diff options
| author | djm <> | 2009-01-09 12:14:09 +0000 |
|---|---|---|
| committer | djm <> | 2009-01-09 12:14:09 +0000 |
| commit | 76dd4d55fdccad54d20608e7caf577b9d67b216f (patch) | |
| tree | 9b645adc5cf0aa0820e1501ee5c6f2c41c454e7c /src/lib/libssl/src | |
| parent | f1625f274acf5dcd5601f6cb5e29e233b2a441a3 (diff) | |
| download | openbsd-76dd4d55fdccad54d20608e7caf577b9d67b216f.tar.gz openbsd-76dd4d55fdccad54d20608e7caf577b9d67b216f.tar.bz2 openbsd-76dd4d55fdccad54d20608e7caf577b9d67b216f.zip | |
import openssl-0.9.8j
Diffstat (limited to 'src/lib/libssl/src')
435 files changed, 24336 insertions, 7143 deletions
diff --git a/src/lib/libssl/src/CHANGES b/src/lib/libssl/src/CHANGES index 217aa70dcb..c888c56c26 100644 --- a/src/lib/libssl/src/CHANGES +++ b/src/lib/libssl/src/CHANGES | |||
| @@ -2,6 +2,108 @@ | |||
| 2 | OpenSSL CHANGES | 2 | OpenSSL CHANGES |
| 3 | _______________ | 3 | _______________ |
| 4 | 4 | ||
| 5 | Changes between 0.9.8i and 0.9.8j [07 Jan 2009] | ||
| 6 | |||
| 7 | *) Properly check EVP_VerifyFinal() and similar return values | ||
| 8 | (CVE-2008-5077). | ||
| 9 | [Ben Laurie, Bodo Moeller, Google Security Team] | ||
| 10 | |||
| 11 | *) Properly check EVP_VerifyFinal() and similar return values | ||
| 12 | (CVE-2008-5077). | ||
| 13 | [Ben Laurie, Bodo Moeller, Google Security Team] | ||
| 14 | |||
| 15 | *) Enable TLS extensions by default. | ||
| 16 | [Ben Laurie] | ||
| 17 | |||
| 18 | *) Allow the CHIL engine to be loaded, whether the application is | ||
| 19 | multithreaded or not. (This does not release the developer from the | ||
| 20 | obligation to set up the dynamic locking callbacks.) | ||
| 21 | [Sander Temme <sander@temme.net>] | ||
| 22 | |||
| 23 | *) Use correct exit code if there is an error in dgst command. | ||
| 24 | [Steve Henson; problem pointed out by Roland Dirlewanger] | ||
| 25 | |||
| 26 | *) Tweak Configure so that you need to say "experimental-jpake" to enable | ||
| 27 | JPAKE, and need to use -DOPENSSL_EXPERIMENTAL_JPAKE in applications. | ||
| 28 | [Bodo Moeller] | ||
| 29 | |||
| 30 | *) Add experimental JPAKE support, including demo authentication in | ||
| 31 | s_client and s_server. | ||
| 32 | [Ben Laurie] | ||
| 33 | |||
| 34 | *) Set the comparison function in v3_addr_canonize(). | ||
| 35 | [Rob Austein <sra@hactrn.net>] | ||
| 36 | |||
| 37 | *) Add support for XMPP STARTTLS in s_client. | ||
| 38 | [Philip Paeps <philip@freebsd.org>] | ||
| 39 | |||
| 40 | *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior | ||
| 41 | to ensure that even with this option, only ciphersuites in the | ||
| 42 | server's preference list will be accepted. (Note that the option | ||
| 43 | applies only when resuming a session, so the earlier behavior was | ||
| 44 | just about the algorithm choice for symmetric cryptography.) | ||
| 45 | [Bodo Moeller] | ||
| 46 | |||
| 47 | Changes between 0.9.8h and 0.9.8i [15 Sep 2008] | ||
| 48 | |||
| 49 | *) Fix a state transitition in s3_srvr.c and d1_srvr.c | ||
| 50 | (was using SSL3_ST_CW_CLNT_HELLO_B, should be ..._ST_SW_SRVR_...). | ||
| 51 | [Nagendra Modadugu] | ||
| 52 | |||
| 53 | *) The fix in 0.9.8c that supposedly got rid of unsafe | ||
| 54 | double-checked locking was incomplete for RSA blinding, | ||
| 55 | addressing just one layer of what turns out to have been | ||
| 56 | doubly unsafe triple-checked locking. | ||
| 57 | |||
| 58 | So now fix this for real by retiring the MONT_HELPER macro | ||
| 59 | in crypto/rsa/rsa_eay.c. | ||
| 60 | |||
| 61 | [Bodo Moeller; problem pointed out by Marius Schilder] | ||
| 62 | |||
| 63 | *) Various precautionary measures: | ||
| 64 | |||
| 65 | - Avoid size_t integer overflow in HASH_UPDATE (md32_common.h). | ||
| 66 | |||
| 67 | - Avoid a buffer overflow in d2i_SSL_SESSION() (ssl_asn1.c). | ||
| 68 | (NB: This would require knowledge of the secret session ticket key | ||
| 69 | to exploit, in which case you'd be SOL either way.) | ||
| 70 | |||
| 71 | - Change bn_nist.c so that it will properly handle input BIGNUMs | ||
| 72 | outside the expected range. | ||
| 73 | |||
| 74 | - Enforce the 'num' check in BN_div() (bn_div.c) for non-BN_DEBUG | ||
| 75 | builds. | ||
| 76 | |||
| 77 | [Neel Mehta, Bodo Moeller] | ||
| 78 | |||
| 79 | *) Allow engines to be "soft loaded" - i.e. optionally don't die if | ||
| 80 | the load fails. Useful for distros. | ||
| 81 | [Ben Laurie and the FreeBSD team] | ||
| 82 | |||
| 83 | *) Add support for Local Machine Keyset attribute in PKCS#12 files. | ||
| 84 | [Steve Henson] | ||
| 85 | |||
| 86 | *) Fix BN_GF2m_mod_arr() top-bit cleanup code. | ||
| 87 | [Huang Ying] | ||
| 88 | |||
| 89 | *) Expand ENGINE to support engine supplied SSL client certificate functions. | ||
| 90 | |||
| 91 | This work was sponsored by Logica. | ||
| 92 | [Steve Henson] | ||
| 93 | |||
| 94 | *) Add CryptoAPI ENGINE to support use of RSA and DSA keys held in Windows | ||
| 95 | keystores. Support for SSL/TLS client authentication too. | ||
| 96 | Not compiled unless enable-capieng specified to Configure. | ||
| 97 | |||
| 98 | This work was sponsored by Logica. | ||
| 99 | [Steve Henson] | ||
| 100 | |||
| 101 | *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using | ||
| 102 | ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain | ||
| 103 | attribute creation routines such as certifcate requests and PKCS#12 | ||
| 104 | files. | ||
| 105 | [Steve Henson] | ||
| 106 | |||
| 5 | Changes between 0.9.8g and 0.9.8h [28 May 2008] | 107 | Changes between 0.9.8g and 0.9.8h [28 May 2008] |
| 6 | 108 | ||
| 7 | *) Fix flaw if 'Server Key exchange message' is omitted from a TLS | 109 | *) Fix flaw if 'Server Key exchange message' is omitted from a TLS |
diff --git a/src/lib/libssl/src/Configure b/src/lib/libssl/src/Configure index 1a9a59f969..09b58f2113 100644 --- a/src/lib/libssl/src/Configure +++ b/src/lib/libssl/src/Configure | |||
| @@ -6,11 +6,13 @@ eval 'exec perl -S $0 ${1+"$@"}' | |||
| 6 | ## | 6 | ## |
| 7 | 7 | ||
| 8 | require 5.000; | 8 | require 5.000; |
| 9 | use strict; | 9 | eval 'use strict;'; |
| 10 | |||
| 11 | print STDERR "Warning: perl module strict not found.\n" if ($@); | ||
| 10 | 12 | ||
| 11 | # see INSTALL for instructions. | 13 | # see INSTALL for instructions. |
| 12 | 14 | ||
| 13 | my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [enable-montasm] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n"; | 15 | my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [enable-montasm] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n"; |
| 14 | 16 | ||
| 15 | # Options: | 17 | # Options: |
| 16 | # | 18 | # |
| @@ -155,9 +157,9 @@ my %table=( | |||
| 155 | "debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::::", | 157 | "debug-ben-debug", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::::", |
| 156 | "debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::", | 158 | "debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::", |
| 157 | "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", | 159 | "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", |
| 158 | "debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", | 160 | "debug-bodo", "gcc:-DL_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBIO_PAIR_DEBUG -DPEDANTIC -g -march=i486 -pedantic -Wshadow -Wall -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", |
| 159 | "debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll", | 161 | "debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll", |
| 160 | "debug-steve64", "gcc:-m64 -DL_ENDIAN -DTERMIO -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -DOPENSSL_NO_DEPRECATED -g -pedantic -Wall -Werror -Wno-long-long -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 162 | "debug-steve64", "gcc:-m64 -DL_ENDIAN -DTERMIO -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -DOPENSSL_NO_DEPRECATED -g -pedantic -Wall -Werror -Wno-long-long -Wsign-compare -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${x86_64_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 161 | "debug-steve32", "gcc:-m32 -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -DOPENSSL_NO_DEPRECATED -g -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", | 163 | "debug-steve32", "gcc:-m32 -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -DOPENSSL_NO_DEPRECATED -g -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", |
| 162 | "debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -m32 -g -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared", | 164 | "debug-steve", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -m32 -g -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared", |
| 163 | "debug-steve-opt", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -m32 -O3 -g -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared", | 165 | "debug-steve-opt", "gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -m32 -O3 -g -pedantic -Wno-long-long -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared", |
| @@ -407,12 +409,12 @@ my %table=( | |||
| 407 | 409 | ||
| 408 | #### IBM's AIX. | 410 | #### IBM's AIX. |
| 409 | "aix3-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::", | 411 | "aix3-cc", "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::", |
| 410 | "aix-gcc", "gcc:-O -DB_ENDIAN::-D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32", | 412 | "aix-gcc", "gcc:-O -DB_ENDIAN::-pthread:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32", |
| 411 | "aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-maix64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64", | 413 | "aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64", |
| 412 | # Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE | 414 | # Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE |
| 413 | # at build time. $OBJECT_MODE is respected at ./config stage! | 415 | # at build time. $OBJECT_MODE is respected at ./config stage! |
| 414 | "aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-q32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32", | 416 | "aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::BN_LLONG RC4_CHAR::aix_ppc32.o::::::::::dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32", |
| 415 | "aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-q64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64", | 417 | "aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR::aix_ppc64.o::::::::::dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64", |
| 416 | 418 | ||
| 417 | # | 419 | # |
| 418 | # Cray T90 and similar (SDSC) | 420 | # Cray T90 and similar (SDSC) |
| @@ -510,8 +512,9 @@ my %table=( | |||
| 510 | ##### MacOS X (a.k.a. Rhapsody or Darwin) setup | 512 | ##### MacOS X (a.k.a. Rhapsody or Darwin) setup |
| 511 | "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::", | 513 | "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::", |
| 512 | "darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", | 514 | "darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", |
| 513 | "darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:ppccpuid_osx64.o:osx_ppc64.o osx_ppc64-mont.o:::::sha1-ppc_osx64.o sha256-ppc_osx64.o sha512-ppc_osx64.o:::::dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", | 515 | "darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc64.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", |
| 514 | "darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -fno-common::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", | 516 | "darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", |
| 517 | "debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", | ||
| 515 | "darwin64-x86_64-cc","cc:-arch x86_64 -O3 -fomit-frame-pointer -DL_ENDIAN -DMD32_REG_T=int -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", | 518 | "darwin64-x86_64-cc","cc:-arch x86_64 -O3 -fomit-frame-pointer -DL_ENDIAN -DMD32_REG_T=int -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK BF_PTR2 DES_INT DES_UNROLL:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", |
| 516 | "debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", | 519 | "debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::osx_ppc32.o::::::::::dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib", |
| 517 | 520 | ||
| @@ -576,6 +579,11 @@ my $prefix=""; | |||
| 576 | my $openssldir=""; | 579 | my $openssldir=""; |
| 577 | my $exe_ext=""; | 580 | my $exe_ext=""; |
| 578 | my $install_prefix=""; | 581 | my $install_prefix=""; |
| 582 | my $fipslibdir="/usr/local/ssl/fips-1.0/lib/"; | ||
| 583 | my $nofipscanistercheck=0; | ||
| 584 | my $fipsdso=0; | ||
| 585 | my $fipscanisterinternal="n"; | ||
| 586 | my $baseaddr="0xFB00000"; | ||
| 579 | my $no_threads=0; | 587 | my $no_threads=0; |
| 580 | my $threads=0; | 588 | my $threads=0; |
| 581 | my $no_shared=0; # but "no-shared" is default | 589 | my $no_shared=0; # but "no-shared" is default |
| @@ -599,6 +607,7 @@ my $rc2 ="crypto/rc2/rc2.h"; | |||
| 599 | my $bf ="crypto/bf/bf_locl.h"; | 607 | my $bf ="crypto/bf/bf_locl.h"; |
| 600 | my $bn_asm ="bn_asm.o"; | 608 | my $bn_asm ="bn_asm.o"; |
| 601 | my $des_enc="des_enc.o fcrypt_b.o"; | 609 | my $des_enc="des_enc.o fcrypt_b.o"; |
| 610 | my $fips_des_enc="fips_des_enc.o"; | ||
| 602 | my $aes_enc="aes_core.o aes_cbc.o"; | 611 | my $aes_enc="aes_core.o aes_cbc.o"; |
| 603 | my $bf_enc ="bf_enc.o"; | 612 | my $bf_enc ="bf_enc.o"; |
| 604 | my $cast_enc="c_enc.o"; | 613 | my $cast_enc="c_enc.o"; |
| @@ -610,31 +619,40 @@ my $rmd160_obj=""; | |||
| 610 | my $processor=""; | 619 | my $processor=""; |
| 611 | my $default_ranlib; | 620 | my $default_ranlib; |
| 612 | my $perl; | 621 | my $perl; |
| 622 | my $fips=0; | ||
| 613 | 623 | ||
| 614 | 624 | ||
| 615 | # All of the following is disabled by default (RC5 was enabled before 0.9.8): | 625 | # All of the following is disabled by default (RC5 was enabled before 0.9.8): |
| 616 | 626 | ||
| 617 | my %disabled = ( # "what" => "comment" | 627 | my %disabled = ( # "what" => "comment" [or special keyword "experimental"] |
| 618 | "camellia" => "default", | 628 | "camellia" => "default", |
| 629 | "capieng" => "default", | ||
| 619 | "cms" => "default", | 630 | "cms" => "default", |
| 620 | "gmp" => "default", | 631 | "gmp" => "default", |
| 632 | "jpake" => "experimental", | ||
| 621 | "mdc2" => "default", | 633 | "mdc2" => "default", |
| 622 | "montasm" => "default", # explicit option in 0.9.8 only (implicitly enabled in 0.9.9) | 634 | "montasm" => "default", # explicit option in 0.9.8 only (implicitly enabled in 0.9.9) |
| 623 | "rc5" => "default", | 635 | "rc5" => "default", |
| 624 | "rfc3779" => "default", | 636 | "rfc3779" => "default", |
| 625 | "seed" => "default", | 637 | "seed" => "default", |
| 626 | "shared" => "default", | 638 | "shared" => "default", |
| 627 | "tlsext" => "default", | ||
| 628 | "zlib" => "default", | 639 | "zlib" => "default", |
| 629 | "zlib-dynamic" => "default" | 640 | "zlib-dynamic" => "default" |
| 630 | ); | 641 | ); |
| 642 | my @experimental = (); | ||
| 643 | |||
| 644 | # This is what $depflags will look like with the above defaults | ||
| 645 | # (we need this to see if we should advise the user to run "make depend"): | ||
| 646 | my $default_depflags = " -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED"; | ||
| 631 | 647 | ||
| 632 | # Additional "no-..." options will be collected in %disabled. | ||
| 633 | # To remove something from %disabled, use e.g. "enable-rc5". | ||
| 634 | # For symmetry, "disable-..." is a synonym for "no-...". | ||
| 635 | 648 | ||
| 636 | # This is what $depflags will look like with the above default: | 649 | # Explicit "no-..." options will be collected in %disabled along with the defaults. |
| 637 | my $default_depflags = "-DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED -DOPENSSL_NO_TLSEXT "; | 650 | # To remove something from %disabled, use "enable-foo" (unless it's experimental). |
| 651 | # For symmetry, "disable-foo" is a synonym for "no-foo". | ||
| 652 | |||
| 653 | # For features called "experimental" here, a more explicit "experimental-foo" is needed to enable. | ||
| 654 | # We will collect such requests in @experimental. | ||
| 655 | # To avoid accidental use of experimental features, applications will have to use -DOPENSSL_EXPERIMENTAL_FOO. | ||
| 638 | 656 | ||
| 639 | 657 | ||
| 640 | my $no_sse2=0; | 658 | my $no_sse2=0; |
| @@ -643,6 +661,7 @@ my $no_sse2=0; | |||
| 643 | 661 | ||
| 644 | my $flags; | 662 | my $flags; |
| 645 | my $depflags; | 663 | my $depflags; |
| 664 | my $openssl_experimental_defines; | ||
| 646 | my $openssl_algorithm_defines; | 665 | my $openssl_algorithm_defines; |
| 647 | my $openssl_thread_defines; | 666 | my $openssl_thread_defines; |
| 648 | my $openssl_sys_defines=""; | 667 | my $openssl_sys_defines=""; |
| @@ -663,6 +682,7 @@ while($argv_unprocessed) | |||
| 663 | { | 682 | { |
| 664 | $flags=""; | 683 | $flags=""; |
| 665 | $depflags=""; | 684 | $depflags=""; |
| 685 | $openssl_experimental_defines=""; | ||
| 666 | $openssl_algorithm_defines=""; | 686 | $openssl_algorithm_defines=""; |
| 667 | $openssl_thread_defines=""; | 687 | $openssl_thread_defines=""; |
| 668 | $openssl_sys_defines=""; | 688 | $openssl_sys_defines=""; |
| @@ -688,25 +708,35 @@ PROCESS_ARGS: | |||
| 688 | 708 | ||
| 689 | if (/^no-(.+)$/ || /^disable-(.+)$/) | 709 | if (/^no-(.+)$/ || /^disable-(.+)$/) |
| 690 | { | 710 | { |
| 691 | if ($1 eq "ssl") | 711 | if (!($disabled{$1} eq "experimental")) |
| 692 | { | ||
| 693 | $disabled{"ssl2"} = "option(ssl)"; | ||
| 694 | $disabled{"ssl3"} = "option(ssl)"; | ||
| 695 | } | ||
| 696 | elsif ($1 eq "tls") | ||
| 697 | { | ||
| 698 | $disabled{"tls1"} = "option(tls)" | ||
| 699 | } | ||
| 700 | else | ||
| 701 | { | 712 | { |
| 702 | $disabled{$1} = "option"; | 713 | if ($1 eq "ssl") |
| 714 | { | ||
| 715 | $disabled{"ssl2"} = "option(ssl)"; | ||
| 716 | $disabled{"ssl3"} = "option(ssl)"; | ||
| 717 | } | ||
| 718 | elsif ($1 eq "tls") | ||
| 719 | { | ||
| 720 | $disabled{"tls1"} = "option(tls)" | ||
| 721 | } | ||
| 722 | else | ||
| 723 | { | ||
| 724 | $disabled{$1} = "option"; | ||
| 725 | } | ||
| 703 | } | 726 | } |
| 704 | } | 727 | } |
| 705 | elsif (/^enable-(.+)$/) | 728 | elsif (/^enable-(.+)$/ || /^experimental-(.+)$/) |
| 706 | { | 729 | { |
| 707 | delete $disabled{$1}; | 730 | my $algo = $1; |
| 731 | if ($disabled{$algo} eq "experimental") | ||
| 732 | { | ||
| 733 | die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n" | ||
| 734 | unless (/^experimental-/); | ||
| 735 | push @experimental, $algo; | ||
| 736 | } | ||
| 737 | delete $disabled{$algo}; | ||
| 708 | 738 | ||
| 709 | $threads = 1 if ($1 eq "threads"); | 739 | $threads = 1 if ($algo eq "threads"); |
| 710 | } | 740 | } |
| 711 | elsif (/^--test-sanity$/) | 741 | elsif (/^--test-sanity$/) |
| 712 | { | 742 | { |
| @@ -737,12 +767,36 @@ PROCESS_ARGS: | |||
| 737 | } | 767 | } |
| 738 | elsif (/^386$/) | 768 | elsif (/^386$/) |
| 739 | { $processor=386; } | 769 | { $processor=386; } |
| 770 | elsif (/^fips$/) | ||
| 771 | { | ||
| 772 | $fips=1; | ||
| 773 | } | ||
| 740 | elsif (/^rsaref$/) | 774 | elsif (/^rsaref$/) |
| 741 | { | 775 | { |
| 742 | # No RSAref support any more since it's not needed. | 776 | # No RSAref support any more since it's not needed. |
| 743 | # The check for the option is there so scripts aren't | 777 | # The check for the option is there so scripts aren't |
| 744 | # broken | 778 | # broken |
| 745 | } | 779 | } |
| 780 | elsif (/^nofipscanistercheck$/) | ||
| 781 | { | ||
| 782 | $fips = 1; | ||
| 783 | $nofipscanistercheck = 1; | ||
| 784 | } | ||
| 785 | elsif (/^fipscanisterbuild$/) | ||
| 786 | { | ||
| 787 | $fips = 1; | ||
| 788 | $nofipscanistercheck = 1; | ||
| 789 | $fipslibdir=""; | ||
| 790 | $fipscanisterinternal="y"; | ||
| 791 | } | ||
| 792 | elsif (/^fipsdso$/) | ||
| 793 | { | ||
| 794 | $fips = 1; | ||
| 795 | $nofipscanistercheck = 1; | ||
| 796 | $fipslibdir=""; | ||
| 797 | $fipscanisterinternal="y"; | ||
| 798 | $fipsdso = 1; | ||
| 799 | } | ||
| 746 | elsif (/^[-+]/) | 800 | elsif (/^[-+]/) |
| 747 | { | 801 | { |
| 748 | if (/^-[lL](.*)$/) | 802 | if (/^-[lL](.*)$/) |
| @@ -777,6 +831,14 @@ PROCESS_ARGS: | |||
| 777 | { | 831 | { |
| 778 | $withargs{"zlib-include"}="-I$1"; | 832 | $withargs{"zlib-include"}="-I$1"; |
| 779 | } | 833 | } |
| 834 | elsif (/^--with-fipslibdir=(.*)$/) | ||
| 835 | { | ||
| 836 | $fipslibdir="$1/"; | ||
| 837 | } | ||
| 838 | elsif (/^--with-baseaddr=(.*)$/) | ||
| 839 | { | ||
| 840 | $baseaddr="$1"; | ||
| 841 | } | ||
| 780 | else | 842 | else |
| 781 | { | 843 | { |
| 782 | print STDERR $usage; | 844 | print STDERR $usage; |
| @@ -884,6 +946,50 @@ print "Configuring for $target\n"; | |||
| 884 | 946 | ||
| 885 | &usage if (!defined($table{$target})); | 947 | &usage if (!defined($table{$target})); |
| 886 | 948 | ||
| 949 | my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1); | ||
| 950 | my $cc = $fields[$idx_cc]; | ||
| 951 | my $cflags = $fields[$idx_cflags]; | ||
| 952 | my $unistd = $fields[$idx_unistd]; | ||
| 953 | my $thread_cflag = $fields[$idx_thread_cflag]; | ||
| 954 | my $sys_id = $fields[$idx_sys_id]; | ||
| 955 | my $lflags = $fields[$idx_lflags]; | ||
| 956 | my $bn_ops = $fields[$idx_bn_ops]; | ||
| 957 | my $cpuid_obj = $fields[$idx_cpuid_obj]; | ||
| 958 | my $bn_obj = $fields[$idx_bn_obj]; | ||
| 959 | my $des_obj = $fields[$idx_des_obj]; | ||
| 960 | my $aes_obj = $fields[$idx_aes_obj]; | ||
| 961 | my $bf_obj = $fields[$idx_bf_obj]; | ||
| 962 | my $md5_obj = $fields[$idx_md5_obj]; | ||
| 963 | my $sha1_obj = $fields[$idx_sha1_obj]; | ||
| 964 | my $cast_obj = $fields[$idx_cast_obj]; | ||
| 965 | my $rc4_obj = $fields[$idx_rc4_obj]; | ||
| 966 | my $rmd160_obj = $fields[$idx_rmd160_obj]; | ||
| 967 | my $rc5_obj = $fields[$idx_rc5_obj]; | ||
| 968 | my $dso_scheme = $fields[$idx_dso_scheme]; | ||
| 969 | my $shared_target = $fields[$idx_shared_target]; | ||
| 970 | my $shared_cflag = $fields[$idx_shared_cflag]; | ||
| 971 | my $shared_ldflag = $fields[$idx_shared_ldflag]; | ||
| 972 | my $shared_extension = $fields[$idx_shared_extension]; | ||
| 973 | my $ranlib = $fields[$idx_ranlib]; | ||
| 974 | my $arflags = $fields[$idx_arflags]; | ||
| 975 | |||
| 976 | if ($fips) | ||
| 977 | { | ||
| 978 | delete $disabled{"shared"} if ($disabled{"shared"} eq "default"); | ||
| 979 | $disabled{"asm"}="forced" | ||
| 980 | if ($target !~ "VC\-.*" && | ||
| 981 | "$cpuid_obj:$bn_obj:$aes_obj:$des_obj:$sha1_obj" eq "::::"); | ||
| 982 | } | ||
| 983 | |||
| 984 | foreach (sort @experimental) | ||
| 985 | { | ||
| 986 | my $ALGO; | ||
| 987 | ($ALGO = $_) =~ tr/[a-z]/[A-Z]/; | ||
| 988 | |||
| 989 | # opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined | ||
| 990 | $openssl_experimental_defines .= "#define OPENSSL_NO_$ALGO\n"; | ||
| 991 | $cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO"; | ||
| 992 | } | ||
| 887 | 993 | ||
| 888 | foreach (sort (keys %disabled)) | 994 | foreach (sort (keys %disabled)) |
| 889 | { | 995 | { |
| @@ -934,7 +1040,7 @@ foreach (sort (keys %disabled)) | |||
| 934 | push @skip, $algo; | 1040 | push @skip, $algo; |
| 935 | print " (skip dir)"; | 1041 | print " (skip dir)"; |
| 936 | 1042 | ||
| 937 | $depflags .="-DOPENSSL_NO_$ALGO "; | 1043 | $depflags .= " -DOPENSSL_NO_$ALGO"; |
| 938 | } | 1044 | } |
| 939 | } | 1045 | } |
| 940 | } | 1046 | } |
| @@ -947,10 +1053,22 @@ my $IsMK1MF=scalar grep /^$target$/,@MK1MF_Builds; | |||
| 947 | 1053 | ||
| 948 | $IsMK1MF=1 if ($target eq "mingw" && $^O ne "cygwin" && !is_msys()); | 1054 | $IsMK1MF=1 if ($target eq "mingw" && $^O ne "cygwin" && !is_msys()); |
| 949 | 1055 | ||
| 1056 | $no_shared = 0 if ($fipsdso && !$IsMK1MF); | ||
| 1057 | |||
| 950 | $exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target eq "mingw"); | 1058 | $exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target eq "mingw"); |
| 951 | $exe_ext=".nlm" if ($target =~ /netware/); | 1059 | $exe_ext=".nlm" if ($target =~ /netware/); |
| 952 | $exe_ext=".pm" if ($target =~ /vos/); | 1060 | $exe_ext=".pm" if ($target =~ /vos/); |
| 953 | $openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq ""); | 1061 | if ($openssldir eq "" and $prefix eq "") |
| 1062 | { | ||
| 1063 | if ($fips) | ||
| 1064 | { | ||
| 1065 | $openssldir="/usr/local/ssl/fips"; | ||
| 1066 | } | ||
| 1067 | else | ||
| 1068 | { | ||
| 1069 | $openssldir="/usr/local/ssl"; | ||
| 1070 | } | ||
| 1071 | } | ||
| 954 | $prefix=$openssldir if $prefix eq ""; | 1072 | $prefix=$openssldir if $prefix eq ""; |
| 955 | 1073 | ||
| 956 | $default_ranlib= &which("ranlib") or $default_ranlib="true"; | 1074 | $default_ranlib= &which("ranlib") or $default_ranlib="true"; |
| @@ -958,7 +1076,7 @@ $perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl") | |||
| 958 | or $perl="perl"; | 1076 | or $perl="perl"; |
| 959 | 1077 | ||
| 960 | chop $openssldir if $openssldir =~ /\/$/; | 1078 | chop $openssldir if $openssldir =~ /\/$/; |
| 961 | chop $prefix if $prefix =~ /\/$/; | 1079 | chop $prefix if $prefix =~ /.\/$/; |
| 962 | 1080 | ||
| 963 | $openssldir=$prefix . "/ssl" if $openssldir eq ""; | 1081 | $openssldir=$prefix . "/ssl" if $openssldir eq ""; |
| 964 | $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/; | 1082 | $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/; |
| @@ -966,33 +1084,6 @@ $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/] | |||
| 966 | 1084 | ||
| 967 | print "IsMK1MF=$IsMK1MF\n"; | 1085 | print "IsMK1MF=$IsMK1MF\n"; |
| 968 | 1086 | ||
| 969 | my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1); | ||
| 970 | my $cc = $fields[$idx_cc]; | ||
| 971 | my $cflags = $fields[$idx_cflags]; | ||
| 972 | my $unistd = $fields[$idx_unistd]; | ||
| 973 | my $thread_cflag = $fields[$idx_thread_cflag]; | ||
| 974 | my $sys_id = $fields[$idx_sys_id]; | ||
| 975 | my $lflags = $fields[$idx_lflags]; | ||
| 976 | my $bn_ops = $fields[$idx_bn_ops]; | ||
| 977 | my $cpuid_obj = $fields[$idx_cpuid_obj]; | ||
| 978 | my $bn_obj = $fields[$idx_bn_obj]; | ||
| 979 | my $des_obj = $fields[$idx_des_obj]; | ||
| 980 | my $aes_obj = $fields[$idx_aes_obj]; | ||
| 981 | my $bf_obj = $fields[$idx_bf_obj]; | ||
| 982 | my $md5_obj = $fields[$idx_md5_obj]; | ||
| 983 | my $sha1_obj = $fields[$idx_sha1_obj]; | ||
| 984 | my $cast_obj = $fields[$idx_cast_obj]; | ||
| 985 | my $rc4_obj = $fields[$idx_rc4_obj]; | ||
| 986 | my $rmd160_obj = $fields[$idx_rmd160_obj]; | ||
| 987 | my $rc5_obj = $fields[$idx_rc5_obj]; | ||
| 988 | my $dso_scheme = $fields[$idx_dso_scheme]; | ||
| 989 | my $shared_target = $fields[$idx_shared_target]; | ||
| 990 | my $shared_cflag = $fields[$idx_shared_cflag]; | ||
| 991 | my $shared_ldflag = $fields[$idx_shared_ldflag]; | ||
| 992 | my $shared_extension = $fields[$idx_shared_extension]; | ||
| 993 | my $ranlib = $fields[$idx_ranlib]; | ||
| 994 | my $arflags = $fields[$idx_arflags]; | ||
| 995 | |||
| 996 | # '%' in $lflags is used to split flags to "pre-" and post-flags | 1087 | # '%' in $lflags is used to split flags to "pre-" and post-flags |
| 997 | my ($prelflags,$postlflags)=split('%',$lflags); | 1088 | my ($prelflags,$postlflags)=split('%',$lflags); |
| 998 | if (defined($postlflags)) { $lflags=$postlflags; } | 1089 | if (defined($postlflags)) { $lflags=$postlflags; } |
| @@ -1126,6 +1217,8 @@ if ($no_asm) | |||
| 1126 | { | 1217 | { |
| 1127 | $cpuid_obj=$bn_obj=$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=""; | 1218 | $cpuid_obj=$bn_obj=$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=""; |
| 1128 | $sha1_obj=$md5_obj=$rmd160_obj=""; | 1219 | $sha1_obj=$md5_obj=$rmd160_obj=""; |
| 1220 | $cflags=~s/\-D[BL]_ENDIAN// if ($fips); | ||
| 1221 | $thread_cflags=~s/\-D[BL]_ENDIAN// if ($fips); | ||
| 1129 | } | 1222 | } |
| 1130 | if ($montasm) | 1223 | if ($montasm) |
| 1131 | { | 1224 | { |
| @@ -1164,7 +1257,7 @@ if ($zlib) | |||
| 1164 | my $shared_mark = ""; | 1257 | my $shared_mark = ""; |
| 1165 | if ($shared_target eq "") | 1258 | if ($shared_target eq "") |
| 1166 | { | 1259 | { |
| 1167 | $no_shared_warn = 1 if !$no_shared; | 1260 | $no_shared_warn = 1 if !$no_shared && !$fips; |
| 1168 | $no_shared = 1; | 1261 | $no_shared = 1; |
| 1169 | } | 1262 | } |
| 1170 | if (!$no_shared) | 1263 | if (!$no_shared) |
| @@ -1253,8 +1346,14 @@ $bn_obj = $bn_asm unless $bn_obj ne ""; | |||
| 1253 | # bn86* is the only one implementing bn_*_part_words | 1346 | # bn86* is the only one implementing bn_*_part_words |
| 1254 | $cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn86/); | 1347 | $cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn86/); |
| 1255 | $cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /bn86/); | 1348 | $cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /bn86/); |
| 1349 | |||
| 1256 | $cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /\-mont|mo86\-/); | 1350 | $cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /\-mont|mo86\-/); |
| 1257 | 1351 | ||
| 1352 | if ($fips) | ||
| 1353 | { | ||
| 1354 | $openssl_other_defines.="#define OPENSSL_FIPS\n"; | ||
| 1355 | } | ||
| 1356 | |||
| 1258 | $des_obj=$des_enc unless ($des_obj =~ /\.o$/); | 1357 | $des_obj=$des_enc unless ($des_obj =~ /\.o$/); |
| 1259 | $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/); | 1358 | $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/); |
| 1260 | $cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/); | 1359 | $cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/); |
| @@ -1339,7 +1438,8 @@ while (<IN>) | |||
| 1339 | if ($sdirs) { | 1438 | if ($sdirs) { |
| 1340 | my $dir; | 1439 | my $dir; |
| 1341 | foreach $dir (@skip) { | 1440 | foreach $dir (@skip) { |
| 1342 | s/([ ])$dir /\1/; | 1441 | s/(\s)$dir\s/$1/; |
| 1442 | s/\s$dir$//; | ||
| 1343 | } | 1443 | } |
| 1344 | } | 1444 | } |
| 1345 | $sdirs = 0 unless /\\$/; | 1445 | $sdirs = 0 unless /\\$/; |
| @@ -1360,7 +1460,7 @@ while (<IN>) | |||
| 1360 | s/^CC=.*$/CC= $cc/; | 1460 | s/^CC=.*$/CC= $cc/; |
| 1361 | s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc"; | 1461 | s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc"; |
| 1362 | s/^CFLAG=.*$/CFLAG= $cflags/; | 1462 | s/^CFLAG=.*$/CFLAG= $cflags/; |
| 1363 | s/^DEPFLAG=.*$/DEPFLAG= $depflags/; | 1463 | s/^DEPFLAG=.*$/DEPFLAG=$depflags/; |
| 1364 | s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/; | 1464 | s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/; |
| 1365 | s/^EX_LIBS=.*$/EX_LIBS= $lflags/; | 1465 | s/^EX_LIBS=.*$/EX_LIBS= $lflags/; |
| 1366 | s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/; | 1466 | s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/; |
| @@ -1383,9 +1483,24 @@ while (<IN>) | |||
| 1383 | s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/; | 1483 | s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/; |
| 1384 | s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/; | 1484 | s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/; |
| 1385 | s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/; | 1485 | s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/; |
| 1486 | s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/; | ||
| 1487 | if ($fipsdso) | ||
| 1488 | { | ||
| 1489 | s/^FIPSCANLIB=.*/FIPSCANLIB=libfips/; | ||
| 1490 | s/^SHARED_FIPS=.*/SHARED_FIPS=libfips\$(SHLIB_EXT)/; | ||
| 1491 | s/^SHLIBDIRS=.*/SHLIBDIRS= crypto ssl fips/; | ||
| 1492 | } | ||
| 1493 | else | ||
| 1494 | { | ||
| 1495 | s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips; | ||
| 1496 | s/^SHARED_FIPS=.*/SHARED_FIPS=/; | ||
| 1497 | s/^SHLIBDIRS=.*/SHLIBDIRS= crypto ssl/; | ||
| 1498 | } | ||
| 1499 | s/^FIPSCANISTERINTERNAL=.*/FIPSCANISTERINTERNAL=$fipscanisterinternal/; | ||
| 1500 | s/^BASEADDR=.*/BASEADDR=$baseaddr/; | ||
| 1386 | s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/; | 1501 | s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/; |
| 1387 | s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/; | 1502 | s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/; |
| 1388 | s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared); | 1503 | s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_FIPS) \$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared); |
| 1389 | if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/) | 1504 | if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/) |
| 1390 | { | 1505 | { |
| 1391 | my $sotmp = $1; | 1506 | my $sotmp = $1; |
| @@ -1489,6 +1604,7 @@ print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configur | |||
| 1489 | 1604 | ||
| 1490 | print OUT "/* OpenSSL was configured with the following options: */\n"; | 1605 | print OUT "/* OpenSSL was configured with the following options: */\n"; |
| 1491 | my $openssl_algorithm_defines_trans = $openssl_algorithm_defines; | 1606 | my $openssl_algorithm_defines_trans = $openssl_algorithm_defines; |
| 1607 | $openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n# define OPENSSL_NO_$1\n# endif\n#endif/mg; | ||
| 1492 | $openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n# define $1\n# endif/mg; | 1608 | $openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n# define $1\n# endif/mg; |
| 1493 | $openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; | 1609 | $openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; |
| 1494 | $openssl_algorithm_defines = " /* no ciphers excluded */\n" if $openssl_algorithm_defines eq ""; | 1610 | $openssl_algorithm_defines = " /* no ciphers excluded */\n" if $openssl_algorithm_defines eq ""; |
| @@ -1497,8 +1613,10 @@ $openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/ | |||
| 1497 | $openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; | 1613 | $openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg; |
| 1498 | print OUT $openssl_sys_defines; | 1614 | print OUT $openssl_sys_defines; |
| 1499 | print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n"; | 1615 | print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n"; |
| 1616 | print OUT $openssl_experimental_defines; | ||
| 1617 | print OUT "\n"; | ||
| 1500 | print OUT $openssl_algorithm_defines; | 1618 | print OUT $openssl_algorithm_defines; |
| 1501 | print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n"; | 1619 | print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n"; |
| 1502 | print OUT $openssl_thread_defines; | 1620 | print OUT $openssl_thread_defines; |
| 1503 | print OUT $openssl_other_defines,"\n"; | 1621 | print OUT $openssl_other_defines,"\n"; |
| 1504 | 1622 | ||
| @@ -1680,9 +1798,16 @@ BEGIN | |||
| 1680 | BEGIN | 1798 | BEGIN |
| 1681 | BLOCK "040904b0" | 1799 | BLOCK "040904b0" |
| 1682 | BEGIN | 1800 | BEGIN |
| 1801 | #if defined(FIPS) | ||
| 1802 | VALUE "Comments", "WARNING: TEST VERSION ONLY ***NOT*** FIPS 140-2 VALIDATED.\\0" | ||
| 1803 | #endif | ||
| 1683 | // Required: | 1804 | // Required: |
| 1684 | VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0" | 1805 | VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0" |
| 1806 | #if defined(FIPS) | ||
| 1807 | VALUE "FileDescription", "TEST UNVALIDATED FIPS140-2 DLL\\0" | ||
| 1808 | #else | ||
| 1685 | VALUE "FileDescription", "OpenSSL Shared Library\\0" | 1809 | VALUE "FileDescription", "OpenSSL Shared Library\\0" |
| 1810 | #endif | ||
| 1686 | VALUE "FileVersion", "$version\\0" | 1811 | VALUE "FileVersion", "$version\\0" |
| 1687 | #if defined(CRYPTO) | 1812 | #if defined(CRYPTO) |
| 1688 | VALUE "InternalName", "libeay32\\0" | 1813 | VALUE "InternalName", "libeay32\\0" |
| @@ -1690,12 +1815,15 @@ BEGIN | |||
| 1690 | #elif defined(SSL) | 1815 | #elif defined(SSL) |
| 1691 | VALUE "InternalName", "ssleay32\\0" | 1816 | VALUE "InternalName", "ssleay32\\0" |
| 1692 | VALUE "OriginalFilename", "ssleay32.dll\\0" | 1817 | VALUE "OriginalFilename", "ssleay32.dll\\0" |
| 1818 | #elif defined(FIPS) | ||
| 1819 | VALUE "InternalName", "libosslfips\\0" | ||
| 1820 | VALUE "OriginalFilename", "libosslfips.dll\\0" | ||
| 1693 | #endif | 1821 | #endif |
| 1694 | VALUE "ProductName", "The OpenSSL Toolkit\\0" | 1822 | VALUE "ProductName", "The OpenSSL Toolkit\\0" |
| 1695 | VALUE "ProductVersion", "$version\\0" | 1823 | VALUE "ProductVersion", "$version\\0" |
| 1696 | // Optional: | 1824 | // Optional: |
| 1697 | //VALUE "Comments", "\\0" | 1825 | //VALUE "Comments", "\\0" |
| 1698 | VALUE "LegalCopyright", "Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0" | 1826 | VALUE "LegalCopyright", "Copyright © 1998-2007 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0" |
| 1699 | //VALUE "LegalTrademarks", "\\0" | 1827 | //VALUE "LegalTrademarks", "\\0" |
| 1700 | //VALUE "PrivateBuild", "\\0" | 1828 | //VALUE "PrivateBuild", "\\0" |
| 1701 | //VALUE "SpecialBuild", "\\0" | 1829 | //VALUE "SpecialBuild", "\\0" |
| @@ -1732,6 +1860,21 @@ libraries on this platform, they will at least look at it and try their best | |||
| 1732 | (but please first make sure you have tried with a current version of OpenSSL). | 1860 | (but please first make sure you have tried with a current version of OpenSSL). |
| 1733 | EOF | 1861 | EOF |
| 1734 | 1862 | ||
| 1863 | print <<\EOF if ($fipscanisterinternal eq "y"); | ||
| 1864 | |||
| 1865 | WARNING: OpenSSL has been configured using unsupported option(s) to internally | ||
| 1866 | generate a fipscanister.o object module for TESTING PURPOSES ONLY; that | ||
| 1867 | compiled module is NOT FIPS 140-2 validated and CANNOT be used to replace the | ||
| 1868 | OpenSSL FIPS Object Module as identified by the CMVP | ||
| 1869 | (http://csrc.nist.gov/cryptval/) in any application requiring the use of FIPS | ||
| 1870 | 140-2 validated software. | ||
| 1871 | |||
| 1872 | This is an OpenSSL 0.9.8 test version. | ||
| 1873 | |||
| 1874 | See the file README.FIPS for details of how to build a test library. | ||
| 1875 | |||
| 1876 | EOF | ||
| 1877 | |||
| 1735 | exit(0); | 1878 | exit(0); |
| 1736 | 1879 | ||
| 1737 | sub usage | 1880 | sub usage |
diff --git a/src/lib/libssl/src/FAQ b/src/lib/libssl/src/FAQ index 09f700cc3a..ce71246fb8 100644 --- a/src/lib/libssl/src/FAQ +++ b/src/lib/libssl/src/FAQ | |||
| @@ -32,6 +32,7 @@ OpenSSL - Frequently Asked Questions | |||
| 32 | * How do I install a CA certificate into a browser? | 32 | * How do I install a CA certificate into a browser? |
| 33 | * Why is OpenSSL x509 DN output not conformant to RFC2253? | 33 | * Why is OpenSSL x509 DN output not conformant to RFC2253? |
| 34 | * What is a "128 bit certificate"? Can I create one with OpenSSL? | 34 | * What is a "128 bit certificate"? Can I create one with OpenSSL? |
| 35 | * Why does OpenSSL set the authority key identifier extension incorrectly? | ||
| 35 | * How can I set up a bundle of commercial root CA certificates? | 36 | * How can I set up a bundle of commercial root CA certificates? |
| 36 | 37 | ||
| 37 | [BUILD] Questions about building and testing OpenSSL | 38 | [BUILD] Questions about building and testing OpenSSL |
| @@ -68,6 +69,7 @@ OpenSSL - Frequently Asked Questions | |||
| 68 | * Why does compilation fail due to an undefined symbol NID_uniqueIdentifier? | 69 | * Why does compilation fail due to an undefined symbol NID_uniqueIdentifier? |
| 69 | * I think I've detected a memory leak, is this a bug? | 70 | * I think I've detected a memory leak, is this a bug? |
| 70 | * Why does Valgrind complain about the use of uninitialized data? | 71 | * Why does Valgrind complain about the use of uninitialized data? |
| 72 | * Why doesn't a memory BIO work when a file does? | ||
| 71 | 73 | ||
| 72 | =============================================================================== | 74 | =============================================================================== |
| 73 | 75 | ||
| @@ -76,7 +78,7 @@ OpenSSL - Frequently Asked Questions | |||
| 76 | * Which is the current version of OpenSSL? | 78 | * Which is the current version of OpenSSL? |
| 77 | 79 | ||
| 78 | The current version is available from <URL: http://www.openssl.org>. | 80 | The current version is available from <URL: http://www.openssl.org>. |
| 79 | OpenSSL 0.9.8h was released on May 28th, 2008. | 81 | OpenSSL 0.9.8j was released on Jan 7th, 2009. |
| 80 | 82 | ||
| 81 | In addition to the current stable release, you can also access daily | 83 | In addition to the current stable release, you can also access daily |
| 82 | snapshots of the OpenSSL development version at <URL: | 84 | snapshots of the OpenSSL development version at <URL: |
| @@ -403,10 +405,10 @@ You can't generally create such a certificate using OpenSSL but there is no | |||
| 403 | need to any more. Nowadays web browsers using unrestricted strong encryption | 405 | need to any more. Nowadays web browsers using unrestricted strong encryption |
| 404 | are generally available. | 406 | are generally available. |
| 405 | 407 | ||
| 406 | When there were tight export restrictions on the export of strong encryption | 408 | When there were tight restrictions on the export of strong encryption |
| 407 | software from the US only weak encryption algorithms could be freely exported | 409 | software from the US only weak encryption algorithms could be freely exported |
| 408 | (initially 40 bit and then 56 bit). It was widely recognised that this was | 410 | (initially 40 bit and then 56 bit). It was widely recognised that this was |
| 409 | inadequate. A relaxation the rules allowed the use of strong encryption but | 411 | inadequate. A relaxation of the rules allowed the use of strong encryption but |
| 410 | only to an authorised server. | 412 | only to an authorised server. |
| 411 | 413 | ||
| 412 | Two slighly different techniques were developed to support this, one used by | 414 | Two slighly different techniques were developed to support this, one used by |
| @@ -427,6 +429,25 @@ The export laws were later changed to allow almost unrestricted use of strong | |||
| 427 | encryption so these certificates are now obsolete. | 429 | encryption so these certificates are now obsolete. |
| 428 | 430 | ||
| 429 | 431 | ||
| 432 | * Why does OpenSSL set the authority key identifier (AKID) extension incorrectly? | ||
| 433 | |||
| 434 | It doesn't: this extension is often the cause of confusion. | ||
| 435 | |||
| 436 | Consider a certificate chain A->B->C so that A signs B and B signs C. Suppose | ||
| 437 | certificate C contains AKID. | ||
| 438 | |||
| 439 | The purpose of this extension is to identify the authority certificate B. This | ||
| 440 | can be done either by including the subject key identifier of B or its issuer | ||
| 441 | name and serial number. | ||
| 442 | |||
| 443 | In this latter case because it is identifying certifcate B it must contain the | ||
| 444 | issuer name and serial number of B. | ||
| 445 | |||
| 446 | It is often wrongly assumed that it should contain the subject name of B. If it | ||
| 447 | did this would be redundant information because it would duplicate the issuer | ||
| 448 | name of C. | ||
| 449 | |||
| 450 | |||
| 430 | * How can I set up a bundle of commercial root CA certificates? | 451 | * How can I set up a bundle of commercial root CA certificates? |
| 431 | 452 | ||
| 432 | The OpenSSL software is shipped without any root CA certificate as the | 453 | The OpenSSL software is shipped without any root CA certificate as the |
| @@ -920,5 +941,25 @@ OpenSSL library has been compiled with the PURIFY macro defined (-DPURIFY) | |||
| 920 | to get rid of these warnings. | 941 | to get rid of these warnings. |
| 921 | 942 | ||
| 922 | 943 | ||
| 923 | =============================================================================== | 944 | * Why doesn't a memory BIO work when a file does? |
| 924 | 945 | ||
| 946 | This can occur in several cases for example reading an S/MIME email message. | ||
| 947 | The reason is that a memory BIO can do one of two things when all the data | ||
| 948 | has been read from it. | ||
| 949 | |||
| 950 | The default behaviour is to indicate that no more data is available and that | ||
| 951 | the call should be retried, this is to allow the application to fill up the BIO | ||
| 952 | again if necessary. | ||
| 953 | |||
| 954 | Alternatively it can indicate that no more data is available and that EOF has | ||
| 955 | been reached. | ||
| 956 | |||
| 957 | If a memory BIO is to behave in the same way as a file this second behaviour | ||
| 958 | is needed. This must be done by calling: | ||
| 959 | |||
| 960 | BIO_set_mem_eof_return(bio, 0); | ||
| 961 | |||
| 962 | See the manual pages for more details. | ||
| 963 | |||
| 964 | |||
| 965 | =============================================================================== | ||
diff --git a/src/lib/libssl/src/Makefile b/src/lib/libssl/src/Makefile index 5aec3a2099..fe0fe16843 100644 --- a/src/lib/libssl/src/Makefile +++ b/src/lib/libssl/src/Makefile | |||
| @@ -4,7 +4,7 @@ | |||
| 4 | ## Makefile for OpenSSL | 4 | ## Makefile for OpenSSL |
| 5 | ## | 5 | ## |
| 6 | 6 | ||
| 7 | VERSION=0.9.8h | 7 | VERSION=0.9.8j |
| 8 | MAJOR=0 | 8 | MAJOR=0 |
| 9 | MINOR=9.8 | 9 | MINOR=9.8 |
| 10 | SHLIB_VERSION_NUMBER=0.9.8 | 10 | SHLIB_VERSION_NUMBER=0.9.8 |
| @@ -13,7 +13,7 @@ SHLIB_MAJOR=0 | |||
| 13 | SHLIB_MINOR=9.8 | 13 | SHLIB_MINOR=9.8 |
| 14 | SHLIB_EXT= | 14 | SHLIB_EXT= |
| 15 | PLATFORM=dist | 15 | PLATFORM=dist |
| 16 | OPTIONS= no-camellia no-cms no-gmp no-krb5 no-mdc2 no-montasm no-rc5 no-rfc3779 no-seed no-shared no-tlsext no-zlib no-zlib-dynamic | 16 | OPTIONS= no-camellia no-capieng no-cms no-gmp no-jpake no-krb5 no-mdc2 no-montasm no-rc5 no-rfc3779 no-seed no-shared no-zlib no-zlib-dynamic |
| 17 | CONFIGURE_ARGS=dist | 17 | CONFIGURE_ARGS=dist |
| 18 | SHLIB_TARGET= | 18 | SHLIB_TARGET= |
| 19 | 19 | ||
| @@ -61,12 +61,13 @@ OPENSSLDIR=/usr/local/ssl | |||
| 61 | 61 | ||
| 62 | CC= cc | 62 | CC= cc |
| 63 | CFLAG= -O | 63 | CFLAG= -O |
| 64 | DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED -DOPENSSL_NO_TLSEXT | 64 | DEPFLAG= -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_CMS -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SEED |
| 65 | PEX_LIBS= | 65 | PEX_LIBS= |
| 66 | EX_LIBS= | 66 | EX_LIBS= |
| 67 | EXE_EXT= | 67 | EXE_EXT= |
| 68 | ARFLAGS= | 68 | ARFLAGS= |
| 69 | AR=ar $(ARFLAGS) r | 69 | AR=ar $(ARFLAGS) r |
| 70 | ARD=ar $(ARFLAGS) d | ||
| 70 | RANLIB= /usr/bin/ranlib | 71 | RANLIB= /usr/bin/ranlib |
| 71 | PERL= /usr/bin/perl | 72 | PERL= /usr/bin/perl |
| 72 | TAR= tar | 73 | TAR= tar |
| @@ -106,7 +107,33 @@ LIBKRB5= | |||
| 106 | ZLIB_INCLUDE= | 107 | ZLIB_INCLUDE= |
| 107 | LIBZLIB= | 108 | LIBZLIB= |
| 108 | 109 | ||
| 109 | DIRS= crypto ssl engines apps test tools | 110 | # This is the location of fipscanister.o and friends. |
| 111 | # The FIPS module build will place it $(INSTALLTOP)/lib | ||
| 112 | # but since $(INSTALLTOP) can only take the default value | ||
| 113 | # when the module is built it will be in /usr/local/ssl/lib | ||
| 114 | # $(INSTALLTOP) for this build make be different so hard | ||
| 115 | # code the path. | ||
| 116 | |||
| 117 | FIPSLIBDIR=/usr/local/ssl/fips-1.0/lib/ | ||
| 118 | |||
| 119 | # This is set to "y" if fipscanister.o is compiled internally as | ||
| 120 | # opposed to coming from an external validated location. | ||
| 121 | |||
| 122 | FIPSCANISTERINTERNAL=n | ||
| 123 | |||
| 124 | # The location of the library which contains fipscanister.o | ||
| 125 | # normally it will be libcrypto unless fipsdso is set in which | ||
| 126 | # case it will be libfips. If not compiling in FIPS mode at all | ||
| 127 | # this is empty making it a useful test for a FIPS compile. | ||
| 128 | |||
| 129 | FIPSCANLIB= | ||
| 130 | |||
| 131 | # Shared library base address. Currently only used on Windows. | ||
| 132 | # | ||
| 133 | |||
| 134 | BASEADDR=0xFB00000 | ||
| 135 | |||
| 136 | DIRS= crypto fips ssl engines apps test tools | ||
| 110 | SHLIBDIRS= crypto ssl | 137 | SHLIBDIRS= crypto ssl |
| 111 | 138 | ||
| 112 | # dirs in crypto to build | 139 | # dirs in crypto to build |
| @@ -140,6 +167,7 @@ WDIRS= windows | |||
| 140 | LIBS= libcrypto.a libssl.a | 167 | LIBS= libcrypto.a libssl.a |
| 141 | SHARED_CRYPTO=libcrypto$(SHLIB_EXT) | 168 | SHARED_CRYPTO=libcrypto$(SHLIB_EXT) |
| 142 | SHARED_SSL=libssl$(SHLIB_EXT) | 169 | SHARED_SSL=libssl$(SHLIB_EXT) |
| 170 | SHARED_FIPS= | ||
| 143 | SHARED_LIBS= | 171 | SHARED_LIBS= |
| 144 | SHARED_LIBS_LINK_EXTS= | 172 | SHARED_LIBS_LINK_EXTS= |
| 145 | SHARED_LDFLAGS= | 173 | SHARED_LDFLAGS= |
| @@ -193,6 +221,10 @@ BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ | |||
| 193 | SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \ | 221 | SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \ |
| 194 | MD5_ASM_OBJ='${MD5_ASM_OBJ}' \ | 222 | MD5_ASM_OBJ='${MD5_ASM_OBJ}' \ |
| 195 | RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' \ | 223 | RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' \ |
| 224 | FIPSLIBDIR='${FIPSLIBDIR}' \ | ||
| 225 | FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \ | ||
| 226 | FIPSCANISTERINTERNAL='${FIPSCANISTERINTERNAL}' \ | ||
| 227 | FIPS_EX_OBJ='${FIPS_EX_OBJ}' \ | ||
| 196 | THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES= | 228 | THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES= |
| 197 | # MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors, | 229 | # MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors, |
| 198 | # which in turn eliminates ambiguities in variable treatment with -e. | 230 | # which in turn eliminates ambiguities in variable treatment with -e. |
| @@ -211,7 +243,8 @@ BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ | |||
| 211 | # subdirectories defined in $(DIRS). It requires that the target | 243 | # subdirectories defined in $(DIRS). It requires that the target |
| 212 | # is given through the shell variable `target'. | 244 | # is given through the shell variable `target'. |
| 213 | BUILD_CMD= if [ -d "$$dir" ]; then \ | 245 | BUILD_CMD= if [ -d "$$dir" ]; then \ |
| 214 | ( cd $$dir && echo "making $$target in $$dir..." && \ | 246 | ( [ $$target != all -a -z "$(FIPSCANLIB)" ] && FIPSCANLIB=/dev/null; \ |
| 247 | cd $$dir && echo "making $$target in $$dir..." && \ | ||
| 215 | $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \ | 248 | $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \ |
| 216 | ) || exit 1; \ | 249 | ) || exit 1; \ |
| 217 | fi | 250 | fi |
| @@ -224,13 +257,84 @@ BUILD_ONE_CMD=\ | |||
| 224 | reflect: | 257 | reflect: |
| 225 | @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV) | 258 | @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV) |
| 226 | 259 | ||
| 260 | FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \ | ||
| 261 | ../crypto/aes/aes_ecb.o \ | ||
| 262 | ../crypto/aes/aes_ofb.o \ | ||
| 263 | ../crypto/bn/bn_add.o \ | ||
| 264 | ../crypto/bn/bn_blind.o \ | ||
| 265 | ../crypto/bn/bn_ctx.o \ | ||
| 266 | ../crypto/bn/bn_div.o \ | ||
| 267 | ../crypto/bn/bn_exp2.o \ | ||
| 268 | ../crypto/bn/bn_exp.o \ | ||
| 269 | ../crypto/bn/bn_gcd.o \ | ||
| 270 | ../crypto/bn/bn_lib.o \ | ||
| 271 | ../crypto/bn/bn_mod.o \ | ||
| 272 | ../crypto/bn/bn_mont.o \ | ||
| 273 | ../crypto/bn/bn_mul.o \ | ||
| 274 | ../crypto/bn/bn_prime.o \ | ||
| 275 | ../crypto/bn/bn_rand.o \ | ||
| 276 | ../crypto/bn/bn_recp.o \ | ||
| 277 | ../crypto/bn/bn_shift.o \ | ||
| 278 | ../crypto/bn/bn_sqr.o \ | ||
| 279 | ../crypto/bn/bn_word.o \ | ||
| 280 | ../crypto/bn/bn_x931p.o \ | ||
| 281 | ../crypto/buffer/buf_str.o \ | ||
| 282 | ../crypto/cryptlib.o \ | ||
| 283 | ../crypto/des/cfb64ede.o \ | ||
| 284 | ../crypto/des/cfb64enc.o \ | ||
| 285 | ../crypto/des/cfb_enc.o \ | ||
| 286 | ../crypto/des/ecb3_enc.o \ | ||
| 287 | ../crypto/des/ecb_enc.o \ | ||
| 288 | ../crypto/des/ofb64ede.o \ | ||
| 289 | ../crypto/des/ofb64enc.o \ | ||
| 290 | ../crypto/des/fcrypt.o \ | ||
| 291 | ../crypto/des/set_key.o \ | ||
| 292 | ../crypto/dsa/dsa_utl.o \ | ||
| 293 | ../crypto/dsa/dsa_sign.o \ | ||
| 294 | ../crypto/dsa/dsa_vrf.o \ | ||
| 295 | ../crypto/err/err.o \ | ||
| 296 | ../crypto/evp/digest.o \ | ||
| 297 | ../crypto/evp/enc_min.o \ | ||
| 298 | ../crypto/evp/e_aes.o \ | ||
| 299 | ../crypto/evp/e_des3.o \ | ||
| 300 | ../crypto/evp/p_sign.o \ | ||
| 301 | ../crypto/evp/p_verify.o \ | ||
| 302 | ../crypto/mem_clr.o \ | ||
| 303 | ../crypto/mem.o \ | ||
| 304 | ../crypto/rand/md_rand.o \ | ||
| 305 | ../crypto/rand/rand_egd.o \ | ||
| 306 | ../crypto/rand/randfile.o \ | ||
| 307 | ../crypto/rand/rand_lib.o \ | ||
| 308 | ../crypto/rand/rand_os2.o \ | ||
| 309 | ../crypto/rand/rand_unix.o \ | ||
| 310 | ../crypto/rand/rand_win.o \ | ||
| 311 | ../crypto/rsa/rsa_lib.o \ | ||
| 312 | ../crypto/rsa/rsa_none.o \ | ||
| 313 | ../crypto/rsa/rsa_oaep.o \ | ||
| 314 | ../crypto/rsa/rsa_pk1.o \ | ||
| 315 | ../crypto/rsa/rsa_pss.o \ | ||
| 316 | ../crypto/rsa/rsa_ssl.o \ | ||
| 317 | ../crypto/rsa/rsa_x931.o \ | ||
| 318 | ../crypto/sha/sha1dgst.o \ | ||
| 319 | ../crypto/sha/sha256.o \ | ||
| 320 | ../crypto/sha/sha512.o \ | ||
| 321 | ../crypto/uid.o | ||
| 322 | |||
| 227 | sub_all: build_all | 323 | sub_all: build_all |
| 228 | build_all: build_libs build_apps build_tests build_tools | 324 | build_all: build_libs build_apps build_tests build_tools |
| 229 | 325 | ||
| 230 | build_libs: build_crypto build_ssl build_engines | 326 | build_libs: build_crypto build_fips build_ssl build_shared build_engines |
| 231 | 327 | ||
| 232 | build_crypto: | 328 | build_crypto: |
| 233 | @dir=crypto; target=all; $(BUILD_ONE_CMD) | 329 | if [ -n "$(FIPSCANLIB)" ]; then \ |
| 330 | EXCL_OBJ='$(AES_ASM_OBJ) $(BN_ASM) $(DES_ENC) $(CPUID_OBJ) $(SHA1_ASM_OBJ) $(FIPS_EX_OBJ)' ; export EXCL_OBJ ; \ | ||
| 331 | ARX='$(PERL) $${TOP}/util/arx.pl $(AR)' ; \ | ||
| 332 | else \ | ||
| 333 | ARX='${AR}' ; \ | ||
| 334 | fi ; export ARX ; \ | ||
| 335 | dir=crypto; target=all; $(BUILD_ONE_CMD) | ||
| 336 | build_fips: | ||
| 337 | @dir=fips; target=all; [ -z "$(FIPSCANLIB)" ] || $(BUILD_ONE_CMD) | ||
| 234 | build_ssl: | 338 | build_ssl: |
| 235 | @dir=ssl; target=all; $(BUILD_ONE_CMD) | 339 | @dir=ssl; target=all; $(BUILD_ONE_CMD) |
| 236 | build_engines: | 340 | build_engines: |
| @@ -246,9 +350,20 @@ all_testapps: build_libs build_testapps | |||
| 246 | build_testapps: | 350 | build_testapps: |
| 247 | @dir=crypto; target=testapps; $(BUILD_ONE_CMD) | 351 | @dir=crypto; target=testapps; $(BUILD_ONE_CMD) |
| 248 | 352 | ||
| 249 | libcrypto$(SHLIB_EXT): libcrypto.a | 353 | build_shared: $(SHARED_LIBS) |
| 354 | libcrypto$(SHLIB_EXT): libcrypto.a $(SHARED_FIPS) | ||
| 250 | @if [ "$(SHLIB_TARGET)" != "" ]; then \ | 355 | @if [ "$(SHLIB_TARGET)" != "" ]; then \ |
| 251 | $(MAKE) SHLIBDIRS=crypto build-shared; \ | 356 | if [ "$(FIPSCANLIB)" = "libfips" ]; then \ |
| 357 | $(ARD) libcrypto.a fipscanister.o ; \ | ||
| 358 | $(MAKE) SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \ | ||
| 359 | $(AR) libcrypto.a fips/fipscanister.o ; \ | ||
| 360 | else \ | ||
| 361 | if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \ | ||
| 362 | FIPSLD_CC=$(CC); CC=fips/fipsld; \ | ||
| 363 | export CC FIPSLD_CC; \ | ||
| 364 | fi; \ | ||
| 365 | $(MAKE) -e SHLIBDIRS='crypto' build-shared; \ | ||
| 366 | fi \ | ||
| 252 | else \ | 367 | else \ |
| 253 | echo "There's no support for shared libraries on this platform" >&2; \ | 368 | echo "There's no support for shared libraries on this platform" >&2; \ |
| 254 | exit 1; \ | 369 | exit 1; \ |
| @@ -256,12 +371,32 @@ libcrypto$(SHLIB_EXT): libcrypto.a | |||
| 256 | 371 | ||
| 257 | libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a | 372 | libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a |
| 258 | @if [ "$(SHLIB_TARGET)" != "" ]; then \ | 373 | @if [ "$(SHLIB_TARGET)" != "" ]; then \ |
| 259 | $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \ | 374 | shlibdeps=-lcrypto; \ |
| 375 | [ "$(FIPSCANLIB)" = "libfips" ] && shlibdeps="$$shlibdeps -lfips"; \ | ||
| 376 | $(MAKE) SHLIBDIRS=ssl SHLIBDEPS="$$shlibdeps" build-shared; \ | ||
| 377 | else \ | ||
| 378 | echo "There's no support for shared libraries on this platform" >&2 ; \ | ||
| 379 | exit 1; \ | ||
| 380 | fi | ||
| 381 | |||
| 382 | fips/fipscanister.o: build_fips | ||
| 383 | libfips$(SHLIB_EXT): fips/fipscanister.o | ||
| 384 | @if [ "$(SHLIB_TARGET)" != "" ]; then \ | ||
| 385 | FIPSLD_CC=$(CC); CC=fips/fipsld; export CC FIPSLD_CC; \ | ||
| 386 | $(MAKE) -f Makefile.shared -e $(BUILDENV) \ | ||
| 387 | CC=$${CC} LIBNAME=fips THIS=$@ \ | ||
| 388 | LIBEXTRAS=fips/fipscanister.o \ | ||
| 389 | LIBDEPS="$(EX_LIBS)" \ | ||
| 390 | LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \ | ||
| 391 | link_o.$(SHLIB_TARGET) || { rm -f $@; exit 1; } \ | ||
| 260 | else \ | 392 | else \ |
| 261 | echo "There's no support for shared libraries on this platform" >&2; \ | 393 | echo "There's no support for shared libraries on this platform" >&2; \ |
| 262 | exit 1; \ | 394 | exit 1; \ |
| 263 | fi | 395 | fi |
| 264 | 396 | ||
| 397 | libfips.a: | ||
| 398 | dir=fips; target=all; $(BUILD_ONE_CMD) | ||
| 399 | |||
| 265 | clean-shared: | 400 | clean-shared: |
| 266 | @set -e; for i in $(SHLIBDIRS); do \ | 401 | @set -e; for i in $(SHLIBDIRS); do \ |
| 267 | if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \ | 402 | if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \ |
diff --git a/src/lib/libssl/src/Makefile.org b/src/lib/libssl/src/Makefile.org index 22b1699257..4be7dad7d6 100644 --- a/src/lib/libssl/src/Makefile.org +++ b/src/lib/libssl/src/Makefile.org | |||
| @@ -65,6 +65,7 @@ EX_LIBS= | |||
| 65 | EXE_EXT= | 65 | EXE_EXT= |
| 66 | ARFLAGS= | 66 | ARFLAGS= |
| 67 | AR=ar $(ARFLAGS) r | 67 | AR=ar $(ARFLAGS) r |
| 68 | ARD=ar $(ARFLAGS) d | ||
| 68 | RANLIB= ranlib | 69 | RANLIB= ranlib |
| 69 | PERL= perl | 70 | PERL= perl |
| 70 | TAR= tar | 71 | TAR= tar |
| @@ -104,8 +105,34 @@ LIBKRB5= | |||
| 104 | ZLIB_INCLUDE= | 105 | ZLIB_INCLUDE= |
| 105 | LIBZLIB= | 106 | LIBZLIB= |
| 106 | 107 | ||
| 107 | DIRS= crypto ssl engines apps test tools | 108 | # This is the location of fipscanister.o and friends. |
| 108 | SHLIBDIRS= crypto ssl | 109 | # The FIPS module build will place it $(INSTALLTOP)/lib |
| 110 | # but since $(INSTALLTOP) can only take the default value | ||
| 111 | # when the module is built it will be in /usr/local/ssl/lib | ||
| 112 | # $(INSTALLTOP) for this build make be different so hard | ||
| 113 | # code the path. | ||
| 114 | |||
| 115 | FIPSLIBDIR=/usr/local/ssl/lib/ | ||
| 116 | |||
| 117 | # This is set to "y" if fipscanister.o is compiled internally as | ||
| 118 | # opposed to coming from an external validated location. | ||
| 119 | |||
| 120 | FIPSCANISTERINTERNAL=n | ||
| 121 | |||
| 122 | # The location of the library which contains fipscanister.o | ||
| 123 | # normally it will be libcrypto unless fipsdso is set in which | ||
| 124 | # case it will be libfips. If not compiling in FIPS mode at all | ||
| 125 | # this is empty making it a useful test for a FIPS compile. | ||
| 126 | |||
| 127 | FIPSCANLIB= | ||
| 128 | |||
| 129 | # Shared library base address. Currently only used on Windows. | ||
| 130 | # | ||
| 131 | |||
| 132 | BASEADDR= | ||
| 133 | |||
| 134 | DIRS= crypto fips ssl engines apps test tools | ||
| 135 | SHLIBDIRS= crypto ssl fips | ||
| 109 | 136 | ||
| 110 | # dirs in crypto to build | 137 | # dirs in crypto to build |
| 111 | SDIRS= \ | 138 | SDIRS= \ |
| @@ -115,7 +142,7 @@ SDIRS= \ | |||
| 115 | bn ec rsa dsa ecdsa dh ecdh dso engine \ | 142 | bn ec rsa dsa ecdsa dh ecdh dso engine \ |
| 116 | buffer bio stack lhash rand err \ | 143 | buffer bio stack lhash rand err \ |
| 117 | evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ | 144 | evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ |
| 118 | store cms pqueue | 145 | store cms pqueue jpake |
| 119 | # keep in mind that the above list is adjusted by ./Configure | 146 | # keep in mind that the above list is adjusted by ./Configure |
| 120 | # according to no-xxx arguments... | 147 | # according to no-xxx arguments... |
| 121 | 148 | ||
| @@ -138,6 +165,7 @@ WDIRS= windows | |||
| 138 | LIBS= libcrypto.a libssl.a | 165 | LIBS= libcrypto.a libssl.a |
| 139 | SHARED_CRYPTO=libcrypto$(SHLIB_EXT) | 166 | SHARED_CRYPTO=libcrypto$(SHLIB_EXT) |
| 140 | SHARED_SSL=libssl$(SHLIB_EXT) | 167 | SHARED_SSL=libssl$(SHLIB_EXT) |
| 168 | SHARED_FIPS= | ||
| 141 | SHARED_LIBS= | 169 | SHARED_LIBS= |
| 142 | SHARED_LIBS_LINK_EXTS= | 170 | SHARED_LIBS_LINK_EXTS= |
| 143 | SHARED_LDFLAGS= | 171 | SHARED_LDFLAGS= |
| @@ -191,6 +219,10 @@ BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ | |||
| 191 | SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \ | 219 | SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' \ |
| 192 | MD5_ASM_OBJ='${MD5_ASM_OBJ}' \ | 220 | MD5_ASM_OBJ='${MD5_ASM_OBJ}' \ |
| 193 | RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' \ | 221 | RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' \ |
| 222 | FIPSLIBDIR='${FIPSLIBDIR}' \ | ||
| 223 | FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}" \ | ||
| 224 | FIPSCANISTERINTERNAL='${FIPSCANISTERINTERNAL}' \ | ||
| 225 | FIPS_EX_OBJ='${FIPS_EX_OBJ}' \ | ||
| 194 | THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES= | 226 | THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES= |
| 195 | # MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors, | 227 | # MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors, |
| 196 | # which in turn eliminates ambiguities in variable treatment with -e. | 228 | # which in turn eliminates ambiguities in variable treatment with -e. |
| @@ -209,7 +241,8 @@ BUILDENV= PLATFORM='${PLATFORM}' PROCESSOR='${PROCESSOR}' \ | |||
| 209 | # subdirectories defined in $(DIRS). It requires that the target | 241 | # subdirectories defined in $(DIRS). It requires that the target |
| 210 | # is given through the shell variable `target'. | 242 | # is given through the shell variable `target'. |
| 211 | BUILD_CMD= if [ -d "$$dir" ]; then \ | 243 | BUILD_CMD= if [ -d "$$dir" ]; then \ |
| 212 | ( cd $$dir && echo "making $$target in $$dir..." && \ | 244 | ( [ $$target != all -a -z "$(FIPSCANLIB)" ] && FIPSCANLIB=/dev/null; \ |
| 245 | cd $$dir && echo "making $$target in $$dir..." && \ | ||
| 213 | $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \ | 246 | $(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \ |
| 214 | ) || exit 1; \ | 247 | ) || exit 1; \ |
| 215 | fi | 248 | fi |
| @@ -222,13 +255,84 @@ BUILD_ONE_CMD=\ | |||
| 222 | reflect: | 255 | reflect: |
| 223 | @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV) | 256 | @[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV) |
| 224 | 257 | ||
| 258 | FIPS_EX_OBJ= ../crypto/aes/aes_cfb.o \ | ||
| 259 | ../crypto/aes/aes_ecb.o \ | ||
| 260 | ../crypto/aes/aes_ofb.o \ | ||
| 261 | ../crypto/bn/bn_add.o \ | ||
| 262 | ../crypto/bn/bn_blind.o \ | ||
| 263 | ../crypto/bn/bn_ctx.o \ | ||
| 264 | ../crypto/bn/bn_div.o \ | ||
| 265 | ../crypto/bn/bn_exp2.o \ | ||
| 266 | ../crypto/bn/bn_exp.o \ | ||
| 267 | ../crypto/bn/bn_gcd.o \ | ||
| 268 | ../crypto/bn/bn_lib.o \ | ||
| 269 | ../crypto/bn/bn_mod.o \ | ||
| 270 | ../crypto/bn/bn_mont.o \ | ||
| 271 | ../crypto/bn/bn_mul.o \ | ||
| 272 | ../crypto/bn/bn_prime.o \ | ||
| 273 | ../crypto/bn/bn_rand.o \ | ||
| 274 | ../crypto/bn/bn_recp.o \ | ||
| 275 | ../crypto/bn/bn_shift.o \ | ||
| 276 | ../crypto/bn/bn_sqr.o \ | ||
| 277 | ../crypto/bn/bn_word.o \ | ||
| 278 | ../crypto/bn/bn_x931p.o \ | ||
| 279 | ../crypto/buffer/buf_str.o \ | ||
| 280 | ../crypto/cryptlib.o \ | ||
| 281 | ../crypto/des/cfb64ede.o \ | ||
| 282 | ../crypto/des/cfb64enc.o \ | ||
| 283 | ../crypto/des/cfb_enc.o \ | ||
| 284 | ../crypto/des/ecb3_enc.o \ | ||
| 285 | ../crypto/des/ecb_enc.o \ | ||
| 286 | ../crypto/des/ofb64ede.o \ | ||
| 287 | ../crypto/des/ofb64enc.o \ | ||
| 288 | ../crypto/des/fcrypt.o \ | ||
| 289 | ../crypto/des/set_key.o \ | ||
| 290 | ../crypto/dsa/dsa_utl.o \ | ||
| 291 | ../crypto/dsa/dsa_sign.o \ | ||
| 292 | ../crypto/dsa/dsa_vrf.o \ | ||
| 293 | ../crypto/err/err.o \ | ||
| 294 | ../crypto/evp/digest.o \ | ||
| 295 | ../crypto/evp/enc_min.o \ | ||
| 296 | ../crypto/evp/e_aes.o \ | ||
| 297 | ../crypto/evp/e_des3.o \ | ||
| 298 | ../crypto/evp/p_sign.o \ | ||
| 299 | ../crypto/evp/p_verify.o \ | ||
| 300 | ../crypto/mem_clr.o \ | ||
| 301 | ../crypto/mem.o \ | ||
| 302 | ../crypto/rand/md_rand.o \ | ||
| 303 | ../crypto/rand/rand_egd.o \ | ||
| 304 | ../crypto/rand/randfile.o \ | ||
| 305 | ../crypto/rand/rand_lib.o \ | ||
| 306 | ../crypto/rand/rand_os2.o \ | ||
| 307 | ../crypto/rand/rand_unix.o \ | ||
| 308 | ../crypto/rand/rand_win.o \ | ||
| 309 | ../crypto/rsa/rsa_lib.o \ | ||
| 310 | ../crypto/rsa/rsa_none.o \ | ||
| 311 | ../crypto/rsa/rsa_oaep.o \ | ||
| 312 | ../crypto/rsa/rsa_pk1.o \ | ||
| 313 | ../crypto/rsa/rsa_pss.o \ | ||
| 314 | ../crypto/rsa/rsa_ssl.o \ | ||
| 315 | ../crypto/rsa/rsa_x931.o \ | ||
| 316 | ../crypto/sha/sha1dgst.o \ | ||
| 317 | ../crypto/sha/sha256.o \ | ||
| 318 | ../crypto/sha/sha512.o \ | ||
| 319 | ../crypto/uid.o | ||
| 320 | |||
| 225 | sub_all: build_all | 321 | sub_all: build_all |
| 226 | build_all: build_libs build_apps build_tests build_tools | 322 | build_all: build_libs build_apps build_tests build_tools |
| 227 | 323 | ||
| 228 | build_libs: build_crypto build_ssl build_engines | 324 | build_libs: build_crypto build_fips build_ssl build_shared build_engines |
| 229 | 325 | ||
| 230 | build_crypto: | 326 | build_crypto: |
| 231 | @dir=crypto; target=all; $(BUILD_ONE_CMD) | 327 | if [ -n "$(FIPSCANLIB)" ]; then \ |
| 328 | EXCL_OBJ='$(AES_ASM_OBJ) $(BN_ASM) $(DES_ENC) $(CPUID_OBJ) $(SHA1_ASM_OBJ) $(FIPS_EX_OBJ)' ; export EXCL_OBJ ; \ | ||
| 329 | ARX='$(PERL) $${TOP}/util/arx.pl $(AR)' ; \ | ||
| 330 | else \ | ||
| 331 | ARX='${AR}' ; \ | ||
| 332 | fi ; export ARX ; \ | ||
| 333 | dir=crypto; target=all; $(BUILD_ONE_CMD) | ||
| 334 | build_fips: | ||
| 335 | @dir=fips; target=all; [ -z "$(FIPSCANLIB)" ] || $(BUILD_ONE_CMD) | ||
| 232 | build_ssl: | 336 | build_ssl: |
| 233 | @dir=ssl; target=all; $(BUILD_ONE_CMD) | 337 | @dir=ssl; target=all; $(BUILD_ONE_CMD) |
| 234 | build_engines: | 338 | build_engines: |
| @@ -244,9 +348,20 @@ all_testapps: build_libs build_testapps | |||
| 244 | build_testapps: | 348 | build_testapps: |
| 245 | @dir=crypto; target=testapps; $(BUILD_ONE_CMD) | 349 | @dir=crypto; target=testapps; $(BUILD_ONE_CMD) |
| 246 | 350 | ||
| 247 | libcrypto$(SHLIB_EXT): libcrypto.a | 351 | build_shared: $(SHARED_LIBS) |
| 352 | libcrypto$(SHLIB_EXT): libcrypto.a $(SHARED_FIPS) | ||
| 248 | @if [ "$(SHLIB_TARGET)" != "" ]; then \ | 353 | @if [ "$(SHLIB_TARGET)" != "" ]; then \ |
| 249 | $(MAKE) SHLIBDIRS=crypto build-shared; \ | 354 | if [ "$(FIPSCANLIB)" = "libfips" ]; then \ |
| 355 | $(ARD) libcrypto.a fipscanister.o ; \ | ||
| 356 | $(MAKE) SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \ | ||
| 357 | $(AR) libcrypto.a fips/fipscanister.o ; \ | ||
| 358 | else \ | ||
| 359 | if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \ | ||
| 360 | FIPSLD_CC=$(CC); CC=fips/fipsld; \ | ||
| 361 | export CC FIPSLD_CC; \ | ||
| 362 | fi; \ | ||
| 363 | $(MAKE) -e SHLIBDIRS='crypto' build-shared; \ | ||
| 364 | fi \ | ||
| 250 | else \ | 365 | else \ |
| 251 | echo "There's no support for shared libraries on this platform" >&2; \ | 366 | echo "There's no support for shared libraries on this platform" >&2; \ |
| 252 | exit 1; \ | 367 | exit 1; \ |
| @@ -254,12 +369,32 @@ libcrypto$(SHLIB_EXT): libcrypto.a | |||
| 254 | 369 | ||
| 255 | libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a | 370 | libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a |
| 256 | @if [ "$(SHLIB_TARGET)" != "" ]; then \ | 371 | @if [ "$(SHLIB_TARGET)" != "" ]; then \ |
| 257 | $(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \ | 372 | shlibdeps=-lcrypto; \ |
| 373 | [ "$(FIPSCANLIB)" = "libfips" ] && shlibdeps="$$shlibdeps -lfips"; \ | ||
| 374 | $(MAKE) SHLIBDIRS=ssl SHLIBDEPS="$$shlibdeps" build-shared; \ | ||
| 375 | else \ | ||
| 376 | echo "There's no support for shared libraries on this platform" >&2 ; \ | ||
| 377 | exit 1; \ | ||
| 378 | fi | ||
| 379 | |||
| 380 | fips/fipscanister.o: build_fips | ||
| 381 | libfips$(SHLIB_EXT): fips/fipscanister.o | ||
| 382 | @if [ "$(SHLIB_TARGET)" != "" ]; then \ | ||
| 383 | FIPSLD_CC=$(CC); CC=fips/fipsld; export CC FIPSLD_CC; \ | ||
| 384 | $(MAKE) -f Makefile.shared -e $(BUILDENV) \ | ||
| 385 | CC=$${CC} LIBNAME=fips THIS=$@ \ | ||
| 386 | LIBEXTRAS=fips/fipscanister.o \ | ||
| 387 | LIBDEPS="$(EX_LIBS)" \ | ||
| 388 | LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \ | ||
| 389 | link_o.$(SHLIB_TARGET) || { rm -f $@; exit 1; } \ | ||
| 258 | else \ | 390 | else \ |
| 259 | echo "There's no support for shared libraries on this platform" >&2; \ | 391 | echo "There's no support for shared libraries on this platform" >&2; \ |
| 260 | exit 1; \ | 392 | exit 1; \ |
| 261 | fi | 393 | fi |
| 262 | 394 | ||
| 395 | libfips.a: | ||
| 396 | dir=fips; target=all; $(BUILD_ONE_CMD) | ||
| 397 | |||
| 263 | clean-shared: | 398 | clean-shared: |
| 264 | @set -e; for i in $(SHLIBDIRS); do \ | 399 | @set -e; for i in $(SHLIBDIRS); do \ |
| 265 | if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \ | 400 | if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \ |
diff --git a/src/lib/libssl/src/NEWS b/src/lib/libssl/src/NEWS index 40ded1aebf..322c3848f2 100644 --- a/src/lib/libssl/src/NEWS +++ b/src/lib/libssl/src/NEWS | |||
| @@ -5,8 +5,21 @@ | |||
| 5 | This file gives a brief overview of the major changes between each OpenSSL | 5 | This file gives a brief overview of the major changes between each OpenSSL |
| 6 | release. For more details please read the CHANGES file. | 6 | release. For more details please read the CHANGES file. |
| 7 | 7 | ||
| 8 | Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j: | ||
| 9 | |||
| 10 | o Fix security issue (CVE-2008-5077) | ||
| 11 | o Merge FIPS 140-2 branch code. | ||
| 12 | |||
| 13 | Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h: | ||
| 14 | |||
| 15 | o CryptoAPI ENGINE support. | ||
| 16 | o Various precautionary measures. | ||
| 17 | o Fix for bugs affecting certificate request creation. | ||
| 18 | o Support for local machine keyset attribute in PKCS#12 files. | ||
| 19 | |||
| 8 | Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g: | 20 | Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g: |
| 9 | 21 | ||
| 22 | o Backport of CMS functionality to 0.9.8. | ||
| 10 | o Fixes for bugs introduced with 0.9.8f. | 23 | o Fixes for bugs introduced with 0.9.8f. |
| 11 | 24 | ||
| 12 | Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f: | 25 | Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f: |
diff --git a/src/lib/libssl/src/README b/src/lib/libssl/src/README index df02ae076d..b3baac4a36 100644 --- a/src/lib/libssl/src/README +++ b/src/lib/libssl/src/README | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | 1 | ||
| 2 | OpenSSL 0.9.8h | 2 | OpenSSL 0.9.8j |
| 3 | 3 | ||
| 4 | Copyright (c) 1998-2008 The OpenSSL Project | 4 | Copyright (c) 1998-2008 The OpenSSL Project |
| 5 | Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson | 5 | Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson |
diff --git a/src/lib/libssl/src/apps/Makefile b/src/lib/libssl/src/apps/Makefile index 92ae515b44..402981aede 100644 --- a/src/lib/libssl/src/apps/Makefile +++ b/src/lib/libssl/src/apps/Makefile | |||
| @@ -152,10 +152,13 @@ $(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL) | |||
| 152 | $(RM) $(EXE) | 152 | $(RM) $(EXE) |
| 153 | shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ | 153 | shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ |
| 154 | shlib_target="$(SHLIB_TARGET)"; \ | 154 | shlib_target="$(SHLIB_TARGET)"; \ |
| 155 | elif [ -n "$(FIPSCANLIB)" ]; then \ | ||
| 156 | FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \ | ||
| 155 | fi; \ | 157 | fi; \ |
| 156 | LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \ | 158 | LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \ |
| 159 | [ "x$(FIPSCANLIB)" = "xlibfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \ | ||
| 157 | $(MAKE) -f $(TOP)/Makefile.shared -e \ | 160 | $(MAKE) -f $(TOP)/Makefile.shared -e \ |
| 158 | APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \ | 161 | CC=$${CC} APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \ |
| 159 | LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ | 162 | LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ |
| 160 | link_app.$${shlib_target} | 163 | link_app.$${shlib_target} |
| 161 | -(cd ..; \ | 164 | -(cd ..; \ |
| @@ -173,65 +176,66 @@ app_rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h | |||
| 173 | app_rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 176 | app_rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 174 | app_rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 177 | app_rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 175 | app_rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 178 | app_rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 176 | app_rand.o: ../include/openssl/evp.h ../include/openssl/lhash.h | 179 | app_rand.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 177 | app_rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 180 | app_rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 178 | app_rand.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 181 | app_rand.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 179 | app_rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 182 | app_rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 180 | app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h | 183 | app_rand.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h |
| 181 | app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 184 | app_rand.o: ../include/openssl/rand.h ../include/openssl/safestack.h |
| 182 | app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 185 | app_rand.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 183 | app_rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 186 | app_rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 184 | app_rand.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h | 187 | app_rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 185 | app_rand.o: app_rand.c apps.h | 188 | app_rand.o: ../include/openssl/x509v3.h app_rand.c apps.h |
| 186 | apps.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 189 | apps.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 187 | apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 190 | apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 188 | apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 191 | apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| 189 | apps.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 192 | apps.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 190 | apps.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 193 | apps.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 191 | apps.o: ../include/openssl/engine.h ../include/openssl/err.h | 194 | apps.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 192 | apps.o: ../include/openssl/evp.h ../include/openssl/lhash.h | 195 | apps.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 193 | apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 196 | apps.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 194 | apps.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 197 | apps.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 195 | apps.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 198 | apps.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 196 | apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 199 | apps.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 197 | apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h | 200 | apps.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h |
| 198 | apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 201 | apps.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h |
| 199 | apps.o: ../include/openssl/sha.h ../include/openssl/stack.h | 202 | apps.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 200 | apps.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 203 | apps.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 201 | apps.o: ../include/openssl/ui.h ../include/openssl/x509.h | 204 | apps.o: ../include/openssl/txt_db.h ../include/openssl/ui.h |
| 202 | apps.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.c apps.h | 205 | apps.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 206 | apps.o: ../include/openssl/x509v3.h apps.c apps.h | ||
| 203 | asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 207 | asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 204 | asn1pars.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 208 | asn1pars.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 205 | asn1pars.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 209 | asn1pars.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 206 | asn1pars.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 210 | asn1pars.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 207 | asn1pars.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 211 | asn1pars.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 208 | asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h | 212 | asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 209 | asn1pars.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 213 | asn1pars.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 210 | asn1pars.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 214 | asn1pars.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 211 | asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 215 | asn1pars.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 212 | asn1pars.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 216 | asn1pars.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 213 | asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 217 | asn1pars.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 214 | asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 218 | asn1pars.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 215 | asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 219 | asn1pars.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 216 | asn1pars.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 220 | asn1pars.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 217 | asn1pars.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h | 221 | asn1pars.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 218 | asn1pars.o: asn1pars.c | 222 | asn1pars.o: ../include/openssl/x509v3.h apps.h asn1pars.c |
| 219 | ca.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 223 | ca.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 220 | ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 224 | ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 221 | ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 225 | ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| 222 | ca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 226 | ca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 223 | ca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 227 | ca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 224 | ca.o: ../include/openssl/engine.h ../include/openssl/err.h | 228 | ca.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 225 | ca.o: ../include/openssl/evp.h ../include/openssl/lhash.h | 229 | ca.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 226 | ca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 230 | ca.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 227 | ca.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 231 | ca.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 228 | ca.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 232 | ca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 229 | ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 233 | ca.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 230 | ca.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h | 234 | ca.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 231 | ca.o: ../include/openssl/sha.h ../include/openssl/stack.h | 235 | ca.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 232 | ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 236 | ca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 233 | ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 237 | ca.o: ../include/openssl/txt_db.h ../include/openssl/x509.h |
| 234 | ca.o: ../include/openssl/x509v3.h apps.h ca.c | 238 | ca.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ca.c |
| 235 | ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 239 | ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 236 | ciphers.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 240 | ciphers.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 237 | ciphers.o: ../include/openssl/comp.h ../include/openssl/conf.h | 241 | ciphers.o: ../include/openssl/comp.h ../include/openssl/conf.h |
| @@ -239,7 +243,8 @@ ciphers.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h | |||
| 239 | ciphers.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 243 | ciphers.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 240 | ciphers.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 244 | ciphers.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 241 | ciphers.o: ../include/openssl/engine.h ../include/openssl/err.h | 245 | ciphers.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 242 | ciphers.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 246 | ciphers.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 247 | ciphers.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 243 | ciphers.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 248 | ciphers.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 244 | ciphers.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 249 | ciphers.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 245 | ciphers.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 250 | ciphers.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -258,62 +263,63 @@ cms.o: ../include/openssl/buffer.h ../include/openssl/conf.h | |||
| 258 | cms.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 263 | cms.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 259 | cms.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 264 | cms.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 260 | cms.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 265 | cms.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 261 | cms.o: ../include/openssl/evp.h ../include/openssl/lhash.h | 266 | cms.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 262 | cms.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 267 | cms.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 263 | cms.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 268 | cms.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 264 | cms.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 269 | cms.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 265 | cms.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h | 270 | cms.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h |
| 266 | cms.o: ../include/openssl/sha.h ../include/openssl/stack.h | 271 | cms.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 267 | cms.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 272 | cms.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 268 | cms.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 273 | cms.o: ../include/openssl/txt_db.h ../include/openssl/x509.h |
| 269 | cms.o: ../include/openssl/x509v3.h apps.h cms.c | 274 | cms.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h cms.c |
| 270 | crl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 275 | crl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 271 | crl.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 276 | crl.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 272 | crl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 277 | crl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 273 | crl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 278 | crl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 274 | crl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 279 | crl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 275 | crl.o: ../include/openssl/err.h ../include/openssl/evp.h | 280 | crl.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 276 | crl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 281 | crl.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 277 | crl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 282 | crl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 278 | crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 283 | crl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 279 | crl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 284 | crl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 280 | crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 285 | crl.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 281 | crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 286 | crl.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 282 | crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 287 | crl.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 283 | crl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 288 | crl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 284 | crl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h crl.c | 289 | crl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 290 | crl.o: ../include/openssl/x509v3.h apps.h crl.c | ||
| 285 | crl2p7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 291 | crl2p7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 286 | crl2p7.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 292 | crl2p7.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 287 | crl2p7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 293 | crl2p7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 288 | crl2p7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 294 | crl2p7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 289 | crl2p7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 295 | crl2p7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 290 | crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h | 296 | crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 291 | crl2p7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 297 | crl2p7.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 292 | crl2p7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 298 | crl2p7.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 293 | crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 299 | crl2p7.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 294 | crl2p7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 300 | crl2p7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 295 | crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 301 | crl2p7.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 296 | crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 302 | crl2p7.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 297 | crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 303 | crl2p7.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 298 | crl2p7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 304 | crl2p7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 299 | crl2p7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h | 305 | crl2p7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 300 | crl2p7.o: crl2p7.c | 306 | crl2p7.o: ../include/openssl/x509v3.h apps.h crl2p7.c |
| 301 | dgst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 307 | dgst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 302 | dgst.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 308 | dgst.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 303 | dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 309 | dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 304 | dgst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 310 | dgst.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 305 | dgst.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 311 | dgst.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 306 | dgst.o: ../include/openssl/err.h ../include/openssl/evp.h | 312 | dgst.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 307 | dgst.o: ../include/openssl/hmac.h ../include/openssl/lhash.h | 313 | dgst.o: ../include/openssl/fips.h ../include/openssl/hmac.h |
| 308 | dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 314 | dgst.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 309 | dgst.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 315 | dgst.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 310 | dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 316 | dgst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 311 | dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 317 | dgst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 312 | dgst.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h | 318 | dgst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 313 | dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h | 319 | dgst.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 314 | dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 320 | dgst.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 315 | dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 321 | dgst.o: ../include/openssl/txt_db.h ../include/openssl/x509.h |
| 316 | dgst.o: ../include/openssl/x509v3.h apps.h dgst.c | 322 | dgst.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dgst.c |
| 317 | dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 323 | dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 318 | dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 324 | dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 319 | dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 325 | dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| @@ -321,15 +327,16 @@ dh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h | |||
| 321 | dh.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 327 | dh.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 322 | dh.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 328 | dh.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 323 | dh.o: ../include/openssl/err.h ../include/openssl/evp.h | 329 | dh.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 324 | dh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 330 | dh.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 325 | dh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 331 | dh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 326 | dh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 332 | dh.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 327 | dh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 333 | dh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 328 | dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 334 | dh.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 329 | dh.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 335 | dh.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 330 | dh.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 336 | dh.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 331 | dh.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 337 | dh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 332 | dh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dh.c | 338 | dh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 339 | dh.o: ../include/openssl/x509v3.h apps.h dh.c | ||
| 333 | dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 340 | dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 334 | dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 341 | dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 335 | dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 342 | dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| @@ -337,15 +344,16 @@ dsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h | |||
| 337 | dsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 344 | dsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 338 | dsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 345 | dsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 339 | dsa.o: ../include/openssl/err.h ../include/openssl/evp.h | 346 | dsa.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 340 | dsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 347 | dsa.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 341 | dsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 348 | dsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 342 | dsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 349 | dsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 343 | dsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 350 | dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 344 | dsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 351 | dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 345 | dsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 352 | dsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 346 | dsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 353 | dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 347 | dsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 354 | dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 348 | dsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dsa.c | 355 | dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 356 | dsa.o: ../include/openssl/x509v3.h apps.h dsa.c | ||
| 349 | dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 357 | dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 350 | dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 358 | dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 351 | dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 359 | dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| @@ -353,65 +361,68 @@ dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h | |||
| 353 | dsaparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 361 | dsaparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 354 | dsaparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 362 | dsaparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 355 | dsaparam.o: ../include/openssl/engine.h ../include/openssl/err.h | 363 | dsaparam.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 356 | dsaparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h | 364 | dsaparam.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 357 | dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 365 | dsaparam.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 358 | dsaparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 366 | dsaparam.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 359 | dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 367 | dsaparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 360 | dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 368 | dsaparam.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 361 | dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h | 369 | dsaparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 362 | dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 370 | dsaparam.o: ../include/openssl/rand.h ../include/openssl/rsa.h |
| 363 | dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h | 371 | dsaparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 364 | dsaparam.o: ../include/openssl/store.h ../include/openssl/symhacks.h | 372 | dsaparam.o: ../include/openssl/stack.h ../include/openssl/store.h |
| 365 | dsaparam.o: ../include/openssl/txt_db.h ../include/openssl/ui.h | 373 | dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 366 | dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 374 | dsaparam.o: ../include/openssl/ui.h ../include/openssl/x509.h |
| 367 | dsaparam.o: ../include/openssl/x509v3.h apps.h dsaparam.c | 375 | dsaparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h |
| 376 | dsaparam.o: dsaparam.c | ||
| 368 | ec.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 377 | ec.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 369 | ec.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 378 | ec.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 370 | ec.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 379 | ec.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 371 | ec.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 380 | ec.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 372 | ec.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 381 | ec.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 373 | ec.o: ../include/openssl/err.h ../include/openssl/evp.h | 382 | ec.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 374 | ec.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 383 | ec.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 375 | ec.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 384 | ec.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 376 | ec.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 385 | ec.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 377 | ec.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 386 | ec.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 378 | ec.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 387 | ec.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 379 | ec.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 388 | ec.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 380 | ec.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 389 | ec.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 381 | ec.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 390 | ec.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 382 | ec.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ec.c | 391 | ec.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 392 | ec.o: ../include/openssl/x509v3.h apps.h ec.c | ||
| 383 | ecparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 393 | ecparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 384 | ecparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 394 | ecparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 385 | ecparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 395 | ecparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| 386 | ecparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 396 | ecparam.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 387 | ecparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 397 | ecparam.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 388 | ecparam.o: ../include/openssl/engine.h ../include/openssl/err.h | 398 | ecparam.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 389 | ecparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h | 399 | ecparam.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 390 | ecparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 400 | ecparam.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 391 | ecparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 401 | ecparam.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 392 | ecparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 402 | ecparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 393 | ecparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 403 | ecparam.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 394 | ecparam.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h | 404 | ecparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 395 | ecparam.o: ../include/openssl/sha.h ../include/openssl/stack.h | 405 | ecparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 396 | ecparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 406 | ecparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 397 | ecparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 407 | ecparam.o: ../include/openssl/txt_db.h ../include/openssl/x509.h |
| 398 | ecparam.o: ../include/openssl/x509v3.h apps.h ecparam.c | 408 | ecparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h |
| 409 | ecparam.o: ecparam.c | ||
| 399 | enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 410 | enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 400 | enc.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 411 | enc.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 401 | enc.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 412 | enc.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 402 | enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 413 | enc.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 403 | enc.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 414 | enc.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 404 | enc.o: ../include/openssl/err.h ../include/openssl/evp.h | 415 | enc.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 405 | enc.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 416 | enc.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 406 | enc.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 417 | enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 407 | enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 418 | enc.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 408 | enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 419 | enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 409 | enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 420 | enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 410 | enc.o: ../include/openssl/rand.h ../include/openssl/safestack.h | 421 | enc.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h |
