypto/x509/x509_lu.c b/lib/libcrypto/x509/x509_lu.c index 38525a8cddb..644ea83bace 100644 --- a/lib/libcrypto/x509/x509_lu.c +++ b/lib/libcrypto/x509/x509_lu.c @@ -66,7 +66,7 @@ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) { X509_LOOKUP *ret; - ret=(X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP)); + ret=(X509_LOOKUP *)malloc(sizeof(X509_LOOKUP)); if (ret == NULL) return NULL; ret->init=0; @@ -76,7 +76,7 @@ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) ret->store_ctx=NULL; if ((method->new_item != NULL) && !method->new_item(ret)) { - OPENSSL_free(ret); + free(ret); return NULL; } return ret; @@ -88,7 +88,7 @@ void X509_LOOKUP_free(X509_LOOKUP *ctx) if ( (ctx->method != NULL) && (ctx->method->free != NULL)) (*ctx->method->free)(ctx); - OPENSSL_free(ctx); + free(ctx); } int X509_LOOKUP_init(X509_LOOKUP *ctx) @@ -179,7 +179,7 @@ X509_STORE *X509_STORE_new(void) { X509_STORE *ret; - if ((ret=(X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL) + if ((ret=(X509_STORE *)malloc(sizeof(X509_STORE))) == NULL) return NULL; ret->objs = sk_X509_OBJECT_new(x509_object_cmp); ret->cache=1; @@ -203,7 +203,7 @@ X509_STORE *X509_STORE_new(void) if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data)) { sk_X509_OBJECT_free(ret->objs); - OPENSSL_free(ret); + free(ret); return NULL; } @@ -226,7 +226,7 @@ static void cleanup(X509_OBJECT *a) /* abort(); */ } - OPENSSL_free(a); + free(a); } void X509_STORE_free(X509_STORE *vfy) @@ -251,7 +251,7 @@ void X509_STORE_free(X509_STORE *vfy) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data); if (vfy->param) X509_VERIFY_PARAM_free(vfy->param); - OPENSSL_free(vfy); + free(vfy); } X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) @@ -337,7 +337,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) int ret=1; if (x == NULL) return 0; - obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); + obj=(X509_OBJECT *)malloc(sizeof(X509_OBJECT)); if (obj == NULL) { X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE); @@ -353,7 +353,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) if (X509_OBJECT_retrieve_match(ctx->objs, obj)) { X509_OBJECT_free_contents(obj); - OPENSSL_free(obj); + free(obj); X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; } @@ -370,7 +370,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) int ret=1; if (x == NULL) return 0; - obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); + obj=(X509_OBJECT *)malloc(sizeof(X509_OBJECT)); if (obj == NULL) { X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE); @@ -386,7 +386,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) if (X509_OBJECT_retrieve_match(ctx->objs, obj)) { X509_OBJECT_free_contents(obj); - OPENSSL_free(obj); + free(obj); X509err(X509_F_X509_STORE_ADD_CRL,X509_R_CERT_ALREADY_IN_HASH_TABLE); ret=0; } diff --git a/lib/libcrypto/x509/x509_obj.c b/lib/libcrypto/x509/x509_obj.c index 1d3cf547d7f..5f38315f22e 100644 --- a/lib/libcrypto/x509/x509_obj.c +++ b/lib/libcrypto/x509/x509_obj.c @@ -88,7 +88,7 @@ int i; if(b) { buf=b->data; - OPENSSL_free(b); + free(b); } strlcpy(buf,"NO X509_NAME",len); return buf; @@ -170,7 +170,7 @@ int i; if (b != NULL) { p=b->data; - OPENSSL_free(b); + free(b); } else p=buf; diff --git a/lib/libcrypto/x509/x509_req.c b/lib/libcrypto/x509/x509_req.c index 48183dc00cb..1c5cee80309 100644 --- a/lib/libcrypto/x509/x509_req.c +++ b/lib/libcrypto/x509/x509_req.c @@ -84,7 +84,7 @@ X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) ri=ret->req_info; ri->version->length=1; - ri->version->data=(unsigned char *)OPENSSL_malloc(1); + ri->version->data=(unsigned char *)malloc(1); if (ri->version->data == NULL) goto err; ri->version->data[0]=0; /* version == 0 */ diff --git a/lib/libcrypto/x509/x509_trs.c b/lib/libcrypto/x509/x509_trs.c index a6cb9c8b1b3..7bb5094e640 100644 --- a/lib/libcrypto/x509/x509_trs.c +++ b/lib/libcrypto/x509/x509_trs.c @@ -169,15 +169,15 @@ int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), idx = X509_TRUST_get_by_id(id); /* Need a new entry */ if(idx == -1) { - if(!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) { + if(!(trtmp = malloc(sizeof(X509_TRUST)))) { X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); return 0; } trtmp->flags = X509_TRUST_DYNAMIC; } else trtmp = X509_TRUST_get0(idx); - /* OPENSSL_free existing name if dynamic */ - if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) OPENSSL_free(trtmp->name); + /* free existing name if dynamic */ + if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) free(trtmp->name); /* dup supplied name */ if(!(trtmp->name = BUF_strdup(name))) { X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); @@ -213,8 +213,8 @@ static void trtable_free(X509_TRUST *p) if (p->flags & X509_TRUST_DYNAMIC) { if (p->flags & X509_TRUST_DYNAMIC_NAME) - OPENSSL_free(p->name); - OPENSSL_free(p); + free(p->name); + free(p); } } diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c index a82c2872e0d..077bfd8f2d6 100644 --- a/lib/libcrypto/x509/x509_vfy.c +++ b/lib/libcrypto/x509/x509_vfy.c @@ -1986,7 +1986,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, X509_STORE_CTX *X509_STORE_CTX_new(void) { X509_STORE_CTX *ctx; - ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX)); + ctx = (X509_STORE_CTX *)malloc(sizeof(X509_STORE_CTX)); if (!ctx) { X509err(X509_F_X509_STORE_CTX_NEW,ERR_R_MALLOC_FAILURE); @@ -1999,7 +1999,7 @@ X509_STORE_CTX *X509_STORE_CTX_new(void) void X509_STORE_CTX_free(X509_STORE_CTX *ctx) { X509_STORE_CTX_cleanup(ctx); - OPENSSL_free(ctx); + free(ctx); } int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, @@ -2122,7 +2122,7 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, if(!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data))) { - OPENSSL_free(ctx); + free(ctx); X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); return 0; } diff --git a/lib/libcrypto/x509/x509_vpm.c b/lib/libcrypto/x509/x509_vpm.c index e9db6d62a74..5e3eba4029b 100644 --- a/lib/libcrypto/x509/x509_vpm.c +++ b/lib/libcrypto/x509/x509_vpm.c @@ -1,5 +1,5 @@ /* x509_vpm.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ /* ==================================================================== @@ -74,7 +74,8 @@ static void x509_verify_param_zero(X509_VERIFY_PARAM *param) param->name = NULL; param->purpose = 0; param->trust = 0; - param->inh_flags = X509_VP_FLAG_DEFAULT; + /*param->inh_flags = X509_VP_FLAG_DEFAULT;*/ + param->inh_flags = 0; param->flags = 0; param->depth = -1; if (param->policies) @@ -87,7 +88,7 @@ static void x509_verify_param_zero(X509_VERIFY_PARAM *param) X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void) { X509_VERIFY_PARAM *param; - param = OPENSSL_malloc(sizeof(X509_VERIFY_PARAM)); + param = malloc(sizeof(X509_VERIFY_PARAM)); memset(param, 0, sizeof(X509_VERIFY_PARAM)); x509_verify_param_zero(param); return param; @@ -96,7 +97,7 @@ X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void) void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param) { x509_verify_param_zero(param); - OPENSSL_free(param); + free(param); } /* This function determines how parameters are "inherited" from one structure @@ -198,14 +199,18 @@ int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest, int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, const X509_VERIFY_PARAM *from) { + unsigned long save_flags = to->inh_flags; + int ret; to->inh_flags |= X509_VP_FLAG_DEFAULT; - return X509_VERIFY_PARAM_inherit(to, from); + ret = X509_VERIFY_PARAM_inherit(to, from); + to->inh_flags = save_flags; + return ret; } int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name) { if (param->name) - OPENSSL_free(param->name); + free(param->name); param->name = BUF_strdup(name); if (param->name) return 1; @@ -320,11 +325,21 @@ static const X509_VERIFY_PARAM default_table[] = { 0, /* flags */ 0, /* purpose */ 0, /* trust */ - 9, /* depth */ + 100, /* depth */ NULL /* policies */ }, { - "pkcs7", /* SSL/TLS client parameters */ + "pkcs7", /* S/MIME sign parameters */ + 0, /* Check time */ + 0, /* internal flags */ + 0, /* flags */ + X509_PURPOSE_SMIME_SIGN, /* purpose */ + X509_TRUST_EMAIL, /* trust */ + -1, /* depth */ + NULL /* policies */ + }, + { + "smime_sign", /* S/MIME sign parameters */ 0, /* Check time */ 0, /* internal flags */ 0, /* flags */ @@ -356,12 +371,17 @@ static const X509_VERIFY_PARAM default_table[] = { static STACK_OF(X509_VERIFY_PARAM) *param_table = NULL; -static int table_cmp(const void *pa, const void *pb) +static int table_cmp(const X509_VERIFY_PARAM *a, const X509_VERIFY_PARAM *b) + { - const X509_VERIFY_PARAM *a = pa, *b = pb; return strcmp(a->name, b->name); } +DECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, + table); +IMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, + table); + static int param_cmp(const X509_VERIFY_PARAM * const *a, const X509_VERIFY_PARAM * const *b) { @@ -397,6 +417,7 @@ const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name) { int idx; X509_VERIFY_PARAM pm; + pm.name = (char *)name; if (param_table) { @@ -404,11 +425,8 @@ const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name) if (idx != -1) return sk_X509_VERIFY_PARAM_value(param_table, idx); } - return (const X509_VERIFY_PARAM *) OBJ_bsearch((char *)&pm, - (char *)&default_table, - sizeof(default_table)/sizeof(X509_VERIFY_PARAM), - sizeof(X509_VERIFY_PARAM), - table_cmp); + return OBJ_bsearch_table(&pm, default_table, + sizeof(default_table)/sizeof(X509_VERIFY_PARAM)); } void X509_VERIFY_PARAM_table_cleanup(void) diff --git a/lib/libcrypto/x509/x509spki.c b/lib/libcrypto/x509/x509spki.c index 02a203d72c6..28bc12e1a28 100644 --- a/lib/libcrypto/x509/x509spki.c +++ b/lib/libcrypto/x509/x509spki.c @@ -82,7 +82,7 @@ NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) int spki_len; NETSCAPE_SPKI *spki; if(len <= 0) len = strlen(str); - if (!(spki_der = OPENSSL_malloc(len + 1))) { + if (!