mirror of
https://github.com/opnsense/src.git
synced 2026-06-08 08:12:27 -04:00
b84c4564ef
Summary: Release notes can be found at https://www.openssl.org/news/openssl-3.0-notes.html . Obtained from: https://www.openssl.org/source/openssl-3.0.9.tar.gz Test Plan: ``` $ git status On branch vendor/openssl-3.0 Your branch is up to date with 'origin/vendor/openssl-3.0'. nothing to commit, working tree clean $ (cd ..; fetch http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc) openssl-3.0.9.tar.gz 14 MB 74 MBps 01s openssl-3.0.9.tar.gz.asc 833 B 10 MBps 00s $ set | egrep '(XLIST|OSSLVER)=' OSSLVER=3.0.9 XLIST=FREEBSD-Xlist $ gpg --list-keys /home/khorben/.gnupg/pubring.kbx -------------------------------- pub rsa4096 2021-07-16 [SC] [expires: 2031-07-14] A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C uid [ unknown] Tomáš Mráz <tm@t8m.info> uid [ unknown] Tomáš Mráz <tomas@arleto.cz> uid [ unknown] Tomáš Mráz <tomas@openssl.org> sub rsa4096 2021-07-16 [S] [expires: 2027-07-15] sub rsa4096 2021-07-16 [E] [expires: 2031-07-14] $ gpg --verify ../openssl-${OSSLVER}.tar.gz.asc ../openssl-${OSSLVER}.tar.gz gpg: Signature made Tue May 30 14:32:24 2023 CEST gpg: using RSA key DC7032662AF885E2F47F243F527466A21CA79E6D gpg: Good signature from "Tomáš Mráz <tm@t8m.info>" [unknown] gpg: aka "Tomáš Mráz <tomas@arleto.cz>" [unknown] gpg: aka "Tomáš Mráz <tomas@openssl.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: A21F AB74 B008 8AA3 6115 2586 B8EF 1A6B A9DA 2D5C Subkey fingerprint: DC70 3266 2AF8 85E2 F47F 243F 5274 66A2 1CA7 9E6D $ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C .. $ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* . [...] $ diff -arq ../openssl-${OSSLVER} . Only in .: .git Only in .: FREEBSD-Xlist Only in .: FREEBSD-upgrade $ git status FREEBSD* On branch vendor/openssl-3.0 Your branch is up to date with 'origin/vendor/openssl-3.0'. nothing to commit, working tree clean ```
117 lines
4.6 KiB
C
117 lines
4.6 KiB
C
/*
|
|
* Copyright 2014-2023 The OpenSSL Project Authors. All Rights Reserved.
|
|
*
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
* in the file LICENSE in the source distribution or at
|
|
* https://www.openssl.org/source/license.html
|
|
*/
|
|
|
|
#ifndef OSSL_CRYPTO_BN_H
|
|
# define OSSL_CRYPTO_BN_H
|
|
# pragma once
|
|
|
|
# include <openssl/bn.h>
|
|
# include <limits.h>
|
|
|
|
BIGNUM *bn_wexpand(BIGNUM *a, int words);
|
|
BIGNUM *bn_expand2(BIGNUM *a, int words);
|
|
|
|
void bn_correct_top(BIGNUM *a);
|
|
|
|
/*
|
|
* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
|
|
* This is an array r[] of values that are either zero or odd with an
|
|
* absolute value less than 2^w satisfying scalar = \sum_j r[j]*2^j where at
|
|
* most one of any w+1 consecutive digits is non-zero with the exception that
|
|
* the most significant digit may be only w-1 zeros away from that next
|
|
* non-zero digit.