| 411 | enc.o: ../include/openssl/sha.h ../include/openssl/stack.h | 422 | enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 412 | enc.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 423 | enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 413 | enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 424 | enc.o: ../include/openssl/txt_db.h ../include/openssl/x509.h |
| 414 | enc.o: ../include/openssl/x509v3.h apps.h enc.c | 425 | enc.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h enc.c |
| 415 | engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 426 | engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 416 | engine.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 427 | engine.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 417 | engine.o: ../include/openssl/comp.h ../include/openssl/conf.h | 428 | engine.o: ../include/openssl/comp.h ../include/openssl/conf.h |
| @@ -419,7 +430,8 @@ engine.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h | |||
| 419 | engine.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 430 | engine.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 420 | engine.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 431 | engine.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 421 | engine.o: ../include/openssl/engine.h ../include/openssl/err.h | 432 | engine.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 422 | engine.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 433 | engine.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 434 | engine.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 423 | engine.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 435 | engine.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 424 | engine.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 436 | engine.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 425 | engine.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 437 | engine.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -440,7 +452,8 @@ errstr.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h | |||
| 440 | errstr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 452 | errstr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 441 | errstr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 453 | errstr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 442 | errstr.o: ../include/openssl/engine.h ../include/openssl/err.h | 454 | errstr.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 443 | errstr.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 455 | errstr.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 456 | errstr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 444 | errstr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 457 | errstr.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 445 | errstr.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 458 | errstr.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 446 | errstr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 459 | errstr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -461,18 +474,19 @@ gendh.o: ../include/openssl/dh.h ../include/openssl/dsa.h | |||
| 461 | gendh.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 474 | gendh.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 462 | gendh.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 475 | gendh.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 463 | gendh.o: ../include/openssl/engine.h ../include/openssl/err.h | 476 | gendh.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 464 | gendh.o: ../include/openssl/evp.h ../include/openssl/lhash.h | 477 | gendh.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 465 | gendh.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 478 | gendh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 466 | gendh.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 479 | gendh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 467 | gendh.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 480 | gendh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 468 | gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 481 | gendh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 469 | gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h | 482 | gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 470 | gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 483 | gendh.o: ../include/openssl/rand.h ../include/openssl/rsa.h |
| 471 | gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h | 484 | gendh.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 472 | gendh.o: ../include/openssl/store.h ../include/openssl/symhacks.h | 485 | gendh.o: ../include/openssl/stack.h ../include/openssl/store.h |
| 473 | gendh.o: ../include/openssl/txt_db.h ../include/openssl/ui.h | 486 | gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 474 | gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 487 | gendh.o: ../include/openssl/ui.h ../include/openssl/x509.h |
| 475 | gendh.o: ../include/openssl/x509v3.h apps.h gendh.c | 488 | gendh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h |
| 489 | gendh.o: gendh.c | ||
| 476 | gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 490 | gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 477 | gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 491 | gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 478 | gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 492 | gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| @@ -480,16 +494,16 @@ gendsa.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h | |||
| 480 | gendsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 494 | gendsa.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 481 | gendsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 495 | gendsa.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 482 | gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h | 496 | gendsa.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 483 | gendsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 497 | gendsa.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 484 | gendsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 498 | gendsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 485 | gendsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 499 | gendsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 486 | gendsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 500 | gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 487 | gendsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 501 | gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 488 | gendsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 502 | gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 489 | gendsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 503 | gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 490 | gendsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 504 | gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 491 | gendsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h | 505 | gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 492 | gendsa.o: gendsa.c | 506 | gendsa.o: ../include/openssl/x509v3.h apps.h gendsa.c |
| 493 | genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 507 | genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 494 | genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 508 | genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 495 | genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 509 | genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| @@ -497,33 +511,35 @@ genrsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h | |||
| 497 | genrsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 511 | genrsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 498 | genrsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 512 | genrsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 499 | genrsa.o: ../include/openssl/engine.h ../include/openssl/err.h | 513 | genrsa.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 500 | genrsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h | 514 | genrsa.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 501 | genrsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 515 | genrsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 502 | genrsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 516 | genrsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 503 | genrsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 517 | genrsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 504 | genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 518 | genrsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 505 | genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h | 519 | genrsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 506 | genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 520 | genrsa.o: ../include/openssl/rand.h ../include/openssl/rsa.h |
| 507 | genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h | 521 | genrsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 508 | genrsa.o: ../include/openssl/store.h ../include/openssl/symhacks.h | 522 | genrsa.o: ../include/openssl/stack.h ../include/openssl/store.h |
| 509 | genrsa.o: ../include/openssl/txt_db.h ../include/openssl/ui.h | 523 | genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 510 | genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 524 | genrsa.o: ../include/openssl/ui.h ../include/openssl/x509.h |
| 511 | genrsa.o: ../include/openssl/x509v3.h apps.h genrsa.c | 525 | genrsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h |
| 526 | genrsa.o: genrsa.c | ||
| 512 | nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 527 | nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 513 | nseq.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 528 | nseq.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 514 | nseq.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 529 | nseq.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 515 | nseq.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 530 | nseq.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 516 | nseq.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 531 | nseq.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 517 | nseq.o: ../include/openssl/err.h ../include/openssl/evp.h | 532 | nseq.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 518 | nseq.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 533 | nseq.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 519 | nseq.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 534 | nseq.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 520 | nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 535 | nseq.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 521 | nseq.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 536 | nseq.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 522 | nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 537 | nseq.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 523 | nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 538 | nseq.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 524 | nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 539 | nseq.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 525 | nseq.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 540 | nseq.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 526 | nseq.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h nseq.c | 541 | nseq.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 542 | nseq.o: ../include/openssl/x509v3.h apps.h nseq.c | ||
| 527 | ocsp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 543 | ocsp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 528 | ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 544 | ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 529 | ocsp.o: ../include/openssl/comp.h ../include/openssl/conf.h | 545 | ocsp.o: ../include/openssl/comp.h ../include/openssl/conf.h |
| @@ -531,7 +547,8 @@ ocsp.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h | |||
| 531 | ocsp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 547 | ocsp.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 532 | ocsp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 548 | ocsp.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 533 | ocsp.o: ../include/openssl/engine.h ../include/openssl/err.h | 549 | ocsp.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 534 | ocsp.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 550 | ocsp.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 551 | ocsp.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 535 | ocsp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 552 | ocsp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 536 | ocsp.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 553 | ocsp.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 537 | ocsp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 554 | ocsp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -552,7 +569,8 @@ openssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h | |||
| 552 | openssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 569 | openssl.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 553 | openssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 570 | openssl.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 554 | openssl.o: ../include/openssl/engine.h ../include/openssl/err.h | 571 | openssl.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 555 | openssl.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 572 | openssl.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 573 | openssl.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 556 | openssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 574 | openssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 557 | openssl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 575 | openssl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 558 | openssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 576 | openssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -573,95 +591,97 @@ passwd.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h | |||
| 573 | passwd.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 591 | passwd.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 574 | passwd.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 592 | passwd.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 575 | passwd.o: ../include/openssl/err.h ../include/openssl/evp.h | 593 | passwd.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 576 | passwd.o: ../include/openssl/lhash.h ../include/openssl/md5.h | 594 | passwd.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 577 | passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 595 | passwd.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h |
| 578 | passwd.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 596 | passwd.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 579 | passwd.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 597 | passwd.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 580 | passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h | 598 | passwd.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h |
| 581 | passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 599 | passwd.o: ../include/openssl/rand.h ../include/openssl/safestack.h |
| 582 | passwd.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 600 | passwd.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 583 | passwd.o: ../include/openssl/txt_db.h ../include/openssl/ui.h | 601 | passwd.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 584 | passwd.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h | 602 | passwd.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h |
| 585 | passwd.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h | 603 | passwd.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 586 | passwd.o: passwd.c | 604 | passwd.o: ../include/openssl/x509v3.h apps.h passwd.c |
| 587 | pkcs12.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 605 | pkcs12.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 588 | pkcs12.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 606 | pkcs12.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 589 | pkcs12.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 607 | pkcs12.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 590 | pkcs12.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 608 | pkcs12.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 591 | pkcs12.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 609 | pkcs12.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 592 | pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h | 610 | pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 593 | pkcs12.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 611 | pkcs12.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 594 | pkcs12.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 612 | pkcs12.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 595 | pkcs12.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 613 | pkcs12.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 596 | pkcs12.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 614 | pkcs12.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 597 | pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h | 615 | pkcs12.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 598 | pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h | 616 | pkcs12.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h |
| 599 | pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h | 617 | pkcs12.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 600 | pkcs12.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 618 | pkcs12.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 601 | pkcs12.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 619 | pkcs12.o: ../include/openssl/txt_db.h ../include/openssl/x509.h |
| 602 | pkcs12.o: ../include/openssl/x509v3.h apps.h pkcs12.c | 620 | pkcs12.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h |
| 621 | pkcs12.o: pkcs12.c | ||
| 603 | pkcs7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 622 | pkcs7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 604 | pkcs7.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 623 | pkcs7.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 605 | pkcs7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 624 | pkcs7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 606 | pkcs7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 625 | pkcs7.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 607 | pkcs7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 626 | pkcs7.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 608 | pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h | 627 | pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 609 | pkcs7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 628 | pkcs7.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 610 | pkcs7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 629 | pkcs7.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 611 | pkcs7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 630 | pkcs7.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 612 | pkcs7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 631 | pkcs7.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 613 | pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 632 | pkcs7.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 614 | pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 633 | pkcs7.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 615 | pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 634 | pkcs7.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 616 | pkcs7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 635 | pkcs7.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 617 | pkcs7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h | 636 | pkcs7.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 618 | pkcs7.o: pkcs7.c | 637 | pkcs7.o: ../include/openssl/x509v3.h apps.h pkcs7.c |
| 619 | pkcs8.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 638 | pkcs8.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 620 | pkcs8.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 639 | pkcs8.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 621 | pkcs8.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 640 | pkcs8.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 622 | pkcs8.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 641 | pkcs8.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 623 | pkcs8.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 642 | pkcs8.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 624 | pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h | 643 | pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 625 | pkcs8.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 644 | pkcs8.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 626 | pkcs8.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 645 | pkcs8.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 627 | pkcs8.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 646 | pkcs8.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 628 | pkcs8.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 647 | pkcs8.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 629 | pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h | 648 | pkcs8.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 630 | pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h | 649 | pkcs8.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h |
| 631 | pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h | 650 | pkcs8.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 632 | pkcs8.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 651 | pkcs8.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 633 | pkcs8.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 652 | pkcs8.o: ../include/openssl/txt_db.h ../include/openssl/x509.h |
| 634 | pkcs8.o: ../include/openssl/x509v3.h apps.h pkcs8.c | 653 | pkcs8.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h |
| 654 | pkcs8.o: pkcs8.c | ||
| 635 | prime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 655 | prime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 636 | prime.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 656 | prime.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 637 | prime.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 657 | prime.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| 638 | prime.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 658 | prime.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 639 | prime.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 659 | prime.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 640 | prime.o: ../include/openssl/engine.h ../include/openssl/evp.h | 660 | prime.o: ../include/openssl/engine.h ../include/openssl/evp.h |
| 641 | prime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 661 | prime.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 642 | prime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 662 | prime.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 643 | prime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 663 | prime.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 644 | prime.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h | 664 | prime.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 645 | prime.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 665 | prime.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 646 | prime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 666 | prime.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 647 | prime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 667 | prime.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 648 | prime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h | 668 | prime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 649 | prime.o: prime.c | 669 | prime.o: ../include/openssl/x509v3.h apps.h prime.c |
| 650 | rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 670 | rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 651 | rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 671 | rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 652 | rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 672 | rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 653 | rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 673 | rand.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 654 | rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 674 | rand.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 655 | rand.o: ../include/openssl/err.h ../include/openssl/evp.h | 675 | rand.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 656 | rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 676 | rand.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 657 | rand.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 677 | rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 658 | rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 678 | rand.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 659 | rand.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h | 679 | rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 660 | rand.o: ../include/openssl/rand.h ../include/openssl/safestack.h | 680 | rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h |
| 661 | rand.o: ../include/openssl/sha.h ../include/openssl/stack.h | 681 | rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 662 | rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 682 | rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 663 | rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 683 | rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h |
| 664 | rand.o: ../include/openssl/x509v3.h apps.h rand.c | 684 | rand.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h rand.c |
| 665 | req.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 685 | req.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 666 | req.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 686 | req.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 667 | req.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 687 | req.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| @@ -669,50 +689,52 @@ req.o: ../include/openssl/dh.h ../include/openssl/dsa.h | |||
| 669 | req.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 689 | req.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 670 | req.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 690 | req.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 671 | req.o: ../include/openssl/engine.h ../include/openssl/err.h | 691 | req.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 672 | req.o: ../include/openssl/evp.h ../include/openssl/lhash.h | 692 | req.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 673 | req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 693 | req.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 674 | req.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 694 | req.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 675 | req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 695 | req.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 676 | req.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 696 | req.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 677 | req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h | 697 | req.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 678 | req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 698 | req.o: ../include/openssl/rand.h ../include/openssl/rsa.h |
| 679 | req.o: ../include/openssl/sha.h ../include/openssl/stack.h | 699 | req.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 680 | req.o: ../include/openssl/store.h ../include/openssl/symhacks.h | 700 | req.o: ../include/openssl/stack.h ../include/openssl/store.h |
| 681 | req.o: ../include/openssl/txt_db.h ../include/openssl/ui.h | 701 | req.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 682 | req.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 702 | req.o: ../include/openssl/ui.h ../include/openssl/x509.h |
| 683 | req.o: ../include/openssl/x509v3.h apps.h req.c | 703 | req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c |
| 684 | rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 704 | rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 685 | rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 705 | rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 686 | rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 706 | rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| 687 | rsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 707 | rsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 688 | rsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 708 | rsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 689 | rsa.o: ../include/openssl/engine.h ../include/openssl/err.h | 709 | rsa.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 690 | rsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h | 710 | rsa.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 691 | rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 711 | rsa.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 692 | rsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 712 | rsa.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 693 | rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 713 | rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 694 | rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 714 | rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 695 | rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h | 715 | rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 696 | rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 716 | rsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h |
| 697 | rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 717 | rsa.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 698 | rsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 718 | rsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 699 | rsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h rsa.c | 719 | rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 720 | rsa.o: ../include/openssl/x509v3.h apps.h rsa.c | ||
| 700 | rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 721 | rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 701 | rsautl.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 722 | rsautl.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 702 | rsautl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 723 | rsautl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 703 | rsautl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 724 | rsautl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 704 | rsautl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 725 | rsautl.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 705 | rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h | 726 | rsautl.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 706 | rsautl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 727 | rsautl.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 707 | rsautl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 728 | rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 708 | rsautl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 729 | rsautl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 709 | rsautl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 730 | rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 710 | rsautl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 731 | rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 711 | rsautl.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 732 | rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h |
| 712 | rsautl.o: ../include/openssl/sha.h ../include/openssl/stack.h | 733 | rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 713 | rsautl.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 734 | rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 714 | rsautl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 735 | rsautl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h |
| 715 | rsautl.o: ../include/openssl/x509v3.h apps.h rsautl.c | 736 | rsautl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h |
| 737 | rsautl.o: rsautl.c | ||
| 716 | s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 738 | s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 717 | s_cb.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 739 | s_cb.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 718 | s_cb.o: ../include/openssl/comp.h ../include/openssl/conf.h | 740 | s_cb.o: ../include/openssl/comp.h ../include/openssl/conf.h |
| @@ -720,7 +742,8 @@ s_cb.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h | |||
| 720 | s_cb.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 742 | s_cb.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 721 | s_cb.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 743 | s_cb.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 722 | s_cb.o: ../include/openssl/engine.h ../include/openssl/err.h | 744 | s_cb.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 723 | s_cb.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 745 | s_cb.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 746 | s_cb.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 724 | s_cb.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 747 | s_cb.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 725 | s_cb.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 748 | s_cb.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 726 | s_cb.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 749 | s_cb.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -741,7 +764,8 @@ s_client.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h | |||
| 741 | s_client.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 764 | s_client.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 742 | s_client.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 765 | s_client.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 743 | s_client.o: ../include/openssl/engine.h ../include/openssl/err.h | 766 | s_client.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 744 | s_client.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 767 | s_client.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 768 | s_client.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 745 | s_client.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 769 | s_client.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 746 | s_client.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 770 | s_client.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 747 | s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 771 | s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -764,7 +788,8 @@ s_server.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 764 | s_server.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 788 | s_server.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 765 | s_server.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 789 | s_server.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 766 | s_server.o: ../include/openssl/engine.h ../include/openssl/err.h | 790 | s_server.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 767 | s_server.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 791 | s_server.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 792 | s_server.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 768 | s_server.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 793 | s_server.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 769 | s_server.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 794 | s_server.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 770 | s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 795 | s_server.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -787,6 +812,7 @@ s_socket.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h | |||
| 787 | s_socket.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 812 | s_socket.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 788 | s_socket.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 813 | s_socket.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 789 | s_socket.o: ../include/openssl/engine.h ../include/openssl/evp.h | 814 | s_socket.o: ../include/openssl/engine.h ../include/openssl/evp.h |
| 815 | s_socket.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 790 | s_socket.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 816 | s_socket.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 791 | s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 817 | s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 792 | s_socket.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 818 | s_socket.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| @@ -808,7 +834,8 @@ s_time.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h | |||
| 808 | s_time.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 834 | s_time.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 809 | s_time.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 835 | s_time.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 810 | s_time.o: ../include/openssl/engine.h ../include/openssl/err.h | 836 | s_time.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 811 | s_time.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 837 | s_time.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 838 | s_time.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 812 | s_time.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 839 | s_time.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 813 | s_time.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 840 | s_time.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 814 | s_time.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 841 | s_time.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -829,7 +856,8 @@ sess_id.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h | |||
| 829 | sess_id.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 856 | sess_id.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 830 | sess_id.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 857 | sess_id.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 831 | sess_id.o: ../include/openssl/engine.h ../include/openssl/err.h | 858 | sess_id.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 832 | sess_id.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 859 | sess_id.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 860 | sess_id.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 833 | sess_id.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 861 | sess_id.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 834 | sess_id.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 862 | sess_id.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 835 | sess_id.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 863 | sess_id.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -849,16 +877,16 @@ smime.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | |||
| 849 | smime.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 877 | smime.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 850 | smime.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 878 | smime.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 851 | smime.o: ../include/openssl/err.h ../include/openssl/evp.h | 879 | smime.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 852 | smime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 880 | smime.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 853 | smime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 881 | smime.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 854 | smime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 882 | smime.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 855 | smime.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 883 | smime.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 856 | smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 884 | smime.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 857 | smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 885 | smime.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 858 | smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 886 | smime.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 859 | smime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 887 | smime.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 860 | smime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h | 888 | smime.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 861 | smime.o: smime.c | 889 | smime.o: ../include/openssl/x509v3.h apps.h smime.c |
| 862 | speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h | 890 | speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h |
| 863 | speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | 891 | speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h |
| 864 | speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 892 | speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| @@ -868,53 +896,54 @@ speed.o: ../include/openssl/des_old.h ../include/openssl/dsa.h | |||
| 868 | speed.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 896 | speed.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 869 | speed.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 897 | speed.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 870 | speed.o: ../include/openssl/engine.h ../include/openssl/err.h | 898 | speed.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 871 | speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h | 899 | speed.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 872 | speed.o: ../include/openssl/idea.h ../include/openssl/lhash.h | 900 | speed.o: ../include/openssl/hmac.h ../include/openssl/idea.h |
| 873 | speed.o: ../include/openssl/md2.h ../include/openssl/md4.h | 901 | speed.o: ../include/openssl/lhash.h ../include/openssl/md2.h |
| 874 | speed.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h | 902 | speed.o: ../include/openssl/md4.h ../include/openssl/md5.h |
| 875 | speed.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 903 | speed.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 876 | speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 904 | speed.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 877 | speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h | 905 | speed.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 878 | speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h | 906 | speed.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h |
| 879 | speed.o: ../include/openssl/rc4.h ../include/openssl/ripemd.h | 907 | speed.o: ../include/openssl/rc2.h ../include/openssl/rc4.h |
| 880 | speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 908 | speed.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h |
| 881 | speed.o: ../include/openssl/sha.h ../include/openssl/stack.h | 909 | speed.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 882 | speed.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 910 | speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 883 | speed.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h | 911 | speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h |
| 884 | speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 912 | speed.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h |
| 885 | speed.o: ../include/openssl/x509v3.h apps.h speed.c testdsa.h testrsa.h | 913 | speed.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h |
| 914 | speed.o: speed.c testdsa.h testrsa.h | ||
| 886 | spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 915 | spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 887 | spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 916 | spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 888 | spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 917 | spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 889 | spkac.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 918 | spkac.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 890 | spkac.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 919 | spkac.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 891 | spkac.o: ../include/openssl/err.h ../include/openssl/evp.h | 920 | spkac.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 892 | spkac.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 921 | spkac.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 893 | spkac.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 922 | spkac.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 894 | spkac.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 923 | spkac.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 895 | spkac.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 924 | spkac.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 896 | spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 925 | spkac.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 897 | spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 926 | spkac.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 898 | spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 927 | spkac.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 899 | spkac.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 928 | spkac.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 900 | spkac.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h | 929 | spkac.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 901 | spkac.o: spkac.c | 930 | spkac.o: ../include/openssl/x509v3.h apps.h spkac.c |
| 902 | verify.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 931 | verify.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 903 | verify.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 932 | verify.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 904 | verify.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 933 | verify.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 905 | verify.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 934 | verify.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 906 | verify.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 935 | verify.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 907 | verify.o: ../include/openssl/err.h ../include/openssl/evp.h | 936 | verify.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 908 | verify.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 937 | verify.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 909 | verify.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 938 | verify.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 910 | verify.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 939 | verify.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 911 | verify.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 940 | verify.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 912 | verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 941 | verify.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 913 | verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 942 | verify.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 914 | verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 943 | verify.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 915 | verify.o: ../include/openssl/txt_db.h ../include/openssl/x509.h | 944 | verify.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 916 | verify.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h | 945 | verify.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 917 | verify.o: verify.c | 946 | verify.o: ../include/openssl/x509v3.h apps.h verify.c |
| 918 | version.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 947 | version.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 919 | version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h | 948 | version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h |
| 920 | version.o: ../include/openssl/buffer.h ../include/openssl/conf.h | 949 | version.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| @@ -922,18 +951,18 @@ version.o: ../include/openssl/crypto.h ../include/openssl/des.h | |||
| 922 | version.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h | 951 | version.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h |
| 923 | version.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 952 | version.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 924 | version.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 953 | version.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 925 | version.o: ../include/openssl/evp.h ../include/openssl/idea.h | 954 | version.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 926 | version.o: ../include/openssl/lhash.h ../include/openssl/md2.h | 955 | version.o: ../include/openssl/idea.h ../include/openssl/lhash.h |
| 927 | version.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 956 | version.o: ../include/openssl/md2.h ../include/openssl/obj_mac.h |
| 928 | version.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 957 | version.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 929 | version.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 958 | version.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 930 | version.o: ../include/openssl/pkcs7.h ../include/openssl/rc4.h | 959 | version.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h |
| 931 | version.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 960 | version.o: ../include/openssl/rc4.h ../include/openssl/safestack.h |
| 932 | version.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 961 | version.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 933 | version.o: ../include/openssl/txt_db.h ../include/openssl/ui.h | 962 | version.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h |
| 934 | version.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h | 963 | version.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h |
| 935 | version.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h | 964 | version.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 936 | version.o: version.c | 965 | version.o: ../include/openssl/x509v3.h apps.h version.c |
| 937 | x509.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 966 | x509.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 938 | x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 967 | x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 939 | x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 968 | x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h |
| @@ -941,13 +970,13 @@ x509.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h | |||
| 941 | x509.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 970 | x509.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 942 | x509.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 971 | x509.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 943 | x509.o: ../include/openssl/err.h ../include/openssl/evp.h | 972 | x509.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 944 | x509.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 973 | x509.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 945 | x509.o: ../include/openssl/objects.h ../include/openssl/ocsp.h | 974 | x509.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 946 | x509.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 975 | x509.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h |
| 947 | x509.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 976 | x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 948 | x509.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 977 | x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 949 | x509.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 978 | x509.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h |
| 950 | x509.o: ../include/openssl/sha.h ../include/openssl/stack.h | 979 | x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 951 | x509.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h | 980 | x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 952 | x509.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 981 | x509.o: ../include/openssl/txt_db.h ../include/openssl/x509.h |
| 953 | x509.o: ../include/openssl/x509v3.h apps.h x509.c | 982 | x509.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h x509.c |
diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c index 5209caba2e..367eb177e1 100644 --- a/src/lib/libssl/src/apps/apps.c +++ b/src/lib/libssl/src/apps/apps.c | |||
| @@ -115,6 +115,7 @@ | |||
| 115 | #include <sys/types.h> | 115 | #include <sys/types.h> |
| 116 | #include <sys/stat.h> | 116 | #include <sys/stat.h> |
| 117 | #include <ctype.h> | 117 | #include <ctype.h> |
| 118 | #include <assert.h> | ||
| 118 | #include <openssl/err.h> | 119 | #include <openssl/err.h> |
| 119 | #include <openssl/x509.h> | 120 | #include <openssl/x509.h> |
| 120 | #include <openssl/x509v3.h> | 121 | #include <openssl/x509v3.h> |
| @@ -129,6 +130,9 @@ | |||
| 129 | #include <openssl/rsa.h> | 130 | #include <openssl/rsa.h> |
| 130 | #endif | 131 | #endif |
| 131 | #include <openssl/bn.h> | 132 | #include <openssl/bn.h> |
| 133 | #ifndef OPENSSL_NO_JPAKE | ||
| 134 | #include <openssl/jpake.h> | ||
| 135 | #endif | ||
| 132 | 136 | ||
| 133 | #define NON_MAIN | 137 | #define NON_MAIN |
| 134 | #include "apps.h" | 138 | #include "apps.h" |
| @@ -2333,3 +2337,233 @@ void policies_print(BIO *out, X509_STORE_CTX *ctx) | |||
| 2333 | if (free_out) | 2337 | if (free_out) |
| 2334 | BIO_free(out); | 2338 | BIO_free(out); |
| 2335 | } | 2339 | } |
| 2340 | |||
| 2341 | #ifndef OPENSSL_NO_JPAKE | ||
| 2342 | |||
| 2343 | static JPAKE_CTX *jpake_init(const char *us, const char *them, | ||
| 2344 | const char *secret) | ||
| 2345 | { | ||
| 2346 | BIGNUM *p = NULL; | ||
| 2347 | BIGNUM *g = NULL; | ||
| 2348 | BIGNUM *q = NULL; | ||
| 2349 | BIGNUM *bnsecret = BN_new(); | ||
| 2350 | JPAKE_CTX *ctx; | ||
| 2351 | |||
| 2352 | /* Use a safe prime for p (that we found earlier) */ | ||
| 2353 | BN_hex2bn(&p, "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F"); | ||
| 2354 | g = BN_new(); | ||
| 2355 | BN_set_word(g, 2); | ||
| 2356 | q = BN_new(); | ||
| 2357 | BN_rshift1(q, p); | ||
| 2358 | |||
| 2359 | BN_bin2bn((const unsigned char *)secret, strlen(secret), bnsecret); | ||
| 2360 | |||
| 2361 | ctx = JPAKE_CTX_new(us, them, p, g, q, bnsecret); | ||
| 2362 | BN_free(bnsecret); | ||
| 2363 | BN_free(q); | ||
| 2364 | BN_free(g); | ||
| 2365 | BN_free(p); | ||
| 2366 | |||
| 2367 | return ctx; | ||
| 2368 | } | ||
| 2369 | |||
| 2370 | static void jpake_send_part(BIO *conn, const JPAKE_STEP_PART *p) | ||
| 2371 | { | ||
| 2372 | BN_print(conn, p->gx); | ||
| 2373 | BIO_puts(conn, "\n"); | ||
| 2374 | BN_print(conn, p->zkpx.gr); | ||
| 2375 | BIO_puts(conn, "\n"); | ||
| 2376 | BN_print(conn, p->zkpx.b); | ||
| 2377 | BIO_puts(conn, "\n"); | ||
| 2378 | } | ||
| 2379 | |||
| 2380 | static void jpake_send_step1(BIO *bconn, JPAKE_CTX *ctx) | ||
| 2381 | { | ||
| 2382 | JPAKE_STEP1 s1; | ||
| 2383 | |||
| 2384 | JPAKE_STEP1_init(&s1); | ||
| 2385 | JPAKE_STEP1_generate(&s1, ctx); | ||
| 2386 | jpake_send_part(bconn, &s1.p1); | ||
| 2387 | jpake_send_part(bconn, &s1.p2); | ||
| 2388 | (void)BIO_flush(bconn); | ||
| 2389 | JPAKE_STEP1_release(&s1); | ||
| 2390 | } | ||
| 2391 | |||
| 2392 | static void jpake_send_step2(BIO *bconn, JPAKE_CTX *ctx) | ||
| 2393 | { | ||
| 2394 | JPAKE_STEP2 s2; | ||
| 2395 | |||
| 2396 | JPAKE_STEP2_init(&s2); | ||
| 2397 | JPAKE_STEP2_generate(&s2, ctx); | ||
| 2398 | jpake_send_part(bconn, &s2); | ||
| 2399 | (void)BIO_flush(bconn); | ||
| 2400 | JPAKE_STEP2_release(&s2); | ||
| 2401 | } | ||
| 2402 | |||
| 2403 | static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx) | ||
| 2404 | { | ||
| 2405 | JPAKE_STEP3A s3a; | ||
| 2406 | |||
| 2407 | JPAKE_STEP3A_init(&s3a); | ||
| 2408 | JPAKE_STEP3A_generate(&s3a, ctx); | ||
| 2409 | BIO_write(bconn, s3a.hhk, sizeof s3a.hhk); | ||
| 2410 | (void)BIO_flush(bconn); | ||
| 2411 | JPAKE_STEP3A_release(&s3a); | ||
| 2412 | } | ||
| 2413 | |||
| 2414 | static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx) | ||
| 2415 | { | ||
| 2416 | JPAKE_STEP3B s3b; | ||
| 2417 | |||
| 2418 | JPAKE_STEP3B_init(&s3b); | ||
| 2419 | JPAKE_STEP3B_generate(&s3b, ctx); | ||
| 2420 | BIO_write(bconn, s3b.hk, sizeof s3b.hk); | ||
| 2421 | (void)BIO_flush(bconn); | ||
| 2422 | JPAKE_STEP3B_release(&s3b); | ||
| 2423 | } | ||
| 2424 | |||
| 2425 | static void readbn(BIGNUM **bn, BIO *bconn) | ||
| 2426 | { | ||
| 2427 | char buf[10240]; | ||
| 2428 | int l; | ||
| 2429 | |||
| 2430 | l = BIO_gets(bconn, buf, sizeof buf); | ||
| 2431 | assert(l >= 0); | ||
| 2432 | assert(buf[l-1] == '\n'); | ||
| 2433 | buf[l-1] = '\0'; | ||
| 2434 | BN_hex2bn(bn, buf); | ||
| 2435 | } | ||
| 2436 | |||
| 2437 | static void jpake_receive_part(JPAKE_STEP_PART *p, BIO *bconn) | ||
| 2438 | { | ||
| 2439 | readbn(&p->gx, bconn); | ||
| 2440 | readbn(&p->zkpx.gr, bconn); | ||
| 2441 | readbn(&p->zkpx.b, bconn); | ||
| 2442 | } | ||
| 2443 | |||
| 2444 | static void jpake_receive_step1(JPAKE_CTX *ctx, BIO *bconn) | ||
| 2445 | { | ||
| 2446 | JPAKE_STEP1 s1; | ||
| 2447 | |||
| 2448 | JPAKE_STEP1_init(&s1); | ||
| 2449 | jpake_receive_part(&s1.p1, bconn); | ||
| 2450 | jpake_receive_part(&s1.p2, bconn); | ||
| 2451 | if(!JPAKE_STEP1_process(ctx, &s1)) | ||
| 2452 | { | ||
| 2453 | ERR_print_errors(bio_err); | ||
| 2454 | exit(1); | ||
| 2455 | } | ||
| 2456 | JPAKE_STEP1_release(&s1); | ||
| 2457 | } | ||
| 2458 | |||
| 2459 | static void jpake_receive_step2(JPAKE_CTX *ctx, BIO *bconn) | ||
| 2460 | { | ||
| 2461 | JPAKE_STEP2 s2; | ||
| 2462 | |||
| 2463 | JPAKE_STEP2_init(&s2); | ||
| 2464 | jpake_receive_part(&s2, bconn); | ||
| 2465 | if(!JPAKE_STEP2_process(ctx, &s2)) | ||
| 2466 | { | ||
| 2467 | ERR_print_errors(bio_err); | ||
| 2468 | exit(1); | ||
| 2469 | } | ||
| 2470 | JPAKE_STEP2_release(&s2); | ||
| 2471 | } | ||
| 2472 | |||
| 2473 | static void jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn) | ||
| 2474 | { | ||
| 2475 | JPAKE_STEP3A s3a; | ||
| 2476 | int l; | ||
| 2477 | |||
| 2478 | JPAKE_STEP3A_init(&s3a); | ||
| 2479 | l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk); | ||
| 2480 | assert(l == sizeof s3a.hhk); | ||
| 2481 | if(!JPAKE_STEP3A_process(ctx, &s3a)) | ||
| 2482 | { | ||
| 2483 | ERR_print_errors(bio_err); | ||
| 2484 | exit(1); | ||
| 2485 | } | ||
| 2486 | JPAKE_STEP3A_release(&s3a); | ||
| 2487 | } | ||
| 2488 | |||
| 2489 | static void jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn) | ||
| 2490 | { | ||
| 2491 | JPAKE_STEP3B s3b; | ||
| 2492 | int l; | ||
| 2493 | |||
| 2494 | JPAKE_STEP3B_init(&s3b); | ||
| 2495 | l = BIO_read(bconn, s3b.hk, sizeof s3b.hk); | ||
| 2496 | assert(l == sizeof s3b.hk); | ||
| 2497 | if(!JPAKE_STEP3B_process(ctx, &s3b)) | ||
| 2498 | { | ||
| 2499 | ERR_print_errors(bio_err); | ||
| 2500 | exit(1); | ||
| 2501 | } | ||
| 2502 | JPAKE_STEP3B_release(&s3b); | ||
| 2503 | } | ||
| 2504 | |||
| 2505 | void jpake_client_auth(BIO *out, BIO *conn, const char *secret) | ||
| 2506 | { | ||
| 2507 | JPAKE_CTX *ctx; | ||
| 2508 | BIO *bconn; | ||
| 2509 | |||
| 2510 | BIO_puts(out, "Authenticating with JPAKE\n"); | ||
| 2511 | |||
| 2512 | ctx = jpake_init("client", "server", secret); | ||
| 2513 | |||
| 2514 | bconn = BIO_new(BIO_f_buffer()); | ||
| 2515 | BIO_push(bconn, conn); | ||
| 2516 | |||
| 2517 | jpake_send_step1(bconn, ctx); | ||
| 2518 | jpake_receive_step1(ctx, bconn); | ||
| 2519 | jpake_send_step2(bconn, ctx); | ||
| 2520 | jpake_receive_step2(ctx, bconn); | ||
| 2521 | jpake_send_step3a(bconn, ctx); | ||
| 2522 | jpake_receive_step3b(ctx, bconn); | ||
| 2523 | |||
| 2524 | /* | ||
| 2525 | * The problem is that you must use the derived key in the | ||
| 2526 | * session key or you are subject to man-in-the-middle | ||
| 2527 | * attacks. | ||
| 2528 | */ | ||
| 2529 | BIO_puts(out, "JPAKE authentication succeeded (N.B. This version can" | ||
| 2530 | " be MitMed. See the version in HEAD for how to do it" | ||
| 2531 | " properly)\n"); | ||
| 2532 | |||
| 2533 | BIO_pop(bconn); | ||
| 2534 | BIO_free(bconn); | ||
| 2535 | } | ||
| 2536 | |||
| 2537 | void jpake_server_auth(BIO *out, BIO *conn, const char *secret) | ||
| 2538 | { | ||
| 2539 | JPAKE_CTX *ctx; | ||
| 2540 | BIO *bconn; | ||
| 2541 | |||
| 2542 | BIO_puts(out, "Authenticating with JPAKE\n"); | ||
| 2543 | |||
| 2544 | ctx = jpake_init("server", "client", secret); | ||
| 2545 | |||
| 2546 | bconn = BIO_new(BIO_f_buffer()); | ||
| 2547 | BIO_push(bconn, conn); | ||
| 2548 | |||
| 2549 | jpake_receive_step1(ctx, bconn); | ||
| 2550 | jpake_send_step1(bconn, ctx); | ||
| 2551 | jpake_receive_step2(ctx, bconn); | ||
| 2552 | jpake_send_step2(bconn, ctx); | ||
| 2553 | jpake_receive_step3a(ctx, bconn); | ||
| 2554 | jpake_send_step3b(bconn, ctx); | ||
| 2555 | |||
| 2556 | /* | ||
| 2557 | * The problem is that you must use the derived key in the | ||
| 2558 | * session key or you are subject to man-in-the-middle | ||
| 2559 | * attacks. | ||
| 2560 | */ | ||
| 2561 | BIO_puts(out, "JPAKE authentication succeeded (N.B. This version can" | ||
| 2562 | " be MitMed. See the version in HEAD for how to do it" | ||
| 2563 | " properly)\n"); | ||
| 2564 | |||
| 2565 | BIO_pop(bconn); | ||
| 2566 | BIO_free(bconn); | ||
| 2567 | } | ||
| 2568 | |||
| 2569 | #endif | ||
diff --git a/src/lib/libssl/src/apps/apps.h b/src/lib/libssl/src/apps/apps.h index 0df170813a..88579094b1 100644 --- a/src/lib/libssl/src/apps/apps.h +++ b/src/lib/libssl/src/apps/apps.h | |||
| @@ -149,9 +149,11 @@ int WIN32_rename(const char *oldname,const char *newname); | |||
| 149 | #ifndef NON_MAIN | 149 | #ifndef NON_MAIN |
| 150 | CONF *config=NULL; | 150 | CONF *config=NULL; |
| 151 | BIO *bio_err=NULL; | 151 | BIO *bio_err=NULL; |
| 152 | int in_FIPS_mode=0; | ||
| 152 | #else | 153 | #else |
| 153 | extern CONF *config; | 154 | extern CONF *config; |
| 154 | extern BIO *bio_err; | 155 | extern BIO *bio_err; |
| 156 | extern int in_FIPS_mode; | ||
| 155 | #endif | 157 | #endif |
| 156 | 158 | ||
| 157 | #else | 159 | #else |
| @@ -160,6 +162,7 @@ extern BIO *bio_err; | |||
| 160 | extern CONF *config; | 162 | extern CONF *config; |
| 161 | extern char *default_config_file; | 163 | extern char *default_config_file; |
| 162 | extern BIO *bio_err; | 164 | extern BIO *bio_err; |
| 165 | extern int in_FIPS_mode; | ||
| 163 | 166 | ||
| 164 | #endif | 167 | #endif |
| 165 | 168 | ||
| @@ -335,6 +338,10 @@ X509_NAME *parse_name(char *str, long chtype, int multirdn); | |||
| 335 | int args_verify(char ***pargs, int *pargc, | 338 | int args_verify(char ***pargs, int *pargc, |
| 336 | int *badarg, BIO *err, X509_VERIFY_PARAM **pm); | 339 | int *badarg, BIO *err, X509_VERIFY_PARAM **pm); |
| 337 | void policies_print(BIO *out, X509_STORE_CTX *ctx); | 340 | void policies_print(BIO *out, X509_STORE_CTX *ctx); |
| 341 | #ifndef OPENSSL_NO_JPAKE | ||
| 342 | void jpake_client_auth(BIO *out, BIO *conn, const char *secret); | ||
| 343 | void jpake_server_auth(BIO *out, BIO *conn, const char *secret); | ||
| 344 | #endif | ||
| 338 | 345 | ||
| 339 | #define FORMAT_UNDEF 0 | 346 | #define FORMAT_UNDEF 0 |
| 340 | #define FORMAT_ASN1 1 | 347 | #define FORMAT_ASN1 1 |
diff --git a/src/lib/libssl/src/apps/asn1pars.c b/src/lib/libssl/src/apps/asn1pars.c index b1a7c8e5db..bde61d02d1 100644 --- a/src/lib/libssl/src/apps/asn1pars.c +++ b/src/lib/libssl/src/apps/asn1pars.c | |||
| @@ -56,7 +56,7 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | /* A nice addition from Dr Stephen Henson <shenson@bigfoot.com> to | 59 | /* A nice addition from Dr Stephen Henson <steve@openssl.org> to |
| 60 | * add the -strparse option which parses nested binary structures | 60 | * add the -strparse option which parses nested binary structures |
| 61 | */ | 61 | */ |
| 62 | 62 | ||
diff --git a/src/lib/libssl/src/apps/crl.c b/src/lib/libssl/src/apps/crl.c index a0040fba11..c395b2afd5 100644 --- a/src/lib/libssl/src/apps/crl.c +++ b/src/lib/libssl/src/apps/crl.c | |||
| @@ -85,6 +85,7 @@ static const char *crl_usage[]={ | |||
| 85 | " -issuer - print issuer DN\n", | 85 | " -issuer - print issuer DN\n", |
| 86 | " -lastupdate - lastUpdate field\n", | 86 | " -lastupdate - lastUpdate field\n", |
| 87 | " -nextupdate - nextUpdate field\n", | 87 | " -nextupdate - nextUpdate field\n", |
| 88 | " -crlnumber - print CRL number\n", | ||
| 88 | " -noout - no CRL output\n", | 89 | " -noout - no CRL output\n", |
| 89 | " -CAfile name - verify CRL using certificates in file \"name\"\n", | 90 | " -CAfile name - verify CRL using certificates in file \"name\"\n", |
| 90 | " -CApath dir - verify CRL using certificates in \"dir\"\n", | 91 | " -CApath dir - verify CRL using certificates in \"dir\"\n", |
| @@ -107,7 +108,7 @@ int MAIN(int argc, char **argv) | |||
| 107 | int informat,outformat; | 108 | int informat,outformat; |
| 108 | char *infile=NULL,*outfile=NULL; | 109 | char *infile=NULL,*outfile=NULL; |
| 109 | int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0; | 110 | int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0; |
| 110 | int fingerprint = 0; | 111 | int fingerprint = 0, crlnumber = 0; |
| 111 | const char **pp; | 112 | const char **pp; |
| 112 | X509_STORE *store = NULL; | 113 | X509_STORE *store = NULL; |
| 113 | X509_STORE_CTX ctx; | 114 | X509_STORE_CTX ctx; |
| @@ -206,6 +207,8 @@ int MAIN(int argc, char **argv) | |||
| 206 | noout= ++num; | 207 | noout= ++num; |
| 207 | else if (strcmp(*argv,"-fingerprint") == 0) | 208 | else if (strcmp(*argv,"-fingerprint") == 0) |
| 208 | fingerprint= ++num; | 209 | fingerprint= ++num; |
| 210 | else if (strcmp(*argv,"-crlnumber") == 0) | ||
| 211 | crlnumber= ++num; | ||
| 209 | else if ((md_alg=EVP_get_digestbyname(*argv + 1))) | 212 | else if ((md_alg=EVP_get_digestbyname(*argv + 1))) |
| 210 | { | 213 | { |
| 211 | /* ok */ | 214 | /* ok */ |
| @@ -281,7 +284,21 @@ bad: | |||
| 281 | { | 284 | { |
| 282 | print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag); | 285 | print_name(bio_out, "issuer=", X509_CRL_get_issuer(x), nmflag); |
| 283 | } | 286 | } |
| 284 | 287 | if (crlnumber == i) | |
| 288 | { | ||
| 289 | ASN1_INTEGER *crlnum; | ||
| 290 | crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number, | ||
| 291 | NULL, NULL); | ||
| 292 | BIO_printf(bio_out,"crlNumber="); | ||
| 293 | if (crlnum) | ||
| 294 | { | ||
| 295 | i2a_ASN1_INTEGER(bio_out, crlnum); | ||
| 296 | ASN1_INTEGER_free(crlnum); | ||
| 297 | } | ||
| 298 | else | ||
| 299 | BIO_puts(bio_out, "<NONE>"); | ||
| 300 | BIO_printf(bio_out,"\n"); | ||
| 301 | } | ||
| 285 | if (hash == i) | 302 | if (hash == i) |
| 286 | { | 303 | { |
| 287 | BIO_printf(bio_out,"%08lx\n", | 304 | BIO_printf(bio_out,"%08lx\n", |
diff --git a/src/lib/libssl/src/apps/dgst.c b/src/lib/libssl/src/apps/dgst.c index c5ecf93d1b..9ebfc22e79 100644 --- a/src/lib/libssl/src/apps/dgst.c +++ b/src/lib/libssl/src/apps/dgst.c | |||
| @@ -76,7 +76,7 @@ | |||
| 76 | 76 | ||
| 77 | int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, | 77 | int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, |
| 78 | EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title, | 78 | EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title, |
| 79 | const char *file,BIO *bmd,const char *hmac_key); | 79 | const char *file,BIO *bmd,const char *hmac_key, int non_fips_allow); |
| 80 | 80 | ||
| 81 | int MAIN(int, char **); | 81 | int MAIN(int, char **); |
| 82 | 82 | ||
| @@ -84,7 +84,7 @@ int MAIN(int argc, char **argv) | |||
| 84 | { | 84 | { |
| 85 | ENGINE *e = NULL; | 85 | ENGINE *e = NULL; |
| 86 | unsigned char *buf=NULL; | 86 | unsigned char *buf=NULL; |
| 87 | int i,err=0; | 87 | int i,err=1; |
| 88 | const EVP_MD *md=NULL,*m; | 88 | const EVP_MD *md=NULL,*m; |
| 89 | BIO *in=NULL,*inp; | 89 | BIO *in=NULL,*inp; |
| 90 | BIO *bmd=NULL; | 90 | BIO *bmd=NULL; |
| @@ -101,14 +101,16 @@ int MAIN(int argc, char **argv) | |||
| 101 | EVP_PKEY *sigkey = NULL; | 101 | EVP_PKEY *sigkey = NULL; |
| 102 | unsigned char *sigbuf = NULL; | 102 | unsigned char *sigbuf = NULL; |
| 103 | int siglen = 0; | 103 | int siglen = 0; |
| 104 | unsigned int sig_flags = 0; | ||
| 104 | char *passargin = NULL, *passin = NULL; | 105 | char *passargin = NULL, *passin = NULL; |
| 105 | #ifndef OPENSSL_NO_ENGINE | 106 | #ifndef OPENSSL_NO_ENGINE |
| 106 | char *engine=NULL; | 107 | char *engine=NULL; |
| 107 | #endif | 108 | #endif |
| 108 | char *hmac_key=NULL; | 109 | char *hmac_key=NULL; |
| 110 | int non_fips_allow = 0; | ||
| 109 | 111 | ||
| 110 | apps_startup(); | 112 | apps_startup(); |
| 111 | 113 | ERR_load_crypto_strings(); | |
| 112 | if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL) | 114 | if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL) |
| 113 | { | 115 | { |
| 114 | BIO_printf(bio_err,"out of memory\n"); | 116 | BIO_printf(bio_err,"out of memory\n"); |
| @@ -167,6 +169,27 @@ int MAIN(int argc, char **argv) | |||
| 167 | keyfile=*(++argv); | 169 | keyfile=*(++argv); |
| 168 | do_verify = 1; | 170 | do_verify = 1; |
| 169 | } | 171 | } |
| 172 | else if (strcmp(*argv,"-x931") == 0) | ||
| 173 | sig_flags = EVP_MD_CTX_FLAG_PAD_X931; | ||
| 174 | else if (strcmp(*argv,"-pss_saltlen") == 0) | ||
| 175 | { | ||
| 176 | int saltlen; | ||
| 177 | if (--argc < 1) break; | ||
| 178 | saltlen=atoi(*(++argv)); | ||
| 179 | if (saltlen == -1) | ||
| 180 | sig_flags = EVP_MD_CTX_FLAG_PSS_MREC; | ||
| 181 | else if (saltlen == -2) | ||
| 182 | sig_flags = EVP_MD_CTX_FLAG_PSS_MDLEN; | ||
| 183 | else if (saltlen < -2 || saltlen >= 0xFFFE) | ||
| 184 | { | ||
| 185 | BIO_printf(bio_err, "Invalid PSS salt length %d\n", saltlen); | ||
| 186 | goto end; | ||
| 187 | } | ||
| 188 | else | ||
| 189 | sig_flags = saltlen; | ||
| 190 | sig_flags <<= 16; | ||
| 191 | sig_flags |= EVP_MD_CTX_FLAG_PAD_PSS; | ||
| 192 | } | ||
| 170 | else if (strcmp(*argv,"-signature") == 0) | 193 | else if (strcmp(*argv,"-signature") == 0) |
| 171 | { | 194 | { |
| 172 | if (--argc < 1) break; | 195 | if (--argc < 1) break; |
| @@ -190,6 +213,8 @@ int MAIN(int argc, char **argv) | |||
| 190 | out_bin = 1; | 213 | out_bin = 1; |
| 191 | else if (strcmp(*argv,"-d") == 0) | 214 | else if (strcmp(*argv,"-d") == 0) |
| 192 | debug=1; | 215 | debug=1; |
| 216 | else if (strcmp(*argv,"-non-fips-allow") == 0) | ||
| 217 | non_fips_allow=1; | ||
| 193 | else if (!strcmp(*argv,"-fips-fingerprint")) | 218 | else if (!strcmp(*argv,"-fips-fingerprint")) |
| 194 | hmac_key = "etaonrishdlcupfm"; | 219 | hmac_key = "etaonrishdlcupfm"; |
| 195 | else if (!strcmp(*argv,"-hmac")) | 220 | else if (!strcmp(*argv,"-hmac")) |
| @@ -356,8 +381,20 @@ int MAIN(int argc, char **argv) | |||
| 356 | goto end; | 381 | goto end; |
| 357 | } | 382 | } |
| 358 | } | 383 | } |
| 359 | |||
| 360 | 384 | ||
| 385 | if (non_fips_allow) | ||
| 386 | { | ||
| 387 | EVP_MD_CTX *md_ctx; | ||
| 388 | BIO_get_md_ctx(bmd,&md_ctx); | ||
| 389 | EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 390 | } | ||
| 391 | |||
| 392 | if (sig_flags) | ||
| 393 | { | ||
| 394 | EVP_MD_CTX *md_ctx; | ||
| 395 | BIO_get_md_ctx(bmd,&md_ctx); | ||
| 396 | EVP_MD_CTX_set_flags(md_ctx, sig_flags); | ||
| 397 | } | ||
| 361 | 398 | ||
| 362 | /* we use md as a filter, reading from 'in' */ | 399 | /* we use md as a filter, reading from 'in' */ |
| 363 | if (!BIO_set_md(bmd,md)) | 400 | if (!BIO_set_md(bmd,md)) |
| @@ -373,11 +410,12 @@ int MAIN(int argc, char **argv) | |||
| 373 | { | 410 | { |
| 374 | BIO_set_fp(in,stdin,BIO_NOCLOSE); | 411 | BIO_set_fp(in,stdin,BIO_NOCLOSE); |
| 375 | err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf, | 412 | err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf, |
| 376 | siglen,"","(stdin)",bmd,hmac_key); | 413 | siglen,"","(stdin)",bmd,hmac_key,non_fips_allow); |
| 377 | } | 414 | } |
| 378 | else | 415 | else |
| 379 | { | 416 | { |
| 380 | name=OBJ_nid2sn(md->type); | 417 | name=OBJ_nid2sn(md->type); |
| 418 | err = 0; | ||
| 381 | for (i=0; i<argc; i++) | 419 | for (i=0; i<argc; i++) |
| 382 | { | 420 | { |
| 383 | char *tmp,*tofree=NULL; | 421 | char *tmp,*tofree=NULL; |
| @@ -399,7 +437,7 @@ int MAIN(int argc, char **argv) | |||
| 399 | else | 437 | else |
| 400 | tmp=""; | 438 | tmp=""; |
| 401 | r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf, | 439 | r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf, |
| 402 | siglen,tmp,argv[i],bmd,hmac_key); | 440 | siglen,tmp,argv[i],bmd,hmac_key,non_fips_allow); |
| 403 | if(r) | 441 | if(r) |
| 404 | err=r; | 442 | err=r; |
| 405 | if(tofree) | 443 | if(tofree) |
| @@ -426,7 +464,7 @@ end: | |||
| 426 | 464 | ||
| 427 | int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, | 465 | int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, |
| 428 | EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title, | 466 | EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title, |
| 429 | const char *file,BIO *bmd,const char *hmac_key) | 467 | const char *file,BIO *bmd,const char *hmac_key,int non_fips_allow) |
| 430 | { | 468 | { |
| 431 | unsigned int len; | 469 | unsigned int len; |
| 432 | int i; | 470 | int i; |
diff --git a/src/lib/libssl/src/apps/dsa.c b/src/lib/libssl/src/apps/dsa.c index 9e103037dd..cbc1fe3f81 100644 --- a/src/lib/libssl/src/apps/dsa.c +++ b/src/lib/libssl/src/apps/dsa.c | |||
| @@ -96,9 +96,7 @@ int MAIN(int, char **); | |||
| 96 | 96 | ||
| 97 | int MAIN(int argc, char **argv) | 97 | int MAIN(int argc, char **argv) |
| 98 | { | 98 | { |
| 99 | #ifndef OPENSSL_NO_ENGINE | ||
| 100 | ENGINE *e = NULL; | 99 | ENGINE *e = NULL; |
| 101 | #endif | ||
| 102 | int ret=1; | 100 | int ret=1; |
| 103 | DSA *dsa=NULL; | 101 | DSA *dsa=NULL; |
| 104 | int i,badops=0; | 102 | int i,badops=0; |
| @@ -240,37 +238,27 @@ bad: | |||
| 240 | goto end; | 238 | goto end; |
| 241 | } | 239 | } |
| 242 | 240 | ||
| 243 | in=BIO_new(BIO_s_file()); | ||
| 244 | out=BIO_new(BIO_s_file()); | 241 | out=BIO_new(BIO_s_file()); |
| 245 | if ((in == NULL) || (out == NULL)) | 242 | if (out == NULL) |
| 246 | { | 243 | { |
| 247 | ERR_print_errors(bio_err); | 244 | ERR_print_errors(bio_err); |
| 248 | goto end; | 245 | goto end; |
| 249 | } | 246 | } |
| 250 | 247 | ||
| 251 | if (infile == NULL) | ||
| 252 | BIO_set_fp(in,stdin,BIO_NOCLOSE); | ||
| 253 | else | ||
| 254 | { | ||
| 255 | if (BIO_read_filename(in,infile) <= 0) | ||
| 256 | { | ||
| 257 | perror(infile); | ||
| 258 | goto end; | ||
| 259 | } | ||
| 260 | } | ||
| 261 | |||
| 262 | BIO_printf(bio_err,"read DSA key\n"); | 248 | BIO_printf(bio_err,"read DSA key\n"); |
| 263 | if (informat == FORMAT_ASN1) { | 249 | { |
| 264 | if(pubin) dsa=d2i_DSA_PUBKEY_bio(in,NULL); | 250 | EVP_PKEY *pkey; |
| 265 | else dsa=d2i_DSAPrivateKey_bio(in,NULL); | 251 | if (pubin) |
| 266 | } else if (informat == FORMAT_PEM) { | 252 | pkey = load_pubkey(bio_err, infile, informat, 1, |
| 267 | if(pubin) dsa=PEM_read_bio_DSA_PUBKEY(in,NULL, NULL, NULL); | 253 | passin, e, "Public Key"); |
| 268 | else dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL,passin); | 254 | else |
| 269 | } else | 255 | pkey = load_key(bio_err, infile, informat, 1, |
| 270 | { | 256 | passin, e, "Private Key"); |
| 271 | BIO_printf(bio_err,"bad input format specified for key\n"); | 257 | |
| 272 | goto end; | 258 | if (pkey != NULL) |
| 273 | } | 259 | dsa = pkey == NULL ? NULL : EVP_PKEY_get1_DSA(pkey); |
| 260 | EVP_PKEY_free(pkey); | ||
| 261 | } | ||
| 274 | if (dsa == NULL) | 262 | if (dsa == NULL) |
| 275 | { | 263 | { |
| 276 | BIO_printf(bio_err,"unable to load Key\n"); | 264 | BIO_printf(bio_err,"unable to load Key\n"); |
diff --git a/src/lib/libssl/src/apps/enc.c b/src/lib/libssl/src/apps/enc.c index a41ea800ac..47c6eb604d 100644 --- a/src/lib/libssl/src/apps/enc.c +++ b/src/lib/libssl/src/apps/enc.c | |||
| @@ -127,6 +127,7 @@ int MAIN(int argc, char **argv) | |||
| 127 | char *engine = NULL; | 127 | char *engine = NULL; |
| 128 | #endif | 128 | #endif |
| 129 | const EVP_MD *dgst=NULL; | 129 | const EVP_MD *dgst=NULL; |
| 130 | int non_fips_allow = 0; | ||
| 130 | 131 | ||
| 131 | apps_startup(); | 132 | apps_startup(); |
| 132 | 133 | ||
| @@ -261,6 +262,8 @@ int MAIN(int argc, char **argv) | |||
| 261 | if (--argc < 1) goto bad; | 262 | if (--argc < 1) goto bad; |
| 262 | md= *(++argv); | 263 | md= *(++argv); |
| 263 | } | 264 | } |
| 265 | else if (strcmp(*argv,"-non-fips-allow") == 0) | ||
| 266 | non_fips_allow = 1; | ||
| 264 | else if ((argv[0][0] == '-') && | 267 | else if ((argv[0][0] == '-') && |
| 265 | ((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) | 268 | ((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) |
| 266 | { | 269 | { |
| @@ -314,7 +317,10 @@ bad: | |||
| 314 | 317 | ||
| 315 | if (dgst == NULL) | 318 | if (dgst == NULL) |
| 316 | { | 319 | { |
| 317 | dgst = EVP_md5(); | 320 | if (in_FIPS_mode) |
| 321 | dgst = EVP_sha1(); | ||
| 322 | else | ||
| 323 | dgst = EVP_md5(); | ||
| 318 | } | 324 | } |
| 319 | 325 | ||
| 320 | if (bufsize != NULL) | 326 | if (bufsize != NULL) |
| @@ -549,6 +555,11 @@ bad: | |||
| 549 | */ | 555 | */ |
| 550 | 556 | ||
| 551 | BIO_get_cipher_ctx(benc, &ctx); | 557 | BIO_get_cipher_ctx(benc, &ctx); |
| 558 | |||
| 559 | if (non_fips_allow) | ||
| 560 | EVP_CIPHER_CTX_set_flags(ctx, | ||
| 561 | EVP_CIPH_FLAG_NON_FIPS_ALLOW); | ||
| 562 | |||
| 552 | if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) | 563 | if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) |
| 553 | { | 564 | { |
| 554 | BIO_printf(bio_err, "Error setting cipher %s\n", | 565 | BIO_printf(bio_err, "Error setting cipher %s\n", |
diff --git a/src/lib/libssl/src/apps/engine.c b/src/lib/libssl/src/apps/engine.c index 25c8617107..1d0dd9bfbc 100644 --- a/src/lib/libssl/src/apps/engine.c +++ b/src/lib/libssl/src/apps/engine.c | |||
| @@ -56,7 +56,6 @@ | |||
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #ifndef OPENSSL_NO_ENGINE | ||
| 60 | 59 | ||
| 61 | #include <stdio.h> | 60 | #include <stdio.h> |
| 62 | #include <stdlib.h> | 61 | #include <stdlib.h> |
| @@ -66,6 +65,7 @@ | |||
| 66 | #endif | 65 | #endif |
| 67 | #include "apps.h" | 66 | #include "apps.h" |
| 68 | #include <openssl/err.h> | 67 | #include <openssl/err.h> |
| 68 | #ifndef OPENSSL_NO_ENGINE | ||
| 69 | #include <openssl/engine.h> | 69 | #include <openssl/engine.h> |
| 70 | #include <openssl/ssl.h> | 70 | #include <openssl/ssl.h> |
| 71 | 71 | ||
diff --git a/src/lib/libssl/src/apps/genrsa.c b/src/lib/libssl/src/apps/genrsa.c index 1599bb7a69..fdc0d4a07d 100644 --- a/src/lib/libssl/src/apps/genrsa.c +++ b/src/lib/libssl/src/apps/genrsa.c | |||
| @@ -95,6 +95,7 @@ int MAIN(int argc, char **argv) | |||
| 95 | int ret=1; | 95 | int ret=1; |
| 96 | int i,num=DEFBITS; | 96 | int i,num=DEFBITS; |
| 97 | long l; | 97 | long l; |
| 98 | int use_x931 = 0; | ||
| 98 | const EVP_CIPHER *enc=NULL; | 99 | const EVP_CIPHER *enc=NULL; |
| 99 | unsigned long f4=RSA_F4; | 100 | unsigned long f4=RSA_F4; |
| 100 | char *outfile=NULL; | 101 | char *outfile=NULL; |
| @@ -138,6 +139,8 @@ int MAIN(int argc, char **argv) | |||
| 138 | f4=3; | 139 | f4=3; |
| 139 | else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) | 140 | else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) |
| 140 | f4=RSA_F4; | 141 | f4=RSA_F4; |
| 142 | else if (strcmp(*argv,"-x931") == 0) | ||
| 143 | use_x931 = 1; | ||
| 141 | #ifndef OPENSSL_NO_ENGINE | 144 | #ifndef OPENSSL_NO_ENGINE |
| 142 | else if (strcmp(*argv,"-engine") == 0) | 145 | else if (strcmp(*argv,"-engine") == 0) |
| 143 | { | 146 | { |
| @@ -266,7 +269,17 @@ bad: | |||
| 266 | BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n", | 269 | BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n", |
| 267 | num); | 270 | num); |
| 268 | 271 | ||
| 269 | if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb)) | 272 | if (use_x931) |
| 273 | { | ||
| 274 | BIGNUM *pubexp; | ||
| 275 | pubexp = BN_new(); | ||
| 276 | if (!BN_set_word(pubexp, f4)) | ||
| 277 | goto err; | ||
| 278 | if (!RSA_X931_generate_key_ex(rsa, num, pubexp, &cb)) | ||
| 279 | goto err; | ||
| 280 | BN_free(pubexp); | ||
| 281 | } | ||
| 282 | else if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb)) | ||
| 270 | goto err; | 283 | goto err; |
| 271 | 284 | ||
| 272 | app_RAND_write_file(NULL, bio_err); | 285 | app_RAND_write_file(NULL, bio_err); |
diff --git a/src/lib/libssl/src/apps/makeapps.com b/src/lib/libssl/src/apps/makeapps.com index 826ab5bec6..0580a1f401 100644 --- a/src/lib/libssl/src/apps/makeapps.com +++ b/src/lib/libssl/src/apps/makeapps.com | |||
| @@ -142,7 +142,7 @@ $ LIB_FILES = "VERIFY;ASN1PARS;REQ;DGST;DH;DHPARAM;ENC;PASSWD;GENDH;ERRSTR;"+- | |||
| 142 | "RSA;RSAUTL;DSA;DSAPARAM;EC;ECPARAM;"+- | 142 | "RSA;RSAUTL;DSA;DSAPARAM;EC;ECPARAM;"+- |
| 143 | "X509;GENRSA;GENDSA;S_SERVER;S_CLIENT;SPEED;"+- | 143 | "X509;GENRSA;GENDSA;S_SERVER;S_CLIENT;SPEED;"+- |
| 144 | "S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+- | 144 | "S_TIME;APPS;S_CB;S_SOCKET;APP_RAND;VERSION;SESS_ID;"+- |
| 145 | "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;CMS;RAND;ENGINE;OCSP;PRIME" | 145 | "CIPHERS;NSEQ;PKCS12;PKCS8;SPKAC;SMIME;RAND;ENGINE;OCSP;PRIME" |
| 146 | $ TCPIP_PROGRAMS = ",," | 146 | $ TCPIP_PROGRAMS = ",," |
| 147 | $ IF COMPILER .EQS. "VAXC" THEN - | 147 | $ IF COMPILER .EQS. "VAXC" THEN - |
| 148 | TCPIP_PROGRAMS = ",OPENSSL," | 148 | TCPIP_PROGRAMS = ",OPENSSL," |
diff --git a/src/lib/libssl/src/apps/nseq.c b/src/lib/libssl/src/apps/nseq.c index dc71d45012..e3c4dba547 100644 --- a/src/lib/libssl/src/apps/nseq.c +++ b/src/lib/libssl/src/apps/nseq.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* nseq.c */ | 1 | /* nseq.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/apps/ocsp.c b/src/lib/libssl/src/apps/ocsp.c index 1001f3b25d..251044d77f 100644 --- a/src/lib/libssl/src/apps/ocsp.c +++ b/src/lib/libssl/src/apps/ocsp.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* ocsp.c */ | 1 | /* ocsp.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/apps/openssl.c b/src/lib/libssl/src/apps/openssl.c index 47aee5b712..7d2b476cf0 100644 --- a/src/lib/libssl/src/apps/openssl.c +++ b/src/lib/libssl/src/apps/openssl.c | |||
| @@ -147,6 +147,7 @@ char *default_config_file=NULL; | |||
| 147 | #ifdef MONOLITH | 147 | #ifdef MONOLITH |
| 148 | CONF *config=NULL; | 148 | CONF *config=NULL; |
| 149 | BIO *bio_err=NULL; | 149 | BIO *bio_err=NULL; |
| 150 | int in_FIPS_mode=0; | ||
| 150 | #endif | 151 | #endif |
| 151 | 152 | ||
| 152 | 153 | ||
| @@ -232,6 +233,19 @@ int main(int Argc, char *Argv[]) | |||
| 232 | arg.data=NULL; | 233 | arg.data=NULL; |
| 233 | arg.count=0; | 234 | arg.count=0; |
| 234 | 235 | ||
| 236 | in_FIPS_mode = 0; | ||
| 237 | |||
| 238 | #ifdef OPENSSL_FIPS | ||
| 239 | if(getenv("OPENSSL_FIPS")) { | ||
| 240 | if (!FIPS_mode_set(1)) { | ||
| 241 | ERR_load_crypto_strings(); | ||
| 242 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | ||
| 243 | EXIT(1); | ||
| 244 | } | ||
| 245 | in_FIPS_mode = 1; | ||
| 246 | } | ||
| 247 | #endif | ||
| 248 | |||
| 235 | if (bio_err == NULL) | 249 | if (bio_err == NULL) |
| 236 | if ((bio_err=BIO_new(BIO_s_file())) != NULL) | 250 | if ((bio_err=BIO_new(BIO_s_file())) != NULL) |
| 237 | BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); | 251 | BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); |
diff --git a/src/lib/libssl/src/apps/pkcs12.c b/src/lib/libssl/src/apps/pkcs12.c index 7c71b1a88f..248bc1154d 100644 --- a/src/lib/libssl/src/apps/pkcs12.c +++ b/src/lib/libssl/src/apps/pkcs12.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* pkcs12.c */ | 1 | /* pkcs12.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -100,6 +100,7 @@ int MAIN(int argc, char **argv) | |||
| 100 | char **args; | 100 | char **args; |
| 101 | char *name = NULL; | 101 | char *name = NULL; |
| 102 | char *csp_name = NULL; | 102 | char *csp_name = NULL; |
| 103 | int add_lmk = 0; | ||
| 103 | PKCS12 *p12 = NULL; | 104 | PKCS12 *p12 = NULL; |
| 104 | char pass[50], macpass[50]; | 105 | char pass[50], macpass[50]; |
| 105 | int export_cert = 0; | 106 | int export_cert = 0; |
| @@ -110,7 +111,7 @@ int MAIN(int argc, char **argv) | |||
| 110 | int maciter = PKCS12_DEFAULT_ITER; | 111 | int maciter = PKCS12_DEFAULT_ITER; |
| 111 | int twopass = 0; | 112 | int twopass = 0; |
| 112 | int keytype = 0; | 113 | int keytype = 0; |
| 113 | int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; | 114 | int cert_pbe; |
| 114 | int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; | 115 | int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; |
| 115 | int ret = 1; | 116 | int ret = 1; |
| 116 | int macver = 1; | 117 | int macver = 1; |
| @@ -127,6 +128,13 @@ int MAIN(int argc, char **argv) | |||
| 127 | 128 | ||
| 128 | apps_startup(); | 129 | apps_startup(); |
| 129 | 130 | ||
| 131 | #ifdef OPENSSL_FIPS | ||
| 132 | if (FIPS_mode()) | ||
| 133 | cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; | ||
| 134 | else | ||
| 135 | #endif | ||
| 136 | cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC; | ||
| 137 | |||
| 130 | enc = EVP_des_ede3_cbc(); | 138 | enc = EVP_des_ede3_cbc(); |
| 131 | if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); | 139 | if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE); |
| 132 | 140 | ||
| @@ -224,7 +232,9 @@ int MAIN(int argc, char **argv) | |||
| 224 | args++; | 232 | args++; |
| 225 | name = *args; | 233 | name = *args; |
| 226 | } else badarg = 1; | 234 | } else badarg = 1; |
| 227 | } else if (!strcmp (*args, "-CSP")) { | 235 | } else if (!strcmp (*args, "-LMK")) |
| 236 | add_lmk = 1; | ||
| 237 | else if (!strcmp (*args, "-CSP")) { | ||
| 228 | if (args[1]) { | 238 | if (args[1]) { |
| 229 | args++; | 239 | args++; |
| 230 | csp_name = *args; | 240 | csp_name = *args; |
| @@ -338,6 +348,8 @@ int MAIN(int argc, char **argv) | |||
| 338 | BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); | 348 | BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); |
| 339 | BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); | 349 | BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); |
| 340 | BIO_printf(bio_err, " the random number generator\n"); | 350 | BIO_printf(bio_err, " the random number generator\n"); |
| 351 | BIO_printf(bio_err, "-CSP name Microsoft CSP name\n"); | ||
| 352 | BIO_printf(bio_err, "-LMK Add local machine keyset attribute to private key\n"); | ||
| 341 | goto end; | 353 | goto end; |
| 342 | } | 354 | } |
| 343 | 355 | ||
| @@ -562,7 +574,9 @@ int MAIN(int argc, char **argv) | |||
| 562 | if (csp_name && key) | 574 | if (csp_name && key) |
| 563 | EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name, | 575 | EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name, |
| 564 | MBSTRING_ASC, (unsigned char *)csp_name, -1); | 576 | MBSTRING_ASC, (unsigned char *)csp_name, -1); |
| 565 | 577 | ||
| 578 | if (add_lmk && key) | ||
| 579 | EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1); | ||
| 566 | 580 | ||
| 567 | #ifdef CRYPTO_MDEBUG | 581 | #ifdef CRYPTO_MDEBUG |
| 568 | CRYPTO_pop_info(); | 582 | CRYPTO_pop_info(); |
diff --git a/src/lib/libssl/src/apps/pkcs8.c b/src/lib/libssl/src/apps/pkcs8.c index d5085444e2..9633a149bc 100644 --- a/src/lib/libssl/src/apps/pkcs8.c +++ b/src/lib/libssl/src/apps/pkcs8.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* pkcs8.c */ | 1 | /* pkcs8.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999-2004. | 3 | * project 1999-2004. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/apps/rsautl.c b/src/lib/libssl/src/apps/rsautl.c index f3c458ed27..923e2b682f 100644 --- a/src/lib/libssl/src/apps/rsautl.c +++ b/src/lib/libssl/src/apps/rsautl.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* rsautl.c */ | 1 | /* rsautl.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c index a4983c178f..4974f5fc93 100644 --- a/src/lib/libssl/src/apps/s_client.c +++ b/src/lib/libssl/src/apps/s_client.c | |||
| @@ -221,6 +221,7 @@ static void sc_usage(void) | |||
| 221 | BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); | 221 | BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n"); |
| 222 | BIO_printf(bio_err," -quiet - no s_client output\n"); | 222 | BIO_printf(bio_err," -quiet - no s_client output\n"); |
| 223 | BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n"); | 223 | BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n"); |
| 224 | BIO_printf(bio_err," -no_ign_eof - don't ignore input eof\n"); | ||
| 224 | BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); | 225 | BIO_printf(bio_err," -ssl2 - just use SSLv2\n"); |
| 225 | BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); | 226 | BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); |
| 226 | BIO_printf(bio_err," -tls1 - just use TLSv1\n"); | 227 | BIO_printf(bio_err," -tls1 - just use TLSv1\n"); |
| @@ -234,7 +235,8 @@ static void sc_usage(void) | |||
| 234 | BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); | 235 | BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n"); |
| 235 | BIO_printf(bio_err," for those protocols that support it, where\n"); | 236 | BIO_printf(bio_err," for those protocols that support it, where\n"); |
| 236 | BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); | 237 | BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); |
| 237 | BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", and \"ftp\" are supported.\n"); | 238 | BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n"); |
| 239 | BIO_printf(bio_err," are supported.\n"); | ||
| 238 | #ifndef OPENSSL_NO_ENGINE | 240 | #ifndef OPENSSL_NO_ENGINE |
| 239 | BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); | 241 | BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); |
| 240 | #endif | 242 | #endif |
| @@ -276,7 +278,8 @@ enum | |||
| 276 | PROTO_SMTP, | 278 | PROTO_SMTP, |
| 277 | PROTO_POP3, | 279 | PROTO_POP3, |
| 278 | PROTO_IMAP, | 280 | PROTO_IMAP, |
| 279 | PROTO_FTP | 281 | PROTO_FTP, |
| 282 | PROTO_XMPP | ||
| 280 | }; | 283 | }; |
| 281 | 284 | ||
| 282 | int MAIN(int, char **); | 285 | int MAIN(int, char **); |
| @@ -317,8 +320,10 @@ int MAIN(int argc, char **argv) | |||
| 317 | int mbuf_len=0; | 320 | int mbuf_len=0; |
| 318 | #ifndef OPENSSL_NO_ENGINE | 321 | #ifndef OPENSSL_NO_ENGINE |
| 319 | char *engine_id=NULL; | 322 | char *engine_id=NULL; |
| 320 | ENGINE *e=NULL; | 323 | char *ssl_client_engine_id=NULL; |
| 324 | ENGINE *ssl_client_engine=NULL; | ||
| 321 | #endif | 325 | #endif |
| 326 | ENGINE *e=NULL; | ||
| 322 | #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) | 327 | #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) |
| 323 | struct timeval tv; | 328 | struct timeval tv; |
| 324 | #endif | 329 | #endif |
| @@ -334,6 +339,9 @@ int MAIN(int argc, char **argv) | |||
| 334 | int peerlen = sizeof(peer); | 339 | int peerlen = sizeof(peer); |
| 335 | int enable_timeouts = 0 ; | 340 | int enable_timeouts = 0 ; |
| 336 | long mtu = 0; | 341 | long mtu = 0; |
| 342 | #ifndef OPENSSL_NO_JPAKE | ||
| 343 | char *jpake_secret = NULL; | ||
| 344 | #endif | ||
| 337 | 345 | ||
| 338 | #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) | 346 | #if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3) |
| 339 | meth=SSLv23_client_method(); | 347 | meth=SSLv23_client_method(); |
| @@ -434,6 +442,8 @@ int MAIN(int argc, char **argv) | |||
| 434 | } | 442 | } |
| 435 | else if (strcmp(*argv,"-ign_eof") == 0) | 443 | else if (strcmp(*argv,"-ign_eof") == 0) |
| 436 | c_ign_eof=1; | 444 | c_ign_eof=1; |
| 445 | else if (strcmp(*argv,"-no_ign_eof") == 0) | ||
| 446 | c_ign_eof=0; | ||
| 437 | else if (strcmp(*argv,"-pause") == 0) | 447 | else if (strcmp(*argv,"-pause") == 0) |
| 438 | c_Pause=1; | 448 | c_Pause=1; |
| 439 | else if (strcmp(*argv,"-debug") == 0) | 449 | else if (strcmp(*argv,"-debug") == 0) |
| @@ -546,6 +556,8 @@ int MAIN(int argc, char **argv) | |||
| 546 | starttls_proto = PROTO_IMAP; | 556 | starttls_proto = PROTO_IMAP; |
| 547 | else if (strcmp(*argv,"ftp") == 0) | 557 | else if (strcmp(*argv,"ftp") == 0) |
| 548 | starttls_proto = PROTO_FTP; | 558 | starttls_proto = PROTO_FTP; |
| 559 | else if (strcmp(*argv, "xmpp") == 0) | ||
| 560 | starttls_proto = PROTO_XMPP; | ||
| 549 | else | 561 | else |
| 550 | goto bad; | 562 | goto bad; |
| 551 | } | 563 | } |
| @@ -555,6 +567,11 @@ int MAIN(int argc, char **argv) | |||
| 555 | if (--argc < 1) goto bad; | 567 | if (--argc < 1) goto bad; |
| 556 | engine_id = *(++argv); | 568 | engine_id = *(++argv); |
| 557 | } | 569 | } |
| 570 | else if (strcmp(*argv,"-ssl_client_engine") == 0) | ||
| 571 | { | ||
| 572 | if (--argc < 1) goto bad; | ||
| 573 | ssl_client_engine_id = *(++argv); | ||
| 574 | } | ||
| 558 | #endif | 575 | #endif |
| 559 | else if (strcmp(*argv,"-rand") == 0) | 576 | else if (strcmp(*argv,"-rand") == 0) |
| 560 | { | 577 | { |
| @@ -569,6 +586,13 @@ int MAIN(int argc, char **argv) | |||
| 569 | /* meth=TLSv1_client_method(); */ | 586 | /* meth=TLSv1_client_method(); */ |
| 570 | } | 587 | } |
| 571 | #endif | 588 | #endif |
| 589 | #ifndef OPENSSL_NO_JPAKE | ||
| 590 | else if (strcmp(*argv,"-jpake") == 0) | ||
| 591 | { | ||
| 592 | if (--argc < 1) goto bad; | ||
| 593 | jpake_secret = *++argv; | ||
| 594 | } | ||
| 595 | #endif | ||
| 572 | else | 596 | else |
| 573 | { | 597 | { |
| 574 | BIO_printf(bio_err,"unknown option %s\n",*argv); | 598 | BIO_printf(bio_err,"unknown option %s\n",*argv); |
| @@ -590,6 +614,16 @@ bad: | |||
| 590 | 614 | ||
| 591 | #ifndef OPENSSL_NO_ENGINE | 615 | #ifndef OPENSSL_NO_ENGINE |
| 592 | e = setup_engine(bio_err, engine_id, 1); | 616 | e = setup_engine(bio_err, engine_id, 1); |
| 617 | if (ssl_client_engine_id) | ||
| 618 | { | ||
| 619 | ssl_client_engine = ENGINE_by_id(ssl_client_engine_id); | ||
| 620 | if (!ssl_client_engine) | ||
| 621 | { | ||
| 622 | BIO_printf(bio_err, | ||
| 623 | "Error getting client auth engine\n"); | ||
| 624 | goto end; | ||
| 625 | } | ||
| 626 | } | ||
| 593 | #endif | 627 | #endif |
| 594 | if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) | 628 | if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) |
| 595 | { | 629 | { |
| @@ -657,6 +691,20 @@ bad: | |||
| 657 | goto end; | 691 | goto end; |
| 658 | } | 692 | } |
| 659 | 693 | ||
| 694 | #ifndef OPENSSL_NO_ENGINE | ||
| 695 | if (ssl_client_engine) | ||
| 696 | { | ||
| 697 | if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine)) | ||
| 698 | { | ||
| 699 | BIO_puts(bio_err, "Error setting client auth engine\n"); | ||
| 700 | ERR_print_errors(bio_err); | ||
| 701 | ENGINE_free(ssl_client_engine); | ||
| 702 | goto end; | ||
| 703 | } | ||
| 704 | ENGINE_free(ssl_client_engine); | ||
| 705 | } | ||
| 706 | #endif | ||
| 707 | |||
| 660 | if (bugs) | 708 | if (bugs) |
| 661 | SSL_CTX_set_options(ctx,SSL_OP_ALL|off); | 709 | SSL_CTX_set_options(ctx,SSL_OP_ALL|off); |
| 662 | else | 710 | else |
| @@ -807,8 +855,6 @@ re_start: | |||
| 807 | else | 855 | else |
| 808 | sbio=BIO_new_socket(s,BIO_NOCLOSE); | 856 | sbio=BIO_new_socket(s,BIO_NOCLOSE); |
| 809 | 857 | ||
| 810 | |||
| 811 | |||
| 812 | if (nbio_test) | 858 | if (nbio_test) |
| 813 | { | 859 | { |
| 814 | BIO *test; | 860 | BIO *test; |
| @@ -852,6 +898,10 @@ SSL_set_tlsext_status_ids(con, ids); | |||
| 852 | #endif | 898 | #endif |
| 853 | } | 899 | } |
| 854 | #endif | 900 | #endif |
| 901 | #ifndef OPENSSL_NO_JPAKE | ||
| 902 | if (jpake_secret) | ||
| 903 | jpake_client_auth(bio_c_out, sbio, jpake_secret); | ||
| 904 | #endif | ||
| 855 | 905 | ||
| 856 | SSL_set_bio(con,sbio,sbio); | 906 | SSL_set_bio(con,sbio,sbio); |
| 857 | SSL_set_connect_state(con); | 907 | SSL_set_connect_state(con); |
| @@ -958,6 +1008,28 @@ SSL_set_tlsext_status_ids(con, ids); | |||
| 958 | BIO_printf(sbio,"AUTH TLS\r\n"); | 1008 | BIO_printf(sbio,"AUTH TLS\r\n"); |
| 959 | BIO_read(sbio,sbuf,BUFSIZZ); | 1009 | BIO_read(sbio,sbuf,BUFSIZZ); |
| 960 | } | 1010 | } |
| 1011 | if (starttls_proto == PROTO_XMPP) | ||
| 1012 | { | ||
| 1013 | int seen = 0; | ||
| 1014 | BIO_printf(sbio,"<stream:stream " | ||
| 1015 | "xmlns:stream='http://etherx.jabber.org/streams' " | ||
| 1016 | "xmlns='jabber:client' to='%s' version='1.0'>", host); | ||
| 1017 | seen = BIO_read(sbio,mbuf,BUFSIZZ); | ||
| 1018 | mbuf[seen] = 0; | ||
| 1019 | while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'")) | ||
| 1020 | { | ||
| 1021 | if (strstr(mbuf, "/stream:features>")) | ||
| 1022 | goto shut; | ||
| 1023 | seen = BIO_read(sbio,mbuf,BUFSIZZ); | ||
| 1024 | mbuf[seen] = 0; | ||
| 1025 | } | ||
| 1026 | BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"); | ||
| 1027 | seen = BIO_read(sbio,sbuf,BUFSIZZ); | ||
| 1028 | sbuf[seen] = 0; | ||
| 1029 | if (!strstr(sbuf, "<proceed")) | ||
| 1030 | goto shut; | ||
| 1031 | mbuf[0] = 0; | ||
| 1032 | } | ||
| 961 | 1033 | ||
| 962 | for (;;) | 1034 | for (;;) |
| 963 | { | 1035 | { |
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c index 7919c437c6..84b1b28461 100644 --- a/src/lib/libssl/src/apps/s_server.c +++ b/src/lib/libssl/src/apps/s_server.c | |||
| @@ -742,6 +742,10 @@ BIO_printf(err, "cert_status: received %d ids\n", sk_OCSP_RESPID_num(ids)); | |||
| 742 | #endif | 742 | #endif |
| 743 | int MAIN(int, char **); | 743 | int MAIN(int, char **); |
| 744 | 744 | ||
| 745 | #ifndef OPENSSL_NO_JPAKE | ||
| 746 | static char *jpake_secret = NULL; | ||
| 747 | #endif | ||
| 748 | |||
| 745 | int MAIN(int argc, char *argv[]) | 749 | int MAIN(int argc, char *argv[]) |
| 746 | { | 750 | { |
| 747 | X509_STORE *store = NULL; | 751 | X509_STORE *store = NULL; |
| @@ -760,9 +764,7 @@ int MAIN(int argc, char *argv[]) | |||
| 760 | int state=0; | 764 | int state=0; |
| 761 | SSL_METHOD *meth=NULL; | 765 | SSL_METHOD *meth=NULL; |
| 762 | int socket_type=SOCK_STREAM; | 766 | int socket_type=SOCK_STREAM; |
| 763 | #ifndef OPENSSL_NO_ENGINE | ||
| 764 | ENGINE *e=NULL; | 767 | ENGINE *e=NULL; |
| 765 | #endif | ||
| 766 | char *inrand=NULL; | 768 | char *inrand=NULL; |
| 767 | int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; | 769 | int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM; |
| 768 | char *passarg = NULL, *pass = NULL; | 770 | char *passarg = NULL, *pass = NULL; |
| @@ -774,7 +776,6 @@ int MAIN(int argc, char *argv[]) | |||
| 774 | EVP_PKEY *s_key2 = NULL; | 776 | EVP_PKEY *s_key2 = NULL; |
| 775 | X509 *s_cert2 = NULL; | 777 | X509 *s_cert2 = NULL; |
| 776 | #endif | 778 | #endif |
| 777 | |||
| 778 | #ifndef OPENSSL_NO_TLSEXT | 779 | #ifndef OPENSSL_NO_TLSEXT |
| 779 | tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; | 780 | tlsextctx tlsextcbp = {NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING}; |
| 780 | #endif | 781 | #endif |
| @@ -1071,6 +1072,14 @@ int MAIN(int argc, char *argv[]) | |||
| 1071 | if (--argc < 1) goto bad; | 1072 | if (--argc < 1) goto bad; |
| 1072 | s_key_file2= *(++argv); | 1073 | s_key_file2= *(++argv); |
| 1073 | } | 1074 | } |
| 1075 | |||
| 1076 | #endif | ||
| 1077 | #ifndef OPENSSL_NO_JPAKE | ||
| 1078 | else if (strcmp(*argv,"-jpake") == 0) | ||
| 1079 | { | ||
| 1080 | if (--argc < 1) goto bad; | ||
| 1081 | jpake_secret = *(++argv); | ||
| 1082 | } | ||
| 1074 | #endif | 1083 | #endif |
| 1075 | else | 1084 | else |
| 1076 | { | 1085 | { |
| @@ -1673,6 +1682,11 @@ static int sv_body(char *hostname, int s, unsigned char *context) | |||
| 1673 | test=BIO_new(BIO_f_nbio_test()); | 1682 | test=BIO_new(BIO_f_nbio_test()); |
| 1674 | sbio=BIO_push(test,sbio); | 1683 | sbio=BIO_push(test,sbio); |
| 1675 | } | 1684 | } |
| 1685 | #ifndef OPENSSL_NO_JPAKE | ||
| 1686 | if(jpake_secret) | ||
| 1687 | jpake_server_auth(bio_s_out, sbio, jpake_secret); | ||
| 1688 | #endif | ||
| 1689 | |||
| 1676 | SSL_set_bio(con,sbio,sbio); | 1690 | SSL_set_bio(con,sbio,sbio); |
| 1677 | SSL_set_accept_state(con); | 1691 | SSL_set_accept_state(con); |
| 1678 | /* SSL_set_fd(con,s); */ | 1692 | /* SSL_set_fd(con,s); */ |
diff --git a/src/lib/libssl/src/apps/smime.c b/src/lib/libssl/src/apps/smime.c index ce8a1cbecb..75804b8d7b 100644 --- a/src/lib/libssl/src/apps/smime.c +++ b/src/lib/libssl/src/apps/smime.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* smime.c */ | 1 | /* smime.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/apps/speed.c b/src/lib/libssl/src/apps/speed.c index 8a1974f5fe..af077b54a8 100644 --- a/src/lib/libssl/src/apps/speed.c +++ b/src/lib/libssl/src/apps/speed.c | |||
| @@ -2132,7 +2132,7 @@ int MAIN(int argc, char **argv) | |||
| 2132 | { | 2132 | { |
| 2133 | ret=RSA_verify(NID_md5_sha1, buf,36, buf2, | 2133 | ret=RSA_verify(NID_md5_sha1, buf,36, buf2, |
| 2134 | rsa_num, rsa_key[j]); | 2134 | rsa_num, rsa_key[j]); |
| 2135 | if (ret == 0) | 2135 | if (ret <= 0) |
| 2136 | { | 2136 | { |
| 2137 | BIO_printf(bio_err, | 2137 | BIO_printf(bio_err, |
| 2138 | "RSA verify failure\n"); | 2138 | "RSA verify failure\n"); |
| @@ -2760,6 +2760,8 @@ static int do_multi(int multi) | |||
| 2760 | for(n=0 ; n < multi ; ++n) | 2760 | for(n=0 ; n < multi ; ++n) |
| 2761 | { | 2761 | { |
| 2762 | pipe(fd); | 2762 | pipe(fd); |
| 2763 | fflush(stdout); | ||
| 2764 | fflush(stderr); | ||
| 2763 | if(fork()) | 2765 | if(fork()) |
| 2764 | { | 2766 | { |
| 2765 | close(fd[1]); | 2767 | close(fd[1]); |