(spki_der = malloc(len + 1))) { X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE); return NULL; } @@ -90,12 +90,12 @@ NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) if(spki_len < 0) { X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, X509_R_BASE64_DECODE_ERROR); - OPENSSL_free(spki_der); + free(spki_der); return NULL; } p = spki_der; spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len); - OPENSSL_free(spki_der); + free(spki_der); return spki; } @@ -107,8 +107,8 @@ char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) char *b64_str; int der_len; der_len = i2d_NETSCAPE_SPKI(spki, NULL); - der_spki = OPENSSL_malloc(der_len); - b64_str = OPENSSL_malloc(der_len * 2); + der_spki = malloc(der_len); + b64_str = malloc(der_len * 2); if(!der_spki || !b64_str) { X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE); return NULL; @@ -116,6 +116,6 @@ char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) p = der_spki; i2d_NETSCAPE_SPKI(spki, &p); EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len); - OPENSSL_free(der_spki); + free(der_spki); return b64_str; } diff --git a/lib/libcrypto/x509v3/pcy_cache.c b/lib/libcrypto/x509v3/pcy_cache.c index c18beb89f58..24c79b4a804 100644 --- a/lib/libcrypto/x509v3/pcy_cache.c +++ b/lib/libcrypto/x509v3/pcy_cache.c @@ -1,5 +1,5 @@ /* pcy_cache.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ /* ==================================================================== @@ -134,12 +134,11 @@ static int policy_cache_new(X509 *x) CERTIFICATEPOLICIES *ext_cpols = NULL; POLICY_MAPPINGS *ext_pmaps = NULL; int i; - cache = OPENSSL_malloc(sizeof(X509_POLICY_CACHE)); + cache = malloc(sizeof(X509_POLICY_CACHE)); if (!cache) return 0; cache->anyPolicy = NULL; cache->data = NULL; - cache->maps = NULL; cache->any_skip = -1; cache->explicit_skip = -1; cache->map_skip = -1; @@ -241,7 +240,7 @@ void policy_cache_free(X509_POLICY_CACHE *cache) policy_data_free(cache->anyPolicy); if (cache->data) sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free); - OPENSSL_free(cache); + free(cache); } const X509_POLICY_CACHE *policy_cache_set(X509 *x) diff --git a/lib/libcrypto/x509v3/pcy_data.c b/lib/libcrypto/x509v3/pcy_data.c index 3444b031950..7c80915f5be 100644 --- a/lib/libcrypto/x509v3/pcy_data.c +++ b/lib/libcrypto/x509v3/pcy_data.c @@ -72,7 +72,7 @@ void policy_data_free(X509_POLICY_DATA *data) sk_POLICYQUALINFO_pop_free(data->qualifier_set, POLICYQUALINFO_free); sk_ASN1_OBJECT_pop_free(data->expected_policy_set, ASN1_OBJECT_free); - OPENSSL_free(data); + free(data); } /* Create a data based on an existing policy. If 'id' is NULL use the @@ -97,13 +97,13 @@ X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, } else id = NULL; - ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA)); + ret = malloc(sizeof(X509_POLICY_DATA)); if (!ret) return NULL; ret->expected_policy_set = sk_ASN1_OBJECT_new_null(); if (!ret->expected_policy_set) { - OPENSSL_free(ret); + free(ret); if (id) ASN1_OBJECT_free(id); return NULL; diff --git a/lib/libcrypto/x509v3/pcy_node.c b/lib/libcrypto/x509v3/pcy_node.c index dcc1554e299..8c2124a7f6a 100644 --- a/lib/libcrypto/x509v3/pcy_node.c +++ b/lib/libcrypto/x509v3/pcy_node.c @@ -1,5 +1,5 @@ /* pcy_node.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL +/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2004. */ /* ==================================================================== @@ -92,18 +92,30 @@ X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *nodes, } X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level, + const X509_POLICY_NODE *parent, const ASN1_OBJECT *id) { - return tree_find_sk(level->nodes, id); + X509_POLICY_NODE *node; + int i; + for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) + { + node = sk_X509_POLICY_NODE_value(level->nodes, i); + if (node->parent == parent) + { + if (!OBJ_cmp(node->data->valid_policy, id)) + return node; + } + } + return NULL; } X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level, - X509_POLICY_DATA *data, + const X509_POLICY_DATA *data, X509_POLICY_NODE *parent, X509_POLICY_TREE *tree) { X509_POLICY_NODE *node; - node = OPENSSL_malloc(sizeof(X509_POLICY_NODE)); + node = malloc(sizeof(X509_POLICY_NODE)); if (!node) return NULL; node->data = data; @@ -152,7 +164,34 @@ X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level, void policy_node_free(X509_POLICY_NODE *node) { - OPENSSL_free(node); + free(node); } +/* See if a policy node matches a policy OID. If mapping enabled look through + * expected policy set otherwise just valid policy. + */ + +int policy_node_match(const X509_POLICY_LEVEL *lvl, + const X509_POLICY_NODE *node, const ASN1_OBJECT *oid) + { + int i; + ASN1_OBJECT *policy_oid; + const X509_POLICY_DATA *x = node->data; + + if ( (lvl->flags & X509_V_FLAG_INHIBIT_MAP) + || !(x->flags & POLICY_DATA_FLAG_MAP_MASK)) + { + if (!OBJ_cmp(x->valid_policy, oid)) + return 1; + return 0; + } + + for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++) + { + policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i); + if (!OBJ_cmp(policy_oid, oid)) + return 1; + } + return 0; + } diff --git a/lib/libcrypto/x509v3/pcy_tree.c b/lib/libcrypto/x509v3/pcy_tree.c index bb9777348f8..c4239b1fd9c 100644 --- a/lib/libcrypto/x509v3/pcy_tree.c +++ b/lib/libcrypto/x509v3/pcy_tree.c @@ -219,13 +219,13 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, /* If we get this far initialize the tree */ - tree = OPENSSL_malloc(sizeof(X509_POLICY_TREE)); + tree = malloc(sizeof(X509_POLICY_TREE)); if (!tree) return 0; tree->flags = 0; - tree->levels = OPENSSL_malloc(sizeof(X509_POLICY_LEVEL) * n); + tree->levels = malloc(sizeof(X509_POLICY_LEVEL) * n); tree->nlevel = 0; tree->extra_data = NULL; tree->auth_policies = NULL; @@ -233,7 +233,7 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, if (!tree->levels) { - OPENSSL_free(tree); + free(tree); return 0; } @@ -516,7 +516,7 @@ static int tree_prune(X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr) if (node->data->flags & POLICY_DATA_FLAG_MAP_MASK) { node->parent->nchild--; - OPENSSL_free(node); + free(node); (void)sk_X509_POLICY_NODE_delete(nodes,i); } } @@ -531,7 +531,7 @@ static int tree_prune(X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr) if (node->nchild == 0) { node->parent->nchild--; - OPENSSL_free(node); + free(node); (void)sk_X509_POLICY_NODE_delete(nodes, i); } } @@ -539,7 +539,7 @@ static int tree_prune(X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr) { if (curr->anyPolicy->parent) curr->anyPolicy->parent->nchild--; - OPENSSL_free(curr->anyPolicy); + free(curr->anyPolicy); curr->anyPolicy = NULL; } if (curr == tree->levels) @@ -721,7 +721,7 @@ static int tree_evaluate(X509_POLICY_TREE *tree) static void exnode_free(X509_POLICY_NODE *node) { if (node->data && (node->data->flags & POLICY_DATA_FLAG_EXTRA_NODE)) - OPENSSL_free(node); + free(node); } @@ -751,8 +751,8 @@ void X509_policy_tree_free(X509_POLICY_TREE *tree) sk_X509_POLICY_DATA_pop_free(tree->extra_data, policy_data_free); - OPENSSL_free(tree->levels); - OPENSSL_free(tree); + free(tree->levels); + free(tree); } diff --git a/lib/libcrypto/x509v3/v3_addr.c b/lib/libcrypto/x509v3/v3_addr.c index df46a4983be..179f08d2222 100644 --- a/lib/libcrypto/x509v3/v3_addr.c +++ b/lib/libcrypto/x509v3/v3_addr.c @@ -1013,7 +1013,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, X509V3_conf_err(val); goto err; } - OPENSSL_free(s); + free(s); s = NULL; continue; } @@ -1077,7 +1077,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, goto err; } - OPENSSL_free(s); + free(s); s = NULL; } @@ -1089,7 +1089,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, return addr; err: - OPENSSL_free(s); + free(s); sk_IPAddressFamily_pop_free(addr, IPAddressFamily_free); return NULL; } diff --git a/lib/libcrypto/x509v3/v3_akey.c b/lib/libcrypto/x509v3/v3_akey.c index c6b68ee2211..04e1fb95442 100644 --- a/lib/libcrypto/x509v3/v3_akey.c +++ b/lib/libcrypto/x509v3/v3_akey.c @@ -87,7 +87,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, if(akeyid->keyid) { tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length); X509V3_add_value("keyid", tmp, &extlist); - OPENSSL_free(tmp); + free(tmp); } if(akeyid->issuer) extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist); @@ -95,7 +95,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, tmp = hex_to_string(akeyid->serial->data, akeyid->serial->length); X509V3_add_value("serial", tmp, &extlist); - OPENSSL_free(tmp); + free(tmp); } return extlist; } diff --git a/lib/libcrypto/x509v3/v3_alt.c b/lib/libcrypto/x509v3/v3_alt.c index 8de5dd041b7..636677df94a 100644 --- a/lib/libcrypto/x509v3/v3_alt.c +++ b/lib/libcrypto/x509v3/v3_alt.c @@ -578,11 +578,11 @@ static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx) if (!(gen->d.otherName->value = ASN1_generate_v3(p + 1, ctx))) return 0; objlen = p - value; - objtmp = OPENSSL_malloc(objlen + 1); + objtmp = malloc(objlen + 1); if (objtmp) { strlcpy(objtmp, value, objlen + 1); gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0); - OPENSSL_free(objtmp); + free(objtmp); } else gen->d.otherName->type_id = NULL; if (!gen->d.otherName->type_id) diff --git a/lib/libcrypto/x509v3/v3_asid.c b/lib/libcrypto/x509v3/v3_asid.c index 1587e8ed726..325c8e04064 100644 --- a/lib/libcrypto/x509v3/v3_asid.c +++ b/lib/libcrypto/x509v3/v3_asid.c @@ -125,17 +125,17 @@ static int i2r_ASIdentifierChoice(BIO *out, if ((s = i2s_ASN1_INTEGER(NULL, aor->u.id)) == NULL) return 0; BIO_printf(out, "%*s%s\n", indent + 2, "", s); - OPENSSL_free(s); + free(s); break; case ASIdOrRange_range: if ((s = i2s_ASN1_INTEGER(NULL, aor->u.range->min)) == NULL) return 0; BIO_printf(out, "%*s%s-", indent + 2, "", s); - OPENSSL_free(s); + free(s); if ((s = i2s_ASN1_INTEGER(NULL, aor->u.range->max)) == NULL) return 0; BIO_printf(out, "%s\n", s); - OPENSSL_free(s); + free(s); break; default: return 0; @@ -471,7 +471,7 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) ASRange *r; switch (a->type) { case ASIdOrRange_id: - if ((r = OPENSSL_malloc(sizeof(ASRange))) == NULL) { + if ((r = malloc(sizeof(ASRange))) == NULL) { X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE, ERR_R_MALLOC_FAILURE); goto done; @@ -620,7 +620,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method, s[i1] = '\0'; min = s2i_ASN1_INTEGER(NULL, s); max = s2i_ASN1_INTEGER(NULL, s + i2); - OPENSSL_free(s); + free(s); if (min == NULL || max == NULL) { X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE); goto err; diff --git a/lib/libcrypto/x509v3/v3_conf.c b/lib/libcrypto/x509v3/v3_conf.c index 6730f9a6ee9..519aefc93cf 100644 --- a/lib/libcrypto/x509v3/v3_conf.c +++ b/lib/libcrypto/x509v3/v3_conf.c @@ -190,7 +190,7 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid, { unsigned char *p; ext_len = method->i2d(ext_struc, NULL); - if(!