|
|
*/
|
|
signed char *bn_compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len);
|
|
|
|
int bn_get_top(const BIGNUM *a);
|
|
|
|
int bn_get_dmax(const BIGNUM *a);
|
|
|
|
/* Set all words to zero */
|
|
void bn_set_all_zero(BIGNUM *a);
|
|
|
|
/*
|
|
* Copy the internal BIGNUM words into out which holds size elements (and size
|
|
* must be bigger than top)
|
|
*/
|
|
int bn_copy_words(BN_ULONG *out, const BIGNUM *in, int size);
|
|
|
|
BN_ULONG *bn_get_words(const BIGNUM *a);
|
|
|
|
/*
|
|
* Set the internal data words in a to point to words which contains size
|
|
* elements. The BN_FLG_STATIC_DATA flag is set
|
|
*/
|
|
void bn_set_static_words(BIGNUM *a, const BN_ULONG *words, int size);
|
|
|
|
/*
|
|
* Copy words into the BIGNUM |a|, reallocating space as necessary.
|
|
* The negative flag of |a| is not modified.
|
|
* Returns 1 on success and 0 on failure.
|
|
*/
|
|
/*
|
|
* |num_words| is int because bn_expand2 takes an int. This is an internal
|
|
* function so we simply trust callers not to pass negative values.
|
|
*/
|
|
int bn_set_words(BIGNUM *a, const BN_ULONG *words, int num_words);
|
|
|
|
/*
|
|
* Some BIGNUM functions assume most significant limb to be non-zero, which
|
|
* is customarily arranged by bn_correct_top. Output from below functions
|
|
* is not processed with bn_correct_top, and for this reason it may not be
|
|
* returned out of public API. It may only be passed internally into other
|
|
* functions known to support non-minimal or zero-padded BIGNUMs. Even
|
|
* though the goal is to facilitate constant-time-ness, not each subroutine
|
|
* is constant-time by itself. They all have pre-conditions, consult source
|
|
* code...
|
|
*/
|
|
int bn_mul_mont_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
|
BN_MONT_CTX *mont, BN_CTX *ctx);
|
|
int bn_to_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
|
|
BN_CTX *ctx);
|
|
int bn_from_mont_fixed_top(BIGNUM *r, const BIGNUM *a, BN_MONT_CTX *mont,
|
|
BN_CTX *ctx);
|
|
int bn_mod_add_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
|
const BIGNUM *m);
|
|
int bn_mod_sub_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
|
const BIGNUM *m);
|
|
int bn_mul_fixed_top(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
|
|
int bn_sqr_fixed_top(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
|
|
int bn_lshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n);
|
|
int bn_rshift_fixed_top(BIGNUM *r, const BIGNUM *a, int n);
|
|
int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
|
|
const BIGNUM *d, BN_CTX *ctx);
|
|
|
|
#define BN_PRIMETEST_COMPOSITE 0
|
|
#define BN_PRIMETEST_COMPOSITE_WITH_FACTOR 1
|
|
#define BN_PRIMETEST_COMPOSITE_NOT_POWER_OF_PRIME 2
|
|
#define BN_PRIMETEST_PROBABLY_PRIME 3
|
|
|
|
int ossl_bn_miller_rabin_is_prime(const BIGNUM *w, int iterations, BN_CTX *ctx,
|
|
BN_GENCB *cb, int enhanced, int *status);
|
|
|
|
const BIGNUM *ossl_bn_get0_small_factors(void);
|
|
|
|
int ossl_bn_rsa_fips186_4_gen_prob_primes(BIGNUM *p, BIGNUM *Xpout,
|
|
BIGNUM *p1, BIGNUM *p2,
|
|
const BIGNUM *Xp, const BIGNUM *Xp1,
|
|
const BIGNUM *Xp2, int nlen,
|
|
const BIGNUM *e, BN_CTX *ctx,
|
|
BN_GENCB *cb);
|
|
|
|
int ossl_bn_rsa_fips186_4_derive_prime(BIGNUM *Y, BIGNUM *X, const BIGNUM *Xin,
|
|
const BIGNUM *r1, const BIGNUM *r2,
|
|
int nlen, const BIGNUM *e, BN_CTX *ctx,
|
|
BN_GENCB *cb);
|
|
|
|
OSSL_LIB_CTX *ossl_bn_get_libctx(BN_CTX *ctx);
|
|
|
|
extern const BIGNUM ossl_bn_inv_sqrt_2;
|
|
|
|
#endif
|