diff --git a/src/lib/libssl/src/apps/spkac.c b/src/lib/libssl/src/apps/spkac.c index 0191d0a783..0e01ea9947 100644 --- a/src/lib/libssl/src/apps/spkac.c +++ b/src/lib/libssl/src/apps/spkac.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* apps/spkac.c */ | 1 | /* apps/spkac.c */ |
| 2 | 2 | ||
| 3 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 3 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 4 | * project 1999. Based on an original idea by Massimiliano Pala | 4 | * project 1999. Based on an original idea by Massimiliano Pala |
| 5 | * (madwolf@openca.org). | 5 | * (madwolf@openca.org). |
| 6 | */ | 6 | */ |
| @@ -285,7 +285,7 @@ bad: | |||
| 285 | pkey = NETSCAPE_SPKI_get_pubkey(spki); | 285 | pkey = NETSCAPE_SPKI_get_pubkey(spki); |
| 286 | if(verify) { | 286 | if(verify) { |
| 287 | i = NETSCAPE_SPKI_verify(spki, pkey); | 287 | i = NETSCAPE_SPKI_verify(spki, pkey); |
| 288 | if(i) BIO_printf(bio_err, "Signature OK\n"); | 288 | if (i > 0) BIO_printf(bio_err, "Signature OK\n"); |
| 289 | else { | 289 | else { |
| 290 | BIO_printf(bio_err, "Signature Failure\n"); | 290 | BIO_printf(bio_err, "Signature Failure\n"); |
| 291 | ERR_print_errors(bio_err); | 291 | ERR_print_errors(bio_err); |
diff --git a/src/lib/libssl/src/apps/verify.c b/src/lib/libssl/src/apps/verify.c index 9ff32cb068..20cc9e354c 100644 --- a/src/lib/libssl/src/apps/verify.c +++ b/src/lib/libssl/src/apps/verify.c | |||
| @@ -266,7 +266,7 @@ static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain, STACK_OF(X | |||
| 266 | 266 | ||
| 267 | ret=0; | 267 | ret=0; |
| 268 | end: | 268 | end: |
| 269 | if (i) | 269 | if (i > 0) |
| 270 | { | 270 | { |
| 271 | fprintf(stdout,"OK\n"); | 271 | fprintf(stdout,"OK\n"); |
| 272 | ret=1; | 272 | ret=1; |
| @@ -367,4 +367,3 @@ static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx) | |||
| 367 | ERR_clear_error(); | 367 | ERR_clear_error(); |
| 368 | return(ok); | 368 | return(ok); |
| 369 | } | 369 | } |
| 370 | |||
diff --git a/src/lib/libssl/src/apps/version.c b/src/lib/libssl/src/apps/version.c index 69ef3e1bad..e9555cbde2 100644 --- a/src/lib/libssl/src/apps/version.c +++ b/src/lib/libssl/src/apps/version.c | |||
| @@ -167,7 +167,7 @@ int MAIN(int argc, char **argv) | |||
| 167 | date=version=cflags=options=platform=dir=1; | 167 | date=version=cflags=options=platform=dir=1; |
| 168 | else | 168 | else |
| 169 | { | 169 | { |
| 170 | BIO_printf(bio_err,"usage:version -[avbofp]\n"); | 170 | BIO_printf(bio_err,"usage:version -[avbofpd]\n"); |
| 171 | ret=1; | 171 | ret=1; |
| 172 | goto end; | 172 | goto end; |
| 173 | } | 173 | } |
diff --git a/src/lib/libssl/src/apps/x509.c b/src/lib/libssl/src/apps/x509.c index f6938356f8..d904d34021 100644 --- a/src/lib/libssl/src/apps/x509.c +++ b/src/lib/libssl/src/apps/x509.c | |||
| @@ -1151,7 +1151,7 @@ static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, | |||
| 1151 | /* NOTE: this certificate can/should be self signed, unless it was | 1151 | /* NOTE: this certificate can/should be self signed, unless it was |
| 1152 | * a certificate request in which case it is not. */ | 1152 | * a certificate request in which case it is not. */ |
| 1153 | X509_STORE_CTX_set_cert(&xsc,x); | 1153 | X509_STORE_CTX_set_cert(&xsc,x); |
| 1154 | if (!reqfile && !X509_verify_cert(&xsc)) | 1154 | if (!reqfile && X509_verify_cert(&xsc) <= 0) |
| 1155 | goto end; | 1155 | goto end; |
| 1156 | 1156 | ||
| 1157 | if (!X509_check_private_key(xca,pkey)) | 1157 | if (!X509_check_private_key(xca,pkey)) |
diff --git a/src/lib/libssl/src/crypto/Makefile b/src/lib/libssl/src/crypto/Makefile index bb8eaa036c..6557f2b4e1 100644 --- a/src/lib/libssl/src/crypto/Makefile +++ b/src/lib/libssl/src/crypto/Makefile | |||
| @@ -33,8 +33,8 @@ GENERAL=Makefile README crypto-lib.com install.com | |||
| 33 | 33 | ||
| 34 | LIB= $(TOP)/libcrypto.a | 34 | LIB= $(TOP)/libcrypto.a |
| 35 | SHARED_LIB= libcrypto$(SHLIB_EXT) | 35 | SHARED_LIB= libcrypto$(SHLIB_EXT) |
| 36 | LIBSRC= cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c | 36 | LIBSRC= cryptlib.c dyn_lck.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c tmdiff.c cpt_err.c ebcdic.c uid.c o_time.c o_str.c o_dir.c o_init.c fips_err.c |
| 37 | LIBOBJ= cryptlib.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o $(CPUID_OBJ) | 37 | LIBOBJ= cryptlib.o dyn_lck.o mem.o mem_clr.o mem_dbg.o cversion.o ex_data.o tmdiff.o cpt_err.o ebcdic.o uid.o o_time.o o_str.o o_dir.o o_init.o fips_err.o $(CPUID_OBJ) |
| 38 | 38 | ||
| 39 | SRC= $(LIBSRC) | 39 | SRC= $(LIBSRC) |
| 40 | 40 | ||
| @@ -47,7 +47,7 @@ ALL= $(GENERAL) $(SRC) $(HEADER) | |||
| 47 | top: | 47 | top: |
| 48 | @(cd ..; $(MAKE) DIRS=$(DIR) all) | 48 | @(cd ..; $(MAKE) DIRS=$(DIR) all) |
| 49 | 49 | ||
| 50 | all: shared | 50 | all: lib |
| 51 | 51 | ||
| 52 | buildinf.h: ../Makefile | 52 | buildinf.h: ../Makefile |
| 53 | ( echo "#ifndef MK1MF_BUILD"; \ | 53 | ( echo "#ifndef MK1MF_BUILD"; \ |
| @@ -95,10 +95,10 @@ links: | |||
| 95 | @target=links; $(RECURSIVE_MAKE) | 95 | @target=links; $(RECURSIVE_MAKE) |
| 96 | 96 | ||
| 97 | # lib: and $(LIB): are splitted to avoid end-less loop | 97 | # lib: and $(LIB): are splitted to avoid end-less loop |
| 98 | lib: $(LIB) | 98 | lib: buildinf.h $(LIB) subdirs |
| 99 | @touch lib | 99 | @touch lib |
| 100 | $(LIB): $(LIBOBJ) | 100 | $(LIB): $(LIBOBJ) |
| 101 | $(AR) $(LIB) $(LIBOBJ) | 101 | $(ARX) $(LIB) $(LIBOBJ) |
| 102 | $(RANLIB) $(LIB) || echo Never mind. | 102 | $(RANLIB) $(LIB) || echo Never mind. |
| 103 | 103 | ||
| 104 | shared: buildinf.h lib subdirs | 104 | shared: buildinf.h lib subdirs |
| @@ -159,6 +159,13 @@ cversion.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | |||
| 159 | cversion.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h | 159 | cversion.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h |
| 160 | cversion.o: ../include/openssl/stack.h ../include/openssl/symhacks.h buildinf.h | 160 | cversion.o: ../include/openssl/stack.h ../include/openssl/symhacks.h buildinf.h |
| 161 | cversion.o: cryptlib.h cversion.c | 161 | cversion.o: cryptlib.h cversion.c |
| 162 | dyn_lck.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h | ||
| 163 | dyn_lck.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | ||
| 164 | dyn_lck.o: ../include/openssl/err.h ../include/openssl/lhash.h | ||
| 165 | dyn_lck.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 166 | dyn_lck.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h | ||
| 167 | dyn_lck.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h | ||
| 168 | dyn_lck.o: dyn_lck.c | ||
| 162 | ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c | 169 | ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c |
| 163 | ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h | 170 | ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h |
| 164 | ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 171 | ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| @@ -167,6 +174,13 @@ ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | |||
| 167 | ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h | 174 | ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h |
| 168 | ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h | 175 | ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h |
| 169 | ex_data.o: ex_data.c | 176 | ex_data.o: ex_data.c |
| 177 | fips_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h | ||
| 178 | fips_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h | ||
| 179 | fips_err.o: ../include/openssl/fips.h ../include/openssl/lhash.h | ||
| 180 | fips_err.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 181 | fips_err.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h | ||
| 182 | fips_err.o: ../include/openssl/stack.h ../include/openssl/symhacks.h fips_err.c | ||
| 183 | fips_err.o: fips_err.h | ||
| 170 | mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h | 184 | mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h |
| 171 | mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 185 | mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 172 | mem.o: ../include/openssl/err.h ../include/openssl/lhash.h | 186 | mem.o: ../include/openssl/err.h ../include/openssl/lhash.h |
| @@ -187,6 +201,12 @@ mem_dbg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h | |||
| 187 | mem_dbg.o: mem_dbg.c | 201 | mem_dbg.o: mem_dbg.c |
| 188 | o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h | 202 | o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h |
| 189 | o_dir.o: LPdir_unix.c o_dir.c o_dir.h | 203 | o_dir.o: LPdir_unix.c o_dir.c o_dir.h |
| 204 | o_init.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h | ||
| 205 | o_init.o: ../include/openssl/e_os2.h ../include/openssl/err.h | ||
| 206 | o_init.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h | ||
| 207 | o_init.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | ||
| 208 | o_init.o: ../include/openssl/safestack.h ../include/openssl/stack.h | ||
| 209 | o_init.o: ../include/openssl/symhacks.h o_init.c | ||
| 190 | o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h | 210 | o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h |
| 191 | o_str.o: o_str.c o_str.h | 211 | o_str.o: o_str.c o_str.h |
| 192 | o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c | 212 | o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c |
diff --git a/src/lib/libssl/src/crypto/aes/Makefile b/src/lib/libssl/src/crypto/aes/Makefile index 22c7203dbb..9d174f4c3e 100644 --- a/src/lib/libssl/src/crypto/aes/Makefile +++ b/src/lib/libssl/src/crypto/aes/Makefile | |||
| @@ -41,7 +41,7 @@ top: | |||
| 41 | all: lib | 41 | all: lib |
| 42 | 42 | ||
| 43 | lib: $(LIBOBJ) | 43 | lib: $(LIBOBJ) |
| 44 | $(AR) $(LIB) $(LIBOBJ) | 44 | $(ARX) $(LIB) $(LIBOBJ) |
| 45 | $(RANLIB) $(LIB) || echo Never mind. | 45 | $(RANLIB) $(LIB) || echo Never mind. |
| 46 | @touch lib | 46 | @touch lib |
| 47 | 47 | ||
| @@ -103,7 +103,8 @@ aes_cfb.o: ../../e_os.h ../../include/openssl/aes.h | |||
| 103 | aes_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 103 | aes_cfb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h |
| 104 | aes_cfb.o: aes_cfb.c aes_locl.h | 104 | aes_cfb.o: aes_cfb.c aes_locl.h |
| 105 | aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h | 105 | aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h |
| 106 | aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h | 106 | aes_core.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h |
| 107 | aes_core.o: aes_core.c aes_locl.h | ||
| 107 | aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h | 108 | aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h |
| 108 | aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h | 109 | aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c aes_locl.h |
| 109 | aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h | 110 | aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h |
diff --git a/src/lib/libssl/src/crypto/aes/aes.h b/src/lib/libssl/src/crypto/aes/aes.h index baf0222d49..450f2b4051 100644 --- a/src/lib/libssl/src/crypto/aes/aes.h +++ b/src/lib/libssl/src/crypto/aes/aes.h | |||
| @@ -66,6 +66,10 @@ | |||
| 66 | #define AES_MAXNR 14 | 66 | #define AES_MAXNR 14 |
| 67 | #define AES_BLOCK_SIZE 16 | 67 | #define AES_BLOCK_SIZE 16 |
| 68 | 68 | ||
| 69 | #ifdef OPENSSL_FIPS | ||
| 70 | #define FIPS_AES_SIZE_T int | ||
| 71 | #endif | ||
| 72 | |||
| 69 | #ifdef __cplusplus | 73 | #ifdef __cplusplus |
| 70 | extern "C" { | 74 | extern "C" { |
| 71 | #endif | 75 | #endif |
diff --git a/src/lib/libssl/src/crypto/aes/aes_cbc.c b/src/lib/libssl/src/crypto/aes/aes_cbc.c index d2ba6bcdb4..373864cd4b 100644 --- a/src/lib/libssl/src/crypto/aes/aes_cbc.c +++ b/src/lib/libssl/src/crypto/aes/aes_cbc.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <openssl/aes.h> | 59 | #include <openssl/aes.h> |
| 60 | #include "aes_locl.h" | 60 | #include "aes_locl.h" |
| 61 | 61 | ||
| 62 | #if !defined(OPENSSL_FIPS_AES_ASM) | ||
| 62 | void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, | 63 | void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, |
| 63 | const unsigned long length, const AES_KEY *key, | 64 | const unsigned long length, const AES_KEY *key, |
| 64 | unsigned char *ivec, const int enc) { | 65 | unsigned char *ivec, const int enc) { |
| @@ -129,3 +130,4 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, | |||
| 129 | } | 130 | } |
| 130 | } | 131 | } |
| 131 | } | 132 | } |
| 133 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/aes/aes_core.c b/src/lib/libssl/src/crypto/aes/aes_core.c index 3a80e18b0a..cffdd4daec 100644 --- a/src/lib/libssl/src/crypto/aes/aes_core.c +++ b/src/lib/libssl/src/crypto/aes/aes_core.c | |||
| @@ -37,6 +37,10 @@ | |||
| 37 | 37 | ||
| 38 | #include <stdlib.h> | 38 | #include <stdlib.h> |
| 39 | #include <openssl/aes.h> | 39 | #include <openssl/aes.h> |
| 40 | #ifdef OPENSSL_FIPS | ||
| 41 | #include <openssl/fips.h> | ||
| 42 | #endif | ||
| 43 | |||
| 40 | #include "aes_locl.h" | 44 | #include "aes_locl.h" |
| 41 | 45 | ||
| 42 | /* | 46 | /* |
| @@ -631,6 +635,10 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits, | |||
| 631 | int i = 0; | 635 | int i = 0; |
| 632 | u32 temp; | 636 | u32 temp; |
| 633 | 637 | ||
| 638 | #ifdef OPENSSL_FIPS | ||
| 639 | FIPS_selftest_check(); | ||
| 640 | #endif | ||
| 641 | |||
| 634 | if (!userKey || !key) | 642 | if (!userKey || !key) |
| 635 | return -1; | 643 | return -1; |
| 636 | if (bits != 128 && bits != 192 && bits != 256) | 644 | if (bits != 128 && bits != 192 && bits != 256) |
diff --git a/src/lib/libssl/src/crypto/asn1/Makefile b/src/lib/libssl/src/crypto/asn1/Makefile index 63066899d0..94a6885804 100644 --- a/src/lib/libssl/src/crypto/asn1/Makefile +++ b/src/lib/libssl/src/crypto/asn1/Makefile | |||
| @@ -63,7 +63,7 @@ pk: pk.c | |||
| 63 | all: lib | 63 | all: lib |
| 64 | 64 | ||
| 65 | lib: $(LIBOBJ) | 65 | lib: $(LIBOBJ) |
| 66 | $(AR) $(LIB) $(LIBOBJ) | 66 | $(ARX) $(LIB) $(LIBOBJ) |
| 67 | $(RANLIB) $(LIB) || echo Never mind. | 67 | $(RANLIB) $(LIB) || echo Never mind. |
| 68 | @touch lib | 68 | @touch lib |
| 69 | 69 | ||
| @@ -142,9 +142,9 @@ a_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 142 | a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 142 | a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 143 | a_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 143 | a_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 144 | a_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 144 | a_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 145 | a_digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 145 | a_digest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 146 | a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 146 | a_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 147 | a_digest.o: ../../include/openssl/opensslconf.h | 147 | a_digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 148 | a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 148 | a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 149 | a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 149 | a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 150 | a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 150 | a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -250,27 +250,27 @@ a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | |||
| 250 | a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 250 | a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 251 | a_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 251 | a_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 252 | a_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 252 | a_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 253 | a_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 253 | a_sign.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 254 | a_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 254 | a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 255 | a_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 255 | a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 256 | a_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 256 | a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 257 | a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 257 | a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 258 | a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 258 | a_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 259 | a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 259 | a_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 260 | a_sign.o: ../cryptlib.h a_sign.c | 260 | a_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_sign.c |
| 261 | a_strex.o: ../../e_os.h ../../include/openssl/asn1.h | 261 | a_strex.o: ../../e_os.h ../../include/openssl/asn1.h |
| 262 | a_strex.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 262 | a_strex.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 263 | a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 263 | a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 264 | a_strex.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 264 | a_strex.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 265 | a_strex.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 265 | a_strex.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 266 | a_strex.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 266 | a_strex.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 267 | a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 267 | a_strex.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 268 | a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 268 | a_strex.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 269 | a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 269 | a_strex.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 270 | a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 270 | a_strex.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 271 | a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 271 | a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 272 | a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 272 | a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 273 | a_strex.o: ../cryptlib.h a_strex.c charmap.h | 273 | a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h |
| 274 | a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h | 274 | a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h |
| 275 | a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 275 | a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 276 | a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 276 | a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| @@ -318,8 +318,9 @@ a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 318 | a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 318 | a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 319 | a_verify.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 319 | a_verify.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 320 | a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 320 | a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 321 | a_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 321 | a_verify.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 322 | a_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 322 | a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 323 | a_verify.o: ../../include/openssl/opensslconf.h | ||
| 323 | a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 324 | a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 324 | a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 325 | a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 325 | a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 326 | a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -338,8 +339,9 @@ asn1_gen.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 338 | asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 339 | asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 339 | asn1_gen.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 340 | asn1_gen.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 340 | asn1_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 341 | asn1_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 341 | asn1_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 342 | asn1_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 342 | asn1_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 343 | asn1_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 344 | asn1_gen.o: ../../include/openssl/opensslconf.h | ||
| 343 | asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 345 | asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 344 | asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 346 | asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 345 | asn1_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 347 | asn1_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -369,8 +371,9 @@ asn_mime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 369 | asn_mime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 371 | asn_mime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 370 | asn_mime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 372 | asn_mime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 371 | asn_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 373 | asn_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 372 | asn_mime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 374 | asn_mime.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 373 | asn_mime.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 375 | asn_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 376 | asn_mime.o: ../../include/openssl/opensslconf.h | ||
| 374 | asn_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 377 | asn_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 375 | asn_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 378 | asn_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| 376 | asn_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 379 | asn_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -383,9 +386,9 @@ asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 383 | asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h | 386 | asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h |
| 384 | asn_moid.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 387 | asn_moid.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 385 | asn_moid.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 388 | asn_moid.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 386 | asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 389 | asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 387 | asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 390 | asn_moid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 388 | asn_moid.o: ../../include/openssl/opensslconf.h | 391 | asn_moid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 389 | asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 392 | asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 390 | asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 393 | asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 391 | asn_moid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 394 | asn_moid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -404,23 +407,23 @@ d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | |||
| 404 | d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h | 407 | d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h |
| 405 | d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 408 | d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 406 | d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 409 | d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 407 | d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 410 | d2i_pr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 408 | d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 411 | d2i_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 409 | d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 412 | d2i_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 410 | d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 413 | d2i_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h |
| 411 | d2i_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 414 | d2i_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 412 | d2i_pr.o: ../cryptlib.h d2i_pr.c | 415 | d2i_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h d2i_pr.c |
| 413 | d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 416 | d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 414 | d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 417 | d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 415 | d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h | 418 | d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h |
| 416 | d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 419 | d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 417 | d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 420 | d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 418 | d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 421 | d2i_pu.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 419 | d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 422 | d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 420 | d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 423 | d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 421 | d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 424 | d2i_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h |
| 422 | d2i_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 425 | d2i_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 423 | d2i_pu.o: ../cryptlib.h d2i_pu.c | 426 | d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h d2i_pu.c |
| 424 | evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h | 427 | evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h |
| 425 | evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h | 428 | evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h |
| 426 | evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 429 | evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| @@ -456,71 +459,73 @@ i2d_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | |||
| 456 | i2d_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h | 459 | i2d_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h |
| 457 | i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 460 | i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 458 | i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 461 | i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 459 | i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 462 | i2d_pr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 460 | i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 463 | i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 461 | i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 464 | i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 462 | i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 465 | i2d_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h |
| 463 | i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 466 | i2d_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 464 | i2d_pr.o: ../cryptlib.h i2d_pr.c | 467 | i2d_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h i2d_pr.c |
| 465 | i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 468 | i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 466 | i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 469 | i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 467 | i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h | 470 | i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h |
| 468 | i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 471 | i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 469 | i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 472 | i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 470 | i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 473 | i2d_pu.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 471 | i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 474 | i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 472 | i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 475 | i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 473 | i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 476 | i2d_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h |
| 474 | i2d_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 477 | i2d_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 475 | i2d_pu.o: ../cryptlib.h i2d_pu.c | 478 | i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h i2d_pu.c |
| 476 | n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h | 479 | n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h |
| 477 | n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h | 480 | n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h |
| 478 | n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 481 | n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 479 | n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 482 | n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 480 | n_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 483 | n_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 481 | n_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 484 | n_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 482 | n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 485 | n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 483 | n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 486 | n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 484 | n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 487 | n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 485 | n_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 488 | n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 486 | n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 489 | n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 487 | n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 490 | n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 488 | n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 491 | n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 489 | n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h n_pkey.c | 492 | n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 493 | n_pkey.o: ../cryptlib.h n_pkey.c | ||
| 490 | nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h | 494 | nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h |
| 491 | nsseq.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 495 | nsseq.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 492 | nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 496 | nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 493 | nsseq.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 497 | nsseq.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 494 | nsseq.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h | 498 | nsseq.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h |
| 495 | nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 499 | nsseq.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 496 | nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 500 | nsseq.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 497 | nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 501 | nsseq.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 498 | nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 502 | nsseq.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 499 | nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 503 | nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 500 | nsseq.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 504 | nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 501 | nsseq.o: ../../include/openssl/x509_vfy.h nsseq.c | 505 | nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c |
| 502 | p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h | 506 | p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h |
| 503 | p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 507 | p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 504 | p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 508 | p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 505 | p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 509 | p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 506 | p5_pbe.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 510 | p5_pbe.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 507 | p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 511 | p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 508 | p5_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 512 | p5_pbe.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 509 | p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 513 | p5_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 510 | p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 514 | p5_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 511 | p5_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 515 | p5_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 512 | p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 516 | p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 513 | p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 517 | p5_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 514 | p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 518 | p5_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 515 | p5_pbe.o: ../cryptlib.h p5_pbe.c | 519 | p5_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbe.c |
| 516 | p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h | 520 | p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h |
| 517 | p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 521 | p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 518 | p5_pbev2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 522 | p5_pbev2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 519 | p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 523 | p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 520 | p5_pbev2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 524 | p5_pbev2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 521 | p5_pbev2.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 525 | p5_pbev2.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 522 | p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 526 | p5_pbev2.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 523 | p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 527 | p5_pbev2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 528 | p5_pbev2.o: ../../include/openssl/opensslconf.h | ||
| 524 | p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 529 | p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 525 | p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 530 | p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| 526 | p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 531 | p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -533,41 +538,42 @@ p8_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 533 | p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 538 | p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 534 | p8_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 539 | p8_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 535 | p8_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 540 | p8_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 536 | p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 541 | p8_pkey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 537 | p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 542 | p8_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 538 | p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 543 | p8_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 539 | p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 544 | p8_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 540 | p8_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 545 | p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 541 | p8_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 546 | p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 542 | p8_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p8_pkey.c | 547 | p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 548 | p8_pkey.o: ../cryptlib.h p8_pkey.c | ||
| 543 | t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h | 549 | t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h |
| 544 | t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 550 | t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 545 | t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 551 | t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 546 | t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 552 | t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 547 | t_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 553 | t_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 548 | t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 554 | t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 549 | t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 555 | t_bitst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 550 | t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 556 | t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 551 | t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 557 | t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 552 | t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 558 | t_bitst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 553 | t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 559 | t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 554 | t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 560 | t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 555 | t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 561 | t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 556 | t_bitst.o: ../cryptlib.h t_bitst.c | 562 | t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c |
| 557 | t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 563 | t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 558 | t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 564 | t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 559 | t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 565 | t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 560 | t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 566 | t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 561 | t_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 567 | t_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 562 | t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 568 | t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 563 | t_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 569 | t_crl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 564 | t_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 570 | t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 565 | t_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 571 | t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 566 | t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 572 | t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 567 | t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 573 | t_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 568 | t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 574 | t_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 569 | t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 575 | t_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 570 | t_crl.o: ../cryptlib.h t_crl.c | 576 | t_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h t_crl.c |
| 571 | t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 577 | t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 572 | t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 578 | t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 573 | t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | 579 | t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h |
| @@ -585,57 +591,57 @@ t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 585 | t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 591 | t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 586 | t_req.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 592 | t_req.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 587 | t_req.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 593 | t_req.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 588 | t_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 594 | t_req.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 589 | t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 595 | t_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 590 | t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 596 | t_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 591 | t_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 597 | t_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 592 | t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 598 | t_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 593 | t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 599 | t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 594 | t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 600 | t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 595 | t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 601 | t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 596 | t_req.o: ../cryptlib.h t_req.c | 602 | t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h t_req.c |
| 597 | t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 603 | t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 598 | t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 604 | t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 599 | t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h | 605 | t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h |
| 600 | t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 606 | t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 601 | t_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 607 | t_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 602 | t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 608 | t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 603 | t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 609 | t_spki.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 604 | t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 610 | t_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 605 | t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 611 | t_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 606 | t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h | 612 | t_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 607 | t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 613 | t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h |
| 608 | t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 614 | t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 609 | t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 615 | t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 610 | t_spki.o: ../cryptlib.h t_spki.c | 616 | t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_spki.c |
| 611 | t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 617 | t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 612 | t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 618 | t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 613 | t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 619 | t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 614 | t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 620 | t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 615 | t_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 621 | t_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 616 | t_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 622 | t_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 617 | t_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 623 | t_x509.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 618 | t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 624 | t_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 619 | t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 625 | t_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 620 | t_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 626 | t_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 621 | t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 627 | t_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 622 | t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 628 | t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 623 | t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 629 | t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 624 | t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 630 | t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 625 | t_x509.o: ../cryptlib.h t_x509.c | 631 | t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h t_x509.c |
| 626 | t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h | 632 | t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h |
| 627 | t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 633 | t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 628 | t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 634 | t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 629 | t_x509a.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 635 | t_x509a.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 630 | t_x509a.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 636 | t_x509a.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 631 | t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 637 | t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 632 | t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 638 | t_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 633 | t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 639 | t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 634 | t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 640 | t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 635 | t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 641 | t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 636 | t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 642 | t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 637 | t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 643 | t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 638 | t_x509a.o: ../cryptlib.h t_x509a.c | 644 | t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c |
| 639 | tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h | 645 | tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h |
| 640 | tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 646 | tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 641 | tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 647 | tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| @@ -688,21 +694,23 @@ x_algor.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 688 | x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 694 | x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 689 | x_algor.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 695 | x_algor.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 690 | x_algor.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h | 696 | x_algor.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h |
| 691 | x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 697 | x_algor.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 692 | x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 698 | x_algor.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 693 | x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 699 | x_algor.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 694 | x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 700 | x_algor.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 695 | x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 701 | x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 696 | x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 702 | x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 697 | x_algor.o: ../../include/openssl/x509_vfy.h x_algor.c | 703 | x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 704 | x_algor.o: x_algor.c | ||
| 698 | x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h | 705 | x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h |
| 699 | x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 706 | x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 700 | x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 707 | x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 701 | x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 708 | x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 702 | x_attrib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 709 | x_attrib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 703 | x_attrib.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 710 | x_attrib.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 704 | x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 711 | x_attrib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 705 | x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 712 | x_attrib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 713 | x_attrib.o: ../../include/openssl/opensslconf.h | ||
| 706 | x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 714 | x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 707 | x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 715 | x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 708 | x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 716 | x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -723,37 +731,40 @@ x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 723 | x_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 731 | x_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 724 | x_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 732 | x_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 725 | x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 733 | x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 726 | x_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 734 | x_crl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 727 | x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 735 | x_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 728 | x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 736 | x_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 729 | x_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 737 | x_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 730 | x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 738 | x_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 731 | x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 739 | x_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 732 | x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_crl.c | 740 | x_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 741 | x_crl.o: ../cryptlib.h x_crl.c | ||
| 733 | x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h | 742 | x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h |
| 734 | x_exten.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 743 | x_exten.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 735 | x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 744 | x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 736 | x_exten.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 745 | x_exten.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 737 | x_exten.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h | 746 | x_exten.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h |
| 738 | x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 747 | x_exten.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 739 | x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 748 | x_exten.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 740 | x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 749 | x_exten.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 741 | x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 750 | x_exten.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 742 | x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 751 | x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 743 | x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 752 | x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 744 | x_exten.o: ../../include/openssl/x509_vfy.h x_exten.c | 753 | x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 754 | x_exten.o: x_exten.c | ||
| 745 | x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 755 | x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 746 | x_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 756 | x_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 747 | x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 757 | x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 748 | x_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 758 | x_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 749 | x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 759 | x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 750 | x_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 760 | x_info.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 751 | x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 761 | x_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 752 | x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 762 | x_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 753 | x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 763 | x_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 754 | x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 764 | x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 755 | x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 765 | x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 756 | x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_info.c | 766 | x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 767 | x_info.o: ../cryptlib.h x_info.c | ||
| 757 | x_long.o: ../../e_os.h ../../include/openssl/asn1.h | 768 | x_long.o: ../../e_os.h ../../include/openssl/asn1.h |
| 758 | x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 769 | x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 759 | x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 770 | x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| @@ -769,35 +780,37 @@ x_name.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 769 | x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 780 | x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 770 | x_name.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 781 | x_name.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 771 | x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 782 | x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 772 | x_name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 783 | x_name.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 773 | x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 784 | x_name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 774 | x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 785 | x_name.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 775 | x_name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 786 | x_name.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 776 | x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 787 | x_name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 777 | x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 788 | x_name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 778 | x_name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_name.c | 789 | x_name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 790 | x_name.o: ../cryptlib.h x_name.c | ||
| 779 | x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h | 791 | x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h |
| 780 | x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h | 792 | x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h |
| 781 | x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 793 | x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 782 | x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 794 | x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 783 | x_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 795 | x_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 784 | x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 796 | x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 785 | x_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 797 | x_pkey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 786 | x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 798 | x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 787 | x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 799 | x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 788 | x_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 800 | x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 789 | x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 801 | x_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 790 | x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 802 | x_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 791 | x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_pkey.c | 803 | x_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 804 | x_pkey.o: ../cryptlib.h x_pkey.c | ||
| 792 | x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h | 805 | x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h |
| 793 | x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 806 | x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 794 | x_pubkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 807 | x_pubkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 795 | x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 808 | x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 796 | x_pubkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 809 | x_pubkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 797 | x_pubkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 810 | x_pubkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 798 | x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 811 | x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 799 | x_pubkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 812 | x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 800 | x_pubkey.o: ../../include/openssl/opensslconf.h | 813 | x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 801 | x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 814 | x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 802 | x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h | 815 | x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 803 | x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 816 | x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -810,76 +823,82 @@ x_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 810 | x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 823 | x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 811 | x_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 824 | x_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 812 | x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 825 | x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 813 | x_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 826 | x_req.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 814 | x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 827 | x_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 815 | x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 828 | x_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 816 | x_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 829 | x_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 817 | x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 830 | x_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 818 | x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 831 | x_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 819 | x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_req.c | 832 | x_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 833 | x_req.o: ../cryptlib.h x_req.c | ||
| 820 | x_sig.o: ../../e_os.h ../../include/openssl/asn1.h | 834 | x_sig.o: ../../e_os.h ../../include/openssl/asn1.h |
| 821 | x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 835 | x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 822 | x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 836 | x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 823 | x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 837 | x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 824 | x_sig.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 838 | x_sig.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 825 | x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 839 | x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 826 | x_sig.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 840 | x_sig.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 827 | x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 841 | x_sig.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 828 | x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 842 | x_sig.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 829 | x_sig.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 843 | x_sig.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 830 | x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 844 | x_sig.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 831 | x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 845 | x_sig.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 832 | x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_sig.c | 846 | x_sig.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 847 | x_sig.o: ../cryptlib.h x_sig.c | ||
| 833 | x_spki.o: ../../e_os.h ../../include/openssl/asn1.h | 848 | x_spki.o: ../../e_os.h ../../include/openssl/asn1.h |
| 834 | x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 849 | x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 835 | x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 850 | x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 836 | x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 851 | x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 837 | x_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 852 | x_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 838 | x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 853 | x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 839 | x_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 854 | x_spki.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 840 | x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 855 | x_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 841 | x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 856 | x_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 842 | x_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 857 | x_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 843 | x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 858 | x_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 844 | x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 859 | x_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 845 | x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_spki.c | 860 | x_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 861 | x_spki.o: ../cryptlib.h x_spki.c | ||
| 846 | x_val.o: ../../e_os.h ../../include/openssl/asn1.h | 862 | x_val.o: ../../e_os.h ../../include/openssl/asn1.h |
| 847 | x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 863 | x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 848 | x_val.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 864 | x_val.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 849 | x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 865 | x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 850 | x_val.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 866 | x_val.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 851 | x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 867 | x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 852 | x_val.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 868 | x_val.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 853 | x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 869 | x_val.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 854 | x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 870 | x_val.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 855 | x_val.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 871 | x_val.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 856 | x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 872 | x_val.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 857 | x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 873 | x_val.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 858 | x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_val.c | 874 | x_val.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 875 | x_val.o: ../cryptlib.h x_val.c | ||
| 859 | x_x509.o: ../../e_os.h ../../include/openssl/asn1.h | 876 | x_x509.o: ../../e_os.h ../../include/openssl/asn1.h |
| 860 | x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 877 | x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 861 | x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 878 | x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 862 | x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 879 | x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 863 | x_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 880 | x_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 864 | x_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 881 | x_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 865 | x_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 882 | x_x509.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 866 | x_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 883 | x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 867 | x_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 884 | x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 868 | x_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 885 | x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 869 | x_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 886 | x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 870 | x_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 887 | x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 871 | x_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 888 | x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 872 | x_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h x_x509.c | 889 | x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 890 | x_x509.o: ../cryptlib.h x_x509.c | ||
| 873 | x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h | 891 | x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h |
| 874 | x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 892 | x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 875 | x_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 893 | x_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 876 | x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 894 | x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 877 | x_x509a.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 895 | x_x509a.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 878 | x_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 896 | x_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 879 | x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 897 | x_x509a.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 880 | x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 898 | x_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 881 | x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 899 | x_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 882 | x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 900 | x_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 883 | x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 901 | x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 884 | x_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 902 | x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 885 | x_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_x509a.c | 903 | x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 904 | x_x509a.o: ../cryptlib.h x_x509a.c | ||
diff --git a/src/lib/libssl/src/crypto/asn1/a_mbstr.c b/src/lib/libssl/src/crypto/asn1/a_mbstr.c index 2d4800a22a..1bcd046893 100644 --- a/src/lib/libssl/src/crypto/asn1/a_mbstr.c +++ b/src/lib/libssl/src/crypto/asn1/a_mbstr.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* a_mbstr.c */ | 1 | /* a_mbstr.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/a_sign.c b/src/lib/libssl/src/crypto/asn1/a_sign.c index 1081950518..4dee45fbb8 100644 --- a/src/lib/libssl/src/crypto/asn1/a_sign.c +++ b/src/lib/libssl/src/crypto/asn1/a_sign.c | |||
| @@ -267,7 +267,12 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, | |||
| 267 | goto err; | 267 | goto err; |
| 268 | } | 268 | } |
| 269 | 269 | ||
| 270 | EVP_SignInit_ex(&ctx,type, NULL); | 270 | if (!EVP_SignInit_ex(&ctx,type, NULL)) |
| 271 | { | ||
| 272 | outl=0; | ||
| 273 | ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB); | ||
| 274 | goto err; | ||
| 275 | } | ||
| 271 | EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); | 276 | EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); |
| 272 | if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, | 277 | if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, |
| 273 | (unsigned int *)&outl,pkey)) | 278 | (unsigned int *)&outl,pkey)) |
diff --git a/src/lib/libssl/src/crypto/asn1/a_strex.c b/src/lib/libssl/src/crypto/asn1/a_strex.c index c2dbb6f9a5..7fc14d3296 100644 --- a/src/lib/libssl/src/crypto/asn1/a_strex.c +++ b/src/lib/libssl/src/crypto/asn1/a_strex.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* a_strex.c */ | 1 | /* a_strex.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/a_strnid.c b/src/lib/libssl/src/crypto/asn1/a_strnid.c index 613bbc4a7d..fe515b52ba 100644 --- a/src/lib/libssl/src/crypto/asn1/a_strnid.c +++ b/src/lib/libssl/src/crypto/asn1/a_strnid.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* a_strnid.c */ | 1 | /* a_strnid.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/a_verify.c b/src/lib/libssl/src/crypto/asn1/a_verify.c index fdce6e4380..da3efaaf8d 100644 --- a/src/lib/libssl/src/crypto/asn1/a_verify.c +++ b/src/lib/libssl/src/crypto/asn1/a_verify.c | |||
| @@ -100,7 +100,12 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, | |||
| 100 | p=buf_in; | 100 | p=buf_in; |
| 101 | 101 | ||
| 102 | i2d(data,&p); | 102 | i2d(data,&p); |
| 103 | EVP_VerifyInit_ex(&ctx,type, NULL); | 103 | if (!EVP_VerifyInit_ex(&ctx,type, NULL)) |
| 104 | { | ||
| 105 | ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); | ||
| 106 | ret=0; | ||
| 107 | goto err; | ||
| 108 | } | ||
| 104 | EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); | 109 | EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); |
| 105 | 110 | ||
| 106 | OPENSSL_cleanse(buf_in,(unsigned int)inl); | 111 | OPENSSL_cleanse(buf_in,(unsigned int)inl); |
diff --git a/src/lib/libssl/src/crypto/asn1/asn1t.h b/src/lib/libssl/src/crypto/asn1/asn1t.h index bf315e65ed..ac14f9415b 100644 --- a/src/lib/libssl/src/crypto/asn1/asn1t.h +++ b/src/lib/libssl/src/crypto/asn1/asn1t.h | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* asn1t.h */ | 1 | /* asn1t.h */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/asn_moid.c b/src/lib/libssl/src/crypto/asn1/asn_moid.c index 9132350f10..1ea6a59248 100644 --- a/src/lib/libssl/src/crypto/asn1/asn_moid.c +++ b/src/lib/libssl/src/crypto/asn1/asn_moid.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* asn_moid.c */ | 1 | /* asn_moid.c */ |
| 2 | /* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/asn_pack.c b/src/lib/libssl/src/crypto/asn1/asn_pack.c index e8b671b7b5..f1a5a05632 100644 --- a/src/lib/libssl/src/crypto/asn1/asn_pack.c +++ b/src/lib/libssl/src/crypto/asn1/asn_pack.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* asn_pack.c */ | 1 | /* asn_pack.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/nsseq.c b/src/lib/libssl/src/crypto/asn1/nsseq.c index 50e2d4d07a..e551c57d59 100644 --- a/src/lib/libssl/src/crypto/asn1/nsseq.c +++ b/src/lib/libssl/src/crypto/asn1/nsseq.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* nsseq.c */ | 1 | /* nsseq.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/p5_pbe.c b/src/lib/libssl/src/crypto/asn1/p5_pbe.c index da91170094..c4582f8041 100644 --- a/src/lib/libssl/src/crypto/asn1/p5_pbe.c +++ b/src/lib/libssl/src/crypto/asn1/p5_pbe.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p5_pbe.c */ | 1 | /* p5_pbe.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/p5_pbev2.c b/src/lib/libssl/src/crypto/asn1/p5_pbev2.c index c834a38ddf..2b0516afee 100644 --- a/src/lib/libssl/src/crypto/asn1/p5_pbev2.c +++ b/src/lib/libssl/src/crypto/asn1/p5_pbev2.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p5_pbev2.c */ | 1 | /* p5_pbev2.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999-2004. | 3 | * project 1999-2004. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/p8_pkey.c b/src/lib/libssl/src/crypto/asn1/p8_pkey.c index 24b409132f..0a1957556e 100644 --- a/src/lib/libssl/src/crypto/asn1/p8_pkey.c +++ b/src/lib/libssl/src/crypto/asn1/p8_pkey.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p8_pkey.c */ | 1 | /* p8_pkey.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/t_bitst.c b/src/lib/libssl/src/crypto/asn1/t_bitst.c index 397332d9b8..2e59a25fa1 100644 --- a/src/lib/libssl/src/crypto/asn1/t_bitst.c +++ b/src/lib/libssl/src/crypto/asn1/t_bitst.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* t_bitst.c */ | 1 | /* t_bitst.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/t_crl.c b/src/lib/libssl/src/crypto/asn1/t_crl.c index 929b3e5904..bdb244c015 100644 --- a/src/lib/libssl/src/crypto/asn1/t_crl.c +++ b/src/lib/libssl/src/crypto/asn1/t_crl.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* t_crl.c */ | 1 | /* t_crl.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/t_spki.c b/src/lib/libssl/src/crypto/asn1/t_spki.c index c2a5797dd8..a73369b949 100644 --- a/src/lib/libssl/src/crypto/asn1/t_spki.c +++ b/src/lib/libssl/src/crypto/asn1/t_spki.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* t_spki.c */ | 1 | /* t_spki.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/t_x509.c b/src/lib/libssl/src/crypto/asn1/t_x509.c index eb776b7b3b..8b09e5890f 100644 --- a/src/lib/libssl/src/crypto/asn1/t_x509.c +++ b/src/lib/libssl/src/crypto/asn1/t_x509.c | |||
| @@ -393,8 +393,9 @@ int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm) | |||
| 393 | d= (v[6]-'0')*10+(v[7]-'0'); | 393 | d= (v[6]-'0')*10+(v[7]-'0'); |
| 394 | h= (v[8]-'0')*10+(v[9]-'0'); | 394 | h= (v[8]-'0')*10+(v[9]-'0'); |
| 395 | m= (v[10]-'0')*10+(v[11]-'0'); | 395 | m= (v[10]-'0')*10+(v[11]-'0'); |
| 396 | if ( (v[12] >= '0') && (v[12] <= '9') && | 396 | if (tm->length >= 14 && |
| 397 | (v[13] >= '0') && (v[13] <= '9')) | 397 | (v[12] >= '0') && (v[12] <= '9') && |
| 398 | (v[13] >= '0') && (v[13] <= '9')) | ||
| 398 | s= (v[12]-'0')*10+(v[13]-'0'); | 399 | s= (v[12]-'0')*10+(v[13]-'0'); |
| 399 | 400 | ||
| 400 | if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s", | 401 | if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s", |
| @@ -428,8 +429,9 @@ int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm) | |||
| 428 | d= (v[4]-'0')*10+(v[5]-'0'); | 429 | d= (v[4]-'0')*10+(v[5]-'0'); |
| 429 | h= (v[6]-'0')*10+(v[7]-'0'); | 430 | h= (v[6]-'0')*10+(v[7]-'0'); |
| 430 | m= (v[8]-'0')*10+(v[9]-'0'); | 431 | m= (v[8]-'0')*10+(v[9]-'0'); |
| 431 | if ( (v[10] >= '0') && (v[10] <= '9') && | 432 | if (tm->length >=12 && |
| 432 | (v[11] >= '0') && (v[11] <= '9')) | 433 | (v[10] >= '0') && (v[10] <= '9') && |
| 434 | (v[11] >= '0') && (v[11] <= '9')) | ||
| 433 | s= (v[10]-'0')*10+(v[11]-'0'); | 435 | s= (v[10]-'0')*10+(v[11]-'0'); |
| 434 | 436 | ||
| 435 | if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s", | 437 | if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s", |
| @@ -501,4 +503,3 @@ err: | |||
| 501 | OPENSSL_free(b); | 503 | OPENSSL_free(b); |
| 502 | return(ret); | 504 | return(ret); |
| 503 | } | 505 | } |
| 504 | |||
diff --git a/src/lib/libssl/src/crypto/asn1/t_x509a.c b/src/lib/libssl/src/crypto/asn1/t_x509a.c index ffbbfb51f4..8b18801a17 100644 --- a/src/lib/libssl/src/crypto/asn1/t_x509a.c +++ b/src/lib/libssl/src/crypto/asn1/t_x509a.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* t_x509a.c */ | 1 | /* t_x509a.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_dec.c b/src/lib/libssl/src/crypto/asn1/tasn_dec.c index 0ee406231e..ced641698e 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_dec.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_dec.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* tasn_dec.c */ | 1 | /* tasn_dec.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_enc.c b/src/lib/libssl/src/crypto/asn1/tasn_enc.c index be19b36acd..2721f904a6 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_enc.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_enc.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* tasn_enc.c */ | 1 | /* tasn_enc.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_fre.c b/src/lib/libssl/src/crypto/asn1/tasn_fre.c index bb7c1e2af4..d7c017fa1d 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_fre.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_fre.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* tasn_fre.c */ | 1 | /* tasn_fre.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_new.c b/src/lib/libssl/src/crypto/asn1/tasn_new.c index 531dad365c..5c6a2ebd4d 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_new.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_new.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* tasn_new.c */ | 1 | /* tasn_new.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_prn.c b/src/lib/libssl/src/crypto/asn1/tasn_prn.c index 719639b511..b9c96a6dbe 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_prn.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_prn.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* tasn_prn.c */ | 1 | /* tasn_prn.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_typ.c b/src/lib/libssl/src/crypto/asn1/tasn_typ.c index 6f17f1bec7..6252213d15 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_typ.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_typ.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* tasn_typ.c */ | 1 | /* tasn_typ.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_utl.c b/src/lib/libssl/src/crypto/asn1/tasn_utl.c index 34d520b180..ca9ec7a32f 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_utl.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_utl.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* tasn_utl.c */ | 1 | /* tasn_utl.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/x_algor.c b/src/lib/libssl/src/crypto/asn1/x_algor.c index 33533aba86..99e53429b7 100644 --- a/src/lib/libssl/src/crypto/asn1/x_algor.c +++ b/src/lib/libssl/src/crypto/asn1/x_algor.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* x_algor.c */ | 1 | /* x_algor.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/x_bignum.c b/src/lib/libssl/src/crypto/asn1/x_bignum.c index 869c05d931..9cf3204a1b 100644 --- a/src/lib/libssl/src/crypto/asn1/x_bignum.c +++ b/src/lib/libssl/src/crypto/asn1/x_bignum.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* x_bignum.c */ | 1 | /* x_bignum.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/x_exten.c b/src/lib/libssl/src/crypto/asn1/x_exten.c index 1732e66712..3a21239926 100644 --- a/src/lib/libssl/src/crypto/asn1/x_exten.c +++ b/src/lib/libssl/src/crypto/asn1/x_exten.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* x_exten.c */ | 1 | /* x_exten.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/x_long.c b/src/lib/libssl/src/crypto/asn1/x_long.c index 0db233cb95..bf35457c1f 100644 --- a/src/lib/libssl/src/crypto/asn1/x_long.c +++ b/src/lib/libssl/src/crypto/asn1/x_long.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* x_long.c */ | 1 | /* x_long.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/asn1/x_x509a.c b/src/lib/libssl/src/crypto/asn1/x_x509a.c index 13db5fd03f..b603f82de7 100644 --- a/src/lib/libssl/src/crypto/asn1/x_x509a.c +++ b/src/lib/libssl/src/crypto/asn1/x_x509a.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* a_x509a.c */ | 1 | /* a_x509a.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/bf/Makefile b/src/lib/libssl/src/crypto/bf/Makefile index 8441954a8d..7f4f03eb82 100644 --- a/src/lib/libssl/src/crypto/bf/Makefile +++ b/src/lib/libssl/src/crypto/bf/Makefile | |||
| @@ -40,7 +40,7 @@ top: | |||
| 40 | all: lib | 40 | all: lib |
| 41 | 41 | ||
| 42 | lib: $(LIBOBJ) | 42 | lib: $(LIBOBJ) |
| 43 | $(AR) $(LIB) $(LIBOBJ) | 43 | $(ARX) $(LIB) $(LIBOBJ) |
| 44 | $(RANLIB) $(LIB) || echo Never mind. | 44 | $(RANLIB) $(LIB) || echo Never mind. |
| 45 | @touch lib | 45 | @touch lib |
| 46 | 46 | ||
| @@ -103,5 +103,9 @@ bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h | |||
| 103 | bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h | 103 | bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h |
| 104 | bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h | 104 | bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h |
| 105 | bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c | 105 | bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c |
| 106 | bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h | 106 | bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h |
| 107 | bf_skey.o: ../../include/openssl/opensslconf.h bf_locl.h bf_pi.h bf_skey.c | 107 | bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h |
| 108 | bf_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
| 109 | bf_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | ||
| 110 | bf_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 111 | bf_skey.o: bf_locl.h bf_pi.h bf_skey.c | ||
diff --git a/src/lib/libssl/src/crypto/bf/bf_skey.c b/src/lib/libssl/src/crypto/bf/bf_skey.c index 3673cdee6e..6ac2aeb279 100644 --- a/src/lib/libssl/src/crypto/bf/bf_skey.c +++ b/src/lib/libssl/src/crypto/bf/bf_skey.c | |||
| @@ -59,10 +59,15 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/blowfish.h> | 61 | #include <openssl/blowfish.h> |
| 62 | #include <openssl/crypto.h> | ||
| 63 | #ifdef OPENSSL_FIPS | ||
| 64 | #include <openssl/fips.h> | ||
| 65 | #endif | ||
| 66 | |||
| 62 | #include "bf_locl.h" | 67 | #include "bf_locl.h" |
| 63 | #include "bf_pi.h" | 68 | #include "bf_pi.h" |
| 64 | 69 | ||
| 65 | void BF_set_key(BF_KEY *key, int len, const unsigned char *data) | 70 | FIPS_NON_FIPS_VCIPHER_Init(BF) |
| 66 | { | 71 | { |
| 67 | int i; | 72 | int i; |
| 68 | BF_LONG *p,ri,in[2]; | 73 | BF_LONG *p,ri,in[2]; |
diff --git a/src/lib/libssl/src/crypto/bf/blowfish.h b/src/lib/libssl/src/crypto/bf/blowfish.h index cd49e85ab2..d24ffccb65 100644 --- a/src/lib/libssl/src/crypto/bf/blowfish.h +++ b/src/lib/libssl/src/crypto/bf/blowfish.h | |||
| @@ -104,7 +104,9 @@ typedef struct bf_key_st | |||
| 104 | BF_LONG S[4*256]; | 104 | BF_LONG S[4*256]; |
| 105 | } BF_KEY; | 105 | } BF_KEY; |
| 106 | 106 | ||
| 107 | 107 | #ifdef OPENSSL_FIPS | |
| 108 | void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data); | ||
| 109 | #endif | ||
| 108 | void BF_set_key(BF_KEY *key, int len, const unsigned char *data); | 110 | void BF_set_key(BF_KEY *key, int len, const unsigned char *data); |
| 109 | 111 | ||
| 110 | void BF_encrypt(BF_LONG *data,const BF_KEY *key); | 112 | void BF_encrypt(BF_LONG *data,const BF_KEY *key); |
diff --git a/src/lib/libssl/src/crypto/bio/Makefile b/src/lib/libssl/src/crypto/bio/Makefile index 1ef6c2fb9f..1cd76ce7a2 100644 --- a/src/lib/libssl/src/crypto/bio/Makefile +++ b/src/lib/libssl/src/crypto/bio/Makefile | |||
| @@ -45,7 +45,7 @@ top: | |||
| 45 | all: lib | 45 | all: lib |
| 46 | 46 | ||
| 47 | lib: $(LIBOBJ) | 47 | lib: $(LIBOBJ) |
| 48 | $(AR) $(LIB) $(LIBOBJ) | 48 | $(ARX) $(LIB) $(LIBOBJ) |
| 49 | $(RANLIB) $(LIB) || echo Never mind. | 49 | $(RANLIB) $(LIB) || echo Never mind. |
| 50 | @touch lib | 50 | @touch lib |
| 51 | 51 | ||
diff --git a/src/lib/libssl/src/crypto/bio/bss_bio.c b/src/lib/libssl/src/crypto/bio/bss_bio.c index 0f9f0955b4..76bd48e767 100644 --- a/src/lib/libssl/src/crypto/bio/bss_bio.c +++ b/src/lib/libssl/src/crypto/bio/bss_bio.c | |||
| @@ -919,6 +919,6 @@ int BIO_nwrite(BIO *bio, char **buf, int num) | |||
| 919 | 919 | ||
| 920 | ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf); | 920 | ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf); |
| 921 | if (ret > 0) | 921 | if (ret > 0) |
| 922 | bio->num_read += ret; | 922 | bio->num_write += ret; |
| 923 | return ret; | 923 | return ret; |
| 924 | } | 924 | } |
diff --git a/src/lib/libssl/src/crypto/bio/bss_file.c b/src/lib/libssl/src/crypto/bio/bss_file.c index 4df9927c43..9ad46fa081 100644 --- a/src/lib/libssl/src/crypto/bio/bss_file.c +++ b/src/lib/libssl/src/crypto/bio/bss_file.c | |||
| @@ -279,7 +279,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 279 | #endif | 279 | #endif |
| 280 | { | 280 | { |
| 281 | #if defined(OPENSSL_SYS_WINDOWS) | 281 | #if defined(OPENSSL_SYS_WINDOWS) |
| 282 | int fd = fileno((FILE*)ptr); | 282 | int fd = _fileno((FILE*)ptr); |
| 283 | if (num & BIO_FP_TEXT) | 283 | if (num & BIO_FP_TEXT) |
| 284 | _setmode(fd,_O_TEXT); | 284 | _setmode(fd,_O_TEXT); |
| 285 | else | 285 | else |
diff --git a/src/lib/libssl/src/crypto/bn/Makefile b/src/lib/libssl/src/crypto/bn/Makefile index e97c751390..f5e8f65a46 100644 --- a/src/lib/libssl/src/crypto/bn/Makefile +++ b/src/lib/libssl/src/crypto/bn/Makefile | |||
| @@ -28,13 +28,13 @@ LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ | |||
| 28 | bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ | 28 | bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ |
| 29 | bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ | 29 | bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \ |
| 30 | bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \ | 30 | bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \ |
| 31 | bn_depr.c bn_const.c | 31 | bn_depr.c bn_x931p.c bn_const.c bn_opt.c |
| 32 | 32 | ||
| 33 | LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ | 33 | LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ |
| 34 | bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ | 34 | bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ |
| 35 | bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ | 35 | bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \ |
| 36 | bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \ | 36 | bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \ |
| 37 | bn_depr.o bn_const.o | 37 | bn_depr.o bn_x931p.o bn_const.o bn_opt.o |
| 38 | 38 | ||
| 39 | SRC= $(LIBSRC) | 39 | SRC= $(LIBSRC) |
| 40 | 40 | ||
| @@ -58,7 +58,7 @@ bnbug: bnbug.c ../../libcrypto.a top | |||
| 58 | cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a | 58 | cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a |
| 59 | 59 | ||
| 60 | lib: $(LIBOBJ) | 60 | lib: $(LIBOBJ) |
| 61 | $(AR) $(LIB) $(LIBOBJ) | 61 | $(ARX) $(LIB) $(LIBOBJ) |
| 62 | $(RANLIB) $(LIB) || echo Never mind. | 62 | $(RANLIB) $(LIB) || echo Never mind. |
| 63 | @touch lib | 63 | @touch lib |
| 64 | 64 | ||
| @@ -116,6 +116,7 @@ linux_ppc64.s: asm/ppc.pl; $(PERL) $< $@ | |||
| 116 | aix_ppc32.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ | 116 | aix_ppc32.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ |
| 117 | aix_ppc64.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ | 117 | aix_ppc64.s: asm/ppc.pl; $(PERL) asm/ppc.pl $@ |
| 118 | osx_ppc32.s: asm/ppc.pl; $(PERL) $< $@ | 118 | osx_ppc32.s: asm/ppc.pl; $(PERL) $< $@ |
| 119 | osx_ppc64.s: asm/ppc.pl; $(PERL) $< $@ | ||
| 119 | 120 | ||
| 120 | files: | 121 | files: |
| 121 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | 122 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
| @@ -291,6 +292,13 @@ bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | |||
| 291 | bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 292 | bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 292 | bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 293 | bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 293 | bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c | 294 | bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c |
| 295 | bn_opt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
| 296 | bn_opt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
| 297 | bn_opt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 298 | bn_opt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | ||
| 299 | bn_opt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 300 | bn_opt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 301 | bn_opt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_opt.c | ||
| 294 | bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h | 302 | bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 295 | bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 303 | bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 296 | bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 304 | bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| @@ -349,3 +357,6 @@ bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | |||
| 349 | bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 357 | bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 350 | bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 358 | bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 351 | bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c | 359 | bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c |
| 360 | bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h | ||
| 361 | bn_x931p.o: ../../include/openssl/opensslconf.h | ||
| 362 | bn_x931p.o: ../../include/openssl/ossl_typ.h bn_x931p.c | ||
diff --git a/src/lib/libssl/src/crypto/bn/bn.h b/src/lib/libssl/src/crypto/bn/bn.h index 6d754d5547..f1719a5877 100644 --- a/src/lib/libssl/src/crypto/bn/bn.h +++ b/src/lib/libssl/src/crypto/bn/bn.h | |||
| @@ -408,8 +408,8 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx); | |||
| 408 | void BN_CTX_end(BN_CTX *ctx); | 408 | void BN_CTX_end(BN_CTX *ctx); |
| 409 | int BN_rand(BIGNUM *rnd, int bits, int top,int bottom); | 409 | int BN_rand(BIGNUM *rnd, int bits, int top,int bottom); |
| 410 | int BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom); | 410 | int BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom); |
| 411 | int BN_rand_range(BIGNUM *rnd, BIGNUM *range); | 411 | int BN_rand_range(BIGNUM *rnd, const BIGNUM *range); |
| 412 | int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range); | 412 | int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range); |
| 413 | int BN_num_bits(const BIGNUM *a); | 413 | int BN_num_bits(const BIGNUM *a); |
| 414 | int BN_num_bits_word(BN_ULONG); | 414 | int BN_num_bits_word(BN_ULONG); |
| 415 | BIGNUM *BN_new(void); | 415 | BIGNUM *BN_new(void); |
| @@ -531,6 +531,17 @@ int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb); | |||
| 531 | int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, | 531 | int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, |
| 532 | int do_trial_division, BN_GENCB *cb); | 532 | int do_trial_division, BN_GENCB *cb); |
| 533 | 533 | ||
| 534 | int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx); | ||
| 535 | |||
| 536 | int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, | ||
| 537 | const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2, | ||
| 538 | const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb); | ||
| 539 | int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, | ||
| 540 | BIGNUM *Xp1, BIGNUM *Xp2, | ||
| 541 | const BIGNUM *Xp, | ||
| 542 | const BIGNUM *e, BN_CTX *ctx, | ||
| 543 | BN_GENCB *cb); | ||
| 544 | |||
| 534 | BN_MONT_CTX *BN_MONT_CTX_new(void ); | 545 | BN_MONT_CTX *BN_MONT_CTX_new(void ); |
| 535 | void BN_MONT_CTX_init(BN_MONT_CTX *ctx); | 546 | void BN_MONT_CTX_init(BN_MONT_CTX *ctx); |
| 536 | int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b, | 547 | int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b, |
diff --git a/src/lib/libssl/src/crypto/bn/bn_div.c b/src/lib/libssl/src/crypto/bn/bn_div.c index 8655eb118e..1e8e57626b 100644 --- a/src/lib/libssl/src/crypto/bn/bn_div.c +++ b/src/lib/libssl/src/crypto/bn/bn_div.c | |||
| @@ -187,6 +187,17 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, | |||
| 187 | BN_ULONG d0,d1; | 187 | BN_ULONG d0,d1; |
| 188 | int num_n,div_n; | 188 | int num_n,div_n; |
| 189 | 189 | ||
| 190 | /* Invalid zero-padding would have particularly bad consequences | ||
| 191 | * in the case of 'num', so don't just rely on bn_check_top() for this one | ||
| 192 | * (bn_check_top() works only for BN_DEBUG builds) */ | ||
| 193 | if (num->top > 0 && num->d[num->top - 1] == 0) | ||
| 194 | { | ||
| 195 | BNerr(BN_F_BN_DIV,BN_R_NOT_INITIALIZED); | ||
| 196 | return 0; | ||
| 197 | } | ||
| 198 | |||
| 199 | bn_check_top(num); | ||
| 200 | |||
| 190 | if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0)) | 201 | if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0)) |
| 191 | { | 202 | { |
| 192 | return BN_div_no_branch(dv, rm, num, divisor, ctx); | 203 | return BN_div_no_branch(dv, rm, num, divisor, ctx); |
| @@ -194,7 +205,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, | |||
| 194 | 205 | ||
| 195 | bn_check_top(dv); | 206 | bn_check_top(dv); |
| 196 | bn_check_top(rm); | 207 | bn_check_top(rm); |
| 197 | bn_check_top(num); | 208 | /* bn_check_top(num); */ /* 'num' has been checked already */ |
| 198 | bn_check_top(divisor); | 209 | bn_check_top(divisor); |
| 199 | 210 | ||
| 200 | if (BN_is_zero(divisor)) | 211 | if (BN_is_zero(divisor)) |
| @@ -419,7 +430,7 @@ static int BN_div_no_branch(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, | |||
| 419 | 430 | ||
| 420 | bn_check_top(dv); | 431 | bn_check_top(dv); |
| 421 | bn_check_top(rm); | 432 | bn_check_top(rm); |
| 422 | bn_check_top(num); | 433 | /* bn_check_top(num); */ /* 'num' has been checked in BN_div() */ |
| 423 | bn_check_top(divisor); | 434 | bn_check_top(divisor); |
| 424 | 435 | ||
| 425 | if (BN_is_zero(divisor)) | 436 | if (BN_is_zero(divisor)) |
diff --git a/src/lib/libssl/src/crypto/bn/bn_lib.c b/src/lib/libssl/src/crypto/bn/bn_lib.c index 2649b8c538..32a8fbaf51 100644 --- a/src/lib/libssl/src/crypto/bn/bn_lib.c +++ b/src/lib/libssl/src/crypto/bn/bn_lib.c | |||
| @@ -139,25 +139,6 @@ const BIGNUM *BN_value_one(void) | |||
| 139 | return(&const_one); | 139 | return(&const_one); |
| 140 | } | 140 | } |
| 141 | 141 | ||
| 142 | char *BN_options(void) | ||
| 143 | { | ||
| 144 | static int init=0; | ||
| 145 | static char data[16]; | ||
| 146 | |||
| 147 | if (!init) | ||
| 148 | { | ||
| 149 | init++; | ||
| 150 | #ifdef BN_LLONG | ||
| 151 | BIO_snprintf(data,sizeof data,"bn(%d,%d)", | ||
| 152 | (int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8); | ||
| 153 | #else | ||
| 154 | BIO_snprintf(data,sizeof data,"bn(%d,%d)", | ||
| 155 | (int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8); | ||
| 156 | #endif | ||
| 157 | } | ||
| 158 | return(data); | ||
| 159 | } | ||
| 160 | |||
| 161 | int BN_num_bits_word(BN_ULONG l) | 142 | int BN_num_bits_word(BN_ULONG l) |
| 162 | { | 143 | { |
| 163 | static const char bits[256]={ | 144 | static const char bits[256]={ |
diff --git a/src/lib/libssl/src/crypto/bn/bn_opt.c b/src/lib/libssl/src/crypto/bn/bn_opt.c new file mode 100644 index 0000000000..21cbb38f62 --- /dev/null +++ b/src/lib/libssl/src/crypto/bn/bn_opt.c | |||
| @@ -0,0 +1,87 @@ | |||
| 1 | /* crypto/bn/bn_opt.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #ifndef BN_DEBUG | ||
| 60 | # undef NDEBUG /* avoid conflicting definitions */ | ||
| 61 | # define NDEBUG | ||
| 62 | #endif | ||
| 63 | |||
| 64 | #include <assert.h> | ||
| 65 | #include <limits.h> | ||
| 66 | #include <stdio.h> | ||
| 67 | #include "cryptlib.h" | ||
| 68 | #include "bn_lcl.h" | ||
| 69 | |||
| 70 | char *BN_options(void) | ||
| 71 | { | ||
| 72 | static int init=0; | ||
| 73 | static char data[16]; | ||
| 74 | |||
| 75 | if (!init) | ||
| 76 | { | ||
| 77 | init++; | ||
| 78 | #ifdef BN_LLONG | ||
| 79 | BIO_snprintf(data,sizeof data,"bn(%d,%d)", | ||
| 80 | (int)sizeof(BN_ULLONG)*8,(int)sizeof(BN_ULONG)*8); | ||
| 81 | #else | ||
| 82 | BIO_snprintf(data,sizeof data,"bn(%d,%d)", | ||
| 83 | (int)sizeof(BN_ULONG)*8,(int)sizeof(BN_ULONG)*8); | ||
| 84 | #endif | ||
| 85 | } | ||
| 86 | return(data); | ||
| 87 | } | ||
diff --git a/src/lib/libssl/src/crypto/bn/bn_rand.c b/src/lib/libssl/src/crypto/bn/bn_rand.c index f51830b12b..b376c28ff3 100644 --- a/src/lib/libssl/src/crypto/bn/bn_rand.c +++ b/src/lib/libssl/src/crypto/bn/bn_rand.c | |||
| @@ -227,7 +227,7 @@ int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom) | |||
| 227 | 227 | ||
| 228 | 228 | ||
| 229 | /* random number r: 0 <= r < range */ | 229 | /* random number r: 0 <= r < range */ |
| 230 | static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) | 230 | static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range) |
| 231 | { | 231 | { |
| 232 | int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand; | 232 | int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand; |
| 233 | int n; | 233 | int n; |
| @@ -294,12 +294,12 @@ static int bn_rand_range(int pseudo, BIGNUM *r, BIGNUM *range) | |||
| 294 | } | 294 | } |
| 295 | 295 | ||
| 296 | 296 | ||
| 297 | int BN_rand_range(BIGNUM *r, BIGNUM *range) | 297 | int BN_rand_range(BIGNUM *r, const BIGNUM *range) |
| 298 | { | 298 | { |
| 299 | return bn_rand_range(0, r, range); | 299 | return bn_rand_range(0, r, range); |
| 300 | } | 300 | } |
| 301 | 301 | ||
| 302 | int BN_pseudo_rand_range(BIGNUM *r, BIGNUM *range) | 302 | int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range) |
| 303 | { | 303 | { |
| 304 | return bn_rand_range(1, r, range); | 304 | return bn_rand_range(1, r, range); |
| 305 | } | 305 | } |
diff --git a/src/lib/libssl/src/crypto/bn/bn_shift.c b/src/lib/libssl/src/crypto/bn/bn_shift.c index de9312dce2..c4d301afc4 100644 --- a/src/lib/libssl/src/crypto/bn/bn_shift.c +++ b/src/lib/libssl/src/crypto/bn/bn_shift.c | |||
| @@ -177,7 +177,7 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a, int n) | |||
| 177 | nw=n/BN_BITS2; | 177 | nw=n/BN_BITS2; |
| 178 | rb=n%BN_BITS2; | 178 | rb=n%BN_BITS2; |
| 179 | lb=BN_BITS2-rb; | 179 | lb=BN_BITS2-rb; |
| 180 | if (nw > a->top || a->top == 0) | 180 | if (nw >= a->top || a->top == 0) |
| 181 | { | 181 | { |
| 182 | BN_zero(r); | 182 | BN_zero(r); |
| 183 | return(1); | 183 | return(1); |
diff --git a/src/lib/libssl/src/crypto/buffer/Makefile b/src/lib/libssl/src/crypto/buffer/Makefile index 9f3a88d2d6..9e0f46e19a 100644 --- a/src/lib/libssl/src/crypto/buffer/Makefile +++ b/src/lib/libssl/src/crypto/buffer/Makefile | |||
| @@ -17,8 +17,8 @@ TEST= | |||
| 17 | APPS= | 17 | APPS= |
| 18 | 18 | ||
| 19 | LIB=$(TOP)/libcrypto.a | 19 | LIB=$(TOP)/libcrypto.a |
| 20 | LIBSRC= buffer.c buf_err.c | 20 | LIBSRC= buffer.c buf_str.c buf_err.c |
| 21 | LIBOBJ= buffer.o buf_err.o | 21 | LIBOBJ= buffer.o buf_str.o buf_err.o |
| 22 | 22 | ||
| 23 | SRC= $(LIBSRC) | 23 | SRC= $(LIBSRC) |
| 24 | 24 | ||
| @@ -33,7 +33,7 @@ top: | |||
| 33 | all: lib | 33 | all: lib |
| 34 | 34 | ||
| 35 | lib: $(LIBOBJ) | 35 | lib: $(LIBOBJ) |
| 36 | $(AR) $(LIB) $(LIBOBJ) | 36 | $(ARX) $(LIB) $(LIBOBJ) |
| 37 | $(RANLIB) $(LIB) || echo Never mind. | 37 | $(RANLIB) $(LIB) || echo Never mind. |
| 38 | @touch lib | 38 | @touch lib |
| 39 | 39 | ||
| @@ -81,6 +81,13 @@ buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | |||
| 81 | buf_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 81 | buf_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 82 | buf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 82 | buf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 83 | buf_err.o: buf_err.c | 83 | buf_err.o: buf_err.c |
| 84 | buf_str.o: ../../e_os.h ../../include/openssl/bio.h | ||
| 85 | buf_str.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
| 86 | buf_str.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 87 | buf_str.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | ||
| 88 | buf_str.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 89 | buf_str.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 90 | buf_str.o: ../../include/openssl/symhacks.h ../cryptlib.h buf_str.c | ||