(ext_der = OPENSSL_malloc(ext_len))) goto merr; + if(!(ext_der = malloc(ext_len))) goto merr; p = ext_der; method->i2d(ext_struc, &p); } @@ -300,7 +300,7 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, err: ASN1_OBJECT_free(obj); M_ASN1_OCTET_STRING_free(oct); - if(ext_der) OPENSSL_free(ext_der); + if(ext_der) free(ext_der); return extension; } diff --git a/lib/libcrypto/x509v3/v3_cpols.c b/lib/libcrypto/x509v3/v3_cpols.c index 1f0798b9468..1a337fa07e9 100644 --- a/lib/libcrypto/x509v3/v3_cpols.c +++ b/lib/libcrypto/x509v3/v3_cpols.c @@ -426,7 +426,7 @@ static void print_notice(BIO *out, USERNOTICE *notice, int indent) if(i) BIO_puts(out, ", "); tmp = i2s_ASN1_INTEGER(NULL, num); BIO_puts(out, tmp); - OPENSSL_free(tmp); + free(tmp); } BIO_puts(out, "\n"); } diff --git a/lib/libcrypto/x509v3/v3_ia5.c b/lib/libcrypto/x509v3/v3_ia5.c index ab1c5188b8f..98789b36e97 100644 --- a/lib/libcrypto/x509v3/v3_ia5.c +++ b/lib/libcrypto/x509v3/v3_ia5.c @@ -82,7 +82,7 @@ static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, { char *tmp; if(!ia5 || !ia5->length) return NULL; - if(!(tmp = OPENSSL_malloc(ia5->length + 1))) { + if(!(tmp = malloc(ia5->length + 1))) { X509V3err(X509V3_F_I2S_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE); return NULL; } diff --git a/lib/libcrypto/x509v3/v3_info.c b/lib/libcrypto/x509v3/v3_info.c index 44bc3e11051..2b290ca00c8 100644 --- a/lib/libcrypto/x509v3/v3_info.c +++ b/lib/libcrypto/x509v3/v3_info.c @@ -115,7 +115,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method vtmp = sk_CONF_VALUE_value(ret, i); i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method); nlen = strlen(objtmp) + strlen(vtmp->name) + 5; - ntmp = OPENSSL_malloc(nlen); + ntmp = malloc(nlen); if(!ntmp) { X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE); @@ -124,7 +124,7 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method BUF_strlcpy(ntmp, objtmp, nlen); BUF_strlcat(ntmp, " - ", nlen); BUF_strlcat(ntmp, vtmp->name, nlen); - OPENSSL_free(vtmp->name); + free(vtmp->name); vtmp->name = ntmp; } @@ -161,7 +161,7 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho ctmp.value = cnf->value; if(!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) goto err; - if(!(objtmp = OPENSSL_malloc(objlen + 1))) { + if(!(objtmp = malloc(objlen + 1))) { X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,ERR_R_MALLOC_FAILURE); goto err; } @@ -170,10 +170,10 @@ static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *metho if(!acc->method) { X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,X509V3_R_BAD_OBJECT); ERR_add_error_data(2, "value=", objtmp); - OPENSSL_free(objtmp); + free(objtmp); goto err; } - OPENSSL_free(objtmp); + free(objtmp); } return ainfo; diff --git a/lib/libcrypto/x509v3/v3_lib.c b/lib/libcrypto/x509v3/v3_lib.c index 0f1e1d4422b..0613ea7f221 100644 --- a/lib/libcrypto/x509v3/v3_lib.c +++ b/lib/libcrypto/x509v3/v3_lib.c @@ -133,7 +133,7 @@ int X509V3_EXT_add_alias(int nid_to, int nid_from) X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND); return 0; } - if(!(tmpext = (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) { + if(!(tmpext = (X509V3_EXT_METHOD *)malloc(sizeof(X509V3_EXT_METHOD)))) { X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE); return 0; } @@ -151,7 +151,7 @@ void X509V3_EXT_cleanup(void) static void ext_list_free(X509V3_EXT_METHOD *ext) { - if(ext->ext_flags & X509V3_EXT_DYNAMIC) OPENSSL_free(ext); + if(ext->ext_flags & X509V3_EXT_DYNAMIC) free(ext); } /* Legacy function: we don't need to add standard extensions diff --git a/lib/libcrypto/x509v3/v3_pci.c b/lib/libcrypto/x509v3/v3_pci.c index b32d968619a..9cef94258c2 100644 --- a/lib/libcrypto/x509v3/v3_pci.c +++ b/lib/libcrypto/x509v3/v3_pci.c @@ -44,7 +44,7 @@ static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext, static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); -X509V3_EXT_METHOD v3_pci = +const X509V3_EXT_METHOD v3_pci = { NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION), 0,0,0,0, 0,0, @@ -82,13 +82,13 @@ static int process_pci_value(CONF_VALUE *val, { if (*language) { - X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_LANGUAGE_ALREADTY_DEFINED); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED); X509V3_conf_err(val); return 0; } if (!(*language = OBJ_txt2obj(val->value, 0))) { - X509V3err(X509V3_F_R2I_PCI,X509V3_R_INVALID_OBJECT_IDENTIFIER); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); return 0; } @@ -97,13 +97,13 @@ static int process_pci_value(CONF_VALUE *val, { if (*pathlen) { - X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH_ALREADTY_DEFINED); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED); X509V3_conf_err(val); return 0; } if (!X509V3_get_value_int(val, pathlen)) { - X509V3err(X509V3_F_R2I_PCI,X509V3_R_POLICY_PATH_LENGTH); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH); X509V3_conf_err(val); return 0; } @@ -117,7 +117,7 @@ static int process_pci_value(CONF_VALUE *val, *policy = ASN1_OCTET_STRING_new(); if (!*policy) { - X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); return 0; } @@ -128,9 +128,14 @@ static int process_pci_value(CONF_VALUE *val, unsigned char *tmp_data2 = string_to_hex(val->value + 4, &val_len); - if (!tmp_data2) goto err; + if (!tmp_data2) + { + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_ILLEGAL_HEX_DIGIT); + X509V3_conf_err(val); + goto err; + } - tmp_data = OPENSSL_realloc((*policy)->data, + tmp_data = realloc((*policy)->data, (*policy)->length + val_len + 1); if (tmp_data) { @@ -140,6 +145,17 @@ static int process_pci_value(CONF_VALUE *val, (*policy)->length += val_len; (*policy)->data[(*policy)->length] = '\0'; } + else + { + free(tmp_data2); + /* realloc failure implies the original data space is b0rked too! */ + (*policy)->data = NULL; + (*policy)->length = 0; + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); + X509V3_conf_err(val); + goto err; + } + free(tmp_data2); } else if (strncmp(val->value, "file:", 5) == 0) { @@ -148,7 +164,7 @@ static int process_pci_value(CONF_VALUE *val, BIO *b = BIO_new_file(val->value + 5, "r"); if (!b) { - X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_BIO_LIB); X509V3_conf_err(val); goto err; } @@ -157,7 +173,7 @@ static int process_pci_value(CONF_VALUE *val, { if (!n) continue; - tmp_data = OPENSSL_realloc((*policy)->data, + tmp_data = realloc((*policy)->data, (*policy)->length + n + 1); if (!tmp_data) @@ -169,10 +185,11 @@ static int process_pci_value(CONF_VALUE *val, (*policy)->length += n; (*policy)->data[(*policy)->length] = '\0'; } + BIO_free_all(b); if (n < 0) { - X509V3err(X509V3_F_R2I_PCI,ERR_R_BIO_LIB); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_BIO_LIB); X509V3_conf_err(val); goto err; } @@ -180,7 +197,7 @@ static int process_pci_value(CONF_VALUE *val, else if (strncmp(val->value, "text:", 5) == 0) { val_len = strlen(val->value + 5); - tmp_data = OPENSSL_realloc((*policy)->data, + tmp_data = realloc((*policy)->data, (*policy)->length + val_len + 1); if (tmp_data) { @@ -190,16 +207,25 @@ static int process_pci_value(CONF_VALUE *val, (*policy)->length += val_len; (*policy)->data[(*policy)->length] = '\0'; } + else + { + /* realloc failure implies the original data space is b0rked too! */ + (*policy)->data = NULL; + (*policy)->length = 0; + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); + X509V3_conf_err(val); + goto err; + } } else { - X509V3err(X509V3_F_R2I_PCI,X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_INCORRECT_POLICY_SYNTAX_TAG); X509V3_conf_err(val); goto err; } if (!tmp_data) { - X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE); + X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE); X509V3_conf_err(val); goto err; } @@ -286,12 +312,6 @@ static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE); goto err; } - pci->proxyPolicy = PROXY_POLICY_new(); - if (!pci->proxyPolicy) - { - X509V3err(X509V3_F_R2I_PCI,ERR_R_MALLOC_FAILURE); - goto err; - } pci->proxyPolicy->policyLanguage = language; language = NULL; pci->proxyPolicy->policy = policy; policy = NULL; @@ -301,11 +321,6 @@ err: if (language) { ASN1_OBJECT_free(language); language = NULL; } if (pathlen) { ASN1_INTEGER_free(pathlen); pathlen = NULL; } if (policy) { ASN1_OCTET_STRING_free(policy); policy = NULL; } - if (pci && pci->proxyPolicy) - { - PROXY_POLICY_free(pci->proxyPolicy); - pci->proxyPolicy = NULL; - } if (pci) { PROXY_CERT_INFO_EXTENSION_free(pci); pci = NULL; } end: sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); diff --git a/lib/libcrypto/x509v3/v3_prn.c b/lib/libcrypto/x509v3/v3_prn.c index 2124b447b4f..565937af47e 100644 --- a/lib/libcrypto/x509v3/v3_prn.c +++ b/lib/libcrypto/x509v3/v3_prn.c @@ -126,7 +126,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde err: sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); - if(value) OPENSSL_free(value); + if(value) free(value); if(method->it) ASN1_item_free(ext_str, ASN1_ITEM_ptr(method->it)); else method->ext_free(ext_str); return ok; diff --git a/lib/libcrypto/x509v3/v3_purp.c b/lib/libcrypto/x509v3/v3_purp.c index f59bfc1844c..45d7251c29f 100644 --- a/lib/libcrypto/x509v3/v3_purp.c +++ b/lib/libcrypto/x509v3/v3_purp.c @@ -183,17 +183,17 @@ int X509_PURPOSE_add(int id, int trust, int flags, idx = X509_PURPOSE_get_by_id(id); /* Need a new entry */ if(idx == -1) { - if(!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) { + if(!(ptmp = malloc(sizeof(X509_PURPOSE)))) { X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE); return 0; } ptmp->flags = X509_PURPOSE_DYNAMIC; } else ptmp = X509_PURPOSE_get0(idx); - /* OPENSSL_free existing name if dynamic */ + /* free existing name if dynamic */ if(ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) { - OPENSSL_free(ptmp->name); - OPENSSL_free(ptmp->sname); + free(ptmp->name); + free(ptmp->sname); } /* dup supplied name */ ptmp->name = BUF_strdup(name); @@ -232,10 +232,10 @@ static void xptable_free(X509_PURPOSE *p) if (p->flags & X509_PURPOSE_DYNAMIC) { if (p->flags & X509_PURPOSE_DYNAMIC_NAME) { - OPENSSL_free(p->name); - OPENSSL_free(p->sname); + free(p->name); + free(p->sname); } - OPENSSL_free(p); + free(p); } } diff --git a/lib/libcrypto/x509v3/v3_sxnet.c b/lib/libcrypto/x509v3/v3_sxnet.c index 2a6bf11b650..a2b0322e448 100644 --- a/lib/libcrypto/x509v3/v3_sxnet.c +++ b/lib/libcrypto/x509v3/v3_sxnet.c @@ -114,7 +114,7 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, id = sk_SXNETID_value(sx->ids, i); tmp = i2s_ASN1_INTEGER(NULL, id->zone); BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp); - OPENSSL_free(tmp); + free(tmp); M_ASN1_OCTET_STRING_print(out, id->user); } return 1; diff --git a/lib/libcrypto/x509v3/v3_utl.c b/lib/libcrypto/x509v3/v3_utl.c index c4b6143eff1..d938a175ed6 100644 --- a/lib/libcrypto/x509v3/v3_utl.c +++ b/lib/libcrypto/x509v3/v3_utl.c @@ -85,7 +85,7 @@ int X509V3_add_value(const char *name, const char *value, char *tname = NULL, *tvalue = NULL; if(name && !