| 84 | buffer.o: ../../e_os.h ../../include/openssl/bio.h | 91 | buffer.o: ../../e_os.h ../../include/openssl/bio.h |
| 85 | buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 92 | buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 86 | buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 93 | buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
diff --git a/src/lib/libssl/src/crypto/buffer/buffer.c b/src/lib/libssl/src/crypto/buffer/buffer.c index 3bf03c7eff..b3e947771d 100644 --- a/src/lib/libssl/src/crypto/buffer/buffer.c +++ b/src/lib/libssl/src/crypto/buffer/buffer.c | |||
| @@ -161,61 +161,3 @@ int BUF_MEM_grow_clean(BUF_MEM *str, int len) | |||
| 161 | } | 161 | } |
| 162 | return(len); | 162 | return(len); |
| 163 | } | 163 | } |
| 164 | |||
| 165 | char *BUF_strdup(const char *str) | ||
| 166 | { | ||
| 167 | if (str == NULL) return(NULL); | ||
| 168 | return BUF_strndup(str, strlen(str)); | ||
| 169 | } | ||
| 170 | |||
| 171 | char *BUF_strndup(const char *str, size_t siz) | ||
| 172 | { | ||
| 173 | char *ret; | ||
| 174 | |||
| 175 | if (str == NULL) return(NULL); | ||
| 176 | |||
| 177 | ret=OPENSSL_malloc(siz+1); | ||
| 178 | if (ret == NULL) | ||
| 179 | { | ||
| 180 | BUFerr(BUF_F_BUF_STRNDUP,ERR_R_MALLOC_FAILURE); | ||
| 181 | return(NULL); | ||
| 182 | } | ||
| 183 | BUF_strlcpy(ret,str,siz+1); | ||
| 184 | return(ret); | ||
| 185 | } | ||
| 186 | |||
| 187 | void *BUF_memdup(const void *data, size_t siz) | ||
| 188 | { | ||
| 189 | void *ret; | ||
| 190 | |||
| 191 | if (data == NULL) return(NULL); | ||
| 192 | |||
| 193 | ret=OPENSSL_malloc(siz); | ||
| 194 | if (ret == NULL) | ||
| 195 | { | ||
| 196 | BUFerr(BUF_F_BUF_MEMDUP,ERR_R_MALLOC_FAILURE); | ||
| 197 | return(NULL); | ||
| 198 | } | ||
| 199 | return memcpy(ret, data, siz); | ||
| 200 | } | ||
| 201 | |||
| 202 | size_t BUF_strlcpy(char *dst, const char *src, size_t size) | ||
| 203 | { | ||
| 204 | size_t l = 0; | ||
| 205 | for(; size > 1 && *src; size--) | ||
| 206 | { | ||
| 207 | *dst++ = *src++; | ||
| 208 | l++; | ||
| 209 | } | ||
| 210 | if (size) | ||
| 211 | *dst = '\0'; | ||
| 212 | return l + strlen(src); | ||
| 213 | } | ||
| 214 | |||
| 215 | size_t BUF_strlcat(char *dst, const char *src, size_t size) | ||
| 216 | { | ||
| 217 | size_t l = 0; | ||
| 218 | for(; size > 0 && *dst; size--, dst++) | ||
| 219 | l++; | ||
| 220 | return l + BUF_strlcpy(dst, src, size); | ||
| 221 | } | ||
diff --git a/src/lib/libssl/src/crypto/cast/Makefile b/src/lib/libssl/src/crypto/cast/Makefile index 149956ee90..2e026dbe0d 100644 --- a/src/lib/libssl/src/crypto/cast/Makefile +++ b/src/lib/libssl/src/crypto/cast/Makefile | |||
| @@ -38,7 +38,7 @@ top: | |||
| 38 | all: lib | 38 | all: lib |
| 39 | 39 | ||
| 40 | lib: $(LIBOBJ) | 40 | lib: $(LIBOBJ) |
| 41 | $(AR) $(LIB) $(LIBOBJ) | 41 | $(ARX) $(LIB) $(LIBOBJ) |
| 42 | $(RANLIB) $(LIB) || echo Never mind. | 42 | $(RANLIB) $(LIB) || echo Never mind. |
| 43 | @touch lib | 43 | @touch lib |
| 44 | 44 | ||
| @@ -102,5 +102,8 @@ c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h | |||
| 102 | c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 102 | c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h |
| 103 | c_ofb64.o: c_ofb64.c cast_lcl.h | 103 | c_ofb64.o: c_ofb64.c cast_lcl.h |
| 104 | c_skey.o: ../../e_os.h ../../include/openssl/cast.h | 104 | c_skey.o: ../../e_os.h ../../include/openssl/cast.h |
| 105 | c_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 105 | c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 106 | c_skey.o: c_skey.c cast_lcl.h cast_s.h | 106 | c_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h |
| 107 | c_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 108 | c_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 109 | c_skey.o: ../../include/openssl/symhacks.h c_skey.c cast_lcl.h cast_s.h | ||
diff --git a/src/lib/libssl/src/crypto/cast/c_skey.c b/src/lib/libssl/src/crypto/cast/c_skey.c index 76e40005c9..68e690a60c 100644 --- a/src/lib/libssl/src/crypto/cast/c_skey.c +++ b/src/lib/libssl/src/crypto/cast/c_skey.c | |||
| @@ -57,6 +57,11 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/cast.h> | 59 | #include <openssl/cast.h> |
| 60 | #include <openssl/crypto.h> | ||
| 61 | #ifdef OPENSSL_FIPS | ||
| 62 | #include <openssl/fips.h> | ||
| 63 | #endif | ||
| 64 | |||
| 60 | #include "cast_lcl.h" | 65 | #include "cast_lcl.h" |
| 61 | #include "cast_s.h" | 66 | #include "cast_s.h" |
| 62 | 67 | ||
| @@ -72,7 +77,7 @@ | |||
| 72 | #define S6 CAST_S_table6 | 77 | #define S6 CAST_S_table6 |
| 73 | #define S7 CAST_S_table7 | 78 | #define S7 CAST_S_table7 |
| 74 | 79 | ||
| 75 | void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data) | 80 | FIPS_NON_FIPS_VCIPHER_Init(CAST) |
| 76 | { | 81 | { |
| 77 | CAST_LONG x[16]; | 82 | CAST_LONG x[16]; |
| 78 | CAST_LONG z[16]; | 83 | CAST_LONG z[16]; |
diff --git a/src/lib/libssl/src/crypto/cast/cast.h b/src/lib/libssl/src/crypto/cast/cast.h index 90b45b950a..1faf5806aa 100644 --- a/src/lib/libssl/src/crypto/cast/cast.h +++ b/src/lib/libssl/src/crypto/cast/cast.h | |||
| @@ -83,7 +83,9 @@ typedef struct cast_key_st | |||
| 83 | int short_key; /* Use reduced rounds for short key */ | 83 | int short_key; /* Use reduced rounds for short key */ |
| 84 | } CAST_KEY; | 84 | } CAST_KEY; |
| 85 | 85 | ||
| 86 | 86 | #ifdef OPENSSL_FIPS | |
| 87 | void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); | ||
| 88 | #endif | ||
| 87 | void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); | 89 | void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); |
| 88 | void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, | 90 | void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, |
| 89 | int enc); | 91 | int enc); |
diff --git a/src/lib/libssl/src/crypto/comp/Makefile b/src/lib/libssl/src/crypto/comp/Makefile index efda832dce..5d364b8513 100644 --- a/src/lib/libssl/src/crypto/comp/Makefile +++ b/src/lib/libssl/src/crypto/comp/Makefile | |||
| @@ -36,7 +36,7 @@ top: | |||
| 36 | all: lib | 36 | all: lib |
| 37 | 37 | ||
| 38 | lib: $(LIBOBJ) | 38 | lib: $(LIBOBJ) |
| 39 | $(AR) $(LIB) $(LIBOBJ) | 39 | $(ARX) $(LIB) $(LIBOBJ) |
| 40 | $(RANLIB) $(LIB) || echo Never mind. | 40 | $(RANLIB) $(LIB) || echo Never mind. |
| 41 | @touch lib | 41 | @touch lib |
| 42 | 42 | ||
diff --git a/src/lib/libssl/src/crypto/comp/c_zlib.c b/src/lib/libssl/src/crypto/comp/c_zlib.c index 0f34597e70..eccfd09137 100644 --- a/src/lib/libssl/src/crypto/comp/c_zlib.c +++ b/src/lib/libssl/src/crypto/comp/c_zlib.c | |||
| @@ -727,6 +727,7 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 727 | case BIO_CTRL_RESET: | 727 | case BIO_CTRL_RESET: |
| 728 | ctx->ocount = 0; | 728 | ctx->ocount = 0; |
| 729 | ctx->odone = 0; | 729 | ctx->odone = 0; |
| 730 | ret = 1; | ||
| 730 | break; | 731 | break; |
| 731 | 732 | ||
| 732 | case BIO_CTRL_FLUSH: | 733 | case BIO_CTRL_FLUSH: |
| @@ -771,7 +772,7 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 771 | } | 772 | } |
| 772 | ctx->obufsize = obs; | 773 | ctx->obufsize = obs; |
| 773 | } | 774 | } |
| 774 | 775 | ret = 1; | |
| 775 | break; | 776 | break; |
| 776 | 777 | ||
| 777 | case BIO_C_DO_STATE_MACHINE: | 778 | case BIO_C_DO_STATE_MACHINE: |
| @@ -783,7 +784,6 @@ static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 783 | default: | 784 | default: |
| 784 | ret = BIO_ctrl(b->next_bio, cmd, num, ptr); | 785 | ret = BIO_ctrl(b->next_bio, cmd, num, ptr); |
| 785 | break; | 786 | break; |
| 786 | |||
| 787 | } | 787 | } |
| 788 | 788 | ||
| 789 | return ret; | 789 | return ret; |
diff --git a/src/lib/libssl/src/crypto/conf/Makefile b/src/lib/libssl/src/crypto/conf/Makefile index 78bb324106..ccd0721332 100644 --- a/src/lib/libssl/src/crypto/conf/Makefile +++ b/src/lib/libssl/src/crypto/conf/Makefile | |||
| @@ -36,7 +36,7 @@ top: | |||
| 36 | all: lib | 36 | all: lib |
| 37 | 37 | ||
| 38 | lib: $(LIBOBJ) | 38 | lib: $(LIBOBJ) |
| 39 | $(AR) $(LIB) $(LIBOBJ) | 39 | $(ARX) $(LIB) $(LIBOBJ) |
| 40 | $(RANLIB) $(LIB) || echo Never mind. | 40 | $(RANLIB) $(LIB) || echo Never mind. |
| 41 | @touch lib | 41 | @touch lib |
| 42 | 42 | ||
| @@ -114,8 +114,8 @@ conf_mall.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h | |||
| 114 | conf_mall.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 114 | conf_mall.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 115 | conf_mall.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | 115 | conf_mall.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h |
| 116 | conf_mall.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 116 | conf_mall.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 117 | conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 117 | conf_mall.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 118 | conf_mall.o: ../../include/openssl/objects.h | 118 | conf_mall.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 119 | conf_mall.o: ../../include/openssl/opensslconf.h | 119 | conf_mall.o: ../../include/openssl/opensslconf.h |
| 120 | conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 120 | conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 121 | conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 121 | conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| @@ -128,9 +128,9 @@ conf_mod.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 128 | conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h | 128 | conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h |
| 129 | conf_mod.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 129 | conf_mod.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 130 | conf_mod.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 130 | conf_mod.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 131 | conf_mod.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 131 | conf_mod.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 132 | conf_mod.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 132 | conf_mod.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 133 | conf_mod.o: ../../include/openssl/opensslconf.h | 133 | conf_mod.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 134 | conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 134 | conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 135 | conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 135 | conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 136 | conf_mod.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 136 | conf_mod.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -143,8 +143,9 @@ conf_sap.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h | |||
| 143 | conf_sap.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 143 | conf_sap.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 144 | conf_sap.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | 144 | conf_sap.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h |
| 145 | conf_sap.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 145 | conf_sap.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 146 | conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 146 | conf_sap.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 147 | conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 147 | conf_sap.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 148 | conf_sap.o: ../../include/openssl/opensslconf.h | ||
| 148 | conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 149 | conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 149 | conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 150 | conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 150 | conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 151 | conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
diff --git a/src/lib/libssl/src/crypto/conf/conf_mall.c b/src/lib/libssl/src/crypto/conf/conf_mall.c index 4ba40cf44c..1cc1fd5534 100644 --- a/src/lib/libssl/src/crypto/conf/conf_mall.c +++ b/src/lib/libssl/src/crypto/conf/conf_mall.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* conf_mall.c */ | 1 | /* conf_mall.c */ |
| 2 | /* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -63,6 +63,7 @@ | |||
| 63 | #include <openssl/dso.h> | 63 | #include <openssl/dso.h> |
| 64 | #include <openssl/x509.h> | 64 | #include <openssl/x509.h> |
| 65 | #include <openssl/asn1.h> | 65 | #include <openssl/asn1.h> |
| 66 | #include <openssl/evp.h> | ||
| 66 | #ifndef OPENSSL_NO_ENGINE | 67 | #ifndef OPENSSL_NO_ENGINE |
| 67 | #include <openssl/engine.h> | 68 | #include <openssl/engine.h> |
| 68 | #endif | 69 | #endif |
| @@ -76,5 +77,6 @@ void OPENSSL_load_builtin_modules(void) | |||
| 76 | #ifndef OPENSSL_NO_ENGINE | 77 | #ifndef OPENSSL_NO_ENGINE |
| 77 | ENGINE_add_conf_module(); | 78 | ENGINE_add_conf_module(); |
| 78 | #endif | 79 | #endif |
| 80 | EVP_add_alg_module(); | ||
| 79 | } | 81 | } |
| 80 | 82 | ||
diff --git a/src/lib/libssl/src/crypto/conf/conf_mod.c b/src/lib/libssl/src/crypto/conf/conf_mod.c index 628e8333a6..ee9c677d9b 100644 --- a/src/lib/libssl/src/crypto/conf/conf_mod.c +++ b/src/lib/libssl/src/crypto/conf/conf_mod.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* conf_mod.c */ | 1 | /* conf_mod.c */ |
| 2 | /* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/conf/conf_sap.c b/src/lib/libssl/src/crypto/conf/conf_sap.c index 9c53bac1a8..760dc2632d 100644 --- a/src/lib/libssl/src/crypto/conf/conf_sap.c +++ b/src/lib/libssl/src/crypto/conf/conf_sap.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* conf_sap.c */ | 1 | /* conf_sap.c */ |
| 2 | /* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/cryptlib.c b/src/lib/libssl/src/crypto/cryptlib.c index 8c68623828..8f9e88e403 100644 --- a/src/lib/libssl/src/crypto/cryptlib.c +++ b/src/lib/libssl/src/crypto/cryptlib.c | |||
| @@ -121,275 +121,17 @@ | |||
| 121 | static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */ | 121 | static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */ |
| 122 | #endif | 122 | #endif |
| 123 | 123 | ||
| 124 | DECLARE_STACK_OF(CRYPTO_dynlock) | ||
| 125 | IMPLEMENT_STACK_OF(CRYPTO_dynlock) | ||
| 126 | |||
| 127 | /* real #defines in crypto.h, keep these upto date */ | ||
| 128 | static const char* const lock_names[CRYPTO_NUM_LOCKS] = | ||
| 129 | { | ||
| 130 | "<<ERROR>>", | ||
| 131 | "err", | ||
| 132 | "ex_data", | ||
| 133 | "x509", | ||
| 134 | "x509_info", | ||
| 135 | "x509_pkey", | ||
| 136 | "x509_crl", | ||
| 137 | "x509_req", | ||
| 138 | "dsa", | ||
| 139 | "rsa", | ||
| 140 | "evp_pkey", | ||
| 141 | "x509_store", | ||
| 142 | "ssl_ctx", | ||
| 143 | "ssl_cert", | ||
| 144 | "ssl_session", | ||
| 145 | "ssl_sess_cert", | ||
| 146 | "ssl", | ||
| 147 | "ssl_method", | ||
| 148 | "rand", | ||
| 149 | "rand2", | ||
| 150 | "debug_malloc", | ||
| 151 | "BIO", | ||
| 152 | "gethostbyname", | ||
| 153 | "getservbyname", | ||
| 154 | "readdir", | ||
| 155 | "RSA_blinding", | ||
| 156 | "dh", | ||
| 157 | "debug_malloc2", | ||
| 158 | "dso", | ||
| 159 | "dynlock", | ||
| 160 | "engine", | ||
| 161 | "ui", | ||
| 162 | "ecdsa", | ||
| 163 | "ec", | ||
| 164 | "ecdh", | ||
| 165 | "bn", | ||
| 166 | "ec_pre_comp", | ||
| 167 | "store", | ||
| 168 | "comp", | ||
| 169 | #if CRYPTO_NUM_LOCKS != 39 | ||
| 170 | # error "Inconsistency between crypto.h and cryptlib.c" | ||
| 171 | #endif | ||
| 172 | }; | ||
| 173 | |||
| 174 | /* This is for applications to allocate new type names in the non-dynamic | ||
| 175 | array of lock names. These are numbered with positive numbers. */ | ||
| 176 | static STACK *app_locks=NULL; | ||
| 177 | |||
| 178 | /* For applications that want a more dynamic way of handling threads, the | ||
| 179 | following stack is used. These are externally numbered with negative | ||
| 180 | numbers. */ | ||
| 181 | static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL; | ||
| 182 | |||
| 183 | |||
| 184 | static void (MS_FAR *locking_callback)(int mode,int type, | 124 | static void (MS_FAR *locking_callback)(int mode,int type, |
| 185 | const char *file,int line)=NULL; | 125 | const char *file,int line)=NULL; |
| 186 | static int (MS_FAR *add_lock_callback)(int *pointer,int amount, | 126 | static int (MS_FAR *add_lock_callback)(int *pointer,int amount, |
| 187 | int type,const char *file,int line)=NULL; | 127 | int type,const char *file,int line)=NULL; |
| 188 | static unsigned long (MS_FAR *id_callback)(void)=NULL; | 128 | static unsigned long (MS_FAR *id_callback)(void)=NULL; |
| 189 | static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback) | ||
| 190 | (const char *file,int line)=NULL; | ||
| 191 | static void (MS_FAR *dynlock_lock_callback)(int mode, | ||
| 192 | struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL; | ||
| 193 | static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l, | ||
| 194 | const char *file,int line)=NULL; | ||
| 195 | |||
| 196 | int CRYPTO_get_new_lockid(char *name) | ||
| 197 | { | ||
| 198 | char *str; | ||
| 199 | int i; | ||
| 200 | |||
| 201 | #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) | ||
| 202 | /* A hack to make Visual C++ 5.0 work correctly when linking as | ||
| 203 | * a DLL using /MT. Without this, the application cannot use | ||
| 204 | * and floating point printf's. | ||
| 205 | * It also seems to be needed for Visual C 1.5 (win16) */ | ||
| 206 | SSLeay_MSVC5_hack=(double)name[0]*(double)name[1]; | ||
| 207 | #endif | ||
| 208 | |||
| 209 | if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL)) | ||
| 210 | { | ||
| 211 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); | ||
| 212 | return(0); | ||
| 213 | } | ||
| 214 | if ((str=BUF_strdup(name)) == NULL) | ||
| 215 | { | ||
| 216 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); | ||
| 217 | return(0); | ||
| 218 | } | ||
| 219 | i=sk_push(app_locks,str); | ||
| 220 | if (!i) | ||
| 221 | OPENSSL_free(str); | ||
| 222 | else | ||
| 223 | i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */ | ||
| 224 | return(i); | ||
| 225 | } | ||
| 226 | 129 | ||
| 227 | int CRYPTO_num_locks(void) | 130 | int CRYPTO_num_locks(void) |
| 228 | { | 131 | { |
| 229 | return CRYPTO_NUM_LOCKS; | 132 | return CRYPTO_NUM_LOCKS; |
| 230 | } | 133 | } |
| 231 | 134 | ||
| 232 | int CRYPTO_get_new_dynlockid(void) | ||
| 233 | { | ||
| 234 | int i = 0; | ||
| 235 | CRYPTO_dynlock *pointer = NULL; | ||
| 236 | |||
| 237 | if (dynlock_create_callback == NULL) | ||
| 238 | { | ||
| 239 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK); | ||
| 240 | return(0); | ||
| 241 | } | ||
| 242 | CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); | ||
| 243 | if ((dyn_locks == NULL) | ||
| 244 | && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL)) | ||
| 245 | { | ||
| 246 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 247 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); | ||
| 248 | return(0); | ||
| 249 | } | ||
| 250 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 251 | |||
| 252 | pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock)); | ||
| 253 | if (pointer == NULL) | ||
| 254 | { | ||
| 255 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); | ||
| 256 | return(0); | ||
| 257 | } | ||
| 258 | pointer->references = 1; | ||
| 259 | pointer->data = dynlock_create_callback(__FILE__,__LINE__); | ||
| 260 | if (pointer->data == NULL) | ||
| 261 | { | ||
| 262 | OPENSSL_free(pointer); | ||
| 263 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); | ||
| 264 | return(0); | ||
| 265 | } | ||
| 266 | |||
| 267 | CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); | ||
| 268 | /* First, try to find an existing empty slot */ | ||
| 269 | i=sk_CRYPTO_dynlock_find(dyn_locks,NULL); | ||
| 270 | /* If there was none, push, thereby creating a new one */ | ||
| 271 | if (i == -1) | ||
| 272 | /* Since sk_push() returns the number of items on the | ||
| 273 | stack, not the location of the pushed item, we need | ||
| 274 | to transform the returned number into a position, | ||
| 275 | by decreasing it. */ | ||
| 276 | i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1; | ||
| 277 | else | ||
| 278 | /* If we found a place with a NULL pointer, put our pointer | ||
| 279 | in it. */ | ||
| 280 | (void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); | ||
| 281 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 282 | |||
| 283 | if (i == -1) | ||
| 284 | { | ||
| 285 | dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); | ||
| 286 | OPENSSL_free(pointer); | ||
| 287 | } | ||
| 288 | else | ||
| 289 | i += 1; /* to avoid 0 */ | ||
| 290 | return -i; | ||
| 291 | } | ||
| 292 | |||
| 293 | void CRYPTO_destroy_dynlockid(int i) | ||
| 294 | { | ||
| 295 | CRYPTO_dynlock *pointer = NULL; | ||
| 296 | if (i) | ||
| 297 | i = -i-1; | ||
| 298 | if (dynlock_destroy_callback == NULL) | ||
| 299 | return; | ||
| 300 | |||
| 301 | CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); | ||
| 302 | |||
| 303 | if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks)) | ||
| 304 | { | ||
| 305 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 306 | return; | ||
| 307 | } | ||
| 308 | pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); | ||
| 309 | if (pointer != NULL) | ||
| 310 | { | ||
| 311 | --pointer->references; | ||
| 312 | #ifdef REF_CHECK | ||
| 313 | if (pointer->references < 0) | ||
| 314 | { | ||
| 315 | fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n"); | ||
| 316 | abort(); | ||
| 317 | } | ||
| 318 | else | ||
| 319 | #endif | ||
| 320 | if (pointer->references <= 0) | ||
| 321 | { | ||
| 322 | (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL); | ||
| 323 | } | ||
| 324 | else | ||
| 325 | pointer = NULL; | ||
| 326 | } | ||
| 327 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 328 | |||
| 329 | if (pointer) | ||
| 330 | { | ||
| 331 | dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); | ||
| 332 | OPENSSL_free(pointer); | ||
| 333 | } | ||
| 334 | } | ||
| 335 | |||
| 336 | struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i) | ||
| 337 | { | ||
| 338 | CRYPTO_dynlock *pointer = NULL; | ||
| 339 | if (i) | ||
| 340 | i = -i-1; | ||
| 341 | |||
| 342 | CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); | ||
| 343 | |||
| 344 | if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks)) | ||
| 345 | pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); | ||
| 346 | if (pointer) | ||
| 347 | pointer->references++; | ||
| 348 | |||
| 349 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 350 | |||
| 351 | if (pointer) | ||
| 352 | return pointer->data; | ||
| 353 | return NULL; | ||
| 354 | } | ||
| 355 | |||
| 356 | struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void)) | ||
| 357 | (const char *file,int line) | ||
| 358 | { | ||
| 359 | return(dynlock_create_callback); | ||
| 360 | } | ||
| 361 | |||
| 362 | void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, | ||
| 363 | struct CRYPTO_dynlock_value *l, const char *file,int line) | ||
| 364 | { | ||
| 365 | return(dynlock_lock_callback); | ||
| 366 | } | ||
| 367 | |||
| 368 | void (*CRYPTO_get_dynlock_destroy_callback(void)) | ||
| 369 | (struct CRYPTO_dynlock_value *l, const char *file,int line) | ||
| 370 | { | ||
| 371 | return(dynlock_destroy_callback); | ||
| 372 | } | ||
| 373 | |||
| 374 | void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func) | ||
| 375 | (const char *file, int line)) | ||
| 376 | { | ||
| 377 | dynlock_create_callback=func; | ||
| 378 | } | ||
| 379 | |||
| 380 | void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode, | ||
| 381 | struct CRYPTO_dynlock_value *l, const char *file, int line)) | ||
| 382 | { | ||
| 383 | dynlock_lock_callback=func; | ||
| 384 | } | ||
| 385 | |||
| 386 | void CRYPTO_set_dynlock_destroy_callback(void (*func) | ||
| 387 | (struct CRYPTO_dynlock_value *l, const char *file, int line)) | ||
| 388 | { | ||
| 389 | dynlock_destroy_callback=func; | ||
| 390 | } | ||
| 391 | |||
| 392 | |||
| 393 | void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file, | 135 | void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file, |
| 394 | int line) | 136 | int line) |
| 395 | { | 137 | { |
| @@ -445,6 +187,14 @@ unsigned long CRYPTO_thread_id(void) | |||
| 445 | return(ret); | 187 | return(ret); |
| 446 | } | 188 | } |
| 447 | 189 | ||
| 190 | static void (*do_dynlock_cb)(int mode, int type, const char *file, int line); | ||
| 191 | |||
| 192 | void int_CRYPTO_set_do_dynlock_callback( | ||
| 193 | void (*dyn_cb)(int mode, int type, const char *file, int line)) | ||
| 194 | { | ||
| 195 | do_dynlock_cb = dyn_cb; | ||
| 196 | } | ||
| 197 | |||
| 448 | void CRYPTO_lock(int mode, int type, const char *file, int line) | 198 | void CRYPTO_lock(int mode, int type, const char *file, int line) |
| 449 | { | 199 | { |
| 450 | #ifdef LOCK_DEBUG | 200 | #ifdef LOCK_DEBUG |
| @@ -472,17 +222,8 @@ void CRYPTO_lock(int mode, int type, const char *file, int line) | |||
| 472 | #endif | 222 | #endif |
| 473 | if (type < 0) | 223 | if (type < 0) |
| 474 | { | 224 | { |
| 475 | if (dynlock_lock_callback != NULL) | 225 | if (do_dynlock_cb) |
| 476 | { | 226 | do_dynlock_cb(mode, type, file, line); |
| 477 | struct CRYPTO_dynlock_value *pointer | ||
| 478 | = CRYPTO_get_dynlock_value(type); | ||
| 479 | |||
| 480 | OPENSSL_assert(pointer != NULL); | ||
| 481 | |||
| 482 | dynlock_lock_callback(mode, pointer, file, line); | ||
| 483 | |||
| 484 | CRYPTO_destroy_dynlockid(type); | ||
| 485 | } | ||
| 486 | } | 227 | } |
| 487 | else | 228 | else |
| 488 | if (locking_callback != NULL) | 229 | if (locking_callback != NULL) |
| @@ -527,21 +268,9 @@ int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, | |||
| 527 | return(ret); | 268 | return(ret); |
| 528 | } | 269 | } |
| 529 | 270 | ||
| 530 | const char *CRYPTO_get_lock_name(int type) | ||
| 531 | { | ||
| 532 | if (type < 0) | ||
| 533 | return("dynamic"); | ||
| 534 | else if (type < CRYPTO_NUM_LOCKS) | ||
| 535 | return(lock_names[type]); | ||
| 536 | else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks)) | ||
| 537 | return("ERROR"); | ||
| 538 | else | ||
| 539 | return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); | ||
| 540 | } | ||
| 541 | |||
| 542 | #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ | 271 | #if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ |
| 543 | defined(__INTEL__) || \ | 272 | defined(__INTEL__) || \ |
| 544 | defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) | 273 | defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64) |
| 545 | 274 | ||
| 546 | unsigned long OPENSSL_ia32cap_P=0; | 275 | unsigned long OPENSSL_ia32cap_P=0; |
| 547 | unsigned long *OPENSSL_ia32cap_loc(void) { return &OPENSSL_ia32cap_P; } | 276 | unsigned long *OPENSSL_ia32cap_loc(void) { return &OPENSSL_ia32cap_P; } |
| @@ -577,6 +306,62 @@ void OPENSSL_cpuid_setup(void) {} | |||
| 577 | #endif | 306 | #endif |
| 578 | 307 | ||
| 579 | #if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL) | 308 | #if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL) |
| 309 | |||
| 310 | #ifdef OPENSSL_FIPS | ||
| 311 | |||
| 312 | #include <tlhelp32.h> | ||
| 313 | #if defined(__GNUC__) && __GNUC__>=2 | ||
| 314 | static int DllInit(void) __attribute__((constructor)); | ||
| 315 | #elif defined(_MSC_VER) | ||
| 316 | static int DllInit(void); | ||
| 317 | # ifdef _WIN64 | ||
| 318 | # pragma section(".CRT$XCU",read) | ||
| 319 | __declspec(allocate(".CRT$XCU")) | ||
| 320 | # else | ||
| 321 | # pragma data_seg(".CRT$XCU") | ||
| 322 | # endif | ||
| 323 | static int (*p)(void) = DllInit; | ||
| 324 | # pragma data_seg() | ||
| 325 | #endif | ||
| 326 | |||
| 327 | static int DllInit(void) | ||
| 328 | { | ||
| 329 | #if defined(_WIN32_WINNT) | ||
| 330 | union { int(*f)(void); BYTE *p; } t = { DllInit }; | ||
| 331 | HANDLE hModuleSnap = INVALID_HANDLE_VALUE; | ||
| 332 | IMAGE_DOS_HEADER *dos_header; | ||
| 333 | IMAGE_NT_HEADERS *nt_headers; | ||
| 334 | MODULEENTRY32 me32 = {sizeof(me32)}; | ||
| 335 | |||
| 336 | hModuleSnap = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE,0); | ||
| 337 | if (hModuleSnap != INVALID_HANDLE_VALUE && | ||
| 338 | Module32First(hModuleSnap,&me32)) do | ||
| 339 | { | ||
| 340 | if (t.p >= me32.modBaseAddr && | ||
| 341 | t.p < me32.modBaseAddr+me32.modBaseSize) | ||
| 342 | { | ||
| 343 | dos_header=(IMAGE_DOS_HEADER *)me32.modBaseAddr; | ||
| 344 | if (dos_header->e_magic==IMAGE_DOS_SIGNATURE) | ||
| 345 | { | ||
| 346 | nt_headers=(IMAGE_NT_HEADERS *) | ||
| 347 | ((BYTE *)dos_header+dos_header->e_lfanew); | ||
| 348 | if (nt_headers->Signature==IMAGE_NT_SIGNATURE && | ||
| 349 | me32.modBaseAddr!=(BYTE*)nt_headers->OptionalHeader.ImageBase) | ||
| 350 | OPENSSL_NONPIC_relocated=1; | ||
| 351 | } | ||
| 352 | break; | ||
| 353 | } | ||
| 354 | } while (Module32Next(hModuleSnap,&me32)); | ||
| 355 | |||
| 356 | if (hModuleSnap != INVALID_HANDLE_VALUE) | ||
| 357 | CloseHandle(hModuleSnap); | ||
| 358 | #endif | ||
| 359 | OPENSSL_cpuid_setup(); | ||
| 360 | return 0; | ||
| 361 | } | ||
| 362 | |||
| 363 | #else | ||
| 364 | |||
| 580 | #ifdef __CYGWIN__ | 365 | #ifdef __CYGWIN__ |
| 581 | /* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */ | 366 | /* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */ |
| 582 | #include <windows.h> | 367 | #include <windows.h> |
| @@ -620,6 +405,8 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, | |||
| 620 | } | 405 | } |
| 621 | #endif | 406 | #endif |
| 622 | 407 | ||
| 408 | #endif | ||
| 409 | |||
| 623 | #if defined(_WIN32) && !defined(__CYGWIN__) | 410 | #if defined(_WIN32) && !defined(__CYGWIN__) |
| 624 | #include <tchar.h> | 411 | #include <tchar.h> |
| 625 | 412 | ||
diff --git a/src/lib/libssl/src/crypto/cryptlib.h b/src/lib/libssl/src/crypto/cryptlib.h index 5ceaa964b5..fc249c57f3 100644 --- a/src/lib/libssl/src/crypto/cryptlib.h +++ b/src/lib/libssl/src/crypto/cryptlib.h | |||
| @@ -103,7 +103,6 @@ extern unsigned long OPENSSL_ia32cap_P; | |||
| 103 | void OPENSSL_showfatal(const char *,...); | 103 | void OPENSSL_showfatal(const char *,...); |
| 104 | void *OPENSSL_stderr(void); | 104 | void *OPENSSL_stderr(void); |
| 105 | extern int OPENSSL_NONPIC_relocated; | 105 | extern int OPENSSL_NONPIC_relocated; |
| 106 | int OPENSSL_isservice(void); | ||
| 107 | 106 | ||
| 108 | #ifdef __cplusplus | 107 | #ifdef __cplusplus |
| 109 | } | 108 | } |
diff --git a/src/lib/libssl/src/crypto/crypto-lib.com b/src/lib/libssl/src/crypto/crypto-lib.com index 8898f30c1f..db9c882fb0 100644 --- a/src/lib/libssl/src/crypto/crypto-lib.com +++ b/src/lib/libssl/src/crypto/crypto-lib.com | |||
| @@ -83,7 +83,7 @@ $ ENCRYPT_TYPES = "Basic,"+ - | |||
| 83 | "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ - | 83 | "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ - |
| 84 | "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - | 84 | "EVP,EVP_2,ASN1,ASN1_2,PEM,X509,X509V3,"+ - |
| 85 | "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ - | 85 | "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ - |
| 86 | "STORE,CMS,PQUEUE" | 86 | "STORE,CMS,PQUEUE,JPAKE" |
| 87 | $! | 87 | $! |
| 88 | $! Check To Make Sure We Have Valid Command Line Parameters. | 88 | $! Check To Make Sure We Have Valid Command Line Parameters. |
| 89 | $! | 89 | $! |
| @@ -161,7 +161,7 @@ $! | |||
| 161 | $ APPS_DES = "DES/DES,CBC3_ENC" | 161 | $ APPS_DES = "DES/DES,CBC3_ENC" |
| 162 | $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" | 162 | $ APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE" |
| 163 | $ | 163 | $ |
| 164 | $ LIB_ = "cryptlib,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time,o_str,o_dir" | 164 | $ LIB_ = "cryptlib,dyn_lck,mem,mem_clr,mem_dbg,cversion,ex_data,tmdiff,cpt_err,ebcdic,uid,o_time,o_str,o_dir,o_init,fips_err" |
| 165 | $ LIB_MD2 = "md2_dgst,md2_one" | 165 | $ LIB_MD2 = "md2_dgst,md2_one" |
| 166 | $ LIB_MD4 = "md4_dgst,md4_one" | 166 | $ LIB_MD4 = "md4_dgst,md4_one" |
| 167 | $ LIB_MD5 = "md5_dgst,md5_one" | 167 | $ LIB_MD5 = "md5_dgst,md5_one" |
| @@ -197,9 +197,9 @@ $ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_nist,ec_cvt,ec_mult,"+ - | |||
| 197 | "ec2_smpl,ec2_mult" | 197 | "ec2_smpl,ec2_mult" |
| 198 | $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ - | 198 | $ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ - |
| 199 | "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ - | 199 | "rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ - |
| 200 | "rsa_pss,rsa_x931,rsa_asn1,rsa_depr" | 200 | "rsa_pss,rsa_x931,rsa_x931g,rsa_asn1,rsa_depr,rsa_eng" |
| 201 | $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,"+ - | 201 | $ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,"+ - |
| 202 | "dsa_err,dsa_ossl,dsa_depr" | 202 | "dsa_err,dsa_ossl,dsa_depr,dsa_utl" |
| 203 | $ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err" | 203 | $ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err" |
| 204 | $ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr" | 204 | $ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr" |
| 205 | $ LIB_ECDH = "ech_lib,ech_ossl,ech_key,ech_err" | 205 | $ LIB_ECDH = "ech_lib,ech_ossl,ech_key,ech_err" |
| @@ -211,8 +211,8 @@ $ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ - | |||
| 211 | "tb_cipher,tb_digest,"+ - | 211 | "tb_cipher,tb_digest,"+ - |
| 212 | "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev,eng_padlock" | 212 | "eng_openssl,eng_dyn,eng_cnf,eng_cryptodev,eng_padlock" |
| 213 | $ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,"+ - | 213 | $ LIB_AES = "aes_core,aes_misc,aes_ecb,aes_cbc,aes_cfb,aes_ofb,"+ - |
| 214 | "aes_ctr,aes_ige,aes_wrap" | 214 | "aes_ctr,aes_ige" |
| 215 | $ LIB_BUFFER = "buffer,buf_err" | 215 | $ LIB_BUFFER = "buffer,buf_str,buf_err" |
| 216 | $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - | 216 | $ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ - |
| 217 | "bss_mem,bss_null,bss_fd,"+ - | 217 | "bss_mem,bss_null,bss_fd,"+ - |
| 218 | "bss_file,bss_sock,bss_conn,"+ - | 218 | "bss_file,bss_sock,bss_conn,"+ - |
| @@ -224,18 +224,19 @@ $ LIB_STACK = "stack" | |||
| 224 | $ LIB_LHASH = "lhash,lh_stats" | 224 | $ LIB_LHASH = "lhash,lh_stats" |
| 225 | $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ - | 225 | $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ - |
| 226 | "rand_vms" | 226 | "rand_vms" |
| 227 | $ LIB_ERR = "err,err_all,err_prn" | 227 | $ LIB_ERR = "err,err_def,err_all,err_prn,err_str,err_bio" |
| 228 | $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err" | 228 | $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err" |
| 229 | $ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ - | 229 | $ LIB_EVP = "encode,digest,dig_eng,evp_enc,evp_key,evp_acnf,evp_cnf,"+ - |
| 230 | "e_des,e_bf,e_idea,e_des3,e_camellia,e_seed,"+ - | 230 | "e_des,e_bf,e_idea,e_des3,e_camellia,"+ - |
| 231 | "e_rc4,e_aes,names,"+ - | 231 | "e_rc4,e_aes,names,e_seed,"+ - |
| 232 | "e_xcbc_d,e_rc2,e_cast,e_rc5" | 232 | "e_xcbc_d,e_rc2,e_cast,e_rc5,enc_min" |
| 233 | $ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + - | 233 | $ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1," + - |
| 234 | "m_dss,m_dss1,m_mdc2,m_ripemd,m_ecdsa,"+ - | 234 | "m_dss,m_dss1,m_mdc2,m_ripemd,m_ecdsa,"+ - |
| 235 | "p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ - | 235 | "p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ - |
| 236 | "bio_md,bio_b64,bio_enc,evp_err,e_null,"+ - | 236 | "bio_md,bio_b64,bio_enc,evp_err,e_null,"+ - |
| 237 | "c_all,c_allc,c_alld,evp_lib,bio_ok,"+- | 237 | "c_all,c_allc,c_alld,evp_lib,bio_ok,"+- |
| 238 | "evp_pkey,evp_pbe,p5_crpt,p5_crpt2" | 238 | "evp_pkey,evp_pbe,p5_crpt,p5_crpt2" |
| 239 | $ LIB_EVP_3 = "e_old" | ||
| 239 | $ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ - | 240 | $ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ - |
| 240 | "a_print,a_type,a_set,a_dup,a_d2i_fp,a_i2d_fp,"+ - | 241 | "a_print,a_type,a_set,a_dup,a_d2i_fp,a_i2d_fp,"+ - |
| 241 | "a_enum,a_utf8,a_sign,a_digest,a_verify,a_mbstr,a_strex,"+ - | 242 | "a_enum,a_utf8,a_sign,a_digest,a_verify,a_mbstr,a_strex,"+ - |
| @@ -245,7 +246,7 @@ $ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ - | |||
| 245 | $ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ - | 246 | $ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ - |
| 246 | "tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ - | 247 | "tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ - |
| 247 | "f_int,f_string,n_pkey,"+ - | 248 | "f_int,f_string,n_pkey,"+ - |
| 248 | "f_enum,a_hdr,x_pkey,a_bool,x_exten,asn_mime,"+ - | 249 | "f_enum,a_hdr,x_pkey,a_bool,x_exten,"+ - |
| 249 | "asn1_gen,asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ - | 250 | "asn1_gen,asn1_par,asn1_lib,asn1_err,a_meth,a_bytes,a_strnid,"+ - |
| 250 | "evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid" | 251 | "evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid" |
| 251 | $ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ - | 252 | $ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ - |
| @@ -280,6 +281,7 @@ $ LIB_STORE = "str_err,str_lib,str_meth,str_mem" | |||
| 280 | $ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ - | 281 | $ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ - |
| 281 | "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess" | 282 | "cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess" |
| 282 | $ LIB_PQUEUE = "pqueue" | 283 | $ LIB_PQUEUE = "pqueue" |
| 284 | $ LIB_JPAKE = "jpake,jpake_err" | ||
| 283 | $! | 285 | $! |
| 284 | $! Setup exceptional compilations | 286 | $! Setup exceptional compilations |
| 285 | $! | 287 | $! |
diff --git a/src/lib/libssl/src/crypto/crypto.h b/src/lib/libssl/src/crypto/crypto.h index d2b5ffe332..0e4fb0723c 100644 --- a/src/lib/libssl/src/crypto/crypto.h +++ b/src/lib/libssl/src/crypto/crypto.h | |||
| @@ -219,7 +219,13 @@ typedef struct openssl_item_st | |||
| 219 | #define CRYPTO_LOCK_EC_PRE_COMP 36 | 219 | #define CRYPTO_LOCK_EC_PRE_COMP 36 |
| 220 | #define CRYPTO_LOCK_STORE 37 | 220 | #define CRYPTO_LOCK_STORE 37 |
| 221 | #define CRYPTO_LOCK_COMP 38 | 221 | #define CRYPTO_LOCK_COMP 38 |
| 222 | #ifndef OPENSSL_FIPS | ||
| 222 | #define CRYPTO_NUM_LOCKS 39 | 223 | #define CRYPTO_NUM_LOCKS 39 |
| 224 | #else | ||
| 225 | #define CRYPTO_LOCK_FIPS 39 | ||
| 226 | #define CRYPTO_LOCK_FIPS2 40 | ||
| 227 | #define CRYPTO_NUM_LOCKS 41 | ||
| 228 | #endif | ||
| 223 | 229 | ||
| 224 | #define CRYPTO_LOCK 1 | 230 | #define CRYPTO_LOCK 1 |
| 225 | #define CRYPTO_UNLOCK 2 | 231 | #define CRYPTO_UNLOCK 2 |
| @@ -341,14 +347,7 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) | |||
| 341 | 347 | ||
| 342 | /* Set standard debugging functions (not done by default | 348 | /* Set standard debugging functions (not done by default |
| 343 | * unless CRYPTO_MDEBUG is defined) */ | 349 | * unless CRYPTO_MDEBUG is defined) */ |
| 344 | #define CRYPTO_malloc_debug_init() do {\ | 350 | void CRYPTO_malloc_debug_init(void); |
| 345 | CRYPTO_set_mem_debug_functions(\ | ||
| 346 | CRYPTO_dbg_malloc,\ | ||
| 347 | CRYPTO_dbg_realloc,\ | ||
| 348 | CRYPTO_dbg_free,\ | ||
| 349 | CRYPTO_dbg_set_options,\ | ||
| 350 | CRYPTO_dbg_get_options);\ | ||
| 351 | } while(0) | ||
| 352 | 351 | ||
| 353 | int CRYPTO_mem_ctrl(int mode); | 352 | int CRYPTO_mem_ctrl(int mode); |
| 354 | int CRYPTO_is_mem_check_on(void); | 353 | int CRYPTO_is_mem_check_on(void); |
| @@ -363,6 +362,7 @@ int CRYPTO_is_mem_check_on(void); | |||
| 363 | #define is_MemCheck_on() CRYPTO_is_mem_check_on() | 362 | #define is_MemCheck_on() CRYPTO_is_mem_check_on() |
| 364 | 363 | ||
| 365 | #define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) | 364 | #define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) |
| 365 | #define OPENSSL_strdup(str) CRYPTO_strdup((str),__FILE__,__LINE__) | ||
| 366 | #define OPENSSL_realloc(addr,num) \ | 366 | #define OPENSSL_realloc(addr,num) \ |
| 367 | CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) | 367 | CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) |
| 368 | #define OPENSSL_realloc_clean(addr,old_num,num) \ | 368 | #define OPENSSL_realloc_clean(addr,old_num,num) \ |
| @@ -427,6 +427,9 @@ const char *CRYPTO_get_lock_name(int type); | |||
| 427 | int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file, | 427 | int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file, |
| 428 | int line); | 428 | int line); |
| 429 | 429 | ||
| 430 | void int_CRYPTO_set_do_dynlock_callback( | ||
| 431 | void (*do_dynlock_cb)(int mode, int type, const char *file, int line)); | ||
| 432 | |||
| 430 | int CRYPTO_get_new_dynlockid(void); | 433 | int CRYPTO_get_new_dynlockid(void); |
| 431 | void CRYPTO_destroy_dynlockid(int i); | 434 | void CRYPTO_destroy_dynlockid(int i); |
| 432 | struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i); | 435 | struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i); |
| @@ -451,6 +454,10 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int), | |||
| 451 | void (*f)(void *,int), | 454 | void (*f)(void *,int), |
| 452 | void (*so)(long), | 455 | void (*so)(long), |
| 453 | long (*go)(void)); | 456 | long (*go)(void)); |
| 457 | void CRYPTO_set_mem_info_functions( | ||
| 458 | int (*push_info_fn)(const char *info, const char *file, int line), | ||
| 459 | int (*pop_info_fn)(void), | ||
| 460 | int (*remove_all_info_fn)(void)); | ||
| 454 | void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *)); | 461 | void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *)); |
| 455 | void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *)); | 462 | void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *)); |
| 456 | void CRYPTO_get_mem_ex_functions(void *(**m)(size_t,const char *,int), | 463 | void CRYPTO_get_mem_ex_functions(void *(**m)(size_t,const char *,int), |
| @@ -467,6 +474,7 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int), | |||
| 467 | void *CRYPTO_malloc_locked(int num, const char *file, int line); | 474 | void *CRYPTO_malloc_locked(int num, const char *file, int line); |
| 468 | void CRYPTO_free_locked(void *); | 475 | void CRYPTO_free_locked(void *); |
| 469 | void *CRYPTO_malloc(int num, const char *file, int line); | 476 | void *CRYPTO_malloc(int num, const char *file, int line); |
| 477 | char *CRYPTO_strdup(const char *str, const char *file, int line); | ||
| 470 | void CRYPTO_free(void *); | 478 | void CRYPTO_free(void *); |
| 471 | void *CRYPTO_realloc(void *addr,int num, const char *file, int line); | 479 | void *CRYPTO_realloc(void *addr,int num, const char *file, int line); |
| 472 | void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file, | 480 | void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file, |
| @@ -506,6 +514,9 @@ void CRYPTO_dbg_free(void *addr,int before_p); | |||
| 506 | void CRYPTO_dbg_set_options(long bits); | 514 | void CRYPTO_dbg_set_options(long bits); |
| 507 | long CRYPTO_dbg_get_options(void); | 515 | long CRYPTO_dbg_get_options(void); |
| 508 | 516 | ||
| 517 | int CRYPTO_dbg_push_info(const char *info, const char *file, int line); | ||
| 518 | int CRYPTO_dbg_pop_info(void); | ||
| 519 | int CRYPTO_dbg_remove_all_info(void); | ||
| 509 | 520 | ||
| 510 | #ifndef OPENSSL_NO_FP_API | 521 | #ifndef OPENSSL_NO_FP_API |
| 511 | void CRYPTO_mem_leaks_fp(FILE *); | 522 | void CRYPTO_mem_leaks_fp(FILE *); |
| @@ -521,6 +532,61 @@ void OpenSSLDie(const char *file,int line,const char *assertion); | |||
| 521 | 532 | ||
| 522 | unsigned long *OPENSSL_ia32cap_loc(void); | 533 | unsigned long *OPENSSL_ia32cap_loc(void); |
| 523 | #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) | 534 | #define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc())) |
| 535 | int OPENSSL_isservice(void); | ||
| 536 | |||
| 537 | #ifdef OPENSSL_FIPS | ||
| 538 | #define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \ | ||
| 539 | alg " previous FIPS forbidden algorithm error ignored"); | ||
| 540 | |||
| 541 | #define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \ | ||
| 542 | #alg " Algorithm forbidden in FIPS mode"); | ||
| 543 | |||
| 544 | #ifdef OPENSSL_FIPS_STRICT | ||
| 545 | #define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg) | ||
| 546 | #else | ||
| 547 | #define FIPS_BAD_ALGORITHM(alg) \ | ||
| 548 | { \ | ||
| 549 | FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \ | ||
| 550 | ERR_add_error_data(2, "Algorithm=", #alg); \ | ||
| 551 | return 0; \ | ||
| 552 | } | ||
| 553 | #endif | ||
| 554 | |||
| 555 | /* Low level digest API blocking macro */ | ||
| 556 | |||
| 557 | #define FIPS_NON_FIPS_MD_Init(alg) \ | ||
| 558 | int alg##_Init(alg##_CTX *c) \ | ||
| 559 | { \ | ||
| 560 | if (FIPS_mode()) \ | ||
| 561 | FIPS_BAD_ALGORITHM(alg) \ | ||
| 562 | return private_##alg##_Init(c); \ | ||
| 563 | } \ | ||
| 564 | int private_##alg##_Init(alg##_CTX *c) | ||
| 565 | |||
| 566 | /* For ciphers the API often varies from cipher to cipher and each needs to | ||
| 567 | * be treated as a special case. Variable key length ciphers (Blowfish, RC4, | ||
| 568 | * CAST) however are very similar and can use a blocking macro. | ||
| 569 | */ | ||
| 570 | |||
| 571 | #define FIPS_NON_FIPS_VCIPHER_Init(alg) \ | ||
| 572 | void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \ | ||
| 573 | { \ | ||
| 574 | if (FIPS_mode()) \ | ||
| 575 | FIPS_BAD_ABORT(alg) \ | ||
| 576 | private_##alg##_set_key(key, len, data); \ | ||
| 577 | } \ | ||
| 578 | void private_##alg##_set_key(alg##_KEY *key, int len, \ | ||
| 579 | const unsigned char *data) | ||
| 580 | |||
| 581 | #else | ||
| 582 | |||
| 583 | #define FIPS_NON_FIPS_VCIPHER_Init(alg) \ | ||
| 584 | void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) | ||
| 585 | |||
| 586 | #define FIPS_NON_FIPS_MD_Init(alg) \ | ||
| 587 | int alg##_Init(alg##_CTX *c) | ||
| 588 | |||
| 589 | #endif /* def OPENSSL_FIPS */ | ||
| 524 | 590 | ||
| 525 | /* BEGIN ERROR CODES */ | 591 | /* BEGIN ERROR CODES */ |
| 526 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 592 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
| @@ -528,6 +594,9 @@ unsigned long *OPENSSL_ia32cap_loc(void); | |||
| 528 | */ | 594 | */ |
| 529 | void ERR_load_CRYPTO_strings(void); | 595 | void ERR_load_CRYPTO_strings(void); |
| 530 | 596 | ||
| 597 | #define OPENSSL_HAVE_INIT 1 | ||
| 598 | void OPENSSL_init(void); | ||
| 599 | |||
| 531 | /* Error codes for the CRYPTO functions. */ | 600 | /* Error codes for the CRYPTO functions. */ |
| 532 | 601 | ||
| 533 | /* Function codes. */ | 602 | /* Function codes. */ |
diff --git a/src/lib/libssl/src/crypto/des/Makefile b/src/lib/libssl/src/crypto/des/Makefile index 523dfe38f2..786e68802e 100644 --- a/src/lib/libssl/src/crypto/des/Makefile +++ b/src/lib/libssl/src/crypto/des/Makefile | |||
| @@ -24,7 +24,7 @@ TEST=destest.c | |||
| 24 | APPS= | 24 | APPS= |
| 25 | 25 | ||
| 26 | LIB=$(TOP)/libcrypto.a | 26 | LIB=$(TOP)/libcrypto.a |
| 27 | LIBSRC= cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \ | 27 | LIBSRC= des_lib.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \ |
| 28 | ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c \ | 28 | ecb3_enc.c ecb_enc.c enc_read.c enc_writ.c \ |
| 29 | fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c \ | 29 | fcrypt.c ofb64enc.c ofb_enc.c pcbc_enc.c \ |
| 30 | qud_cksm.c rand_key.c rpc_enc.c set_key.c \ | 30 | qud_cksm.c rand_key.c rpc_enc.c set_key.c \ |
| @@ -33,7 +33,7 @@ LIBSRC= cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \ | |||
| 33 | str2key.c cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \ | 33 | str2key.c cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \ |
| 34 | read2pwd.c | 34 | read2pwd.c |
| 35 | 35 | ||
| 36 | LIBOBJ= set_key.o ecb_enc.o cbc_enc.o \ | 36 | LIBOBJ= des_lib.o set_key.o ecb_enc.o cbc_enc.o \ |
| 37 | ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o \ | 37 | ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o \ |
| 38 | enc_read.o enc_writ.o ofb64enc.o \ | 38 | enc_read.o enc_writ.o ofb64enc.o \ |
| 39 | ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o \ | 39 | ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o \ |
| @@ -54,7 +54,7 @@ top: | |||
| 54 | all: lib | 54 | all: lib |
| 55 | 55 | ||
| 56 | lib: $(LIBOBJ) | 56 | lib: $(LIBOBJ) |
| 57 | $(AR) $(LIB) $(LIBOBJ) | 57 | $(ARX) $(LIB) $(LIBOBJ) |
| 58 | $(RANLIB) $(LIB) || echo Never mind. | 58 | $(RANLIB) $(LIB) || echo Never mind. |
| 59 | @touch lib | 59 | @touch lib |
| 60 | 60 | ||
| @@ -157,6 +157,13 @@ des_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | |||
| 157 | des_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 157 | des_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 158 | des_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 158 | des_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 159 | des_enc.o: des_enc.c des_locl.h ncbc_enc.c | 159 | des_enc.o: des_enc.c des_locl.h ncbc_enc.c |
| 160 | des_lib.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | ||
| 161 | des_lib.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | ||
| 162 | des_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | ||
| 163 | des_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 164 | des_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 165 | des_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
| 166 | des_lib.o: ../../include/openssl/ui_compat.h des_lib.c des_locl.h des_ver.h | ||
| 160 | des_old.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 167 | des_old.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 161 | des_old.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 168 | des_old.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h |
| 162 | des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 169 | des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| @@ -175,14 +182,12 @@ ecb3_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | |||
| 175 | ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 182 | ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 176 | ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 183 | ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 177 | ecb3_enc.o: des_locl.h ecb3_enc.c | 184 | ecb3_enc.o: des_locl.h ecb3_enc.c |
| 178 | ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | ||
| 179 | ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 185 | ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 180 | ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 186 | ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h |
| 181 | ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 187 | ecb_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 182 | ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 188 | ecb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 183 | ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 189 | ecb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 184 | ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c | 190 | ecb_enc.o: des_locl.h ecb_enc.c spr.h |
| 185 | ecb_enc.o: spr.h | ||
| 186 | ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 191 | ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 187 | ede_cbcm_enc.o: ../../include/openssl/e_os2.h | 192 | ede_cbcm_enc.o: ../../include/openssl/e_os2.h |
| 188 | ede_cbcm_enc.o: ../../include/openssl/opensslconf.h | 193 | ede_cbcm_enc.o: ../../include/openssl/opensslconf.h |
| @@ -272,11 +277,11 @@ rpc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | |||
| 272 | rpc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 277 | rpc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 273 | rpc_enc.o: des_locl.h des_ver.h rpc_des.h rpc_enc.c | 278 | rpc_enc.o: des_locl.h des_ver.h rpc_des.h rpc_enc.c |
| 274 | set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 279 | set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 275 | set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 280 | set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h |
| 276 | set_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 281 | set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/ossl_typ.h |
| 277 | set_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 282 | set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 278 | set_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 283 | set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 279 | set_key.o: des_locl.h set_key.c | 284 | set_key.o: ../../include/openssl/ui_compat.h des_locl.h set_key.c |
| 280 | str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | 285 | str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h |
| 281 | str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h | 286 | str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h |
| 282 | str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 287 | str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
diff --git a/src/lib/libssl/src/crypto/des/des_enc.c b/src/lib/libssl/src/crypto/des/des_enc.c index 1c37ab96d3..cf71965aca 100644 --- a/src/lib/libssl/src/crypto/des/des_enc.c +++ b/src/lib/libssl/src/crypto/des/des_enc.c | |||
| @@ -289,6 +289,8 @@ void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1, | |||
| 289 | 289 | ||
| 290 | #ifndef DES_DEFAULT_OPTIONS | 290 | #ifndef DES_DEFAULT_OPTIONS |
| 291 | 291 | ||
| 292 | #if !defined(OPENSSL_FIPS_DES_ASM) | ||
| 293 | |||
| 292 | #undef CBC_ENC_C__DONT_UPDATE_IV | 294 | #undef CBC_ENC_C__DONT_UPDATE_IV |
| 293 | #include "ncbc_enc.c" /* DES_ncbc_encrypt */ | 295 | #include "ncbc_enc.c" /* DES_ncbc_encrypt */ |
| 294 | 296 | ||
| @@ -404,4 +406,6 @@ void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output, | |||
| 404 | tin[0]=tin[1]=0; | 406 | tin[0]=tin[1]=0; |
| 405 | } | 407 | } |
| 406 | 408 | ||
| 409 | #endif | ||
| 410 | |||
| 407 | #endif /* DES_DEFAULT_OPTIONS */ | 411 | #endif /* DES_DEFAULT_OPTIONS */ |
diff --git a/src/lib/libssl/src/crypto/des/des_lib.c b/src/lib/libssl/src/crypto/des/des_lib.c new file mode 100644 index 0000000000..d4b3047932 --- /dev/null +++ b/src/lib/libssl/src/crypto/des/des_lib.c | |||
| @@ -0,0 +1,106 @@ | |||
| 1 | /* crypto/des/ecb_enc.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include "des_locl.h" | ||
| 60 | #include "des_ver.h" | ||
| 61 | #include <openssl/opensslv.h> | ||
| 62 | #include <openssl/bio.h> | ||
| 63 | |||
| 64 | OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT; | ||
| 65 | OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT; | ||
| 66 | |||
| 67 | const char *DES_options(void) | ||
| 68 | { | ||
| 69 | static int init=1; | ||
| 70 | static char buf[32]; | ||
| 71 | |||
| 72 | if (init) | ||
| 73 | { | ||
| 74 | const char *ptr,*unroll,*risc,*size; | ||
| 75 | |||
| 76 | #ifdef DES_PTR | ||
| 77 | ptr="ptr"; | ||
| 78 | #else | ||
| 79 | ptr="idx"; | ||
| 80 | #endif | ||
| 81 | #if defined(DES_RISC1) || defined(DES_RISC2) | ||
| 82 | #ifdef DES_RISC1 | ||
| 83 | risc="risc1"; | ||
| 84 | #endif | ||
| 85 | #ifdef DES_RISC2 | ||
| 86 | risc="risc2"; | ||
| 87 | #endif | ||
| 88 | #else | ||
| 89 | risc="cisc"; | ||
| 90 | #endif | ||
| 91 | #ifdef DES_UNROLL | ||
| 92 | unroll="16"; | ||
| 93 | #else | ||
| 94 | unroll="4"; | ||
| 95 | #endif | ||
| 96 | if (sizeof(DES_LONG) != sizeof(long)) | ||
| 97 | size="int"; | ||
| 98 | else | ||
| 99 | size="long"; | ||
| 100 | BIO_snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll, | ||
| 101 | size); | ||
| 102 | init=0; | ||
| 103 | } | ||
| 104 | return(buf); | ||
| 105 | } | ||
| 106 | |||
diff --git a/src/lib/libssl/src/crypto/des/ecb_enc.c b/src/lib/libssl/src/crypto/des/ecb_enc.c index 00d5b91e8c..75ae6cf8bb 100644 --- a/src/lib/libssl/src/crypto/des/ecb_enc.c +++ b/src/lib/libssl/src/crypto/des/ecb_enc.c | |||
| @@ -57,54 +57,7 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include "des_locl.h" | 59 | #include "des_locl.h" |
| 60 | #include "des_ver.h" | ||
| 61 | #include "spr.h" | 60 | #include "spr.h" |
| 62 | #include <openssl/opensslv.h> | ||
| 63 | #include <openssl/bio.h> | ||
| 64 | |||
| 65 | OPENSSL_GLOBAL const char libdes_version[]="libdes" OPENSSL_VERSION_PTEXT; | ||
| 66 | OPENSSL_GLOBAL const char DES_version[]="DES" OPENSSL_VERSION_PTEXT; | ||
| 67 | |||
| 68 | const char *DES_options(void) | ||
| 69 | { | ||
| 70 | static int init=1; | ||
| 71 | static char buf[32]; | ||
| 72 | |||
| 73 | if (init) | ||
| 74 | { | ||
| 75 | const char *ptr,*unroll,*risc,*size; | ||
| 76 | |||
| 77 | #ifdef DES_PTR | ||
| 78 | ptr="ptr"; | ||
| 79 | #else | ||
| 80 | ptr="idx"; | ||
| 81 | #endif | ||
| 82 | #if defined(DES_RISC1) || defined(DES_RISC2) | ||
| 83 | #ifdef DES_RISC1 | ||
| 84 | risc="risc1"; | ||
| 85 | #endif | ||
| 86 | #ifdef DES_RISC2 | ||
| 87 | risc="risc2"; | ||
| 88 | #endif | ||
| 89 | #else | ||
| 90 | risc="cisc"; | ||
| 91 | #endif | ||
| 92 | #ifdef DES_UNROLL | ||
| 93 | unroll="16"; | ||
| 94 | #else | ||
| 95 | unroll="4"; | ||
| 96 | #endif | ||
| 97 | if (sizeof(DES_LONG) != sizeof(long)) | ||
| 98 | size="int"; | ||
| 99 | else | ||
| 100 | size="long"; | ||
| 101 | BIO_snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll, | ||
| 102 | size); | ||
| 103 | init=0; | ||
| 104 | } | ||
| 105 | return(buf); | ||
| 106 | } | ||
| 107 | |||
| 108 | 61 | ||
| 109 | void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, | 62 | void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, |
| 110 | DES_key_schedule *ks, int enc) | 63 | DES_key_schedule *ks, int enc) |
diff --git a/src/lib/libssl/src/crypto/des/enc_read.c b/src/lib/libssl/src/crypto/des/enc_read.c index c70fb686b8..e7da2ec66b 100644 --- a/src/lib/libssl/src/crypto/des/enc_read.c +++ b/src/lib/libssl/src/crypto/des/enc_read.c | |||
| @@ -147,7 +147,11 @@ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched, | |||
| 147 | /* first - get the length */ | 147 | /* first - get the length */ |
| 148 | while (net_num < HDRSIZE) | 148 | while (net_num < HDRSIZE) |
| 149 | { | 149 | { |
| 150 | #ifndef _WIN32 | ||
| 150 | i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num); | 151 | i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num); |
| 152 | #else | ||
| 153 | i=_read(fd,(void *)&(net[net_num]),HDRSIZE-net_num); | ||
| 154 | #endif | ||
| 151 | #ifdef EINTR | 155 | #ifdef EINTR |
| 152 | if ((i == -1) && (errno == EINTR)) continue; | 156 | if ((i == -1) && (errno == EINTR)) continue; |
| 153 | #endif | 157 | #endif |
diff --git a/src/lib/libssl/src/crypto/des/enc_writ.c b/src/lib/libssl/src/crypto/des/enc_writ.c index af5b8c2349..c2f032c9a6 100644 --- a/src/lib/libssl/src/crypto/des/enc_writ.c +++ b/src/lib/libssl/src/crypto/des/enc_writ.c | |||
| @@ -153,7 +153,11 @@ int DES_enc_write(int fd, const void *_buf, int len, | |||
| 153 | { | 153 | { |
| 154 | /* eay 26/08/92 I was not doing writing from where we | 154 | /* eay 26/08/92 I was not doing writing from where we |
| 155 | * got up to. */ | 155 | * got up to. */ |
| 156 | #ifndef _WIN32 | ||
| 156 | i=write(fd,(void *)&(outbuf[j]),outnum-j); | 157 | i=write(fd,(void *)&(outbuf[j]),outnum-j); |
| 158 | #else | ||
| 159 | i=_write(fd,(void *)&(outbuf[j]),outnum-j); | ||
| 160 | #endif | ||
| 157 | if (i == -1) | 161 | if (i == -1) |
| 158 | { | 162 | { |
| 159 | #ifdef EINTR | 163 | #ifdef EINTR |
diff --git a/src/lib/libssl/src/crypto/des/set_key.c b/src/lib/libssl/src/crypto/des/set_key.c index a43ef3c881..c0806d593c 100644 --- a/src/lib/libssl/src/crypto/des/set_key.c +++ b/src/lib/libssl/src/crypto/des/set_key.c | |||
| @@ -64,6 +64,10 @@ | |||
| 64 | * 1.0 First working version | 64 | * 1.0 First working version |
| 65 | */ | 65 | */ |
| 66 | #include "des_locl.h" | 66 | #include "des_locl.h" |
| 67 | #ifdef OPENSSL_FIPS | ||
| 68 | #include <openssl/fips.h> | ||
| 69 | #endif | ||
| 70 | |||
| 67 | 71 | ||
| 68 | OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key); /* defaults to false */ | 72 | OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key); /* defaults to false */ |
| 69 | 73 | ||
| @@ -349,6 +353,10 @@ void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule) | |||
| 349 | k = &schedule->ks->deslong[0]; | 353 | k = &schedule->ks->deslong[0]; |
| 350 | in = &(*key)[0]; | 354 | in = &(*key)[0]; |
| 351 | 355 | ||
| 356 | #ifdef OPENSSL_FIPS | ||
| 357 | FIPS_selftest_check(); | ||
| 358 | #endif | ||
| 359 | |||
| 352 | c2l(in,c); | 360 | c2l(in,c); |
| 353 | c2l(in,d); | 361 | c2l(in,d); |
| 354 | 362 | ||
| @@ -405,3 +413,4 @@ void des_fixup_key_parity(des_cblock *key) | |||
| 405 | des_set_odd_parity(key); | 413 | des_set_odd_parity(key); |
| 406 | } | 414 | } |
| 407 | */ | 415 | */ |
| 416 | |||
diff --git a/src/lib/libssl/src/crypto/dh/Makefile b/src/lib/libssl/src/crypto/dh/Makefile index d368e33b4c..d01fa960eb 100644 --- a/src/lib/libssl/src/crypto/dh/Makefile +++ b/src/lib/libssl/src/crypto/dh/Makefile | |||
| @@ -33,7 +33,7 @@ top: | |||
| 33 | all: lib | 33 | all: lib |
| 34 | 34 | ||
| 35 | lib: $(LIBOBJ) | 35 | lib: $(LIBOBJ) |
| 36 | $(AR) $(LIB) $(LIBOBJ) | 36 | $(ARX) $(LIB) $(LIBOBJ) |
| 37 | $(RANLIB) $(LIB) || echo Never mind. | 37 | $(RANLIB) $(LIB) || echo Never mind. |
| 38 | @touch lib | 38 | @touch lib |
| 39 | 39 | ||
| @@ -123,11 +123,17 @@ dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | |||
| 123 | dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 123 | dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| 124 | dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 124 | dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 125 | dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c | 125 | dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c |
| 126 | dh_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h | 126 | dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 127 | dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 127 | dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 128 | dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h | 128 | dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h |
| 129 | dh_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 130 | dh_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 129 | dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 131 | dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 130 | dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 132 | dh_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 133 | dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 134 | dh_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
| 131 | dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 135 | dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 132 | dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 136 | dh_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 133 | dh_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_lib.c | 137 | dh_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 138 | dh_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 139 | dh_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dh_lib.c | ||
diff --git a/src/lib/libssl/src/crypto/dh/dh.h b/src/lib/libssl/src/crypto/dh/dh.h index ccdf35ae1c..10475ac4b3 100644 --- a/src/lib/libssl/src/crypto/dh/dh.h +++ b/src/lib/libssl/src/crypto/dh/dh.h | |||
| @@ -77,6 +77,8 @@ | |||
| 77 | # define OPENSSL_DH_MAX_MODULUS_BITS 10000 | 77 | # define OPENSSL_DH_MAX_MODULUS_BITS 10000 |
| 78 | #endif | 78 | #endif |
| 79 | 79 | ||
| 80 | #define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024 | ||
| 81 | |||
| 80 | #define DH_FLAG_CACHE_MONT_P 0x01 | 82 | #define DH_FLAG_CACHE_MONT_P 0x01 |
| 81 | #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH | 83 | #define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH |
| 82 | * implementation now uses constant time | 84 | * implementation now uses constant time |
| @@ -167,6 +169,11 @@ struct dh_st | |||
| 167 | 169 | ||
| 168 | const DH_METHOD *DH_OpenSSL(void); | 170 | const DH_METHOD *DH_OpenSSL(void); |
| 169 | 171 | ||
| 172 | #ifdef OPENSSL_FIPS | ||
| 173 | DH * FIPS_dh_new(void); | ||
| 174 | void FIPS_dh_free(DH *dh); | ||
| 175 | #endif | ||
| 176 | |||
| 170 | void DH_set_default_method(const DH_METHOD *meth); | 177 | void DH_set_default_method(const DH_METHOD *meth); |
| 171 | const DH_METHOD *DH_get_default_method(void); | 178 | const DH_METHOD *DH_get_default_method(void); |
| 172 | int DH_set_method(DH *dh, const DH_METHOD *meth); | 179 | int DH_set_method(DH *dh, const DH_METHOD *meth); |
| @@ -218,6 +225,9 @@ void ERR_load_DH_strings(void); | |||
| 218 | #define DH_F_DHPARAMS_PRINT 100 | 225 | #define DH_F_DHPARAMS_PRINT 100 |
| 219 | #define DH_F_DHPARAMS_PRINT_FP 101 | 226 | #define DH_F_DHPARAMS_PRINT_FP 101 |
| 220 | #define DH_F_DH_BUILTIN_GENPARAMS 106 | 227 | #define DH_F_DH_BUILTIN_GENPARAMS 106 |
| 228 | #define DH_F_DH_COMPUTE_KEY 107 | ||
| 229 | #define DH_F_DH_GENERATE_KEY 108 | ||
| 230 | #define DH_F_DH_GENERATE_PARAMETERS 109 | ||
| 221 | #define DH_F_DH_NEW_METHOD 105 | 231 | #define DH_F_DH_NEW_METHOD 105 |
| 222 | #define DH_F_GENERATE_KEY 103 | 232 | #define DH_F_GENERATE_KEY 103 |
| 223 | #define DH_F_GENERATE_PARAMETERS 104 | 233 | #define DH_F_GENERATE_PARAMETERS 104 |
| @@ -225,6 +235,7 @@ void ERR_load_DH_strings(void); | |||
| 225 | /* Reason codes. */ | 235 | /* Reason codes. */ |
| 226 | #define DH_R_BAD_GENERATOR 101 | 236 | #define DH_R_BAD_GENERATOR 101 |
| 227 | #define DH_R_INVALID_PUBKEY 102 | 237 | #define DH_R_INVALID_PUBKEY 102 |
| 238 | #define DH_R_KEY_SIZE_TOO_SMALL 104 | ||
| 228 | #define DH_R_MODULUS_TOO_LARGE 103 | 239 | #define DH_R_MODULUS_TOO_LARGE 103 |
| 229 | #define DH_R_NO_PRIVATE_VALUE 100 | 240 | #define DH_R_NO_PRIVATE_VALUE 100 |
| 230 | 241 | ||
diff --git a/src/lib/libssl/src/crypto/dh/dh_asn1.c b/src/lib/libssl/src/crypto/dh/dh_asn1.c index 769b5b68c5..76740af2bd 100644 --- a/src/lib/libssl/src/crypto/dh/dh_asn1.c +++ b/src/lib/libssl/src/crypto/dh/dh_asn1.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* dh_asn1.c */ | 1 | /* dh_asn1.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/dh/dh_check.c b/src/lib/libssl/src/crypto/dh/dh_check.c index b846913004..316cb9221d 100644 --- a/src/lib/libssl/src/crypto/dh/dh_check.c +++ b/src/lib/libssl/src/crypto/dh/dh_check.c | |||
| @@ -70,6 +70,8 @@ | |||
| 70 | * should hold. | 70 | * should hold. |
| 71 | */ | 71 | */ |
| 72 | 72 | ||
| 73 | #ifndef OPENSSL_FIPS | ||
| 74 | |||
| 73 | int DH_check(const DH *dh, int *ret) | 75 | int DH_check(const DH *dh, int *ret) |
| 74 | { | 76 | { |
| 75 | int ok=0; | 77 | int ok=0; |
| @@ -140,3 +142,5 @@ err: | |||
| 140 | if (q != NULL) BN_free(q); | 142 | if (q != NULL) BN_free(q); |
| 141 | return(ok); | 143 | return(ok); |
| 142 | } | 144 | } |
| 145 | |||
| 146 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/dh/dh_err.c b/src/lib/libssl/src/crypto/dh/dh_err.c index a2d8196ecb..13263c81c1 100644 --- a/src/lib/libssl/src/crypto/dh/dh_err.c +++ b/src/lib/libssl/src/crypto/dh/dh_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/dh/dh_err.c */ | 1 | /* crypto/dh/dh_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -74,6 +74,9 @@ static ERR_STRING_DATA DH_str_functs[]= | |||
| 74 | {ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"}, | 74 | {ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"}, |
| 75 | {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, | 75 | {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, |
| 76 | {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, | 76 | {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, |
| 77 | {ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"}, | ||
| 78 | {ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"}, | ||
| 79 | {ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"}, | ||
| 77 | {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, | 80 | {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, |
| 78 | {ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"}, | 81 | {ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"}, |
| 79 | {ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"}, | 82 | {ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"}, |
| @@ -84,6 +87,7 @@ static ERR_STRING_DATA DH_str_reasons[]= | |||
| 84 | { | 87 | { |
| 85 | {ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"}, | 88 | {ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"}, |
| 86 | {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, | 89 | {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, |
| 90 | {ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, | ||
| 87 | {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, | 91 | {ERR_REASON(DH_R_MODULUS_TOO_LARGE) ,"modulus too large"}, |
| 88 | {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, | 92 | {ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, |
| 89 | {0,NULL} | 93 | {0,NULL} |
diff --git a/src/lib/libssl/src/crypto/dh/dh_gen.c b/src/lib/libssl/src/crypto/dh/dh_gen.c index cfd5b11868..999e1deb40 100644 --- a/src/lib/libssl/src/crypto/dh/dh_gen.c +++ b/src/lib/libssl/src/crypto/dh/dh_gen.c | |||
| @@ -66,6 +66,8 @@ | |||
| 66 | #include <openssl/bn.h> | 66 | #include <openssl/bn.h> |
| 67 | #include <openssl/dh.h> | 67 | #include <openssl/dh.h> |
| 68 | 68 | ||
| 69 | #ifndef OPENSSL_FIPS | ||
| 70 | |||
| 69 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); | 71 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); |
| 70 | 72 | ||
| 71 | int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) | 73 | int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) |
| @@ -173,3 +175,5 @@ err: | |||
| 173 | } | 175 | } |
| 174 | return ok; | 176 | return ok; |
| 175 | } | 177 | } |
| 178 | |||
| 179 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/dh/dh_key.c b/src/lib/libssl/src/crypto/dh/dh_key.c index e7db440342..79dd331863 100644 --- a/src/lib/libssl/src/crypto/dh/dh_key.c +++ b/src/lib/libssl/src/crypto/dh/dh_key.c | |||
| @@ -62,6 +62,8 @@ | |||
| 62 | #include <openssl/rand.h> | 62 | #include <openssl/rand.h> |
| 63 | #include <openssl/dh.h> | 63 | #include <openssl/dh.h> |
| 64 | 64 | ||
| 65 | #ifndef OPENSSL_FIPS | ||
| 66 | |||
| 65 | static int generate_key(DH *dh); | 67 | static int generate_key(DH *dh); |
| 66 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); | 68 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); |
| 67 | static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, | 69 | static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, |
| @@ -261,3 +263,5 @@ static int dh_finish(DH *dh) | |||
| 261 | BN_MONT_CTX_free(dh->method_mont_p); | 263 | BN_MONT_CTX_free(dh->method_mont_p); |
| 262 | return(1); | 264 | return(1); |
| 263 | } | 265 | } |
| 266 | |||
| 267 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/dsa/Makefile b/src/lib/libssl/src/crypto/dsa/Makefile index 676baf7d49..2cc45cdc62 100644 --- a/src/lib/libssl/src/crypto/dsa/Makefile +++ b/src/lib/libssl/src/crypto/dsa/Makefile | |||
| @@ -18,9 +18,9 @@ APPS= | |||
| 18 | 18 | ||
| 19 | LIB=$(TOP)/libcrypto.a | 19 | LIB=$(TOP)/libcrypto.a |
| 20 | LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \ | 20 | LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \ |
| 21 | dsa_err.c dsa_ossl.c dsa_depr.c | 21 | dsa_err.c dsa_ossl.c dsa_depr.c dsa_utl.c |
| 22 | LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \ | 22 | LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \ |
| 23 | dsa_err.o dsa_ossl.o dsa_depr.o | 23 | dsa_err.o dsa_ossl.o dsa_depr.o dsa_utl.o |
| 24 | 24 | ||
| 25 | SRC= $(LIBSRC) | 25 | SRC= $(LIBSRC) |
| 26 | 26 | ||
| @@ -35,7 +35,7 @@ top: | |||
| 35 | all: lib | 35 | all: lib |
| 36 | 36 | ||
| 37 | lib: $(LIBOBJ) | 37 | lib: $(LIBOBJ) |
| 38 | $(AR) $(LIB) $(LIBOBJ) | 38 | $(ARX) $(LIB) $(LIBOBJ) |
| 39 | $(RANLIB) $(LIB) || echo Never mind. | 39 | $(RANLIB) $(LIB) || echo Never mind. |
| 40 | @touch lib | 40 | @touch lib |
| 41 | 41 | ||
| @@ -78,9 +78,10 @@ clean: | |||
| 78 | 78 | ||
| 79 | dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h | 79 | dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h |
| 80 | dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 80 | dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 81 | dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 81 | dsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 82 | dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 82 | dsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h |
| 83 | dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 83 | dsa_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 84 | dsa_asn1.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 84 | dsa_asn1.o: ../../include/openssl/opensslconf.h | 85 | dsa_asn1.o: ../../include/openssl/opensslconf.h |
| 85 | dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 86 | dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 86 | dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 87 | dsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| @@ -90,8 +91,9 @@ dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | |||
| 90 | dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 91 | dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 91 | dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 92 | dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 92 | dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 93 | dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 93 | dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 94 | dsa_depr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 94 | dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 95 | dsa_depr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 96 | dsa_depr.o: ../../include/openssl/opensslconf.h | ||
| 95 | dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 97 | dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 96 | dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 98 | dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 97 | dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 99 | dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -108,12 +110,13 @@ dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | |||
| 108 | dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 110 | dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 109 | dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 111 | dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 110 | dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 112 | dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 111 | dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 113 | dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 112 | dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 114 | dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 113 | dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 115 | dsa_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 114 | dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 116 | dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| 115 | dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 117 | dsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 116 | dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c | 118 | dsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 119 | dsa_gen.o: ../cryptlib.h dsa_gen.c | ||
| 117 | dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h | 120 | dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 118 | dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 121 | dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 119 | dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 122 | dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| @@ -126,12 +129,17 @@ dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h | |||
| 126 | dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 129 | dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 127 | dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 130 | dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 128 | dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 131 | dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h |
| 129 | dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 132 | dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 130 | dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 133 | dsa_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 131 | dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 134 | dsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 132 | dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 135 | dsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 133 | dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 136 | dsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 134 | dsa_lib.o: ../cryptlib.h dsa_lib.c | 137 | dsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 138 | dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 139 | dsa_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | ||
| 140 | dsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 141 | dsa_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 142 | dsa_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dsa_lib.c | ||
| 135 | dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h | 143 | dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h |
| 136 | dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 144 | dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 137 | dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 145 | dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| @@ -146,19 +154,34 @@ dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h | |||
| 146 | dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 154 | dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 147 | dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 155 | dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 148 | dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 156 | dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 149 | dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 157 | dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/fips.h |
| 150 | dsa_sign.o: ../../include/openssl/opensslconf.h | 158 | dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| 151 | dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 159 | dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 152 | dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 160 | dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 153 | dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 161 | dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 154 | dsa_sign.o: ../cryptlib.h dsa_sign.c | 162 | dsa_sign.o: ../cryptlib.h dsa_sign.c |
| 163 | dsa_utl.o: ../../e_os.h ../../include/openssl/asn1.h | ||
| 164 | dsa_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
| 165 | dsa_utl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
| 166 | dsa_utl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
| 167 | dsa_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 168 | dsa_utl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 169 | dsa_utl.o: ../../include/openssl/engine.h ../../include/openssl/err.h | ||
| 170 | dsa_utl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 171 | dsa_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 172 | dsa_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
| 173 | dsa_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 174 | dsa_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | ||
| 175 | dsa_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 176 | dsa_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 177 | dsa_utl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h dsa_utl.c | ||
| 155 | dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h | 178 | dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h |
| 156 | dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h | 179 | dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h |
| 157 | dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 180 | dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 158 | dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h | 181 | dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h |
| 159 | dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 182 | dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 160 | dsa_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 183 | dsa_vrf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 161 | dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 184 | dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 162 | dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 185 | dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| 163 | dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 186 | dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 164 | dsa_vrf.o: ../cryptlib.h dsa_vrf.c | 187 | dsa_vrf.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_vrf.c |
diff --git a/src/lib/libssl/src/crypto/dsa/dsa.h b/src/lib/libssl/src/crypto/dsa/dsa.h index 3a8fe5b56b..702c50d6dc 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa.h +++ b/src/lib/libssl/src/crypto/dsa/dsa.h | |||
| @@ -88,6 +88,8 @@ | |||
| 88 | # define OPENSSL_DSA_MAX_MODULUS_BITS 10000 | 88 | # define OPENSSL_DSA_MAX_MODULUS_BITS 10000 |
| 89 | #endif | 89 | #endif |
| 90 | 90 | ||
| 91 | #define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024 | ||
| 92 | |||
| 91 | #define DSA_FLAG_CACHE_MONT_P 0x01 | 93 | #define DSA_FLAG_CACHE_MONT_P 0x01 |
| 92 | #define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA | 94 | #define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA |
| 93 | * implementation now uses constant time | 95 | * implementation now uses constant time |
| @@ -97,6 +99,25 @@ | |||
| 97 | * be used for all exponents. | 99 | * be used for all exponents. |
| 98 | */ | 100 | */ |
| 99 | 101 | ||
| 102 | /* If this flag is set the DSA method is FIPS compliant and can be used | ||
| 103 | * in FIPS mode. This is set in the validated module method. If an | ||
| 104 | * application sets this flag in its own methods it is its reposibility | ||
| 105 | * to ensure the result is compliant. | ||
| 106 | */ | ||
| 107 | |||
| 108 | #define DSA_FLAG_FIPS_METHOD 0x0400 | ||
| 109 | |||
| 110 | /* If this flag is set the operations normally disabled in FIPS mode are | ||
| 111 | * permitted it is then the applications responsibility to ensure that the | ||
| 112 | * usage is compliant. | ||
| 113 | */ | ||
| 114 | |||
| 115 | #define DSA_FLAG_NON_FIPS_ALLOW 0x0400 | ||
| 116 | |||
| 117 | #ifdef OPENSSL_FIPS | ||
| 118 | #define FIPS_DSA_SIZE_T int | ||
| 119 | #endif | ||
| 120 | |||
| 100 | #ifdef __cplusplus | 121 | #ifdef __cplusplus |
| 101 | extern "C" { | 122 | extern "C" { |
| 102 | #endif | 123 | #endif |
| @@ -189,6 +210,11 @@ void DSA_set_default_method(const DSA_METHOD *); | |||
| 189 | const DSA_METHOD *DSA_get_default_method(void); | 210 | const DSA_METHOD *DSA_get_default_method(void); |
| 190 | int DSA_set_method(DSA *dsa, const DSA_METHOD *); | 211 | int DSA_set_method(DSA *dsa, const DSA_METHOD *); |
| 191 | 212 | ||
| 213 | #ifdef OPENSSL_FIPS | ||
| 214 | DSA * FIPS_dsa_new(void); | ||
| 215 | void FIPS_dsa_free (DSA *r); | ||
| 216 | #endif | ||
| 217 | |||
| 192 | DSA * DSA_new(void); | 218 | DSA * DSA_new(void); |
| 193 | DSA * DSA_new_method(ENGINE *engine); | 219 | DSA * DSA_new_method(ENGINE *engine); |
| 194 | void DSA_free (DSA *r); | 220 | void DSA_free (DSA *r); |
| @@ -249,6 +275,11 @@ int DSA_print_fp(FILE *bp, const DSA *x, int off); | |||
| 249 | DH *DSA_dup_DH(const DSA *r); | 275 | DH *DSA_dup_DH(const DSA *r); |
| 250 | #endif | 276 | #endif |
| 251 | 277 | ||
| 278 | #ifdef OPENSSL_FIPS | ||
| 279 | int FIPS_dsa_sig_encode(unsigned char *out, DSA_SIG *sig); | ||
| 280 | int FIPS_dsa_sig_decode(DSA_SIG *sig, const unsigned char *in, int inlen); | ||
| 281 | #endif | ||
| 282 | |||
| 252 | /* BEGIN ERROR CODES */ | 283 | /* BEGIN ERROR CODES */ |
| 253 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 284 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
| 254 | * made after this point may be overwritten when the script is next run. | 285 | * made after this point may be overwritten when the script is next run. |
| @@ -261,11 +292,16 @@ void ERR_load_DSA_strings(void); | |||
| 261 | #define DSA_F_D2I_DSA_SIG 110 | 292 | #define DSA_F_D2I_DSA_SIG 110 |
| 262 | #define DSA_F_DSAPARAMS_PRINT 100 | 293 | #define DSA_F_DSAPARAMS_PRINT 100 |
| 263 | #define DSA_F_DSAPARAMS_PRINT_FP 101 | 294 | #define DSA_F_DSAPARAMS_PRINT_FP 101 |
| 295 | #define DSA_F_DSA_BUILTIN_KEYGEN 119 | ||
| 296 | #define DSA_F_DSA_BUILTIN_PARAMGEN 118 | ||
| 264 | #define DSA_F_DSA_DO_SIGN 112 | 297 | #define DSA_F_DSA_DO_SIGN 112 |
| 265 | #define DSA_F_DSA_DO_VERIFY 113 | 298 | #define DSA_F_DSA_DO_VERIFY 113 |
| 299 | #define DSA_F_DSA_GENERATE_PARAMETERS 117 | ||
| 266 | #define DSA_F_DSA_NEW_METHOD 103 | 300 | #define DSA_F_DSA_NEW_METHOD 103 |
| 267 | #define DSA_F_DSA_PRINT 104 | 301 | #define DSA_F_DSA_PRINT 104 |
| 268 | #define DSA_F_DSA_PRINT_FP 105 | 302 | #define DSA_F_DSA_PRINT_FP 105 |
| 303 | #define DSA_F_DSA_SET_DEFAULT_METHOD 115 | ||
| 304 | #define DSA_F_DSA_SET_METHOD 116 | ||
| 269 | #define DSA_F_DSA_SIGN 106 | 305 | #define DSA_F_DSA_SIGN 106 |
| 270 | #define DSA_F_DSA_SIGN_SETUP 107 | 306 | #define DSA_F_DSA_SIGN_SETUP 107 |
| 271 | #define DSA_F_DSA_SIG_NEW 109 | 307 | #define DSA_F_DSA_SIG_NEW 109 |
| @@ -276,8 +312,11 @@ void ERR_load_DSA_strings(void); | |||
| 276 | /* Reason codes. */ | 312 | /* Reason codes. */ |
| 277 | #define DSA_R_BAD_Q_VALUE 102 | 313 | #define DSA_R_BAD_Q_VALUE 102 |
| 278 | #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 | 314 | #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 |
| 315 | #define DSA_R_KEY_SIZE_TOO_SMALL 106 | ||
| 279 | #define DSA_R_MISSING_PARAMETERS 101 | 316 | #define DSA_R_MISSING_PARAMETERS 101 |
| 280 | #define DSA_R_MODULUS_TOO_LARGE 103 | 317 | #define DSA_R_MODULUS_TOO_LARGE 103 |
| 318 | #define DSA_R_NON_FIPS_METHOD 104 | ||
| 319 | #define DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 105 | ||
| 281 | 320 | ||
| 282 | #ifdef __cplusplus | 321 | #ifdef __cplusplus |
| 283 | } | 322 | } |
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_asn1.c b/src/lib/libssl/src/crypto/dsa/dsa_asn1.c index 23fce555aa..0645facb4b 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_asn1.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_asn1.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* dsa_asn1.c */ | 1 | /* dsa_asn1.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -61,6 +61,11 @@ | |||
| 61 | #include <openssl/dsa.h> | 61 | #include <openssl/dsa.h> |
| 62 | #include <openssl/asn1.h> | 62 | #include <openssl/asn1.h> |
| 63 | #include <openssl/asn1t.h> | 63 | #include <openssl/asn1t.h> |
| 64 | #include <openssl/bn.h> | ||
| 65 | #ifdef OPENSSL_FIPS | ||
| 66 | #include <openssl/fips.h> | ||
| 67 | #endif | ||
| 68 | |||
| 64 | 69 | ||
| 65 | /* Override the default new methods */ | 70 | /* Override the default new methods */ |
| 66 | static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) | 71 | static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) |
| @@ -83,7 +88,7 @@ ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { | |||
| 83 | ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) | 88 | ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) |
| 84 | } ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) | 89 | } ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG) |
| 85 | 90 | ||
| 86 | IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) | 91 | IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG,DSA_SIG,DSA_SIG) |
| 87 | 92 | ||
| 88 | /* Override the default free and new methods */ | 93 | /* Override the default free and new methods */ |
| 89 | static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) | 94 | static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) |
| @@ -138,3 +143,76 @@ ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { | |||
| 138 | } ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params) | 143 | } ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params) |
| 139 | 144 | ||
| 140 | IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) | 145 | IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) |
| 146 | |||
| 147 | int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, | ||
| 148 | unsigned int *siglen, DSA *dsa) | ||
| 149 | { | ||
| 150 | DSA_SIG *s; | ||
| 151 | #ifdef OPENSSL_FIPS | ||
| 152 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | ||
| 153 | { | ||
| 154 | DSAerr(DSA_F_DSA_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
| 155 | return 0; | ||
| 156 | } | ||
| 157 | #endif | ||
| 158 | s=DSA_do_sign(dgst,dlen,dsa); | ||
| 159 | if (s == NULL) | ||
| 160 | { | ||
| 161 | *siglen=0; | ||
| 162 | return(0); | ||
| 163 | } | ||
| 164 | *siglen=i2d_DSA_SIG(s,&sig); | ||
| 165 | DSA_SIG_free(s); | ||
| 166 | return(1); | ||
| 167 | } | ||
| 168 | |||
| 169 | int DSA_size(const DSA *r) | ||
| 170 | { | ||
| 171 | int ret,i; | ||
| 172 | ASN1_INTEGER bs; | ||
| 173 | unsigned char buf[4]; /* 4 bytes looks really small. | ||
| 174 | However, i2d_ASN1_INTEGER() will not look | ||
| 175 | beyond the first byte, as long as the second | ||
| 176 | parameter is NULL. */ | ||
| 177 | |||
| 178 | i=BN_num_bits(r->q); | ||
| 179 | bs.length=(i+7)/8; | ||
| 180 | bs.data=buf; | ||
| 181 | bs.type=V_ASN1_INTEGER; | ||
| 182 | /* If the top bit is set the asn1 encoding is 1 larger. */ | ||
| 183 | buf[0]=0xff; | ||
| 184 | |||
| 185 | i=i2d_ASN1_INTEGER(&bs,NULL); | ||
| 186 | i+=i; /* r and s */ | ||
| 187 | ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); | ||
| 188 | return(ret); | ||
| 189 | } | ||
| 190 | |||
| 191 | /* data has already been hashed (probably with SHA or SHA-1). */ | ||
| 192 | /* returns | ||
| 193 | * 1: correct signature | ||
| 194 | * 0: incorrect signature | ||
| 195 | * -1: error | ||
| 196 | */ | ||
| 197 | int DSA_verify(int type, const unsigned char *dgst, int dgst_len, | ||
| 198 | const unsigned char *sigbuf, int siglen, DSA *dsa) | ||
| 199 | { | ||
| 200 | DSA_SIG *s; | ||
| 201 | int ret=-1; | ||
| 202 | #ifdef OPENSSL_FIPS | ||
| 203 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | ||
| 204 | { | ||
| 205 | DSAerr(DSA_F_DSA_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
| 206 | return 0; | ||
| 207 | } | ||
| 208 | #endif | ||
| 209 | |||
| 210 | s = DSA_SIG_new(); | ||
| 211 | if (s == NULL) return(ret); | ||
| 212 | if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; | ||
| 213 | ret=DSA_do_verify(dgst,dgst_len,s,dsa); | ||
| 214 | err: | ||
| 215 | DSA_SIG_free(s); | ||
| 216 | return(ret); | ||
| 217 | } | ||
| 218 | |||
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_err.c b/src/lib/libssl/src/crypto/dsa/dsa_err.c index 768711994b..872839af94 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_err.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/dsa/dsa_err.c */ | 1 | /* crypto/dsa/dsa_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -73,11 +73,16 @@ static ERR_STRING_DATA DSA_str_functs[]= | |||
| 73 | {ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"}, | 73 | {ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"}, |
| 74 | {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"}, | 74 | {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"}, |
| 75 | {ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"}, | 75 | {ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"}, |
| 76 | {ERR_FUNC(DSA_F_DSA_BUILTIN_KEYGEN), "DSA_BUILTIN_KEYGEN"}, | ||
| 77 | {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"}, | ||
| 76 | {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"}, | 78 | {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"}, |
| 77 | {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"}, | 79 | {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"}, |
| 80 | {ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS), "DSA_generate_parameters"}, | ||
| 78 | {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"}, | 81 | {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"}, |
| 79 | {ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"}, | 82 | {ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"}, |
| 80 | {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"}, | 83 | {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"}, |
| 84 | {ERR_FUNC(DSA_F_DSA_SET_DEFAULT_METHOD), "DSA_set_default_method"}, | ||
| 85 | {ERR_FUNC(DSA_F_DSA_SET_METHOD), "DSA_set_method"}, | ||
| 81 | {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"}, | 86 | {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"}, |
| 82 | {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"}, | 87 | {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"}, |
| 83 | {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"}, | 88 | {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"}, |
| @@ -91,8 +96,11 @@ static ERR_STRING_DATA DSA_str_reasons[]= | |||
| 91 | { | 96 | { |
| 92 | {ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"}, | 97 | {ERR_REASON(DSA_R_BAD_Q_VALUE) ,"bad q value"}, |
| 93 | {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"}, | 98 | {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"}, |
| 99 | {ERR_REASON(DSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, | ||
| 94 | {ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"}, | 100 | {ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"}, |
| 95 | {ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, | 101 | {ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, |
| 102 | {ERR_REASON(DSA_R_NON_FIPS_METHOD) ,"non fips method"}, | ||
| 103 | {ERR_REASON(DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"}, | ||
| 96 | {0,NULL} | 104 | {0,NULL} |
| 97 | }; | 105 | }; |
| 98 | 106 | ||
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_gen.c b/src/lib/libssl/src/crypto/dsa/dsa_gen.c index ca0b86a6cf..6f1728e3cf 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_gen.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_gen.c | |||
| @@ -82,6 +82,8 @@ | |||
| 82 | #include <openssl/rand.h> | 82 | #include <openssl/rand.h> |
| 83 | #include <openssl/sha.h> | 83 | #include <openssl/sha.h> |
| 84 | 84 | ||
| 85 | #ifndef OPENSSL_FIPS | ||
| 86 | |||
| 85 | static int dsa_builtin_paramgen(DSA *ret, int bits, | 87 | static int dsa_builtin_paramgen(DSA *ret, int bits, |
| 86 | unsigned char *seed_in, int seed_len, | 88 | unsigned char *seed_in, int seed_len, |
| 87 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); | 89 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); |
| @@ -320,3 +322,4 @@ err: | |||
| 320 | return ok; | 322 | return ok; |
| 321 | } | 323 | } |
| 322 | #endif | 324 | #endif |
| 325 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_key.c b/src/lib/libssl/src/crypto/dsa/dsa_key.c index c4aa86bc6d..5e39124230 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_key.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_key.c | |||
| @@ -64,6 +64,8 @@ | |||
| 64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | 66 | ||
| 67 | #ifndef OPENSSL_FIPS | ||
| 68 | |||
| 67 | static int dsa_builtin_keygen(DSA *dsa); | 69 | static int dsa_builtin_keygen(DSA *dsa); |
| 68 | 70 | ||
| 69 | int DSA_generate_key(DSA *dsa) | 71 | int DSA_generate_key(DSA *dsa) |
| @@ -126,3 +128,5 @@ err: | |||
| 126 | return(ok); | 128 | return(ok); |
| 127 | } | 129 | } |
| 128 | #endif | 130 | #endif |
| 131 | |||
| 132 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_lib.c b/src/lib/libssl/src/crypto/dsa/dsa_lib.c index e9b75902db..7ac9dc8c89 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_lib.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_lib.c | |||
| @@ -76,6 +76,14 @@ static const DSA_METHOD *default_DSA_method = NULL; | |||
| 76 | 76 | ||
| 77 | void DSA_set_default_method(const DSA_METHOD *meth) | 77 | void DSA_set_default_method(const DSA_METHOD *meth) |
| 78 | { | 78 | { |
| 79 | #ifdef OPENSSL_FIPS | ||
| 80 | if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) | ||
| 81 | { | ||
| 82 | DSAerr(DSA_F_DSA_SET_DEFAULT_METHOD, DSA_R_NON_FIPS_METHOD); | ||
| 83 | return; | ||
| 84 | } | ||
| 85 | #endif | ||
| 86 | |||
| 79 | default_DSA_method = meth; | 87 | default_DSA_method = meth; |
| 80 | } | 88 | } |
| 81 | 89 | ||
| @@ -96,6 +104,13 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) | |||
| 96 | /* NB: The caller is specifically setting a method, so it's not up to us | 104 | /* NB: The caller is specifically setting a method, so it's not up to us |
| 97 | * to deal with which ENGINE it comes from. */ | 105 | * to deal with which ENGINE it comes from. */ |
| 98 | const DSA_METHOD *mtmp; | 106 | const DSA_METHOD *mtmp; |
| 107 | #ifdef OPENSSL_FIPS | ||
| 108 | if (FIPS_mode() && !(meth->flags & DSA_FLAG_FIPS_METHOD)) | ||
| 109 | { | ||
| 110 | DSAerr(DSA_F_DSA_SET_METHOD, DSA_R_NON_FIPS_METHOD); | ||
| 111 | return 0; | ||
| 112 | } | ||
| 113 | #endif | ||
| 99 | mtmp = dsa->meth; | 114 | mtmp = dsa->meth; |
| 100 | if (mtmp->finish) mtmp->finish(dsa); | 115 | if (mtmp->finish) mtmp->finish(dsa); |
| 101 | #ifndef OPENSSL_NO_ENGINE | 116 | #ifndef OPENSSL_NO_ENGINE |
| @@ -147,6 +162,18 @@ DSA *DSA_new_method(ENGINE *engine) | |||
| 147 | } | 162 | } |
| 148 | } | 163 | } |
| 149 | #endif | 164 | #endif |
| 165 | #ifdef OPENSSL_FIPS | ||
| 166 | if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)) | ||
| 167 | { | ||
| 168 | DSAerr(DSA_F_DSA_NEW_METHOD, DSA_R_NON_FIPS_METHOD); | ||
| 169 | #ifndef OPENSSL_NO_ENGINE | ||
| 170 | if (ret->engine) | ||
| 171 | ENGINE_finish(ret->engine); | ||
| 172 | #endif | ||
| 173 | OPENSSL_free(ret); | ||
| 174 | return NULL; | ||
| 175 | } | ||
| 176 | #endif | ||
| 150 | 177 | ||
| 151 | ret->pad=0; | 178 | ret->pad=0; |
| 152 | ret->version=0; | 179 | ret->version=0; |
| @@ -233,28 +260,6 @@ int DSA_up_ref(DSA *r) | |||
| 233 | return ((i > 1) ? 1 : 0); | 260 | return ((i > 1) ? 1 : 0); |
| 234 | } | 261 | } |
| 235 | 262 | ||
| 236 | int DSA_size(const DSA *r) | ||
| 237 | { | ||
| 238 | int ret,i; | ||
| 239 | ASN1_INTEGER bs; | ||
| 240 | unsigned char buf[4]; /* 4 bytes looks really small. | ||
| 241 | However, i2d_ASN1_INTEGER() will not look | ||
| 242 | beyond the first byte, as long as the second | ||
| 243 | parameter is NULL. */ | ||
| 244 | |||
| 245 | i=BN_num_bits(r->q); | ||
| 246 | bs.length=(i+7)/8; | ||
| 247 | bs.data=buf; | ||
| 248 | bs.type=V_ASN1_INTEGER; | ||
| 249 | /* If the top bit is set the asn1 encoding is 1 larger. */ | ||
| 250 | buf[0]=0xff; | ||
| 251 | |||
| 252 | i=i2d_ASN1_INTEGER(&bs,NULL); | ||
| 253 | i+=i; /* r and s */ | ||
| 254 | ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); | ||
| 255 | return(ret); | ||
| 256 | } | ||
| 257 | |||
| 258 | int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, | 263 | int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
| 259 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) | 264 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) |
| 260 | { | 265 | { |
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c index 75ff7cc4af..412cf1d88b 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_ossl.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_ossl.c | |||
| @@ -65,6 +65,8 @@ | |||
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | 67 | ||
| 68 | #ifndef OPENSSL_FIPS | ||
| 69 | |||
| 68 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); | 70 | static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); |
| 69 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); | 71 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); |
| 70 | static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | 72 | static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, |
| @@ -391,3 +393,4 @@ static int dsa_finish(DSA *dsa) | |||
| 391 | return(1); | 393 | return(1); |
| 392 | } | 394 | } |
| 393 | 395 | ||
| 396 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_sign.c b/src/lib/libssl/src/crypto/dsa/dsa_sign.c index 89205026f0..4cfbbe57a8 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_sign.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_sign.c | |||
| @@ -64,29 +64,32 @@ | |||
| 64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | #ifdef OPENSSL_FIPS | ||
| 68 | #include <openssl/fips.h> | ||
| 69 | #endif | ||
| 67 | 70 | ||
| 68 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) | ||
| 69 | { | ||
| 70 | return dsa->meth->dsa_do_sign(dgst, dlen, dsa); | ||
| 71 | } | ||
| 72 | 71 | ||
| 73 | int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, | 72 | DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) |
| 74 | unsigned int *siglen, DSA *dsa) | ||
| 75 | { | 73 | { |
| 76 | DSA_SIG *s; | 74 | #ifdef OPENSSL_FIPS |
| 77 | s=DSA_do_sign(dgst,dlen,dsa); | 75 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) |
| 78 | if (s == NULL) | ||
| 79 | { | 76 | { |
| 80 | *siglen=0; | 77 | DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); |
| 81 | return(0); | 78 | return NULL; |
| 82 | } | 79 | } |
| 83 | *siglen=i2d_DSA_SIG(s,&sig); | 80 | #endif |
| 84 | DSA_SIG_free(s); | 81 | return dsa->meth->dsa_do_sign(dgst, dlen, dsa); |
| 85 | return(1); | ||
| 86 | } | 82 | } |
| 87 | 83 | ||
| 88 | int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | 84 | int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) |
| 89 | { | 85 | { |
| 86 | #ifdef OPENSSL_FIPS | ||
| 87 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | ||
| 88 | { | ||
| 89 | DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
| 90 | return 0; | ||
| 91 | } | ||
| 92 | #endif | ||
| 90 | return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); | 93 | return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp); |
| 91 | } | 94 | } |
| 92 | 95 | ||
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_utl.c b/src/lib/libssl/src/crypto/dsa/dsa_utl.c new file mode 100644 index 0000000000..24c021d120 --- /dev/null +++ b/src/lib/libssl/src/crypto/dsa/dsa_utl.c | |||
| @@ -0,0 +1,95 @@ | |||
| 1 | /* crypto/dsa/dsa_lib.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | /* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ | ||
| 60 | |||
| 61 | #include <stdio.h> | ||
| 62 | #include "cryptlib.h" | ||
| 63 | #include <openssl/bn.h> | ||
| 64 | #include <openssl/dsa.h> | ||
| 65 | #include <openssl/asn1.h> | ||
| 66 | #ifndef OPENSSL_NO_ENGINE | ||
| 67 | #include <openssl/engine.h> | ||
| 68 | #endif | ||
| 69 | #ifndef OPENSSL_NO_DH | ||
| 70 | #include <openssl/dh.h> | ||
| 71 | #endif | ||
| 72 | |||
| 73 | DSA_SIG *DSA_SIG_new(void) | ||
| 74 | { | ||
| 75 | DSA_SIG *sig; | ||
| 76 | sig = OPENSSL_malloc(sizeof(DSA_SIG)); | ||
| 77 | if (!sig) | ||
| 78 | return NULL; | ||
| 79 | sig->r = NULL; | ||
| 80 | sig->s = NULL; | ||
| 81 | return sig; | ||
| 82 | } | ||
| 83 | |||
| 84 | void DSA_SIG_free(DSA_SIG *sig) | ||
| 85 | { | ||
| 86 | if (sig) | ||
| 87 | { | ||
| 88 | if (sig->r) | ||
| 89 | BN_free(sig->r); | ||
| 90 | if (sig->s) | ||
| 91 | BN_free(sig->s); | ||
| 92 | OPENSSL_free(sig); | ||
| 93 | } | ||
| 94 | } | ||
| 95 | |||
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_vrf.c b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c index c4aeddd056..c75e423048 100644 --- a/src/lib/libssl/src/crypto/dsa/dsa_vrf.c +++ b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c | |||
| @@ -64,31 +64,21 @@ | |||
| 64 | #include <openssl/dsa.h> | 64 | #include <openssl/dsa.h> |
| 65 | #include <openssl/rand.h> | 65 | #include <openssl/rand.h> |
| 66 | #include <openssl/asn1.h> | 66 | #include <openssl/asn1.h> |
| 67 | #ifdef OPENSSL_FIPS | ||
| 68 | #include <openssl/fips.h> | ||
| 69 | #endif | ||
| 70 | |||
| 67 | #include <openssl/asn1_mac.h> | 71 | #include <openssl/asn1_mac.h> |
| 68 | 72 | ||
| 69 | int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, | 73 | int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, |
| 70 | DSA *dsa) | 74 | DSA *dsa) |
| 71 | { | 75 | { |
| 76 | #ifdef OPENSSL_FIPS | ||
| 77 | if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) | ||
| 78 | { | ||
| 79 | DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
| 80 | return 0; | ||
| 81 | } | ||
| 82 | #endif | ||
| 72 | return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); | 83 | return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa); |
| 73 | } | 84 | } |
| 74 | |||
| 75 | /* data has already been hashed (probably with SHA or SHA-1). */ | ||
| 76 | /* returns | ||
| 77 | * 1: correct signature | ||
| 78 | * 0: incorrect signature | ||
| 79 | * -1: error | ||
| 80 | */ | ||
| 81 | int DSA_verify(int type, const unsigned char *dgst, int dgst_len, | ||
| 82 | const unsigned char *sigbuf, int siglen, DSA *dsa) | ||
| 83 | { | ||
| 84 | DSA_SIG *s; | ||
| 85 | int ret=-1; | ||
| 86 | |||
| 87 | s = DSA_SIG_new(); | ||
| 88 | if (s == NULL) return(ret); | ||
| 89 | if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; | ||
| 90 | ret=DSA_do_verify(dgst,dgst_len,s,dsa); | ||
| 91 | err: | ||
| 92 | DSA_SIG_free(s); | ||
| 93 | return(ret); | ||
| 94 | } | ||
diff --git a/src/lib/libssl/src/crypto/dso/Makefile b/src/lib/libssl/src/crypto/dso/Makefile index 07f5d8d159..52f152888c 100644 --- a/src/lib/libssl/src/crypto/dso/Makefile +++ b/src/lib/libssl/src/crypto/dso/Makefile | |||
| @@ -35,7 +35,7 @@ top: | |||
| 35 | all: lib | 35 | all: lib |
| 36 | 36 | ||
| 37 | lib: $(LIBOBJ) | 37 | lib: $(LIBOBJ) |
| 38 | $(AR) $(LIB) $(LIBOBJ) | 38 | $(ARX) $(LIB) $(LIBOBJ) |
| 39 | $(RANLIB) $(LIB) || echo Never mind. | 39 | $(RANLIB) $(LIB) || echo Never mind. |
| 40 | @touch lib | 40 | @touch lib |
| 41 | 41 | ||
diff --git a/src/lib/libssl/src/crypto/dyn_lck.c b/src/lib/libssl/src/crypto/dyn_lck.c new file mode 100644 index 0000000000..7f82c41264 --- /dev/null +++ b/src/lib/libssl/src/crypto/dyn_lck.c | |||
| @@ -0,0 +1,428 @@ | |||
| 1 | /* crypto/cryptlib.c */ | ||
| 2 | /* ==================================================================== | ||
| 3 | * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. | ||
| 4 | * | ||
| 5 | * Redistribution and use in source and binary forms, with or without | ||
| 6 | * modification, are permitted provided that the following conditions | ||
| 7 | * are met: | ||
| 8 | * | ||
| 9 | * 1. Redistributions of source code must retain the above copyright | ||
| 10 | * notice, this list of conditions and the following disclaimer. | ||
| 11 | * | ||
| 12 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer in | ||
| 14 | * the documentation and/or other materials provided with the | ||
| 15 | * distribution. | ||
| 16 | * | ||
| 17 | * 3. All advertising materials mentioning features or use of this | ||
| 18 | * software must display the following acknowledgment: | ||
| 19 | * "This product includes software developed by the OpenSSL Project | ||
| 20 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 21 | * | ||
| 22 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 23 | * endorse or promote products derived from this software without | ||
| 24 | * prior written permission. For written permission, please contact | ||
| 25 | * openssl-core@openssl.org. | ||
| 26 | * | ||
| 27 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 28 | * nor may "OpenSSL" appear in their names without prior written | ||
| 29 | * permission of the OpenSSL Project. | ||
| 30 | * | ||
| 31 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 32 | * acknowledgment: | ||
| 33 | * "This product includes software developed by the OpenSSL Project | ||
| 34 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 35 | * | ||
| 36 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 37 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 38 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 39 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 40 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 41 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 42 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 43 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 44 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 45 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 46 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 47 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 48 | * ==================================================================== | ||
| 49 | * | ||
| 50 | * This product includes cryptographic software written by Eric Young | ||
| 51 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 52 | * Hudson (tjh@cryptsoft.com). | ||
| 53 | * | ||
| 54 | */ | ||
| 55 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 56 | * All rights reserved. | ||
| 57 | * | ||
| 58 | * This package is an SSL implementation written | ||
| 59 | * by Eric Young (eay@cryptsoft.com). | ||
| 60 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 61 | * | ||
| 62 | * This library is free for commercial and non-commercial use as long as | ||
| 63 | * the following conditions are aheared to. The following conditions | ||
| 64 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 65 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 66 | * included with this distribution is covered by the same copyright terms | ||
| 67 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 68 | * | ||
| 69 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 70 | * the code are not to be removed. | ||
| 71 | * If this package is used in a product, Eric Young should be given attribution | ||
| 72 | * as the author of the parts of the library used. | ||
| 73 | * This can be in the form of a textual message at program startup or | ||
| 74 | * in documentation (online or textual) provided with the package. | ||
| 75 | * | ||
| 76 | * Redistribution and use in source and binary forms, with or without | ||
| 77 | * modification, are permitted provided that the following conditions | ||
| 78 | * are met: | ||
| 79 | * 1. Redistributions of source code must retain the copyright | ||
| 80 | * notice, this list of conditions and the following disclaimer. | ||
| 81 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 82 | * notice, this list of conditions and the following disclaimer in the | ||
| 83 | * documentation and/or other materials provided with the distribution. | ||
| 84 | * 3. All advertising materials mentioning features or use of this software | ||
| 85 | * must display the following acknowledgement: | ||
| 86 | * "This product includes cryptographic software written by | ||
| 87 | * Eric Young (eay@cryptsoft.com)" | ||
| 88 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 89 | * being used are not cryptographic related :-). | ||
| 90 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 91 | * the apps directory (application code) you must include an acknowledgement: | ||
| 92 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 93 | * | ||
| 94 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 95 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 96 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 97 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 98 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 99 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 100 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 101 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 102 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 103 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 104 | * SUCH DAMAGE. | ||
| 105 | * | ||
| 106 | * The licence and distribution terms for any publically available version or | ||
| 107 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 108 | * copied and put under another distribution licence | ||
| 109 | * [including the GNU Public Licence.] | ||
| 110 | */ | ||
| 111 | /* ==================================================================== | ||
| 112 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | ||
| 113 | * ECDH support in OpenSSL originally developed by | ||
| 114 | * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. | ||
| 115 | */ | ||
| 116 | |||
| 117 | #include "cryptlib.h" | ||
| 118 | #include <openssl/safestack.h> | ||
| 119 | |||
| 120 | #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) | ||
| 121 | static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */ | ||
| 122 | #endif | ||
| 123 | |||
| 124 | DECLARE_STACK_OF(CRYPTO_dynlock) | ||
| 125 | IMPLEMENT_STACK_OF(CRYPTO_dynlock) | ||
| 126 | |||
| 127 | /* real #defines in crypto.h, keep these upto date */ | ||
| 128 | static const char* const lock_names[CRYPTO_NUM_LOCKS] = | ||
| 129 | { | ||
| 130 | "<<ERROR>>", | ||
| 131 | "err", | ||
| 132 | "ex_data", | ||
| 133 | "x509", | ||
| 134 | "x509_info", | ||
| 135 | "x509_pkey", | ||
| 136 | "x509_crl", | ||
| 137 | "x509_req", | ||
| 138 | "dsa", | ||
| 139 | "rsa", | ||
| 140 | "evp_pkey", | ||
| 141 | "x509_store", | ||
| 142 | "ssl_ctx", | ||
| 143 | "ssl_cert", | ||
| 144 | "ssl_session", | ||
| 145 | "ssl_sess_cert", | ||
| 146 | "ssl", | ||
| 147 | "ssl_method", | ||
| 148 | "rand", | ||
| 149 | "rand2", | ||
| 150 | "debug_malloc", | ||
| 151 | "BIO", | ||
| 152 | "gethostbyname", | ||
| 153 | "getservbyname", | ||
| 154 | "readdir", | ||
| 155 | "RSA_blinding", | ||
| 156 | "dh", | ||
| 157 | "debug_malloc2", | ||
| 158 | "dso", | ||
| 159 | "dynlock", | ||
| 160 | "engine", | ||
| 161 | "ui", | ||
| 162 | "ecdsa", | ||
| 163 | "ec", | ||
| 164 | "ecdh", | ||
| 165 | "bn", | ||
| 166 | "ec_pre_comp", | ||
| 167 | "store", | ||
| 168 | "comp", | ||
| 169 | #ifndef OPENSSL_FIPS | ||
| 170 | # if CRYPTO_NUM_LOCKS != 39 | ||
| 171 | # error "Inconsistency between crypto.h and cryptlib.c" | ||
| 172 | # endif | ||
| 173 | #else | ||
| 174 | "fips", | ||
| 175 | "fips2", | ||
| 176 | # if CRYPTO_NUM_LOCKS != 41 | ||
| 177 | # error "Inconsistency between crypto.h and cryptlib.c" | ||
| 178 | # endif | ||
| 179 | #endif | ||
| 180 | }; | ||
| 181 | |||
| 182 | /* This is for applications to allocate new type names in the non-dynamic | ||
| 183 | array of lock names. These are numbered with positive numbers. */ | ||
| 184 | static STACK *app_locks=NULL; | ||
| 185 | |||
| 186 | /* For applications that want a more dynamic way of handling threads, the | ||
| 187 | following stack is used. These are externally numbered with negative | ||
| 188 | numbers. */ | ||
| 189 | static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL; | ||
| 190 | |||
| 191 | |||
| 192 | static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback) | ||
| 193 | (const char *file,int line)=NULL; | ||
| 194 | static void (MS_FAR *dynlock_lock_callback)(int mode, | ||
| 195 | struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL; | ||
| 196 | static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l, | ||
| 197 | const char *file,int line)=NULL; | ||
| 198 | |||
| 199 | int CRYPTO_get_new_lockid(char *name) | ||
| 200 | { | ||
| 201 | char *str; | ||
| 202 | int i; | ||
| 203 | |||
| 204 | #if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) | ||
| 205 | /* A hack to make Visual C++ 5.0 work correctly when linking as | ||
| 206 | * a DLL using /MT. Without this, the application cannot use | ||
| 207 | * and floating point printf's. | ||
| 208 | * It also seems to be needed for Visual C 1.5 (win16) */ | ||
| 209 | SSLeay_MSVC5_hack=(double)name[0]*(double)name[1]; | ||
| 210 | #endif | ||
| 211 | |||
| 212 | if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL)) | ||
| 213 | { | ||
| 214 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); | ||
| 215 | return(0); | ||
| 216 | } | ||
| 217 | if ((str=BUF_strdup(name)) == NULL) | ||
| 218 | { | ||
| 219 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); | ||
| 220 | return(0); | ||
| 221 | } | ||
| 222 | i=sk_push(app_locks,str); | ||
| 223 | if (!i) | ||
| 224 | OPENSSL_free(str); | ||
| 225 | else | ||
| 226 | i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */ | ||
| 227 | return(i); | ||
| 228 | } | ||
| 229 | |||
| 230 | int CRYPTO_get_new_dynlockid(void) | ||
| 231 | { | ||
| 232 | int i = 0; | ||
| 233 | CRYPTO_dynlock *pointer = NULL; | ||
| 234 | |||
| 235 | if (dynlock_create_callback == NULL) | ||
| 236 | { | ||
| 237 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK); | ||
| 238 | return(0); | ||
| 239 | } | ||
| 240 | CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); | ||
| 241 | if ((dyn_locks == NULL) | ||
| 242 | && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL)) | ||
| 243 | { | ||
| 244 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 245 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); | ||
| 246 | return(0); | ||
| 247 | } | ||
| 248 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 249 | |||
| 250 | pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock)); | ||
| 251 | if (pointer == NULL) | ||
| 252 | { | ||
| 253 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); | ||
| 254 | return(0); | ||
| 255 | } | ||
| 256 | pointer->references = 1; | ||
| 257 | pointer->data = dynlock_create_callback(__FILE__,__LINE__); | ||
| 258 | if (pointer->data == NULL) | ||
| 259 | { | ||
| 260 | OPENSSL_free(pointer); | ||
| 261 | CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); | ||
| 262 | return(0); | ||
| 263 | } | ||
| 264 | |||
| 265 | CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); | ||
| 266 | /* First, try to find an existing empty slot */ | ||
| 267 | i=sk_CRYPTO_dynlock_find(dyn_locks,NULL); | ||
| 268 | /* If there was none, push, thereby creating a new one */ | ||
| 269 | if (i == -1) | ||
| 270 | /* Since sk_push() returns the number of items on the | ||
| 271 | stack, not the location of the pushed item, we need | ||
| 272 | to transform the returned number into a position, | ||
| 273 | by decreasing it. */ | ||
| 274 | i=sk_CRYPTO_dynlock_push(dyn_locks,pointer) - 1; | ||
| 275 | else | ||
| 276 | /* If we found a place with a NULL pointer, put our pointer | ||
| 277 | in it. */ | ||
| 278 | (void)sk_CRYPTO_dynlock_set(dyn_locks,i,pointer); | ||
| 279 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 280 | |||
| 281 | if (i == -1) | ||
| 282 | { | ||
| 283 | dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); | ||
| 284 | OPENSSL_free(pointer); | ||
| 285 | } | ||
| 286 | else | ||
| 287 | i += 1; /* to avoid 0 */ | ||
| 288 | return -i; | ||
| 289 | } | ||
| 290 | |||
| 291 | void CRYPTO_destroy_dynlockid(int i) | ||
| 292 | { | ||
| 293 | CRYPTO_dynlock *pointer = NULL; | ||
| 294 | if (i) | ||
| 295 | i = -i-1; | ||
| 296 | if (dynlock_destroy_callback == NULL) | ||
| 297 | return; | ||
| 298 | |||
| 299 | CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); | ||
| 300 | |||
| 301 | if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks)) | ||
| 302 | { | ||
| 303 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 304 | return; | ||
| 305 | } | ||
| 306 | pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); | ||
| 307 | if (pointer != NULL) | ||
| 308 | { | ||
| 309 | --pointer->references; | ||
| 310 | #ifdef REF_CHECK | ||
| 311 | if (pointer->references < 0) | ||
| 312 | { | ||
| 313 | fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n"); | ||
| 314 | abort(); | ||
| 315 | } | ||
| 316 | else | ||
| 317 | #endif | ||
| 318 | if (pointer->references <= 0) | ||
| 319 | { | ||
| 320 | (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL); | ||
| 321 | } | ||
| 322 | else | ||
| 323 | pointer = NULL; | ||
| 324 | } | ||
| 325 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 326 | |||
| 327 | if (pointer) | ||
| 328 | { | ||
| 329 | dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); | ||
| 330 | OPENSSL_free(pointer); | ||
| 331 | } | ||
| 332 | } | ||
| 333 | |||
| 334 | struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i) | ||
| 335 | { | ||
| 336 | CRYPTO_dynlock *pointer = NULL; | ||
| 337 | if (i) | ||
| 338 | i = -i-1; | ||
| 339 | |||
| 340 | CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); | ||
| 341 | |||
| 342 | if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks)) | ||
| 343 | pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); | ||
| 344 | if (pointer) | ||
| 345 | pointer->references++; | ||
| 346 | |||
| 347 | CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); | ||
| 348 | |||
| 349 | if (pointer) | ||
| 350 | return pointer->data; | ||
| 351 | return NULL; | ||
| 352 | } | ||
| 353 | |||
| 354 | struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void)) | ||
| 355 | (const char *file,int line) | ||
| 356 | { | ||
| 357 | return(dynlock_create_callback); | ||
| 358 | } | ||
| 359 | |||
| 360 | void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, | ||
| 361 | struct CRYPTO_dynlock_value *l, const char *file,int line) | ||
| 362 | { | ||
| 363 | return(dynlock_lock_callback); | ||
| 364 | } | ||
| 365 | |||
| 366 | void (*CRYPTO_get_dynlock_destroy_callback(void)) | ||
| 367 | (struct CRYPTO_dynlock_value *l, const char *file,int line) | ||
| 368 | { | ||
| 369 | return(dynlock_destroy_callback); | ||
| 370 | } | ||
| 371 | |||
| 372 | void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func) | ||
| 373 | (const char *file, int line)) | ||
| 374 | { | ||
| 375 | dynlock_create_callback=func; | ||
| 376 | } | ||
| 377 | |||
| 378 | static void do_dynlock(int mode, int type, const char *file, int line) | ||
| 379 | { | ||
| 380 | if (dynlock_lock_callback != NULL) | ||
| 381 | { | ||
| 382 | struct CRYPTO_dynlock_value *pointer | ||
| 383 | = CRYPTO_get_dynlock_value(type); | ||
| 384 | |||
| 385 | OPENSSL_assert(pointer != NULL); | ||
| 386 | |||
| 387 | dynlock_lock_callback(mode, pointer, file, line); | ||
| 388 | |||
| 389 | CRYPTO_destroy_dynlockid(type); | ||
| 390 | } | ||
| 391 | } | ||
| 392 | |||
| 393 | void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode, | ||
| 394 | struct CRYPTO_dynlock_value *l, const char *file, int line)) | ||
| 395 | { | ||
| 396 | /* Set callback so CRYPTO_lock() can now handle dynamic locks. | ||
| 397 | * This is OK because at this point and application shouldn't be using | ||
| 398 | * OpenSSL from multiple threads because it is setting up the locking | ||
| 399 | * callbacks. | ||
| 400 | */ | ||
| 401 | static int done = 0; | ||
| 402 | if (!done) | ||
| 403 | { | ||
| 404 | int_CRYPTO_set_do_dynlock_callback(do_dynlock); | ||
| 405 | done = 1; | ||
| 406 | } | ||
| 407 | |||
| 408 | dynlock_lock_callback=func; | ||
| 409 | } | ||
| 410 | |||
| 411 | void CRYPTO_set_dynlock_destroy_callback(void (*func) | ||
| 412 | (struct CRYPTO_dynlock_value *l, const char *file, int line)) | ||
| 413 | { | ||
| 414 | dynlock_destroy_callback=func; | ||
| 415 | } | ||
| 416 | |||
| 417 | const char *CRYPTO_get_lock_name(int type) | ||
| 418 | { | ||
| 419 | if (type < 0) | ||
| 420 | return("dynamic"); | ||
| 421 | else if (type < CRYPTO_NUM_LOCKS) | ||
| 422 | return(lock_names[type]); | ||
| 423 | else if (type-CRYPTO_NUM_LOCKS > sk_num(app_locks)) | ||
| 424 | return("ERROR"); | ||
| 425 | else | ||
| 426 | return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); | ||
| 427 | } | ||
| 428 | |||
diff --git a/src/lib/libssl/src/crypto/ec/Makefile b/src/lib/libssl/src/crypto/ec/Makefile index 42f7bb7fc8..b5bbc9faa1 100644 --- a/src/lib/libssl/src/crypto/ec/Makefile +++ b/src/lib/libssl/src/crypto/ec/Makefile | |||
| @@ -38,7 +38,7 @@ top: | |||
| 38 | all: lib | 38 | all: lib |
| 39 | 39 | ||
| 40 | lib: $(LIBOBJ) | 40 | lib: $(LIBOBJ) |
| 41 | $(AR) $(LIB) $(LIBOBJ) | 41 | $(ARX) $(LIB) $(LIBOBJ) |
| 42 | $(RANLIB) $(LIB) || echo Never mind. | 42 | $(RANLIB) $(LIB) || echo Never mind. |
| 43 | @touch lib | 43 | @touch lib |
| 44 | 44 | ||
diff --git a/src/lib/libssl/src/crypto/engine/Makefile b/src/lib/libssl/src/crypto/engine/Makefile index 13f211a0ae..0cc3722089 100644 --- a/src/lib/libssl/src/crypto/engine/Makefile +++ b/src/lib/libssl/src/crypto/engine/Makefile | |||
| @@ -41,7 +41,7 @@ top: | |||
| 41 | all: lib | 41 | all: lib |
| 42 | 42 | ||
| 43 | lib: $(LIBOBJ) | 43 | lib: $(LIBOBJ) |
| 44 | $(AR) $(LIB) $(LIBOBJ) | 44 | $(ARX) $(LIB) $(LIBOBJ) |
| 45 | $(RANLIB) $(LIB) || echo Never mind. | 45 | $(RANLIB) $(LIB) || echo Never mind. |
| 46 | @touch lib | 46 | @touch lib |
| 47 | 47 | ||
| @@ -82,88 +82,146 @@ clean: | |||
| 82 | 82 | ||
| 83 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 83 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 84 | 84 | ||
| 85 | eng_all.o: ../../e_os.h ../../include/openssl/bio.h | 85 | eng_all.o: ../../e_os.h ../../include/openssl/asn1.h |
| 86 | eng_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 86 | eng_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 87 | eng_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 87 | eng_all.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 88 | eng_all.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 88 | eng_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 89 | eng_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 90 | eng_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 91 | eng_all.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 92 | eng_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 89 | eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 93 | eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 90 | eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 94 | eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 95 | eng_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 91 | eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 96 | eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 97 | eng_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
| 92 | eng_all.o: ../cryptlib.h eng_all.c eng_int.h | 98 | eng_all.o: ../cryptlib.h eng_all.c eng_int.h |
| 93 | eng_cnf.o: ../../e_os.h ../../include/openssl/bio.h | 99 | eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h |
| 94 | eng_cnf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 100 | eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 95 | eng_cnf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 101 | eng_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 102 | eng_cnf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 103 | eng_cnf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 96 | eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 104 | eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 97 | eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 105 | eng_cnf.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 106 | eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 107 | eng_cnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
| 98 | eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 108 | eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 99 | eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 109 | eng_cnf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 100 | eng_cnf.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_cnf.c eng_int.h | 110 | eng_cnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 111 | eng_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 112 | eng_cnf.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_cnf.c eng_int.h | ||
| 101 | eng_cryptodev.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 113 | eng_cryptodev.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 102 | eng_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | 114 | eng_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 103 | eng_cryptodev.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 115 | eng_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 104 | eng_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/obj_mac.h | 116 | eng_cryptodev.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 117 | eng_cryptodev.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 118 | eng_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 119 | eng_cryptodev.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 105 | eng_cryptodev.o: ../../include/openssl/objects.h | 120 | eng_cryptodev.o: ../../include/openssl/objects.h |
| 106 | eng_cryptodev.o: ../../include/openssl/opensslconf.h | 121 | eng_cryptodev.o: ../../include/openssl/opensslconf.h |
| 107 | eng_cryptodev.o: ../../include/openssl/opensslv.h | 122 | eng_cryptodev.o: ../../include/openssl/opensslv.h |
| 108 | eng_cryptodev.o: ../../include/openssl/ossl_typ.h | 123 | eng_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 109 | eng_cryptodev.o: ../../include/openssl/safestack.h | 124 | eng_cryptodev.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 110 | eng_cryptodev.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 125 | eng_cryptodev.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 126 | eng_cryptodev.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
| 111 | eng_cryptodev.o: eng_cryptodev.c | 127 | eng_cryptodev.o: eng_cryptodev.c |
| 112 | eng_ctrl.o: ../../e_os.h ../../include/openssl/bio.h | 128 | eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h |
| 113 | eng_ctrl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 129 | eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 114 | eng_ctrl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 130 | eng_ctrl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 115 | eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 131 | eng_ctrl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 132 | eng_ctrl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 133 | eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 134 | eng_ctrl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 135 | eng_ctrl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 116 | eng_ctrl.o: ../../include/openssl/opensslconf.h | 136 | eng_ctrl.o: ../../include/openssl/opensslconf.h |
| 117 | eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 137 | eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 118 | eng_ctrl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 138 | eng_ctrl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 119 | eng_ctrl.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_ctrl.c eng_int.h | 139 | eng_ctrl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 120 | eng_dyn.o: ../../e_os.h ../../include/openssl/bio.h | 140 | eng_ctrl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 121 | eng_dyn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 141 | eng_ctrl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_ctrl.c eng_int.h |
| 122 | eng_dyn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h | 142 | eng_dyn.o: ../../e_os.h ../../include/openssl/asn1.h |
| 143 | eng_dyn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | ||
| 144 | eng_dyn.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h | ||
| 145 | eng_dyn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 146 | eng_dyn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 123 | eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 147 | eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 124 | eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 148 | eng_dyn.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 149 | eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 150 | eng_dyn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
| 125 | eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 151 | eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 126 | eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 152 | eng_dyn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 127 | eng_dyn.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_dyn.c eng_int.h | 153 | eng_dyn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 128 | eng_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | 154 | eng_dyn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 129 | eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 155 | eng_dyn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_dyn.c eng_int.h |
| 130 | eng_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 156 | eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 131 | eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 157 | eng_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 132 | eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 158 | eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 133 | eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 159 | eng_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 134 | eng_err.o: eng_err.c | 160 | eng_err.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 135 | eng_fat.o: ../../e_os.h ../../include/openssl/bio.h | 161 | eng_err.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 136 | eng_fat.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 162 | eng_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 137 | eng_fat.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 163 | eng_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 164 | eng_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 165 | eng_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | ||
| 166 | eng_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 167 | eng_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 168 | eng_err.o: ../../include/openssl/x509_vfy.h eng_err.c | ||
| 169 | eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h | ||
| 170 | eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | ||
| 171 | eng_fat.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | ||
| 172 | eng_fat.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 173 | eng_fat.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 138 | eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 174 | eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 139 | eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 175 | eng_fat.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 176 | eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 177 | eng_fat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
| 140 | eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 178 | eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 141 | eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 179 | eng_fat.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 142 | eng_fat.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_fat.c eng_int.h | 180 | eng_fat.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 143 | eng_init.o: ../../e_os.h ../../include/openssl/bio.h | 181 | eng_fat.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 144 | eng_init.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 182 | eng_fat.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_fat.c eng_int.h |
| 145 | eng_init.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 183 | eng_init.o: ../../e_os.h ../../include/openssl/asn1.h |
| 146 | eng_init.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 184 | eng_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 185 | eng_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 186 | eng_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 187 | eng_init.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 188 | eng_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 189 | eng_init.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 190 | eng_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 147 | eng_init.o: ../../include/openssl/opensslconf.h | 191 | eng_init.o: ../../include/openssl/opensslconf.h |
| 148 | eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 192 | eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 149 | eng_init.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 193 | eng_init.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 150 | eng_init.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_init.c eng_int.h | 194 | eng_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 151 | eng_lib.o: ../../e_os.h ../../include/openssl/bio.h | 195 | eng_init.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 152 | eng_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 196 | eng_init.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_init.c eng_int.h |
| 153 | eng_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 197 | eng_lib.o: ../../e_os.h ../../include/openssl/asn1.h |
| 154 | eng_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 198 | eng_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 199 | eng_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 200 | eng_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 201 | eng_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 202 | eng_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 203 | eng_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 204 | eng_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 155 | eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 205 | eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 156 | eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 206 | eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 157 | eng_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 207 | eng_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 158 | eng_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_lib.c | 208 | eng_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 159 | eng_list.o: ../../e_os.h ../../include/openssl/bio.h | 209 | eng_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 160 | eng_list.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 210 | eng_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_lib.c |
| 161 | eng_list.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 211 | eng_list.o: ../../e_os.h ../../include/openssl/asn1.h |
| 162 | eng_list.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 212 | eng_list.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 213 | eng_list.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 214 | eng_list.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 215 | eng_list.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 216 | eng_list.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 217 | eng_list.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 218 | eng_list.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 163 | eng_list.o: ../../include/openssl/opensslconf.h | 219 | eng_list.o: ../../include/openssl/opensslconf.h |
| 164 | eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 220 | eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 165 | eng_list.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 221 | eng_list.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 166 | eng_list.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_list.c | 222 | eng_list.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 223 | eng_list.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 224 | eng_list.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_list.c | ||
| 167 | eng_openssl.o: ../../e_os.h ../../include/openssl/asn1.h | 225 | eng_openssl.o: ../../e_os.h ../../include/openssl/asn1.h |
| 168 | eng_openssl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 226 | eng_openssl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 169 | eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | 227 | eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h |
| @@ -171,8 +229,9 @@ eng_openssl.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h | |||
| 171 | eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 229 | eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 172 | eng_openssl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 230 | eng_openssl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 173 | eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 231 | eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 174 | eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 232 | eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 175 | eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 233 | eng_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 234 | eng_openssl.o: ../../include/openssl/objects.h | ||
| 176 | eng_openssl.o: ../../include/openssl/opensslconf.h | 235 | eng_openssl.o: ../../include/openssl/opensslconf.h |
| 177 | eng_openssl.o: ../../include/openssl/opensslv.h | 236 | eng_openssl.o: ../../include/openssl/opensslv.h |
| 178 | eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h | 237 | eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h |
| @@ -183,106 +242,172 @@ eng_openssl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | |||
| 183 | eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 242 | eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 184 | eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c | 243 | eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c |
| 185 | eng_padlock.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | 244 | eng_padlock.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h |
| 186 | eng_padlock.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | 245 | eng_padlock.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 187 | eng_padlock.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h | 246 | eng_padlock.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h |
| 247 | eng_padlock.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 248 | eng_padlock.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 188 | eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 249 | eng_padlock.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 189 | eng_padlock.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 250 | eng_padlock.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 190 | eng_padlock.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 251 | eng_padlock.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 252 | eng_padlock.o: ../../include/openssl/objects.h | ||
| 191 | eng_padlock.o: ../../include/openssl/opensslconf.h | 253 | eng_padlock.o: ../../include/openssl/opensslconf.h |
| 192 | eng_padlock.o: ../../include/openssl/opensslv.h | 254 | eng_padlock.o: ../../include/openssl/opensslv.h |
| 193 | eng_padlock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 255 | eng_padlock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 194 | eng_padlock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 256 | eng_padlock.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 195 | eng_padlock.o: ../../include/openssl/symhacks.h eng_padlock.c | 257 | eng_padlock.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 196 | eng_pkey.o: ../../e_os.h ../../include/openssl/bio.h | 258 | eng_padlock.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 197 | eng_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 259 | eng_padlock.o: ../../include/openssl/x509_vfy.h eng_padlock.c |
| 198 | eng_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 260 | eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h |
| 199 | eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 261 | eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 262 | eng_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 263 | eng_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 264 | eng_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 265 | eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 266 | eng_pkey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 267 | eng_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 200 | eng_pkey.o: ../../include/openssl/opensslconf.h | 268 | eng_pkey.o: ../../include/openssl/opensslconf.h |
| 201 | eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 269 | eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 202 | eng_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 270 | eng_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 203 | eng_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h eng_pkey.c | 271 | eng_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 272 | eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 273 | eng_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_pkey.c | ||
| 204 | eng_table.o: ../../e_os.h ../../include/openssl/asn1.h | 274 | eng_table.o: ../../e_os.h ../../include/openssl/asn1.h |
| 205 | eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 275 | eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 206 | eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 276 | eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 207 | eng_table.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 277 | eng_table.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 208 | eng_table.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 278 | eng_table.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h |
| 279 | eng_table.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 280 | eng_table.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 209 | eng_table.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 281 | eng_table.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 210 | eng_table.o: ../../include/openssl/opensslconf.h | 282 | eng_table.o: ../../include/openssl/opensslconf.h |
| 211 | eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 283 | eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 212 | eng_table.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 284 | eng_table.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 213 | eng_table.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h | 285 | eng_table.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 286 | eng_table.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 287 | eng_table.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h | ||
| 214 | eng_table.o: eng_table.c | 288 | eng_table.o: eng_table.c |
| 215 | tb_cipher.o: ../../e_os.h ../../include/openssl/bio.h | 289 | tb_cipher.o: ../../e_os.h ../../include/openssl/asn1.h |
| 216 | tb_cipher.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 290 | tb_cipher.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 217 | tb_cipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 291 | tb_cipher.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 218 | tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 292 | tb_cipher.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 293 | tb_cipher.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 294 | tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 295 | tb_cipher.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 296 | tb_cipher.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 219 | tb_cipher.o: ../../include/openssl/opensslconf.h | 297 | tb_cipher.o: ../../include/openssl/opensslconf.h |
| 220 | tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 298 | tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 221 | tb_cipher.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 299 | tb_cipher.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 222 | tb_cipher.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h | 300 | tb_cipher.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 301 | tb_cipher.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 302 | tb_cipher.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h | ||
| 223 | tb_cipher.o: tb_cipher.c | 303 | tb_cipher.o: tb_cipher.c |
| 224 | tb_dh.o: ../../e_os.h ../../include/openssl/bio.h | 304 | tb_dh.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 225 | tb_dh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 305 | tb_dh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 226 | tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 306 | tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 227 | tb_dh.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 307 | tb_dh.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 228 | tb_dh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 308 | tb_dh.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 229 | tb_dh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 309 | tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 230 | tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 310 | tb_dh.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 231 | tb_dh.o: ../cryptlib.h eng_int.h tb_dh.c | 311 | tb_dh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 232 | tb_digest.o: ../../e_os.h ../../include/openssl/bio.h | 312 | tb_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 233 | tb_digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 313 | tb_dh.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 234 | tb_digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 314 | tb_dh.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 235 | tb_digest.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 315 | tb_dh.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 316 | tb_dh.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_dh.c | ||
| 317 | tb_digest.o: ../../e_os.h ../../include/openssl/asn1.h | ||
| 318 | tb_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | ||
| 319 | tb_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 320 | tb_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 321 | tb_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 322 | tb_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 323 | tb_digest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 324 | tb_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 236 | tb_digest.o: ../../include/openssl/opensslconf.h | 325 | tb_digest.o: ../../include/openssl/opensslconf.h |
| 237 | tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 326 | tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 238 | tb_digest.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 327 | tb_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 239 | tb_digest.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h | 328 | tb_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 329 | tb_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 330 | tb_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h | ||
| 240 | tb_digest.o: tb_digest.c | 331 | tb_digest.o: tb_digest.c |
| 241 | tb_dsa.o: ../../e_os.h ../../include/openssl/bio.h | 332 | tb_dsa.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 242 | tb_dsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 333 | tb_dsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 243 | tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 334 | tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 244 | tb_dsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 335 | tb_dsa.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 245 | tb_dsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 336 | tb_dsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 246 | tb_dsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 337 | tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 247 | tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 338 | tb_dsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 248 | tb_dsa.o: ../cryptlib.h eng_int.h tb_dsa.c | 339 | tb_dsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 249 | tb_ecdh.o: ../../e_os.h ../../include/openssl/bio.h | 340 | tb_dsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 250 | tb_ecdh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 341 | tb_dsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 251 | tb_ecdh.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 342 | tb_dsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 252 | tb_ecdh.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 343 | tb_dsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 344 | tb_dsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_dsa.c | ||
| 345 | tb_ecdh.o: ../../e_os.h ../../include/openssl/asn1.h | ||
| 346 | tb_ecdh.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | ||
| 347 | tb_ecdh.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 348 | tb_ecdh.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 349 | tb_ecdh.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 350 | tb_ecdh.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 351 | tb_ecdh.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 352 | tb_ecdh.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 253 | tb_ecdh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 353 | tb_ecdh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 254 | tb_ecdh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 354 | tb_ecdh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 355 | tb_ecdh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 255 | tb_ecdh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 356 | tb_ecdh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 357 | tb_ecdh.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
| 256 | tb_ecdh.o: ../cryptlib.h eng_int.h tb_ecdh.c | 358 | tb_ecdh.o: ../cryptlib.h eng_int.h tb_ecdh.c |
| 257 | tb_ecdsa.o: ../../e_os.h ../../include/openssl/bio.h | 359 | tb_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h |
| 258 | tb_ecdsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 360 | tb_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 259 | tb_ecdsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 361 | tb_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 260 | tb_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 362 | tb_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 363 | tb_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 364 | tb_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 365 | tb_ecdsa.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 366 | tb_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 261 | tb_ecdsa.o: ../../include/openssl/opensslconf.h | 367 | tb_ecdsa.o: ../../include/openssl/opensslconf.h |
| 262 | tb_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 368 | tb_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 263 | tb_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 369 | tb_ecdsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 264 | tb_ecdsa.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h tb_ecdsa.c | 370 | tb_ecdsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 265 | tb_rand.o: ../../e_os.h ../../include/openssl/bio.h | 371 | tb_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 266 | tb_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 372 | tb_ecdsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_ecdsa.c |
| 267 | tb_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 373 | tb_rand.o: ../../e_os.h ../../include/openssl/asn1.h |
| 268 | tb_rand.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 374 | tb_rand.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 375 | tb_rand.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 376 | tb_rand.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 377 | tb_rand.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 378 | tb_rand.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 379 | tb_rand.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 380 | tb_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 269 | tb_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 381 | tb_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 270 | tb_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 382 | tb_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 383 | tb_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 271 | tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 384 | tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 385 | tb_rand.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
| 272 | tb_rand.o: ../cryptlib.h eng_int.h tb_rand.c | 386 | tb_rand.o: ../cryptlib.h eng_int.h tb_rand.c |
| 273 | tb_rsa.o: ../../e_os.h ../../include/openssl/bio.h | 387 | tb_rsa.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 274 | tb_rsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 388 | tb_rsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 275 | tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 389 | tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 276 | tb_rsa.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 390 | tb_rsa.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 277 | tb_rsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 391 | tb_rsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 278 | tb_rsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 392 | tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 279 | tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 393 | tb_rsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 280 | tb_rsa.o: ../cryptlib.h eng_int.h tb_rsa.c | 394 | tb_rsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 281 | tb_store.o: ../../e_os.h ../../include/openssl/bio.h | 395 | tb_rsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 282 | tb_store.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 396 | tb_rsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 283 | tb_store.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 397 | tb_rsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 284 | tb_store.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 398 | tb_rsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 399 | tb_rsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_rsa.c | ||
| 400 | tb_store.o: ../../e_os.h ../../include/openssl/asn1.h | ||
| 401 | tb_store.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | ||
| 402 | tb_store.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 403 | tb_store.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 404 | tb_store.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 405 | tb_store.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 406 | tb_store.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 407 | tb_store.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 285 | tb_store.o: ../../include/openssl/opensslconf.h | 408 | tb_store.o: ../../include/openssl/opensslconf.h |
| 286 | tb_store.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 409 | tb_store.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 287 | tb_store.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 410 | tb_store.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 288 | tb_store.o: ../../include/openssl/symhacks.h ../cryptlib.h eng_int.h tb_store.c | 411 | tb_store.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 412 | tb_store.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 413 | tb_store.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_store.c | ||
diff --git a/src/lib/libssl/src/crypto/engine/eng_all.c b/src/lib/libssl/src/crypto/engine/eng_all.c index 8599046717..d29cd57dc2 100644 --- a/src/lib/libssl/src/crypto/engine/eng_all.c +++ b/src/lib/libssl/src/crypto/engine/eng_all.c | |||
| @@ -107,6 +107,9 @@ void ENGINE_load_builtin_engines(void) | |||
| 107 | #if defined(__OpenBSD__) || defined(__FreeBSD__) | 107 | #if defined(__OpenBSD__) || defined(__FreeBSD__) |
| 108 | ENGINE_load_cryptodev(); | 108 | ENGINE_load_cryptodev(); |
| 109 | #endif | 109 | #endif |
| 110 | #if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG) | ||
| 111 | ENGINE_load_capi(); | ||
| 112 | #endif | ||
| 110 | #endif | 113 | #endif |
| 111 | } | 114 | } |
| 112 | 115 | ||
diff --git a/src/lib/libssl/src/crypto/engine/eng_cnf.c b/src/lib/libssl/src/crypto/engine/eng_cnf.c index a97e01e619..08066cea59 100644 --- a/src/lib/libssl/src/crypto/engine/eng_cnf.c +++ b/src/lib/libssl/src/crypto/engine/eng_cnf.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* eng_cnf.c */ | 1 | /* eng_cnf.c */ |
| 2 | /* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -98,6 +98,8 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) | |||
| 98 | CONF_VALUE *ecmd; | 98 | CONF_VALUE *ecmd; |
| 99 | char *ctrlname, *ctrlvalue; | 99 | char *ctrlname, *ctrlvalue; |
| 100 | ENGINE *e = NULL; | 100 | ENGINE *e = NULL; |
| 101 | int soft = 0; | ||
| 102 | |||
| 101 | name = skip_dot(name); | 103 | name = skip_dot(name); |
| 102 | #ifdef ENGINE_CONF_DEBUG | 104 | #ifdef ENGINE_CONF_DEBUG |
| 103 | fprintf(stderr, "Configuring engine %s\n", name); | 105 | fprintf(stderr, "Configuring engine %s\n", name); |
| @@ -125,6 +127,8 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) | |||
| 125 | /* Override engine name to use */ | 127 | /* Override engine name to use */ |
| 126 | if (!strcmp(ctrlname, "engine_id")) | 128 | if (!strcmp(ctrlname, "engine_id")) |
| 127 | name = ctrlvalue; | 129 | name = ctrlvalue; |
| 130 | else if (!strcmp(ctrlname, "soft_load")) | ||
| 131 | soft = 1; | ||
| 128 | /* Load a dynamic ENGINE */ | 132 | /* Load a dynamic ENGINE */ |
| 129 | else if (!strcmp(ctrlname, "dynamic_path")) | 133 | else if (!strcmp(ctrlname, "dynamic_path")) |
| 130 | { | 134 | { |
| @@ -147,6 +151,11 @@ static int int_engine_configure(char *name, char *value, const CONF *cnf) | |||
| 147 | if (!e) | 151 | if (!e) |
| 148 | { | 152 | { |
| 149 | e = ENGINE_by_id(name); | 153 | e = ENGINE_by_id(name); |
| 154 | if (!e && soft) | ||
| 155 | { | ||
| 156 | ERR_clear_error(); | ||
| 157 | return 1; | ||
| 158 | } | ||
| 150 | if (!e) | 159 | if (!e) |
| 151 | return 0; | 160 | return 0; |
| 152 | } | 161 | } |
diff --git a/src/lib/libssl/src/crypto/engine/eng_err.c b/src/lib/libssl/src/crypto/engine/eng_err.c index 369f2e22d3..574ffbb5c0 100644 --- a/src/lib/libssl/src/crypto/engine/eng_err.c +++ b/src/lib/libssl/src/crypto/engine/eng_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/engine/eng_err.c */ | 1 | /* crypto/engine/eng_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -92,6 +92,7 @@ static ERR_STRING_DATA ENGINE_str_functs[]= | |||
| 92 | {ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"}, | 92 | {ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"}, |
| 93 | {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"}, | 93 | {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"}, |
| 94 | {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"}, | 94 | {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"}, |
| 95 | {ERR_FUNC(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT), "ENGINE_load_ssl_client_cert"}, | ||
| 95 | {ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"}, | 96 | {ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"}, |
| 96 | {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"}, | 97 | {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"}, |
| 97 | {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING), "ENGINE_set_default_string"}, | 98 | {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING), "ENGINE_set_default_string"}, |
diff --git a/src/lib/libssl/src/crypto/engine/eng_int.h b/src/lib/libssl/src/crypto/engine/eng_int.h index a5b1edebf4..a66f107a44 100644 --- a/src/lib/libssl/src/crypto/engine/eng_int.h +++ b/src/lib/libssl/src/crypto/engine/eng_int.h | |||
| @@ -170,6 +170,8 @@ struct engine_st | |||
| 170 | ENGINE_LOAD_KEY_PTR load_privkey; | 170 | ENGINE_LOAD_KEY_PTR load_privkey; |
| 171 | ENGINE_LOAD_KEY_PTR load_pubkey; | 171 | ENGINE_LOAD_KEY_PTR load_pubkey; |
| 172 | 172 | ||
| 173 | ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert; | ||
| 174 | |||
| 173 | const ENGINE_CMD_DEFN *cmd_defns; | 175 | const ENGINE_CMD_DEFN *cmd_defns; |
| 174 | int flags; | 176 | int flags; |
| 175 | /* reference count on the structure itself */ | 177 | /* reference count on the structure itself */ |
diff --git a/src/lib/libssl/src/crypto/engine/eng_padlock.c b/src/lib/libssl/src/crypto/engine/eng_padlock.c index 1ba9d85db4..743558ab33 100644 --- a/src/lib/libssl/src/crypto/engine/eng_padlock.c +++ b/src/lib/libssl/src/crypto/engine/eng_padlock.c | |||
| @@ -234,8 +234,8 @@ padlock_bind_fn(ENGINE *e, const char *id) | |||
| 234 | return 1; | 234 | return 1; |
| 235 | } | 235 | } |
| 236 | 236 | ||
| 237 | IMPLEMENT_DYNAMIC_CHECK_FN (); | 237 | IMPLEMENT_DYNAMIC_CHECK_FN () |
| 238 | IMPLEMENT_DYNAMIC_BIND_FN (padlock_bind_fn); | 238 | IMPLEMENT_DYNAMIC_BIND_FN (padlock_bind_fn) |
| 239 | #endif /* DYNAMIC_ENGINE */ | 239 | #endif /* DYNAMIC_ENGINE */ |
| 240 | 240 | ||
| 241 | /* ===== Here comes the "real" engine ===== */ | 241 | /* ===== Here comes the "real" engine ===== */ |
diff --git a/src/lib/libssl/src/crypto/engine/eng_pkey.c b/src/lib/libssl/src/crypto/engine/eng_pkey.c index bc8b21abec..1dfa2e3664 100644 --- a/src/lib/libssl/src/crypto/engine/eng_pkey.c +++ b/src/lib/libssl/src/crypto/engine/eng_pkey.c | |||
| @@ -69,6 +69,13 @@ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f) | |||
| 69 | return 1; | 69 | return 1; |
| 70 | } | 70 | } |
| 71 | 71 | ||
| 72 | int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, | ||
| 73 | ENGINE_SSL_CLIENT_CERT_PTR loadssl_f) | ||
| 74 | { | ||
| 75 | e->load_ssl_client_cert = loadssl_f; | ||
| 76 | return 1; | ||
| 77 | } | ||
| 78 | |||
| 72 | ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e) | 79 | ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e) |
| 73 | { | 80 | { |
| 74 | return e->load_privkey; | 81 | return e->load_privkey; |
| @@ -79,6 +86,11 @@ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e) | |||
| 79 | return e->load_pubkey; | 86 | return e->load_pubkey; |
| 80 | } | 87 | } |
| 81 | 88 | ||
| 89 | ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e) | ||
| 90 | { | ||
| 91 | return e->load_ssl_client_cert; | ||
| 92 | } | ||
| 93 | |||
| 82 | /* API functions to load public/private keys */ | 94 | /* API functions to load public/private keys */ |
| 83 | 95 | ||
| 84 | EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, | 96 | EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, |
| @@ -152,3 +164,33 @@ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, | |||
| 152 | } | 164 | } |
| 153 | return pkey; | 165 | return pkey; |
| 154 | } | 166 | } |
| 167 | |||
| 168 | int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, | ||
| 169 | STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey, | ||
| 170 | STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data) | ||
| 171 | { | ||
| 172 | |||
| 173 | if(e == NULL) | ||
| 174 | { | ||
| 175 | ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, | ||
| 176 | ERR_R_PASSED_NULL_PARAMETER); | ||
| 177 | return 0; | ||
| 178 | } | ||
| 179 | CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); | ||
| 180 | if(e->funct_ref == 0) | ||
| 181 | { | ||
| 182 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); | ||
| 183 | ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, | ||
| 184 | ENGINE_R_NOT_INITIALISED); | ||
| 185 | return 0; | ||
| 186 | } | ||
| 187 | CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); | ||
| 188 | if (!e->load_ssl_client_cert) | ||
| 189 | { | ||
| 190 | ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT, | ||
| 191 | ENGINE_R_NO_LOAD_FUNCTION); | ||
| 192 | return 0; | ||
| 193 | } | ||
| 194 | return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother, | ||
| 195 | ui_method, callback_data); | ||
| 196 | } | ||
diff --git a/src/lib/libssl/src/crypto/engine/engine.h b/src/lib/libssl/src/crypto/engine/engine.h index 3ec59338ff..f503595ece 100644 --- a/src/lib/libssl/src/crypto/engine/engine.h +++ b/src/lib/libssl/src/crypto/engine/engine.h | |||
| @@ -93,6 +93,8 @@ | |||
| 93 | #include <openssl/err.h> | 93 | #include <openssl/err.h> |
| 94 | #endif | 94 | #endif |
| 95 | 95 | ||
| 96 | #include <openssl/x509.h> | ||
| 97 | |||
| 96 | #include <openssl/ossl_typ.h> | 98 | #include <openssl/ossl_typ.h> |
| 97 | #include <openssl/symhacks.h> | 99 | #include <openssl/symhacks.h> |
| 98 | 100 | ||
| @@ -278,6 +280,9 @@ typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *, void (*f)(void) | |||
| 278 | /* Generic load_key function pointer */ | 280 | /* Generic load_key function pointer */ |
| 279 | typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, | 281 | typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *, |
| 280 | UI_METHOD *ui_method, void *callback_data); | 282 | UI_METHOD *ui_method, void *callback_data); |
| 283 | typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl, | ||
| 284 | STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **pkey, | ||
| 285 | STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data); | ||
| 281 | /* These callback types are for an ENGINE's handler for cipher and digest logic. | 286 | /* These callback types are for an ENGINE's handler for cipher and digest logic. |
| 282 | * These handlers have these prototypes; | 287 | * These handlers have these prototypes; |
| 283 | * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); | 288 | * int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid); |
| @@ -334,6 +339,9 @@ void ENGINE_load_ubsec(void); | |||
| 334 | void ENGINE_load_cryptodev(void); | 339 | void ENGINE_load_cryptodev(void); |
| 335 | void ENGINE_load_padlock(void); | 340 | void ENGINE_load_padlock(void); |
| 336 | void ENGINE_load_builtin_engines(void); | 341 | void ENGINE_load_builtin_engines(void); |
| 342 | #ifndef OPENSSL_NO_CAPIENG | ||
| 343 | void ENGINE_load_capi(void); | ||
| 344 | #endif | ||
| 337 | 345 | ||
| 338 | /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation | 346 | /* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation |
| 339 | * "registry" handling. */ | 347 | * "registry" handling. */ |
| @@ -459,6 +467,8 @@ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f); | |||
| 459 | int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f); | 467 | int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f); |
| 460 | int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f); | 468 | int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f); |
| 461 | int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f); | 469 | int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f); |
| 470 | int ENGINE_set_load_ssl_client_cert_function(ENGINE *e, | ||
| 471 | ENGINE_SSL_CLIENT_CERT_PTR loadssl_f); | ||
| 462 | int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); | 472 | int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f); |
| 463 | int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); | 473 | int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f); |
| 464 | int ENGINE_set_flags(ENGINE *e, int flags); | 474 | int ENGINE_set_flags(ENGINE *e, int flags); |
| @@ -494,6 +504,7 @@ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e); | |||
| 494 | ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e); | 504 | ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e); |
| 495 | ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e); | 505 | ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e); |
| 496 | ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e); | 506 | ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e); |
| 507 | ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e); | ||
| 497 | ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); | 508 | ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e); |
| 498 | ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); | 509 | ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e); |
| 499 | const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); | 510 | const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid); |
| @@ -529,6 +540,10 @@ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, | |||
| 529 | UI_METHOD *ui_method, void *callback_data); | 540 | UI_METHOD *ui_method, void *callback_data); |
| 530 | EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, | 541 | EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, |
| 531 | UI_METHOD *ui_method, void *callback_data); | 542 | UI_METHOD *ui_method, void *callback_data); |
| 543 | int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, | ||
| 544 | STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey, | ||
| 545 | STACK_OF(X509) **pother, | ||
| 546 | UI_METHOD *ui_method, void *callback_data); | ||
| 532 | 547 | ||
| 533 | /* This returns a pointer for the current ENGINE structure that | 548 | /* This returns a pointer for the current ENGINE structure that |
| 534 | * is (by default) performing any RSA operations. The value returned | 549 | * is (by default) performing any RSA operations. The value returned |
| @@ -723,6 +738,7 @@ void ERR_load_ENGINE_strings(void); | |||
| 723 | #define ENGINE_F_ENGINE_LIST_REMOVE 121 | 738 | #define ENGINE_F_ENGINE_LIST_REMOVE 121 |
| 724 | #define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 | 739 | #define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 |
| 725 | #define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 | 740 | #define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 |
| 741 | #define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 192 | ||
| 726 | #define ENGINE_F_ENGINE_NEW 122 | 742 | #define ENGINE_F_ENGINE_NEW 122 |
| 727 | #define ENGINE_F_ENGINE_REMOVE 123 | 743 | #define ENGINE_F_ENGINE_REMOVE 123 |
| 728 | #define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 | 744 | #define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189 |
diff --git a/src/lib/libssl/src/crypto/engine/enginetest.c b/src/lib/libssl/src/crypto/engine/enginetest.c index cf82f490db..e3834611db 100644 --- a/src/lib/libssl/src/crypto/engine/enginetest.c +++ b/src/lib/libssl/src/crypto/engine/enginetest.c | |||
| @@ -58,6 +58,7 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <string.h> | 60 | #include <string.h> |
| 61 | #include <openssl/e_os2.h> | ||
| 61 | 62 | ||
| 62 | #ifdef OPENSSL_NO_ENGINE | 63 | #ifdef OPENSSL_NO_ENGINE |
| 63 | int main(int argc, char *argv[]) | 64 | int main(int argc, char *argv[]) |
| @@ -66,7 +67,6 @@ int main(int argc, char *argv[]) | |||
| 66 | return(0); | 67 | return(0); |
| 67 | } | 68 | } |
| 68 | #else | 69 | #else |
| 69 | #include <openssl/e_os2.h> | ||
| 70 | #include <openssl/buffer.h> | 70 | #include <openssl/buffer.h> |
| 71 | #include <openssl/crypto.h> | 71 | #include <openssl/crypto.h> |
| 72 | #include <openssl/engine.h> | 72 | #include <openssl/engine.h> |
diff --git a/src/lib/libssl/src/crypto/err/Makefile b/src/lib/libssl/src/crypto/err/Makefile index 23e38409c8..91d1379d41 100644 --- a/src/lib/libssl/src/crypto/err/Makefile +++ b/src/lib/libssl/src/crypto/err/Makefile | |||
| @@ -17,8 +17,8 @@ TEST= | |||
| 17 | APPS= | 17 | APPS= |
| 18 | 18 | ||
| 19 | LIB=$(TOP)/libcrypto.a | 19 | LIB=$(TOP)/libcrypto.a |
| 20 | LIBSRC=err.c err_all.c err_prn.c | 20 | LIBSRC=err.c err_def.c err_all.c err_prn.c err_str.c err_bio.c |
| 21 | LIBOBJ=err.o err_all.o err_prn.o | 21 | LIBOBJ=err.o err_def.o err_all.o err_prn.o err_str.o err_bio.o |
| 22 | 22 | ||
| 23 | SRC= $(LIBSRC) | 23 | SRC= $(LIBSRC) |
| 24 | 24 | ||
| @@ -33,7 +33,7 @@ top: | |||
| 33 | all: lib | 33 | all: lib |
| 34 | 34 | ||
| 35 | lib: $(LIBOBJ) | 35 | lib: $(LIBOBJ) |
| 36 | $(AR) $(LIB) $(LIBOBJ) | 36 | $(ARX) $(LIB) $(LIBOBJ) |
| 37 | $(RANLIB) $(LIB) || echo Never mind. | 37 | $(RANLIB) $(LIB) || echo Never mind. |
| 38 | @touch lib | 38 | @touch lib |
| 39 | 39 | ||
| @@ -89,17 +89,31 @@ err_all.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h | |||
| 89 | err_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 89 | err_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 90 | err_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | 90 | err_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h |
| 91 | err_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 91 | err_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 92 | err_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 92 | err_all.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 93 | err_all.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h | 93 | err_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 94 | err_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 94 | err_all.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h |
| 95 | err_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem2.h | 95 | err_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 96 | err_all.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 96 | err_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h |
| 97 | err_all.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | 97 | err_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| 98 | err_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 98 | err_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h |
| 99 | err_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 99 | err_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 100 | err_all.o: ../../include/openssl/ui.h ../../include/openssl/x509.h | 100 | err_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 101 | err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 101 | err_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 102 | err_all.o: err_all.c | 102 | err_all.o: ../../include/openssl/x509v3.h err_all.c |
| 103 | err_bio.o: ../../e_os.h ../../include/openssl/bio.h | ||
| 104 | err_bio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
| 105 | err_bio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 106 | err_bio.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | ||
| 107 | err_bio.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 108 | err_bio.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 109 | err_bio.o: ../../include/openssl/symhacks.h ../cryptlib.h err_bio.c | ||
| 110 | err_def.o: ../../e_os.h ../../include/openssl/bio.h | ||
| 111 | err_def.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
| 112 | err_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 113 | err_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | ||
| 114 | err_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 115 | err_def.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 116 | err_def.o: ../../include/openssl/symhacks.h ../cryptlib.h err_def.c | ||
| 103 | err_prn.o: ../../e_os.h ../../include/openssl/bio.h | 117 | err_prn.o: ../../e_os.h ../../include/openssl/bio.h |
| 104 | err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 118 | err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 105 | err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 119 | err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| @@ -107,3 +121,10 @@ err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | |||
| 107 | err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 121 | err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 108 | err_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 122 | err_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 109 | err_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h err_prn.c | 123 | err_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h err_prn.c |
| 124 | err_str.o: ../../e_os.h ../../include/openssl/bio.h | ||
| 125 | err_str.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
| 126 | err_str.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 127 | err_str.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | ||
| 128 | err_str.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 129 | err_str.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 130 | err_str.o: ../../include/openssl/symhacks.h ../cryptlib.h err_str.c | ||
diff --git a/src/lib/libssl/src/crypto/err/err.c b/src/lib/libssl/src/crypto/err/err.c index b6ff070e8f..292404a2fb 100644 --- a/src/lib/libssl/src/crypto/err/err.c +++ b/src/lib/libssl/src/crypto/err/err.c | |||
| @@ -119,479 +119,9 @@ | |||
| 119 | #include <openssl/bio.h> | 119 | #include <openssl/bio.h> |
| 120 | #include <openssl/err.h> | 120 | #include <openssl/err.h> |
| 121 | 121 | ||
| 122 | static void err_load_strings(int lib, ERR_STRING_DATA *str); | 122 | static unsigned long get_error_values(int inc,int top, |
| 123 | 123 | const char **file,int *line, | |
| 124 | static void ERR_STATE_free(ERR_STATE *s); | 124 | const char **data,int *flags); |
| 125 | #ifndef OPENSSL_NO_ERR | ||
| 126 | static ERR_STRING_DATA ERR_str_libraries[]= | ||
| 127 | { | ||
| 128 | {ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"}, | ||
| 129 | {ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"}, | ||
| 130 | {ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"}, | ||
| 131 | {ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"}, | ||
| 132 | {ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"}, | ||
| 133 | {ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"}, | ||
| 134 | {ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"}, | ||
| 135 | {ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"}, | ||
| 136 | {ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"}, | ||
| 137 | {ERR_PACK(ERR_LIB_DSA,0,0) ,"dsa routines"}, | ||
| 138 | {ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"}, | ||
| 139 | {ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"}, | ||
| 140 | {ERR_PACK(ERR_LIB_CONF,0,0) ,"configuration file routines"}, | ||
| 141 | {ERR_PACK(ERR_LIB_CRYPTO,0,0) ,"common libcrypto routines"}, | ||
| 142 | {ERR_PACK(ERR_LIB_EC,0,0) ,"elliptic curve routines"}, | ||
| 143 | {ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"}, | ||
| 144 | {ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"}, | ||
| 145 | {ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"}, | ||
| 146 | {ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"}, | ||
| 147 | {ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"}, | ||
| 148 | {ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"}, | ||
| 149 | {ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, | ||
| 150 | {ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, | ||
| 151 | {ERR_PACK(ERR_LIB_OCSP,0,0) ,"OCSP routines"}, | ||
| 152 | {ERR_PACK(ERR_LIB_CMS,0,0) ,"CMS routines"}, | ||
| 153 | {0,NULL}, | ||
| 154 | }; | ||
| 155 | |||
| 156 | static ERR_STRING_DATA ERR_str_functs[]= | ||
| 157 | { | ||
| 158 | {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"}, | ||
| 159 | {ERR_PACK(0,SYS_F_CONNECT,0), "connect"}, | ||
| 160 | {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"}, | ||
| 161 | {ERR_PACK(0,SYS_F_SOCKET,0), "socket"}, | ||
| 162 | {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"}, | ||
| 163 | {ERR_PACK(0,SYS_F_BIND,0), "bind"}, | ||
| 164 | {ERR_PACK(0,SYS_F_LISTEN,0), "listen"}, | ||
| 165 | {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"}, | ||
| 166 | #ifdef OPENSSL_SYS_WINDOWS | ||
| 167 | {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"}, | ||
| 168 | #endif | ||
| 169 | {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, | ||
| 170 | {ERR_PACK(0,SYS_F_FREAD,0), "fread"}, | ||
| 171 | {0,NULL}, | ||
| 172 | }; | ||
| 173 | |||
| 174 | static ERR_STRING_DATA ERR_str_reasons[]= | ||
| 175 | { | ||
| 176 | {ERR_R_SYS_LIB ,"system lib"}, | ||
| 177 | {ERR_R_BN_LIB ,"BN lib"}, | ||
| 178 | {ERR_R_RSA_LIB ,"RSA lib"}, | ||
| 179 | {ERR_R_DH_LIB ,"DH lib"}, | ||
| 180 | {ERR_R_EVP_LIB ,"EVP lib"}, | ||
| 181 | {ERR_R_BUF_LIB ,"BUF lib"}, | ||
| 182 | {ERR_R_OBJ_LIB ,"OBJ lib"}, | ||
| 183 | {ERR_R_PEM_LIB ,"PEM lib"}, | ||
| 184 | {ERR_R_DSA_LIB ,"DSA lib"}, | ||
| 185 | {ERR_R_X509_LIB ,"X509 lib"}, | ||
| 186 | {ERR_R_ASN1_LIB ,"ASN1 lib"}, | ||
| 187 | {ERR_R_CONF_LIB ,"CONF lib"}, | ||
| 188 | {ERR_R_CRYPTO_LIB ,"CRYPTO lib"}, | ||
| 189 | {ERR_R_EC_LIB ,"EC lib"}, | ||
| 190 | {ERR_R_SSL_LIB ,"SSL lib"}, | ||
| 191 | {ERR_R_BIO_LIB ,"BIO lib"}, | ||
| 192 | {ERR_R_PKCS7_LIB ,"PKCS7 lib"}, | ||
| 193 | {ERR_R_X509V3_LIB ,"X509V3 lib"}, | ||
| 194 | {ERR_R_PKCS12_LIB ,"PKCS12 lib"}, | ||
| 195 | {ERR_R_RAND_LIB ,"RAND lib"}, | ||
| 196 | {ERR_R_DSO_LIB ,"DSO lib"}, | ||
| 197 | {ERR_R_ENGINE_LIB ,"ENGINE lib"}, | ||
| 198 | {ERR_R_OCSP_LIB ,"OCSP lib"}, | ||
| 199 | |||
| 200 | {ERR_R_NESTED_ASN1_ERROR ,"nested asn1 error"}, | ||
| 201 | {ERR_R_BAD_ASN1_OBJECT_HEADER ,"bad asn1 object header"}, | ||
| 202 | {ERR_R_BAD_GET_ASN1_OBJECT_CALL ,"bad get asn1 object call"}, | ||
| 203 | {ERR_R_EXPECTING_AN_ASN1_SEQUENCE ,"expecting an asn1 sequence"}, | ||
| 204 | {ERR_R_ASN1_LENGTH_MISMATCH ,"asn1 length mismatch"}, | ||
| 205 | {ERR_R_MISSING_ASN1_EOS ,"missing asn1 eos"}, | ||
| 206 | |||
| 207 | {ERR_R_FATAL ,"fatal"}, | ||
| 208 | {ERR_R_MALLOC_FAILURE ,"malloc failure"}, | ||
| 209 | {ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"}, | ||
| 210 | {ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, | ||
| 211 | {ERR_R_INTERNAL_ERROR ,"internal error"}, | ||
| 212 | {ERR_R_DISABLED ,"called a function that was disabled at compile-time"}, | ||
| 213 | |||
| 214 | {0,NULL}, | ||
| 215 | }; | ||
| 216 | #endif | ||
| 217 | |||
| 218 | |||
| 219 | /* Define the predeclared (but externally opaque) "ERR_FNS" type */ | ||
| 220 | struct st_ERR_FNS | ||
| 221 | { | ||
| 222 | /* Works on the "error_hash" string table */ | ||
| 223 | LHASH *(*cb_err_get)(int create); | ||
| 224 | void (*cb_err_del)(void); | ||
| 225 | ERR_STRING_DATA *(*cb_err_get_item)(const ERR_STRING_DATA *); | ||
| 226 | ERR_STRING_DATA *(*cb_err_set_item)(ERR_STRING_DATA *); | ||
| 227 | ERR_STRING_DATA *(*cb_err_del_item)(ERR_STRING_DATA *); | ||
| 228 | /* Works on the "thread_hash" error-state table */ | ||
| 229 | LHASH *(*cb_thread_get)(int create); | ||
| 230 | void (*cb_thread_release)(LHASH **hash); | ||
| 231 | ERR_STATE *(*cb_thread_get_item)(const ERR_STATE *); | ||
| 232 | ERR_STATE *(*cb_thread_set_item)(ERR_STATE *); | ||
| 233 | void (*cb_thread_del_item)(const ERR_STATE *); | ||
| 234 | /* Returns the next available error "library" numbers */ | ||
| 235 | int (*cb_get_next_lib)(void); | ||
| 236 | }; | ||
| 237 | |||
| 238 | /* Predeclarations of the "err_defaults" functions */ | ||
| 239 | static LHASH *int_err_get(int create); | ||
| 240 | static void int_err_del(void); | ||
| 241 | static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *); | ||
| 242 | static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *); | ||
| 243 | static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *); | ||
| 244 | static LHASH *int_thread_get(int create); | ||
| 245 | static void int_thread_release(LHASH **hash); | ||
| 246 | static ERR_STATE *int_thread_get_item(const ERR_STATE *); | ||
| 247 | static ERR_STATE *int_thread_set_item(ERR_STATE *); | ||
| 248 | static void int_thread_del_item(const ERR_STATE *); | ||
| 249 | static int int_err_get_next_lib(void); | ||
| 250 | /* The static ERR_FNS table using these defaults functions */ | ||
| 251 | static const ERR_FNS err_defaults = | ||
| 252 | { | ||
| 253 | int_err_get, | ||
| 254 | int_err_del, | ||
| 255 | int_err_get_item, | ||
| 256 | int_err_set_item, | ||
| 257 | int_err_del_item, | ||
| 258 | int_thread_get, | ||
| 259 | int_thread_release, | ||
| 260 | int_thread_get_item, | ||
| 261 | int_thread_set_item, | ||
| 262 | int_thread_del_item, | ||
| 263 | int_err_get_next_lib | ||
| 264 | }; | ||
| 265 | |||
| 266 | /* The replacable table of ERR_FNS functions we use at run-time */ | ||
| 267 | static const ERR_FNS *err_fns = NULL; | ||
| 268 | |||
| 269 | /* Eg. rather than using "err_get()", use "ERRFN(err_get)()". */ | ||
| 270 | #define ERRFN(a) err_fns->cb_##a | ||
| 271 | |||
| 272 | /* The internal state used by "err_defaults" - as such, the setting, reading, | ||
| 273 | * creating, and deleting of this data should only be permitted via the | ||
| 274 | * "err_defaults" functions. This way, a linked module can completely defer all | ||
| 275 | * ERR state operation (together with requisite locking) to the implementations | ||
| 276 | * and state in the loading application. */ | ||
| 277 | static LHASH *int_error_hash = NULL; | ||
| 278 | static LHASH *int_thread_hash = NULL; | ||
| 279 | static int int_thread_hash_references = 0; | ||
| 280 | static int int_err_library_number= ERR_LIB_USER; | ||
| 281 | |||
| 282 | /* Internal function that checks whether "err_fns" is set and if not, sets it to | ||
| 283 | * the defaults. */ | ||
| 284 | static void err_fns_check(void) | ||
| 285 | { | ||
| 286 | if (err_fns) return; | ||
| 287 | |||
| 288 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 289 | if (!err_fns) | ||
| 290 | err_fns = &err_defaults; | ||
| 291 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 292 | } | ||
| 293 | |||
| 294 | /* API functions to get or set the underlying ERR functions. */ | ||
| 295 | |||
| 296 | const ERR_FNS *ERR_get_implementation(void) | ||
| 297 | { | ||
| 298 | err_fns_check(); | ||
| 299 | return err_fns; | ||
| 300 | } | ||
| 301 | |||
| 302 | int ERR_set_implementation(const ERR_FNS *fns) | ||
| 303 | { | ||
| 304 | int ret = 0; | ||
| 305 | |||
| 306 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 307 | /* It's too late if 'err_fns' is non-NULL. BTW: not much point setting | ||
| 308 | * an error is there?! */ | ||
| 309 | if (!err_fns) | ||
| 310 | { | ||
| 311 | err_fns = fns; | ||
| 312 | ret = 1; | ||
| 313 | } | ||
| 314 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 315 | return ret; | ||
| 316 | } | ||
| 317 | |||
| 318 | /* These are the callbacks provided to "lh_new()" when creating the LHASH tables | ||
| 319 | * internal to the "err_defaults" implementation. */ | ||
| 320 | |||
| 321 | /* static unsigned long err_hash(ERR_STRING_DATA *a); */ | ||
| 322 | static unsigned long err_hash(const void *a_void); | ||
| 323 | /* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b); */ | ||
| 324 | static int err_cmp(const void *a_void, const void *b_void); | ||
| 325 | /* static unsigned long pid_hash(ERR_STATE *pid); */ | ||
| 326 | static unsigned long pid_hash(const void *pid_void); | ||
| 327 | /* static int pid_cmp(ERR_STATE *a,ERR_STATE *pid); */ | ||
| 328 | static int pid_cmp(const void *a_void,const void *pid_void); | ||
| 329 | static unsigned long get_error_values(int inc,int top,const char **file,int *line, | ||
| 330 | const char **data,int *flags); | ||
| 331 | |||
| 332 | /* The internal functions used in the "err_defaults" implementation */ | ||
| 333 | |||
| 334 | static LHASH *int_err_get(int create) | ||
| 335 | { | ||
| 336 | LHASH *ret = NULL; | ||
| 337 | |||
| 338 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 339 | if (!int_error_hash && create) | ||
| 340 | { | ||
| 341 | CRYPTO_push_info("int_err_get (err.c)"); | ||
| 342 | int_error_hash = lh_new(err_hash, err_cmp); | ||
| 343 | CRYPTO_pop_info(); | ||
| 344 | } | ||
| 345 | if (int_error_hash) | ||
| 346 | ret = int_error_hash; | ||
| 347 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 348 | |||
| 349 | return ret; | ||
| 350 | } | ||
| 351 | |||
| 352 | static void int_err_del(void) | ||
| 353 | { | ||
| 354 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 355 | if (int_error_hash) | ||
| 356 | { | ||
| 357 | lh_free(int_error_hash); | ||
| 358 | int_error_hash = NULL; | ||
| 359 | } | ||
| 360 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 361 | } | ||
| 362 | |||
| 363 | static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d) | ||
| 364 | { | ||
| 365 | ERR_STRING_DATA *p; | ||
| 366 | LHASH *hash; | ||
| 367 | |||
| 368 | err_fns_check(); | ||
| 369 | hash = ERRFN(err_get)(0); | ||
| 370 | if (!hash) | ||
| 371 | return NULL; | ||
| 372 | |||
| 373 | CRYPTO_r_lock(CRYPTO_LOCK_ERR); | ||
| 374 | p = (ERR_STRING_DATA *)lh_retrieve(hash, d); | ||
| 375 | CRYPTO_r_unlock(CRYPTO_LOCK_ERR); | ||
| 376 | |||
| 377 | return p; | ||
| 378 | } | ||
| 379 | |||
| 380 | static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d) | ||
| 381 | { | ||
| 382 | ERR_STRING_DATA *p; | ||
| 383 | LHASH *hash; | ||
| 384 | |||
| 385 | err_fns_check(); | ||
| 386 | hash = ERRFN(err_get)(1); | ||
| 387 | if (!hash) | ||
| 388 | return NULL; | ||
| 389 | |||
| 390 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 391 | p = (ERR_STRING_DATA *)lh_insert(hash, d); | ||
| 392 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 393 | |||
| 394 | return p; | ||
| 395 | } | ||
| 396 | |||
| 397 | static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *d) | ||
| 398 | { | ||
| 399 | ERR_STRING_DATA *p; | ||
| 400 | LHASH *hash; | ||
| 401 | |||
| 402 | err_fns_check(); | ||
| 403 | hash = ERRFN(err_get)(0); | ||
| 404 | if (!hash) | ||
| 405 | return NULL; | ||
| 406 | |||
| 407 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 408 | p = (ERR_STRING_DATA *)lh_delete(hash, d); | ||
| 409 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 410 | |||
| 411 | return p; | ||
| 412 | } | ||
| 413 | |||
| 414 | static LHASH *int_thread_get(int create) | ||
| 415 | { | ||
| 416 | LHASH *ret = NULL; | ||
| 417 | |||
| 418 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 419 | if (!int_thread_hash && create) | ||
| 420 | { | ||
| 421 | CRYPTO_push_info("int_thread_get (err.c)"); | ||
| 422 | int_thread_hash = lh_new(pid_hash, pid_cmp); | ||
| 423 | CRYPTO_pop_info(); | ||
| 424 | } | ||
| 425 | if (int_thread_hash) | ||
| 426 | { | ||
| 427 | int_thread_hash_references++; | ||
| 428 | ret = int_thread_hash; | ||
| 429 | } | ||
| 430 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 431 | return ret; | ||
| 432 | } | ||
| 433 | |||
| 434 | static void int_thread_release(LHASH **hash) | ||
| 435 | { | ||
| 436 | int i; | ||
| 437 | |||
| 438 | if (hash == NULL || *hash == NULL) | ||
| 439 | return; | ||
| 440 | |||
| 441 | i = CRYPTO_add(&int_thread_hash_references, -1, CRYPTO_LOCK_ERR); | ||
| 442 | |||
| 443 | #ifdef REF_PRINT | ||
| 444 | fprintf(stderr,"%4d:%s\n",int_thread_hash_references,"ERR"); | ||
| 445 | #endif | ||
| 446 | if (i > 0) return; | ||
| 447 | #ifdef REF_CHECK | ||
| 448 | if (i < 0) | ||
| 449 | { | ||
| 450 | fprintf(stderr,"int_thread_release, bad reference count\n"); | ||
| 451 | abort(); /* ok */ | ||
| 452 | } | ||
| 453 | #endif | ||
| 454 | *hash = NULL; | ||
| 455 | } | ||
| 456 | |||
| 457 | static ERR_STATE *int_thread_get_item(const ERR_STATE *d) | ||
| 458 | { | ||
| 459 | ERR_STATE *p; | ||
| 460 | LHASH *hash; | ||
| 461 | |||
| 462 | err_fns_check(); | ||
| 463 | hash = ERRFN(thread_get)(0); | ||
| 464 | if (!hash) | ||
| 465 | return NULL; | ||
| 466 | |||
| 467 | CRYPTO_r_lock(CRYPTO_LOCK_ERR); | ||
| 468 | p = (ERR_STATE *)lh_retrieve(hash, d); | ||
| 469 | CRYPTO_r_unlock(CRYPTO_LOCK_ERR); | ||
| 470 | |||
| 471 | ERRFN(thread_release)(&hash); | ||
| 472 | return p; | ||
| 473 | } | ||
| 474 | |||
| 475 | static ERR_STATE *int_thread_set_item(ERR_STATE *d) | ||
| 476 | { | ||
| 477 | ERR_STATE *p; | ||
| 478 | LHASH *hash; | ||
| 479 | |||
| 480 | err_fns_check(); | ||
| 481 | hash = ERRFN(thread_get)(1); | ||
| 482 | if (!hash) | ||
| 483 | return NULL; | ||
| 484 | |||
| 485 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 486 | p = (ERR_STATE *)lh_insert(hash, d); | ||
| 487 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 488 | |||
| 489 | ERRFN(thread_release)(&hash); | ||
| 490 | return p; | ||
| 491 | } | ||
| 492 | |||
| 493 | static void int_thread_del_item(const ERR_STATE *d) | ||
| 494 | { | ||
| 495 | ERR_STATE *p; | ||
| 496 | LHASH *hash; | ||
| 497 | |||
| 498 | err_fns_check(); | ||
| 499 | hash = ERRFN(thread_get)(0); | ||
| 500 | if (!hash) | ||
| 501 | return; | ||
| 502 | |||
| 503 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 504 | p = (ERR_STATE *)lh_delete(hash, d); | ||
| 505 | /* make sure we don't leak memory */ | ||
| 506 | if (int_thread_hash_references == 1 | ||
| 507 | && int_thread_hash && (lh_num_items(int_thread_hash) == 0)) | ||
| 508 | { | ||
| 509 | lh_free(int_thread_hash); | ||
| 510 | int_thread_hash = NULL; | ||
| 511 | } | ||
| 512 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 513 | |||
| 514 | ERRFN(thread_release)(&hash); | ||
| 515 | if (p) | ||
| 516 | ERR_STATE_free(p); | ||
| 517 | } | ||
| 518 | |||
| 519 | static int int_err_get_next_lib(void) | ||
| 520 | { | ||
| 521 | int ret; | ||
| 522 | |||
| 523 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 524 | ret = int_err_library_number++; | ||
| 525 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 526 | |||
| 527 | return ret; | ||
| 528 | } | ||
| 529 | |||
| 530 | |||
| 531 | #ifndef OPENSSL_NO_ERR | ||
| 532 | #define NUM_SYS_STR_REASONS 127 | ||
| 533 | #define LEN_SYS_STR_REASON 32 | ||
| 534 | |||
| 535 | static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; | ||
| 536 | /* SYS_str_reasons is filled with copies of strerror() results at | ||
| 537 | * initialization. | ||
| 538 | * 'errno' values up to 127 should cover all usual errors, | ||
| 539 | * others will be displayed numerically by ERR_error_string. | ||
| 540 | * It is crucial that we have something for each reason code | ||
| 541 | * that occurs in ERR_str_reasons, or bogus reason strings | ||
| 542 | * will be returned for SYSerr(), which always gets an errno | ||
| 543 | * value and never one of those 'standard' reason codes. */ | ||
| 544 | |||
| 545 | static void build_SYS_str_reasons(void) | ||
| 546 | { | ||
| 547 | /* OPENSSL_malloc cannot be used here, use static storage instead */ | ||
| 548 | static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; | ||
| 549 | int i; | ||
| 550 | static int init = 1; | ||
| 551 | |||
| 552 | CRYPTO_r_lock(CRYPTO_LOCK_ERR); | ||
| 553 | if (!init) | ||
| 554 | { | ||
| 555 | CRYPTO_r_unlock(CRYPTO_LOCK_ERR); | ||
| 556 | return; | ||
| 557 | } | ||
| 558 | |||
| 559 | CRYPTO_r_unlock(CRYPTO_LOCK_ERR); | ||
| 560 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 561 | if (!init) | ||
| 562 | { | ||
| 563 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 564 | return; | ||
| 565 | } | ||
| 566 | |||
| 567 | for (i = 1; i <= NUM_SYS_STR_REASONS; i++) | ||
| 568 | { | ||
| 569 | ERR_STRING_DATA *str = &SYS_str_reasons[i - 1]; | ||
| 570 | |||
| 571 | str->error = (unsigned long)i; | ||
| 572 | if (str->string == NULL) | ||
| 573 | { | ||
| 574 | char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]); | ||
| 575 | char *src = strerror(i); | ||
| 576 | if (src != NULL) | ||
| 577 | { | ||
| 578 | strncpy(*dest, src, sizeof *dest); | ||
| 579 | (*dest)[sizeof *dest - 1] = '\0'; | ||
| 580 | str->string = *dest; | ||
| 581 | } | ||
| 582 | } | ||
| 583 | if (str->string == NULL) | ||
| 584 | str->string = "unknown"; | ||
| 585 | } | ||
| 586 | |||
| 587 | /* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, | ||
| 588 | * as required by ERR_load_strings. */ | ||
| 589 | |||
| 590 | init = 0; | ||
| 591 | |||
| 592 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 593 | } | ||
| 594 | #endif | ||
| 595 | 125 | ||
| 596 | #define err_clear_data(p,i) \ | 126 | #define err_clear_data(p,i) \ |
| 597 | do { \ | 127 | do { \ |
| @@ -613,68 +143,6 @@ static void build_SYS_str_reasons(void) | |||
| 613 | (p)->err_line[i]= -1; \ | 143 | (p)->err_line[i]= -1; \ |
| 614 | } while(0) | 144 | } while(0) |
| 615 | 145 | ||
| 616 | static void ERR_STATE_free(ERR_STATE *s) | ||
| 617 | { | ||
| 618 | int i; | ||
| 619 | |||
| 620 | if (s == NULL) | ||
| 621 | return; | ||
| 622 | |||
| 623 | for (i=0; i<ERR_NUM_ERRORS; i++) | ||
| 624 | { | ||
| 625 | err_clear_data(s,i); | ||
| 626 | } | ||
| 627 | OPENSSL_free(s); | ||
| 628 | } | ||
| 629 | |||
| 630 | void ERR_load_ERR_strings(void) | ||
| 631 | { | ||
| 632 | err_fns_check(); | ||
| 633 | #ifndef OPENSSL_NO_ERR | ||
| 634 | err_load_strings(0,ERR_str_libraries); | ||
| 635 | err_load_strings(0,ERR_str_reasons); | ||
| 636 | err_load_strings(ERR_LIB_SYS,ERR_str_functs); | ||
| 637 | build_SYS_str_reasons(); | ||
| 638 | err_load_strings(ERR_LIB_SYS,SYS_str_reasons); | ||
| 639 | #endif | ||
| 640 | } | ||
| 641 | |||
| 642 | static void err_load_strings(int lib, ERR_STRING_DATA *str) | ||
| 643 | { | ||
| 644 | while (str->error) | ||
| 645 | { | ||
| 646 | if (lib) | ||
| 647 | str->error|=ERR_PACK(lib,0,0); | ||
| 648 | ERRFN(err_set_item)(str); | ||
| 649 | str++; | ||
| 650 | } | ||
| 651 | } | ||
| 652 | |||
| 653 | void ERR_load_strings(int lib, ERR_STRING_DATA *str) | ||
| 654 | { | ||
| 655 | ERR_load_ERR_strings(); | ||
| 656 | err_load_strings(lib, str); | ||
| 657 | } | ||
| 658 | |||
| 659 | void ERR_unload_strings(int lib, ERR_STRING_DATA *str) | ||
| 660 | { | ||
| 661 | while (str->error) | ||
| 662 | { | ||
| 663 | if (lib) | ||
| 664 | str->error|=ERR_PACK(lib,0,0); | ||
| 665 | ERRFN(err_del_item)(str); | ||
| 666 | str++; | ||
| 667 | } | ||
| 668 | } | ||
| 669 | |||
| 670 | void ERR_free_strings(void) | ||
| 671 | { | ||
| 672 | err_fns_check(); | ||
| 673 | ERRFN(err_del)(); | ||
| 674 | } | ||
| 675 | |||
| 676 | /********************************************************/ | ||
| 677 | |||
| 678 | void ERR_put_error(int lib, int func, int reason, const char *file, | 146 | void ERR_put_error(int lib, int func, int reason, const char *file, |
| 679 | int line) | 147 | int line) |
| 680 | { | 148 | { |
| @@ -829,218 +297,6 @@ static unsigned long get_error_values(int inc, int top, const char **file, int * | |||
| 829 | return ret; | 297 | return ret; |
| 830 | } | 298 | } |
| 831 | 299 | ||
| 832 | void ERR_error_string_n(unsigned long e, char *buf, size_t len) | ||
| 833 | { | ||
| 834 | char lsbuf[64], fsbuf[64], rsbuf[64]; | ||
| 835 | const char *ls,*fs,*rs; | ||
| 836 | unsigned long l,f,r; | ||
| 837 | |||
| 838 | l=ERR_GET_LIB(e); | ||
| 839 | f=ERR_GET_FUNC(e); | ||
| 840 | r=ERR_GET_REASON(e); | ||
| 841 | |||
| 842 | ls=ERR_lib_error_string(e); | ||
| 843 | fs=ERR_func_error_string(e); | ||
| 844 | rs=ERR_reason_error_string(e); | ||
| 845 | |||
| 846 | if (ls == NULL) | ||
| 847 | BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); | ||
| 848 | if (fs == NULL) | ||
| 849 | BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f); | ||
| 850 | if (rs == NULL) | ||
| 851 | BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r); | ||
| 852 | |||
| 853 | BIO_snprintf(buf, len,"error:%08lX:%s:%s:%s", e, ls?ls:lsbuf, | ||
| 854 | fs?fs:fsbuf, rs?rs:rsbuf); | ||
| 855 | if (strlen(buf) == len-1) | ||
| 856 | { | ||
| 857 | /* output may be truncated; make sure we always have 5 | ||
| 858 | * colon-separated fields, i.e. 4 colons ... */ | ||
| 859 | #define NUM_COLONS 4 | ||
| 860 | if (len > NUM_COLONS) /* ... if possible */ | ||
| 861 | { | ||
| 862 | int i; | ||
| 863 | char *s = buf; | ||
| 864 | |||
| 865 | for (i = 0; i < NUM_COLONS; i++) | ||
| 866 | { | ||
| 867 | char *colon = strchr(s, ':'); | ||
| 868 | if (colon == NULL || colon > &buf[len-1] - NUM_COLONS + i) | ||
| 869 | { | ||
| 870 | /* set colon no. i at last possible position | ||
| 871 | * (buf[len-1] is the terminating 0)*/ | ||
| 872 | colon = &buf[len-1] - NUM_COLONS + i; | ||
| 873 | *colon = ':'; | ||
| 874 | } | ||
| 875 | s = colon + 1; | ||
| 876 | } | ||
| 877 | } | ||
| 878 | } | ||
| 879 | } | ||
| 880 | |||
| 881 | /* BAD for multi-threading: uses a local buffer if ret == NULL */ | ||
| 882 | /* ERR_error_string_n should be used instead for ret != NULL | ||
| 883 | * as ERR_error_string cannot know how large the buffer is */ | ||
| 884 | char *ERR_error_string(unsigned long e, char *ret) | ||
| 885 | { | ||
| 886 | static char buf[256]; | ||
| 887 | |||
| 888 | if (ret == NULL) ret=buf; | ||
| 889 | ERR_error_string_n(e, ret, 256); | ||
| 890 | |||
| 891 | return ret; | ||
| 892 | } | ||
| 893 | |||
| 894 | LHASH *ERR_get_string_table(void) | ||
| 895 | { | ||
| 896 | err_fns_check(); | ||
| 897 | return ERRFN(err_get)(0); | ||
| 898 | } | ||
| 899 | |||
| 900 | LHASH *ERR_get_err_state_table(void) | ||
| 901 | { | ||
| 902 | err_fns_check(); | ||
| 903 | return ERRFN(thread_get)(0); | ||
| 904 | } | ||
| 905 | |||
| 906 | void ERR_release_err_state_table(LHASH **hash) | ||
| 907 | { | ||
| 908 | err_fns_check(); | ||
| 909 | ERRFN(thread_release)(hash); | ||
| 910 | } | ||
| 911 | |||
| 912 | const char *ERR_lib_error_string(unsigned long e) | ||
| 913 | { | ||
| 914 | ERR_STRING_DATA d,*p; | ||
| 915 | unsigned long l; | ||
| 916 | |||
| 917 | err_fns_check(); | ||
| 918 | l=ERR_GET_LIB(e); | ||
| 919 | d.error=ERR_PACK(l,0,0); | ||
| 920 | p=ERRFN(err_get_item)(&d); | ||
| 921 | return((p == NULL)?NULL:p->string); | ||
| 922 | } | ||
| 923 | |||
| 924 | const char *ERR_func_error_string(unsigned long e) | ||
| 925 | { | ||
| 926 | ERR_STRING_DATA d,*p; | ||
| 927 | unsigned long l,f; | ||
| 928 | |||
| 929 | err_fns_check(); | ||
| 930 | l=ERR_GET_LIB(e); | ||
| 931 | f=ERR_GET_FUNC(e); | ||
| 932 | d.error=ERR_PACK(l,f,0); | ||