(tname = BUF_strdup(name))) goto err; if(value && !(tvalue = BUF_strdup(value))) goto err; - if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err; + if(!(vtmp = (CONF_VALUE *)malloc(sizeof(CONF_VALUE)))) goto err; if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err; vtmp->section = NULL; vtmp->name = tname; @@ -94,9 +94,9 @@ int X509V3_add_value(const char *name, const char *value, return 1; err: X509V3err(X509V3_F_X509V3_ADD_VALUE,ERR_R_MALLOC_FAILURE); - if(vtmp) OPENSSL_free(vtmp); - if(tname) OPENSSL_free(tname); - if(tvalue) OPENSSL_free(tvalue); + if(vtmp) free(vtmp); + if(tname) free(tname); + if(tvalue) free(tvalue); return 0; } @@ -111,10 +111,10 @@ int X509V3_add_value_uchar(const char *name, const unsigned char *value, void X509V3_conf_free(CONF_VALUE *conf) { if(!conf) return; - if(conf->name) OPENSSL_free(conf->name); - if(conf->value) OPENSSL_free(conf->value); - if(conf->section) OPENSSL_free(conf->section); - OPENSSL_free(conf); + if(conf->name) free(conf->name); + if(conf->value) free(conf->value); + if(conf->section) free(conf->section); + free(conf); } int X509V3_add_value_bool(const char *name, int asn1_bool, @@ -206,7 +206,7 @@ int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, if(!aint) return 1; if(!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) return 0; ret = X509V3_add_value(name, strtmp, extlist); - OPENSSL_free(strtmp); + free(strtmp); return ret; } @@ -328,11 +328,11 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) } X509V3_add_value(ntmp, NULL, &values); } -OPENSSL_free(linebuf); +free(linebuf); return values; err: -OPENSSL_free(linebuf); +free(linebuf); sk_CONF_VALUE_pop_free(values, X509V3_conf_free); return NULL; @@ -355,7 +355,7 @@ static char *strip_spaces(char *name) /* hex string utilities */ -/* Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its +/* Given a buffer of length 'len' return a malloc'ed string with its * hex representation * @@@ (Contents of buffer are always kept in ASCII, also on EBCDIC machines) */ @@ -367,7 +367,7 @@ char *hex_to_string(const unsigned char *buffer, long len) int i; const static char hexdig[] = "0123456789ABCDEF"; if(!buffer || !len) return NULL; - if(!(tmp = OPENSSL_malloc(len * 3 + 1))) { + if(!(tmp = malloc(len * 3 + 1))) { X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE); return NULL; } @@ -393,14 +393,14 @@ unsigned char *string_to_hex(const char *str, long *len) X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_INVALID_NULL_ARGUMENT); return NULL; } - if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err; + if(!(hexbuf = malloc(strlen(str) >> 1))) goto err; for(p = (unsigned char *)str, q = hexbuf; *p;) { ch = *p++; if(ch == ':') continue; cl = *p++; if(!cl) { X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ODD_NUMBER_OF_DIGITS); - OPENSSL_free(hexbuf); + free(hexbuf); return NULL; } if(isupper(ch)) ch = tolower(ch); @@ -422,12 +422,12 @@ unsigned char *string_to_hex(const char *str, long *len) return hexbuf; err: - if(hexbuf) OPENSSL_free(hexbuf); + if(hexbuf) free(hexbuf); X509V3err(X509V3_F_STRING_TO_HEX,ERR_R_MALLOC_FAILURE); return NULL; badhex: - OPENSSL_free(hexbuf); + free(hexbuf); X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ILLEGAL_HEX_DIGIT); return NULL; @@ -531,7 +531,7 @@ static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens) static void str_free(OPENSSL_STRING str) { - OPENSSL_free(str); + free(str); } static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email) @@ -608,7 +608,7 @@ ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc) iplen2 = a2i_ipadd(ipout + iplen1, p); - OPENSSL_free(iptmp); + free(iptmp); iptmp = NULL; if (!iplen2 || (iplen1 != iplen2)) @@ -624,7 +624,7 @@ ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc) err: if (iptmp) - OPENSSL_free(iptmp); + free(iptmp); if (ret) ASN1_OCTET_STRING_free(ret); return NULL; diff --git a/lib/libssl/bio_ssl.c b/lib/libssl/bio_ssl.c index 65077aaa00d..35463c73d45 100644 --- a/lib/libssl/bio_ssl.c +++ b/lib/libssl/bio_ssl.c @@ -105,7 +105,7 @@ ssl_new(BIO *bi) { BIO_SSL *bs; - bs = (BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL)); + bs = (BIO_SSL *)malloc(sizeof(BIO_SSL)); if (bs == NULL) { BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE); return (0); @@ -134,7 +134,7 @@ ssl_free(BIO *a) a->flags = 0; } if (a->ptr != NULL) - OPENSSL_free(a->ptr); + free(a->ptr); return (1); } diff --git a/lib/libssl/d1_both.c b/lib/libssl/d1_both.c index 731245c6a6c..2f7dc283a03 100644 --- a/lib/libssl/d1_both.c +++ b/lib/libssl/d1_both.c @@ -179,14 +179,14 @@ dtls1_hm_fragment_new(unsigned long frag_len, int reassembly) unsigned char *buf = NULL; unsigned char *bitmask = NULL; - frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment)); + frag = (hm_fragment *)malloc(sizeof(hm_fragment)); if (frag == NULL) return NULL; if (frag_len) { - buf = (unsigned char *)OPENSSL_malloc(frag_len); + buf = (unsigned char *)malloc(frag_len); if (buf == NULL) { - OPENSSL_free(frag); + free(frag); return NULL; } } @@ -196,11 +196,11 @@ dtls1_hm_fragment_new(unsigned long frag_len, int reassembly) /* Initialize reassembly bitmask if necessary */ if (reassembly) { - bitmask = (unsigned char *)OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len)); + bitmask = (unsigned char *)malloc(RSMBLY_BITMASK_SIZE(frag_len)); if (bitmask == NULL) { if (buf != NULL) - OPENSSL_free(buf); - OPENSSL_free(frag); + free(buf); + free(frag); return NULL; } memset(bitmask, 0, RSMBLY_BITMASK_SIZE(frag_len)); @@ -220,10 +220,10 @@ dtls1_hm_fragment_free(hm_fragment *frag) EVP_MD_CTX_destroy(frag->msg_header.saved_retransmit_state.write_hash); } if (frag->fragment) - OPENSSL_free(frag->fragment); + free(frag->fragment); if (frag->reassembly) - OPENSSL_free(frag->reassembly); - OPENSSL_free(frag); + free(frag->reassembly); + free(frag); } /* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */ @@ -636,7 +636,7 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) { is_complete); if (is_complete) { - OPENSSL_free(frag->reassembly); + free(frag->reassembly); frag->reassembly = NULL; } @@ -660,7 +660,7 @@ err: if (frag != NULL) dtls1_hm_fragment_free(frag); if (item != NULL) - OPENSSL_free(item); + free(item); *ok = 0; return i; } @@ -742,7 +742,7 @@ err: if (frag != NULL) dtls1_hm_fragment_free(frag); if (item != NULL) - OPENSSL_free(item); + free(item); *ok = 0; return i; } diff --git a/lib/libssl/d1_clnt.c b/lib/libssl/d1_clnt.c index 1b7cbaec15d..3f159eed263 100644 --- a/lib/libssl/d1_clnt.c +++ b/lib/libssl/d1_clnt.c @@ -1317,7 +1317,7 @@ dtls1_send_client_key_exchange(SSL *s) NULL, 0, NULL); encodedPoint = (unsigned char *) - OPENSSL_malloc(encoded_pt_len * + malloc(encoded_pt_len * sizeof(unsigned char)); bn_ctx = BN_CTX_new(); @@ -1347,7 +1347,7 @@ dtls1_send_client_key_exchange(SSL *s) /* Free allocated memory */ BN_CTX_free(bn_ctx); if (encodedPoint != NULL) - OPENSSL_free(encodedPoint); + free(encodedPoint); if (clnt_ecdh != NULL) EC_KEY_free(clnt_ecdh); EVP_PKEY_free(srvr_pub_pkey); @@ -1393,7 +1393,7 @@ dtls1_send_client_key_exchange(SSL *s) s2n(psk_len, t); if (s->session->psk_identity_hint != NULL) - OPENSSL_free(s->session->psk_identity_hint); + free(s->session->psk_identity_hint); s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint); if (s->ctx->psk_identity_hint != NULL && s->session->psk_identity_hint == NULL) { @@ -1403,7 +1403,7 @@ dtls1_send_client_key_exchange(SSL *s) } if (s->session->psk_identity != NULL) - OPENSSL_free(s->session->psk_identity); + free(s->session->psk_identity); s->session->psk_identity = BUF_strdup(identity); if (s->session->psk_identity == NULL) { SSLerr(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE, @@ -1460,7 +1460,7 @@ err: #ifndef OPENSSL_NO_ECDH BN_CTX_free(bn_ctx); if (encodedPoint != NULL) - OPENSSL_free(encodedPoint); + free(encodedPoint); if (clnt_ecdh != NULL) EC_KEY_free(clnt_ecdh); EVP_PKEY_free(srvr_pub_pkey); diff --git a/lib/libssl/d1_lib.c b/lib/libssl/d1_lib.c index 73c44c807a9..7da57b0a36e 100644 --- a/lib/libssl/d1_lib.c +++ b/lib/libssl/d1_lib.c @@ -100,7 +100,7 @@ dtls1_new(SSL *s) if (!ssl3_new(s)) return (0); - if ((d1 = OPENSSL_malloc(sizeof *d1)) == NULL) return (0); + if ((d1 = malloc(sizeof *d1)) == NULL) return (0); memset(d1, 0, sizeof *d1); /* d1->handshake_epoch=0; */ @@ -128,7 +128,7 @@ dtls1_new(SSL *s) pqueue_free(d1->sent_messages); if (d1->buffered_app_data.q) pqueue_free(d1->buffered_app_data.q); - OPENSSL_free(d1); + free(d1); return (0); } @@ -147,39 +147,39 @@ dtls1_clear_queues(SSL *s) while ((item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL) { rdata = (DTLS1_RECORD_DATA *) item->data; if (rdata->rbuf.buf) { - OPENSSL_free(rdata->rbuf.buf); + free(rdata->rbuf.buf); } - OPENSSL_free(item->data); + free(item->data); pitem_free(item); } while ((item = pqueue_pop(s->d1->processed_rcds.q)) != NULL) { rdata = (DTLS1_RECORD_DATA *) item->data; if (rdata->rbuf.buf) { - OPENSSL_free(rdata->rbuf.buf); + free(rdata->rbuf.buf); } - OPENSSL_free(item->data); + free(item->data); pitem_free(item); } while ((item = pqueue_pop(s->d1->buffered_messages)) != NULL) { frag = (hm_fragment *)item->data; - OPENSSL_free(frag->fragment); - OPENSSL_free(frag); + free(frag->fragment); + free(frag); pitem_free(item); } while ((item = pqueue_pop(s->d1->sent_messages)) != NULL) { frag = (hm_fragment *)item->data; - OPENSSL_free(frag->fragment); - OPENSSL_free(frag); + free(frag->fragment); + free(frag); pitem_free(item); } while ((item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL) { frag = (hm_fragment *)item->data; - OPENSSL_free(frag->fragment); - OPENSSL_free(frag); + free(frag->fragment); + free(frag); pitem_free(item); } } @@ -197,7 +197,7 @@ dtls1_free(SSL *s) pqueue_free(s->d1->sent_messages); pqueue_free(s->d1->buffered_app_data.q); - OPENSSL_free(s->d1); + free(s->d1); s->d1 = NULL; } diff --git a/lib/libssl/d1_pkt.c b/lib/libssl/d1_pkt.c index cb5f2c3199c..69f3d457347 100644 --- a/lib/libssl/d1_pkt.c +++ b/lib/libssl/d1_pkt.c @@ -200,7 +200,7 @@ dtls1_copy_record(SSL *s, pitem *item) rdata = (DTLS1_RECORD_DATA *)item->data; if (s->s3->rbuf.buf != NULL) - OPENSSL_free(s->s3->rbuf.buf); + free(s->s3->rbuf.buf); s->packet = rdata->packet; s->packet_length = rdata->packet_length; @@ -224,11 +224,11 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) if (pqueue_size(queue->q) >= 100) return 0; - rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA)); + rdata = malloc(sizeof(DTLS1_RECORD_DATA)); item = pitem_new(priority, rdata); if (rdata == NULL || item == NULL) { if (rdata != NULL) - OPENSSL_free(rdata); + free(rdata); if (item != NULL) pitem_free(item); @@ -253,7 +253,7 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) /* insert should not fail, since duplicates are dropped */ if (pqueue_insert(queue->q, item) == NULL) { - OPENSSL_free(rdata); + free(rdata); pitem_free(item); return (0); } @@ -265,7 +265,7 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) if (!ssl3_setup_buffers(s)) { SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR); - OPENSSL_free(rdata); + free(rdata); pitem_free(item); return (0); } @@ -283,7 +283,7 @@ dtls1_retrieve_buffered_record(SSL *s, record_pqueue *queue) if (item) { dtls1_copy_record(s, item); - OPENSSL_free(item->data); + free(item->data); pitem_free(item); return (1); @@ -360,14 +360,14 @@ dtls1_get_buffered_record(SSL *s) rdata = (DTLS1_RECORD_DATA *)item->data; if (s->s3->rbuf.buf != NULL) - OPENSSL_free(s->s3->rbuf.buf); + free(s->s3->rbuf.buf); s->packet = rdata->packet; s->packet_length = rdata->packet_length; memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER)); memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD)); - OPENSSL_free(item->data); + free(item->data); pitem_free(item); /* s->d1->next_expected_seq_num++; */ @@ -810,7 +810,7 @@ start: dtls1_copy_record(s, item); - OPENSSL_free(item->data); + free(item->data); pitem_free(item); } } diff --git a/lib/libssl/d1_srvr.c b/lib/libssl/d1_srvr.c index 6040dd96ca8..9b87dcd0676 100644 --- a/lib/libssl/d1_srvr.c +++ b/lib/libssl/d1_srvr.c @@ -1188,7 +1188,7 @@ dtls1_send_server_key_exchange(SSL *s) NULL, 0, NULL); encodedPoint = (unsigned char *) - OPENSSL_malloc(encodedlen*sizeof(unsigned char)); + malloc(encodedlen*sizeof(unsigned char)); bn_ctx = BN_CTX_new(); if ((encodedPoint == NULL) || (bn_ctx == NULL)) { @@ -1289,7 +1289,7 @@ dtls1_send_server_key_exchange(SSL *s) memcpy((unsigned char*)p, (unsigned char *)encodedPoint, encodedlen); - OPENSSL_free(encodedPoint); + free(encodedPoint); p += encodedlen; } #endif @@ -1398,7 +1398,7 @@ f_err: err: #ifndef OPENSSL_NO_ECDH if (encodedPoint != NULL) - OPENSSL_free(encodedPoint); + free(encodedPoint); BN_CTX_free(bn_ctx); #endif EVP_MD_CTX_cleanup(&md_ctx); @@ -1564,7 +1564,7 @@ dtls1_send_newsession_ticket(SSL *s) DTLS1_HM_HEADER_LENGTH + 22 + EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen)) return -1; - senc = OPENSSL_malloc(slen); + senc = malloc(slen); if (!senc) return -1; p = senc; @@ -1580,7 +1580,7 @@ dtls1_send_newsession_ticket(SSL *s) if (tctx->tlsext_ticket_key_cb) { if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx, &hctx, 1) < 0) { - OPENSSL_free(senc); + free(senc); return -1; } } else { @@ -1624,7 +1624,7 @@ dtls1_send_newsession_ticket(SSL *s) s->init_num = len; s->state = SSL3_ST_SW_SESSION_TICKET_B; s->init_off = 0; - OPENSSL_free(senc); + free(senc); /* XDTLS: set message header ? */ msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH; diff --git a/lib/libssl/s23_srvr.c b/lib/libssl/s23_srvr.c index 35651183b77..8010d72fa72 100644 --- a/lib/libssl/s23_srvr.c +++ b/lib/libssl/s23_srvr.c @@ -533,10 +533,10 @@ ssl23_get_client_hello(SSL *s) s->init_num = 0; if (buf != buf_space) - OPENSSL_free(buf); + free(buf); return (SSL_accept(s)); err: if (buf != buf_space) - OPENSSL_free(buf); + free(buf); return (-1); } diff --git a/lib/libssl/s3_both.c b/lib/libssl/s3_both.c index 5642e6c175a..12b38c4596a 100644 --- a/lib/libssl/s3_both.c +++ b/lib/libssl/s3_both.c @@ -650,7 +650,7 @@ ssl3_setup_read_buffer(SSL *s) if (!(s->options & SSL_OP_NO_COMPRESSION)) len += SSL3_RT_MAX_COMPRESSED_OVERHEAD; #endif - if ((p = OPENSSL_malloc(len)) == NULL) + if ((p = malloc(len)) == NULL) goto err; s->s3->rbuf.buf = p; s->s3->rbuf.len = len; @@ -690,7 +690,7 @@ ssl3_setup_write_buffer(SSL *s) len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD; - if ((p = OPENSSL_malloc(len)) == NULL) + if ((p = malloc(len)) == NULL) goto err; s->s3->wbuf.buf = p; s->s3->wbuf.len = len; @@ -718,7 +718,7 @@ int ssl3_release_write_buffer(SSL *s) { if (s->s3->wbuf.buf != NULL) { - OPENSSL_free(s->s3->wbuf.buf); + free(s->s3->wbuf.buf); s->s3->wbuf.buf = NULL; } return 1; @@ -728,7 +728,7 @@ int ssl3_release_read_buffer(SSL *s) { if (s->s3->rbuf.buf != NULL) { - OPENSSL_free(s->s3->rbuf.buf); + free(s->s3->rbuf.buf); s->s3->rbuf.buf = NULL; } return 1; diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c index 88be294ab78..26bdef6b4fc 100644 --- a/lib/libssl/s3_clnt.c +++ b/lib/libssl/s3_clnt.c @@ -1222,7 +1222,7 @@ ssl3_get_key_exchange(SSL *s) if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK) { s->session->sess_cert = ssl_sess_cert_new(); if (s->ctx->psk_identity_hint) - OPENSSL_free(s->ctx->psk_identity_hint); + free(s->ctx->psk_identity_hint); s->ctx->psk_identity_hint = NULL; } #endif @@ -1288,7 +1288,7 @@ ssl3_get_key_exchange(SSL *s) memcpy(tmp_id_hint, p, i); memset(tmp_id_hint + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i); if (s->ctx->psk_identity_hint != NULL) - OPENSSL_free(s->ctx->psk_identity_hint); + free(s->ctx->psk_identity_hint); s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint); if (s->ctx->psk_identity_hint == NULL) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); @@ -1913,10 +1913,10 @@ ssl3_get_new_session_ticket(SSL *s) goto f_err; } if (s->session->tlsext_tick) { - OPENSSL_free(s->session->tlsext_tick); + free(s->session->tlsext_tick); s->session->tlsext_ticklen = 0; } - s->session->tlsext_tick = OPENSSL_malloc(ticklen); + s->session->tlsext_tick = malloc(ticklen); if (!s->session->tlsext_tick) { SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE); goto err; @@ -1988,7 +1988,7 @@ ssl3_get_cert_status(SSL *s) goto f_err; } if (s->tlsext_ocsp_resp) - OPENSSL_free(s->tlsext_ocsp_resp); + free(s->tlsext_ocsp_resp); s->tlsext_ocsp_resp = BUF_memdup(p, resplen); if (!s->tlsext_ocsp_resp) { al = SSL_AD_INTERNAL_ERROR; @@ -2449,7 +2449,7 @@ ssl3_send_client_key_exchange(SSL *s) NULL, 0, NULL); encodedPoint = - (unsigned char *)OPENSSL_malloc( + (unsigned char *)malloc( encoded_pt_len * sizeof(unsigned char)); bn_ctx = BN_CTX_new(); @@ -2479,7 +2479,7 @@ ssl3_send_client_key_exchange(SSL *s) /* Free allocated memory */ BN_CTX_free(bn_ctx); if (encodedPoint != NULL) - OPENSSL_free(encodedPoint); + free(encodedPoint); if (clnt_ecdh != NULL) EC_KEY_free(clnt_ecdh); EVP_PKEY_free(srvr_pub_pkey); @@ -2584,7 +2584,7 @@ ssl3_send_client_key_exchange(SSL *s) goto err; } if (s->session->srp_username != NULL) - OPENSSL_free(s->session->srp_username); + free(s->session->srp_username); s->session->srp_username = BUF_strdup(s->srp_ctx.login); if (s->session->srp_username == NULL) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, @@ -2636,7 +2636,7 @@ ssl3_send_client_key_exchange(SSL *s) s2n(psk_len, t); if (s->session->psk_identity_hint != NULL) - OPENSSL_free(s->session->psk_identity_hint); + free(s->session->psk_identity_hint); s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint); if (s->ctx->psk_identity_hint != NULL && s->session->psk_identity_hint == NULL) { @@ -2646,7 +2646,7 @@ ssl3_send_client_key_exchange(SSL *s) } if (s->session->psk_identity != NULL) - OPENSSL_free(s->session->psk_identity); + free(s->session->psk_identity); s->session->psk_identity = BUF_strdup(identity); if (s->session->psk_identity == NULL) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, @@ -2696,7 +2696,7 @@ err: #ifndef OPENSSL_NO_ECDH BN_CTX_free(bn_ctx); if (encodedPoint != NULL) - OPENSSL_free(encodedPoint); + free(encodedPoint); if (clnt_ecdh != NULL) EC_KEY_free(clnt_ecdh); EVP_PKEY_free(srvr_pub_pkey); diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index 68a4b8ca2de..8df07a1e4c7 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -2946,7 +2946,7 @@ ssl3_new(SSL *s) { SSL3_STATE *s3; - if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL) goto err; + if ((s3 = malloc(sizeof *s3)) == NULL) goto err; memset(s3, 0, sizeof *s3); memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); @@ -2970,9 +2970,9 @@ ssl3_free(SSL *s) #ifdef TLSEXT_TYPE_opaque_prf_input if (s->s3->client_opaque_prf_input != NULL) - OPENSSL_free(s->s3->client_opaque_prf_input); + free(s->s3->client_opaque_prf_input); if (s->s3->server_opaque_prf_input != NULL) - OPENSSL_free(s->s3->server_opaque_prf_input); + free(s->s3->server_opaque_prf_input); #endif ssl3_cleanup_key_block(s); @@ -2981,7 +2981,7 @@ ssl3_free(SSL *s) if (s->s3->wbuf.buf != NULL) ssl3_release_write_buffer(s); if (s->s3->rrec.comp != NULL) - OPENSSL_free(s->s3->rrec.comp); + free(s->s3->rrec.comp); #ifndef OPENSSL_NO_DH if (s->s3->tmp.dh != NULL) DH_free(s->s3->tmp.dh); @@ -3002,7 +3002,7 @@ ssl3_free(SSL *s) SSL_SRP_CTX_free(s); #endif OPENSSL_cleanse(s->s3, sizeof *s->s3); - OPENSSL_free(s->s3); + free(s->s3); s->s3 = NULL; } @@ -3015,10 +3015,10 @@ ssl3_clear(SSL *s) #ifdef TLSEXT_TYPE_opaque_prf_input if (s->s3->client_opaque_prf_input != NULL) - OPENSSL_free(s->s3->client_opaque_prf_input); + free(s->s3->client_opaque_prf_input); s->s3->client_opaque_prf_input = NULL; if (s->s3->server_opaque_prf_input != NULL) - OPENSSL_free(s->s3->server_opaque_prf_input); + free(s->s3->server_opaque_prf_input); s->s3->server_opaque_prf_input = NULL; #endif @@ -3027,7 +3027,7 @@ ssl3_clear(SSL *s) sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); if (s->s3->rrec.comp != NULL) { - OPENSSL_free(s->s3->rrec.comp); + free(s->s3->rrec.comp); s->s3->rrec.comp = NULL; } #ifndef OPENSSL_NO_DH @@ -3078,7 +3078,7 @@ ssl3_clear(SSL *s) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) if (s->next_proto_negotiated) { - OPENSSL_free(s->next_proto_negotiated); + free(s->next_proto_negotiated); s->next_proto_negotiated = NULL; s->next_proto_negotiated_len = 0; } @@ -3236,7 +3236,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_SET_TLSEXT_HOSTNAME: if (larg == TLSEXT_NAMETYPE_host_name) { if (s->tlsext_hostname != NULL) - OPENSSL_free(s->tlsext_hostname); + free(s->tlsext_hostname); s->tlsext_hostname = NULL; ret = 1; @@ -3269,9 +3269,9 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) break; } if (s->tlsext_opaque_prf_input != NULL) - OPENSSL_free(s->tlsext_opaque_prf_input); + free(s->tlsext_opaque_prf_input); if ((size_t)larg == 0) - s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */ + s->tlsext_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ else s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg); if (s->tlsext_opaque_prf_input != NULL) { @@ -3313,7 +3313,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: if (s->tlsext_ocsp_resp) - OPENSSL_free(s->tlsext_ocsp_resp); + free(s->tlsext_ocsp_resp); s->tlsext_ocsp_resp = parg; s->tlsext_ocsp_resplen = larg; ret = 1; @@ -3537,7 +3537,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME: ctx->srp_ctx.srp_Mask|=SSL_kSRP; if (ctx->srp_ctx.login != NULL) - OPENSSL_free(ctx->srp_ctx.login); + free(ctx->srp_ctx.login); ctx->srp_ctx.login = NULL; if (parg == NULL) break; diff --git a/lib/libssl/s3_srvr.c b/lib/libssl/s3_srvr.c index cc46e241d4f..927b0d7db1e 100644 --- a/lib/libssl/s3_srvr.c +++ b/lib/libssl/s3_srvr.c @@ -1760,7 +1760,7 @@ ssl3_send_server_key_exchange(SSL *s) NULL, 0, NULL); encodedPoint = (unsigned char *) - OPENSSL_malloc(encodedlen*sizeof(unsigned char)); + malloc(encodedlen*sizeof(unsigned char)); bn_ctx = BN_CTX_new(); if ((encodedPoint == NULL) || (bn_ctx == NULL)) { @@ -1891,7 +1891,7 @@ ssl3_send_server_key_exchange(SSL *s) p += 1; memcpy((unsigned char*)p, (unsigned char *)encodedPoint, encodedlen); - OPENSSL_free(encodedPoint); + free(encodedPoint); encodedPoint = NULL; p += encodedlen; } @@ -2012,7 +2012,7 @@ f_err: err: #ifndef OPENSSL_NO_ECDH if (encodedPoint != NULL) - OPENSSL_free(encodedPoint); + free(encodedPoint); BN_CTX_free(bn_ctx); #endif EVP_MD_CTX_cleanup(&md_ctx); @@ -2706,7 +2706,7 @@ ssl3_get_client_key_exchange(SSL *s) s2n(psk_len, t); if (s->session->psk_identity != NULL) - OPENSSL_free(s->session->psk_identity); + free(s->session->psk_identity); s->session->psk_identity = BUF_strdup((char *)p); if (s->session->psk_identity == NULL) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, @@ -2715,7 +2715,7 @@ ssl3_get_client_key_exchange(SSL *s) } if (s->session->psk_identity_hint != NULL) - OPENSSL_free(s->session->psk_identity_hint); + free(s->session->psk_identity_hint); s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint); if (s->ctx->psk_identity_hint != NULL && s->session->psk_identity_hint == NULL) { @@ -2752,7 +2752,7 @@ ssl3_get_client_key_exchange(SSL *s) goto err; } if (s->session->srp_username != NULL) - OPENSSL_free(s->session->srp_username); + free(s->session->srp_username); s->session->srp_username = BUF_strdup(s->srp_ctx.login); if (s->session->srp_username == NULL) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, @@ -3314,7 +3314,7 @@ ssl3_send_newsession_ticket(SSL *s) */ if (slen_full > 0xFF00) return -1; - senc = OPENSSL_malloc(slen_full); + senc = malloc(slen_full); if (!senc) return -1; p = senc; @@ -3327,7 +3327,7 @@ ssl3_send_newsession_ticket(SSL *s) const_p = senc; sess = d2i_SSL_SESSION(NULL, &const_p, slen_full); if (sess == NULL) { - OPENSSL_free(senc); + free(senc); return -1; } @@ -3337,7 +3337,7 @@ ssl3_send_newsession_ticket(SSL *s) slen = i2d_SSL_SESSION(sess, NULL); if (slen > slen_full) { /* shouldn't ever happen */ - OPENSSL_free(senc); + free(senc); return -1; } p = senc; @@ -3372,7 +3372,7 @@ ssl3_send_newsession_ticket(SSL *s) if (tctx->tlsext_ticket_key_cb) { if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx, &hctx, 1) < 0) { - OPENSSL_free(senc); + free(senc); return -1; } } else { @@ -3426,7 +3426,7 @@ ssl3_send_newsession_ticket(SSL *s) s->init_num = len; s->state = SSL3_ST_SW_SESSION_TICKET_B; s->init_off = 0; - OPENSSL_free(senc); + free(senc); } /* SSL3_ST_SW_SESSION_TICKET_B */ @@ -3529,7 +3529,7 @@ ssl3_get_next_proto(SSL *s) if (proto_len + padding_len + 2 != s->init_num) return 0; - s->next_proto_negotiated = OPENSSL_malloc(proto_len); + s->next_proto_negotiated = malloc(proto_len); if (!s->next_proto_negotiated) { SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, ERR_R_MALLOC_FAILURE); return 0; diff --git a/lib/libssl/ssl_asn1.c b/lib/libssl/ssl_asn1.c index 28e295f6a44..60ee189f298 100644 --- a/lib/libssl/ssl_asn1.c +++ b/lib/libssl/ssl_asn1.c @@ -145,7 +145,7 @@ i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) /* Note that I cheat in the following 2 assignments. I know * that if the ASN1_INTEGER passed to ASN1_INTEGER_set - * is > sizeof(long)+1, the buffer will not be re-OPENSSL_malloc()ed. + * is > sizeof(long)+1, the buffer will not be re-malloc()ed. * This is a bit evil but makes things simple, no dynamic allocation * to clean up :-) */ a.version.length = LSIZE2; @@ -375,7 +375,7 @@ long length) ai.length = 0; M_ASN1_D2I_get_x(ASN1_INTEGER, aip, d2i_ASN1_INTEGER); if (ai.data != NULL) { - OPENSSL_free(ai.data); + free(ai.data); ai.data = NULL; ai.length = 0; } @@ -385,7 +385,7 @@ long length) ssl_version = (int)ASN1_INTEGER_get(aip); ret->ssl_version = ssl_version; if (ai.data != NULL) { - OPENSSL_free(ai.data); + free(ai.data); ai.data = NULL; ai.length = 0; } @@ -439,7 +439,7 @@ long length) else ret->krb5_client_princ_len = os.length; memcpy(ret->krb5_client_princ, os.data, ret->krb5_client_princ_len); - OPENSSL_free(os.data); + free(os.data); os.data = NULL; os.length = 0; } else @@ -453,13 +453,13 @@ long length) ret->key_arg_length = os.length; memcpy(ret->key_arg, os.data, ret->key_arg_length); if (os.data != NULL) - OPENSSL_free(os.data); + free(os.data); ai.length = 0; M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 1); if (ai.data != NULL) { ret->time = ASN1_INTEGER_get(aip); - OPENSSL_free(ai.data); + free(ai.data); ai.data = NULL; ai.length = 0; } else @@ -469,7 +469,7 @@ long length) M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 2); if (ai.data != NULL) { ret->timeout = ASN1_INTEGER_get(aip); - OPENSSL_free(ai.data); + free(ai.data); ai.data = NULL; ai.length = 0; } else @@ -493,7 +493,7 @@ long length) ret->sid_ctx_length = os.length; memcpy(ret->sid_ctx, os.data, os.length); } - OPENSSL_free(os.data); + free(os.data); os.data = NULL; os.length = 0; } else @@ -503,7 +503,7 @@ long length) M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 5); if (ai.data != NULL) { ret->verify_result = ASN1_INTEGER_get(aip); - OPENSSL_free(ai.data); + free(ai.data); ai.data = NULL; ai.length = 0; } else @@ -515,7 +515,7 @@ long length) M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 6); if (os.data) { ret->tlsext_hostname = BUF_strndup((char *)os.data, os.length); - OPENSSL_free(os.data); + free(os.data); os.data = NULL; os.length = 0; } else @@ -528,7 +528,7 @@ long length) M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 7); if (os.data) { ret->psk_identity_hint = BUF_strndup((char *)os.data, os.length); - OPENSSL_free(os.data); + free(os.data); os.data = NULL; os.length = 0; } else @@ -539,7 +539,7 @@ long length) M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 8); if (os.data) { ret->psk_identity = BUF_strndup((char *)os.data, os.length); - OPENSSL_free(os.data); + free(os.data); os.data = NULL; os.length = 0; } else @@ -551,7 +551,7 @@ long length) M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 9); if (ai.data != NULL) { ret->tlsext_tick_lifetime_hint = ASN1_INTEGER_get(aip); - OPENSSL_free(ai.data); + free(ai.data); ai.data = NULL; ai.length = 0; } else if (ret->tlsext_ticklen && ret->session_id_length) @@ -575,7 +575,7 @@ long length) M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 11); if (os.data) { ret->compress_meth = os.data[0]; - OPENSSL_free(os.data); + free(os.data); os.data = NULL; } #endif @@ -586,7 +586,7 @@ long length) M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 12); if (os.data) { ret->srp_username = BUF_strndup((char *)os.data, os.length); - OPENSSL_free(os.data); + free(os.data); os.data = NULL; os.length = 0; } else diff --git a/lib/libssl/ssl_cert.c b/lib/libssl/ssl_cert.c index 72b5d8d2bd0..87dc80be20f 100644 --- a/lib/libssl/ssl_cert.c +++ b/lib/libssl/ssl_cert.c @@ -180,7 +180,7 @@ CERT { CERT *ret; - ret = (CERT *)OPENSSL_malloc(sizeof(CERT)); + ret = (CERT *)malloc(sizeof(CERT)); if (ret == NULL) { SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE); return (NULL); @@ -199,7 +199,7 @@ CERT CERT *ret; int i; - ret = (CERT *)OPENSSL_malloc(sizeof(CERT)); + ret = (CERT *)malloc(sizeof(CERT)); if (ret == NULL) { SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); return (NULL); @@ -387,7 +387,7 @@ ssl_cert_free(CERT *c) EVP_PKEY_free(c->pkeys[i].publickey); #endif } - OPENSSL_free(c); + free(c); } int @@ -422,7 +422,7 @@ SESS_CERT { SESS_CERT *ret; - ret = OPENSSL_malloc(sizeof *ret); + ret = malloc(sizeof *ret); if (ret == NULL) { SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE); return NULL; @@ -483,7 +483,7 @@ ssl_sess_cert_free(SESS_CERT *sc) EC_KEY_free(sc->peer_ecdh_tmp); #endif - OPENSSL_free(sc); + free(sc); } int diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c index 4bd3be0d41f..b56a93d4cbf 100644 --- a/lib/libssl/ssl_ciph.c +++ b/lib/libssl/ssl_ciph.c @@ -456,12 +456,12 @@ load_builtin_compressions(void) MemCheck_off(); ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp); if (ssl_comp_methods != NULL) { - comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); + comp = (SSL_COMP *)malloc(sizeof(SSL_COMP)); if (comp != NULL) { comp->method = COMP_zlib(); if (comp->method && comp->method->type == NID_undef) - OPENSSL_free(comp); + free(comp); else { comp->id = SSL_COMP_ZLIB_IDX; comp->name = comp->method->name; @@ -1037,7 +1037,7 @@ ssl_cipher_strength_sort(CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) curr = curr->next; } - number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int)); + number_uses = malloc((max_strength_bits + 1) * sizeof(int)); if (!number_uses) { SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE); return (0); @@ -1061,7 +1061,7 @@ ssl_cipher_strength_sort(CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) if (number_uses[i] > 0) ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p, tail_p); - OPENSSL_free(number_uses); + free(number_uses); return (1); } @@ -1336,7 +1336,7 @@ STACK_OF(SSL_CIPHER) #ifdef KSSL_DEBUG printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers); #endif /* KSSL_DEBUG */ - co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); + co_list = (CIPHER_ORDER *)malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); if (co_list == NULL) { SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); return(NULL); /* Failure */ @@ -1380,7 +1380,7 @@ STACK_OF(SSL_CIPHER) /* Now sort by symmetric encryption strength. The above ordering remains * in force within each class */ if (!ssl_cipher_strength_sort(&head, &tail)) { - OPENSSL_free(co_list); + free(co_list); return NULL; } @@ -1398,9 +1398,9 @@ STACK_OF(SSL_CIPHER) */ num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER); num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; - ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max); + ca_list = malloc(sizeof(SSL_CIPHER *) * num_of_alias_max); if (ca_list == NULL) { - OPENSSL_free(co_list); + free(co_list); SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE); return(NULL); /* Failure */ } @@ -1425,11 +1425,11 @@ STACK_OF(SSL_CIPHER) if (ok && (strlen(rule_p) > 0)) ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list); - OPENSSL_free((void *)ca_list); /* Not needed anymore */ + free((void *)ca_list); /* Not needed anymore */ if (!ok) { /* Rule processing failure */ - OPENSSL_free(co_list); + free(co_list); return (NULL); } @@ -1438,7 +1438,7 @@ STACK_OF(SSL_CIPHER) * if we cannot get one. */ if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) { - OPENSSL_free(co_list); + free(co_list); return (NULL); } @@ -1454,7 +1454,7 @@ STACK_OF(SSL_CIPHER) #endif } } - OPENSSL_free(co_list); /* Not needed any longer */ + free(co_list); /* Not needed any longer */ tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack); if (tmp_cipher_list == NULL) { @@ -1642,9 +1642,9 @@ char if (buf == NULL) { len = 128; - buf = OPENSSL_malloc(len); + buf = malloc(len); if (buf == NULL) - return("OPENSSL_malloc Error"); + return("malloc Error"); } else if (len < 128) return("Buffer too small"); @@ -1767,19 +1767,19 @@ SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) } MemCheck_off(); - comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); + comp = (SSL_COMP *)malloc(sizeof(SSL_COMP)); comp->id = id; comp->method = cm; load_builtin_compressions(); if (ssl_comp_methods && sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) { - OPENSSL_free(comp); + free(comp); MemCheck_on(); SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, SSL_R_DUPLICATE_COMPRESSION_ID); return (1); } else if ((ssl_comp_methods == NULL) || !sk_SSL_COMP_push(ssl_comp_methods, comp)) { - OPENSSL_free(comp); + free(comp); MemCheck_on(); SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE); return (1); diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c index 6db3bd29933..589bd625bb4 100644 --- a/lib/libssl/ssl_lib.c +++ b/lib/libssl/ssl_lib.c @@ -281,7 +281,7 @@ SSL return (NULL); } - s = (SSL *)OPENSSL_malloc(sizeof(SSL)); + s = (SSL *)malloc(sizeof(SSL)); if (s == NULL) goto err; memset(s, 0, sizeof(SSL)); @@ -380,7 +380,7 @@ err: ssl_cert_free(s->cert); if (s->ctx != NULL) SSL_CTX_free(s->ctx); /* decrement reference count */ - OPENSSL_free(s); + free(s); } SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE); return (NULL); @@ -558,24 +558,24 @@ SSL_free(SSL *s) #ifndef OPENSSL_NO_TLSEXT if (s->tlsext_hostname) - OPENSSL_free(s->tlsext_hostname); + free(s->tlsext_hostname); if (s->initial_ctx) SSL_CTX_free(s->initial_ctx); #ifndef OPENSSL_NO_EC if (s->tlsext_ecpointformatlist) - OPENSSL_free(s->tlsext_ecpointformatlist); + free(s->tlsext_ecpointformatlist); if (s->tlsext_ellipticcurvelist) - OPENSSL_free(s->tlsext_ellipticcurvelist); + free(s->tlsext_ellipticcurvelist); #endif /* OPENSSL_NO_EC */ if (s->tlsext_opaque_prf_input) - OPENSSL_free(s->tlsext_opaque_prf_input); + free(s->tlsext_opaque_prf_input); if (s->tlsext_ocsp_exts) sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free); if (s->tlsext_ocsp_ids) sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free); if (s->tlsext_ocsp_resp) - OPENSSL_free(s->tlsext_ocsp_resp); + free(s->tlsext_ocsp_resp); #endif if (s->client_CA != NULL) @@ -594,7 +594,7 @@ SSL_free(SSL *s) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) if (s->next_proto_negotiated) - OPENSSL_free(s->next_proto_negotiated); + free(s->next_proto_negotiated); #endif #ifndef OPENSSL_NO_SRTP @@ -602,7 +602,7 @@ SSL_free(SSL *s) sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles); #endif - OPENSSL_free(s); + free(s); } void @@ -1703,7 +1703,7 @@ SSL_CTX SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); goto err; } - ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX)); + ret = (SSL_CTX *)malloc(sizeof(SSL_CTX)); if (ret == NULL) goto err; @@ -1862,7 +1862,7 @@ err2: #if 0 static void SSL_COMP_free(SSL_COMP *comp) - { OPENSSL_free(comp); + { free(comp); } #endif @@ -1933,7 +1933,7 @@ SSL_CTX_free(SSL_CTX *a) #ifndef OPENSSL_NO_PSK if (a->psk_identity_hint) - OPENSSL_free(a->psk_identity_hint); + free(a->psk_identity_hint); #endif #ifndef OPENSSL_NO_SRP SSL_CTX_SRP_CTX_free(a); @@ -1943,7 +1943,7 @@ SSL_CTX_free(SSL_CTX *a) ENGINE_finish(a->client_cert_engine); #endif - OPENSSL_free(a); + free(a); } void @@ -2696,12 +2696,12 @@ ssl_clear_cipher_ctx(SSL *s) { if (s->enc_read_ctx != NULL) { EVP_CIPHER_CTX_cleanup(s->enc_read_ctx); - OPENSSL_free(s->enc_read_ctx); + free(s->enc_read_ctx); s->enc_read_ctx = NULL; } if (s->enc_write_ctx != NULL) { EVP_CIPHER_CTX_cleanup(s->enc_write_ctx); - OPENSSL_free(s->enc_write_ctx); + free(s->enc_write_ctx); s->enc_write_ctx = NULL; } #ifndef OPENSSL_NO_COMP @@ -3095,7 +3095,7 @@ SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint) return 0; } if (ctx->psk_identity_hint != NULL) - OPENSSL_free(ctx->psk_identity_hint); + free(ctx->psk_identity_hint); if (identity_hint != NULL) { ctx->psk_identity_hint = BUF_strdup(identity_hint); if (ctx->psk_identity_hint == NULL) @@ -3119,7 +3119,7 @@ SSL_use_psk_identity_hint(SSL *s, const char *identity_hint) return 0; } if (s->session->psk_identity_hint != NULL) - OPENSSL_free(s->session->psk_identity_hint); + free(s->session->psk_identity_hint); if (identity_hint != NULL) { s->session->psk_identity_hint = BUF_strdup(identity_hint); if (s->session->psk_identity_hint == NULL) diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c index 0b1c655820d..f9f6ee5ecbf 100644 --- a/lib/libssl/ssl_sess.c +++ b/lib/libssl/ssl_sess.c @@ -195,7 +195,7 @@ SSL_SESSION { SSL_SESSION *ss; - ss = (SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION)); + ss = (SSL_SESSION *)malloc(sizeof(SSL_SESSION)); if (ss == NULL) { SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE); return (0); @@ -371,8 +371,8 @@ ssl_get_new_session(SSL *s, int session) #ifndef OPENSSL_NO_EC if (s->tlsext_ecpointformatlist) { if (ss->tlsext_ecpointformatlist != NULL) - OPENSSL_free(ss->tlsext_ecpointformatlist); - if ((ss->tlsext_ecpointformatlist = OPENSSL_malloc(s->tlsext_ecpointformatlist_length)) == NULL) { + free(ss->tlsext_ecpointformatlist); + if ((ss->tlsext_ecpointformatlist = malloc(s->tlsext_ecpointformatlist_length)) == NULL) { SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE); SSL_SESSION_free(ss); return 0; @@ -382,8 +382,8 @@ ssl_get_new_session(SSL *s, int session) } if (s->tlsext_ellipticcurvelist) { if (ss->tlsext_ellipticcurvelist != NULL) - OPENSSL_free(ss->tlsext_ellipticcurvelist); - if ((ss->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL) { + free(ss->tlsext_ellipticcurvelist); + if ((ss->tlsext_ellipticcurvelist = malloc(s->tlsext_ellipticcurvelist_length)) == NULL) { SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_MALLOC_FAILURE); SSL_SESSION_free(ss); return 0; @@ -719,30 +719,30 @@ SSL_SESSION_free(SSL_SESSION *ss) sk_SSL_CIPHER_free(ss->ciphers); #ifndef OPENSSL_NO_TLSEXT if (ss->tlsext_hostname != NULL) - OPENSSL_free(ss->tlsext_hostname); + free(ss->tlsext_hostname); if (ss->tlsext_tick != NULL) - OPENSSL_free(ss->tlsext_tick); + free(ss->tlsext_tick); #ifndef OPENSSL_NO_EC ss->tlsext_ecpointformatlist_length = 0; if (ss->tlsext_ecpointformatlist != NULL) - OPENSSL_free(ss->tlsext_ecpointformatlist); + free(ss->tlsext_ecpointformatlist); ss->tlsext_ellipticcurvelist_length = 0; if (ss->tlsext_ellipticcurvelist != NULL) - OPENSSL_free(ss->tlsext_ellipticcurvelist); + free(ss->tlsext_ellipticcurvelist); #endif /* OPENSSL_NO_EC */ #endif #ifndef OPENSSL_NO_PSK if (ss->psk_identity_hint != NULL) - OPENSSL_free(ss->psk_identity_hint); + free(ss->psk_identity_hint); if (ss->psk_identity != NULL) - OPENSSL_free(ss->psk_identity); + free(ss->psk_identity); #endif #ifndef OPENSSL_NO_SRP if (ss->srp_username != NULL) - OPENSSL_free(ss->srp_username); + free(ss->srp_username); #endif OPENSSL_cleanse(ss, sizeof(*ss)); - OPENSSL_free(ss); + free(ss); } int @@ -768,7 +768,7 @@ SSL_set_session(SSL *s, SSL_SESSION *session) #ifndef OPENSSL_NO_KRB5 if (s->kssl_ctx && !s->kssl_ctx->client_princ && session->krb5_client_princ_len > 0) { - s->kssl_ctx->client_princ = (char *)OPENSSL_malloc(session->krb5_client_princ_len + 1); + s->kssl_ctx->client_princ = (char *)malloc(session->krb5_client_princ_len + 1); memcpy(s->kssl_ctx->client_princ, session->krb5_client_princ, session->krb5_client_princ_len); s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0'; @@ -900,11 +900,11 @@ SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) { if (s->version >= TLS1_VERSION) { if (s->tlsext_session_ticket) { - OPENSSL_free(s->tlsext_session_ticket); + free(s->tlsext_session_ticket); s->tlsext_session_ticket = NULL; } - s->tlsext_session_ticket = OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); + s->tlsext_session_ticket = malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); if (!s->tlsext_session_ticket) { SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE); return 0; diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c index 71d9f164b48..fb471b2f14f 100644 --- a/lib/libssl/t1_enc.c +++ b/lib/libssl/t1_enc.c @@ -367,7 +367,7 @@ tls1_change_cipher_state(SSL *s, int which) if (s->enc_read_ctx != NULL) reuse_dd = 1; - else if ((s->enc_read_ctx = OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL) + else if ((s->enc_read_ctx = malloc(sizeof(EVP_CIPHER_CTX))) == NULL) goto err; else /* make sure it's intialized in case we exit later with an error */ @@ -387,7 +387,7 @@ tls1_change_cipher_state(SSL *s, int which) } if (s->s3->rrec.comp == NULL) s->s3->rrec.comp = (unsigned char *) - OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH); + malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH); if (s->s3->rrec.comp == NULL) goto err; } @@ -592,7 +592,7 @@ tls1_setup_key_block(SSL *s) ssl3_cleanup_key_block(s); - if ((p1 = (unsigned char *)OPENSSL_malloc(num)) == NULL) { + if ((p1 = (unsigned char *)malloc(num)) == NULL) { SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE); goto err; } @@ -600,7 +600,7 @@ tls1_setup_key_block(SSL *s) s->s3->tmp.key_block_length = num; s->s3->tmp.key_block = p1; - if ((p2 = (unsigned char *)OPENSSL_malloc(num)) == NULL) { + if ((p2 = (unsigned char *)malloc(num)) == NULL) { SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE); goto err; } @@ -642,7 +642,7 @@ tls1_setup_key_block(SSL *s) err: if (p2) { OPENSSL_cleanse(p2, num); - OPENSSL_free(p2); + free(p2); } return (ret); } @@ -1074,7 +1074,7 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, p, plen); #endif /* KSSL_DEBUG */ - buff = OPENSSL_malloc(olen); + buff = malloc(olen); if (buff == NULL) goto err2; @@ -1088,7 +1088,7 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, vallen += 2 + contextlen; } - val = OPENSSL_malloc(vallen); + val = malloc(vallen); if (val == NULL) goto err2; currentvalpos = 0; @@ -1145,9 +1145,9 @@ err2: rv = 0; ret: if (buff != NULL) - OPENSSL_free(buff); + free(buff); if (val != NULL) - OPENSSL_free(val); + free(val); return (rv); } diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c index c3d62957ae3..7ecf7e06588 100644 --- a/lib/libssl/t1_lib.c +++ b/lib/libssl/t1_lib.c @@ -162,7 +162,7 @@ tls1_free(SSL *s) { #ifndef OPENSSL_NO_TLSEXT if (s->tlsext_session_ticket) { - OPENSSL_free(s->tlsext_session_ticket); + free(s->tlsext_session_ticket); } #endif /* OPENSSL_NO_TLSEXT */ ssl3_free(s); @@ -515,7 +515,7 @@ unsigned char else if (s->session && s->tlsext_session_ticket && s->tlsext_session_ticket->data) { ticklen = s->tlsext_session_ticket->length; - s->session->tlsext_tick = OPENSSL_malloc(ticklen); + s->session->tlsext_tick = malloc(ticklen); if (!s->session->tlsext_tick) return NULL; memcpy(s->session->tlsext_tick, @@ -1037,14 +1037,14 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, *al = TLS1_AD_UNRECOGNIZED_NAME; return 0; } - if ((s->session->tlsext_hostname = OPENSSL_malloc(len + 1)) == NULL) { + if ((s->session->tlsext_hostname = malloc(len + 1)) == NULL) { *al = TLS1_AD_INTERNAL_ERROR; return 0; } memcpy(s->session->tlsext_hostname, sdata, len); s->session->tlsext_hostname[len] = '\0'; if (strlen(s->session->tlsext_hostname) != len) { - OPENSSL_free(s->session->tlsext_hostname); + free(s->session->tlsext_hostname); s->session->tlsext_hostname = NULL; *al = TLS1_AD_UNRECOGNIZED_NAME; return 0; @@ -1081,7 +1081,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, *al = SSL_AD_DECODE_ERROR; return 0; } - if ((s->srp_ctx.login = OPENSSL_malloc(len + 1)) == NULL) + if ((s->srp_ctx.login = malloc(len + 1)) == NULL) return -1; memcpy(s->srp_ctx.login, &data[1], len); s->srp_ctx.login[len] = '\0'; @@ -1105,11 +1105,11 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, } if (!s->hit) { if (s->session->tlsext_ecpointformatlist) { - OPENSSL_free(s->session->tlsext_ecpointformatlist); + free(s->session->tlsext_ecpointformatlist); s->session->tlsext_ecpointformatlist = NULL; } s->session->tlsext_ecpointformatlist_length = 0; - if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) { + if ((s->session->tlsext_ecpointformatlist = malloc(ecpointformatlist_length)) == NULL) { *al = TLS1_AD_INTERNAL_ERROR; return 0; } @@ -1140,7 +1140,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, return 0; } s->session->tlsext_ellipticcurvelist_length = 0; - if ((s->session->tlsext_ellipticcurvelist = OPENSSL_malloc(ellipticcurvelist_length)) == NULL) { + if ((s->session->tlsext_ellipticcurvelist = malloc(ellipticcurvelist_length)) == NULL) { *al = TLS1_AD_INTERNAL_ERROR; return 0; } @@ -1172,9 +1172,9 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, } if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */ - OPENSSL_free(s->s3->client_opaque_prf_input); + free(s->s3->client_opaque_prf_input); if (s->s3->client_opaque_prf_input_len == 0) - s->s3->client_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */ + s->s3->client_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ else s->s3->client_opaque_prf_input = BUF_memdup(sdata, s->s3->client_opaque_prf_input_len); if (s->s3->client_opaque_prf_input == NULL) { @@ -1432,8 +1432,8 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, } s->session->tlsext_ecpointformatlist_length = 0; if (s->session->tlsext_ecpointformatlist != NULL) - OPENSSL_free(s->session->tlsext_ecpointformatlist); - if ((s->session->tlsext_ecpointformatlist = OPENSSL_malloc(ecpointformatlist_length)) == NULL) { + free(s->session->tlsext_ecpointformatlist); + if ((s->session->tlsext_ecpointformatlist = malloc(ecpointformatlist_length)) == NULL) { *al = TLS1_AD_INTERNAL_ERROR; return 0; } @@ -1478,9 +1478,9 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, } if (s->s3->server_opaque_prf_input != NULL) /* shouldn't really happen */ - OPENSSL_free(s->s3->server_opaque_prf_input); + free(s->s3->server_opaque_prf_input); if (s->s3->server_opaque_prf_input_len == 0) - s->s3->server_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */ + s->s3->server_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ else s->s3->server_opaque_prf_input = BUF_memdup(sdata, s->s3->server_opaque_prf_input_len); @@ -1522,7 +1522,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, *al = TLS1_AD_INTERNAL_ERROR; return 0; } - s->next_proto_negotiated = OPENSSL_malloc(selected_len); + s->next_proto_negotiated = malloc(selected_len); if (!s->next_proto_negotiated) { *al = TLS1_AD_INTERNAL_ERROR; return 0; @@ -1619,8 +1619,8 @@ ssl_prepare_clienthello_tlsext(SSL *s) using_ecc = using_ecc && (s->version >= TLS1_VERSION); if (using_ecc) { if (s->tlsext_ecpointformatlist != NULL) - OPENSSL_free(s->tlsext_ecpointformatlist); - if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) { + free(s->tlsext_ecpointformatlist); + if ((s->tlsext_ecpointformatlist = malloc(3)) == NULL) { SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT, ERR_R_MALLOC_FAILURE); return -1; } @@ -1631,9 +1631,9 @@ ssl_prepare_clienthello_tlsext(SSL *s) /* we support all named elliptic curves in draft-ietf-tls-ecc-12 */ if (s->tlsext_ellipticcurvelist != NULL) - OPENSSL_free(s->tlsext_ellipticcurvelist); + free(s->tlsext_ellipticcurvelist); s->tlsext_ellipticcurvelist_length = sizeof(pref_list)/sizeof(pref_list[0]) * 2; - if ((s->tlsext_ellipticcurvelist = OPENSSL_malloc(s->tlsext_ellipticcurvelist_length)) == NULL) { + if ((s->tlsext_ellipticcurvelist = malloc(s->tlsext_ellipticcurvelist_length)) == NULL) { s->tlsext_ellipticcurvelist_length = 0; SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT, ERR_R_MALLOC_FAILURE); return -1; @@ -1660,10 +1660,10 @@ ssl_prepare_clienthello_tlsext(SSL *s) if (s->tlsext_opaque_prf_input != NULL) { if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */ - OPENSSL_free(s->s3->client_opaque_prf_input); + free(s->s3->client_opaque_prf_input); if (s->tlsext_opaque_prf_input_len == 0) - s->s3->client_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */ + s->s3->client_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ else s->s3->client_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len); if (s->s3->client_opaque_prf_input == NULL) { @@ -1698,8 +1698,8 @@ ssl_prepare_serverhello_tlsext(SSL *s) if (using_ecc) { if (s->tlsext_ecpointformatlist != NULL) - OPENSSL_free(s->tlsext_ecpointformatlist); - if ((s->tlsext_ecpointformatlist = OPENSSL_malloc(3)) == NULL) { + free(s->tlsext_ecpointformatlist); + if ((s->tlsext_ecpointformatlist = malloc(3)) == NULL) { SSLerr(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT, ERR_R_MALLOC_FAILURE); return -1; } @@ -1752,7 +1752,7 @@ ssl_check_clienthello_tlsext_early(SSL *s) } if (s->s3->server_opaque_prf_input != NULL) /* shouldn't really happen */ - OPENSSL_free(s->s3->server_opaque_prf_input); + free(s->s3->server_opaque_prf_input); s->s3->server_opaque_prf_input = NULL; if (s->tlsext_opaque_prf_input != NULL) { @@ -1762,7 +1762,7 @@ ssl_check_clienthello_tlsext_early(SSL *s) * of the same length as the client opaque PRF input! */ if (s->tlsext_opaque_prf_input_len == 0) - s->s3->server_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */ + s->s3->server_opaque_prf_input = malloc(1); /* dummy byte just to get non-NULL */ else s->s3->server_opaque_prf_input = BUF_memdup(s->tlsext_opaque_prf_input, s->tlsext_opaque_prf_input_len); if (s->s3->server_opaque_prf_input == NULL) { @@ -1937,7 +1937,7 @@ ssl_check_serverhello_tlsext(SSL *s) * there is no response. */ if (s->tlsext_ocsp_resp) { - OPENSSL_free(s->tlsext_ocsp_resp); + free(s->tlsext_ocsp_resp); s->tlsext_ocsp_resp = NULL; } s->tlsext_ocsp_resplen = -1; @@ -2156,7 +2156,7 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, /* Move p after IV to start of encrypted ticket, update length */ p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx); eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx); - sdec = OPENSSL_malloc(eticklen); + sdec = malloc(eticklen); if (!sdec) { EVP_CIPHER_CTX_cleanup(&ctx); return -1; @@ -2169,7 +2169,7 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, p = sdec; sess = d2i_SSL_SESSION(NULL, &p, slen); - OPENSSL_free(sdec); + free(sdec); if (sess) { /* The session ID, if non-empty, is used by some clients to * detect that the ticket has been accepted. So we copy it to |