| 933 | p=ERRFN(err_get_item)(&d); | ||
| 934 | return((p == NULL)?NULL:p->string); | ||
| 935 | } | ||
| 936 | |||
| 937 | const char *ERR_reason_error_string(unsigned long e) | ||
| 938 | { | ||
| 939 | ERR_STRING_DATA d,*p=NULL; | ||
| 940 | unsigned long l,r; | ||
| 941 | |||
| 942 | err_fns_check(); | ||
| 943 | l=ERR_GET_LIB(e); | ||
| 944 | r=ERR_GET_REASON(e); | ||
| 945 | d.error=ERR_PACK(l,0,r); | ||
| 946 | p=ERRFN(err_get_item)(&d); | ||
| 947 | if (!p) | ||
| 948 | { | ||
| 949 | d.error=ERR_PACK(0,0,r); | ||
| 950 | p=ERRFN(err_get_item)(&d); | ||
| 951 | } | ||
| 952 | return((p == NULL)?NULL:p->string); | ||
| 953 | } | ||
| 954 | |||
| 955 | /* static unsigned long err_hash(ERR_STRING_DATA *a) */ | ||
| 956 | static unsigned long err_hash(const void *a_void) | ||
| 957 | { | ||
| 958 | unsigned long ret,l; | ||
| 959 | |||
| 960 | l=((const ERR_STRING_DATA *)a_void)->error; | ||
| 961 | ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); | ||
| 962 | return(ret^ret%19*13); | ||
| 963 | } | ||
| 964 | |||
| 965 | /* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b) */ | ||
| 966 | static int err_cmp(const void *a_void, const void *b_void) | ||
| 967 | { | ||
| 968 | return((int)(((const ERR_STRING_DATA *)a_void)->error - | ||
| 969 | ((const ERR_STRING_DATA *)b_void)->error)); | ||
| 970 | } | ||
| 971 | |||
| 972 | /* static unsigned long pid_hash(ERR_STATE *a) */ | ||
| 973 | static unsigned long pid_hash(const void *a_void) | ||
| 974 | { | ||
| 975 | return(((const ERR_STATE *)a_void)->pid*13); | ||
| 976 | } | ||
| 977 | |||
| 978 | /* static int pid_cmp(ERR_STATE *a, ERR_STATE *b) */ | ||
| 979 | static int pid_cmp(const void *a_void, const void *b_void) | ||
| 980 | { | ||
| 981 | return((int)((long)((const ERR_STATE *)a_void)->pid - | ||
| 982 | (long)((const ERR_STATE *)b_void)->pid)); | ||
| 983 | } | ||
| 984 | |||
| 985 | void ERR_remove_state(unsigned long pid) | ||
| 986 | { | ||
| 987 | ERR_STATE tmp; | ||
| 988 | |||
| 989 | err_fns_check(); | ||
| 990 | if (pid == 0) | ||
| 991 | pid=(unsigned long)CRYPTO_thread_id(); | ||
| 992 | tmp.pid=pid; | ||
| 993 | /* thread_del_item automatically destroys the LHASH if the number of | ||
| 994 | * items reaches zero. */ | ||
| 995 | ERRFN(thread_del_item)(&tmp); | ||
| 996 | } | ||
| 997 | |||
| 998 | ERR_STATE *ERR_get_state(void) | ||
| 999 | { | ||
| 1000 | static ERR_STATE fallback; | ||
| 1001 | ERR_STATE *ret,tmp,*tmpp=NULL; | ||
| 1002 | int i; | ||
| 1003 | unsigned long pid; | ||
| 1004 | |||
| 1005 | err_fns_check(); | ||
| 1006 | pid=(unsigned long)CRYPTO_thread_id(); | ||
| 1007 | tmp.pid=pid; | ||
| 1008 | ret=ERRFN(thread_get_item)(&tmp); | ||
| 1009 | |||
| 1010 | /* ret == the error state, if NULL, make a new one */ | ||
| 1011 | if (ret == NULL) | ||
| 1012 | { | ||
| 1013 | ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE)); | ||
| 1014 | if (ret == NULL) return(&fallback); | ||
| 1015 | ret->pid=pid; | ||
| 1016 | ret->top=0; | ||
| 1017 | ret->bottom=0; | ||
| 1018 | for (i=0; i<ERR_NUM_ERRORS; i++) | ||
| 1019 | { | ||
| 1020 | ret->err_data[i]=NULL; | ||
| 1021 | ret->err_data_flags[i]=0; | ||
| 1022 | } | ||
| 1023 | tmpp = ERRFN(thread_set_item)(ret); | ||
| 1024 | /* To check if insertion failed, do a get. */ | ||
| 1025 | if (ERRFN(thread_get_item)(ret) != ret) | ||
| 1026 | { | ||
| 1027 | ERR_STATE_free(ret); /* could not insert it */ | ||
| 1028 | return(&fallback); | ||
| 1029 | } | ||
| 1030 | /* If a race occured in this function and we came second, tmpp | ||
| 1031 | * is the first one that we just replaced. */ | ||
| 1032 | if (tmpp) | ||
| 1033 | ERR_STATE_free(tmpp); | ||
| 1034 | } | ||
| 1035 | return ret; | ||
| 1036 | } | ||
| 1037 | |||
| 1038 | int ERR_get_next_error_library(void) | ||
| 1039 | { | ||
| 1040 | err_fns_check(); | ||
| 1041 | return ERRFN(get_next_lib)(); | ||
| 1042 | } | ||
| 1043 | |||
| 1044 | void ERR_set_error_data(char *data, int flags) | 300 | void ERR_set_error_data(char *data, int flags) |
| 1045 | { | 301 | { |
| 1046 | ERR_STATE *es; | 302 | ERR_STATE *es; |
| @@ -1127,3 +383,34 @@ int ERR_pop_to_mark(void) | |||
| 1127 | es->err_flags[es->top]&=~ERR_FLAG_MARK; | 383 | es->err_flags[es->top]&=~ERR_FLAG_MARK; |
| 1128 | return 1; | 384 | return 1; |
| 1129 | } | 385 | } |
| 386 | |||
| 387 | #ifdef OPENSSL_FIPS | ||
| 388 | |||
| 389 | static ERR_STATE *fget_state(void) | ||
| 390 | { | ||
| 391 | static ERR_STATE fstate; | ||
| 392 | return &fstate; | ||
| 393 | } | ||
| 394 | |||
| 395 | ERR_STATE *(*get_state_func)(void) = fget_state; | ||
| 396 | void (*remove_state_func)(unsigned long pid); | ||
| 397 | |||
| 398 | ERR_STATE *ERR_get_state(void) | ||
| 399 | { | ||
| 400 | return get_state_func(); | ||
| 401 | } | ||
| 402 | |||
| 403 | void int_ERR_set_state_func(ERR_STATE *(*get_func)(void), | ||
| 404 | void (*remove_func)(unsigned long pid)) | ||
| 405 | { | ||
| 406 | get_state_func = get_func; | ||
| 407 | remove_state_func = remove_func; | ||
| 408 | } | ||
| 409 | |||
| 410 | void ERR_remove_state(unsigned long pid) | ||
| 411 | { | ||
| 412 | if (remove_state_func) | ||
| 413 | remove_state_func(pid); | ||
| 414 | } | ||
| 415 | |||
| 416 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/err/err.h b/src/lib/libssl/src/crypto/err/err.h index bf28fce492..dcac415231 100644 --- a/src/lib/libssl/src/crypto/err/err.h +++ b/src/lib/libssl/src/crypto/err/err.h | |||
| @@ -140,7 +140,9 @@ typedef struct err_state_st | |||
| 140 | #define ERR_LIB_ECDSA 42 | 140 | #define ERR_LIB_ECDSA 42 |
| 141 | #define ERR_LIB_ECDH 43 | 141 | #define ERR_LIB_ECDH 43 |
| 142 | #define ERR_LIB_STORE 44 | 142 | #define ERR_LIB_STORE 44 |
| 143 | #define ERR_LIB_CMS 45 | 143 | #define ERR_LIB_FIPS 45 |
| 144 | #define ERR_LIB_CMS 46 | ||
| 145 | #define ERR_LIB_JPAKE 47 | ||
| 144 | 146 | ||
| 145 | #define ERR_LIB_USER 128 | 147 | #define ERR_LIB_USER 128 |
| 146 | 148 | ||
| @@ -172,7 +174,9 @@ typedef struct err_state_st | |||
| 172 | #define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__) | 174 | #define ECDSAerr(f,r) ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__) |
| 173 | #define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__) | 175 | #define ECDHerr(f,r) ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__) |
| 174 | #define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__) | 176 | #define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__) |
| 177 | #define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__) | ||
| 175 | #define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__) | 178 | #define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__) |
| 179 | #define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__) | ||
| 176 | 180 | ||
| 177 | /* Borland C seems too stupid to be able to shift and do longs in | 181 | /* Borland C seems too stupid to be able to shift and do longs in |
| 178 | * the pre-processor :-( */ | 182 | * the pre-processor :-( */ |
| @@ -304,6 +308,12 @@ int ERR_get_next_error_library(void); | |||
| 304 | int ERR_set_mark(void); | 308 | int ERR_set_mark(void); |
| 305 | int ERR_pop_to_mark(void); | 309 | int ERR_pop_to_mark(void); |
| 306 | 310 | ||
| 311 | #ifdef OPENSSL_FIPS | ||
| 312 | void int_ERR_set_state_func(ERR_STATE *(*get_func)(void), | ||
| 313 | void (*remove_func)(unsigned long pid)); | ||
| 314 | void int_ERR_lib_init(void); | ||
| 315 | #endif | ||
| 316 | |||
| 307 | /* Already defined in ossl_typ.h */ | 317 | /* Already defined in ossl_typ.h */ |
| 308 | /* typedef struct st_ERR_FNS ERR_FNS; */ | 318 | /* typedef struct st_ERR_FNS ERR_FNS; */ |
| 309 | /* An application can use this function and provide the return value to loaded | 319 | /* An application can use this function and provide the return value to loaded |
diff --git a/src/lib/libssl/src/crypto/err/err_all.c b/src/lib/libssl/src/crypto/err/err_all.c index 5813060ce2..f21a5276ed 100644 --- a/src/lib/libssl/src/crypto/err/err_all.c +++ b/src/lib/libssl/src/crypto/err/err_all.c | |||
| @@ -94,9 +94,16 @@ | |||
| 94 | #include <openssl/ui.h> | 94 | #include <openssl/ui.h> |
| 95 | #include <openssl/ocsp.h> | 95 | #include <openssl/ocsp.h> |
| 96 | #include <openssl/err.h> | 96 | #include <openssl/err.h> |
| 97 | #ifdef OPENSSL_FIPS | ||
| 98 | #include <openssl/fips.h> | ||
| 99 | #endif | ||
| 100 | |||
| 97 | #ifndef OPENSSL_NO_CMS | 101 | #ifndef OPENSSL_NO_CMS |
| 98 | #include <openssl/cms.h> | 102 | #include <openssl/cms.h> |
| 99 | #endif | 103 | #endif |
| 104 | #ifndef OPENSSL_NO_JPAKE | ||
| 105 | #include <openssl/jpake.h> | ||
| 106 | #endif | ||
| 100 | 107 | ||
| 101 | void ERR_load_crypto_strings(void) | 108 | void ERR_load_crypto_strings(void) |
| 102 | { | 109 | { |
| @@ -141,8 +148,14 @@ void ERR_load_crypto_strings(void) | |||
| 141 | #endif | 148 | #endif |
| 142 | ERR_load_OCSP_strings(); | 149 | ERR_load_OCSP_strings(); |
| 143 | ERR_load_UI_strings(); | 150 | ERR_load_UI_strings(); |
| 151 | #ifdef OPENSSL_FIPS | ||
| 152 | ERR_load_FIPS_strings(); | ||
| 153 | #endif | ||
| 144 | #ifndef OPENSSL_NO_CMS | 154 | #ifndef OPENSSL_NO_CMS |
| 145 | ERR_load_CMS_strings(); | 155 | ERR_load_CMS_strings(); |
| 146 | #endif | 156 | #endif |
| 157 | #ifndef OPENSSL_NO_JPAKE | ||
| 158 | ERR_load_JPAKE_strings(); | ||
| 159 | #endif | ||
| 147 | #endif | 160 | #endif |
| 148 | } | 161 | } |
diff --git a/src/lib/libssl/src/crypto/err/err_bio.c b/src/lib/libssl/src/crypto/err/err_bio.c new file mode 100644 index 0000000000..a42f804840 --- /dev/null +++ b/src/lib/libssl/src/crypto/err/err_bio.c | |||
| @@ -0,0 +1,75 @@ | |||
| 1 | /* crypto/err/err_prn.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/lhash.h> | ||
| 62 | #include <openssl/crypto.h> | ||
| 63 | #include <openssl/buffer.h> | ||
| 64 | #include <openssl/err.h> | ||
| 65 | |||
| 66 | static int print_bio(const char *str, size_t len, void *bp) | ||
| 67 | { | ||
| 68 | return BIO_write((BIO *)bp, str, len); | ||
| 69 | } | ||
| 70 | void ERR_print_errors(BIO *bp) | ||
| 71 | { | ||
| 72 | ERR_print_errors_cb(print_bio, bp); | ||
| 73 | } | ||
| 74 | |||
| 75 | |||
diff --git a/src/lib/libssl/src/crypto/err/err_def.c b/src/lib/libssl/src/crypto/err/err_def.c new file mode 100644 index 0000000000..7ed3d84955 --- /dev/null +++ b/src/lib/libssl/src/crypto/err/err_def.c | |||
| @@ -0,0 +1,665 @@ | |||
| 1 | /* crypto/err/err_def.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | /* ==================================================================== | ||
| 59 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | ||
| 60 | * | ||
| 61 | * Redistribution and use in source and binary forms, with or without | ||
| 62 | * modification, are permitted provided that the following conditions | ||
| 63 | * are met: | ||
| 64 | * | ||
| 65 | * 1. Redistributions of source code must retain the above copyright | ||
| 66 | * notice, this list of conditions and the following disclaimer. | ||
| 67 | * | ||
| 68 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 69 | * notice, this list of conditions and the following disclaimer in | ||
| 70 | * the documentation and/or other materials provided with the | ||
| 71 | * distribution. | ||
| 72 | * | ||
| 73 | * 3. All advertising materials mentioning features or use of this | ||
| 74 | * software must display the following acknowledgment: | ||
| 75 | * "This product includes software developed by the OpenSSL Project | ||
| 76 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 77 | * | ||
| 78 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 79 | * endorse or promote products derived from this software without | ||
| 80 | * prior written permission. For written permission, please contact | ||
| 81 | * openssl-core@openssl.org. | ||
| 82 | * | ||
| 83 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 84 | * nor may "OpenSSL" appear in their names without prior written | ||
| 85 | * permission of the OpenSSL Project. | ||
| 86 | * | ||
| 87 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 88 | * acknowledgment: | ||
| 89 | * "This product includes software developed by the OpenSSL Project | ||
| 90 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 91 | * | ||
| 92 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 93 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 94 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 95 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 96 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 97 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 98 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 99 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 100 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 101 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 102 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 103 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 104 | * ==================================================================== | ||
| 105 | * | ||
| 106 | * This product includes cryptographic software written by Eric Young | ||
| 107 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 108 | * Hudson (tjh@cryptsoft.com). | ||
| 109 | * | ||
| 110 | */ | ||
| 111 | |||
| 112 | #include <stdio.h> | ||
| 113 | #include <stdarg.h> | ||
| 114 | #include <string.h> | ||
| 115 | #include "cryptlib.h" | ||
| 116 | #include <openssl/lhash.h> | ||
| 117 | #include <openssl/crypto.h> | ||
| 118 | #include <openssl/buffer.h> | ||
| 119 | #include <openssl/bio.h> | ||
| 120 | #include <openssl/err.h> | ||
| 121 | |||
| 122 | #define err_clear_data(p,i) \ | ||
| 123 | do { \ | ||
| 124 | if (((p)->err_data[i] != NULL) && \ | ||
| 125 | (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ | ||
| 126 | { \ | ||
| 127 | OPENSSL_free((p)->err_data[i]); \ | ||
| 128 | (p)->err_data[i]=NULL; \ | ||
| 129 | } \ | ||
| 130 | (p)->err_data_flags[i]=0; \ | ||
| 131 | } while(0) | ||
| 132 | |||
| 133 | #define err_clear(p,i) \ | ||
| 134 | do { \ | ||
| 135 | (p)->err_flags[i]=0; \ | ||
| 136 | (p)->err_buffer[i]=0; \ | ||
| 137 | err_clear_data(p,i); \ | ||
| 138 | (p)->err_file[i]=NULL; \ | ||
| 139 | (p)->err_line[i]= -1; \ | ||
| 140 | } while(0) | ||
| 141 | |||
| 142 | static void err_load_strings(int lib, ERR_STRING_DATA *str); | ||
| 143 | |||
| 144 | static void ERR_STATE_free(ERR_STATE *s); | ||
| 145 | |||
| 146 | /* Define the predeclared (but externally opaque) "ERR_FNS" type */ | ||
| 147 | struct st_ERR_FNS | ||
| 148 | { | ||
| 149 | /* Works on the "error_hash" string table */ | ||
| 150 | LHASH *(*cb_err_get)(int create); | ||
| 151 | void (*cb_err_del)(void); | ||
| 152 | ERR_STRING_DATA *(*cb_err_get_item)(const ERR_STRING_DATA *); | ||
| 153 | ERR_STRING_DATA *(*cb_err_set_item)(ERR_STRING_DATA *); | ||
| 154 | ERR_STRING_DATA *(*cb_err_del_item)(ERR_STRING_DATA *); | ||
| 155 | /* Works on the "thread_hash" error-state table */ | ||
| 156 | LHASH *(*cb_thread_get)(int create); | ||
| 157 | void (*cb_thread_release)(LHASH **hash); | ||
| 158 | ERR_STATE *(*cb_thread_get_item)(const ERR_STATE *); | ||
| 159 | ERR_STATE *(*cb_thread_set_item)(ERR_STATE *); | ||
| 160 | void (*cb_thread_del_item)(const ERR_STATE *); | ||
| 161 | /* Returns the next available error "library" numbers */ | ||
| 162 | int (*cb_get_next_lib)(void); | ||
| 163 | }; | ||
| 164 | |||
| 165 | /* Predeclarations of the "err_defaults" functions */ | ||
| 166 | static LHASH *int_err_get(int create); | ||
| 167 | static void int_err_del(void); | ||
| 168 | static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *); | ||
| 169 | static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *); | ||
| 170 | static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *); | ||
| 171 | static LHASH *int_thread_get(int create); | ||
| 172 | static void int_thread_release(LHASH **hash); | ||
| 173 | static ERR_STATE *int_thread_get_item(const ERR_STATE *); | ||
| 174 | static ERR_STATE *int_thread_set_item(ERR_STATE *); | ||
| 175 | static void int_thread_del_item(const ERR_STATE *); | ||
| 176 | static int int_err_get_next_lib(void); | ||
| 177 | /* The static ERR_FNS table using these defaults functions */ | ||
| 178 | static const ERR_FNS err_defaults = | ||
| 179 | { | ||
| 180 | int_err_get, | ||
| 181 | int_err_del, | ||
| 182 | int_err_get_item, | ||
| 183 | int_err_set_item, | ||
| 184 | int_err_del_item, | ||
| 185 | int_thread_get, | ||
| 186 | int_thread_release, | ||
| 187 | int_thread_get_item, | ||
| 188 | int_thread_set_item, | ||
| 189 | int_thread_del_item, | ||
| 190 | int_err_get_next_lib | ||
| 191 | }; | ||
| 192 | |||
| 193 | /* The replacable table of ERR_FNS functions we use at run-time */ | ||
| 194 | static const ERR_FNS *err_fns = NULL; | ||
| 195 | |||
| 196 | /* Eg. rather than using "err_get()", use "ERRFN(err_get)()". */ | ||
| 197 | #define ERRFN(a) err_fns->cb_##a | ||
| 198 | |||
| 199 | /* The internal state used by "err_defaults" - as such, the setting, reading, | ||
| 200 | * creating, and deleting of this data should only be permitted via the | ||
| 201 | * "err_defaults" functions. This way, a linked module can completely defer all | ||
| 202 | * ERR state operation (together with requisite locking) to the implementations | ||
| 203 | * and state in the loading application. */ | ||
| 204 | static LHASH *int_error_hash = NULL; | ||
| 205 | static LHASH *int_thread_hash = NULL; | ||
| 206 | static int int_thread_hash_references = 0; | ||
| 207 | static int int_err_library_number= ERR_LIB_USER; | ||
| 208 | |||
| 209 | /* Internal function that checks whether "err_fns" is set and if not, sets it to | ||
| 210 | * the defaults. */ | ||
| 211 | static void err_fns_check(void) | ||
| 212 | { | ||
| 213 | if (err_fns) return; | ||
| 214 | |||
| 215 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 216 | if (!err_fns) | ||
| 217 | err_fns = &err_defaults; | ||
| 218 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 219 | } | ||
| 220 | |||
| 221 | /* API functions to get or set the underlying ERR functions. */ | ||
| 222 | |||
| 223 | const ERR_FNS *ERR_get_implementation(void) | ||
| 224 | { | ||
| 225 | err_fns_check(); | ||
| 226 | return err_fns; | ||
| 227 | } | ||
| 228 | |||
| 229 | int ERR_set_implementation(const ERR_FNS *fns) | ||
| 230 | { | ||
| 231 | int ret = 0; | ||
| 232 | |||
| 233 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 234 | /* It's too late if 'err_fns' is non-NULL. BTW: not much point setting | ||
| 235 | * an error is there?! */ | ||
| 236 | if (!err_fns) | ||
| 237 | { | ||
| 238 | err_fns = fns; | ||
| 239 | ret = 1; | ||
| 240 | } | ||
| 241 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 242 | return ret; | ||
| 243 | } | ||
| 244 | |||
| 245 | /* These are the callbacks provided to "lh_new()" when creating the LHASH tables | ||
| 246 | * internal to the "err_defaults" implementation. */ | ||
| 247 | |||
| 248 | /* static unsigned long err_hash(ERR_STRING_DATA *a); */ | ||
| 249 | static unsigned long err_hash(const void *a_void); | ||
| 250 | /* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b); */ | ||
| 251 | static int err_cmp(const void *a_void, const void *b_void); | ||
| 252 | /* static unsigned long pid_hash(ERR_STATE *pid); */ | ||
| 253 | static unsigned long pid_hash(const void *pid_void); | ||
| 254 | /* static int pid_cmp(ERR_STATE *a,ERR_STATE *pid); */ | ||
| 255 | static int pid_cmp(const void *a_void,const void *pid_void); | ||
| 256 | |||
| 257 | /* The internal functions used in the "err_defaults" implementation */ | ||
| 258 | |||
| 259 | static LHASH *int_err_get(int create) | ||
| 260 | { | ||
| 261 | LHASH *ret = NULL; | ||
| 262 | |||
| 263 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 264 | if (!int_error_hash && create) | ||
| 265 | { | ||
| 266 | CRYPTO_push_info("int_err_get (err.c)"); | ||
| 267 | int_error_hash = lh_new(err_hash, err_cmp); | ||
| 268 | CRYPTO_pop_info(); | ||
| 269 | } | ||
| 270 | if (int_error_hash) | ||
| 271 | ret = int_error_hash; | ||
| 272 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 273 | |||
| 274 | return ret; | ||
| 275 | } | ||
| 276 | |||
| 277 | static void int_err_del(void) | ||
| 278 | { | ||
| 279 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 280 | if (int_error_hash) | ||
| 281 | { | ||
| 282 | lh_free(int_error_hash); | ||
| 283 | int_error_hash = NULL; | ||
| 284 | } | ||
| 285 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 286 | } | ||
| 287 | |||
| 288 | static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d) | ||
| 289 | { | ||
| 290 | ERR_STRING_DATA *p; | ||
| 291 | LHASH *hash; | ||
| 292 | |||
| 293 | err_fns_check(); | ||
| 294 | hash = ERRFN(err_get)(0); | ||
| 295 | if (!hash) | ||
| 296 | return NULL; | ||
| 297 | |||
| 298 | CRYPTO_r_lock(CRYPTO_LOCK_ERR); | ||
| 299 | p = (ERR_STRING_DATA *)lh_retrieve(hash, d); | ||
| 300 | CRYPTO_r_unlock(CRYPTO_LOCK_ERR); | ||
| 301 | |||
| 302 | return p; | ||
| 303 | } | ||
| 304 | |||
| 305 | static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d) | ||
| 306 | { | ||
| 307 | ERR_STRING_DATA *p; | ||
| 308 | LHASH *hash; | ||
| 309 | |||
| 310 | err_fns_check(); | ||
| 311 | hash = ERRFN(err_get)(1); | ||
| 312 | if (!hash) | ||
| 313 | return NULL; | ||
| 314 | |||
| 315 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 316 | p = (ERR_STRING_DATA *)lh_insert(hash, d); | ||
| 317 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 318 | |||
| 319 | return p; | ||
| 320 | } | ||
| 321 | |||
| 322 | static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *d) | ||
| 323 | { | ||
| 324 | ERR_STRING_DATA *p; | ||
| 325 | LHASH *hash; | ||
| 326 | |||
| 327 | err_fns_check(); | ||
| 328 | hash = ERRFN(err_get)(0); | ||
| 329 | if (!hash) | ||
| 330 | return NULL; | ||
| 331 | |||
| 332 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 333 | p = (ERR_STRING_DATA *)lh_delete(hash, d); | ||
| 334 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 335 | |||
| 336 | return p; | ||
| 337 | } | ||
| 338 | |||
| 339 | static LHASH *int_thread_get(int create) | ||
| 340 | { | ||
| 341 | LHASH *ret = NULL; | ||
| 342 | |||
| 343 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 344 | if (!int_thread_hash && create) | ||
| 345 | { | ||
| 346 | CRYPTO_push_info("int_thread_get (err.c)"); | ||
| 347 | int_thread_hash = lh_new(pid_hash, pid_cmp); | ||
| 348 | CRYPTO_pop_info(); | ||
| 349 | } | ||
| 350 | if (int_thread_hash) | ||
| 351 | { | ||
| 352 | int_thread_hash_references++; | ||
| 353 | ret = int_thread_hash; | ||
| 354 | } | ||
| 355 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 356 | return ret; | ||
| 357 | } | ||
| 358 | |||
| 359 | static void int_thread_release(LHASH **hash) | ||
| 360 | { | ||
| 361 | int i; | ||
| 362 | |||
| 363 | if (hash == NULL || *hash == NULL) | ||
| 364 | return; | ||
| 365 | |||
| 366 | i = CRYPTO_add(&int_thread_hash_references, -1, CRYPTO_LOCK_ERR); | ||
| 367 | |||
| 368 | #ifdef REF_PRINT | ||
| 369 | fprintf(stderr,"%4d:%s\n",int_thread_hash_references,"ERR"); | ||
| 370 | #endif | ||
| 371 | if (i > 0) return; | ||
| 372 | #ifdef REF_CHECK | ||
| 373 | if (i < 0) | ||
| 374 | { | ||
| 375 | fprintf(stderr,"int_thread_release, bad reference count\n"); | ||
| 376 | abort(); /* ok */ | ||
| 377 | } | ||
| 378 | #endif | ||
| 379 | *hash = NULL; | ||
| 380 | } | ||
| 381 | |||
| 382 | static ERR_STATE *int_thread_get_item(const ERR_STATE *d) | ||
| 383 | { | ||
| 384 | ERR_STATE *p; | ||
| 385 | LHASH *hash; | ||
| 386 | |||
| 387 | err_fns_check(); | ||
| 388 | hash = ERRFN(thread_get)(0); | ||
| 389 | if (!hash) | ||
| 390 | return NULL; | ||
| 391 | |||
| 392 | CRYPTO_r_lock(CRYPTO_LOCK_ERR); | ||
| 393 | p = (ERR_STATE *)lh_retrieve(hash, d); | ||
| 394 | CRYPTO_r_unlock(CRYPTO_LOCK_ERR); | ||
| 395 | |||
| 396 | ERRFN(thread_release)(&hash); | ||
| 397 | return p; | ||
| 398 | } | ||
| 399 | |||
| 400 | static ERR_STATE *int_thread_set_item(ERR_STATE *d) | ||
| 401 | { | ||
| 402 | ERR_STATE *p; | ||
| 403 | LHASH *hash; | ||
| 404 | |||
| 405 | err_fns_check(); | ||
| 406 | hash = ERRFN(thread_get)(1); | ||
| 407 | if (!hash) | ||
| 408 | return NULL; | ||
| 409 | |||
| 410 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 411 | p = (ERR_STATE *)lh_insert(hash, d); | ||
| 412 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 413 | |||
| 414 | ERRFN(thread_release)(&hash); | ||
| 415 | return p; | ||
| 416 | } | ||
| 417 | |||
| 418 | static void int_thread_del_item(const ERR_STATE *d) | ||
| 419 | { | ||
| 420 | ERR_STATE *p; | ||
| 421 | LHASH *hash; | ||
| 422 | |||
| 423 | err_fns_check(); | ||
| 424 | hash = ERRFN(thread_get)(0); | ||
| 425 | if (!hash) | ||
| 426 | return; | ||
| 427 | |||
| 428 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 429 | p = (ERR_STATE *)lh_delete(hash, d); | ||
| 430 | /* make sure we don't leak memory */ | ||
| 431 | if (int_thread_hash_references == 1 | ||
| 432 | && int_thread_hash && (lh_num_items(int_thread_hash) == 0)) | ||
| 433 | { | ||
| 434 | lh_free(int_thread_hash); | ||
| 435 | int_thread_hash = NULL; | ||
| 436 | } | ||
| 437 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 438 | |||
| 439 | ERRFN(thread_release)(&hash); | ||
| 440 | if (p) | ||
| 441 | ERR_STATE_free(p); | ||
| 442 | } | ||
| 443 | |||
| 444 | static int int_err_get_next_lib(void) | ||
| 445 | { | ||
| 446 | int ret; | ||
| 447 | |||
| 448 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 449 | ret = int_err_library_number++; | ||
| 450 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 451 | |||
| 452 | return ret; | ||
| 453 | } | ||
| 454 | |||
| 455 | static void ERR_STATE_free(ERR_STATE *s) | ||
| 456 | { | ||
| 457 | int i; | ||
| 458 | |||
| 459 | if (s == NULL) | ||
| 460 | return; | ||
| 461 | |||
| 462 | for (i=0; i<ERR_NUM_ERRORS; i++) | ||
| 463 | { | ||
| 464 | err_clear_data(s,i); | ||
| 465 | } | ||
| 466 | OPENSSL_free(s); | ||
| 467 | } | ||
| 468 | |||
| 469 | static void err_load_strings(int lib, ERR_STRING_DATA *str) | ||
| 470 | { | ||
| 471 | while (str->error) | ||
| 472 | { | ||
| 473 | if (lib) | ||
| 474 | str->error|=ERR_PACK(lib,0,0); | ||
| 475 | ERRFN(err_set_item)(str); | ||
| 476 | str++; | ||
| 477 | } | ||
| 478 | } | ||
| 479 | |||
| 480 | void ERR_load_strings(int lib, ERR_STRING_DATA *str) | ||
| 481 | { | ||
| 482 | err_fns_check(); | ||
| 483 | err_load_strings(lib, str); | ||
| 484 | } | ||
| 485 | |||
| 486 | void ERR_unload_strings(int lib, ERR_STRING_DATA *str) | ||
| 487 | { | ||
| 488 | while (str->error) | ||
| 489 | { | ||
| 490 | if (lib) | ||
| 491 | str->error|=ERR_PACK(lib,0,0); | ||
| 492 | ERRFN(err_del_item)(str); | ||
| 493 | str++; | ||
| 494 | } | ||
| 495 | } | ||
| 496 | |||
| 497 | void ERR_free_strings(void) | ||
| 498 | { | ||
| 499 | err_fns_check(); | ||
| 500 | ERRFN(err_del)(); | ||
| 501 | } | ||
| 502 | |||
| 503 | LHASH *ERR_get_string_table(void) | ||
| 504 | { | ||
| 505 | err_fns_check(); | ||
| 506 | return ERRFN(err_get)(0); | ||
| 507 | } | ||
| 508 | |||
| 509 | LHASH *ERR_get_err_state_table(void) | ||
| 510 | { | ||
| 511 | err_fns_check(); | ||
| 512 | return ERRFN(thread_get)(0); | ||
| 513 | } | ||
| 514 | |||
| 515 | void ERR_release_err_state_table(LHASH **hash) | ||
| 516 | { | ||
| 517 | err_fns_check(); | ||
| 518 | ERRFN(thread_release)(hash); | ||
| 519 | } | ||
| 520 | |||
| 521 | const char *ERR_lib_error_string(unsigned long e) | ||
| 522 | { | ||
| 523 | ERR_STRING_DATA d,*p; | ||
| 524 | unsigned long l; | ||
| 525 | |||
| 526 | err_fns_check(); | ||
| 527 | l=ERR_GET_LIB(e); | ||
| 528 | d.error=ERR_PACK(l,0,0); | ||
| 529 | p=ERRFN(err_get_item)(&d); | ||
| 530 | return((p == NULL)?NULL:p->string); | ||
| 531 | } | ||
| 532 | |||
| 533 | const char *ERR_func_error_string(unsigned long e) | ||
| 534 | { | ||
| 535 | ERR_STRING_DATA d,*p; | ||
| 536 | unsigned long l,f; | ||
| 537 | |||
| 538 | err_fns_check(); | ||
| 539 | l=ERR_GET_LIB(e); | ||
| 540 | f=ERR_GET_FUNC(e); | ||
| 541 | d.error=ERR_PACK(l,f,0); | ||
| 542 | p=ERRFN(err_get_item)(&d); | ||
| 543 | return((p == NULL)?NULL:p->string); | ||
| 544 | } | ||
| 545 | |||
| 546 | const char *ERR_reason_error_string(unsigned long e) | ||
| 547 | { | ||
| 548 | ERR_STRING_DATA d,*p=NULL; | ||
| 549 | unsigned long l,r; | ||
| 550 | |||
| 551 | err_fns_check(); | ||
| 552 | l=ERR_GET_LIB(e); | ||
| 553 | r=ERR_GET_REASON(e); | ||
| 554 | d.error=ERR_PACK(l,0,r); | ||
| 555 | p=ERRFN(err_get_item)(&d); | ||
| 556 | if (!p) | ||
| 557 | { | ||
| 558 | d.error=ERR_PACK(0,0,r); | ||
| 559 | p=ERRFN(err_get_item)(&d); | ||
| 560 | } | ||
| 561 | return((p == NULL)?NULL:p->string); | ||
| 562 | } | ||
| 563 | |||
| 564 | /* static unsigned long err_hash(ERR_STRING_DATA *a) */ | ||
| 565 | static unsigned long err_hash(const void *a_void) | ||
| 566 | { | ||
| 567 | unsigned long ret,l; | ||
| 568 | |||
| 569 | l=((const ERR_STRING_DATA *)a_void)->error; | ||
| 570 | ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); | ||
| 571 | return(ret^ret%19*13); | ||
| 572 | } | ||
| 573 | |||
| 574 | /* static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b) */ | ||
| 575 | static int err_cmp(const void *a_void, const void *b_void) | ||
| 576 | { | ||
| 577 | return((int)(((const ERR_STRING_DATA *)a_void)->error - | ||
| 578 | ((const ERR_STRING_DATA *)b_void)->error)); | ||
| 579 | } | ||
| 580 | |||
| 581 | /* static unsigned long pid_hash(ERR_STATE *a) */ | ||
| 582 | static unsigned long pid_hash(const void *a_void) | ||
| 583 | { | ||
| 584 | return(((const ERR_STATE *)a_void)->pid*13); | ||
| 585 | } | ||
| 586 | |||
| 587 | /* static int pid_cmp(ERR_STATE *a, ERR_STATE *b) */ | ||
| 588 | static int pid_cmp(const void *a_void, const void *b_void) | ||
| 589 | { | ||
| 590 | return((int)((long)((const ERR_STATE *)a_void)->pid - | ||
| 591 | (long)((const ERR_STATE *)b_void)->pid)); | ||
| 592 | } | ||
| 593 | #ifdef OPENSSL_FIPS | ||
| 594 | static void int_err_remove_state(unsigned long pid) | ||
| 595 | #else | ||
| 596 | void ERR_remove_state(unsigned long pid) | ||
| 597 | #endif | ||
| 598 | { | ||
| 599 | ERR_STATE tmp; | ||
| 600 | |||
| 601 | err_fns_check(); | ||
| 602 | if (pid == 0) | ||
| 603 | pid=(unsigned long)CRYPTO_thread_id(); | ||
| 604 | tmp.pid=pid; | ||
| 605 | /* thread_del_item automatically destroys the LHASH if the number of | ||
| 606 | * items reaches zero. */ | ||
| 607 | ERRFN(thread_del_item)(&tmp); | ||
| 608 | } | ||
| 609 | |||
| 610 | #ifdef OPENSSL_FIPS | ||
| 611 | static ERR_STATE *int_err_get_state(void) | ||
| 612 | #else | ||
| 613 | ERR_STATE *ERR_get_state(void) | ||
| 614 | #endif | ||
| 615 | { | ||
| 616 | static ERR_STATE fallback; | ||
| 617 | ERR_STATE *ret,tmp,*tmpp=NULL; | ||
| 618 | int i; | ||
| 619 | unsigned long pid; | ||
| 620 | |||
| 621 | err_fns_check(); | ||
| 622 | pid=(unsigned long)CRYPTO_thread_id(); | ||
| 623 | tmp.pid=pid; | ||
| 624 | ret=ERRFN(thread_get_item)(&tmp); | ||
| 625 | |||
| 626 | /* ret == the error state, if NULL, make a new one */ | ||
| 627 | if (ret == NULL) | ||
| 628 | { | ||
| 629 | ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE)); | ||
| 630 | if (ret == NULL) return(&fallback); | ||
| 631 | ret->pid=pid; | ||
| 632 | ret->top=0; | ||
| 633 | ret->bottom=0; | ||
| 634 | for (i=0; i<ERR_NUM_ERRORS; i++) | ||
| 635 | { | ||
| 636 | ret->err_data[i]=NULL; | ||
| 637 | ret->err_data_flags[i]=0; | ||
| 638 | } | ||
| 639 | tmpp = ERRFN(thread_set_item)(ret); | ||
| 640 | /* To check if insertion failed, do a get. */ | ||
| 641 | if (ERRFN(thread_get_item)(ret) != ret) | ||
| 642 | { | ||
| 643 | ERR_STATE_free(ret); /* could not insert it */ | ||
| 644 | return(&fallback); | ||
| 645 | } | ||
| 646 | /* If a race occured in this function and we came second, tmpp | ||
| 647 | * is the first one that we just replaced. */ | ||
| 648 | if (tmpp) | ||
| 649 | ERR_STATE_free(tmpp); | ||
| 650 | } | ||
| 651 | return ret; | ||
| 652 | } | ||
| 653 | |||
| 654 | #ifdef OPENSSL_FIPS | ||
| 655 | void int_ERR_lib_init(void) | ||
| 656 | { | ||
| 657 | int_ERR_set_state_func(int_err_get_state, int_err_remove_state); | ||
| 658 | } | ||
| 659 | #endif | ||
| 660 | |||
| 661 | int ERR_get_next_error_library(void) | ||
| 662 | { | ||
| 663 | err_fns_check(); | ||
| 664 | return ERRFN(get_next_lib)(); | ||
| 665 | } | ||
diff --git a/src/lib/libssl/src/crypto/err/err_prn.c b/src/lib/libssl/src/crypto/err/err_prn.c index 2224a901e5..4cdf342fa6 100644 --- a/src/lib/libssl/src/crypto/err/err_prn.c +++ b/src/lib/libssl/src/crypto/err/err_prn.c | |||
| @@ -86,12 +86,7 @@ void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), | |||
| 86 | #ifndef OPENSSL_NO_FP_API | 86 | #ifndef OPENSSL_NO_FP_API |
| 87 | static int print_fp(const char *str, size_t len, void *fp) | 87 | static int print_fp(const char *str, size_t len, void *fp) |
| 88 | { | 88 | { |
| 89 | BIO bio; | 89 | return fwrite(str, 1, len, fp); |
| 90 | |||
| 91 | BIO_set(&bio,BIO_s_file()); | ||
| 92 | BIO_set_fp(&bio,fp,BIO_NOCLOSE); | ||
| 93 | |||
| 94 | return BIO_printf(&bio, "%s", str); | ||
| 95 | } | 90 | } |
| 96 | void ERR_print_errors_fp(FILE *fp) | 91 | void ERR_print_errors_fp(FILE *fp) |
| 97 | { | 92 | { |
| @@ -99,13 +94,64 @@ void ERR_print_errors_fp(FILE *fp) | |||
| 99 | } | 94 | } |
| 100 | #endif | 95 | #endif |
| 101 | 96 | ||
| 102 | static int print_bio(const char *str, size_t len, void *bp) | 97 | void ERR_error_string_n(unsigned long e, char *buf, size_t len) |
| 103 | { | 98 | { |
| 104 | return BIO_write((BIO *)bp, str, len); | 99 | char lsbuf[64], fsbuf[64], rsbuf[64]; |
| 100 | const char *ls,*fs,*rs; | ||
| 101 | unsigned long l,f,r; | ||
| 102 | |||
| 103 | l=ERR_GET_LIB(e); | ||
| 104 | f=ERR_GET_FUNC(e); | ||
| 105 | r=ERR_GET_REASON(e); | ||
| 106 | |||
| 107 | ls=ERR_lib_error_string(e); | ||
| 108 | fs=ERR_func_error_string(e); | ||
| 109 | rs=ERR_reason_error_string(e); | ||
| 110 | |||
| 111 | if (ls == NULL) | ||
| 112 | BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); | ||
| 113 | if (fs == NULL) | ||
| 114 | BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f); | ||
| 115 | if (rs == NULL) | ||
| 116 | BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r); | ||
| 117 | |||
| 118 | BIO_snprintf(buf, len,"error:%08lX:%s:%s:%s", e, ls?ls:lsbuf, | ||
| 119 | fs?fs:fsbuf, rs?rs:rsbuf); | ||
| 120 | if (strlen(buf) == len-1) | ||
| 121 | { | ||
| 122 | /* output may be truncated; make sure we always have 5 | ||
| 123 | * colon-separated fields, i.e. 4 colons ... */ | ||
| 124 | #define NUM_COLONS 4 | ||
| 125 | if (len > NUM_COLONS) /* ... if possible */ | ||
| 126 | { | ||
| 127 | int i; | ||
| 128 | char *s = buf; | ||
| 129 | |||
| 130 | for (i = 0; i < NUM_COLONS; i++) | ||
| 131 | { | ||
| 132 | char *colon = strchr(s, ':'); | ||
| 133 | if (colon == NULL || colon > &buf[len-1] - NUM_COLONS + i) | ||
| 134 | { | ||
| 135 | /* set colon no. i at last possible position | ||
| 136 | * (buf[len-1] is the terminating 0)*/ | ||
| 137 | colon = &buf[len-1] - NUM_COLONS + i; | ||
| 138 | *colon = ':'; | ||
| 139 | } | ||
| 140 | s = colon + 1; | ||
| 141 | } | ||
| 142 | } | ||
| 143 | } | ||
| 105 | } | 144 | } |
| 106 | void ERR_print_errors(BIO *bp) | 145 | |
| 146 | /* BAD for multi-threading: uses a local buffer if ret == NULL */ | ||
| 147 | /* ERR_error_string_n should be used instead for ret != NULL | ||
| 148 | * as ERR_error_string cannot know how large the buffer is */ | ||
| 149 | char *ERR_error_string(unsigned long e, char *ret) | ||
| 107 | { | 150 | { |
| 108 | ERR_print_errors_cb(print_bio, bp); | 151 | static char buf[256]; |
| 109 | } | 152 | |
| 153 | if (ret == NULL) ret=buf; | ||
| 154 | ERR_error_string_n(e, ret, 256); | ||
| 110 | 155 | ||
| 111 | 156 | return ret; | |
| 157 | } | ||
diff --git a/src/lib/libssl/src/crypto/err/err_str.c b/src/lib/libssl/src/crypto/err/err_str.c new file mode 100644 index 0000000000..d39040888d --- /dev/null +++ b/src/lib/libssl/src/crypto/err/err_str.c | |||
| @@ -0,0 +1,295 @@ | |||
| 1 | /* crypto/err/err_str.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | /* ==================================================================== | ||
| 59 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | ||
| 60 | * | ||
| 61 | * Redistribution and use in source and binary forms, with or without | ||
| 62 | * modification, are permitted provided that the following conditions | ||
| 63 | * are met: | ||
| 64 | * | ||
| 65 | * 1. Redistributions of source code must retain the above copyright | ||
| 66 | * notice, this list of conditions and the following disclaimer. | ||
| 67 | * | ||
| 68 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 69 | * notice, this list of conditions and the following disclaimer in | ||
| 70 | * the documentation and/or other materials provided with the | ||
| 71 | * distribution. | ||
| 72 | * | ||
| 73 | * 3. All advertising materials mentioning features or use of this | ||
| 74 | * software must display the following acknowledgment: | ||
| 75 | * "This product includes software developed by the OpenSSL Project | ||
| 76 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 77 | * | ||
| 78 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 79 | * endorse or promote products derived from this software without | ||
| 80 | * prior written permission. For written permission, please contact | ||
| 81 | * openssl-core@openssl.org. | ||
| 82 | * | ||
| 83 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 84 | * nor may "OpenSSL" appear in their names without prior written | ||
| 85 | * permission of the OpenSSL Project. | ||
| 86 | * | ||
| 87 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 88 | * acknowledgment: | ||
| 89 | * "This product includes software developed by the OpenSSL Project | ||
| 90 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 91 | * | ||
| 92 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 93 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 94 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 95 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 96 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 97 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 98 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 99 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 100 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 101 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 102 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 103 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 104 | * ==================================================================== | ||
| 105 | * | ||
| 106 | * This product includes cryptographic software written by Eric Young | ||
| 107 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 108 | * Hudson (tjh@cryptsoft.com). | ||
| 109 | * | ||
| 110 | */ | ||
| 111 | |||
| 112 | #include <stdio.h> | ||
| 113 | #include <stdarg.h> | ||
| 114 | #include <string.h> | ||
| 115 | #include "cryptlib.h" | ||
| 116 | #include <openssl/lhash.h> | ||
| 117 | #include <openssl/crypto.h> | ||
| 118 | #include <openssl/buffer.h> | ||
| 119 | #include <openssl/bio.h> | ||
| 120 | #include <openssl/err.h> | ||
| 121 | |||
| 122 | #ifndef OPENSSL_NO_ERR | ||
| 123 | static ERR_STRING_DATA ERR_str_libraries[]= | ||
| 124 | { | ||
| 125 | {ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"}, | ||
| 126 | {ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"}, | ||
| 127 | {ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"}, | ||
| 128 | {ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"}, | ||
| 129 | {ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"}, | ||
| 130 | {ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"}, | ||
| 131 | {ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"}, | ||
| 132 | {ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"}, | ||
| 133 | {ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"}, | ||
| 134 | {ERR_PACK(ERR_LIB_DSA,0,0) ,"dsa routines"}, | ||
| 135 | {ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"}, | ||
| 136 | {ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"}, | ||
| 137 | {ERR_PACK(ERR_LIB_CONF,0,0) ,"configuration file routines"}, | ||
| 138 | {ERR_PACK(ERR_LIB_CRYPTO,0,0) ,"common libcrypto routines"}, | ||
| 139 | {ERR_PACK(ERR_LIB_EC,0,0) ,"elliptic curve routines"}, | ||
| 140 | {ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"}, | ||
| 141 | {ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"}, | ||
| 142 | {ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"}, | ||
| 143 | {ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"}, | ||
| 144 | {ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"}, | ||
| 145 | {ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"}, | ||
| 146 | {ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, | ||
| 147 | {ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, | ||
| 148 | {ERR_PACK(ERR_LIB_OCSP,0,0) ,"OCSP routines"}, | ||
| 149 | {ERR_PACK(ERR_LIB_FIPS,0,0) ,"FIPS routines"}, | ||
| 150 | {ERR_PACK(ERR_LIB_CMS,0,0) ,"CMS routines"}, | ||
| 151 | {ERR_PACK(ERR_LIB_JPAKE,0,0) ,"JPAKE routines"}, | ||
| 152 | {0,NULL}, | ||
| 153 | }; | ||
| 154 | |||
| 155 | static ERR_STRING_DATA ERR_str_functs[]= | ||
| 156 | { | ||
| 157 | {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"}, | ||
| 158 | {ERR_PACK(0,SYS_F_CONNECT,0), "connect"}, | ||
| 159 | {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"}, | ||
| 160 | {ERR_PACK(0,SYS_F_SOCKET,0), "socket"}, | ||
| 161 | {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"}, | ||
| 162 | {ERR_PACK(0,SYS_F_BIND,0), "bind"}, | ||
| 163 | {ERR_PACK(0,SYS_F_LISTEN,0), "listen"}, | ||
| 164 | {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"}, | ||
| 165 | #ifdef OPENSSL_SYS_WINDOWS | ||
| 166 | {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"}, | ||
| 167 | #endif | ||
| 168 | {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, | ||
| 169 | {ERR_PACK(0,SYS_F_FREAD,0), "fread"}, | ||
| 170 | {0,NULL}, | ||
| 171 | }; | ||
| 172 | |||
| 173 | static ERR_STRING_DATA ERR_str_reasons[]= | ||
| 174 | { | ||
| 175 | {ERR_R_SYS_LIB ,"system lib"}, | ||
| 176 | {ERR_R_BN_LIB ,"BN lib"}, | ||
| 177 | {ERR_R_RSA_LIB ,"RSA lib"}, | ||
| 178 | {ERR_R_DH_LIB ,"DH lib"}, | ||
| 179 | {ERR_R_EVP_LIB ,"EVP lib"}, | ||
| 180 | {ERR_R_BUF_LIB ,"BUF lib"}, | ||
| 181 | {ERR_R_OBJ_LIB ,"OBJ lib"}, | ||
| 182 | {ERR_R_PEM_LIB ,"PEM lib"}, | ||
| 183 | {ERR_R_DSA_LIB ,"DSA lib"}, | ||
| 184 | {ERR_R_X509_LIB ,"X509 lib"}, | ||
| 185 | {ERR_R_ASN1_LIB ,"ASN1 lib"}, | ||
| 186 | {ERR_R_CONF_LIB ,"CONF lib"}, | ||
| 187 | {ERR_R_CRYPTO_LIB ,"CRYPTO lib"}, | ||
| 188 | {ERR_R_EC_LIB ,"EC lib"}, | ||
| 189 | {ERR_R_SSL_LIB ,"SSL lib"}, | ||
| 190 | {ERR_R_BIO_LIB ,"BIO lib"}, | ||
| 191 | {ERR_R_PKCS7_LIB ,"PKCS7 lib"}, | ||
| 192 | {ERR_R_X509V3_LIB ,"X509V3 lib"}, | ||
| 193 | {ERR_R_PKCS12_LIB ,"PKCS12 lib"}, | ||
| 194 | {ERR_R_RAND_LIB ,"RAND lib"}, | ||
| 195 | {ERR_R_DSO_LIB ,"DSO lib"}, | ||
| 196 | {ERR_R_ENGINE_LIB ,"ENGINE lib"}, | ||
| 197 | {ERR_R_OCSP_LIB ,"OCSP lib"}, | ||
| 198 | |||
| 199 | {ERR_R_NESTED_ASN1_ERROR ,"nested asn1 error"}, | ||
| 200 | {ERR_R_BAD_ASN1_OBJECT_HEADER ,"bad asn1 object header"}, | ||
| 201 | {ERR_R_BAD_GET_ASN1_OBJECT_CALL ,"bad get asn1 object call"}, | ||
| 202 | {ERR_R_EXPECTING_AN_ASN1_SEQUENCE ,"expecting an asn1 sequence"}, | ||
| 203 | {ERR_R_ASN1_LENGTH_MISMATCH ,"asn1 length mismatch"}, | ||
| 204 | {ERR_R_MISSING_ASN1_EOS ,"missing asn1 eos"}, | ||
| 205 | |||
| 206 | {ERR_R_FATAL ,"fatal"}, | ||
| 207 | {ERR_R_MALLOC_FAILURE ,"malloc failure"}, | ||
| 208 | {ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"}, | ||
| 209 | {ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, | ||
| 210 | {ERR_R_INTERNAL_ERROR ,"internal error"}, | ||
| 211 | {ERR_R_DISABLED ,"called a function that was disabled at compile-time"}, | ||
| 212 | |||
| 213 | {0,NULL}, | ||
| 214 | }; | ||
| 215 | #endif | ||
| 216 | |||
| 217 | #ifndef OPENSSL_NO_ERR | ||
| 218 | #define NUM_SYS_STR_REASONS 127 | ||
| 219 | #define LEN_SYS_STR_REASON 32 | ||
| 220 | |||
| 221 | static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; | ||
| 222 | /* SYS_str_reasons is filled with copies of strerror() results at | ||
| 223 | * initialization. | ||
| 224 | * 'errno' values up to 127 should cover all usual errors, | ||
| 225 | * others will be displayed numerically by ERR_error_string. | ||
| 226 | * It is crucial that we have something for each reason code | ||
| 227 | * that occurs in ERR_str_reasons, or bogus reason strings | ||
| 228 | * will be returned for SYSerr, which always gets an errno | ||
| 229 | * value and never one of those 'standard' reason codes. */ | ||
| 230 | |||
| 231 | static void build_SYS_str_reasons(void) | ||
| 232 | { | ||
| 233 | /* OPENSSL_malloc cannot be used here, use static storage instead */ | ||
| 234 | static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; | ||
| 235 | int i; | ||
| 236 | static int init = 1; | ||
| 237 | |||
| 238 | CRYPTO_r_lock(CRYPTO_LOCK_ERR); | ||
| 239 | if (!init) | ||
| 240 | { | ||
| 241 | CRYPTO_r_unlock(CRYPTO_LOCK_ERR); | ||
| 242 | return; | ||
| 243 | } | ||
| 244 | |||
| 245 | CRYPTO_r_unlock(CRYPTO_LOCK_ERR); | ||
| 246 | CRYPTO_w_lock(CRYPTO_LOCK_ERR); | ||
| 247 | if (!init) | ||
| 248 | { | ||
| 249 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 250 | return; | ||
| 251 | } | ||
| 252 | |||
| 253 | for (i = 1; i <= NUM_SYS_STR_REASONS; i++) | ||
| 254 | { | ||
| 255 | ERR_STRING_DATA *str = &SYS_str_reasons[i - 1]; | ||
| 256 | |||
| 257 | str->error = (unsigned long)i; | ||
| 258 | if (str->string == NULL) | ||
| 259 | { | ||
| 260 | char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]); | ||
| 261 | char *src = strerror(i); | ||
| 262 | if (src != NULL) | ||
| 263 | { | ||
| 264 | strncpy(*dest, src, sizeof *dest); | ||
| 265 | (*dest)[sizeof *dest - 1] = '\0'; | ||
| 266 | str->string = *dest; | ||
| 267 | } | ||
| 268 | } | ||
| 269 | if (str->string == NULL) | ||
| 270 | str->string = "unknown"; | ||
| 271 | } | ||
| 272 | |||
| 273 | /* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, | ||
| 274 | * as required by ERR_load_strings. */ | ||
| 275 | |||
| 276 | init = 0; | ||
| 277 | |||
| 278 | CRYPTO_w_unlock(CRYPTO_LOCK_ERR); | ||
| 279 | } | ||
| 280 | #endif | ||
| 281 | |||
| 282 | void ERR_load_ERR_strings(void) | ||
| 283 | { | ||
| 284 | #ifndef OPENSSL_NO_ERR | ||
| 285 | if (ERR_func_error_string(ERR_str_functs[0].error) == NULL) | ||
| 286 | { | ||
| 287 | ERR_load_strings(0,ERR_str_libraries); | ||
| 288 | ERR_load_strings(0,ERR_str_reasons); | ||
| 289 | ERR_load_strings(ERR_LIB_SYS,ERR_str_functs); | ||
| 290 | build_SYS_str_reasons(); | ||
| 291 | ERR_load_strings(ERR_LIB_SYS,SYS_str_reasons); | ||
| 292 | } | ||
| 293 | #endif | ||
| 294 | } | ||
| 295 | |||
diff --git a/src/lib/libssl/src/crypto/err/openssl.ec b/src/lib/libssl/src/crypto/err/openssl.ec index 1938f081ac..868826624d 100644 --- a/src/lib/libssl/src/crypto/err/openssl.ec +++ b/src/lib/libssl/src/crypto/err/openssl.ec | |||
| @@ -31,7 +31,9 @@ L COMP crypto/comp/comp.h crypto/comp/comp_err.c | |||
| 31 | L ECDSA crypto/ecdsa/ecdsa.h crypto/ecdsa/ecs_err.c | 31 | L ECDSA crypto/ecdsa/ecdsa.h crypto/ecdsa/ecs_err.c |
| 32 | L ECDH crypto/ecdh/ecdh.h crypto/ecdh/ech_err.c | 32 | L ECDH crypto/ecdh/ecdh.h crypto/ecdh/ech_err.c |
| 33 | L STORE crypto/store/store.h crypto/store/str_err.c | 33 | L STORE crypto/store/store.h crypto/store/str_err.c |
| 34 | L FIPS fips/fips.h crypto/fips_err.h | ||
| 34 | L CMS crypto/cms/cms.h crypto/cms/cms_err.c | 35 | L CMS crypto/cms/cms.h crypto/cms/cms_err.c |
| 36 | L JPAKE crypto/jpake/jpake.h crypto/jpake/jpake_err.c | ||
| 35 | 37 | ||
| 36 | # additional header files to be scanned for function names | 38 | # additional header files to be scanned for function names |
| 37 | L NONE crypto/x509/x509_vfy.h NONE | 39 | L NONE crypto/x509/x509_vfy.h NONE |
diff --git a/src/lib/libssl/src/crypto/evp/Makefile b/src/lib/libssl/src/crypto/evp/Makefile index 8f2555c7e5..c204f84c1d 100644 --- a/src/lib/libssl/src/crypto/evp/Makefile +++ b/src/lib/libssl/src/crypto/evp/Makefile | |||
| @@ -18,10 +18,10 @@ TESTDATA=evptests.txt | |||
| 18 | APPS= | 18 | APPS= |
| 19 | 19 | ||
| 20 | LIB=$(TOP)/libcrypto.a | 20 | LIB=$(TOP)/libcrypto.a |
| 21 | LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ | 21 | LIBSRC= encode.c digest.c dig_eng.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \ |
| 22 | e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\ | 22 | e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\ |
| 23 | e_rc4.c e_aes.c names.c e_seed.c \ | 23 | e_rc4.c e_aes.c names.c e_seed.c \ |
| 24 | e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ | 24 | e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c enc_min.c \ |
| 25 | m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \ | 25 | m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c \ |
| 26 | m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\ | 26 | m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\ |
| 27 | p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ | 27 | p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \ |
| @@ -30,10 +30,10 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ | |||
| 30 | evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \ | 30 | evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \ |
| 31 | e_old.c | 31 | e_old.c |
| 32 | 32 | ||
| 33 | LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \ | 33 | LIBOBJ= encode.o digest.o dig_eng.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \ |
| 34 | e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\ | 34 | e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\ |
| 35 | e_rc4.o e_aes.o names.o e_seed.o \ | 35 | e_rc4.o e_aes.o names.o e_seed.o \ |
| 36 | e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \ | 36 | e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o enc_min.o \ |
| 37 | m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \ | 37 | m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o \ |
| 38 | m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\ | 38 | m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\ |
| 39 | p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \ | 39 | p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \ |
| @@ -55,7 +55,7 @@ top: | |||
| 55 | all: lib | 55 | all: lib |
| 56 | 56 | ||
| 57 | lib: $(LIBOBJ) | 57 | lib: $(LIBOBJ) |
| 58 | $(AR) $(LIB) $(LIBOBJ) | 58 | $(ARX) $(LIB) $(LIBOBJ) |
| 59 | $(RANLIB) $(LIB) || echo Never mind. | 59 | $(RANLIB) $(LIB) || echo Never mind. |
| 60 | @touch lib | 60 | @touch lib |
| 61 | 61 | ||
| @@ -101,169 +101,201 @@ bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h | |||
| 101 | bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 101 | bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 102 | bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 102 | bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 103 | bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 103 | bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 104 | bio_b64.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 104 | bio_b64.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 105 | bio_b64.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 105 | bio_b64.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 106 | bio_b64.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 106 | bio_b64.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 107 | bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 107 | bio_b64.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 108 | bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_b64.c | 108 | bio_b64.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 109 | bio_b64.o: ../cryptlib.h bio_b64.c | ||
| 109 | bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h | 110 | bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h |
| 110 | bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 111 | bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 111 | bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 112 | bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 112 | bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 113 | bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 113 | bio_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 114 | bio_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 114 | bio_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 115 | bio_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 115 | bio_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 116 | bio_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 116 | bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 117 | bio_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 117 | bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_enc.c | 118 | bio_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 119 | bio_enc.o: ../cryptlib.h bio_enc.c | ||
| 118 | bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 120 | bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 119 | bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 121 | bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 120 | bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 122 | bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 121 | bio_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 123 | bio_md.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 122 | bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 124 | bio_md.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 123 | bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 125 | bio_md.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 124 | bio_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 126 | bio_md.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 125 | bio_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 127 | bio_md.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 126 | bio_md.o: ../cryptlib.h bio_md.c | 128 | bio_md.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_md.c |
| 127 | bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 129 | bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 128 | bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 130 | bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 129 | bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 131 | bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 130 | bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 132 | bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 131 | bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 133 | bio_ok.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 132 | bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 134 | bio_ok.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 133 | bio_ok.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 135 | bio_ok.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 134 | bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 136 | bio_ok.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 135 | bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_ok.c | 137 | bio_ok.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 138 | bio_ok.o: ../cryptlib.h bio_ok.c | ||
| 136 | c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 139 | c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 137 | c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 140 | c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 138 | c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 141 | c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 139 | c_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 142 | c_all.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 143 | c_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h | ||
| 144 | c_all.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 140 | c_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 145 | c_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 141 | c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 146 | c_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 142 | c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 147 | c_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 143 | c_all.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 148 | c_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 144 | c_all.o: ../../include/openssl/symhacks.h ../cryptlib.h c_all.c | 149 | c_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 150 | c_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 151 | c_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_all.c | ||
| 145 | c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 152 | c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 146 | c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 153 | c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 147 | c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 154 | c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 148 | c_allc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 155 | c_allc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 149 | c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 156 | c_allc.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 150 | c_allc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 157 | c_allc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 151 | c_allc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 158 | c_allc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 152 | c_allc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 159 | c_allc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 153 | c_allc.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 160 | c_allc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h |
| 154 | c_allc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 161 | c_allc.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 155 | c_allc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 162 | c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 156 | c_allc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 163 | c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 157 | c_allc.o: ../cryptlib.h c_allc.c | 164 | c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c |
| 158 | c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 165 | c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 159 | c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 166 | c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 160 | c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 167 | c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 161 | c_alld.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 168 | c_alld.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 162 | c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 169 | c_alld.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 163 | c_alld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 170 | c_alld.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 164 | c_alld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 171 | c_alld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 165 | c_alld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 172 | c_alld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 166 | c_alld.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 173 | c_alld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h |
| 167 | c_alld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 174 | c_alld.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 168 | c_alld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 175 | c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 169 | c_alld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 176 | c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 170 | c_alld.o: ../cryptlib.h c_alld.c | 177 | c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c |
| 178 | dig_eng.o: ../../e_os.h ../../include/openssl/asn1.h | ||
| 179 | dig_eng.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | ||
| 180 | dig_eng.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 181 | dig_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 182 | dig_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 183 | dig_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 184 | dig_eng.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 185 | dig_eng.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 186 | dig_eng.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
| 187 | dig_eng.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | ||
| 188 | dig_eng.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 189 | dig_eng.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 190 | dig_eng.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
| 191 | dig_eng.o: ../cryptlib.h dig_eng.c evp_locl.h | ||
| 171 | digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 192 | digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 172 | digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 193 | digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 173 | digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 194 | digest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 174 | digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 195 | digest.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 196 | digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h | ||
| 197 | digest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 175 | digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 198 | digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 176 | digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 199 | digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 177 | digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 200 | digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 178 | digest.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 201 | digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 179 | digest.o: ../../include/openssl/symhacks.h ../cryptlib.h digest.c | 202 | digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 203 | digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 204 | digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h digest.c evp_locl.h | ||
| 180 | e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | 205 | e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h |
| 181 | e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | 206 | e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h |
| 182 | e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 207 | e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 183 | e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 208 | e_aes.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 184 | e_aes.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 209 | e_aes.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 185 | e_aes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 210 | e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 186 | e_aes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 211 | e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 187 | e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h e_aes.c | 212 | e_aes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 188 | e_aes.o: evp_locl.h | 213 | e_aes.o: ../../include/openssl/symhacks.h e_aes.c evp_locl.h |
| 189 | e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 214 | e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 190 | e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h | 215 | e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h |
| 191 | e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 216 | e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 192 | e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 217 | e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 193 | e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 218 | e_bf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 194 | e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 219 | e_bf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 195 | e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 220 | e_bf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 196 | e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 221 | e_bf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 197 | e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h | 222 | e_bf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 223 | e_bf.o: ../cryptlib.h e_bf.c evp_locl.h | ||
| 198 | e_camellia.o: ../../include/openssl/opensslconf.h e_camellia.c | 224 | e_camellia.o: ../../include/openssl/opensslconf.h e_camellia.c |
| 199 | e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 225 | e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 200 | e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h | 226 | e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h |
| 201 | e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 227 | e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 202 | e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 228 | e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 203 | e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 229 | e_cast.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 204 | e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 230 | e_cast.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 205 | e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 231 | e_cast.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 206 | e_cast.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 232 | e_cast.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 207 | e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h e_cast.c evp_locl.h | 233 | e_cast.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 234 | e_cast.o: ../cryptlib.h e_cast.c evp_locl.h | ||
| 208 | e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 235 | e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 209 | e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 236 | e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 210 | e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 237 | e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 211 | e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 238 | e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 212 | e_des.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 239 | e_des.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 213 | e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 240 | e_des.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 214 | e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 241 | e_des.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 215 | e_des.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 242 | e_des.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 216 | e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 243 | e_des.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 217 | e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 244 | e_des.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 218 | e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h | 245 | e_des.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 246 | e_des.o: ../cryptlib.h e_des.c evp_locl.h | ||
| 219 | e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 247 | e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 220 | e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 248 | e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 221 | e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 249 | e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 222 | e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 250 | e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 223 | e_des3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 251 | e_des3.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 224 | e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 252 | e_des3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 225 | e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 253 | e_des3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 226 | e_des3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 254 | e_des3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 227 | e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 255 | e_des3.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 228 | e_des3.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 256 | e_des3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 229 | e_des3.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des3.c evp_locl.h | 257 | e_des3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 258 | e_des3.o: ../cryptlib.h e_des3.c evp_locl.h | ||
| 230 | e_idea.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 259 | e_idea.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 231 | e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 260 | e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 232 | e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 261 | e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 233 | e_idea.o: ../../include/openssl/evp.h ../../include/openssl/idea.h | 262 | e_idea.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 234 | e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 263 | e_idea.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h |
| 235 | e_idea.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 264 | e_idea.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 236 | e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 265 | e_idea.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 237 | e_idea.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 266 | e_idea.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 238 | e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h e_idea.c evp_locl.h | 267 | e_idea.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 268 | e_idea.o: ../cryptlib.h e_idea.c evp_locl.h | ||
| 239 | e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 269 | e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 240 | e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 270 | e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 241 | e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 271 | e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 242 | e_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 272 | e_null.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 243 | e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 273 | e_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 244 | e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 274 | e_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 245 | e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 275 | e_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 246 | e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 276 | e_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 247 | e_null.o: ../cryptlib.h e_null.c | 277 | e_null.o: ../../include/openssl/symhacks.h ../cryptlib.h e_null.c |
| 248 | e_old.o: e_old.c | 278 | e_old.o: e_old.c |
| 249 | e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 279 | e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 250 | e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 280 | e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 251 | e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 281 | e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 252 | e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 282 | e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 253 | e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 283 | e_rc2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 254 | e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 284 | e_rc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 255 | e_rc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h | 285 | e_rc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 256 | e_rc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 286 | e_rc2.o: ../../include/openssl/rc2.h ../../include/openssl/safestack.h |
| 257 | e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc2.c evp_locl.h | 287 | e_rc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 288 | e_rc2.o: ../cryptlib.h e_rc2.c evp_locl.h | ||
| 258 | e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 289 | e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 259 | e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 290 | e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 260 | e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 291 | e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 261 | e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 292 | e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 262 | e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 293 | e_rc4.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 263 | e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 294 | e_rc4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 264 | e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h | 295 | e_rc4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 265 | e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 296 | e_rc4.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h |
| 266 | e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c | 297 | e_rc4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 298 | e_rc4.o: ../cryptlib.h e_rc4.c evp_locl.h | ||
| 267 | e_rc5.o: ../../e_os.h ../../include/openssl/bio.h | 299 | e_rc5.o: ../../e_os.h ../../include/openssl/bio.h |
| 268 | e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 300 | e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 269 | e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 301 | e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| @@ -274,103 +306,141 @@ e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c | |||
| 274 | e_seed.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 306 | e_seed.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 275 | e_seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 307 | e_seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 276 | e_seed.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 308 | e_seed.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 277 | e_seed.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 309 | e_seed.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 278 | e_seed.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 310 | e_seed.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 279 | e_seed.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 311 | e_seed.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 280 | e_seed.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 312 | e_seed.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 281 | e_seed.o: ../../include/openssl/symhacks.h e_seed.c | 313 | e_seed.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 314 | e_seed.o: e_seed.c | ||
| 282 | e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h | 315 | e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h |
| 283 | e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 316 | e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 284 | e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | 317 | e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h |
| 285 | e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h | 318 | e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h |
| 286 | e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 319 | e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 287 | e_xcbc_d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 320 | e_xcbc_d.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 288 | e_xcbc_d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 321 | e_xcbc_d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 322 | e_xcbc_d.o: ../../include/openssl/opensslconf.h | ||
| 289 | e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 323 | e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 290 | e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 324 | e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 291 | e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 325 | e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 292 | e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c | 326 | e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c |
| 327 | enc_min.o: ../../e_os.h ../../include/openssl/asn1.h | ||
| 328 | enc_min.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | ||
| 329 | enc_min.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 330 | enc_min.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 331 | enc_min.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 332 | enc_min.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 333 | enc_min.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 334 | enc_min.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 335 | enc_min.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
| 336 | enc_min.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | ||
| 337 | enc_min.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | ||
| 338 | enc_min.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 339 | enc_min.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 340 | enc_min.o: ../../include/openssl/x509_vfy.h ../cryptlib.h enc_min.c evp_locl.h | ||
| 293 | encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 341 | encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 294 | encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 342 | encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 295 | encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 343 | encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 296 | encode.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 344 | encode.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 297 | encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 345 | encode.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 298 | encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 346 | encode.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 299 | encode.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 347 | encode.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 300 | encode.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 348 | encode.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 301 | encode.o: ../cryptlib.h encode.c | 349 | encode.o: ../../include/openssl/symhacks.h ../cryptlib.h encode.c |
| 302 | evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h | 350 | evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h |
| 303 | evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 351 | evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 304 | evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 352 | evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 305 | evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 353 | evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 306 | evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 354 | evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 307 | evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 355 | evp_acnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 308 | evp_acnf.o: ../../include/openssl/opensslconf.h | 356 | evp_acnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 309 | evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 357 | evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 310 | evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 358 | evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 311 | evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c | 359 | evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c |
| 360 | evp_cnf.o: ../../e_os.h ../../include/openssl/asn1.h | ||
| 361 | evp_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | ||
| 362 | evp_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | ||
| 363 | evp_cnf.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h | ||
| 364 | evp_cnf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 365 | evp_cnf.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | ||
| 366 | evp_cnf.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 367 | evp_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 368 | evp_cnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
| 369 | evp_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 370 | evp_cnf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | ||
| 371 | evp_cnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 372 | evp_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 373 | evp_cnf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | ||
| 374 | evp_cnf.o: ../cryptlib.h evp_cnf.c | ||
| 312 | evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h | 375 | evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h |
| 313 | evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 376 | evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 314 | evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 377 | evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 315 | evp_enc.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 378 | evp_enc.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 316 | evp_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 379 | evp_enc.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h |
| 380 | evp_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 381 | evp_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 317 | evp_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 382 | evp_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 318 | evp_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 383 | evp_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 319 | evp_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 384 | evp_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 320 | evp_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 385 | evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 321 | evp_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_enc.c evp_locl.h | 386 | evp_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 387 | evp_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 388 | evp_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_enc.c evp_locl.h | ||
| 322 | evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 389 | evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 323 | evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 390 | evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 324 | evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 391 | evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 325 | evp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 392 | evp_err.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 326 | evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 393 | evp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 327 | evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 394 | evp_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 328 | evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 395 | evp_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 329 | evp_err.o: ../../include/openssl/symhacks.h evp_err.c | 396 | evp_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 397 | evp_err.o: evp_err.c | ||
| 330 | evp_key.o: ../../e_os.h ../../include/openssl/asn1.h | 398 | evp_key.o: ../../e_os.h ../../include/openssl/asn1.h |
| 331 | evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 399 | evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 332 | evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 400 | evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 333 | evp_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 401 | evp_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 334 | evp_key.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 402 | evp_key.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 335 | evp_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 403 | evp_key.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 336 | evp_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 404 | evp_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 337 | evp_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 405 | evp_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 338 | evp_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 406 | evp_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 339 | evp_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 407 | evp_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 340 | evp_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 408 | evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 341 | evp_key.o: ../../include/openssl/ui.h ../../include/openssl/x509.h | 409 | evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 342 | evp_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_key.c | 410 | evp_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 411 | evp_key.o: ../cryptlib.h evp_key.c | ||
| 343 | evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h | 412 | evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h |
| 344 | evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 413 | evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 345 | evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 414 | evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 346 | evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 415 | evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 347 | evp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 416 | evp_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 348 | evp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 417 | evp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 349 | evp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 418 | evp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 350 | evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 419 | evp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 351 | evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_lib.c | 420 | evp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 421 | evp_lib.o: ../cryptlib.h evp_lib.c | ||
| 352 | evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h | 422 | evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h |
| 353 | evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 423 | evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 354 | evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 424 | evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 355 | evp_pbe.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 425 | evp_pbe.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 356 | evp_pbe.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 426 | evp_pbe.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 357 | evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 427 | evp_pbe.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 358 | evp_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 428 | evp_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 359 | evp_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 429 | evp_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 360 | evp_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 430 | evp_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 361 | evp_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 431 | evp_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 362 | evp_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 432 | evp_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 363 | evp_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 433 | evp_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 364 | evp_pbe.o: ../cryptlib.h evp_pbe.c | 434 | evp_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_pbe.c |
| 365 | evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h | 435 | evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h |
| 366 | evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 436 | evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 367 | evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 437 | evp_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 368 | evp_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 438 | evp_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 369 | evp_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 439 | evp_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 370 | evp_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 440 | evp_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 371 | evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 441 | evp_pkey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 372 | evp_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 442 | evp_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 373 | evp_pkey.o: ../../include/openssl/opensslconf.h | 443 | evp_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 374 | evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 444 | evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 375 | evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 445 | evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| 376 | evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 446 | evp_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h |
| @@ -382,106 +452,110 @@ m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 382 | m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 452 | m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 383 | m_dss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 453 | m_dss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 384 | m_dss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 454 | m_dss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 385 | m_dss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 455 | m_dss.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 386 | m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 456 | m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 387 | m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 457 | m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 388 | m_dss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 458 | m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 389 | m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 459 | m_dss.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 390 | m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 460 | m_dss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 391 | m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 461 | m_dss.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 392 | m_dss.o: ../cryptlib.h m_dss.c | 462 | m_dss.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_dss.c |
| 393 | m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 463 | m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 394 | m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 464 | m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 395 | m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 465 | m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 396 | m_dss1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 466 | m_dss1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 397 | m_dss1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 467 | m_dss1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 398 | m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 468 | m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 399 | m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 469 | m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 400 | m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 470 | m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 401 | m_dss1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 471 | m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 402 | m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 472 | m_dss1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 403 | m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 473 | m_dss1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 404 | m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 474 | m_dss1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 405 | m_dss1.o: ../cryptlib.h m_dss1.c | 475 | m_dss1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_dss1.c |
| 406 | m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h | 476 | m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h |
| 407 | m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 477 | m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 408 | m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 478 | m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 409 | m_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 479 | m_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 410 | m_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 480 | m_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 411 | m_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 481 | m_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 412 | m_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 482 | m_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 413 | m_ecdsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 483 | m_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 414 | m_ecdsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 484 | m_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 415 | m_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 485 | m_ecdsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 416 | m_ecdsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 486 | m_ecdsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 417 | m_ecdsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 487 | m_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 418 | m_ecdsa.o: ../cryptlib.h m_ecdsa.c | 488 | m_ecdsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ecdsa.c |
| 419 | m_md2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 489 | m_md2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 420 | m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 490 | m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 421 | m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 491 | m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 422 | m_md2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 492 | m_md2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 423 | m_md2.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 493 | m_md2.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 424 | m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h | 494 | m_md2.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 425 | m_md2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 495 | m_md2.o: ../../include/openssl/md2.h ../../include/openssl/obj_mac.h |
| 426 | m_md2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 496 | m_md2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 427 | m_md2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 497 | m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 428 | m_md2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 498 | m_md2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 429 | m_md2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 499 | m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 430 | m_md2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 500 | m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 431 | m_md2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md2.c | 501 | m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 502 | m_md2.o: ../cryptlib.h evp_locl.h m_md2.c | ||
| 432 | m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 503 | m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 433 | m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 504 | m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 434 | m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 505 | m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 435 | m_md4.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 506 | m_md4.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 436 | m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 507 | m_md4.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 437 | m_md4.o: ../../include/openssl/lhash.h ../../include/openssl/md4.h | 508 | m_md4.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 438 | m_md4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 509 | m_md4.o: ../../include/openssl/md4.h ../../include/openssl/obj_mac.h |
| 439 | m_md4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 510 | m_md4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 440 | m_md4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 511 | m_md4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 441 | m_md4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 512 | m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 442 | m_md4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 513 | m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 443 | m_md4.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 514 | m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 444 | m_md4.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md4.c | 515 | m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 516 | m_md4.o: ../cryptlib.h evp_locl.h m_md4.c | ||
| 445 | m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 517 | m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 446 | m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 518 | m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 447 | m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 519 | m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 448 | m_md5.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 520 | m_md5.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 449 | m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 521 | m_md5.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 450 | m_md5.o: ../../include/openssl/lhash.h ../../include/openssl/md5.h | 522 | m_md5.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 451 | m_md5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 523 | m_md5.o: ../../include/openssl/md5.h ../../include/openssl/obj_mac.h |
| 452 | m_md5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 524 | m_md5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 453 | m_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 525 | m_md5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 454 | m_md5.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 526 | m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 455 | m_md5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 527 | m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 456 | m_md5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 528 | m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 457 | m_md5.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_md5.c | 529 | m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 530 | m_md5.o: ../cryptlib.h evp_locl.h m_md5.c | ||
| 458 | m_mdc2.o: ../../e_os.h ../../include/openssl/bio.h | 531 | m_mdc2.o: ../../e_os.h ../../include/openssl/bio.h |
| 459 | m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 532 | m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 460 | m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 533 | m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 461 | m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 534 | m_mdc2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| 462 | m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 535 | m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 463 | m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 536 | m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 464 | m_mdc2.o: ../../include/openssl/symhacks.h ../cryptlib.h m_mdc2.c | 537 | m_mdc2.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h m_mdc2.c |
| 465 | m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 538 | m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 466 | m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 539 | m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 467 | m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 540 | m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 468 | m_null.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 541 | m_null.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 469 | m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 542 | m_null.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 470 | m_null.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 543 | m_null.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 471 | m_null.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 544 | m_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 472 | m_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 545 | m_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 473 | m_null.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 546 | m_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 474 | m_null.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 547 | m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 475 | m_null.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 548 | m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 476 | m_null.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_null.c | 549 | m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 550 | m_null.o: ../cryptlib.h m_null.c | ||
| 477 | m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h | 551 | m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h |
| 478 | m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 552 | m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 479 | m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 553 | m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 480 | m_ripemd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 554 | m_ripemd.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 481 | m_ripemd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 555 | m_ripemd.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 482 | m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 556 | m_ripemd.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 483 | m_ripemd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 557 | m_ripemd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 484 | m_ripemd.o: ../../include/openssl/opensslconf.h | 558 | m_ripemd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 485 | m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 559 | m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 486 | m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h | 560 | m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h |
| 487 | m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 561 | m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h |
| @@ -493,60 +567,62 @@ m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 493 | m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 567 | m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 494 | m_sha.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 568 | m_sha.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 495 | m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 569 | m_sha.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 496 | m_sha.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 570 | m_sha.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 497 | m_sha.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 571 | m_sha.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 498 | m_sha.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 572 | m_sha.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 499 | m_sha.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h | 573 | m_sha.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 500 | m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 574 | m_sha.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h |
| 501 | m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 575 | m_sha.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 502 | m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 576 | m_sha.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 503 | m_sha.o: ../cryptlib.h m_sha.c | 577 | m_sha.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_sha.c |
| 504 | m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 578 | m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 505 | m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 579 | m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 506 | m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 580 | m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 507 | m_sha1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 581 | m_sha1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 508 | m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 582 | m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 509 | m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 583 | m_sha1.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 510 | m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 584 | m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 511 | m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 585 | m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 512 | m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h | 586 | m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 513 | m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 587 | m_sha1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h |
| 514 | m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 588 | m_sha1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 515 | m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 589 | m_sha1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 516 | m_sha1.o: ../cryptlib.h m_sha1.c | 590 | m_sha1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_sha1.c |
| 517 | names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 591 | names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 518 | names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 592 | names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 519 | names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 593 | names.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 520 | names.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 594 | names.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 521 | names.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 595 | names.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 522 | names.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 596 | names.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 523 | names.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 597 | names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 524 | names.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 598 | names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 525 | names.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 599 | names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 526 | names.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 600 | names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 527 | names.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 601 | names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 528 | names.o: ../../include/openssl/x509_vfy.h ../cryptlib.h names.c | 602 | names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 603 | names.o: ../cryptlib.h names.c | ||
| 529 | p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h | 604 | p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h |
| 530 | p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 605 | p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 531 | p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 606 | p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 532 | p5_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 607 | p5_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 533 | p5_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 608 | p5_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 534 | p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 609 | p5_crpt.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 535 | p5_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 610 | p5_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 536 | p5_crpt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 611 | p5_crpt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 537 | p5_crpt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 612 | p5_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 538 | p5_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 613 | p5_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 539 | p5_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 614 | p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 540 | p5_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 615 | p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 541 | p5_crpt.o: ../cryptlib.h p5_crpt.c | 616 | p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c |
| 542 | p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h | 617 | p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h |
| 543 | p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 618 | p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 544 | p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 619 | p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 545 | p5_crpt2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 620 | p5_crpt2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 546 | p5_crpt2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 621 | p5_crpt2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 547 | p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h | 622 | p5_crpt2.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 548 | p5_crpt2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 623 | p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h |
| 549 | p5_crpt2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 624 | p5_crpt2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 625 | p5_crpt2.o: ../../include/openssl/opensslconf.h | ||
| 550 | p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 626 | p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 551 | p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 627 | p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 552 | p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 628 | p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -557,27 +633,29 @@ p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 557 | p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 633 | p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 558 | p_dec.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 634 | p_dec.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 559 | p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 635 | p_dec.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 560 | p_dec.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 636 | p_dec.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 561 | p_dec.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 637 | p_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 562 | p_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 638 | p_dec.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 563 | p_dec.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 639 | p_dec.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 564 | p_dec.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 640 | p_dec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h |
| 565 | p_dec.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 641 | p_dec.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 566 | p_dec.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 642 | p_dec.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 567 | p_dec.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_dec.c | 643 | p_dec.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 644 | p_dec.o: ../cryptlib.h p_dec.c | ||
| 568 | p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 645 | p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 569 | p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 646 | p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 570 | p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 647 | p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 571 | p_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 648 | p_enc.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 572 | p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 649 | p_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 573 | p_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 650 | p_enc.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 574 | p_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 651 | p_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 575 | p_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 652 | p_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 576 | p_enc.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 653 | p_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 577 | p_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 654 | p_enc.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h |
| 578 | p_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 655 | p_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 579 | p_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 656 | p_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 580 | p_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_enc.c | 657 | p_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 658 | p_enc.o: ../cryptlib.h p_enc.c | ||
| 581 | p_lib.o: ../../e_os.h ../../include/openssl/asn1.h | 659 | p_lib.o: ../../e_os.h ../../include/openssl/asn1.h |
| 582 | p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h | 660 | p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h |
| 583 | p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 661 | p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| @@ -585,60 +663,63 @@ p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | |||
| 585 | p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 663 | p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 586 | p_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 664 | p_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 587 | p_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 665 | p_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 588 | p_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 666 | p_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 589 | p_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 667 | p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 590 | p_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 668 | p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 591 | p_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 669 | p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 592 | p_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 670 | p_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 593 | p_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 671 | p_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 594 | p_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 672 | p_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 595 | p_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_lib.c | 673 | p_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 674 | p_lib.o: ../cryptlib.h p_lib.c | ||
| 596 | p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 675 | p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 597 | p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 676 | p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 598 | p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 677 | p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 599 | p_open.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 678 | p_open.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 600 | p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 679 | p_open.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 601 | p_open.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 680 | p_open.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 602 | p_open.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 681 | p_open.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 603 | p_open.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 682 | p_open.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 604 | p_open.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h | 683 | p_open.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 605 | p_open.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 684 | p_open.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h |
| 606 | p_open.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 685 | p_open.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 607 | p_open.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 686 | p_open.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 608 | p_open.o: ../cryptlib.h p_open.c | 687 | p_open.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_open.c |
| 609 | p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 688 | p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 610 | p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 689 | p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 611 | p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 690 | p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 612 | p_seal.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 691 | p_seal.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 613 | p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 692 | p_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 614 | p_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 693 | p_seal.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 615 | p_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 694 | p_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 616 | p_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 695 | p_seal.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 617 | p_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 696 | p_seal.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 618 | p_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 697 | p_seal.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h |
| 619 | p_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 698 | p_seal.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 620 | p_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 699 | p_seal.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 621 | p_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_seal.c | 700 | p_seal.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 701 | p_seal.o: ../cryptlib.h p_seal.c | ||
| 622 | p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 702 | p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 623 | p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 703 | p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 624 | p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 704 | p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 625 | p_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 705 | p_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 626 | p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 706 | p_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 627 | p_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 707 | p_sign.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 628 | p_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 708 | p_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 629 | p_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 709 | p_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 630 | p_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 710 | p_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 631 | p_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 711 | p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 632 | p_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 712 | p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 633 | p_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_sign.c | 713 | p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 714 | p_sign.o: ../cryptlib.h p_sign.c | ||
| 634 | p_verify.o: ../../e_os.h ../../include/openssl/asn1.h | 715 | p_verify.o: ../../e_os.h ../../include/openssl/asn1.h |
| 635 | p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 716 | p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 636 | p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 717 | p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 637 | p_verify.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 718 | p_verify.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 638 | p_verify.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 719 | p_verify.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 639 | p_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 720 | p_verify.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 640 | p_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 721 | p_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 641 | p_verify.o: ../../include/openssl/opensslconf.h | 722 | p_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 642 | p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 723 | p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 643 | p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 724 | p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 644 | p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 725 | p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
diff --git a/src/lib/libssl/src/crypto/evp/bio_md.c b/src/lib/libssl/src/crypto/evp/bio_md.c index d648ac6da6..ed5c1135fd 100644 --- a/src/lib/libssl/src/crypto/evp/bio_md.c +++ b/src/lib/libssl/src/crypto/evp/bio_md.c | |||
| @@ -192,13 +192,8 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr) | |||
| 192 | ret=0; | 192 | ret=0; |
| 193 | break; | 193 | break; |
| 194 | case BIO_C_GET_MD_CTX: | 194 | case BIO_C_GET_MD_CTX: |
| 195 | if (b->init) | 195 | pctx=ptr; |
| 196 | { | 196 | *pctx=ctx; |
| 197 | pctx=ptr; | ||
| 198 | *pctx=ctx; | ||
| 199 | } | ||
| 200 | else | ||
| 201 | ret=0; | ||
| 202 | break; | 197 | break; |
| 203 | case BIO_C_SET_MD_CTX: | 198 | case BIO_C_SET_MD_CTX: |
| 204 | if (b->init) | 199 | if (b->init) |
diff --git a/src/lib/libssl/src/crypto/evp/dig_eng.c b/src/lib/libssl/src/crypto/evp/dig_eng.c new file mode 100644 index 0000000000..64cdf9366c --- /dev/null +++ b/src/lib/libssl/src/crypto/evp/dig_eng.c | |||
| @@ -0,0 +1,180 @@ | |||
| 1 | /* crypto/evp/digest.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | /* ==================================================================== | ||
| 59 | * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. | ||
| 60 | * | ||
| 61 | * Redistribution and use in source and binary forms, with or without | ||
| 62 | * modification, are permitted provided that the following conditions | ||
| 63 | * are met: | ||
| 64 | * | ||
| 65 | * 1. Redistributions of source code must retain the above copyright | ||
| 66 | * notice, this list of conditions and the following disclaimer. | ||
| 67 | * | ||
| 68 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 69 | * notice, this list of conditions and the following disclaimer in | ||
| 70 | * the documentation and/or other materials provided with the | ||
| 71 | * distribution. | ||
| 72 | * | ||
| 73 | * 3. All advertising materials mentioning features or use of this | ||
| 74 | * software must display the following acknowledgment: | ||
| 75 | * "This product includes software developed by the OpenSSL Project | ||
| 76 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 77 | * | ||
| 78 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 79 | * endorse or promote products derived from this software without | ||
| 80 | * prior written permission. For written permission, please contact | ||
| 81 | * openssl-core@openssl.org. | ||
| 82 | * | ||
| 83 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 84 | * nor may "OpenSSL" appear in their names without prior written | ||
| 85 | * permission of the OpenSSL Project. | ||
| 86 | * | ||
| 87 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 88 | * acknowledgment: | ||
| 89 | * "This product includes software developed by the OpenSSL Project | ||
| 90 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 91 | * | ||
| 92 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 93 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 94 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 95 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 96 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 97 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 98 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 99 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 100 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 101 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 102 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 103 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 104 | * ==================================================================== | ||
| 105 | * | ||
| 106 | * This product includes cryptographic software written by Eric Young | ||
| 107 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 108 | * Hudson (tjh@cryptsoft.com). | ||
| 109 | * | ||
| 110 | */ | ||
| 111 | |||
| 112 | #include <stdio.h> | ||
| 113 | #include "cryptlib.h" | ||
| 114 | #include <openssl/objects.h> | ||
| 115 | #include <openssl/evp.h> | ||
| 116 | #ifndef OPENSSL_NO_ENGINE | ||
| 117 | #include <openssl/engine.h> | ||
| 118 | #endif | ||
| 119 | #include "evp_locl.h" | ||
| 120 | |||
| 121 | #ifndef OPENSSL_NO_ENGINE | ||
| 122 | |||
| 123 | #ifdef OPENSSL_FIPS | ||
| 124 | |||
| 125 | static int do_evp_md_engine_full(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) | ||
| 126 | { | ||
| 127 | if (*ptype) | ||
| 128 | { | ||
| 129 | /* Ensure an ENGINE left lying around from last time is cleared | ||
| 130 | * (the previous check attempted to avoid this if the same | ||
| 131 | * ENGINE and EVP_MD could be used). */ | ||
| 132 | if(ctx->engine) | ||
| 133 | ENGINE_finish(ctx->engine); | ||
| 134 | if(impl) | ||
| 135 | { | ||
| 136 | if (!ENGINE_init(impl)) | ||
| 137 | { | ||
| 138 | EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_INITIALIZATION_ERROR); | ||
| 139 | return 0; | ||
| 140 | } | ||
| 141 | } | ||
| 142 | else | ||
| 143 | /* Ask if an ENGINE is reserved for this job */ | ||
| 144 | impl = ENGINE_get_digest_engine((*ptype)->type); | ||
| 145 | if(impl) | ||
| 146 | { | ||
| 147 | /* There's an ENGINE for this job ... (apparently) */ | ||
| 148 | const EVP_MD *d = ENGINE_get_digest(impl, (*ptype)->type); | ||
| 149 | if(!d) | ||
| 150 | { | ||
| 151 | /* Same comment from evp_enc.c */ | ||
| 152 | EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_INITIALIZATION_ERROR); | ||
| 153 | return 0; | ||
| 154 | } | ||
| 155 | /* We'll use the ENGINE's private digest definition */ | ||
| 156 | *ptype = d; | ||
| 157 | /* Store the ENGINE functional reference so we know | ||
| 158 | * 'type' came from an ENGINE and we need to release | ||
| 159 | * it when done. */ | ||
| 160 | ctx->engine = impl; | ||
| 161 | } | ||
| 162 | else | ||
| 163 | ctx->engine = NULL; | ||
| 164 | } | ||
| 165 | else | ||
| 166 | if(!ctx->digest) | ||
| 167 | { | ||
| 168 | EVPerr(EVP_F_DO_EVP_MD_ENGINE_FULL,EVP_R_NO_DIGEST_SET); | ||
| 169 | return 0; | ||
| 170 | } | ||
| 171 | return 1; | ||
| 172 | } | ||
| 173 | |||
| 174 | void int_EVP_MD_init_engine_callbacks(void) | ||
| 175 | { | ||
| 176 | int_EVP_MD_set_engine_callbacks( | ||
| 177 | ENGINE_init, ENGINE_finish, do_evp_md_engine_full); | ||
| 178 | } | ||
| 179 | #endif | ||
| 180 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/evp/digest.c b/src/lib/libssl/src/crypto/evp/digest.c index 762e6d3450..3bc2d1295c 100644 --- a/src/lib/libssl/src/crypto/evp/digest.c +++ b/src/lib/libssl/src/crypto/evp/digest.c | |||
| @@ -116,6 +116,7 @@ | |||
| 116 | #ifndef OPENSSL_NO_ENGINE | 116 | #ifndef OPENSSL_NO_ENGINE |
| 117 | #include <openssl/engine.h> | 117 | #include <openssl/engine.h> |
| 118 | #endif | 118 | #endif |
| 119 | #include "evp_locl.h" | ||
| 119 | 120 | ||
| 120 | void EVP_MD_CTX_init(EVP_MD_CTX *ctx) | 121 | void EVP_MD_CTX_init(EVP_MD_CTX *ctx) |
| 121 | { | 122 | { |
| @@ -137,18 +138,77 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) | |||
| 137 | return EVP_DigestInit_ex(ctx, type, NULL); | 138 | return EVP_DigestInit_ex(ctx, type, NULL); |
| 138 | } | 139 | } |
| 139 | 140 | ||
| 140 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | 141 | #ifdef OPENSSL_FIPS |
| 142 | |||
| 143 | /* The purpose of these is to trap programs that attempt to use non FIPS | ||
| 144 | * algorithms in FIPS mode and ignore the errors. | ||
| 145 | */ | ||
| 146 | |||
| 147 | static int bad_init(EVP_MD_CTX *ctx) | ||
| 148 | { FIPS_ERROR_IGNORED("Digest init"); return 0;} | ||
| 149 | |||
| 150 | static int bad_update(EVP_MD_CTX *ctx,const void *data,size_t count) | ||
| 151 | { FIPS_ERROR_IGNORED("Digest update"); return 0;} | ||
| 152 | |||
| 153 | static int bad_final(EVP_MD_CTX *ctx,unsigned char *md) | ||
| 154 | { FIPS_ERROR_IGNORED("Digest Final"); return 0;} | ||
| 155 | |||
| 156 | static const EVP_MD bad_md = | ||
| 141 | { | 157 | { |
| 142 | EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); | 158 | 0, |
| 159 | 0, | ||
| 160 | 0, | ||
| 161 | 0, | ||
| 162 | bad_init, | ||
| 163 | bad_update, | ||
| 164 | bad_final, | ||
| 165 | NULL, | ||
| 166 | NULL, | ||
| 167 | NULL, | ||
| 168 | 0, | ||
| 169 | {0,0,0,0}, | ||
| 170 | }; | ||
| 171 | |||
| 172 | #endif | ||
| 173 | |||
| 143 | #ifndef OPENSSL_NO_ENGINE | 174 | #ifndef OPENSSL_NO_ENGINE |
| 144 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts | 175 | |
| 145 | * so this context may already have an ENGINE! Try to avoid releasing | 176 | #ifdef OPENSSL_FIPS |
| 146 | * the previous handle, re-querying for an ENGINE, and having a | 177 | |
| 147 | * reinitialisation, when it may all be unecessary. */ | 178 | static int do_engine_null(ENGINE *impl) { return 0;} |
| 148 | if (ctx->engine && ctx->digest && (!type || | 179 | static int do_evp_md_engine_null(EVP_MD_CTX *ctx, |
| 149 | (type && (type->type == ctx->digest->type)))) | 180 | const EVP_MD **ptype, ENGINE *impl) |
| 150 | goto skip_to_init; | 181 | { return 1; } |
| 151 | if (type) | 182 | |
| 183 | static int (*do_engine_init)(ENGINE *impl) | ||
| 184 | = do_engine_null; | ||
| 185 | |||
| 186 | static int (*do_engine_finish)(ENGINE *impl) | ||
| 187 | = do_engine_null; | ||
| 188 | |||
| 189 | static int (*do_evp_md_engine) | ||
| 190 | (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) | ||
| 191 | = do_evp_md_engine_null; | ||
| 192 | |||
| 193 | void int_EVP_MD_set_engine_callbacks( | ||
| 194 | int (*eng_md_init)(ENGINE *impl), | ||
| 195 | int (*eng_md_fin)(ENGINE *impl), | ||
| 196 | int (*eng_md_evp) | ||
| 197 | (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl)) | ||
| 198 | { | ||
| 199 | do_engine_init = eng_md_init; | ||
| 200 | do_engine_finish = eng_md_fin; | ||
| 201 | do_evp_md_engine = eng_md_evp; | ||
| 202 | } | ||
| 203 | |||
| 204 | #else | ||
| 205 | |||
| 206 | #define do_engine_init ENGINE_init | ||
| 207 | #define do_engine_finish ENGINE_finish | ||
| 208 | |||
| 209 | static int do_evp_md_engine(EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl) | ||
| 210 | { | ||
| 211 | if (*ptype) | ||
| 152 | { | 212 | { |
| 153 | /* Ensure an ENGINE left lying around from last time is cleared | 213 | /* Ensure an ENGINE left lying around from last time is cleared |
| 154 | * (the previous check attempted to avoid this if the same | 214 | * (the previous check attempted to avoid this if the same |
| @@ -159,25 +219,25 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | |||
| 159 | { | 219 | { |
| 160 | if (!ENGINE_init(impl)) | 220 | if (!ENGINE_init(impl)) |
| 161 | { | 221 | { |
| 162 | EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); | 222 | EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_INITIALIZATION_ERROR); |
| 163 | return 0; | 223 | return 0; |
| 164 | } | 224 | } |
| 165 | } | 225 | } |
| 166 | else | 226 | else |
| 167 | /* Ask if an ENGINE is reserved for this job */ | 227 | /* Ask if an ENGINE is reserved for this job */ |
| 168 | impl = ENGINE_get_digest_engine(type->type); | 228 | impl = ENGINE_get_digest_engine((*ptype)->type); |
| 169 | if(impl) | 229 | if(impl) |
| 170 | { | 230 | { |
| 171 | /* There's an ENGINE for this job ... (apparently) */ | 231 | /* There's an ENGINE for this job ... (apparently) */ |
| 172 | const EVP_MD *d = ENGINE_get_digest(impl, type->type); | 232 | const EVP_MD *d = ENGINE_get_digest(impl, (*ptype)->type); |
| 173 | if(!d) | 233 | if(!d) |
| 174 | { | 234 | { |
| 175 | /* Same comment from evp_enc.c */ | 235 | /* Same comment from evp_enc.c */ |
| 176 | EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_INITIALIZATION_ERROR); | 236 | EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_INITIALIZATION_ERROR); |
| 177 | return 0; | 237 | return 0; |
| 178 | } | 238 | } |
| 179 | /* We'll use the ENGINE's private digest definition */ | 239 | /* We'll use the ENGINE's private digest definition */ |
| 180 | type = d; | 240 | *ptype = d; |
| 181 | /* Store the ENGINE functional reference so we know | 241 | /* Store the ENGINE functional reference so we know |
| 182 | * 'type' came from an ENGINE and we need to release | 242 | * 'type' came from an ENGINE and we need to release |
| 183 | * it when done. */ | 243 | * it when done. */ |
| @@ -189,12 +249,52 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | |||
| 189 | else | 249 | else |
| 190 | if(!ctx->digest) | 250 | if(!ctx->digest) |
| 191 | { | 251 | { |
| 192 | EVPerr(EVP_F_EVP_DIGESTINIT_EX,EVP_R_NO_DIGEST_SET); | 252 | EVPerr(EVP_F_DO_EVP_MD_ENGINE,EVP_R_NO_DIGEST_SET); |
| 193 | return 0; | 253 | return 0; |
| 194 | } | 254 | } |
| 255 | return 1; | ||
| 256 | } | ||
| 257 | |||
| 258 | #endif | ||
| 259 | |||
| 260 | #endif | ||
| 261 | |||
| 262 | int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | ||
| 263 | { | ||
| 264 | M_EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); | ||
| 265 | #ifdef OPENSSL_FIPS | ||
| 266 | if(FIPS_selftest_failed()) | ||
| 267 | { | ||
| 268 | FIPSerr(FIPS_F_EVP_DIGESTINIT_EX,FIPS_R_FIPS_SELFTEST_FAILED); | ||
| 269 | ctx->digest = &bad_md; | ||
| 270 | return 0; | ||
| 271 | } | ||
| 272 | #endif | ||
| 273 | #ifndef OPENSSL_NO_ENGINE | ||
| 274 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts | ||
| 275 | * so this context may already have an ENGINE! Try to avoid releasing | ||
| 276 | * the previous handle, re-querying for an ENGINE, and having a | ||
| 277 | * reinitialisation, when it may all be unecessary. */ | ||
| 278 | if (ctx->engine && ctx->digest && (!type || | ||
| 279 | (type && (type->type == ctx->digest->type)))) | ||
| 280 | goto skip_to_init; | ||
| 281 | if (!do_evp_md_engine(ctx, &type, impl)) | ||
| 282 | return 0; | ||
| 195 | #endif | 283 | #endif |
| 196 | if (ctx->digest != type) | 284 | if (ctx->digest != type) |
| 197 | { | 285 | { |
| 286 | #ifdef OPENSSL_FIPS | ||
| 287 | if (FIPS_mode()) | ||
| 288 | { | ||
| 289 | if (!(type->flags & EVP_MD_FLAG_FIPS) | ||
| 290 | && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) | ||
| 291 | { | ||
| 292 | EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_DISABLED_FOR_FIPS); | ||
| 293 | ctx->digest = &bad_md; | ||
| 294 | return 0; | ||
| 295 | } | ||
| 296 | } | ||
| 297 | #endif | ||
| 198 | if (ctx->digest && ctx->digest->ctx_size) | 298 | if (ctx->digest && ctx->digest->ctx_size) |
| 199 | OPENSSL_free(ctx->md_data); | 299 | OPENSSL_free(ctx->md_data); |
| 200 | ctx->digest=type; | 300 | ctx->digest=type; |
| @@ -202,7 +302,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) | |||
| 202 | ctx->md_data=OPENSSL_malloc(type->ctx_size); | 302 | ctx->md_data=OPENSSL_malloc(type->ctx_size); |
| 203 | } | 303 | } |
| 204 | #ifndef OPENSSL_NO_ENGINE | 304 | #ifndef OPENSSL_NO_ENGINE |
| 205 | skip_to_init: | 305 | skip_to_init: |
| 206 | #endif | 306 | #endif |
| 207 | return ctx->digest->init(ctx); | 307 | return ctx->digest->init(ctx); |
| 208 | } | 308 | } |
| @@ -210,6 +310,9 @@ skip_to_init: | |||
| 210 | int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, | 310 | int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, |
| 211 | size_t count) | 311 | size_t count) |
| 212 | { | 312 | { |
| 313 | #ifdef OPENSSL_FIPS | ||
| 314 | FIPS_selftest_check(); | ||
| 315 | #endif | ||
| 213 | return ctx->digest->update(ctx,data,count); | 316 | return ctx->digest->update(ctx,data,count); |
| 214 | } | 317 | } |
| 215 | 318 | ||
| @@ -226,6 +329,9 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) | |||
| 226 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) | 329 | int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) |
| 227 | { | 330 | { |
| 228 | int ret; | 331 | int ret; |
| 332 | #ifdef OPENSSL_FIPS | ||
| 333 | FIPS_selftest_check(); | ||
| 334 | #endif | ||
| 229 | 335 | ||
| 230 | OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); | 336 | OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); |
| 231 | ret=ctx->digest->final(ctx,md); | 337 | ret=ctx->digest->final(ctx,md); |
| @@ -234,7 +340,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) | |||
| 234 | if (ctx->digest->cleanup) | 340 | if (ctx->digest->cleanup) |
| 235 | { | 341 | { |
| 236 | ctx->digest->cleanup(ctx); | 342 | ctx->digest->cleanup(ctx); |
| 237 | EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); | 343 | M_EVP_MD_CTX_set_flags(ctx,EVP_MD_CTX_FLAG_CLEANED); |
| 238 | } | 344 | } |
| 239 | memset(ctx->md_data,0,ctx->digest->ctx_size); | 345 | memset(ctx->md_data,0,ctx->digest->ctx_size); |
| 240 | return ret; | 346 | return ret; |
| @@ -256,7 +362,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) | |||
| 256 | } | 362 | } |
| 257 | #ifndef OPENSSL_NO_ENGINE | 363 | #ifndef OPENSSL_NO_ENGINE |
| 258 | /* Make sure it's safe to copy a digest context using an ENGINE */ | 364 | /* Make sure it's safe to copy a digest context using an ENGINE */ |
| 259 | if (in->engine && !ENGINE_init(in->engine)) | 365 | if (in->engine && !do_engine_init(in->engine)) |
| 260 | { | 366 | { |
| 261 | EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB); | 367 | EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,ERR_R_ENGINE_LIB); |
| 262 | return 0; | 368 | return 0; |
| @@ -266,7 +372,7 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in) | |||
| 266 | if (out->digest == in->digest) | 372 | if (out->digest == in->digest) |
| 267 | { | 373 | { |
| 268 | tmp_buf = out->md_data; | 374 | tmp_buf = out->md_data; |
| 269 | EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE); | 375 | M_EVP_MD_CTX_set_flags(out,EVP_MD_CTX_FLAG_REUSE); |
| 270 | } | 376 | } |
| 271 | else tmp_buf = NULL; | 377 | else tmp_buf = NULL; |
| 272 | EVP_MD_CTX_cleanup(out); | 378 | EVP_MD_CTX_cleanup(out); |
| @@ -292,7 +398,7 @@ int EVP_Digest(const void *data, size_t count, | |||
| 292 | int ret; | 398 | int ret; |
| 293 | 399 | ||
| 294 | EVP_MD_CTX_init(&ctx); | 400 | EVP_MD_CTX_init(&ctx); |
| 295 | EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); | 401 | M_EVP_MD_CTX_set_flags(&ctx,EVP_MD_CTX_FLAG_ONESHOT); |
| 296 | ret=EVP_DigestInit_ex(&ctx, type, impl) | 402 | ret=EVP_DigestInit_ex(&ctx, type, impl) |
| 297 | && EVP_DigestUpdate(&ctx, data, count) | 403 | && EVP_DigestUpdate(&ctx, data, count) |
| 298 | && EVP_DigestFinal_ex(&ctx, md, size); | 404 | && EVP_DigestFinal_ex(&ctx, md, size); |
| @@ -314,10 +420,10 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) | |||
| 314 | * because sometimes only copies of the context are ever finalised. | 420 | * because sometimes only copies of the context are ever finalised. |
| 315 | */ | 421 | */ |
| 316 | if (ctx->digest && ctx->digest->cleanup | 422 | if (ctx->digest && ctx->digest->cleanup |
| 317 | && !EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED)) | 423 | && !M_EVP_MD_CTX_test_flags(ctx,EVP_MD_CTX_FLAG_CLEANED)) |
| 318 | ctx->digest->cleanup(ctx); | 424 | ctx->digest->cleanup(ctx); |
| 319 | if (ctx->digest && ctx->digest->ctx_size && ctx->md_data | 425 | if (ctx->digest && ctx->digest->ctx_size && ctx->md_data |
| 320 | && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) | 426 | && !M_EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) |
| 321 | { | 427 | { |
| 322 | OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); | 428 | OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); |
| 323 | OPENSSL_free(ctx->md_data); | 429 | OPENSSL_free(ctx->md_data); |
| @@ -326,7 +432,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) | |||
| 326 | if(ctx->engine) | 432 | if(ctx->engine) |
| 327 | /* The EVP_MD we used belongs to an ENGINE, release the | 433 | /* The EVP_MD we used belongs to an ENGINE, release the |
| 328 | * functional reference we held for this reason. */ | 434 | * functional reference we held for this reason. */ |
| 329 | ENGINE_finish(ctx->engine); | 435 | do_engine_finish(ctx->engine); |
| 330 | #endif | 436 | #endif |
| 331 | memset(ctx,'\0',sizeof *ctx); | 437 | memset(ctx,'\0',sizeof *ctx); |
| 332 | 438 | ||
diff --git a/src/lib/libssl/src/crypto/evp/e_aes.c b/src/lib/libssl/src/crypto/evp/e_aes.c index bd6c0a3a62..c9a5ee8d75 100644 --- a/src/lib/libssl/src/crypto/evp/e_aes.c +++ b/src/lib/libssl/src/crypto/evp/e_aes.c | |||
| @@ -69,32 +69,29 @@ typedef struct | |||
| 69 | 69 | ||
| 70 | IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY, | 70 | IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY, |
| 71 | NID_aes_128, 16, 16, 16, 128, | 71 | NID_aes_128, 16, 16, 16, 128, |
| 72 | 0, aes_init_key, NULL, | 72 | EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, |
| 73 | EVP_CIPHER_set_asn1_iv, | 73 | aes_init_key, |
| 74 | EVP_CIPHER_get_asn1_iv, | 74 | NULL, NULL, NULL, NULL) |
| 75 | NULL) | ||
| 76 | IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY, | 75 | IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY, |
| 77 | NID_aes_192, 16, 24, 16, 128, | 76 | NID_aes_192, 16, 24, 16, 128, |
| 78 | 0, aes_init_key, NULL, | 77 | EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, |
| 79 | EVP_CIPHER_set_asn1_iv, | 78 | aes_init_key, |
| 80 | EVP_CIPHER_get_asn1_iv, | 79 | NULL, NULL, NULL, NULL) |
| 81 | NULL) | ||
| 82 | IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY, | 80 | IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY, |
| 83 | NID_aes_256, 16, 32, 16, 128, | 81 | NID_aes_256, 16, 32, 16, 128, |
| 84 | 0, aes_init_key, NULL, | 82 | EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, |
| 85 | EVP_CIPHER_set_asn1_iv, | 83 | aes_init_key, |
| 86 | EVP_CIPHER_get_asn1_iv, | 84 | NULL, NULL, NULL, NULL) |
| 87 | NULL) | ||
| 88 | 85 | ||
| 89 | #define IMPLEMENT_AES_CFBR(ksize,cbits) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16) | 86 | #define IMPLEMENT_AES_CFBR(ksize,cbits,flags) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags) |
| 90 | 87 | ||
| 91 | IMPLEMENT_AES_CFBR(128,1) | 88 | IMPLEMENT_AES_CFBR(128,1,EVP_CIPH_FLAG_FIPS) |
| 92 | IMPLEMENT_AES_CFBR(192,1) | 89 | IMPLEMENT_AES_CFBR(192,1,EVP_CIPH_FLAG_FIPS) |
| 93 | IMPLEMENT_AES_CFBR(256,1) | 90 | IMPLEMENT_AES_CFBR(256,1,EVP_CIPH_FLAG_FIPS) |
| 94 | 91 | ||
| 95 | IMPLEMENT_AES_CFBR(128,8) | 92 | IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS) |
| 96 | IMPLEMENT_AES_CFBR(192,8) | 93 | IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS) |
| 97 | IMPLEMENT_AES_CFBR(256,8) | 94 | IMPLEMENT_AES_CFBR(256,8,EVP_CIPH_FLAG_FIPS) |
| 98 | 95 | ||
| 99 | static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 96 | static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| 100 | const unsigned char *iv, int enc) | 97 | const unsigned char *iv, int enc) |
diff --git a/src/lib/libssl/src/crypto/evp/e_des.c b/src/lib/libssl/src/crypto/evp/e_des.c index 856323648c..04376df232 100644 --- a/src/lib/libssl/src/crypto/evp/e_des.c +++ b/src/lib/libssl/src/crypto/evp/e_des.c | |||
| @@ -129,18 +129,21 @@ static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |||
| 129 | } | 129 | } |
| 130 | 130 | ||
| 131 | BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64, | 131 | BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64, |
| 132 | EVP_CIPH_RAND_KEY, des_init_key, NULL, | 132 | EVP_CIPH_RAND_KEY, |
| 133 | des_init_key, NULL, | ||
| 133 | EVP_CIPHER_set_asn1_iv, | 134 | EVP_CIPHER_set_asn1_iv, |
| 134 | EVP_CIPHER_get_asn1_iv, | 135 | EVP_CIPHER_get_asn1_iv, |
| 135 | des_ctrl) | 136 | des_ctrl) |
| 136 | 137 | ||
| 137 | BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1, | 138 | BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1, |
| 138 | EVP_CIPH_RAND_KEY, des_init_key,NULL, | 139 | EVP_CIPH_RAND_KEY, |
| 140 | des_init_key, NULL, | ||
| 139 | EVP_CIPHER_set_asn1_iv, | 141 | EVP_CIPHER_set_asn1_iv, |
| 140 | EVP_CIPHER_get_asn1_iv,des_ctrl) | 142 | EVP_CIPHER_get_asn1_iv,des_ctrl) |
| 141 | 143 | ||
| 142 | BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8, | 144 | BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8, |
| 143 | EVP_CIPH_RAND_KEY,des_init_key,NULL, | 145 | EVP_CIPH_RAND_KEY, |
| 146 | des_init_key,NULL, | ||
| 144 | EVP_CIPHER_set_asn1_iv, | 147 | EVP_CIPHER_set_asn1_iv, |
| 145 | EVP_CIPHER_get_asn1_iv,des_ctrl) | 148 | EVP_CIPHER_get_asn1_iv,des_ctrl) |
| 146 | 149 | ||
diff --git a/src/lib/libssl/src/crypto/evp/e_des3.c b/src/lib/libssl/src/crypto/evp/e_des3.c index ac148efab2..f910af19b1 100644 --- a/src/lib/libssl/src/crypto/evp/e_des3.c +++ b/src/lib/libssl/src/crypto/evp/e_des3.c | |||
| @@ -111,8 +111,7 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |||
| 111 | #ifdef KSSL_DEBUG | 111 | #ifdef KSSL_DEBUG |
| 112 | { | 112 | { |
| 113 | int i; | 113 | int i; |
| 114 | char *cp; | 114 | printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", (unsigned long)ctx, ctx->buf_len); |
| 115 | printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len); | ||
| 116 | printf("\t iv= "); | 115 | printf("\t iv= "); |
| 117 | for(i=0;i<8;i++) | 116 | for(i=0;i<8;i++) |
| 118 | printf("%02X",ctx->iv[i]); | 117 | printf("%02X",ctx->iv[i]); |
| @@ -164,9 +163,9 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |||
| 164 | } | 163 | } |
| 165 | 164 | ||
| 166 | BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, | 165 | BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, |
| 167 | EVP_CIPH_RAND_KEY, des_ede_init_key, NULL, | 166 | EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, |
| 168 | EVP_CIPHER_set_asn1_iv, | 167 | des_ede_init_key, |
| 169 | EVP_CIPHER_get_asn1_iv, | 168 | NULL, NULL, NULL, |
| 170 | des3_ctrl) | 169 | des3_ctrl) |
| 171 | 170 | ||
| 172 | #define des_ede3_cfb64_cipher des_ede_cfb64_cipher | 171 | #define des_ede3_cfb64_cipher des_ede_cfb64_cipher |
| @@ -175,21 +174,21 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64, | |||
| 175 | #define des_ede3_ecb_cipher des_ede_ecb_cipher | 174 | #define des_ede3_ecb_cipher des_ede_ecb_cipher |
| 176 | 175 | ||
| 177 | BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, | 176 | BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64, |
| 178 | EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL, | 177 | EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, |
| 179 | EVP_CIPHER_set_asn1_iv, | 178 | des_ede3_init_key, |
| 180 | EVP_CIPHER_get_asn1_iv, | 179 | NULL, NULL, NULL, |
| 181 | des3_ctrl) | 180 | des3_ctrl) |
| 182 | 181 | ||
| 183 | BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1, | 182 | BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1, |
| 184 | EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, | 183 | EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, |
| 185 | EVP_CIPHER_set_asn1_iv, | 184 | des_ede3_init_key, |
| 186 | EVP_CIPHER_get_asn1_iv, | 185 | NULL, NULL, NULL, |
| 187 | des3_ctrl) | 186 | des3_ctrl) |
| 188 | 187 | ||
| 189 | BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8, | 188 | BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8, |
| 190 | EVP_CIPH_RAND_KEY, des_ede3_init_key,NULL, | 189 | EVP_CIPH_RAND_KEY|EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1, |
| 191 | EVP_CIPHER_set_asn1_iv, | 190 | des_ede3_init_key, |
| 192 | EVP_CIPHER_get_asn1_iv, | 191 | NULL, NULL, NULL, |
| 193 | des3_ctrl) | 192 | des3_ctrl) |
| 194 | 193 | ||
| 195 | static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | 194 | static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, |
| @@ -216,7 +215,7 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, | |||
| 216 | #ifdef KSSL_DEBUG | 215 | #ifdef KSSL_DEBUG |
| 217 | { | 216 | { |
| 218 | int i; | 217 | int i; |
| 219 | printf("des_ede3_init_key(ctx=%lx)\n", ctx); | 218 | printf("des_ede3_init_key(ctx=%lx)\n", (unsigned long)ctx); |
| 220 | printf("\tKEY= "); | 219 | printf("\tKEY= "); |
| 221 | for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n"); | 220 | for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n"); |
| 222 | printf("\t IV= "); | 221 | printf("\t IV= "); |
diff --git a/src/lib/libssl/src/crypto/evp/e_null.c b/src/lib/libssl/src/crypto/evp/e_null.c index 5205259f18..0872d733e4 100644 --- a/src/lib/libssl/src/crypto/evp/e_null.c +++ b/src/lib/libssl/src/crypto/evp/e_null.c | |||
| @@ -69,7 +69,7 @@ static const EVP_CIPHER n_cipher= | |||
| 69 | { | 69 | { |
| 70 | NID_undef, | 70 | NID_undef, |
| 71 | 1,0,0, | 71 | 1,0,0, |
| 72 | 0, | 72 | EVP_CIPH_FLAG_FIPS, |
| 73 | null_init_key, | 73 | null_init_key, |
| 74 | null_cipher, | 74 | null_cipher, |
| 75 | NULL, | 75 | NULL, |
diff --git a/src/lib/libssl/src/crypto/evp/e_rc4.c b/src/lib/libssl/src/crypto/evp/e_rc4.c index 67af850bea..55baad7446 100644 --- a/src/lib/libssl/src/crypto/evp/e_rc4.c +++ b/src/lib/libssl/src/crypto/evp/e_rc4.c | |||
| @@ -64,6 +64,7 @@ | |||
| 64 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 65 | #include <openssl/objects.h> | 65 | #include <openssl/objects.h> |
| 66 | #include <openssl/rc4.h> | 66 | #include <openssl/rc4.h> |
| 67 | #include "evp_locl.h" | ||
| 67 | 68 | ||
| 68 | /* FIXME: surely this is available elsewhere? */ | 69 | /* FIXME: surely this is available elsewhere? */ |
| 69 | #define EVP_RC4_KEY_SIZE 16 | 70 | #define EVP_RC4_KEY_SIZE 16 |
diff --git a/src/lib/libssl/src/crypto/evp/enc_min.c b/src/lib/libssl/src/crypto/evp/enc_min.c new file mode 100644 index 0000000000..3cb4626bef --- /dev/null +++ b/src/lib/libssl/src/crypto/evp/enc_min.c | |||
| @@ -0,0 +1,390 @@ | |||
| 1 | /* crypto/evp/enc_min.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/evp.h> | ||
| 62 | #include <openssl/err.h> | ||
| 63 | #include <openssl/rand.h> | ||
| 64 | #ifndef OPENSSL_NO_ENGINE | ||
| 65 | #include <openssl/engine.h> | ||
| 66 | #endif | ||
| 67 | #include "evp_locl.h" | ||
| 68 | |||
| 69 | void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) | ||
| 70 | { | ||
| 71 | #ifdef OPENSSL_FIPS | ||
| 72 | FIPS_selftest_check(); | ||
| 73 | #endif | ||
| 74 | memset(ctx,0,sizeof(EVP_CIPHER_CTX)); | ||
| 75 | /* ctx->cipher=NULL; */ | ||
| 76 | } | ||
| 77 | |||
| 78 | #ifdef OPENSSL_FIPS | ||
| 79 | |||
| 80 | /* The purpose of these is to trap programs that attempt to use non FIPS | ||
| 81 | * algorithms in FIPS mode and ignore the errors. | ||
| 82 | */ | ||
| 83 | |||
| 84 | static int bad_init(EVP_CIPHER_CTX *ctx, const unsigned char *key, | ||
| 85 | const unsigned char *iv, int enc) | ||
| 86 | { FIPS_ERROR_IGNORED("Cipher init"); return 0;} | ||
| 87 | |||
| 88 | static int bad_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
| 89 | const unsigned char *in, unsigned int inl) | ||
| 90 | { FIPS_ERROR_IGNORED("Cipher update"); return 0;} | ||
| 91 | |||
| 92 | /* NB: no cleanup because it is allowed after failed init */ | ||
| 93 | |||
| 94 | static int bad_set_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ) | ||
| 95 | { FIPS_ERROR_IGNORED("Cipher set_asn1"); return 0;} | ||
| 96 | static int bad_get_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ) | ||
| 97 | { FIPS_ERROR_IGNORED("Cipher get_asn1"); return 0;} | ||
| 98 | static int bad_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) | ||
| 99 | { FIPS_ERROR_IGNORED("Cipher ctrl"); return 0;} | ||
| 100 | |||
| 101 | static const EVP_CIPHER bad_cipher = | ||
| 102 | { | ||
| 103 | 0, | ||
| 104 | 0, | ||
| 105 | 0, | ||
| 106 | 0, | ||
| 107 | 0, | ||
| 108 | bad_init, | ||
| 109 | bad_do_cipher, | ||
| 110 | NULL, | ||
| 111 | 0, | ||
| 112 | bad_set_asn1, | ||
| 113 | bad_get_asn1, | ||
| 114 | bad_ctrl, | ||
| 115 | NULL | ||
| 116 | }; | ||
| 117 | |||
| 118 | #endif | ||
| 119 | |||
| 120 | #ifndef OPENSSL_NO_ENGINE | ||
| 121 | |||
| 122 | #ifdef OPENSSL_FIPS | ||
| 123 | |||
| 124 | static int do_engine_null(ENGINE *impl) { return 0;} | ||
| 125 | static int do_evp_enc_engine_null(EVP_CIPHER_CTX *ctx, | ||
| 126 | const EVP_CIPHER **pciph, ENGINE *impl) | ||
| 127 | { return 1; } | ||
| 128 | |||
| 129 | static int (*do_engine_finish)(ENGINE *impl) | ||
| 130 | = do_engine_null; | ||
| 131 | |||
| 132 | static int (*do_evp_enc_engine) | ||
| 133 | (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl) | ||
| 134 | = do_evp_enc_engine_null; | ||
| 135 | |||
| 136 | void int_EVP_CIPHER_set_engine_callbacks( | ||
| 137 | int (*eng_ciph_fin)(ENGINE *impl), | ||
| 138 | int (*eng_ciph_evp) | ||
| 139 | (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl)) | ||
| 140 | { | ||
| 141 | do_engine_finish = eng_ciph_fin; | ||
| 142 | do_evp_enc_engine = eng_ciph_evp; | ||
| 143 | } | ||
| 144 | |||
| 145 | #else | ||
| 146 | |||
| 147 | #define do_engine_finish ENGINE_finish | ||
| 148 | |||
| 149 | static int do_evp_enc_engine(EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pcipher, ENGINE *impl) | ||
| 150 | { | ||
| 151 | if(impl) | ||
| 152 | { | ||
| 153 | if (!ENGINE_init(impl)) | ||
| 154 | { | ||
| 155 | EVPerr(EVP_F_DO_EVP_ENC_ENGINE, EVP_R_INITIALIZATION_ERROR); | ||
| 156 | return 0; | ||
| 157 | } | ||
| 158 | } | ||
| 159 | else | ||
| 160 | /* Ask if an ENGINE is reserved for this job */ | ||
| 161 | impl = ENGINE_get_cipher_engine((*pcipher)->nid); | ||
| 162 | if(impl) | ||
| 163 | { | ||
| 164 | /* There's an ENGINE for this job ... (apparently) */ | ||
| 165 | const EVP_CIPHER *c = ENGINE_get_cipher(impl, (*pcipher)->nid); | ||
| 166 | if(!c) | ||
| 167 | { | ||
| 168 | /* One positive side-effect of US's export | ||
| 169 | * control history, is that we should at least | ||
| 170 | * be able to avoid using US mispellings of | ||
| 171 | * "initialisation"? */ | ||
| 172 | EVPerr(EVP_F_DO_EVP_ENC_ENGINE, EVP_R_INITIALIZATION_ERROR); | ||
| 173 | return 0; | ||
| 174 | } | ||
| 175 | /* We'll use the ENGINE's private cipher definition */ | ||
| 176 | *pcipher = c; | ||
| 177 | /* Store the ENGINE functional reference so we know | ||
| 178 | * 'cipher' came from an ENGINE and we need to release | ||
| 179 | * it when done. */ | ||
| 180 | ctx->engine = impl; | ||
| 181 | } | ||
| 182 | else | ||
| 183 | ctx->engine = NULL; | ||
| 184 | return 1; | ||
| 185 | } | ||
| 186 | |||
| 187 | #endif | ||
| 188 | |||
| 189 | #endif | ||
| 190 | |||
| 191 | int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, | ||
| 192 | const unsigned char *key, const unsigned char *iv, int enc) | ||
| 193 | { | ||
| 194 | if (enc == -1) | ||
| 195 | enc = ctx->encrypt; | ||
| 196 | else | ||
| 197 | { | ||
| 198 | if (enc) | ||
| 199 | enc = 1; | ||
| 200 | ctx->encrypt = enc; | ||
| 201 | } | ||
| 202 | #ifdef OPENSSL_NO_FIPS | ||
| 203 | if(FIPS_selftest_failed()) | ||
| 204 | { | ||
| 205 | FIPSerr(FIPS_F_EVP_CIPHERINIT_EX,FIPS_R_FIPS_SELFTEST_FAILED); | ||
| 206 | ctx->cipher = &bad_cipher; | ||
| 207 | return 0; | ||
| 208 | } | ||
| 209 | #endif | ||
| 210 | #ifndef OPENSSL_NO_ENGINE | ||
| 211 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts | ||
| 212 | * so this context may already have an ENGINE! Try to avoid releasing | ||
| 213 | * the previous handle, re-querying for an ENGINE, and having a | ||
| 214 | * reinitialisation, when it may all be unecessary. */ | ||
| 215 | if (ctx->engine && ctx->cipher && (!cipher || | ||
| 216 | (cipher && (cipher->nid == ctx->cipher->nid)))) | ||
| 217 | goto skip_to_init; | ||
| 218 | #endif | ||
| 219 | if (cipher) | ||
| 220 | { | ||
| 221 | /* Ensure a context left lying around from last time is cleared | ||
| 222 | * (the previous check attempted to avoid this if the same | ||
| 223 | * ENGINE and EVP_CIPHER could be used). */ | ||
| 224 | EVP_CIPHER_CTX_cleanup(ctx); | ||
| 225 | |||
| 226 | /* Restore encrypt field: it is zeroed by cleanup */ | ||
| 227 | ctx->encrypt = enc; | ||
| 228 | #ifndef OPENSSL_NO_ENGINE | ||
| 229 | if (!do_evp_enc_engine(ctx, &cipher, impl)) | ||
| 230 | return 0; | ||
| 231 | #endif | ||
| 232 | |||
| 233 | ctx->cipher=cipher; | ||
| 234 | if (ctx->cipher->ctx_size) | ||
| 235 | { | ||
| 236 | ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); | ||
| 237 | if (!ctx->cipher_data) | ||
| 238 | { | ||
| 239 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE); | ||
| 240 | return 0; | ||
| 241 | } | ||
| 242 | } | ||
| 243 | else | ||
| 244 | { | ||
| 245 | ctx->cipher_data = NULL; | ||
| 246 | } | ||
| 247 | ctx->key_len = cipher->key_len; | ||
| 248 | ctx->flags = 0; | ||
| 249 | if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) | ||
| 250 | { | ||
| 251 | if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) | ||
| 252 | { | ||
| 253 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); | ||
| 254 | return 0; | ||
| 255 | } | ||
| 256 | } | ||
| 257 | } | ||
| 258 | else if(!ctx->cipher) | ||
| 259 | { | ||
| 260 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); | ||
| 261 | return 0; | ||
| 262 | } | ||
| 263 | #ifndef OPENSSL_NO_ENGINE | ||
| 264 | skip_to_init: | ||
| 265 | #endif | ||
| 266 | /* we assume block size is a power of 2 in *cryptUpdate */ | ||
| 267 | OPENSSL_assert(ctx->cipher->block_size == 1 | ||
| 268 | || ctx->cipher->block_size == 8 | ||
| 269 | || ctx->cipher->block_size == 16); | ||
| 270 | |||
| 271 | if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { | ||
| 272 | switch(EVP_CIPHER_CTX_mode(ctx)) { | ||
| 273 | |||
| 274 | case EVP_CIPH_STREAM_CIPHER: | ||
| 275 | case EVP_CIPH_ECB_MODE: | ||
| 276 | break; | ||
| 277 | |||
| 278 | case EVP_CIPH_CFB_MODE: | ||
| 279 | case EVP_CIPH_OFB_MODE: | ||
| 280 | |||
| 281 | ctx->num = 0; | ||
| 282 | |||
| 283 | case EVP_CIPH_CBC_MODE: | ||
| 284 | |||
| 285 | OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= | ||
| 286 | (int)sizeof(ctx->iv)); | ||
| 287 | if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); | ||
| 288 | memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); | ||
| 289 | break; | ||
| 290 | |||
| 291 | default: | ||
| 292 | return 0; | ||
| 293 | break; | ||
| 294 | } | ||
| 295 | } | ||
| 296 | |||
| 297 | #ifdef OPENSSL_FIPS | ||
| 298 | /* After 'key' is set no further parameters changes are permissible. | ||
| 299 | * So only check for non FIPS enabling at this point. | ||
| 300 | */ | ||
| 301 | if (key && FIPS_mode()) | ||
| 302 | { | ||
| 303 | if (!(ctx->cipher->flags & EVP_CIPH_FLAG_FIPS) | ||
| 304 | & !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) | ||
| 305 | { | ||
| 306 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_DISABLED_FOR_FIPS); | ||
| 307 | #if 0 | ||
| 308 | ERR_add_error_data(2, "cipher=", | ||
| 309 | EVP_CIPHER_name(ctx->cipher)); | ||
| 310 | #endif | ||
| 311 | ctx->cipher = &bad_cipher; | ||
| 312 | return 0; | ||
| 313 | } | ||
| 314 | } | ||
| 315 | #endif | ||
| 316 | |||
| 317 | if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { | ||
| 318 | if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; | ||
| 319 | } | ||
| 320 | ctx->buf_len=0; | ||
| 321 | ctx->final_used=0; | ||
| 322 | ctx->block_mask=ctx->cipher->block_size-1; | ||
| 323 | return 1; | ||
| 324 | } | ||
| 325 | |||
| 326 | int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) | ||
| 327 | { | ||
| 328 | if (c->cipher != NULL) | ||
| 329 | { | ||
| 330 | if(c->cipher->cleanup && !c->cipher->cleanup(c)) | ||
| 331 | return 0; | ||
| 332 | /* Cleanse cipher context data */ | ||
| 333 | if (c->cipher_data) | ||
| 334 | OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); | ||
| 335 | } | ||
| 336 | if (c->cipher_data) | ||
| 337 | OPENSSL_free(c->cipher_data); | ||
| 338 | #ifndef OPENSSL_NO_ENGINE | ||
| 339 | if (c->engine) | ||
| 340 | /* The EVP_CIPHER we used belongs to an ENGINE, release the | ||
| 341 | * functional reference we held for this reason. */ | ||
| 342 | do_engine_finish(c->engine); | ||
| 343 | #endif | ||
| 344 | memset(c,0,sizeof(EVP_CIPHER_CTX)); | ||
| 345 | return 1; | ||
| 346 | } | ||
| 347 | |||
| 348 | int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) | ||
| 349 | { | ||
| 350 | #ifdef OPENSSL_FIPS | ||
| 351 | FIPS_selftest_check(); | ||
| 352 | #endif | ||
| 353 | return ctx->cipher->do_cipher(ctx,out,in,inl); | ||
| 354 | } | ||
| 355 | |||
| 356 | int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) | ||
| 357 | { | ||
| 358 | int ret; | ||
| 359 | if(!ctx->cipher) { | ||
| 360 | EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); | ||
| 361 | return 0; | ||
| 362 | } | ||
| 363 | |||
| 364 | if(!ctx->cipher->ctrl) { | ||
| 365 | EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); | ||
| 366 | return 0; | ||
| 367 | } | ||
| 368 | |||
| 369 | ret = ctx->cipher->ctrl(ctx, type, arg, ptr); | ||
| 370 | if(ret == -1) { | ||
| 371 | EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); | ||
| 372 | return 0; | ||
| 373 | } | ||
| 374 | return ret; | ||
| 375 | } | ||
| 376 | |||
| 377 | unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) | ||
| 378 | { | ||
| 379 | return ctx->cipher->flags; | ||
| 380 | } | ||
| 381 | |||
| 382 | int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) | ||
| 383 | { | ||
| 384 | return ctx->cipher->iv_len; | ||
| 385 | } | ||
| 386 | |||
| 387 | int EVP_CIPHER_nid(const EVP_CIPHER *cipher) | ||
| 388 | { | ||
| 389 | return cipher->nid; | ||
| 390 | } | ||
diff --git a/src/lib/libssl/src/crypto/evp/evp.h b/src/lib/libssl/src/crypto/evp/evp.h index bdd3b7ecaa..79c097181f 100644 --- a/src/lib/libssl/src/crypto/evp/evp.h +++ b/src/lib/libssl/src/crypto/evp/evp.h | |||
| @@ -75,6 +75,10 @@ | |||
| 75 | #include <openssl/bio.h> | 75 | #include <openssl/bio.h> |
| 76 | #endif | 76 | #endif |
| 77 | 77 | ||
| 78 | #ifdef OPENSSL_FIPS | ||
| 79 | #include <openssl/fips.h> | ||
| 80 | #endif | ||
| 81 | |||
| 78 | /* | 82 | /* |
| 79 | #define EVP_RC2_KEY_SIZE 16 | 83 | #define EVP_RC2_KEY_SIZE 16 |
| 80 | #define EVP_RC4_KEY_SIZE 16 | 84 | #define EVP_RC4_KEY_SIZE 16 |
| @@ -250,9 +254,19 @@ typedef int evp_verify_method(int type,const unsigned char *m, | |||
| 250 | unsigned int m_length,const unsigned char *sigbuf, | 254 | unsigned int m_length,const unsigned char *sigbuf, |
| 251 | unsigned int siglen, void *key); | 255 | unsigned int siglen, void *key); |
| 252 | 256 | ||
| 257 | typedef struct | ||
| 258 | { | ||
| 259 | EVP_MD_CTX *mctx; | ||
| 260 | void *key; | ||
| 261 | } EVP_MD_SVCTX; | ||
| 262 | |||
| 253 | #define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single | 263 | #define EVP_MD_FLAG_ONESHOT 0x0001 /* digest can only handle a single |
| 254 | * block */ | 264 | * block */ |
| 255 | 265 | ||
| 266 | #define EVP_MD_FLAG_FIPS 0x0400 /* Note if suitable for use in FIPS mode */ | ||
| 267 | |||
| 268 | #define EVP_MD_FLAG_SVCTX 0x0800 /* pass EVP_MD_SVCTX to sign/verify */ | ||
| 269 | |||
| 256 | #define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} | 270 | #define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} |
| 257 | 271 | ||
| 258 | #ifndef OPENSSL_NO_DSA | 272 | #ifndef OPENSSL_NO_DSA |
| @@ -303,6 +317,17 @@ struct env_md_ctx_st | |||
| 303 | * cleaned */ | 317 | * cleaned */ |
| 304 | #define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data | 318 | #define EVP_MD_CTX_FLAG_REUSE 0x0004 /* Don't free up ctx->md_data |
| 305 | * in EVP_MD_CTX_cleanup */ | 319 | * in EVP_MD_CTX_cleanup */ |
| 320 | #define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW 0x0008 /* Allow use of non FIPS digest | ||
| 321 | * in FIPS mode */ | ||
| 322 | |||
| 323 | #define EVP_MD_CTX_FLAG_PAD_MASK 0xF0 /* RSA mode to use */ | ||
| 324 | #define EVP_MD_CTX_FLAG_PAD_PKCS1 0x00 /* PKCS#1 v1.5 mode */ | ||
| 325 | #define EVP_MD_CTX_FLAG_PAD_X931 0x10 /* X9.31 mode */ | ||
| 326 | #define EVP_MD_CTX_FLAG_PAD_PSS 0x20 /* PSS mode */ | ||
| 327 | #define M_EVP_MD_CTX_FLAG_PSS_SALT(ctx) \ | ||
| 328 | ((ctx->flags>>16) &0xFFFF) /* seed length */ | ||
| 329 | #define EVP_MD_CTX_FLAG_PSS_MDLEN 0xFFFF /* salt len same as digest */ | ||
| 330 | #define EVP_MD_CTX_FLAG_PSS_MREC 0xFFFE /* salt max or auto recovered */ | ||
| 306 | 331 | ||
| 307 | struct evp_cipher_st | 332 | struct evp_cipher_st |
| 308 | { | 333 | { |
| @@ -347,6 +372,14 @@ struct evp_cipher_st | |||
| 347 | #define EVP_CIPH_NO_PADDING 0x100 | 372 | #define EVP_CIPH_NO_PADDING 0x100 |
| 348 | /* cipher handles random key generation */ | 373 | /* cipher handles random key generation */ |
| 349 | #define EVP_CIPH_RAND_KEY 0x200 | 374 | #define EVP_CIPH_RAND_KEY 0x200 |
| 375 | /* Note if suitable for use in FIPS mode */ | ||
| 376 | #define EVP_CIPH_FLAG_FIPS 0x400 | ||
| 377 | /* Allow non FIPS cipher in FIPS mode */ | ||
| 378 | #define EVP_CIPH_FLAG_NON_FIPS_ALLOW 0x800 | ||
| 379 | /* Allow use default ASN1 get/set iv */ | ||
| 380 | #define EVP_CIPH_FLAG_DEFAULT_ASN1 0x1000 | ||
| 381 | /* Buffer length in bits not bytes: CFB1 mode only */ | ||
| 382 | #define EVP_CIPH_FLAG_LENGTH_BITS 0x2000 | ||
| 350 | 383 | ||
| 351 | /* ctrl() values */ | 384 | /* ctrl() values */ |
| 352 | 385 | ||
| @@ -429,6 +462,18 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, | |||
| 429 | #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) | 462 | #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) |
| 430 | #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) | 463 | #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) |
| 431 | 464 | ||
| 465 | /* Macros to reduce FIPS dependencies: do NOT use in applications */ | ||
| 466 | #define M_EVP_MD_size(e) ((e)->md_size) | ||
| 467 | #define M_EVP_MD_block_size(e) ((e)->block_size) | ||
| 468 | #define M_EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) | ||
| 469 | #define M_EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs)) | ||
| 470 | #define M_EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs)) | ||
| 471 | #define M_EVP_MD_type(e) ((e)->type) | ||
| 472 | #define M_EVP_MD_CTX_type(e) M_EVP_MD_type(M_EVP_MD_CTX_md(e)) | ||
| 473 | #define M_EVP_MD_CTX_md(e) ((e)->digest) | ||
| 474 | |||
| 475 | #define M_EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs)) | ||
| 476 | |||
| 432 | int EVP_MD_type(const EVP_MD *md); | 477 | int EVP_MD_type(const EVP_MD *md); |
| 433 | #define EVP_MD_nid(e) EVP_MD_type(e) | 478 | #define EVP_MD_nid(e) EVP_MD_type(e) |
| 434 | #define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) | 479 | #define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e)) |
| @@ -524,6 +569,10 @@ int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md, | |||
| 524 | const unsigned char *salt, const unsigned char *data, | 569 | const unsigned char *salt, const unsigned char *data, |
| 525 | int datal, int count, unsigned char *key,unsigned char *iv); | 570 | int datal, int count, unsigned char *key,unsigned char *iv); |
| 526 | 571 | ||
| 572 | void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags); | ||
| 573 | void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags); | ||
| 574 | int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx,int flags); | ||
| 575 | |||
| 527 | int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, | 576 | int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, |
| 528 | const unsigned char *key, const unsigned char *iv); | 577 | const unsigned char *key, const unsigned char *iv); |
| 529 | int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, | 578 | int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl, |
| @@ -879,6 +928,24 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, | |||
| 879 | EVP_PBE_KEYGEN *keygen); | 928 | EVP_PBE_KEYGEN *keygen); |
| 880 | void EVP_PBE_cleanup(void); | 929 | void EVP_PBE_cleanup(void); |
| 881 | 930 | ||
| 931 | #ifdef OPENSSL_FIPS | ||
| 932 | #ifndef OPENSSL_NO_ENGINE | ||
| 933 | void int_EVP_MD_set_engine_callbacks( | ||
| 934 | int (*eng_md_init)(ENGINE *impl), | ||
| 935 | int (*eng_md_fin)(ENGINE *impl), | ||
| 936 | int (*eng_md_evp) | ||
| 937 | (EVP_MD_CTX *ctx, const EVP_MD **ptype, ENGINE *impl)); | ||
| 938 | void int_EVP_MD_init_engine_callbacks(void); | ||
| 939 | void int_EVP_CIPHER_set_engine_callbacks( | ||
| 940 | int (*eng_ciph_fin)(ENGINE *impl), | ||
| 941 | int (*eng_ciph_evp) | ||
| 942 | (EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pciph, ENGINE *impl)); | ||
| 943 | void int_EVP_CIPHER_init_engine_callbacks(void); | ||
| 944 | #endif | ||
| 945 | #endif | ||
| 946 | |||
| 947 | void EVP_add_alg_module(void); | ||
| 948 | |||
| 882 | /* BEGIN ERROR CODES */ | 949 | /* BEGIN ERROR CODES */ |
| 883 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 950 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
| 884 | * made after this point may be overwritten when the script is next run. | 951 | * made after this point may be overwritten when the script is next run. |
| @@ -889,16 +956,23 @@ void ERR_load_EVP_strings(void); | |||
| 889 | 956 | ||
| 890 | /* Function codes. */ | 957 | /* Function codes. */ |
| 891 | #define EVP_F_AES_INIT_KEY 133 | 958 | #define EVP_F_AES_INIT_KEY 133 |
| 959 | #define EVP_F_ALG_MODULE_INIT 138 | ||
| 892 | #define EVP_F_CAMELLIA_INIT_KEY 159 | 960 | #define EVP_F_CAMELLIA_INIT_KEY 159 |
| 893 | #define EVP_F_D2I_PKEY 100 | 961 | #define EVP_F_D2I_PKEY 100 |
| 962 | #define EVP_F_DO_EVP_ENC_ENGINE 140 | ||
| 963 | #define EVP_F_DO_EVP_ENC_ENGINE_FULL 141 | ||
| 964 | #define EVP_F_DO_EVP_MD_ENGINE 139 | ||
| 965 | #define EVP_F_DO_EVP_MD_ENGINE_FULL 142 | ||
| 894 | #define EVP_F_DSAPKEY2PKCS8 134 | 966 | #define EVP_F_DSAPKEY2PKCS8 134 |
| 895 | #define EVP_F_DSA_PKEY2PKCS8 135 | 967 | #define EVP_F_DSA_PKEY2PKCS8 135 |
| 896 | #define EVP_F_ECDSA_PKEY2PKCS8 129 | 968 | #define EVP_F_ECDSA_PKEY2PKCS8 129 |
| 897 | #define EVP_F_ECKEY_PKEY2PKCS8 132 | 969 | #define EVP_F_ECKEY_PKEY2PKCS8 132 |
| 970 | #define EVP_F_EVP_CIPHERINIT 137 | ||
| 898 | #define EVP_F_EVP_CIPHERINIT_EX 123 | 971 | #define EVP_F_EVP_CIPHERINIT_EX 123 |
| 899 | #define EVP_F_EVP_CIPHER_CTX_CTRL 124 | 972 | #define EVP_F_EVP_CIPHER_CTX_CTRL 124 |
| 900 | #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 | 973 | #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 |
| 901 | #define EVP_F_EVP_DECRYPTFINAL_EX 101 | 974 | #define EVP_F_EVP_DECRYPTFINAL_EX 101 |
| 975 | #define EVP_F_EVP_DIGESTINIT 136 | ||
| 902 | #define EVP_F_EVP_DIGESTINIT_EX 128 | 976 | #define EVP_F_EVP_DIGESTINIT_EX 128 |
| 903 | #define EVP_F_EVP_ENCRYPTFINAL_EX 127 | 977 | #define EVP_F_EVP_ENCRYPTFINAL_EX 127 |
| 904 | #define EVP_F_EVP_MD_CTX_COPY_EX 110 | 978 | #define EVP_F_EVP_MD_CTX_COPY_EX 110 |
| @@ -940,15 +1014,20 @@ void ERR_load_EVP_strings(void); | |||
| 940 | #define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 | 1014 | #define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH 138 |
| 941 | #define EVP_R_DECODE_ERROR 114 | 1015 | #define EVP_R_DECODE_ERROR 114 |
| 942 | #define EVP_R_DIFFERENT_KEY_TYPES 101 | 1016 | #define EVP_R_DIFFERENT_KEY_TYPES 101 |
| 1017 | #define EVP_R_DISABLED_FOR_FIPS 144 | ||
| 943 | #define EVP_R_ENCODE_ERROR 115 | 1018 | #define EVP_R_ENCODE_ERROR 115 |
| 1019 | #define EVP_R_ERROR_LOADING_SECTION 145 | ||
| 1020 | #define EVP_R_ERROR_SETTING_FIPS_MODE 146 | ||
| 944 | #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 | 1021 | #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 |
| 945 | #define EVP_R_EXPECTING_AN_RSA_KEY 127 | 1022 | #define EVP_R_EXPECTING_AN_RSA_KEY 127 |
| 946 | #define EVP_R_EXPECTING_A_DH_KEY 128 | 1023 | #define EVP_R_EXPECTING_A_DH_KEY 128 |
| 947 | #define EVP_R_EXPECTING_A_DSA_KEY 129 | 1024 | #define EVP_R_EXPECTING_A_DSA_KEY 129 |
| 948 | #define EVP_R_EXPECTING_A_ECDSA_KEY 141 | 1025 | #define EVP_R_EXPECTING_A_ECDSA_KEY 141 |
| 949 | #define EVP_R_EXPECTING_A_EC_KEY 142 | 1026 | #define EVP_R_EXPECTING_A_EC_KEY 142 |
| 1027 | #define EVP_R_FIPS_MODE_NOT_SUPPORTED 147 | ||
| 950 | #define EVP_R_INITIALIZATION_ERROR 134 | 1028 | #define EVP_R_INITIALIZATION_ERROR 134 |
| 951 | #define EVP_R_INPUT_NOT_INITIALIZED 111 | 1029 | #define EVP_R_INPUT_NOT_INITIALIZED 111 |
| 1030 | #define EVP_R_INVALID_FIPS_MODE 148 | ||
| 952 | #define EVP_R_INVALID_KEY_LENGTH 130 | 1031 | #define EVP_R_INVALID_KEY_LENGTH 130 |
| 953 | #define EVP_R_IV_TOO_LARGE 102 | 1032 | #define EVP_R_IV_TOO_LARGE 102 |
| 954 | #define EVP_R_KEYGEN_FAILURE 120 | 1033 | #define EVP_R_KEYGEN_FAILURE 120 |
| @@ -960,6 +1039,7 @@ void ERR_load_EVP_strings(void); | |||
| 960 | #define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 | 1039 | #define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 |
| 961 | #define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117 | 1040 | #define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117 |
| 962 | #define EVP_R_PUBLIC_KEY_NOT_RSA 106 | 1041 | #define EVP_R_PUBLIC_KEY_NOT_RSA 106 |
| 1042 | #define EVP_R_UNKNOWN_OPTION 149 | ||
| 963 | #define EVP_R_UNKNOWN_PBE_ALGORITHM 121 | 1043 | #define EVP_R_UNKNOWN_PBE_ALGORITHM 121 |
| 964 | #define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 | 1044 | #define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 |
| 965 | #define EVP_R_UNSUPPORTED_CIPHER 107 | 1045 | #define EVP_R_UNSUPPORTED_CIPHER 107 |
diff --git a/src/lib/libssl/src/crypto/evp/evp_acnf.c b/src/lib/libssl/src/crypto/evp/evp_acnf.c index ff3e311cc5..643a1864e8 100644 --- a/src/lib/libssl/src/crypto/evp/evp_acnf.c +++ b/src/lib/libssl/src/crypto/evp/evp_acnf.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* evp_acnf.c */ | 1 | /* evp_acnf.c */ |
| 2 | /* Written by Stephen Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/evp/evp_cnf.c b/src/lib/libssl/src/crypto/evp/evp_cnf.c new file mode 100644 index 0000000000..2e4db30235 --- /dev/null +++ b/src/lib/libssl/src/crypto/evp/evp_cnf.c | |||
| @@ -0,0 +1,125 @@ | |||
| 1 | /* evp_cnf.c */ | ||
| 2 | /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project 2007. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2007 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <ctype.h> | ||
| 61 | #include <openssl/crypto.h> | ||
| 62 | #include "cryptlib.h" | ||
| 63 | #include <openssl/conf.h> | ||
| 64 | #include <openssl/dso.h> | ||
| 65 | #include <openssl/x509.h> | ||
| 66 | #include <openssl/x509v3.h> | ||
| 67 | #ifdef OPENSSL_FIPS | ||
| 68 | #include <openssl/fips.h> | ||
| 69 | #endif | ||
| 70 | |||
| 71 | |||
| 72 | /* Algorithm configuration module. */ | ||
| 73 | |||
| 74 | static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) | ||
| 75 | { | ||
| 76 | int i; | ||
| 77 | const char *oid_section; | ||
| 78 | STACK_OF(CONF_VALUE) *sktmp; | ||
| 79 | CONF_VALUE *oval; | ||
| 80 | oid_section = CONF_imodule_get_value(md); | ||
| 81 | if(!(sktmp = NCONF_get_section(cnf, oid_section))) | ||
| 82 | { | ||
| 83 | EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION); | ||
| 84 | return 0; | ||
| 85 | } | ||
| 86 | for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) | ||
| 87 | { | ||
| 88 | oval = sk_CONF_VALUE_value(sktmp, i); | ||
| 89 | if (!strcmp(oval->name, "fips_mode")) | ||
| 90 | { | ||
| 91 | int m; | ||
| 92 | if (!X509V3_get_value_bool(oval, &m)) | ||
| 93 | { | ||
| 94 | EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE); | ||
| 95 | return 0; | ||
| 96 | } | ||
| 97 | if (m > 0) | ||
| 98 | { | ||
| 99 | #ifdef OPENSSL_FIPS | ||
| 100 | if (!FIPS_mode() && !FIPS_mode_set(1)) | ||
| 101 | { | ||
| 102 | EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_SETTING_FIPS_MODE); | ||
| 103 | return 0; | ||
| 104 | } | ||
| 105 | #else | ||
| 106 | EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED); | ||
| 107 | return 0; | ||
| 108 | #endif | ||
| 109 | } | ||
| 110 | } | ||
| 111 | else | ||
| 112 | { | ||
| 113 | EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION); | ||
| 114 | ERR_add_error_data(4, "name=", oval->name, | ||
| 115 | ", value=", oval->value); | ||
| 116 | } | ||
| 117 | |||
| 118 | } | ||
| 119 | return 1; | ||
| 120 | } | ||
| 121 | |||
| 122 | void EVP_add_alg_module(void) | ||
| 123 | { | ||
| 124 | CONF_module_add("alg_section", alg_module_init, 0); | ||
| 125 | } | ||
diff --git a/src/lib/libssl/src/crypto/evp/evp_enc.c b/src/lib/libssl/src/crypto/evp/evp_enc.c index a1904993bf..30e0ca4d9f 100644 --- a/src/lib/libssl/src/crypto/evp/evp_enc.c +++ b/src/lib/libssl/src/crypto/evp/evp_enc.c | |||
| @@ -66,13 +66,15 @@ | |||
| 66 | #endif | 66 | #endif |
| 67 | #include "evp_locl.h" | 67 | #include "evp_locl.h" |
| 68 | 68 | ||
| 69 | const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT; | 69 | #ifdef OPENSSL_FIPS |
| 70 | #define M_do_cipher(ctx, out, in, inl) \ | ||
| 71 | EVP_Cipher(ctx,out,in,inl) | ||
| 72 | #else | ||
| 73 | #define M_do_cipher(ctx, out, in, inl) \ | ||
| 74 | ctx->cipher->do_cipher(ctx,out,in,inl) | ||
| 75 | #endif | ||
| 70 | 76 | ||
| 71 | void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) | 77 | const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT; |
| 72 | { | ||
| 73 | memset(ctx,0,sizeof(EVP_CIPHER_CTX)); | ||
| 74 | /* ctx->cipher=NULL; */ | ||
| 75 | } | ||
| 76 | 78 | ||
| 77 | EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) | 79 | EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) |
| 78 | { | 80 | { |
| @@ -90,144 +92,6 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, | |||
| 90 | return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); | 92 | return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc); |
| 91 | } | 93 | } |
| 92 | 94 | ||
| 93 | int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl, | ||
| 94 | const unsigned char *key, const unsigned char *iv, int enc) | ||
| 95 | { | ||
| 96 | if (enc == -1) | ||
| 97 | enc = ctx->encrypt; | ||
| 98 | else | ||
| 99 | { | ||
| 100 | if (enc) | ||
| 101 | enc = 1; | ||
| 102 | ctx->encrypt = enc; | ||
| 103 | } | ||
| 104 | #ifndef OPENSSL_NO_ENGINE | ||
| 105 | /* Whether it's nice or not, "Inits" can be used on "Final"'d contexts | ||
| 106 | * so this context may already have an ENGINE! Try to avoid releasing | ||
| 107 | * the previous handle, re-querying for an ENGINE, and having a | ||
| 108 | * reinitialisation, when it may all be unecessary. */ | ||
| 109 | if (ctx->engine && ctx->cipher && (!cipher || | ||
| 110 | (cipher && (cipher->nid == ctx->cipher->nid)))) | ||
| 111 | goto skip_to_init; | ||
| 112 | #endif | ||
| 113 | if (cipher) | ||
| 114 | { | ||
| 115 | /* Ensure a context left lying around from last time is cleared | ||
| 116 | * (the previous check attempted to avoid this if the same | ||
| 117 | * ENGINE and EVP_CIPHER could be used). */ | ||
| 118 | EVP_CIPHER_CTX_cleanup(ctx); | ||
| 119 | |||
| 120 | /* Restore encrypt field: it is zeroed by cleanup */ | ||
| 121 | ctx->encrypt = enc; | ||
| 122 | #ifndef OPENSSL_NO_ENGINE | ||
| 123 | if(impl) | ||
| 124 | { | ||
| 125 | if (!ENGINE_init(impl)) | ||
| 126 | { | ||
| 127 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); | ||
| 128 | return 0; | ||
| 129 | } | ||
| 130 | } | ||
| 131 | else | ||
| 132 | /* Ask if an ENGINE is reserved for this job */ | ||
| 133 | impl = ENGINE_get_cipher_engine(cipher->nid); | ||
| 134 | if(impl) | ||
| 135 | { | ||
| 136 | /* There's an ENGINE for this job ... (apparently) */ | ||
| 137 | const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid); | ||
| 138 | if(!c) | ||
| 139 | { | ||
| 140 | /* One positive side-effect of US's export | ||
| 141 | * control history, is that we should at least | ||
| 142 | * be able to avoid using US mispellings of | ||
| 143 | * "initialisation"? */ | ||
| 144 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); | ||
| 145 | return 0; | ||
| 146 | } | ||
| 147 | /* We'll use the ENGINE's private cipher definition */ | ||
| 148 | cipher = c; | ||
| 149 | /* Store the ENGINE functional reference so we know | ||
| 150 | * 'cipher' came from an ENGINE and we need to release | ||
| 151 | * it when done. */ | ||
| 152 | ctx->engine = impl; | ||
| 153 | } | ||
| 154 | else | ||
| 155 | ctx->engine = NULL; | ||
| 156 | #endif | ||
| 157 | |||
| 158 | ctx->cipher=cipher; | ||
| 159 | if (ctx->cipher->ctx_size) | ||
| 160 | { | ||
| 161 | ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size); | ||
| 162 | if (!ctx->cipher_data) | ||
| 163 | { | ||
| 164 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE); | ||
| 165 | return 0; | ||
| 166 | } | ||
| 167 | } | ||
| 168 | else | ||
| 169 | { | ||
| 170 | ctx->cipher_data = NULL; | ||
| 171 | } | ||
| 172 | ctx->key_len = cipher->key_len; | ||
| 173 | ctx->flags = 0; | ||
| 174 | if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) | ||
| 175 | { | ||
| 176 | if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) | ||
| 177 | { | ||
| 178 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR); | ||
| 179 | return 0; | ||
| 180 | } | ||
| 181 | } | ||
| 182 | } | ||
| 183 | else if(!ctx->cipher) | ||
| 184 | { | ||
| 185 | EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); | ||
| 186 | return 0; | ||
| 187 | } | ||
| 188 | #ifndef OPENSSL_NO_ENGINE | ||
| 189 | skip_to_init: | ||
| 190 | #endif | ||
| 191 | /* we assume block size is a power of 2 in *cryptUpdate */ | ||
| 192 | OPENSSL_assert(ctx->cipher->block_size == 1 | ||
| 193 | || ctx->cipher->block_size == 8 | ||
| 194 | || ctx->cipher->block_size == 16); | ||
| 195 | |||
| 196 | if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { | ||
| 197 | switch(EVP_CIPHER_CTX_mode(ctx)) { | ||
| 198 | |||
| 199 | case EVP_CIPH_STREAM_CIPHER: | ||
| 200 | case EVP_CIPH_ECB_MODE: | ||
| 201 | break; | ||
| 202 | |||
| 203 | case EVP_CIPH_CFB_MODE: | ||
| 204 | case EVP_CIPH_OFB_MODE: | ||
| 205 | |||
| 206 | ctx->num = 0; | ||
| 207 | |||
| 208 | case EVP_CIPH_CBC_MODE: | ||
| 209 | |||
| 210 | OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= | ||
| 211 | (int)sizeof(ctx->iv)); | ||
| 212 | if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); | ||
| 213 | memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); | ||
| 214 | break; | ||
| 215 | |||
| 216 | default: | ||
| 217 | return 0; | ||
| 218 | break; | ||
| 219 | } | ||
| 220 | } | ||
| 221 | |||
| 222 | if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { | ||
| 223 | if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; | ||
| 224 | } | ||
| 225 | ctx->buf_len=0; | ||
| 226 | ctx->final_used=0; | ||
| 227 | ctx->block_mask=ctx->cipher->block_size-1; | ||
| 228 | return 1; | ||
| 229 | } | ||
| 230 | |||
| 231 | int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | 95 | int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, |
| 232 | const unsigned char *in, int inl) | 96 | const unsigned char *in, int inl) |
| 233 | { | 97 | { |
| @@ -279,10 +143,15 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | |||
| 279 | { | 143 | { |
| 280 | int i,j,bl; | 144 | int i,j,bl; |
| 281 | 145 | ||
| 282 | OPENSSL_assert(inl > 0); | 146 | if (inl <= 0) |
| 147 | { | ||
| 148 | *outl = 0; | ||
| 149 | return inl == 0; | ||
| 150 | } | ||
| 151 | |||
| 283 | if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) | 152 | if(ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) |
| 284 | { | 153 | { |
| 285 | if(ctx->cipher->do_cipher(ctx,out,in,inl)) | 154 | if(M_do_cipher(ctx,out,in,inl)) |
| 286 | { | 155 | { |
| 287 | *outl=inl; | 156 | *outl=inl; |
| 288 | return 1; | 157 | return 1; |
| @@ -309,7 +178,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | |||
| 309 | { | 178 | { |
| 310 | j=bl-i; | 179 | j=bl-i; |
| 311 | memcpy(&(ctx->buf[i]),in,j); | 180 | memcpy(&(ctx->buf[i]),in,j); |
| 312 | if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0; | 181 | if(!M_do_cipher(ctx,out,ctx->buf,bl)) return 0; |
| 313 | inl-=j; | 182 | inl-=j; |
| 314 | in+=j; | 183 | in+=j; |
| 315 | out+=bl; | 184 | out+=bl; |
| @@ -322,7 +191,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | |||
| 322 | inl-=i; | 191 | inl-=i; |
| 323 | if (inl > 0) | 192 | if (inl > 0) |
| 324 | { | 193 | { |
| 325 | if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0; | 194 | if(!M_do_cipher(ctx,out,in,inl)) return 0; |
| 326 | *outl+=inl; | 195 | *outl+=inl; |
| 327 | } | 196 | } |
| 328 | 197 | ||
| @@ -366,7 +235,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) | |||
| 366 | n=b-bl; | 235 | n=b-bl; |
| 367 | for (i=bl; i<b; i++) | 236 | for (i=bl; i<b; i++) |
| 368 | ctx->buf[i]=n; | 237 | ctx->buf[i]=n; |
| 369 | ret=ctx->cipher->do_cipher(ctx,out,ctx->buf,b); | 238 | ret=M_do_cipher(ctx,out,ctx->buf,b); |
| 370 | 239 | ||
| 371 | 240 | ||
| 372 | if(ret) | 241 | if(ret) |
| @@ -381,10 +250,10 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, | |||
| 381 | int fix_len; | 250 | int fix_len; |
| 382 | unsigned int b; | 251 | unsigned int b; |
| 383 | 252 | ||
| 384 | if (inl == 0) | 253 | if (inl <= 0) |
| 385 | { | 254 | { |
| 386 | *outl=0; | 255 | *outl = 0; |
| 387 | return 1; | 256 | return inl == 0; |
| 388 | } | 257 | } |
| 389 | 258 | ||
| 390 | if (ctx->flags & EVP_CIPH_NO_PADDING) | 259 | if (ctx->flags & EVP_CIPH_NO_PADDING) |
| @@ -488,28 +357,6 @@ void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) | |||
| 488 | } | 357 | } |
| 489 | } | 358 | } |
| 490 | 359 | ||
| 491 | int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) | ||
| 492 | { | ||
| 493 | if (c->cipher != NULL) | ||
| 494 | { | ||
| 495 | if(c->cipher->cleanup && !c->cipher->cleanup(c)) | ||
| 496 | return 0; | ||
| 497 | /* Cleanse cipher context data */ | ||
| 498 | if (c->cipher_data) | ||
| 499 | OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); | ||
| 500 | } | ||
| 501 | if (c->cipher_data) | ||
| 502 | OPENSSL_free(c->cipher_data); | ||
| 503 | #ifndef OPENSSL_NO_ENGINE | ||
| 504 | if (c->engine) | ||
| 505 | /* The EVP_CIPHER we used belongs to an ENGINE, release the | ||
| 506 | * functional reference we held for this reason. */ | ||
| 507 | ENGINE_finish(c->engine); | ||
| 508 | #endif | ||
| 509 | memset(c,0,sizeof(EVP_CIPHER_CTX)); | ||
| 510 | return 1; | ||
| 511 | } | ||
| 512 | |||
| 513 | int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) | 360 | int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) |
| 514 | { | 361 | { |
| 515 | if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) | 362 | if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) |
| @@ -531,27 +378,6 @@ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad) | |||
| 531 | return 1; | 378 | return 1; |
| 532 | } | 379 | } |
| 533 | 380 | ||
| 534 | int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) | ||
| 535 | { | ||
| 536 | int ret; | ||
| 537 | if(!ctx->cipher) { | ||
| 538 | EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); | ||
| 539 | return 0; | ||
| 540 | } | ||
| 541 | |||
| 542 | if(!ctx->cipher->ctrl) { | ||
| 543 | EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); | ||
| 544 | return 0; | ||
| 545 | } | ||
| 546 | |||
| 547 | ret = ctx->cipher->ctrl(ctx, type, arg, ptr); | ||
| 548 | if(ret == -1) { | ||
| 549 | EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); | ||
| 550 | return 0; | ||
| 551 | } | ||
| 552 | return ret; | ||
| 553 | } | ||
| 554 | |||
| 555 | int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) | 381 | int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) |
| 556 | { | 382 | { |
| 557 | if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) | 383 | if (ctx->cipher->flags & EVP_CIPH_RAND_KEY) |
| @@ -561,3 +387,54 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) | |||
| 561 | return 1; | 387 | return 1; |
| 562 | } | 388 | } |
| 563 | 389 | ||
| 390 | #ifndef OPENSSL_NO_ENGINE | ||
| 391 | |||
| 392 | #ifdef OPENSSL_FIPS | ||
| 393 | |||
| 394 | static int do_evp_enc_engine_full(EVP_CIPHER_CTX *ctx, const EVP_CIPHER **pcipher, ENGINE *impl) | ||
| 395 | { | ||
| 396 | if(impl) | ||
| 397 | { | ||
| 398 | if (!ENGINE_init(impl)) | ||
| 399 | { | ||
| 400 | EVPerr(EVP_F_DO_EVP_ENC_ENGINE_FULL, EVP_R_INITIALIZATION_ERROR); | ||
| 401 | return 0; | ||
| 402 | } | ||
| 403 | } | ||
| 404 | else | ||
| 405 | /* Ask if an ENGINE is reserved for this job */ | ||
| 406 | impl = ENGINE_get_cipher_engine((*pcipher)->nid); | ||
| 407 | if(impl) | ||
| 408 | { | ||
| 409 | /* There's an ENGINE for this job ... (apparently) */ | ||
| 410 | const EVP_CIPHER *c = ENGINE_get_cipher(impl, (*pcipher)->nid); | ||
| 411 | if(!c) | ||
| 412 | { | ||
| 413 | /* One positive side-effect of US's export | ||
| 414 | * control history, is that we should at least | ||
| 415 | * be able to avoid using US mispellings of | ||
| 416 | * "initialisation"? */ | ||
| 417 | EVPerr(EVP_F_DO_EVP_ENC_ENGINE_FULL, EVP_R_INITIALIZATION_ERROR); | ||
| 418 | return 0; | ||
| 419 | } | ||
| 420 | /* We'll use the ENGINE's private cipher definition */ | ||
| 421 | *pcipher = c; | ||
| 422 | /* Store the ENGINE functional reference so we know | ||
| 423 | * 'cipher' came from an ENGINE and we need to release | ||
| 424 | * it when done. */ | ||
| 425 | ctx->engine = impl; | ||
| 426 | } | ||
| 427 | else | ||
| 428 | ctx->engine = NULL; | ||
| 429 | return 1; | ||
| 430 | } | ||
| 431 | |||
| 432 | void int_EVP_CIPHER_init_engine_callbacks(void) | ||
| 433 | { | ||
| 434 | int_EVP_CIPHER_set_engine_callbacks( | ||
| 435 | ENGINE_finish, do_evp_enc_engine_full); | ||
| 436 | } | ||
| 437 | |||
| 438 | #endif | ||
| 439 | |||
| 440 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/evp/evp_err.c b/src/lib/libssl/src/crypto/evp/evp_err.c index e8c9e8de9c..b5b900d4fe 100644 --- a/src/lib/libssl/src/crypto/evp/evp_err.c +++ b/src/lib/libssl/src/crypto/evp/evp_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/evp/evp_err.c */ | 1 | /* crypto/evp/evp_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -71,16 +71,23 @@ | |||
| 71 | static ERR_STRING_DATA EVP_str_functs[]= | 71 | static ERR_STRING_DATA EVP_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"}, | 73 | {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"}, |
| 74 | {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"}, | ||
| 74 | {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"}, | 75 | {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"}, |
| 75 | {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"}, | 76 | {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"}, |
| 77 | {ERR_FUNC(EVP_F_DO_EVP_ENC_ENGINE), "DO_EVP_ENC_ENGINE"}, | ||
| 78 | {ERR_FUNC(EVP_F_DO_EVP_ENC_ENGINE_FULL), "DO_EVP_ENC_ENGINE_FULL"}, | ||
| 79 | {ERR_FUNC(EVP_F_DO_EVP_MD_ENGINE), "DO_EVP_MD_ENGINE"}, | ||
| 80 | {ERR_FUNC(EVP_F_DO_EVP_MD_ENGINE_FULL), "DO_EVP_MD_ENGINE_FULL"}, | ||
| 76 | {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"}, | 81 | {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"}, |
| 77 | {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"}, | 82 | {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"}, |
| 78 | {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"}, | 83 | {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"}, |
| 79 | {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"}, | 84 | {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"}, |
| 85 | {ERR_FUNC(EVP_F_EVP_CIPHERINIT), "EVP_CipherInit"}, | ||
| 80 | {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, | 86 | {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"}, |
| 81 | {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"}, | 87 | {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"}, |
| 82 | {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"}, | 88 | {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"}, |
| 83 | {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"}, | 89 | {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"}, |
| 90 | {ERR_FUNC(EVP_F_EVP_DIGESTINIT), "EVP_DigestInit"}, | ||
| 84 | {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, | 91 | {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"}, |
| 85 | {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"}, | 92 | {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"}, |
| 86 | {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"}, | 93 | {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"}, |
| @@ -125,15 +132,20 @@ static ERR_STRING_DATA EVP_str_reasons[]= | |||
| 125 | {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"}, | 132 | {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),"data not multiple of block length"}, |
| 126 | {ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, | 133 | {ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, |
| 127 | {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, | 134 | {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, |
| 135 | {ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"}, | ||
| 128 | {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, | 136 | {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, |
| 137 | {ERR_REASON(EVP_R_ERROR_LOADING_SECTION) ,"error loading section"}, | ||
| 138 | {ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE),"error setting fips mode"}, | ||
| 129 | {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, | 139 | {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, |
| 130 | {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, | 140 | {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, |
| 131 | {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"}, | 141 | {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"}, |
| 132 | {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"}, | 142 | {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"}, |
| 133 | {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"}, | 143 | {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"}, |
| 134 | {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"}, | 144 | {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"}, |
| 145 | {ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED),"fips mode not supported"}, | ||
| 135 | {ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"}, | 146 | {ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"}, |
| 136 | {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"}, | 147 | {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"}, |
| 148 | {ERR_REASON(EVP_R_INVALID_FIPS_MODE) ,"invalid fips mode"}, | ||
| 137 | {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"}, | 149 | {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"}, |
| 138 | {ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"}, | 150 | {ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"}, |
| 139 | {ERR_REASON(EVP_R_KEYGEN_FAILURE) ,"keygen failure"}, | 151 | {ERR_REASON(EVP_R_KEYGEN_FAILURE) ,"keygen failure"}, |
| @@ -145,6 +157,8 @@ static ERR_STRING_DATA EVP_str_reasons[]= | |||
| 145 | {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),"no verify function configured"}, | 157 | {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),"no verify function configured"}, |
| 146 | {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),"pkcs8 unknown broken type"}, | 158 | {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),"pkcs8 unknown broken type"}, |
| 147 | {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"}, | 159 | {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA) ,"public key not rsa"}, |
| 160 | {ERR_REASON(EVP_R_SEED_KEY_SETUP_FAILED) ,"seed key setup failed"}, | ||
| 161 | {ERR_REASON(EVP_R_UNKNOWN_OPTION) ,"unknown option"}, | ||
| 148 | {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"}, | 162 | {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"}, |
| 149 | {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"}, | 163 | {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"}, |
| 150 | {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, | 164 | {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, |
diff --git a/src/lib/libssl/src/crypto/evp/evp_lib.c b/src/lib/libssl/src/crypto/evp/evp_lib.c index edb28ef38e..174cf6c594 100644 --- a/src/lib/libssl/src/crypto/evp/evp_lib.c +++ b/src/lib/libssl/src/crypto/evp/evp_lib.c | |||
| @@ -67,6 +67,8 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | |||
| 67 | 67 | ||
| 68 | if (c->cipher->set_asn1_parameters != NULL) | 68 | if (c->cipher->set_asn1_parameters != NULL) |
| 69 | ret=c->cipher->set_asn1_parameters(c,type); | 69 | ret=c->cipher->set_asn1_parameters(c,type); |
| 70 | else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) | ||
| 71 | ret=EVP_CIPHER_set_asn1_iv(c, type); | ||
| 70 | else | 72 | else |
| 71 | ret=-1; | 73 | ret=-1; |
| 72 | return(ret); | 74 | return(ret); |
| @@ -78,6 +80,8 @@ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type) | |||
| 78 | 80 | ||
| 79 | if (c->cipher->get_asn1_parameters != NULL) | 81 | if (c->cipher->get_asn1_parameters != NULL) |
| 80 | ret=c->cipher->get_asn1_parameters(c,type); | 82 | ret=c->cipher->get_asn1_parameters(c,type); |
| 83 | else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) | ||
| 84 | ret=EVP_CIPHER_get_asn1_iv(c, type); | ||
| 81 | else | 85 | else |
| 82 | ret=-1; | 86 | ret=-1; |
| 83 | return(ret); | 87 | return(ret); |
| @@ -178,11 +182,6 @@ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx) | |||
| 178 | return ctx->cipher->block_size; | 182 | return ctx->cipher->block_size; |
| 179 | } | 183 | } |
| 180 | 184 | ||
| 181 | int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) | ||
| 182 | { | ||
| 183 | return ctx->cipher->do_cipher(ctx,out,in,inl); | ||
| 184 | } | ||
| 185 | |||
| 186 | const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) | 185 | const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx) |
| 187 | { | 186 | { |
| 188 | return ctx->cipher; | 187 | return ctx->cipher; |
| @@ -193,11 +192,6 @@ unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher) | |||
| 193 | return cipher->flags; | 192 | return cipher->flags; |
| 194 | } | 193 | } |
| 195 | 194 | ||
| 196 | unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx) | ||
| 197 | { | ||
| 198 | return ctx->cipher->flags; | ||
| 199 | } | ||
| 200 | |||
| 201 | void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) | 195 | void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx) |
| 202 | { | 196 | { |
| 203 | return ctx->app_data; | 197 | return ctx->app_data; |
| @@ -213,11 +207,6 @@ int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher) | |||
| 213 | return cipher->iv_len; | 207 | return cipher->iv_len; |
| 214 | } | 208 | } |
| 215 | 209 | ||
| 216 | int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx) | ||
| 217 | { | ||
| 218 | return ctx->cipher->iv_len; | ||
| 219 | } | ||
| 220 | |||
| 221 | int EVP_CIPHER_key_length(const EVP_CIPHER *cipher) | 210 | int EVP_CIPHER_key_length(const EVP_CIPHER *cipher) |
| 222 | { | 211 | { |
| 223 | return cipher->key_len; | 212 | return cipher->key_len; |
| @@ -228,11 +217,6 @@ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx) | |||
| 228 | return ctx->key_len; | 217 | return ctx->key_len; |
| 229 | } | 218 | } |
| 230 | 219 | ||
| 231 | int EVP_CIPHER_nid(const EVP_CIPHER *cipher) | ||
| 232 | { | ||
| 233 | return cipher->nid; | ||
| 234 | } | ||
| 235 | |||
| 236 | int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx) | 220 | int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx) |
| 237 | { | 221 | { |
| 238 | return ctx->cipher->nid; | 222 | return ctx->cipher->nid; |
| @@ -277,3 +261,18 @@ int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags) | |||
| 277 | { | 261 | { |
| 278 | return (ctx->flags & flags); | 262 | return (ctx->flags & flags); |
| 279 | } | 263 | } |
| 264 | |||
| 265 | void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags) | ||
| 266 | { | ||
| 267 | ctx->flags |= flags; | ||
| 268 | } | ||
| 269 | |||
| 270 | void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags) | ||
| 271 | { | ||
| 272 | ctx->flags &= ~flags; | ||
| 273 | } | ||
| 274 | |||
| 275 | int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags) | ||
| 276 | { | ||
| 277 | return (ctx->flags & flags); | ||
| 278 | } | ||
diff --git a/src/lib/libssl/src/crypto/evp/evp_locl.h b/src/lib/libssl/src/crypto/evp/evp_locl.h index 073b0adcff..eabcc96f30 100644 --- a/src/lib/libssl/src/crypto/evp/evp_locl.h +++ b/src/lib/libssl/src/crypto/evp/evp_locl.h | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* evp_locl.h */ | 1 | /* evp_locl.h */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -92,7 +92,7 @@ static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns | |||
| 92 | #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ | 92 | #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \ |
| 93 | static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ | 93 | static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ |
| 94 | {\ | 94 | {\ |
| 95 | cprefix##_cfb##cbits##_encrypt(in, out, (long)(cbits==1?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ | 95 | cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\ |
| 96 | return 1;\ | 96 | return 1;\ |
| 97 | } | 97 | } |
| 98 | 98 | ||
| @@ -226,11 +226,27 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } | |||
| 226 | 226 | ||
| 227 | #define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data) | 227 | #define EVP_C_DATA(kstruct, ctx) ((kstruct *)(ctx)->cipher_data) |
| 228 | 228 | ||
| 229 | #define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \ | 229 | #define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,fl) \ |
| 230 | BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ | 230 | BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \ |
| 231 | BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ | 231 | BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \ |
| 232 | NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ | 232 | NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \ |
| 233 | 0, cipher##_init_key, NULL, \ | 233 | (fl)|EVP_CIPH_FLAG_DEFAULT_ASN1, \ |
| 234 | EVP_CIPHER_set_asn1_iv, \ | 234 | cipher##_init_key, NULL, NULL, NULL, NULL) |
| 235 | EVP_CIPHER_get_asn1_iv, \ | 235 | |
| 236 | NULL) | 236 | #ifdef OPENSSL_FIPS |
| 237 | #define RC2_set_key private_RC2_set_key | ||
| 238 | #define RC4_set_key private_RC4_set_key | ||
| 239 | #define CAST_set_key private_CAST_set_key | ||
| 240 | #define RC5_32_set_key private_RC5_32_set_key | ||
| 241 | #define BF_set_key private_BF_set_key | ||
| 242 | #define Camellia_set_key private_Camellia_set_key | ||
| 243 | #define idea_set_encrypt_key private_idea_set_encrypt_key | ||
| 244 | |||
| 245 | #define MD5_Init private_MD5_Init | ||
| 246 | #define MD4_Init private_MD4_Init | ||
| 247 | #define MD2_Init private_MD2_Init | ||
| 248 | #define MDC2_Init private_MDC2_Init | ||
| 249 | #define SHA_Init private_SHA_Init | ||
| 250 | |||
| 251 | #endif | ||
| 252 | |||
diff --git a/src/lib/libssl/src/crypto/evp/evp_pbe.c b/src/lib/libssl/src/crypto/evp/evp_pbe.c index c26d2de0f3..5e830be65f 100644 --- a/src/lib/libssl/src/crypto/evp/evp_pbe.c +++ b/src/lib/libssl/src/crypto/evp/evp_pbe.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* evp_pbe.c */ | 1 | /* evp_pbe.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/evp/evp_pkey.c b/src/lib/libssl/src/crypto/evp/evp_pkey.c index 0147f3e02a..10d9e9e772 100644 --- a/src/lib/libssl/src/crypto/evp/evp_pkey.c +++ b/src/lib/libssl/src/crypto/evp/evp_pkey.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* evp_pkey.c */ | 1 | /* evp_pkey.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/evp/m_dss.c b/src/lib/libssl/src/crypto/evp/m_dss.c index a948c77fa4..6b0c0aa7a3 100644 --- a/src/lib/libssl/src/crypto/evp/m_dss.c +++ b/src/lib/libssl/src/crypto/evp/m_dss.c | |||
| @@ -81,7 +81,7 @@ static const EVP_MD dsa_md= | |||
| 81 | NID_dsaWithSHA, | 81 | NID_dsaWithSHA, |
| 82 | NID_dsaWithSHA, | 82 | NID_dsaWithSHA, |
| 83 | SHA_DIGEST_LENGTH, | 83 | SHA_DIGEST_LENGTH, |
| 84 | 0, | 84 | EVP_MD_FLAG_FIPS, |
| 85 | init, | 85 | init, |
| 86 | update, | 86 | update, |
| 87 | final, | 87 | final, |
diff --git a/src/lib/libssl/src/crypto/evp/m_dss1.c b/src/lib/libssl/src/crypto/evp/m_dss1.c index c12e13972b..da8babc147 100644 --- a/src/lib/libssl/src/crypto/evp/m_dss1.c +++ b/src/lib/libssl/src/crypto/evp/m_dss1.c | |||
| @@ -68,6 +68,8 @@ | |||
| 68 | #include <openssl/dsa.h> | 68 | #include <openssl/dsa.h> |
| 69 | #endif | 69 | #endif |
| 70 | 70 | ||
| 71 | #ifndef OPENSSL_FIPS | ||
| 72 | |||
| 71 | static int init(EVP_MD_CTX *ctx) | 73 | static int init(EVP_MD_CTX *ctx) |
| 72 | { return SHA1_Init(ctx->md_data); } | 74 | { return SHA1_Init(ctx->md_data); } |
| 73 | 75 | ||
| @@ -98,3 +100,4 @@ const EVP_MD *EVP_dss1(void) | |||
| 98 | return(&dss1_md); | 100 | return(&dss1_md); |
| 99 | } | 101 | } |
| 100 | #endif | 102 | #endif |
| 103 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/evp/m_md2.c b/src/lib/libssl/src/crypto/evp/m_md2.c index 5ce849f161..8eee6236ba 100644 --- a/src/lib/libssl/src/crypto/evp/m_md2.c +++ b/src/lib/libssl/src/crypto/evp/m_md2.c | |||
| @@ -58,6 +58,7 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include "evp_locl.h" | ||
| 61 | 62 | ||
| 62 | #ifndef OPENSSL_NO_MD2 | 63 | #ifndef OPENSSL_NO_MD2 |
| 63 | 64 | ||
diff --git a/src/lib/libssl/src/crypto/evp/m_md4.c b/src/lib/libssl/src/crypto/evp/m_md4.c index 1e0b7c5b42..5cd2ab5ade 100644 --- a/src/lib/libssl/src/crypto/evp/m_md4.c +++ b/src/lib/libssl/src/crypto/evp/m_md4.c | |||
| @@ -58,6 +58,7 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include "evp_locl.h" | ||
| 61 | 62 | ||
| 62 | #ifndef OPENSSL_NO_MD4 | 63 | #ifndef OPENSSL_NO_MD4 |
| 63 | 64 | ||
diff --git a/src/lib/libssl/src/crypto/evp/m_md5.c b/src/lib/libssl/src/crypto/evp/m_md5.c index 63c142119e..6455829671 100644 --- a/src/lib/libssl/src/crypto/evp/m_md5.c +++ b/src/lib/libssl/src/crypto/evp/m_md5.c | |||
| @@ -62,6 +62,7 @@ | |||
| 62 | #ifndef OPENSSL_NO_MD5 | 62 | #ifndef OPENSSL_NO_MD5 |
| 63 | 63 | ||
| 64 | #include <openssl/evp.h> | 64 | #include <openssl/evp.h> |
| 65 | #include "evp_locl.h" | ||
| 65 | #include <openssl/objects.h> | 66 | #include <openssl/objects.h> |
| 66 | #include <openssl/x509.h> | 67 | #include <openssl/x509.h> |
| 67 | #include <openssl/md5.h> | 68 | #include <openssl/md5.h> |
diff --git a/src/lib/libssl/src/crypto/evp/m_mdc2.c b/src/lib/libssl/src/crypto/evp/m_mdc2.c index 36c4e9b134..9f9bcf06ed 100644 --- a/src/lib/libssl/src/crypto/evp/m_mdc2.c +++ b/src/lib/libssl/src/crypto/evp/m_mdc2.c | |||
| @@ -58,6 +58,7 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include "evp_locl.h" | ||
| 61 | 62 | ||
| 62 | #ifndef OPENSSL_NO_MDC2 | 63 | #ifndef OPENSSL_NO_MDC2 |
| 63 | 64 | ||
diff --git a/src/lib/libssl/src/crypto/evp/m_sha.c b/src/lib/libssl/src/crypto/evp/m_sha.c index acccc8f92d..3f30dfc579 100644 --- a/src/lib/libssl/src/crypto/evp/m_sha.c +++ b/src/lib/libssl/src/crypto/evp/m_sha.c | |||
| @@ -58,6 +58,7 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include "evp_locl.h" | ||
| 61 | 62 | ||
| 62 | #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) | 63 | #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0) |
| 63 | 64 | ||
diff --git a/src/lib/libssl/src/crypto/evp/m_sha1.c b/src/lib/libssl/src/crypto/evp/m_sha1.c index 4679b1c463..471ec30be0 100644 --- a/src/lib/libssl/src/crypto/evp/m_sha1.c +++ b/src/lib/libssl/src/crypto/evp/m_sha1.c | |||
| @@ -68,6 +68,8 @@ | |||
| 68 | #include <openssl/rsa.h> | 68 | #include <openssl/rsa.h> |
| 69 | #endif | 69 | #endif |
| 70 | 70 | ||
| 71 | #ifndef OPENSSL_FIPS | ||
| 72 | |||
| 71 | static int init(EVP_MD_CTX *ctx) | 73 | static int init(EVP_MD_CTX *ctx) |
| 72 | { return SHA1_Init(ctx->md_data); } | 74 | { return SHA1_Init(ctx->md_data); } |
| 73 | 75 | ||
| @@ -97,7 +99,6 @@ const EVP_MD *EVP_sha1(void) | |||
| 97 | { | 99 | { |
| 98 | return(&sha1_md); | 100 | return(&sha1_md); |
| 99 | } | 101 | } |
| 100 | #endif | ||
| 101 | 102 | ||
| 102 | #ifndef OPENSSL_NO_SHA256 | 103 | #ifndef OPENSSL_NO_SHA256 |
| 103 | static int init224(EVP_MD_CTX *ctx) | 104 | static int init224(EVP_MD_CTX *ctx) |
| @@ -202,3 +203,7 @@ static const EVP_MD sha512_md= | |||
| 202 | const EVP_MD *EVP_sha512(void) | 203 | const EVP_MD *EVP_sha512(void) |
| 203 | { return(&sha512_md); } | 204 | { return(&sha512_md); } |
| 204 | #endif /* ifndef OPENSSL_NO_SHA512 */ | 205 | #endif /* ifndef OPENSSL_NO_SHA512 */ |
| 206 | |||
| 207 | #endif | ||
| 208 | |||
| 209 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/evp/names.c b/src/lib/libssl/src/crypto/evp/names.c index 88c1e780dd..e2e04c3570 100644 --- a/src/lib/libssl/src/crypto/evp/names.c +++ b/src/lib/libssl/src/crypto/evp/names.c | |||
| @@ -66,6 +66,10 @@ int EVP_add_cipher(const EVP_CIPHER *c) | |||
| 66 | { | 66 | { |
| 67 | int r; | 67 | int r; |
| 68 | 68 | ||
| 69 | #ifdef OPENSSL_FIPS | ||
| 70 | OPENSSL_init(); | ||
| 71 | #endif | ||
| 72 | |||
| 69 | r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); | 73 | r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); |
| 70 | if (r == 0) return(0); | 74 | if (r == 0) return(0); |
| 71 | r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); | 75 | r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(const char *)c); |
| @@ -77,6 +81,9 @@ int EVP_add_digest(const EVP_MD *md) | |||
| 77 | int r; | 81 | int r; |
| 78 | const char *name; | 82 | const char *name; |
| 79 | 83 | ||
| 84 | #ifdef OPENSSL_FIPS | ||
| 85 | OPENSSL_init(); | ||
| 86 | #endif | ||
| 80 | name=OBJ_nid2sn(md->type); | 87 | name=OBJ_nid2sn(md->type); |
| 81 | r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(const char *)md); | 88 | r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(const char *)md); |
| 82 | if (r == 0) return(0); | 89 | if (r == 0) return(0); |
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt.c b/src/lib/libssl/src/crypto/evp/p5_crpt.c index 48d50014a0..2a265fdee2 100644 --- a/src/lib/libssl/src/crypto/evp/p5_crpt.c +++ b/src/lib/libssl/src/crypto/evp/p5_crpt.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p5_crpt.c */ | 1 | /* p5_crpt.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/evp/p5_crpt2.c b/src/lib/libssl/src/crypto/evp/p5_crpt2.c index c969d5a206..6bec77baf9 100644 --- a/src/lib/libssl/src/crypto/evp/p5_crpt2.c +++ b/src/lib/libssl/src/crypto/evp/p5_crpt2.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p5_crpt2.c */ | 1 | /* p5_crpt2.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/evp/p_sign.c b/src/lib/libssl/src/crypto/evp/p_sign.c index e4ae5906f5..bf41a0db68 100644 --- a/src/lib/libssl/src/crypto/evp/p_sign.c +++ b/src/lib/libssl/src/crypto/evp/p_sign.c | |||
| @@ -84,10 +84,6 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, | |||
| 84 | MS_STATIC EVP_MD_CTX tmp_ctx; | 84 | MS_STATIC EVP_MD_CTX tmp_ctx; |
| 85 | 85 | ||
| 86 | *siglen=0; | 86 | *siglen=0; |
| 87 | EVP_MD_CTX_init(&tmp_ctx); | ||
| 88 | EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); | ||
| 89 | EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); | ||
| 90 | EVP_MD_CTX_cleanup(&tmp_ctx); | ||
| 91 | for (i=0; i<4; i++) | 87 | for (i=0; i<4; i++) |
| 92 | { | 88 | { |
| 93 | v=ctx->digest->required_pkey_type[i]; | 89 | v=ctx->digest->required_pkey_type[i]; |
| @@ -108,7 +104,23 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, | |||
| 108 | EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED); | 104 | EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED); |
| 109 | return(0); | 105 | return(0); |
| 110 | } | 106 | } |
| 111 | return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, | 107 | EVP_MD_CTX_init(&tmp_ctx); |
| 112 | pkey->pkey.ptr)); | 108 | EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); |
| 109 | if (ctx->digest->flags & EVP_MD_FLAG_SVCTX) | ||
| 110 | { | ||
| 111 | EVP_MD_SVCTX sctmp; | ||
| 112 | sctmp.mctx = &tmp_ctx; | ||
| 113 | sctmp.key = pkey->pkey.ptr; | ||
| 114 | i = ctx->digest->sign(ctx->digest->type, | ||
| 115 | NULL, -1, sigret, siglen, &sctmp); | ||
| 116 | } | ||
| 117 | else | ||
| 118 | { | ||
| 119 | EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); | ||
| 120 | i = ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, | ||
| 121 | pkey->pkey.ptr); | ||
| 122 | } | ||
| 123 | EVP_MD_CTX_cleanup(&tmp_ctx); | ||
| 124 | return i; | ||
| 113 | } | 125 | } |
| 114 | 126 | ||
diff --git a/src/lib/libssl/src/crypto/evp/p_verify.c b/src/lib/libssl/src/crypto/evp/p_verify.c index 21a40a375e..2d46dffe7e 100644 --- a/src/lib/libssl/src/crypto/evp/p_verify.c +++ b/src/lib/libssl/src/crypto/evp/p_verify.c | |||
| @@ -85,17 +85,29 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, | |||
| 85 | EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); | 85 | EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); |
| 86 | return(-1); | 86 | return(-1); |
| 87 | } | 87 | } |
| 88 | EVP_MD_CTX_init(&tmp_ctx); | 88 | if (ctx->digest->verify == NULL) |
| 89 | EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); | ||
| 90 | EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); | ||
| 91 | EVP_MD_CTX_cleanup(&tmp_ctx); | ||
| 92 | if (ctx->digest->verify == NULL) | ||
| 93 | { | 89 | { |
| 94 | EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED); | 90 | EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED); |
| 95 | return(0); | 91 | return(0); |
| 96 | } | 92 | } |
| 97 | 93 | ||
| 98 | return(ctx->digest->verify(ctx->digest->type,m,m_len, | 94 | EVP_MD_CTX_init(&tmp_ctx); |
| 99 | sigbuf,siglen,pkey->pkey.ptr)); | 95 | EVP_MD_CTX_copy_ex(&tmp_ctx,ctx); |
| 96 | if (ctx->digest->flags & EVP_MD_FLAG_SVCTX) | ||
| 97 | { | ||
| 98 | EVP_MD_SVCTX sctmp; | ||
| 99 | sctmp.mctx = &tmp_ctx; | ||
| 100 | sctmp.key = pkey->pkey.ptr; | ||
| 101 | i = ctx->digest->verify(ctx->digest->type, | ||
| 102 | NULL, -1, sigbuf, siglen, &sctmp); | ||
| 103 | } | ||
| 104 | else | ||
| 105 | { | ||
| 106 | EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len); | ||
| 107 | i = ctx->digest->verify(ctx->digest->type,m,m_len, | ||
| 108 | sigbuf,siglen,pkey->pkey.ptr); | ||
| 109 | } | ||
| 110 | EVP_MD_CTX_cleanup(&tmp_ctx); | ||
| 111 | return i; | ||
| 100 | } | 112 | } |
| 101 | 113 | ||
diff --git a/src/lib/libssl/src/crypto/fips_err.c b/src/lib/libssl/src/crypto/fips_err.c new file mode 100644 index 0000000000..09f11748f6 --- /dev/null +++ b/src/lib/libssl/src/crypto/fips_err.c | |||
| @@ -0,0 +1,7 @@ | |||
| 1 | #include <openssl/opensslconf.h> | ||
| 2 | |||
| 3 | #ifdef OPENSSL_FIPS | ||
| 4 | # include "fips_err.h" | ||
| 5 | #else | ||
| 6 | static void *dummy=&dummy; | ||
| 7 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/hmac/Makefile b/src/lib/libssl/src/crypto/hmac/Makefile index 01f10c396f..5cfa37d99c 100644 --- a/src/lib/libssl/src/crypto/hmac/Makefile +++ b/src/lib/libssl/src/crypto/hmac/Makefile | |||
| @@ -33,7 +33,7 @@ top: | |||
| 33 | all: lib | 33 | all: lib |
| 34 | 34 | ||
| 35 | lib: $(LIBOBJ) | 35 | lib: $(LIBOBJ) |
| 36 | $(AR) $(LIB) $(LIBOBJ) | 36 | $(ARX) $(LIB) $(LIBOBJ) |
| 37 | $(RANLIB) $(LIB) || echo Never mind. | 37 | $(RANLIB) $(LIB) || echo Never mind. |
| 38 | @touch lib | 38 | @touch lib |
| 39 | 39 | ||
| @@ -77,9 +77,10 @@ clean: | |||
| 77 | hmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 77 | hmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 78 | hmac.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 78 | hmac.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 79 | hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 79 | hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 80 | hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h | 80 | hmac.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 81 | hmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 81 | hmac.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h |
| 82 | hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 82 | hmac.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 83 | hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 83 | hmac.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 84 | hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 84 | hmac.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 85 | hmac.o: ../../include/openssl/symhacks.h ../cryptlib.h hmac.c | 85 | hmac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 86 | hmac.o: ../cryptlib.h hmac.c | ||
diff --git a/src/lib/libssl/src/crypto/hmac/hmac.c b/src/lib/libssl/src/crypto/hmac/hmac.c index c45e001492..cbc1c76a57 100644 --- a/src/lib/libssl/src/crypto/hmac/hmac.c +++ b/src/lib/libssl/src/crypto/hmac/hmac.c | |||
| @@ -61,6 +61,8 @@ | |||
| 61 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 62 | #include <openssl/hmac.h> | 62 | #include <openssl/hmac.h> |
| 63 | 63 | ||
| 64 | #ifndef OPENSSL_FIPS | ||
| 65 | |||
| 64 | void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | 66 | void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, |
| 65 | const EVP_MD *md, ENGINE *impl) | 67 | const EVP_MD *md, ENGINE *impl) |
| 66 | { | 68 | { |
| @@ -171,3 +173,11 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, | |||
| 171 | return(md); | 173 | return(md); |
| 172 | } | 174 | } |
| 173 | 175 | ||
| 176 | void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) | ||
| 177 | { | ||
| 178 | EVP_MD_CTX_set_flags(&ctx->i_ctx, flags); | ||
| 179 | EVP_MD_CTX_set_flags(&ctx->o_ctx, flags); | ||
| 180 | EVP_MD_CTX_set_flags(&ctx->md_ctx, flags); | ||
| 181 | } | ||
| 182 | |||
| 183 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/hmac/hmac.h b/src/lib/libssl/src/crypto/hmac/hmac.h index 719fc408ac..fc38ffb52b 100644 --- a/src/lib/libssl/src/crypto/hmac/hmac.h +++ b/src/lib/libssl/src/crypto/hmac/hmac.h | |||
| @@ -100,6 +100,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, | |||
| 100 | const unsigned char *d, size_t n, unsigned char *md, | 100 | const unsigned char *d, size_t n, unsigned char *md, |
| 101 | unsigned int *md_len); | 101 | unsigned int *md_len); |
| 102 | 102 | ||
| 103 | void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags); | ||
| 103 | 104 | ||
| 104 | #ifdef __cplusplus | 105 | #ifdef __cplusplus |
| 105 | } | 106 | } |
diff --git a/src/lib/libssl/src/crypto/idea/Makefile b/src/lib/libssl/src/crypto/idea/Makefile index b2e7add666..55c0d4dbff 100644 --- a/src/lib/libssl/src/crypto/idea/Makefile +++ b/src/lib/libssl/src/crypto/idea/Makefile | |||
| @@ -33,7 +33,7 @@ top: | |||
| 33 | all: lib | 33 | all: lib |
| 34 | 34 | ||
| 35 | lib: $(LIBOBJ) | 35 | lib: $(LIBOBJ) |
| 36 | $(AR) $(LIB) $(LIBOBJ) | 36 | $(ARX) $(LIB) $(LIBOBJ) |
| 37 | $(RANLIB) $(LIB) || echo Never mind. | 37 | $(RANLIB) $(LIB) || echo Never mind. |
| 38 | @touch lib | 38 | @touch lib |
| 39 | 39 | ||
| @@ -82,5 +82,9 @@ i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h | |||
| 82 | i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h | 82 | i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h |
| 83 | i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h | 83 | i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h |
| 84 | i_ofb64.o: i_ofb64.c idea_lcl.h | 84 | i_ofb64.o: i_ofb64.c idea_lcl.h |
| 85 | i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h | 85 | i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 86 | i_skey.o: ../../include/openssl/fips.h ../../include/openssl/idea.h | ||
| 87 | i_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | ||
| 88 | i_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | ||
| 89 | i_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 86 | i_skey.o: i_skey.c idea_lcl.h | 90 | i_skey.o: i_skey.c idea_lcl.h |
diff --git a/src/lib/libssl/src/crypto/idea/idea.h b/src/lib/libssl/src/crypto/idea/idea.h index bf97a37e39..a137d4cbce 100644 --- a/src/lib/libssl/src/crypto/idea/idea.h +++ b/src/lib/libssl/src/crypto/idea/idea.h | |||
| @@ -83,6 +83,9 @@ typedef struct idea_key_st | |||
| 83 | const char *idea_options(void); | 83 | const char *idea_options(void); |
| 84 | void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, | 84 | void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, |
| 85 | IDEA_KEY_SCHEDULE *ks); | 85 | IDEA_KEY_SCHEDULE *ks); |
| 86 | #ifdef OPENSSL_FIPS | ||
| 87 | void private_idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); | ||
| 88 | #endif | ||
| 86 | void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); | 89 | void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); |
| 87 | void idea_set_decrypt_key(const IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); | 90 | void idea_set_decrypt_key(const IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); |
| 88 | void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, | 91 | void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, |
diff --git a/src/lib/libssl/src/crypto/install.com b/src/lib/libssl/src/crypto/install.com index 58a4fecdaa..ffad1f97a7 100644 --- a/src/lib/libssl/src/crypto/install.com +++ b/src/lib/libssl/src/crypto/install.com | |||
| @@ -35,12 +35,12 @@ $ | |||
| 35 | $ SDIRS := ,- | 35 | $ SDIRS := ,- |
| 36 | OBJECTS,- | 36 | OBJECTS,- |
| 37 | MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- | 37 | MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- |
| 38 | DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,- | 38 | DES,AES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,- |
| 39 | BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,- | 39 | BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,- |
| 40 | BUFFER,BIO,STACK,LHASH,RAND,ERR,- | 40 | BUFFER,BIO,STACK,LHASH,RAND,ERR,- |
| 41 | EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,- | 41 | EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,- |
| 42 | UI,KRB5,- | 42 | UI,KRB5,- |
| 43 | STORE,CMS,PQUEUE | 43 | STORE,PQUEUE,JPAKE |
| 44 | $ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,- | 44 | $ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,- |
| 45 | symhacks.h,ossl_typ.h | 45 | symhacks.h,ossl_typ.h |
| 46 | $ EXHEADER_OBJECTS := objects.h,obj_mac.h | 46 | $ EXHEADER_OBJECTS := objects.h,obj_mac.h |
| @@ -52,6 +52,7 @@ $ EXHEADER_MDC2 := mdc2.h | |||
| 52 | $ EXHEADER_HMAC := hmac.h | 52 | $ EXHEADER_HMAC := hmac.h |
| 53 | $ EXHEADER_RIPEMD := ripemd.h | 53 | $ EXHEADER_RIPEMD := ripemd.h |
| 54 | $ EXHEADER_DES := des.h,des_old.h | 54 | $ EXHEADER_DES := des.h,des_old.h |
| 55 | $ EXHEADER_AES := aes.h | ||
| 55 | $ EXHEADER_RC2 := rc2.h | 56 | $ EXHEADER_RC2 := rc2.h |
| 56 | $ EXHEADER_RC4 := rc4.h | 57 | $ EXHEADER_RC4 := rc4.h |
| 57 | $ EXHEADER_RC5 := rc5.h | 58 | $ EXHEADER_RC5 := rc5.h |
| @@ -69,7 +70,6 @@ $ EXHEADER_DH := dh.h | |||
| 69 | $ EXHEADER_ECDH := ecdh.h | 70 | $ EXHEADER_ECDH := ecdh.h |
| 70 | $ EXHEADER_DSO := dso.h | 71 | $ EXHEADER_DSO := dso.h |
| 71 | $ EXHEADER_ENGINE := engine.h | 72 | $ EXHEADER_ENGINE := engine.h |
| 72 | $ EXHEADER_AES := aes.h | ||
| 73 | $ EXHEADER_BUFFER := buffer.h | 73 | $ EXHEADER_BUFFER := buffer.h |
| 74 | $ EXHEADER_BIO := bio.h | 74 | $ EXHEADER_BIO := bio.h |
| 75 | $ EXHEADER_STACK := stack.h,safestack.h | 75 | $ EXHEADER_STACK := stack.h,safestack.h |
| @@ -92,7 +92,7 @@ $ EXHEADER_KRB5 := krb5_asn.h | |||
| 92 | $! EXHEADER_STORE := store.h,str_compat.h | 92 | $! EXHEADER_STORE := store.h,str_compat.h |
| 93 | $ EXHEADER_STORE := store.h | 93 | $ EXHEADER_STORE := store.h |
| 94 | $ EXHEADER_PQUEUE := pqueue.h,pq_compat.h | 94 | $ EXHEADER_PQUEUE := pqueue.h,pq_compat.h |
| 95 | $ EXHEADER_CMS := cms.h | 95 | $ EXHEADER_JPAKE := jpake.h |
| 96 | $ LIBS := LIBCRYPTO | 96 | $ LIBS := LIBCRYPTO |
| 97 | $ | 97 | $ |
| 98 | $ VEXE_DIR := [-.VAX.EXE.CRYPTO] | 98 | $ VEXE_DIR := [-.VAX.EXE.CRYPTO] |
diff --git a/src/lib/libssl/src/crypto/krb5/Makefile b/src/lib/libssl/src/crypto/krb5/Makefile index 14077390d6..8efb9e8910 100644 --- a/src/lib/libssl/src/crypto/krb5/Makefile +++ b/src/lib/libssl/src/crypto/krb5/Makefile | |||
| @@ -34,7 +34,7 @@ top: | |||
| 34 | all: lib | 34 | all: lib |
| 35 | 35 | ||
| 36 | lib: $(LIBOBJ) | 36 | lib: $(LIBOBJ) |
| 37 | $(AR) $(LIB) $(LIBOBJ) | 37 | $(ARX) $(LIB) $(LIBOBJ) |
| 38 | $(RANLIB) $(LIB) || echo Never mind. | 38 | $(RANLIB) $(LIB) || echo Never mind. |
| 39 | @touch lib | 39 | @touch lib |
| 40 | 40 | ||
diff --git a/src/lib/libssl/src/crypto/lhash/Makefile b/src/lib/libssl/src/crypto/lhash/Makefile index 82bddac474..35f0932971 100644 --- a/src/lib/libssl/src/crypto/lhash/Makefile +++ b/src/lib/libssl/src/crypto/lhash/Makefile | |||
| @@ -33,7 +33,7 @@ top: | |||
| 33 | all: lib | 33 | all: lib |
| 34 | 34 | ||
| 35 | lib: $(LIBOBJ) | 35 | lib: $(LIBOBJ) |
| 36 | $(AR) $(LIB) $(LIBOBJ) | 36 | $(ARX) $(LIB) $(LIBOBJ) |
| 37 | $(RANLIB) $(LIB) || echo Never mind. | 37 | $(RANLIB) $(LIB) || echo Never mind. |
| 38 | @touch lib | 38 | @touch lib |
| 39 | 39 | ||
diff --git a/src/lib/libssl/src/crypto/md2/Makefile b/src/lib/libssl/src/crypto/md2/Makefile index 17f878aeb7..7f43321ab2 100644 --- a/src/lib/libssl/src/crypto/md2/Makefile +++ b/src/lib/libssl/src/crypto/md2/Makefile | |||
| @@ -33,7 +33,7 @@ top: | |||
| 33 | all: lib | 33 | all: lib |
| 34 | 34 | ||
| 35 | lib: $(LIBOBJ) | 35 | lib: $(LIBOBJ) |
| 36 | $(AR) $(LIB) $(LIBOBJ) | 36 | $(ARX) $(LIB) $(LIBOBJ) |
| 37 | $(RANLIB) $(LIB) || echo Never mind. | 37 | $(RANLIB) $(LIB) || echo Never mind. |
| 38 | @touch lib | 38 | @touch lib |
| 39 | 39 | ||
| @@ -74,7 +74,9 @@ clean: | |||
| 74 | 74 | ||
| 75 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 75 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 76 | 76 | ||
| 77 | md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 77 | md2_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h |
| 78 | md2_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 79 | md2_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 78 | md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h | 80 | md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h |
| 79 | md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 81 | md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 80 | md2_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 82 | md2_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
diff --git a/src/lib/libssl/src/crypto/md2/md2.h b/src/lib/libssl/src/crypto/md2/md2.h index a46120e7d4..d59c9f2593 100644 --- a/src/lib/libssl/src/crypto/md2/md2.h +++ b/src/lib/libssl/src/crypto/md2/md2.h | |||
| @@ -81,6 +81,9 @@ typedef struct MD2state_st | |||
| 81 | } MD2_CTX; | 81 | } MD2_CTX; |
| 82 | 82 | ||
| 83 | const char *MD2_options(void); | 83 | const char *MD2_options(void); |
| 84 | #ifdef OPENSSL_FIPS | ||
| 85 | int private_MD2_Init(MD2_CTX *c); | ||
| 86 | #endif | ||
| 84 | int MD2_Init(MD2_CTX *c); | 87 | int MD2_Init(MD2_CTX *c); |
| 85 | int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len); | 88 | int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len); |
| 86 | int MD2_Final(unsigned char *md, MD2_CTX *c); | 89 | int MD2_Final(unsigned char *md, MD2_CTX *c); |
diff --git a/src/lib/libssl/src/crypto/md2/md2_dgst.c b/src/lib/libssl/src/crypto/md2/md2_dgst.c index 6f68b25c6a..cc4eeaf7a7 100644 --- a/src/lib/libssl/src/crypto/md2/md2_dgst.c +++ b/src/lib/libssl/src/crypto/md2/md2_dgst.c | |||
| @@ -62,6 +62,11 @@ | |||
| 62 | #include <openssl/md2.h> | 62 | #include <openssl/md2.h> |
| 63 | #include <openssl/opensslv.h> | 63 | #include <openssl/opensslv.h> |
| 64 | #include <openssl/crypto.h> | 64 | #include <openssl/crypto.h> |
| 65 | #ifdef OPENSSL_FIPS | ||
| 66 | #include <openssl/fips.h> | ||
| 67 | #endif | ||
| 68 | |||
| 69 | #include <openssl/err.h> | ||
| 65 | 70 | ||
| 66 | const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT; | 71 | const char MD2_version[]="MD2" OPENSSL_VERSION_PTEXT; |
| 67 | 72 | ||
| @@ -116,7 +121,7 @@ const char *MD2_options(void) | |||
| 116 | return("md2(int)"); | 121 | return("md2(int)"); |
| 117 | } | 122 | } |
| 118 | 123 | ||
| 119 | int MD2_Init(MD2_CTX *c) | 124 | FIPS_NON_FIPS_MD_Init(MD2) |
| 120 | { | 125 | { |
| 121 | c->num=0; | 126 | c->num=0; |
| 122 | memset(c->state,0,sizeof c->state); | 127 | memset(c->state,0,sizeof c->state); |
diff --git a/src/lib/libssl/src/crypto/md32_common.h b/src/lib/libssl/src/crypto/md32_common.h index 089c450290..61bcd9786f 100644 --- a/src/lib/libssl/src/crypto/md32_common.h +++ b/src/lib/libssl/src/crypto/md32_common.h | |||
| @@ -301,7 +301,7 @@ int HASH_UPDATE (HASH_CTX *c, const void *data_, size_t len) | |||
| 301 | { | 301 | { |
| 302 | p=(unsigned char *)c->data; | 302 | p=(unsigned char *)c->data; |
| 303 | 303 | ||
| 304 | if ((n+len) >= HASH_CBLOCK) | 304 | if (len >= HASH_CBLOCK || len+n >= HASH_CBLOCK) |
| 305 | { | 305 | { |
| 306 | memcpy (p+n,data,HASH_CBLOCK-n); | 306 | memcpy (p+n,data,HASH_CBLOCK-n); |
| 307 | HASH_BLOCK_DATA_ORDER (c,p,1); | 307 | HASH_BLOCK_DATA_ORDER (c,p,1); |
diff --git a/src/lib/libssl/src/crypto/md4/Makefile b/src/lib/libssl/src/crypto/md4/Makefile index ef97bb0cbe..0bc4896585 100644 --- a/src/lib/libssl/src/crypto/md4/Makefile +++ b/src/lib/libssl/src/crypto/md4/Makefile | |||
| @@ -34,7 +34,7 @@ top: | |||
| 34 | all: lib | 34 | all: lib |
| 35 | 35 | ||
| 36 | lib: $(LIBOBJ) | 36 | lib: $(LIBOBJ) |
| 37 | $(AR) $(LIB) $(LIBOBJ) | 37 | $(ARX) $(LIB) $(LIBOBJ) |
| 38 | $(RANLIB) $(LIB) || echo Never mind. | 38 | $(RANLIB) $(LIB) || echo Never mind. |
| 39 | @touch lib | 39 | @touch lib |
| 40 | 40 | ||
| @@ -75,9 +75,13 @@ clean: | |||
| 75 | 75 | ||
| 76 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 76 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 77 | 77 | ||
| 78 | md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md4.h | 78 | md4_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h |
| 79 | md4_dgst.o: ../../include/openssl/opensslconf.h | 79 | md4_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 80 | md4_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md4_dgst.c | 80 | md4_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 81 | md4_dgst.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h | ||
| 82 | md4_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 83 | md4_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 84 | md4_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h md4_dgst.c | ||
| 81 | md4_dgst.o: md4_locl.h | 85 | md4_dgst.o: md4_locl.h |
| 82 | md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 86 | md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 83 | md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h | 87 | md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h |
diff --git a/src/lib/libssl/src/crypto/md4/md4.h b/src/lib/libssl/src/crypto/md4/md4.h index 5598c93a4f..ba1fe4a6ee 100644 --- a/src/lib/libssl/src/crypto/md4/md4.h +++ b/src/lib/libssl/src/crypto/md4/md4.h | |||
| @@ -105,6 +105,9 @@ typedef struct MD4state_st | |||
| 105 | unsigned int num; | 105 | unsigned int num; |
| 106 | } MD4_CTX; | 106 | } MD4_CTX; |
| 107 | 107 | ||
| 108 | #ifdef OPENSSL_FIPS | ||
| 109 | int private_MD4_Init(MD4_CTX *c); | ||
| 110 | #endif | ||
| 108 | int MD4_Init(MD4_CTX *c); | 111 | int MD4_Init(MD4_CTX *c); |
| 109 | int MD4_Update(MD4_CTX *c, const void *data, size_t len); | 112 | int MD4_Update(MD4_CTX *c, const void *data, size_t len); |
| 110 | int MD4_Final(unsigned char *md, MD4_CTX *c); | 113 | int MD4_Final(unsigned char *md, MD4_CTX *c); |
diff --git a/src/lib/libssl/src/crypto/md4/md4_dgst.c b/src/lib/libssl/src/crypto/md4/md4_dgst.c index cfef94af39..0f5448601d 100644 --- a/src/lib/libssl/src/crypto/md4/md4_dgst.c +++ b/src/lib/libssl/src/crypto/md4/md4_dgst.c | |||
| @@ -59,6 +59,11 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "md4_locl.h" | 60 | #include "md4_locl.h" |
| 61 | #include <openssl/opensslv.h> | 61 | #include <openssl/opensslv.h> |
| 62 | #include <openssl/err.h> | ||
| 63 | #ifdef OPENSSL_FIPS | ||
| 64 | #include <openssl/fips.h> | ||
| 65 | #endif | ||
| 66 | |||
| 62 | 67 | ||
| 63 | const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT; | 68 | const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT; |
| 64 | 69 | ||
| @@ -70,7 +75,7 @@ const char MD4_version[]="MD4" OPENSSL_VERSION_PTEXT; | |||
| 70 | #define INIT_DATA_C (unsigned long)0x98badcfeL | 75 | #define INIT_DATA_C (unsigned long)0x98badcfeL |
| 71 | #define INIT_DATA_D (unsigned long)0x10325476L | 76 | #define INIT_DATA_D (unsigned long)0x10325476L |
| 72 | 77 | ||
| 73 | int MD4_Init(MD4_CTX *c) | 78 | FIPS_NON_FIPS_MD_Init(MD4) |
| 74 | { | 79 | { |
| 75 | c->A=INIT_DATA_A; | 80 | c->A=INIT_DATA_A; |
| 76 | c->B=INIT_DATA_B; | 81 | c->B=INIT_DATA_B; |
diff --git a/src/lib/libssl/src/crypto/md5/Makefile b/src/lib/libssl/src/crypto/md5/Makefile index ceb00e8956..3c450fcfc0 100644 --- a/src/lib/libssl/src/crypto/md5/Makefile +++ b/src/lib/libssl/src/crypto/md5/Makefile | |||
| @@ -38,7 +38,7 @@ top: | |||
| 38 | all: lib | 38 | all: lib |
| 39 | 39 | ||
| 40 | lib: $(LIBOBJ) | 40 | lib: $(LIBOBJ) |
| 41 | $(AR) $(LIB) $(LIBOBJ) | 41 | $(ARX) $(LIB) $(LIBOBJ) |
| 42 | $(RANLIB) $(LIB) || echo Never mind. | 42 | $(RANLIB) $(LIB) || echo Never mind. |
| 43 | @touch lib | 43 | @touch lib |
| 44 | 44 | ||
| @@ -91,9 +91,13 @@ clean: | |||
| 91 | 91 | ||
| 92 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 92 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 93 | 93 | ||
| 94 | md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/md5.h | 94 | md5_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h |
| 95 | md5_dgst.o: ../../include/openssl/opensslconf.h | 95 | md5_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 96 | md5_dgst.o: ../../include/openssl/opensslv.h ../md32_common.h md5_dgst.c | 96 | md5_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 97 | md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h | ||
| 98 | md5_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 99 | md5_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 100 | md5_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h md5_dgst.c | ||
| 97 | md5_dgst.o: md5_locl.h | 101 | md5_dgst.o: md5_locl.h |
| 98 | md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 102 | md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 99 | md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h | 103 | md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h |
diff --git a/src/lib/libssl/src/crypto/md5/md5.h b/src/lib/libssl/src/crypto/md5/md5.h index dbdc0e1abc..0761f84a27 100644 --- a/src/lib/libssl/src/crypto/md5/md5.h +++ b/src/lib/libssl/src/crypto/md5/md5.h | |||
| @@ -105,6 +105,9 @@ typedef struct MD5state_st | |||
| 105 | unsigned int num; | 105 | unsigned int num; |
| 106 | } MD5_CTX; | 106 | } MD5_CTX; |
| 107 | 107 | ||
| 108 | #ifdef OPENSSL_FIPS | ||
| 109 | int private_MD5_Init(MD5_CTX *c); | ||
| 110 | #endif | ||
| 108 | int MD5_Init(MD5_CTX *c); | 111 | int MD5_Init(MD5_CTX *c); |
| 109 | int MD5_Update(MD5_CTX *c, const void *data, size_t len); | 112 | int MD5_Update(MD5_CTX *c, const void *data, size_t len); |
| 110 | int MD5_Final(unsigned char *md, MD5_CTX *c); | 113 | int MD5_Final(unsigned char *md, MD5_CTX *c); |
diff --git a/src/lib/libssl/src/crypto/md5/md5_dgst.c b/src/lib/libssl/src/crypto/md5/md5_dgst.c index b96e332ba4..47bb9020ee 100644 --- a/src/lib/libssl/src/crypto/md5/md5_dgst.c +++ b/src/lib/libssl/src/crypto/md5/md5_dgst.c | |||
| @@ -59,6 +59,11 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "md5_locl.h" | 60 | #include "md5_locl.h" |
| 61 | #include <openssl/opensslv.h> | 61 | #include <openssl/opensslv.h> |
| 62 | #include <openssl/err.h> | ||
| 63 | #ifdef OPENSSL_FIPS | ||
| 64 | #include <openssl/fips.h> | ||
| 65 | #endif | ||
| 66 | |||
| 62 | 67 | ||
| 63 | const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT; | 68 | const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT; |
| 64 | 69 | ||
| @@ -70,7 +75,7 @@ const char MD5_version[]="MD5" OPENSSL_VERSION_PTEXT; | |||
| 70 | #define INIT_DATA_C (unsigned long)0x98badcfeL | 75 | #define INIT_DATA_C (unsigned long)0x98badcfeL |
| 71 | #define INIT_DATA_D (unsigned long)0x10325476L | 76 | #define INIT_DATA_D (unsigned long)0x10325476L |
| 72 | 77 | ||
| 73 | int MD5_Init(MD5_CTX *c) | 78 | FIPS_NON_FIPS_MD_Init(MD5) |
| 74 | { | 79 | { |
| 75 | c->A=INIT_DATA_A; | 80 | c->A=INIT_DATA_A; |
| 76 | c->B=INIT_DATA_B; | 81 | c->B=INIT_DATA_B; |
diff --git a/src/lib/libssl/src/crypto/mdc2/Makefile b/src/lib/libssl/src/crypto/mdc2/Makefile index 1d064f17a6..ea25688d88 100644 --- a/src/lib/libssl/src/crypto/mdc2/Makefile +++ b/src/lib/libssl/src/crypto/mdc2/Makefile | |||
| @@ -33,7 +33,7 @@ top: | |||
| 33 | all: lib | 33 | all: lib |
| 34 | 34 | ||
| 35 | lib: $(LIBOBJ) | 35 | lib: $(LIBOBJ) |
| 36 | $(AR) $(LIB) $(LIBOBJ) | 36 | $(ARX) $(LIB) $(LIBOBJ) |
| 37 | $(RANLIB) $(LIB) || echo Never mind. | 37 | $(RANLIB) $(LIB) || echo Never mind. |
| 38 | @touch lib | 38 | @touch lib |
| 39 | 39 | ||
diff --git a/src/lib/libssl/src/crypto/mdc2/mdc2.h b/src/lib/libssl/src/crypto/mdc2/mdc2.h index 72778a5212..7e1354116a 100644 --- a/src/lib/libssl/src/crypto/mdc2/mdc2.h +++ b/src/lib/libssl/src/crypto/mdc2/mdc2.h | |||
| @@ -80,7 +80,9 @@ typedef struct mdc2_ctx_st | |||
| 80 | int pad_type; /* either 1 or 2, default 1 */ | 80 | int pad_type; /* either 1 or 2, default 1 */ |
| 81 | } MDC2_CTX; | 81 | } MDC2_CTX; |
| 82 | 82 | ||
| 83 | 83 | #ifdef OPENSSL_FIPS | |
| 84 | int private_MDC2_Init(MDC2_CTX *c); | ||
| 85 | #endif | ||
| 84 | int MDC2_Init(MDC2_CTX *c); | 86 | int MDC2_Init(MDC2_CTX *c); |
| 85 | int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len); | 87 | int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len); |
| 86 | int MDC2_Final(unsigned char *md, MDC2_CTX *c); | 88 | int MDC2_Final(unsigned char *md, MDC2_CTX *c); |
diff --git a/src/lib/libssl/src/crypto/mem.c b/src/lib/libssl/src/crypto/mem.c index 6635167228..00ebaf0b9b 100644 --- a/src/lib/libssl/src/crypto/mem.c +++ b/src/lib/libssl/src/crypto/mem.c | |||
| @@ -101,7 +101,7 @@ static void (*free_locked_func)(void *) = free; | |||
| 101 | 101 | ||
| 102 | /* may be changed as long as 'allow_customize_debug' is set */ | 102 | /* may be changed as long as 'allow_customize_debug' is set */ |
| 103 | /* XXX use correct function pointer types */ | 103 | /* XXX use correct function pointer types */ |
| 104 | #ifdef CRYPTO_MDEBUG | 104 | #if defined(CRYPTO_MDEBUG) && !defined(OPENSSL_FIPS) |
| 105 | /* use default functions from mem_dbg.c */ | 105 | /* use default functions from mem_dbg.c */ |
| 106 | static void (*malloc_debug_func)(void *,int,const char *,int,int) | 106 | static void (*malloc_debug_func)(void *,int,const char *,int,int) |
| 107 | = CRYPTO_dbg_malloc; | 107 | = CRYPTO_dbg_malloc; |
| @@ -110,6 +110,14 @@ static void (*realloc_debug_func)(void *,void *,int,const char *,int,int) | |||
| 110 | static void (*free_debug_func)(void *,int) = CRYPTO_dbg_free; | 110 | static void (*free_debug_func)(void *,int) = CRYPTO_dbg_free; |
| 111 | static void (*set_debug_options_func)(long) = CRYPTO_dbg_set_options; | 111 | static void (*set_debug_options_func)(long) = CRYPTO_dbg_set_options; |
| 112 | static long (*get_debug_options_func)(void) = CRYPTO_dbg_get_options; | 112 | static long (*get_debug_options_func)(void) = CRYPTO_dbg_get_options; |
| 113 | |||
| 114 | static int (*push_info_func)(const char *info, const char *file, int line) | ||
| 115 | = CRYPTO_dbg_push_info; | ||
| 116 | static int (*pop_info_func)(void) | ||
| 117 | = CRYPTO_dbg_pop_info; | ||
| 118 | static int (*remove_all_info_func)(void) | ||
| 119 | = CRYPTO_dbg_remove_all_info; | ||
| 120 | |||
| 113 | #else | 121 | #else |
| 114 | /* applications can use CRYPTO_malloc_debug_init() to select above case | 122 | /* applications can use CRYPTO_malloc_debug_init() to select above case |
| 115 | * at run-time */ | 123 | * at run-time */ |
| @@ -119,6 +127,13 @@ static void (*realloc_debug_func)(void *,void *,int,const char *,int,int) | |||
| 119 | static void (*free_debug_func)(void *,int) = NULL; | 127 | static void (*free_debug_func)(void *,int) = NULL; |
| 120 | static void (*set_debug_options_func)(long) = NULL; | 128 | static void (*set_debug_options_func)(long) = NULL; |
| 121 | static long (*get_debug_options_func)(void) = NULL; | 129 | static long (*get_debug_options_func)(void) = NULL; |
| 130 | |||
| 131 | |||
| 132 | static int (*push_info_func)(const char *info, const char *file, int line) | ||
| 133 | = NULL; | ||
| 134 | static int (*pop_info_func)(void) = NULL; | ||
| 135 | static int (*remove_all_info_func)(void) = NULL; | ||
| 136 | |||
| 122 | #endif | 137 | #endif |
| 123 | 138 | ||
| 124 | 139 | ||
| @@ -194,6 +209,15 @@ int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int), | |||
| 194 | return 1; | 209 | return 1; |
| 195 | } | 210 | } |
| 196 | 211 | ||
| 212 | void CRYPTO_set_mem_info_functions( | ||
| 213 | int (*push_info_fn)(const char *info, const char *file, int line), | ||
| 214 | int (*pop_info_fn)(void), | ||
| 215 | int (*remove_all_info_fn)(void)) | ||
| 216 | { | ||
| 217 | push_info_func = push_info_fn; | ||
| 218 | pop_info_func = pop_info_fn; | ||
| 219 | remove_all_info_func = remove_all_info_fn; | ||
| 220 | } | ||
| 197 | 221 | ||
| 198 | void CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t), | 222 | void CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t), |
| 199 | void (**f)(void *)) | 223 | void (**f)(void *)) |
| @@ -399,3 +423,24 @@ long CRYPTO_get_mem_debug_options(void) | |||
| 399 | return get_debug_options_func(); | 423 | return get_debug_options_func(); |
| 400 | return 0; | 424 | return 0; |
| 401 | } | 425 | } |
| 426 | |||
| 427 | int CRYPTO_push_info_(const char *info, const char *file, int line) | ||
| 428 | { | ||
| 429 | if (push_info_func) | ||
| 430 | return push_info_func(info, file, line); | ||
| 431 | return 1; | ||
| 432 | } | ||
| 433 | |||
| 434 | int CRYPTO_pop_info(void) | ||
| 435 | { | ||
| 436 | if (pop_info_func) | ||
| 437 | return pop_info_func(); | ||
| 438 | return 1; | ||
| 439 | } | ||
| 440 | |||
| 441 | int CRYPTO_remove_all_info(void) | ||
| 442 | { | ||
| 443 | if (remove_all_info_func) | ||
| 444 | return remove_all_info_func(); | ||
| 445 | return 1; | ||
| 446 | } | ||
diff --git a/src/lib/libssl/src/crypto/mem_dbg.c b/src/lib/libssl/src/crypto/mem_dbg.c index 8316485217..dfeb084799 100644 --- a/src/lib/libssl/src/crypto/mem_dbg.c +++ b/src/lib/libssl/src/crypto/mem_dbg.c | |||
| @@ -330,7 +330,7 @@ static APP_INFO *pop_info(void) | |||
| 330 | return(ret); | 330 | return(ret); |
| 331 | } | 331 | } |
| 332 | 332 | ||
| 333 | int CRYPTO_push_info_(const char *info, const char *file, int line) | 333 | int CRYPTO_dbg_push_info(const char *info, const char *file, int line) |
| 334 | { | 334 | { |
| 335 | APP_INFO *ami, *amim; | 335 | APP_INFO *ami, *amim; |
| 336 | int ret=0; | 336 | int ret=0; |
| @@ -380,7 +380,7 @@ int CRYPTO_push_info_(const char *info, const char *file, int line) | |||
| 380 | return(ret); | 380 | return(ret); |
| 381 | } | 381 | } |
| 382 | 382 | ||
| 383 | int CRYPTO_pop_info(void) | 383 | int CRYPTO_dbg_pop_info(void) |
| 384 | { | 384 | { |
| 385 | int ret=0; | 385 | int ret=0; |
| 386 | 386 | ||
| @@ -395,7 +395,7 @@ int CRYPTO_pop_info(void) | |||
| 395 | return(ret); | 395 | return(ret); |
| 396 | } | 396 | } |
| 397 | 397 | ||
| 398 | int CRYPTO_remove_all_info(void) | 398 | int CRYPTO_dbg_remove_all_info(void) |
| 399 | { | 399 | { |
| 400 | int ret=0; | 400 | int ret=0; |
| 401 | 401 | ||
| @@ -793,3 +793,25 @@ void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb) | |||
| 793 | lh_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), &cb); | 793 | lh_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), &cb); |
| 794 | CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); | 794 | CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); |
| 795 | } | 795 | } |
| 796 | |||
| 797 | void CRYPTO_malloc_debug_init(void) | ||
| 798 | { | ||
| 799 | CRYPTO_set_mem_debug_functions( | ||
| 800 | CRYPTO_dbg_malloc, | ||
| 801 | CRYPTO_dbg_realloc, | ||
| 802 | CRYPTO_dbg_free, | ||
| 803 | CRYPTO_dbg_set_options, | ||
| 804 | CRYPTO_dbg_get_options); | ||
| 805 | CRYPTO_set_mem_info_functions( | ||
| 806 | CRYPTO_dbg_push_info, | ||
| 807 | CRYPTO_dbg_pop_info, | ||
| 808 | CRYPTO_dbg_remove_all_info); | ||
| 809 | } | ||
| 810 | |||
| 811 | char *CRYPTO_strdup(const char *str, const char *file, int line) | ||
| 812 | { | ||
| 813 | char *ret = CRYPTO_malloc(strlen(str)+1, file, line); | ||
| 814 | |||
| 815 | strcpy(ret, str); | ||
| 816 | return ret; | ||
| 817 | } | ||
diff --git a/src/lib/libssl/src/crypto/objects/Makefile b/src/lib/libssl/src/crypto/objects/Makefile index 9c5615099c..25e8b23b5d 100644 --- a/src/lib/libssl/src/crypto/objects/Makefile +++ b/src/lib/libssl/src/crypto/objects/Makefile | |||
| @@ -34,7 +34,7 @@ top: | |||
| 34 | all: obj_dat.h lib | 34 | all: obj_dat.h lib |
| 35 | 35 | ||
| 36 | lib: $(LIBOBJ) | 36 | lib: $(LIBOBJ) |
| 37 | $(AR) $(LIB) $(LIBOBJ) | 37 | $(ARX) $(LIB) $(LIBOBJ) |
| 38 | $(RANLIB) $(LIB) || echo Never mind. | 38 | $(RANLIB) $(LIB) || echo Never mind. |
| 39 | @touch lib | 39 | @touch lib |
| 40 | 40 | ||
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.h b/src/lib/libssl/src/crypto/objects/obj_dat.h index 99acf131f8..dccc15e03c 100644 --- a/src/lib/libssl/src/crypto/objects/obj_dat.h +++ b/src/lib/libssl/src/crypto/objects/obj_dat.h | |||
| @@ -62,12 +62,12 @@ | |||
| 62 | * [including the GNU Public Licence.] | 62 | * [including the GNU Public Licence.] |
| 63 | */ | 63 | */ |
| 64 | 64 | ||
| 65 | #define NUM_NID 791 | 65 | #define NUM_NID 859 |
| 66 | #define NUM_SN 784 | 66 | #define NUM_SN 852 |
| 67 | #define NUM_LN 784 | 67 | #define NUM_LN 852 |
| 68 | #define NUM_OBJ 740 | 68 | #define NUM_OBJ 806 |
| 69 | 69 | ||
| 70 | static unsigned char lvalues[5258]={ | 70 | static unsigned char lvalues[5722]={ |
| 71 | 0x00, /* [ 0] OBJ_undef */ | 71 | 0x00, /* [ 0] OBJ_undef */ |
| 72 | 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ | 72 | 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 1] OBJ_rsadsi */ |
| 73 | 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ | 73 | 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 7] OBJ_pkcs */ |
| @@ -808,6 +808,72 @@ static unsigned char lvalues[5258]={ | |||
| 808 | 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5230] OBJ_id_aes128_wrap */ | 808 | 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5230] OBJ_id_aes128_wrap */ |
| 809 | 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5239] OBJ_id_aes192_wrap */ | 809 | 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5239] OBJ_id_aes192_wrap */ |
| 810 | 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5248] OBJ_id_aes256_wrap */ | 810 | 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5248] OBJ_id_aes256_wrap */ |
| 811 | 0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02, /* [5257] OBJ_ecdsa_with_Recommended */ | ||
| 812 | 0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03, /* [5264] OBJ_ecdsa_with_Specified */ | ||
| 813 | 0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01, /* [5271] OBJ_ecdsa_with_SHA224 */ | ||
| 814 | 0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02, /* [5279] OBJ_ecdsa_with_SHA256 */ | ||
| 815 | 0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03, /* [5287] OBJ_ecdsa_with_SHA384 */ | ||
| 816 | 0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04, /* [5295] OBJ_ecdsa_with_SHA512 */ | ||
| 817 | 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06, /* [5303] OBJ_hmacWithMD5 */ | ||
| 818 | 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08, /* [5311] OBJ_hmacWithSHA224 */ | ||
| 819 | 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09, /* [5319] OBJ_hmacWithSHA256 */ | ||
| 820 | 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A, /* [5327] OBJ_hmacWithSHA384 */ | ||
| 821 | 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B, /* [5335] OBJ_hmacWithSHA512 */ | ||
| 822 | 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5343] OBJ_dsa_with_SHA224 */ | ||
| 823 | 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5352] OBJ_dsa_with_SHA256 */ | ||
| 824 | 0x28,0xCF,0x06,0x03,0x00,0x37, /* [5361] OBJ_whirlpool */ | ||
| 825 | 0x2A,0x85,0x03,0x02,0x02, /* [5367] OBJ_cryptopro */ | ||
| 826 | 0x2A,0x85,0x03,0x02,0x09, /* [5372] OBJ_cryptocom */ | ||
| 827 | 0x2A,0x85,0x03,0x02,0x02,0x03, /* [5377] OBJ_id_GostR3411_94_with_GostR3410_2001 */ | ||
| 828 | 0x2A,0x85,0x03,0x02,0x02,0x04, /* [5383] OBJ_id_GostR3411_94_with_GostR3410_94 */ | ||
| 829 | 0x2A,0x85,0x03,0x02,0x02,0x09, /* [5389] OBJ_id_GostR3411_94 */ | ||
| 830 | 0x2A,0x85,0x03,0x02,0x02,0x0A, /* [5395] OBJ_id_HMACGostR3411_94 */ | ||
| 831 | 0x2A,0x85,0x03,0x02,0x02,0x13, /* [5401] OBJ_id_GostR3410_2001 */ | ||
| 832 | 0x2A,0x85,0x03,0x02,0x02,0x14, /* [5407] OBJ_id_GostR3410_94 */ | ||
| 833 | 0x2A,0x85,0x03,0x02,0x02,0x15, /* [5413] OBJ_id_Gost28147_89 */ | ||
| 834 | 0x2A,0x85,0x03,0x02,0x02,0x16, /* [5419] OBJ_id_Gost28147_89_MAC */ | ||
| 835 | 0x2A,0x85,0x03,0x02,0x02,0x17, /* [5425] OBJ_id_GostR3411_94_prf */ | ||
| 836 | 0x2A,0x85,0x03,0x02,0x02,0x62, /* [5431] OBJ_id_GostR3410_2001DH */ | ||
| 837 | 0x2A,0x85,0x03,0x02,0x02,0x63, /* [5437] OBJ_id_GostR3410_94DH */ | ||
| 838 | 0x2A,0x85,0x03,0x02,0x02,0x0E,0x01, /* [5443] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */ | ||
| 839 | 0x2A,0x85,0x03,0x02,0x02,0x0E,0x00, /* [5450] OBJ_id_Gost28147_89_None_KeyMeshing */ | ||
| 840 | 0x2A,0x85,0x03,0x02,0x02,0x1E,0x00, /* [5457] OBJ_id_GostR3411_94_TestParamSet */ | ||
| 841 | 0x2A,0x85,0x03,0x02,0x02,0x1E,0x01, /* [5464] OBJ_id_GostR3411_94_CryptoProParamSet */ | ||
| 842 | 0x2A,0x85,0x03,0x02,0x02,0x1F,0x00, /* [5471] OBJ_id_Gost28147_89_TestParamSet */ | ||
| 843 | 0x2A,0x85,0x03,0x02,0x02,0x1F,0x01, /* [5478] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */ | ||
| 844 | 0x2A,0x85,0x03,0x02,0x02,0x1F,0x02, /* [5485] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */ | ||
| 845 | 0x2A,0x85,0x03,0x02,0x02,0x1F,0x03, /* [5492] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */ | ||
| 846 | 0x2A,0x85,0x03,0x02,0x02,0x1F,0x04, /* [5499] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */ | ||
| 847 | 0x2A,0x85,0x03,0x02,0x02,0x1F,0x05, /* [5506] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */ | ||
| 848 | 0x2A,0x85,0x03,0x02,0x02,0x1F,0x06, /* [5513] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */ | ||
| 849 | 0x2A,0x85,0x03,0x02,0x02,0x1F,0x07, /* [5520] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */ | ||
| 850 | 0x2A,0x85,0x03,0x02,0x02,0x20,0x00, /* [5527] OBJ_id_GostR3410_94_TestParamSet */ | ||
| 851 | 0x2A,0x85,0x03,0x02,0x02,0x20,0x02, /* [5534] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */ | ||
| 852 | 0x2A,0x85,0x03,0x02,0x02,0x20,0x03, /* [5541] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */ | ||
| 853 | 0x2A,0x85,0x03,0x02,0x02,0x20,0x04, /* [5548] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */ | ||
| 854 | 0x2A,0x85,0x03,0x02,0x02,0x20,0x05, /* [5555] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */ | ||
| 855 | 0x2A,0x85,0x03,0x02,0x02,0x21,0x01, /* [5562] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */ | ||
| 856 | 0x2A,0x85,0x03,0x02,0x02,0x21,0x02, /* [5569] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */ | ||
| 857 | 0x2A,0x85,0x03,0x02,0x02,0x21,0x03, /* [5576] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */ | ||
| 858 | 0x2A,0x85,0x03,0x02,0x02,0x23,0x00, /* [5583] OBJ_id_GostR3410_2001_TestParamSet */ | ||
| 859 | 0x2A,0x85,0x03,0x02,0x02,0x23,0x01, /* [5590] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */ | ||
| 860 | 0x2A,0x85,0x03,0x02,0x02,0x23,0x02, /* [5597] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */ | ||
| 861 | 0x2A,0x85,0x03,0x02,0x02,0x23,0x03, /* [5604] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */ | ||
| 862 | 0x2A,0x85,0x03,0x02,0x02,0x24,0x00, /* [5611] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */ | ||
| 863 | 0x2A,0x85,0x03,0x02,0x02,0x24,0x01, /* [5618] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */ | ||
| 864 | 0x2A,0x85,0x03,0x02,0x02,0x14,0x01, /* [5625] OBJ_id_GostR3410_94_a */ | ||
| 865 | 0x2A,0x85,0x03,0x02,0x02,0x14,0x02, /* [5632] OBJ_id_GostR3410_94_aBis */ | ||
| 866 | 0x2A,0x85,0x03,0x02,0x02,0x14,0x03, /* [5639] OBJ_id_GostR3410_94_b */ | ||
| 867 | 0x2A,0x85,0x03,0x02,0x02,0x14,0x04, /* [5646] OBJ_id_GostR3410_94_bBis */ | ||
| 868 | 0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01, /* [5653] OBJ_id_Gost28147_89_cc */ | ||
| 869 | 0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03, /* [5661] OBJ_id_GostR3410_94_cc */ | ||
| 870 | 0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04, /* [5669] OBJ_id_GostR3410_2001_cc */ | ||
| 871 | 0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03, /* [5677] OBJ_id_GostR3411_94_with_GostR3410_94_cc */ | ||
| 872 | 0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04, /* [5685] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */ | ||
| 873 | 0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01, /* [5693] OBJ_id_GostR3410_2001_ParamSet_cc */ | ||
| 874 | 0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5701] OBJ_LocalKeySet */ | ||
| 875 | 0x55,0x1D,0x2E, /* [5710] OBJ_freshest_crl */ | ||
| 876 | 0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03, /* [5713] OBJ_id_on_permanentIdentifier */ | ||
| 811 | }; | 877 | }; |
| 812 | 878 | ||
| 813 | static ASN1_OBJECT nid_objs[NUM_NID]={ | 879 | static ASN1_OBJECT nid_objs[NUM_NID]={ |
| @@ -2039,6 +2105,163 @@ static ASN1_OBJECT nid_objs[NUM_NID]={ | |||
| 2039 | &(lvalues[5239]),0}, | 2105 | &(lvalues[5239]),0}, |
| 2040 | {"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9, | 2106 | {"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9, |
| 2041 | &(lvalues[5248]),0}, | 2107 | &(lvalues[5248]),0}, |
| 2108 | {"ecdsa-with-Recommended","ecdsa-with-Recommended", | ||
| 2109 | NID_ecdsa_with_Recommended,7,&(lvalues[5257]),0}, | ||
| 2110 | {"ecdsa-with-Specified","ecdsa-with-Specified", | ||
| 2111 | NID_ecdsa_with_Specified,7,&(lvalues[5264]),0}, | ||
| 2112 | {"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8, | ||
| 2113 | &(lvalues[5271]),0}, | ||
| 2114 | {"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8, | ||
| 2115 | &(lvalues[5279]),0}, | ||
| 2116 | {"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8, | ||
| 2117 | &(lvalues[5287]),0}, | ||
| 2118 | {"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8, | ||
| 2119 | &(lvalues[5295]),0}, | ||
| 2120 | {"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5303]),0}, | ||
| 2121 | {"hmacWithSHA224","hmacWithSHA224",NID_hmacWithSHA224,8, | ||
| 2122 | &(lvalues[5311]),0}, | ||
| 2123 | {"hmacWithSHA256","hmacWithSHA256",NID_hmacWithSHA256,8, | ||
| 2124 | &(lvalues[5319]),0}, | ||
| 2125 | {"hmacWithSHA384","hmacWithSHA384",NID_hmacWithSHA384,8, | ||
| 2126 | &(lvalues[5327]),0}, | ||
| 2127 | {"hmacWithSHA512","hmacWithSHA512",NID_hmacWithSHA512,8, | ||
| 2128 | &(lvalues[5335]),0}, | ||
| 2129 | {"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9, | ||
| 2130 | &(lvalues[5343]),0}, | ||
| 2131 | {"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9, | ||
| 2132 | &(lvalues[5352]),0}, | ||
| 2133 | {"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5361]),0}, | ||
| 2134 | {"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5367]),0}, | ||
| 2135 | {"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5372]),0}, | ||
| 2136 | {"id-GostR3411-94-with-GostR3410-2001", | ||
| 2137 | "GOST R 34.11-94 with GOST R 34.10-2001", | ||
| 2138 | NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5377]),0}, | ||
| 2139 | {"id-GostR3411-94-with-GostR3410-94", | ||
| 2140 | "GOST R 34.11-94 with GOST R 34.10-94", | ||
| 2141 | NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5383]),0}, | ||
| 2142 | {"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5389]),0}, | ||
| 2143 | {"id-HMACGostR3411-94","HMAC GOST 34.11-94",NID_id_HMACGostR3411_94,6, | ||
| 2144 | &(lvalues[5395]),0}, | ||
| 2145 | {"gost2001","GOST R 34.10-2001",NID_id_GostR3410_2001,6, | ||
| 2146 | &(lvalues[5401]),0}, | ||
| 2147 | {"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5407]),0}, | ||
| 2148 | {"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5413]),0}, | ||
| 2149 | {"gost89-cnt","gost89-cnt",NID_gost89_cnt,0,NULL,0}, | ||
| 2150 | {"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6, | ||
| 2151 | &(lvalues[5419]),0}, | ||
| 2152 | {"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6, | ||
| 2153 | &(lvalues[5425]),0}, | ||
| 2154 | {"id-GostR3410-2001DH","GOST R 34.10-2001 DH",NID_id_GostR3410_2001DH, | ||
| 2155 | 6,&(lvalues[5431]),0}, | ||
| 2156 | {"id-GostR3410-94DH","GOST R 34.10-94 DH",NID_id_GostR3410_94DH,6, | ||
| 2157 | &(lvalues[5437]),0}, | ||
| 2158 | {"id-Gost28147-89-CryptoPro-KeyMeshing", | ||
| 2159 | "id-Gost28147-89-CryptoPro-KeyMeshing", | ||
| 2160 | NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5443]),0}, | ||
| 2161 | {"id-Gost28147-89-None-KeyMeshing","id-Gost28147-89-None-KeyMeshing", | ||
| 2162 | NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5450]),0}, | ||
| 2163 | {"id-GostR3411-94-TestParamSet","id-GostR3411-94-TestParamSet", | ||
| 2164 | NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5457]),0}, | ||
| 2165 | {"id-GostR3411-94-CryptoProParamSet", | ||
| 2166 | "id-GostR3411-94-CryptoProParamSet", | ||
| 2167 | NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5464]),0}, | ||
| 2168 | {"id-Gost28147-89-TestParamSet","id-Gost28147-89-TestParamSet", | ||
| 2169 | NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5471]),0}, | ||
| 2170 | {"id-Gost28147-89-CryptoPro-A-ParamSet", | ||
| 2171 | "id-Gost28147-89-CryptoPro-A-ParamSet", | ||
| 2172 | NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5478]),0}, | ||
| 2173 | {"id-Gost28147-89-CryptoPro-B-ParamSet", | ||
| 2174 | "id-Gost28147-89-CryptoPro-B-ParamSet", | ||
| 2175 | NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5485]),0}, | ||
| 2176 | {"id-Gost28147-89-CryptoPro-C-ParamSet", | ||
| 2177 | "id-Gost28147-89-CryptoPro-C-ParamSet", | ||
| 2178 | NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5492]),0}, | ||
| 2179 | {"id-Gost28147-89-CryptoPro-D-ParamSet", | ||
| 2180 | "id-Gost28147-89-CryptoPro-D-ParamSet", | ||
| 2181 | NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5499]),0}, | ||
| 2182 | {"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet", | ||
| 2183 | "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet", | ||
| 2184 | NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5506]), | ||
| 2185 | 0}, | ||
| 2186 | {"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet", | ||
| 2187 | "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet", | ||
| 2188 | NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5513]), | ||
| 2189 | 0}, | ||
| 2190 | {"id-Gost28147-89-CryptoPro-RIC-1-ParamSet", | ||
| 2191 | "id-Gost28147-89-CryptoPro-RIC-1-ParamSet", | ||
| 2192 | NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5520]),0}, | ||
| 2193 | {"id-GostR3410-94-TestParamSet","id-GostR3410-94-TestParamSet", | ||
| 2194 | NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5527]),0}, | ||
| 2195 | {"id-GostR3410-94-CryptoPro-A-ParamSet", | ||
| 2196 | "id-GostR3410-94-CryptoPro-A-ParamSet", | ||
| 2197 | NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5534]),0}, | ||
| 2198 | {"id-GostR3410-94-CryptoPro-B-ParamSet", | ||
| 2199 | "id-GostR3410-94-CryptoPro-B-ParamSet", | ||
| 2200 | NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5541]),0}, | ||
| 2201 | {"id-GostR3410-94-CryptoPro-C-ParamSet", | ||
| 2202 | "id-GostR3410-94-CryptoPro-C-ParamSet", | ||
| 2203 | NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5548]),0}, | ||
| 2204 | {"id-GostR3410-94-CryptoPro-D-ParamSet", | ||
| 2205 | "id-GostR3410-94-CryptoPro-D-ParamSet", | ||
| 2206 | NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5555]),0}, | ||
| 2207 | {"id-GostR3410-94-CryptoPro-XchA-ParamSet", | ||
| 2208 | "id-GostR3410-94-CryptoPro-XchA-ParamSet", | ||
| 2209 | NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5562]),0}, | ||
| 2210 | {"id-GostR3410-94-CryptoPro-XchB-ParamSet", | ||
| 2211 | "id-GostR3410-94-CryptoPro-XchB-ParamSet", | ||
| 2212 | NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5569]),0}, | ||
| 2213 | {"id-GostR3410-94-CryptoPro-XchC-ParamSet", | ||
| 2214 | "id-GostR3410-94-CryptoPro-XchC-ParamSet", | ||
| 2215 | NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5576]),0}, | ||
| 2216 | {"id-GostR3410-2001-TestParamSet","id-GostR3410-2001-TestParamSet", | ||
| 2217 | NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5583]),0}, | ||
| 2218 | {"id-GostR3410-2001-CryptoPro-A-ParamSet", | ||
| 2219 | "id-GostR3410-2001-CryptoPro-A-ParamSet", | ||
| 2220 | NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5590]),0}, | ||
| 2221 | {"id-GostR3410-2001-CryptoPro-B-ParamSet", | ||
| 2222 | "id-GostR3410-2001-CryptoPro-B-ParamSet", | ||
| 2223 | NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5597]),0}, | ||
| 2224 | {"id-GostR3410-2001-CryptoPro-C-ParamSet", | ||
| 2225 | "id-GostR3410-2001-CryptoPro-C-ParamSet", | ||
| 2226 | NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5604]),0}, | ||
| 2227 | {"id-GostR3410-2001-CryptoPro-XchA-ParamSet", | ||
| 2228 | "id-GostR3410-2001-CryptoPro-XchA-ParamSet", | ||
| 2229 | NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5611]),0}, | ||
| 2230 | |||
| 2231 | {"id-GostR3410-2001-CryptoPro-XchB-ParamSet", | ||
| 2232 | "id-GostR3410-2001-CryptoPro-XchB-ParamSet", | ||
| 2233 | NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5618]),0}, | ||
| 2234 | |||
| 2235 | {"id-GostR3410-94-a","id-GostR3410-94-a",NID_id_GostR3410_94_a,7, | ||
| 2236 | &(lvalues[5625]),0}, | ||
| 2237 | {"id-GostR3410-94-aBis","id-GostR3410-94-aBis", | ||
| 2238 | NID_id_GostR3410_94_aBis,7,&(lvalues[5632]),0}, | ||
| 2239 | {"id-GostR3410-94-b","id-GostR3410-94-b",NID_id_GostR3410_94_b,7, | ||
| 2240 | &(lvalues[5639]),0}, | ||
| 2241 | {"id-GostR3410-94-bBis","id-GostR3410-94-bBis", | ||
| 2242 | NID_id_GostR3410_94_bBis,7,&(lvalues[5646]),0}, | ||
| 2243 | {"id-Gost28147-89-cc","GOST 28147-89 Cryptocom ParamSet", | ||
| 2244 | NID_id_Gost28147_89_cc,8,&(lvalues[5653]),0}, | ||
| 2245 | {"gost94cc","GOST 34.10-94 Cryptocom",NID_id_GostR3410_94_cc,8, | ||
| 2246 | &(lvalues[5661]),0}, | ||
| 2247 | {"gost2001cc","GOST 34.10-2001 Cryptocom",NID_id_GostR3410_2001_cc,8, | ||
| 2248 | &(lvalues[5669]),0}, | ||
| 2249 | {"id-GostR3411-94-with-GostR3410-94-cc", | ||
| 2250 | "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom", | ||
| 2251 | NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5677]),0}, | ||
| 2252 | {"id-GostR3411-94-with-GostR3410-2001-cc", | ||
| 2253 | "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom", | ||
| 2254 | NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5685]),0}, | ||
| 2255 | {"id-GostR3410-2001-ParamSet-cc", | ||
| 2256 | "GOST R 3410-2001 Parameter Set Cryptocom", | ||
| 2257 | NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5693]),0}, | ||
| 2258 | {"HMAC","hmac",NID_hmac,0,NULL,0}, | ||
| 2259 | {"LocalKeySet","Microsoft Local Key set",NID_LocalKeySet,9, | ||
| 2260 | &(lvalues[5701]),0}, | ||
| 2261 | {"freshestCRL","X509v3 Freshest CRL",NID_freshest_crl,3, | ||
| 2262 | &(lvalues[5710]),0}, | ||
| 2263 | {"id-on-permanentIdentifier","Permanent Identifier", | ||
| 2264 | NID_id_on_permanentIdentifier,8,&(lvalues[5713]),0}, | ||
| 2042 | }; | 2265 | }; |
| 2043 | 2266 | ||
| 2044 | static ASN1_OBJECT *sn_objs[NUM_SN]={ | 2267 | static ASN1_OBJECT *sn_objs[NUM_SN]={ |
| @@ -2119,6 +2342,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ | |||
| 2119 | &(nid_objs[67]),/* "DSA-old" */ | 2342 | &(nid_objs[67]),/* "DSA-old" */ |
| 2120 | &(nid_objs[297]),/* "DVCS" */ | 2343 | &(nid_objs[297]),/* "DVCS" */ |
| 2121 | &(nid_objs[99]),/* "GN" */ | 2344 | &(nid_objs[99]),/* "GN" */ |
| 2345 | &(nid_objs[855]),/* "HMAC" */ | ||
| 2122 | &(nid_objs[780]),/* "HMAC-MD5" */ | 2346 | &(nid_objs[780]),/* "HMAC-MD5" */ |
| 2123 | &(nid_objs[781]),/* "HMAC-SHA1" */ | 2347 | &(nid_objs[781]),/* "HMAC-SHA1" */ |
| 2124 | &(nid_objs[381]),/* "IANA" */ | 2348 | &(nid_objs[381]),/* "IANA" */ |
| @@ -2132,6 +2356,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ | |||
| 2132 | &(nid_objs[646]),/* "JOINT-ISO-ITU-T" */ | 2356 | &(nid_objs[646]),/* "JOINT-ISO-ITU-T" */ |
| 2133 | &(nid_objs[773]),/* "KISA" */ | 2357 | &(nid_objs[773]),/* "KISA" */ |
| 2134 | &(nid_objs[15]),/* "L" */ | 2358 | &(nid_objs[15]),/* "L" */ |
| 2359 | &(nid_objs[856]),/* "LocalKeySet" */ | ||
| 2135 | &(nid_objs[ 3]),/* "MD2" */ | 2360 | &(nid_objs[ 3]),/* "MD2" */ |
| 2136 | &(nid_objs[257]),/* "MD4" */ | 2361 | &(nid_objs[257]),/* "MD4" */ |
| 2137 | &(nid_objs[ 4]),/* "MD5" */ | 2362 | &(nid_objs[ 4]),/* "MD5" */ |
| @@ -2275,6 +2500,8 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ | |||
| 2275 | &(nid_objs[153]),/* "crlBag" */ | 2500 | &(nid_objs[153]),/* "crlBag" */ |
| 2276 | &(nid_objs[103]),/* "crlDistributionPoints" */ | 2501 | &(nid_objs[103]),/* "crlDistributionPoints" */ |
| 2277 | &(nid_objs[88]),/* "crlNumber" */ | 2502 | &(nid_objs[88]),/* "crlNumber" */ |
| 2503 | &(nid_objs[806]),/* "cryptocom" */ | ||
| 2504 | &(nid_objs[805]),/* "cryptopro" */ | ||
| 2278 | &(nid_objs[500]),/* "dITRedirect" */ | 2505 | &(nid_objs[500]),/* "dITRedirect" */ |
| 2279 | &(nid_objs[451]),/* "dNSDomain" */ | 2506 | &(nid_objs[451]),/* "dNSDomain" */ |
| 2280 | &(nid_objs[495]),/* "dSAQuality" */ | 2507 | &(nid_objs[495]),/* "dSAQuality" */ |
| @@ -2295,7 +2522,15 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ | |||
| 2295 | &(nid_objs[470]),/* "documentVersion" */ | 2522 | &(nid_objs[470]),/* "documentVersion" */ |
| 2296 | &(nid_objs[392]),/* "domain" */ | 2523 | &(nid_objs[392]),/* "domain" */ |
| 2297 | &(nid_objs[452]),/* "domainRelatedObject" */ | 2524 | &(nid_objs[452]),/* "domainRelatedObject" */ |
| 2525 | &(nid_objs[802]),/* "dsa_with_SHA224" */ | ||
| 2526 | &(nid_objs[803]),/* "dsa_with_SHA256" */ | ||
| 2527 | &(nid_objs[791]),/* "ecdsa-with-Recommended" */ | ||
| 2298 | &(nid_objs[416]),/* "ecdsa-with-SHA1" */ | 2528 | &(nid_objs[416]),/* "ecdsa-with-SHA1" */ |
| 2529 | &(nid_objs[793]),/* "ecdsa-with-SHA224" */ | ||
| 2530 | &(nid_objs[794]),/* "ecdsa-with-SHA256" */ | ||
| 2531 | &(nid_objs[795]),/* "ecdsa-with-SHA384" */ | ||
| 2532 | &(nid_objs[796]),/* "ecdsa-with-SHA512" */ | ||
| 2533 | &(nid_objs[792]),/* "ecdsa-with-Specified" */ | ||
| 2299 | &(nid_objs[48]),/* "emailAddress" */ | 2534 | &(nid_objs[48]),/* "emailAddress" */ |
| 2300 | &(nid_objs[132]),/* "emailProtection" */ | 2535 | &(nid_objs[132]),/* "emailProtection" */ |
| 2301 | &(nid_objs[389]),/* "enterprises" */ | 2536 | &(nid_objs[389]),/* "enterprises" */ |
| @@ -2305,11 +2540,24 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ | |||
| 2305 | &(nid_objs[126]),/* "extendedKeyUsage" */ | 2540 | &(nid_objs[126]),/* "extendedKeyUsage" */ |
| 2306 | &(nid_objs[372]),/* "extendedStatus" */ | 2541 | &(nid_objs[372]),/* "extendedStatus" */ |
| 2307 | &(nid_objs[462]),/* "favouriteDrink" */ | 2542 | &(nid_objs[462]),/* "favouriteDrink" */ |
| 2543 | &(nid_objs[857]),/* "freshestCRL" */ | ||
| 2308 | &(nid_objs[453]),/* "friendlyCountry" */ | 2544 | &(nid_objs[453]),/* "friendlyCountry" */ |
| 2309 | &(nid_objs[490]),/* "friendlyCountryName" */ | 2545 | &(nid_objs[490]),/* "friendlyCountryName" */ |
| 2310 | &(nid_objs[156]),/* "friendlyName" */ | 2546 | &(nid_objs[156]),/* "friendlyName" */ |
| 2311 | &(nid_objs[509]),/* "generationQualifier" */ | 2547 | &(nid_objs[509]),/* "generationQualifier" */ |
| 2548 | &(nid_objs[815]),/* "gost-mac" */ | ||
| 2549 | &(nid_objs[811]),/* "gost2001" */ | ||
| 2550 | &(nid_objs[851]),/* "gost2001cc" */ | ||
| 2551 | &(nid_objs[813]),/* "gost89" */ | ||
| 2552 | &(nid_objs[814]),/* "gost89-cnt" */ | ||
| 2553 | &(nid_objs[812]),/* "gost94" */ | ||
| 2554 | &(nid_objs[850]),/* "gost94cc" */ | ||
| 2555 | &(nid_objs[797]),/* "hmacWithMD5" */ | ||
| 2312 | &(nid_objs[163]),/* "hmacWithSHA1" */ | 2556 | &(nid_objs[163]),/* "hmacWithSHA1" */ |
| 2557 | &(nid_objs[798]),/* "hmacWithSHA224" */ | ||
| 2558 | &(nid_objs[799]),/* "hmacWithSHA256" */ | ||
| 2559 | &(nid_objs[800]),/* "hmacWithSHA384" */ | ||
| 2560 | &(nid_objs[801]),/* "hmacWithSHA512" */ | ||
| 2313 | &(nid_objs[432]),/* "holdInstructionCallIssuer" */ | 2561 | &(nid_objs[432]),/* "holdInstructionCallIssuer" */ |
| 2314 | &(nid_objs[430]),/* "holdInstructionCode" */ | 2562 | &(nid_objs[430]),/* "holdInstructionCode" */ |
| 2315 | &(nid_objs[431]),/* "holdInstructionNone" */ | 2563 | &(nid_objs[431]),/* "holdInstructionNone" */ |
| @@ -2319,6 +2567,45 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ | |||
| 2319 | &(nid_objs[466]),/* "host" */ | 2567 | &(nid_objs[466]),/* "host" */ |
| 2320 | &(nid_objs[442]),/* "iA5StringSyntax" */ | 2568 | &(nid_objs[442]),/* "iA5StringSyntax" */ |
| 2321 | &(nid_objs[783]),/* "id-DHBasedMac" */ | 2569 | &(nid_objs[783]),/* "id-DHBasedMac" */ |
| 2570 | &(nid_objs[824]),/* "id-Gost28147-89-CryptoPro-A-ParamSet" */ | ||
| 2571 | &(nid_objs[825]),/* "id-Gost28147-89-CryptoPro-B-ParamSet" */ | ||
| 2572 | &(nid_objs[826]),/* "id-Gost28147-89-CryptoPro-C-ParamSet" */ | ||
| 2573 | &(nid_objs[827]),/* "id-Gost28147-89-CryptoPro-D-ParamSet" */ | ||
| 2574 | &(nid_objs[819]),/* "id-Gost28147-89-CryptoPro-KeyMeshing" */ | ||
| 2575 | &(nid_objs[829]),/* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */ | ||
| 2576 | &(nid_objs[828]),/* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */ | ||
| 2577 | &(nid_objs[830]),/* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */ | ||
| 2578 | &(nid_objs[820]),/* "id-Gost28147-89-None-KeyMeshing" */ | ||
| 2579 | &(nid_objs[823]),/* "id-Gost28147-89-TestParamSet" */ | ||
| 2580 | &(nid_objs[849]),/* "id-Gost28147-89-cc" */ | ||
| 2581 | &(nid_objs[840]),/* "id-GostR3410-2001-CryptoPro-A-ParamSet" */ | ||
| 2582 | &(nid_objs[841]),/* "id-GostR3410-2001-CryptoPro-B-ParamSet" */ | ||
| 2583 | &(nid_objs[842]),/* "id-GostR3410-2001-CryptoPro-C-ParamSet" */ | ||
| 2584 | &(nid_objs[843]),/* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */ | ||
| 2585 | &(nid_objs[844]),/* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */ | ||
| 2586 | &(nid_objs[854]),/* "id-GostR3410-2001-ParamSet-cc" */ | ||
| 2587 | &(nid_objs[839]),/* "id-GostR3410-2001-TestParamSet" */ | ||
| 2588 | &(nid_objs[817]),/* "id-GostR3410-2001DH" */ | ||
| 2589 | &(nid_objs[832]),/* "id-GostR3410-94-CryptoPro-A-ParamSet" */ | ||
| 2590 | &(nid_objs[833]),/* "id-GostR3410-94-CryptoPro-B-ParamSet" */ | ||
| 2591 | &(nid_objs[834]),/* "id-GostR3410-94-CryptoPro-C-ParamSet" */ | ||
| 2592 | &(nid_objs[835]),/* "id-GostR3410-94-CryptoPro-D-ParamSet" */ | ||
| 2593 | &(nid_objs[836]),/* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */ | ||
| 2594 | &(nid_objs[837]),/* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */ | ||
| 2595 | &(nid_objs[838]),/* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */ | ||
| 2596 | &(nid_objs[831]),/* "id-GostR3410-94-TestParamSet" */ | ||
| 2597 | &(nid_objs[845]),/* "id-GostR3410-94-a" */ | ||
| 2598 | &(nid_objs[846]),/* "id-GostR3410-94-aBis" */ | ||
| 2599 | &(nid_objs[847]),/* "id-GostR3410-94-b" */ | ||
| 2600 | &(nid_objs[848]),/* "id-GostR3410-94-bBis" */ | ||
| 2601 | &(nid_objs[818]),/* "id-GostR3410-94DH" */ | ||
| 2602 | &(nid_objs[822]),/* "id-GostR3411-94-CryptoProParamSet" */ | ||
| 2603 | &(nid_objs[821]),/* "id-GostR3411-94-TestParamSet" */ | ||
| 2604 | &(nid_objs[807]),/* "id-GostR3411-94-with-GostR3410-2001" */ | ||
| 2605 | &(nid_objs[853]),/* "id-GostR3411-94-with-GostR3410-2001-cc" */ | ||
| 2606 | &(nid_objs[808]),/* "id-GostR3411-94-with-GostR3410-94" */ | ||
| 2607 | &(nid_objs[852]),/* "id-GostR3411-94-with-GostR3410-94-cc" */ | ||
| 2608 | &(nid_objs[810]),/* "id-HMACGostR3411-94" */ | ||
| 2322 | &(nid_objs[782]),/* "id-PasswordBasedMAC" */ | 2609 | &(nid_objs[782]),/* "id-PasswordBasedMAC" */ |
| 2323 | &(nid_objs[266]),/* "id-aca" */ | 2610 | &(nid_objs[266]),/* "id-aca" */ |
| 2324 | &(nid_objs[355]),/* "id-aca-accessIdentity" */ | 2611 | &(nid_objs[355]),/* "id-aca-accessIdentity" */ |
| @@ -2398,6 +2685,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ | |||
| 2398 | &(nid_objs[279]),/* "id-mod-qualified-cert-93" */ | 2685 | &(nid_objs[279]),/* "id-mod-qualified-cert-93" */ |
| 2399 | &(nid_objs[281]),/* "id-mod-timestamp-protocol" */ | 2686 | &(nid_objs[281]),/* "id-mod-timestamp-protocol" */ |
| 2400 | &(nid_objs[264]),/* "id-on" */ | 2687 | &(nid_objs[264]),/* "id-on" */ |
| 2688 | &(nid_objs[858]),/* "id-on-permanentIdentifier" */ | ||
| 2401 | &(nid_objs[347]),/* "id-on-personalData" */ | 2689 | &(nid_objs[347]),/* "id-on-personalData" */ |
| 2402 | &(nid_objs[265]),/* "id-pda" */ | 2690 | &(nid_objs[265]),/* "id-pda" */ |
| 2403 | &(nid_objs[352]),/* "id-pda-countryOfCitizenship" */ | 2691 | &(nid_objs[352]),/* "id-pda-countryOfCitizenship" */ |
| @@ -2522,6 +2810,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ | |||
| 2522 | &(nid_objs[460]),/* "mail" */ | 2810 | &(nid_objs[460]),/* "mail" */ |
| 2523 | &(nid_objs[493]),/* "mailPreferenceOption" */ | 2811 | &(nid_objs[493]),/* "mailPreferenceOption" */ |
| 2524 | &(nid_objs[467]),/* "manager" */ | 2812 | &(nid_objs[467]),/* "manager" */ |
| 2813 | &(nid_objs[809]),/* "md_gost94" */ | ||
| 2525 | &(nid_objs[182]),/* "member-body" */ | 2814 | &(nid_objs[182]),/* "member-body" */ |
| 2526 | &(nid_objs[51]),/* "messageDigest" */ | 2815 | &(nid_objs[51]),/* "messageDigest" */ |
| 2527 | &(nid_objs[383]),/* "mgmt" */ | 2816 | &(nid_objs[383]),/* "mgmt" */ |
| @@ -2590,6 +2879,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ | |||
| 2590 | &(nid_objs[747]),/* "policyMappings" */ | 2879 | &(nid_objs[747]),/* "policyMappings" */ |
| 2591 | &(nid_objs[661]),/* "postalCode" */ | 2880 | &(nid_objs[661]),/* "postalCode" */ |
| 2592 | &(nid_objs[683]),/* "ppBasis" */ | 2881 | &(nid_objs[683]),/* "ppBasis" */ |
| 2882 | &(nid_objs[816]),/* "prf-gostr3411-94" */ | ||
| 2593 | &(nid_objs[406]),/* "prime-field" */ | 2883 | &(nid_objs[406]),/* "prime-field" */ |
| 2594 | &(nid_objs[409]),/* "prime192v1" */ | 2884 | &(nid_objs[409]),/* "prime192v1" */ |
| 2595 | &(nid_objs[410]),/* "prime192v2" */ | 2885 | &(nid_objs[410]),/* "prime192v2" */ |
| @@ -2823,6 +3113,7 @@ static ASN1_OBJECT *sn_objs[NUM_SN]={ | |||
| 2823 | &(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */ | 3113 | &(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */ |
| 2824 | &(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */ | 3114 | &(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */ |
| 2825 | &(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */ | 3115 | &(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */ |
| 3116 | &(nid_objs[804]),/* "whirlpool" */ | ||
| 2826 | &(nid_objs[503]),/* "x500UniqueIdentifier" */ | 3117 | &(nid_objs[503]),/* "x500UniqueIdentifier" */ |
| 2827 | &(nid_objs[158]),/* "x509Certificate" */ | 3118 | &(nid_objs[158]),/* "x509Certificate" */ |
| 2828 | &(nid_objs[160]),/* "x509Crl" */ | 3119 | &(nid_objs[160]),/* "x509Crl" */ |
| @@ -2847,6 +3138,23 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ | |||
| 2847 | &(nid_objs[384]),/* "Experimental" */ | 3138 | &(nid_objs[384]),/* "Experimental" */ |
| 2848 | &(nid_objs[372]),/* "Extended OCSP Status" */ | 3139 | &(nid_objs[372]),/* "Extended OCSP Status" */ |
| 2849 | &(nid_objs[172]),/* "Extension Request" */ | 3140 | &(nid_objs[172]),/* "Extension Request" */ |
| 3141 | &(nid_objs[813]),/* "GOST 28147-89" */ | ||
| 3142 | &(nid_objs[849]),/* "GOST 28147-89 Cryptocom ParamSet" */ | ||
| 3143 | &(nid_objs[815]),/* "GOST 28147-89 MAC" */ | ||
| 3144 | &(nid_objs[851]),/* "GOST 34.10-2001 Cryptocom" */ | ||
| 3145 | &(nid_objs[850]),/* "GOST 34.10-94 Cryptocom" */ | ||
| 3146 | &(nid_objs[811]),/* "GOST R 34.10-2001" */ | ||
| 3147 | &(nid_objs[817]),/* "GOST R 34.10-2001 DH" */ | ||
| 3148 | &(nid_objs[812]),/* "GOST R 34.10-94" */ | ||
| 3149 | &(nid_objs[818]),/* "GOST R 34.10-94 DH" */ | ||
| 3150 | &(nid_objs[809]),/* "GOST R 34.11-94" */ | ||
| 3151 | &(nid_objs[816]),/* "GOST R 34.11-94 PRF" */ | ||
| 3152 | &(nid_objs[807]),/* "GOST R 34.11-94 with GOST R 34.10-2001" */ | ||
| 3153 | &(nid_objs[853]),/* "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom" */ | ||
| 3154 | &(nid_objs[808]),/* "GOST R 34.11-94 with GOST R 34.10-94" */ | ||
| 3155 | &(nid_objs[852]),/* "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" */ | ||
| 3156 | &(nid_objs[854]),/* "GOST R 3410-2001 Parameter Set Cryptocom" */ | ||
| 3157 | &(nid_objs[810]),/* "HMAC GOST 34.11-94" */ | ||
| 2850 | &(nid_objs[432]),/* "Hold Instruction Call Issuer" */ | 3158 | &(nid_objs[432]),/* "Hold Instruction Call Issuer" */ |
| 2851 | &(nid_objs[430]),/* "Hold Instruction Code" */ | 3159 | &(nid_objs[430]),/* "Hold Instruction Code" */ |
| 2852 | &(nid_objs[431]),/* "Hold Instruction None" */ | 3160 | &(nid_objs[431]),/* "Hold Instruction None" */ |
| @@ -2869,6 +3177,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ | |||
| 2869 | &(nid_objs[138]),/* "Microsoft Encrypted File System" */ | 3177 | &(nid_objs[138]),/* "Microsoft Encrypted File System" */ |
| 2870 | &(nid_objs[171]),/* "Microsoft Extension Request" */ | 3178 | &(nid_objs[171]),/* "Microsoft Extension Request" */ |
| 2871 | &(nid_objs[134]),/* "Microsoft Individual Code Signing" */ | 3179 | &(nid_objs[134]),/* "Microsoft Individual Code Signing" */ |
| 3180 | &(nid_objs[856]),/* "Microsoft Local Key set" */ | ||
| 2872 | &(nid_objs[137]),/* "Microsoft Server Gated Crypto" */ | 3181 | &(nid_objs[137]),/* "Microsoft Server Gated Crypto" */ |
| 2873 | &(nid_objs[648]),/* "Microsoft Smartcardlogin" */ | 3182 | &(nid_objs[648]),/* "Microsoft Smartcardlogin" */ |
| 2874 | &(nid_objs[136]),/* "Microsoft Trust List Signing" */ | 3183 | &(nid_objs[136]),/* "Microsoft Trust List Signing" */ |
| @@ -2899,6 +3208,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ | |||
| 2899 | &(nid_objs[69]),/* "PBKDF2" */ | 3208 | &(nid_objs[69]),/* "PBKDF2" */ |
| 2900 | &(nid_objs[162]),/* "PBMAC1" */ | 3209 | &(nid_objs[162]),/* "PBMAC1" */ |
| 2901 | &(nid_objs[127]),/* "PKIX" */ | 3210 | &(nid_objs[127]),/* "PKIX" */ |
| 3211 | &(nid_objs[858]),/* "Permanent Identifier" */ | ||
| 2902 | &(nid_objs[164]),/* "Policy Qualifier CPS" */ | 3212 | &(nid_objs[164]),/* "Policy Qualifier CPS" */ |
| 2903 | &(nid_objs[165]),/* "Policy Qualifier User Notice" */ | 3213 | &(nid_objs[165]),/* "Policy Qualifier User Notice" */ |
| 2904 | &(nid_objs[385]),/* "Private" */ | 3214 | &(nid_objs[385]),/* "Private" */ |
| @@ -2929,6 +3239,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ | |||
| 2929 | &(nid_objs[89]),/* "X509v3 Certificate Policies" */ | 3239 | &(nid_objs[89]),/* "X509v3 Certificate Policies" */ |
| 2930 | &(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */ | 3240 | &(nid_objs[140]),/* "X509v3 Delta CRL Indicator" */ |
| 2931 | &(nid_objs[126]),/* "X509v3 Extended Key Usage" */ | 3241 | &(nid_objs[126]),/* "X509v3 Extended Key Usage" */ |
| 3242 | &(nid_objs[857]),/* "X509v3 Freshest CRL" */ | ||
| 2932 | &(nid_objs[748]),/* "X509v3 Inhibit Any Policy" */ | 3243 | &(nid_objs[748]),/* "X509v3 Inhibit Any Policy" */ |
| 2933 | &(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */ | 3244 | &(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */ |
| 2934 | &(nid_objs[770]),/* "X509v3 Issuing Distrubution Point" */ | 3245 | &(nid_objs[770]),/* "X509v3 Issuing Distrubution Point" */ |
| @@ -3035,6 +3346,8 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ | |||
| 3035 | &(nid_objs[53]),/* "countersignature" */ | 3346 | &(nid_objs[53]),/* "countersignature" */ |
| 3036 | &(nid_objs[14]),/* "countryName" */ | 3347 | &(nid_objs[14]),/* "countryName" */ |
| 3037 | &(nid_objs[153]),/* "crlBag" */ | 3348 | &(nid_objs[153]),/* "crlBag" */ |
| 3349 | &(nid_objs[806]),/* "cryptocom" */ | ||
| 3350 | &(nid_objs[805]),/* "cryptopro" */ | ||
| 3038 | &(nid_objs[500]),/* "dITRedirect" */ | 3351 | &(nid_objs[500]),/* "dITRedirect" */ |
| 3039 | &(nid_objs[451]),/* "dNSDomain" */ | 3352 | &(nid_objs[451]),/* "dNSDomain" */ |
| 3040 | &(nid_objs[495]),/* "dSAQuality" */ | 3353 | &(nid_objs[495]),/* "dSAQuality" */ |
| @@ -3079,8 +3392,16 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ | |||
| 3079 | &(nid_objs[66]),/* "dsaWithSHA" */ | 3392 | &(nid_objs[66]),/* "dsaWithSHA" */ |
| 3080 | &(nid_objs[113]),/* "dsaWithSHA1" */ | 3393 | &(nid_objs[113]),/* "dsaWithSHA1" */ |
| 3081 | &(nid_objs[70]),/* "dsaWithSHA1-old" */ | 3394 | &(nid_objs[70]),/* "dsaWithSHA1-old" */ |
| 3395 | &(nid_objs[802]),/* "dsa_with_SHA224" */ | ||
| 3396 | &(nid_objs[803]),/* "dsa_with_SHA256" */ | ||
| 3082 | &(nid_objs[297]),/* "dvcs" */ | 3397 | &(nid_objs[297]),/* "dvcs" */ |
| 3398 | &(nid_objs[791]),/* "ecdsa-with-Recommended" */ | ||
| 3083 | &(nid_objs[416]),/* "ecdsa-with-SHA1" */ | 3399 | &(nid_objs[416]),/* "ecdsa-with-SHA1" */ |
| 3400 | &(nid_objs[793]),/* "ecdsa-with-SHA224" */ | ||
| 3401 | &(nid_objs[794]),/* "ecdsa-with-SHA256" */ | ||
| 3402 | &(nid_objs[795]),/* "ecdsa-with-SHA384" */ | ||
| 3403 | &(nid_objs[796]),/* "ecdsa-with-SHA512" */ | ||
| 3404 | &(nid_objs[792]),/* "ecdsa-with-Specified" */ | ||
| 3084 | &(nid_objs[48]),/* "emailAddress" */ | 3405 | &(nid_objs[48]),/* "emailAddress" */ |
| 3085 | &(nid_objs[632]),/* "encrypted track 2" */ | 3406 | &(nid_objs[632]),/* "encrypted track 2" */ |
| 3086 | &(nid_objs[56]),/* "extendedCertificateAttributes" */ | 3407 | &(nid_objs[56]),/* "extendedCertificateAttributes" */ |
| @@ -3092,14 +3413,51 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ | |||
| 3092 | &(nid_objs[509]),/* "generationQualifier" */ | 3413 | &(nid_objs[509]),/* "generationQualifier" */ |
| 3093 | &(nid_objs[601]),/* "generic cryptogram" */ | 3414 | &(nid_objs[601]),/* "generic cryptogram" */ |
| 3094 | &(nid_objs[99]),/* "givenName" */ | 3415 | &(nid_objs[99]),/* "givenName" */ |
| 3416 | &(nid_objs[814]),/* "gost89-cnt" */ | ||
| 3417 | &(nid_objs[855]),/* "hmac" */ | ||
| 3095 | &(nid_objs[780]),/* "hmac-md5" */ | 3418 | &(nid_objs[780]),/* "hmac-md5" */ |
| 3096 | &(nid_objs[781]),/* "hmac-sha1" */ | 3419 | &(nid_objs[781]),/* "hmac-sha1" */ |
| 3420 | &(nid_objs[797]),/* "hmacWithMD5" */ | ||
| 3097 | &(nid_objs[163]),/* "hmacWithSHA1" */ | 3421 | &(nid_objs[163]),/* "hmacWithSHA1" */ |
| 3422 | &(nid_objs[798]),/* "hmacWithSHA224" */ | ||
| 3423 | &(nid_objs[799]),/* "hmacWithSHA256" */ | ||
| 3424 | &(nid_objs[800]),/* "hmacWithSHA384" */ | ||
| 3425 | &(nid_objs[801]),/* "hmacWithSHA512" */ | ||
| 3098 | &(nid_objs[486]),/* "homePostalAddress" */ | 3426 | &(nid_objs[486]),/* "homePostalAddress" */ |
| 3099 | &(nid_objs[473]),/* "homeTelephoneNumber" */ | 3427 | &(nid_objs[473]),/* "homeTelephoneNumber" */ |
| 3100 | &(nid_objs[466]),/* "host" */ | 3428 | &(nid_objs[466]),/* "host" */ |
| 3101 | &(nid_objs[442]),/* "iA5StringSyntax" */ | 3429 | &(nid_objs[442]),/* "iA5StringSyntax" */ |
| 3102 | &(nid_objs[381]),/* "iana" */ | 3430 | &(nid_objs[381]),/* "iana" */ |
| 3431 | &(nid_objs[824]),/* "id-Gost28147-89-CryptoPro-A-ParamSet" */ | ||
| 3432 | &(nid_objs[825]),/* "id-Gost28147-89-CryptoPro-B-ParamSet" */ | ||
| 3433 | &(nid_objs[826]),/* "id-Gost28147-89-CryptoPro-C-ParamSet" */ | ||
| 3434 | &(nid_objs[827]),/* "id-Gost28147-89-CryptoPro-D-ParamSet" */ | ||
| 3435 | &(nid_objs[819]),/* "id-Gost28147-89-CryptoPro-KeyMeshing" */ | ||
| 3436 | &(nid_objs[829]),/* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */ | ||
| 3437 | &(nid_objs[828]),/* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */ | ||
| 3438 | &(nid_objs[830]),/* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */ | ||
| 3439 | &(nid_objs[820]),/* "id-Gost28147-89-None-KeyMeshing" */ | ||
| 3440 | &(nid_objs[823]),/* "id-Gost28147-89-TestParamSet" */ | ||
| 3441 | &(nid_objs[840]),/* "id-GostR3410-2001-CryptoPro-A-ParamSet" */ | ||
| 3442 | &(nid_objs[841]),/* "id-GostR3410-2001-CryptoPro-B-ParamSet" */ | ||
| 3443 | &(nid_objs[842]),/* "id-GostR3410-2001-CryptoPro-C-ParamSet" */ | ||
| 3444 | &(nid_objs[843]),/* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */ | ||
| 3445 | &(nid_objs[844]),/* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */ | ||
| 3446 | &(nid_objs[839]),/* "id-GostR3410-2001-TestParamSet" */ | ||
| 3447 | &(nid_objs[832]),/* "id-GostR3410-94-CryptoPro-A-ParamSet" */ | ||
| 3448 | &(nid_objs[833]),/* "id-GostR3410-94-CryptoPro-B-ParamSet" */ | ||
| 3449 | &(nid_objs[834]),/* "id-GostR3410-94-CryptoPro-C-ParamSet" */ | ||
| 3450 | &(nid_objs[835]),/* "id-GostR3410-94-CryptoPro-D-ParamSet" */ | ||
| 3451 | &(nid_objs[836]),/* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */ | ||
| 3452 | &(nid_objs[837]),/* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */ | ||
| 3453 | &(nid_objs[838]),/* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */ | ||
| 3454 | &(nid_objs[831]),/* "id-GostR3410-94-TestParamSet" */ | ||
| 3455 | &(nid_objs[845]),/* "id-GostR3410-94-a" */ | ||
| 3456 | &(nid_objs[846]),/* "id-GostR3410-94-aBis" */ | ||
| 3457 | &(nid_objs[847]),/* "id-GostR3410-94-b" */ | ||
| 3458 | &(nid_objs[848]),/* "id-GostR3410-94-bBis" */ | ||
| 3459 | &(nid_objs[822]),/* "id-GostR3411-94-CryptoProParamSet" */ | ||
| 3460 | &(nid_objs[821]),/* "id-GostR3411-94-TestParamSet" */ | ||
| 3103 | &(nid_objs[266]),/* "id-aca" */ | 3461 | &(nid_objs[266]),/* "id-aca" */ |
| 3104 | &(nid_objs[355]),/* "id-aca-accessIdentity" */ | 3462 | &(nid_objs[355]),/* "id-aca-accessIdentity" */ |
| 3105 | &(nid_objs[354]),/* "id-aca-authenticationInfo" */ | 3463 | &(nid_objs[354]),/* "id-aca-authenticationInfo" */ |
| @@ -3609,6 +3967,7 @@ static ASN1_OBJECT *ln_objs[NUM_LN]={ | |||
| 3609 | &(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */ | 3967 | &(nid_objs[740]),/* "wap-wsg-idm-ecid-wtls7" */ |
| 3610 | &(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */ | 3968 | &(nid_objs[741]),/* "wap-wsg-idm-ecid-wtls8" */ |
| 3611 | &(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */ | 3969 | &(nid_objs[742]),/* "wap-wsg-idm-ecid-wtls9" */ |
| 3970 | &(nid_objs[804]),/* "whirlpool" */ | ||
| 3612 | &(nid_objs[503]),/* "x500UniqueIdentifier" */ | 3971 | &(nid_objs[503]),/* "x500UniqueIdentifier" */ |
| 3613 | &(nid_objs[158]),/* "x509Certificate" */ | 3972 | &(nid_objs[158]),/* "x509Certificate" */ |
| 3614 | &(nid_objs[160]),/* "x509Crl" */ | 3973 | &(nid_objs[160]),/* "x509Crl" */ |
| @@ -3680,6 +4039,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ | |||
| 3680 | &(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */ | 4039 | &(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */ |
| 3681 | &(nid_objs[401]),/* OBJ_policy_constraints 2 5 29 36 */ | 4040 | &(nid_objs[401]),/* OBJ_policy_constraints 2 5 29 36 */ |
| 3682 | &(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */ | 4041 | &(nid_objs[126]),/* OBJ_ext_key_usage 2 5 29 37 */ |
| 4042 | &(nid_objs[857]),/* OBJ_freshest_crl 2 5 29 46 */ | ||
| 3683 | &(nid_objs[748]),/* OBJ_inhibit_any_policy 2 5 29 54 */ | 4043 | &(nid_objs[748]),/* OBJ_inhibit_any_policy 2 5 29 54 */ |
| 3684 | &(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */ | 4044 | &(nid_objs[402]),/* OBJ_target_information 2 5 29 55 */ |
| 3685 | &(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */ | 4045 | &(nid_objs[403]),/* OBJ_no_rev_avail 2 5 29 56 */ |
| @@ -3814,6 +4174,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ | |||
| 3814 | &(nid_objs[637]),/* OBJ_set_brand_Diners 2 23 42 8 30 */ | 4174 | &(nid_objs[637]),/* OBJ_set_brand_Diners 2 23 42 8 30 */ |
| 3815 | &(nid_objs[638]),/* OBJ_set_brand_AmericanExpress 2 23 42 8 34 */ | 4175 | &(nid_objs[638]),/* OBJ_set_brand_AmericanExpress 2 23 42 8 34 */ |
| 3816 | &(nid_objs[639]),/* OBJ_set_brand_JCB 2 23 42 8 35 */ | 4176 | &(nid_objs[639]),/* OBJ_set_brand_JCB 2 23 42 8 35 */ |
| 4177 | &(nid_objs[805]),/* OBJ_cryptopro 1 2 643 2 2 */ | ||
| 4178 | &(nid_objs[806]),/* OBJ_cryptocom 1 2 643 2 9 */ | ||
| 3817 | &(nid_objs[184]),/* OBJ_X9_57 1 2 840 10040 */ | 4179 | &(nid_objs[184]),/* OBJ_X9_57 1 2 840 10040 */ |
| 3818 | &(nid_objs[405]),/* OBJ_ansi_X9_62 1 2 840 10045 */ | 4180 | &(nid_objs[405]),/* OBJ_ansi_X9_62 1 2 840 10045 */ |
| 3819 | &(nid_objs[389]),/* OBJ_Enterprises 1 3 6 1 4 1 */ | 4181 | &(nid_objs[389]),/* OBJ_Enterprises 1 3 6 1 4 1 */ |
| @@ -3884,8 +4246,20 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ | |||
| 3884 | &(nid_objs[743]),/* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 13 4 10 */ | 4246 | &(nid_objs[743]),/* OBJ_wap_wsg_idm_ecid_wtls10 2 23 43 13 4 10 */ |
| 3885 | &(nid_objs[744]),/* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 13 4 11 */ | 4247 | &(nid_objs[744]),/* OBJ_wap_wsg_idm_ecid_wtls11 2 23 43 13 4 11 */ |
| 3886 | &(nid_objs[745]),/* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 13 4 12 */ | 4248 | &(nid_objs[745]),/* OBJ_wap_wsg_idm_ecid_wtls12 2 23 43 13 4 12 */ |
| 4249 | &(nid_objs[804]),/* OBJ_whirlpool 1 0 10118 3 0 55 */ | ||
| 3887 | &(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */ | 4250 | &(nid_objs[124]),/* OBJ_rle_compression 1 1 1 1 666 1 */ |
| 3888 | &(nid_objs[773]),/* OBJ_kisa 1 2 410 200004 */ | 4251 | &(nid_objs[773]),/* OBJ_kisa 1 2 410 200004 */ |
| 4252 | &(nid_objs[807]),/* OBJ_id_GostR3411_94_with_GostR3410_2001 1 2 643 2 2 3 */ | ||
| 4253 | &(nid_objs[808]),/* OBJ_id_GostR3411_94_with_GostR3410_94 1 2 643 2 2 4 */ | ||
| 4254 | &(nid_objs[809]),/* OBJ_id_GostR3411_94 1 2 643 2 2 9 */ | ||
| 4255 | &(nid_objs[810]),/* OBJ_id_HMACGostR3411_94 1 2 643 2 2 10 */ | ||
| 4256 | &(nid_objs[811]),/* OBJ_id_GostR3410_2001 1 2 643 2 2 19 */ | ||
| 4257 | &(nid_objs[812]),/* OBJ_id_GostR3410_94 1 2 643 2 2 20 */ | ||
| 4258 | &(nid_objs[813]),/* OBJ_id_Gost28147_89 1 2 643 2 2 21 */ | ||
| 4259 | &(nid_objs[815]),/* OBJ_id_Gost28147_89_MAC 1 2 643 2 2 22 */ | ||
| 4260 | &(nid_objs[816]),/* OBJ_id_GostR3411_94_prf 1 2 643 2 2 23 */ | ||
| 4261 | &(nid_objs[817]),/* OBJ_id_GostR3410_2001DH 1 2 643 2 2 98 */ | ||
| 4262 | &(nid_objs[818]),/* OBJ_id_GostR3410_94DH 1 2 643 2 2 99 */ | ||
| 3889 | &(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */ | 4263 | &(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */ |
| 3890 | &(nid_objs[185]),/* OBJ_X9cm 1 2 840 10040 4 */ | 4264 | &(nid_objs[185]),/* OBJ_X9cm 1 2 840 10040 4 */ |
| 3891 | &(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */ | 4265 | &(nid_objs[127]),/* OBJ_id_pkix 1 3 6 1 5 5 7 */ |
| @@ -3898,6 +4272,36 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ | |||
| 3898 | &(nid_objs[634]),/* OBJ_setAttr_TokICCsig 2 23 42 3 3 5 1 */ | 4272 | &(nid_objs[634]),/* OBJ_setAttr_TokICCsig 2 23 42 3 3 5 1 */ |
| 3899 | &(nid_objs[635]),/* OBJ_setAttr_SecDevSig 2 23 42 3 3 5 2 */ | 4273 | &(nid_objs[635]),/* OBJ_setAttr_SecDevSig 2 23 42 3 3 5 2 */ |
| 3900 | &(nid_objs[436]),/* OBJ_ucl 0 9 2342 19200300 */ | 4274 | &(nid_objs[436]),/* OBJ_ucl 0 9 2342 19200300 */ |
| 4275 | &(nid_objs[820]),/* OBJ_id_Gost28147_89_None_KeyMeshing 1 2 643 2 2 14 0 */ | ||
| 4276 | &(nid_objs[819]),/* OBJ_id_Gost28147_89_CryptoPro_KeyMeshing 1 2 643 2 2 14 1 */ | ||
| 4277 | &(nid_objs[845]),/* OBJ_id_GostR3410_94_a 1 2 643 2 2 20 1 */ | ||
| 4278 | &(nid_objs[846]),/* OBJ_id_GostR3410_94_aBis 1 2 643 2 2 20 2 */ | ||
| 4279 | &(nid_objs[847]),/* OBJ_id_GostR3410_94_b 1 2 643 2 2 20 3 */ | ||
| 4280 | &(nid_objs[848]),/* OBJ_id_GostR3410_94_bBis 1 2 643 2 2 20 4 */ | ||
| 4281 | &(nid_objs[821]),/* OBJ_id_GostR3411_94_TestParamSet 1 2 643 2 2 30 0 */ | ||
| 4282 | &(nid_objs[822]),/* OBJ_id_GostR3411_94_CryptoProParamSet 1 2 643 2 2 30 1 */ | ||
| 4283 | &(nid_objs[823]),/* OBJ_id_Gost28147_89_TestParamSet 1 2 643 2 2 31 0 */ | ||
| 4284 | &(nid_objs[824]),/* OBJ_id_Gost28147_89_CryptoPro_A_ParamSet 1 2 643 2 2 31 1 */ | ||
| 4285 | &(nid_objs[825]),/* OBJ_id_Gost28147_89_CryptoPro_B_ParamSet 1 2 643 2 2 31 2 */ | ||
| 4286 | &(nid_objs[826]),/* OBJ_id_Gost28147_89_CryptoPro_C_ParamSet 1 2 643 2 2 31 3 */ | ||
| 4287 | &(nid_objs[827]),/* OBJ_id_Gost28147_89_CryptoPro_D_ParamSet 1 2 643 2 2 31 4 */ | ||
| 4288 | &(nid_objs[828]),/* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 1 2 643 2 2 31 5 */ | ||
| 4289 | &(nid_objs[829]),/* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 1 2 643 2 2 31 6 */ | ||
| 4290 | &(nid_objs[830]),/* OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 1 2 643 2 2 31 7 */ | ||
| 4291 | &(nid_objs[831]),/* OBJ_id_GostR3410_94_TestParamSet 1 2 643 2 2 32 0 */ | ||
| 4292 | &(nid_objs[832]),/* OBJ_id_GostR3410_94_CryptoPro_A_ParamSet 1 2 643 2 2 32 2 */ | ||
| 4293 | &(nid_objs[833]),/* OBJ_id_GostR3410_94_CryptoPro_B_ParamSet 1 2 643 2 2 32 3 */ | ||
| 4294 | &(nid_objs[834]),/* OBJ_id_GostR3410_94_CryptoPro_C_ParamSet 1 2 643 2 2 32 4 */ | ||
| 4295 | &(nid_objs[835]),/* OBJ_id_GostR3410_94_CryptoPro_D_ParamSet 1 2 643 2 2 32 5 */ | ||
| 4296 | &(nid_objs[836]),/* OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet 1 2 643 2 2 33 1 */ | ||
| 4297 | &(nid_objs[837]),/* OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet 1 2 643 2 2 33 2 */ | ||
| 4298 | &(nid_objs[838]),/* OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet 1 2 643 2 2 33 3 */ | ||
| 4299 | &(nid_objs[839]),/* OBJ_id_GostR3410_2001_TestParamSet 1 2 643 2 2 35 0 */ | ||
| 4300 | &(nid_objs[840]),/* OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet 1 2 643 2 2 35 1 */ | ||
| 4301 | &(nid_objs[841]),/* OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet 1 2 643 2 2 35 2 */ | ||
| 4302 | &(nid_objs[842]),/* OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet 1 2 643 2 2 35 3 */ | ||
| 4303 | &(nid_objs[843]),/* OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet 1 2 643 2 2 36 0 */ | ||
| 4304 | &(nid_objs[844]),/* OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet 1 2 643 2 2 36 1 */ | ||
| 3901 | &(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */ | 4305 | &(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */ |
| 3902 | &(nid_objs[431]),/* OBJ_hold_instruction_none 1 2 840 10040 2 1 */ | 4306 | &(nid_objs[431]),/* OBJ_hold_instruction_none 1 2 840 10040 2 1 */ |
| 3903 | &(nid_objs[432]),/* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */ | 4307 | &(nid_objs[432]),/* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */ |
| @@ -3908,6 +4312,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ | |||
| 3908 | &(nid_objs[407]),/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */ | 4312 | &(nid_objs[407]),/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */ |
| 3909 | &(nid_objs[408]),/* OBJ_X9_62_id_ecPublicKey 1 2 840 10045 2 1 */ | 4313 | &(nid_objs[408]),/* OBJ_X9_62_id_ecPublicKey 1 2 840 10045 2 1 */ |
| 3910 | &(nid_objs[416]),/* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */ | 4314 | &(nid_objs[416]),/* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */ |
| 4315 | &(nid_objs[791]),/* OBJ_ecdsa_with_Recommended 1 2 840 10045 4 2 */ | ||
| 4316 | &(nid_objs[792]),/* OBJ_ecdsa_with_Specified 1 2 840 10045 4 3 */ | ||
| 3911 | &(nid_objs[258]),/* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */ | 4317 | &(nid_objs[258]),/* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */ |
| 3912 | &(nid_objs[175]),/* OBJ_id_pe 1 3 6 1 5 5 7 1 */ | 4318 | &(nid_objs[175]),/* OBJ_id_pe 1 3 6 1 5 5 7 1 */ |
| 3913 | &(nid_objs[259]),/* OBJ_id_qt 1 3 6 1 5 5 7 2 */ | 4319 | &(nid_objs[259]),/* OBJ_id_qt 1 3 6 1 5 5 7 2 */ |
| @@ -3940,6 +4346,12 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ | |||
| 3940 | &(nid_objs[777]),/* OBJ_seed_cbc 1 2 410 200004 1 4 */ | 4346 | &(nid_objs[777]),/* OBJ_seed_cbc 1 2 410 200004 1 4 */ |
| 3941 | &(nid_objs[779]),/* OBJ_seed_cfb128 1 2 410 200004 1 5 */ | 4347 | &(nid_objs[779]),/* OBJ_seed_cfb128 1 2 410 200004 1 5 */ |
| 3942 | &(nid_objs[778]),/* OBJ_seed_ofb128 1 2 410 200004 1 6 */ | 4348 | &(nid_objs[778]),/* OBJ_seed_ofb128 1 2 410 200004 1 6 */ |
| 4349 | &(nid_objs[852]),/* OBJ_id_GostR3411_94_with_GostR3410_94_cc 1 2 643 2 9 1 3 3 */ | ||
| 4350 | &(nid_objs[853]),/* OBJ_id_GostR3411_94_with_GostR3410_2001_cc 1 2 643 2 9 1 3 4 */ | ||
| 4351 | &(nid_objs[850]),/* OBJ_id_GostR3410_94_cc 1 2 643 2 9 1 5 3 */ | ||
| 4352 | &(nid_objs[851]),/* OBJ_id_GostR3410_2001_cc 1 2 643 2 9 1 5 4 */ | ||
| 4353 | &(nid_objs[849]),/* OBJ_id_Gost28147_89_cc 1 2 643 2 9 1 6 1 */ | ||
| 4354 | &(nid_objs[854]),/* OBJ_id_GostR3410_2001_ParamSet_cc 1 2 643 2 9 1 8 1 */ | ||
| 3943 | &(nid_objs[186]),/* OBJ_pkcs1 1 2 840 113549 1 1 */ | 4355 | &(nid_objs[186]),/* OBJ_pkcs1 1 2 840 113549 1 1 */ |
| 3944 | &(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */ | 4356 | &(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */ |
| 3945 | &(nid_objs[187]),/* OBJ_pkcs5 1 2 840 113549 1 5 */ | 4357 | &(nid_objs[187]),/* OBJ_pkcs5 1 2 840 113549 1 5 */ |
| @@ -3948,7 +4360,12 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ | |||
| 3948 | &(nid_objs[ 3]),/* OBJ_md2 1 2 840 113549 2 2 */ | 4360 | &(nid_objs[ 3]),/* OBJ_md2 1 2 840 113549 2 2 */ |
| 3949 | &(nid_objs[257]),/* OBJ_md4 1 2 840 113549 2 4 */ | 4361 | &(nid_objs[257]),/* OBJ_md4 1 2 840 113549 2 4 */ |
| 3950 | &(nid_objs[ 4]),/* OBJ_md5 1 2 840 113549 2 5 */ | 4362 | &(nid_objs[ 4]),/* OBJ_md5 1 2 840 113549 2 5 */ |
| 4363 | &(nid_objs[797]),/* OBJ_hmacWithMD5 1 2 840 113549 2 6 */ | ||
| 3951 | &(nid_objs[163]),/* OBJ_hmacWithSHA1 1 2 840 113549 2 7 */ | 4364 | &(nid_objs[163]),/* OBJ_hmacWithSHA1 1 2 840 113549 2 7 */ |
| 4365 | &(nid_objs[798]),/* OBJ_hmacWithSHA224 1 2 840 113549 2 8 */ | ||
| 4366 | &(nid_objs[799]),/* OBJ_hmacWithSHA256 1 2 840 113549 2 9 */ | ||
| 4367 | &(nid_objs[800]),/* OBJ_hmacWithSHA384 1 2 840 113549 2 10 */ | ||
| 4368 | &(nid_objs[801]),/* OBJ_hmacWithSHA512 1 2 840 113549 2 11 */ | ||
| 3952 | &(nid_objs[37]),/* OBJ_rc2_cbc 1 2 840 113549 3 2 */ | 4369 | &(nid_objs[37]),/* OBJ_rc2_cbc 1 2 840 113549 3 2 */ |
| 3953 | &(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */ | 4370 | &(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */ |
| 3954 | &(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */ | 4371 | &(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */ |
| @@ -3982,6 +4399,10 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ | |||
| 3982 | &(nid_objs[413]),/* OBJ_X9_62_prime239v2 1 2 840 10045 3 1 5 */ | 4399 | &(nid_objs[413]),/* OBJ_X9_62_prime239v2 1 2 840 10045 3 1 5 */ |
| 3983 | &(nid_objs[414]),/* OBJ_X9_62_prime239v3 1 2 840 10045 3 1 6 */ | 4400 | &(nid_objs[414]),/* OBJ_X9_62_prime239v3 1 2 840 10045 3 1 6 */ |
| 3984 | &(nid_objs[415]),/* OBJ_X9_62_prime256v1 1 2 840 10045 3 1 7 */ | 4401 | &(nid_objs[415]),/* OBJ_X9_62_prime256v1 1 2 840 10045 3 1 7 */ |
| 4402 | &(nid_objs[793]),/* OBJ_ecdsa_with_SHA224 1 2 840 10045 4 3 1 */ | ||
| 4403 | &(nid_objs[794]),/* OBJ_ecdsa_with_SHA256 1 2 840 10045 4 3 2 */ | ||
| 4404 | &(nid_objs[795]),/* OBJ_ecdsa_with_SHA384 1 2 840 10045 4 3 3 */ | ||
| 4405 | &(nid_objs[796]),/* OBJ_ecdsa_with_SHA512 1 2 840 10045 4 3 4 */ | ||
| 3985 | &(nid_objs[269]),/* OBJ_id_pkix1_explicit_88 1 3 6 1 5 5 7 0 1 */ | 4406 | &(nid_objs[269]),/* OBJ_id_pkix1_explicit_88 1 3 6 1 5 5 7 0 1 */ |
| 3986 | &(nid_objs[270]),/* OBJ_id_pkix1_implicit_88 1 3 6 1 5 5 7 0 2 */ | 4407 | &(nid_objs[270]),/* OBJ_id_pkix1_implicit_88 1 3 6 1 5 5 7 0 2 */ |
| 3987 | &(nid_objs[271]),/* OBJ_id_pkix1_explicit_93 1 3 6 1 5 5 7 0 3 */ | 4408 | &(nid_objs[271]),/* OBJ_id_pkix1_explicit_93 1 3 6 1 5 5 7 0 3 */ |
| @@ -4066,6 +4487,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ | |||
| 4066 | &(nid_objs[345]),/* OBJ_id_cmc_popLinkWitness 1 3 6 1 5 5 7 7 23 */ | 4487 | &(nid_objs[345]),/* OBJ_id_cmc_popLinkWitness 1 3 6 1 5 5 7 7 23 */ |
| 4067 | &(nid_objs[346]),/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */ | 4488 | &(nid_objs[346]),/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */ |
| 4068 | &(nid_objs[347]),/* OBJ_id_on_personalData 1 3 6 1 5 5 7 8 1 */ | 4489 | &(nid_objs[347]),/* OBJ_id_on_personalData 1 3 6 1 5 5 7 8 1 */ |
| 4490 | &(nid_objs[858]),/* OBJ_id_on_permanentIdentifier 1 3 6 1 5 5 7 8 3 */ | ||
| 4069 | &(nid_objs[348]),/* OBJ_id_pda_dateOfBirth 1 3 6 1 5 5 7 9 1 */ | 4491 | &(nid_objs[348]),/* OBJ_id_pda_dateOfBirth 1 3 6 1 5 5 7 9 1 */ |
| 4070 | &(nid_objs[349]),/* OBJ_id_pda_placeOfBirth 1 3 6 1 5 5 7 9 2 */ | 4492 | &(nid_objs[349]),/* OBJ_id_pda_placeOfBirth 1 3 6 1 5 5 7 9 2 */ |
| 4071 | &(nid_objs[351]),/* OBJ_id_pda_gender 1 3 6 1 5 5 7 9 3 */ | 4493 | &(nid_objs[351]),/* OBJ_id_pda_gender 1 3 6 1 5 5 7 9 3 */ |
| @@ -4145,6 +4567,7 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ | |||
| 4145 | &(nid_objs[682]),/* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */ | 4567 | &(nid_objs[682]),/* OBJ_X9_62_tpBasis 1 2 840 10045 1 2 3 2 */ |
| 4146 | &(nid_objs[683]),/* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */ | 4568 | &(nid_objs[683]),/* OBJ_X9_62_ppBasis 1 2 840 10045 1 2 3 3 */ |
| 4147 | &(nid_objs[417]),/* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */ | 4569 | &(nid_objs[417]),/* OBJ_ms_csp_name 1 3 6 1 4 1 311 17 1 */ |
| 4570 | &(nid_objs[856]),/* OBJ_LocalKeySet 1 3 6 1 4 1 311 17 2 */ | ||
| 4148 | &(nid_objs[390]),/* OBJ_dcObject 1 3 6 1 4 1 1466 344 */ | 4571 | &(nid_objs[390]),/* OBJ_dcObject 1 3 6 1 4 1 1466 344 */ |
| 4149 | &(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */ | 4572 | &(nid_objs[91]),/* OBJ_bf_cbc 1 3 6 1 4 1 3029 1 2 */ |
| 4150 | &(nid_objs[315]),/* OBJ_id_regCtrl_regToken 1 3 6 1 5 5 7 5 1 1 */ | 4573 | &(nid_objs[315]),/* OBJ_id_regCtrl_regToken 1 3 6 1 5 5 7 5 1 1 */ |
| @@ -4185,6 +4608,8 @@ static ASN1_OBJECT *obj_objs[NUM_OBJ]={ | |||
| 4185 | &(nid_objs[673]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */ | 4608 | &(nid_objs[673]),/* OBJ_sha384 2 16 840 1 101 3 4 2 2 */ |
| 4186 | &(nid_objs[674]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */ | 4609 | &(nid_objs[674]),/* OBJ_sha512 2 16 840 1 101 3 4 2 3 */ |
| 4187 | &(nid_objs[675]),/* OBJ_sha224 2 16 840 1 101 3 4 2 4 */ | 4610 | &(nid_objs[675]),/* OBJ_sha224 2 16 840 1 101 3 4 2 4 */ |
| 4611 | &(nid_objs[802]),/* OBJ_dsa_with_SHA224 2 16 840 1 101 3 4 3 1 */ | ||
| 4612 | &(nid_objs[803]),/* OBJ_dsa_with_SHA256 2 16 840 1 101 3 4 3 2 */ | ||
| 4188 | &(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */ | 4613 | &(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */ |
| 4189 | &(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */ | 4614 | &(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */ |
| 4190 | &(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */ | 4615 | &(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */ |
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.pl b/src/lib/libssl/src/crypto/objects/obj_dat.pl index 8a09a46ee6..7de2f77afd 100644 --- a/src/lib/libssl/src/crypto/objects/obj_dat.pl +++ b/src/lib/libssl/src/crypto/objects/obj_dat.pl | |||
| @@ -2,7 +2,9 @@ | |||
| 2 | 2 | ||
| 3 | # fixes bug in floating point emulation on sparc64 when | 3 | # fixes bug in floating point emulation on sparc64 when |
| 4 | # this script produces off-by-one output on sparc64 | 4 | # this script produces off-by-one output on sparc64 |
| 5 | use integer; | 5 | eval 'use integer;'; |
| 6 | |||
| 7 | print STDERR "Warning: perl module integer not found.\n" if ($@); | ||
| 6 | 8 | ||
| 7 | sub obj_cmp | 9 | sub obj_cmp |
| 8 | { | 10 | { |
diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.h b/src/lib/libssl/src/crypto/objects/obj_mac.h index 76d5ec9c0b..ad5f7cfc10 100644 --- a/src/lib/libssl/src/crypto/objects/obj_mac.h +++ b/src/lib/libssl/src/crypto/objects/obj_mac.h | |||
| @@ -315,6 +315,30 @@ | |||
| 315 | #define NID_ecdsa_with_SHA1 416 | 315 | #define NID_ecdsa_with_SHA1 416 |
| 316 | #define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L | 316 | #define OBJ_ecdsa_with_SHA1 OBJ_X9_62_id_ecSigType,1L |
| 317 | 317 | ||
| 318 | #define SN_ecdsa_with_Recommended "ecdsa-with-Recommended" | ||
| 319 | #define NID_ecdsa_with_Recommended 791 | ||
| 320 | #define OBJ_ecdsa_with_Recommended OBJ_X9_62_id_ecSigType,2L | ||
| 321 | |||
| 322 | #define SN_ecdsa_with_Specified "ecdsa-with-Specified" | ||
| 323 | #define NID_ecdsa_with_Specified 792 | ||
| 324 | #define OBJ_ecdsa_with_Specified OBJ_X9_62_id_ecSigType,3L | ||
| 325 | |||
| 326 | #define SN_ecdsa_with_SHA224 "ecdsa-with-SHA224" | ||
| 327 | #define NID_ecdsa_with_SHA224 793 | ||
| 328 | #define OBJ_ecdsa_with_SHA224 OBJ_ecdsa_with_Specified,1L | ||
| 329 | |||
| 330 | #define SN_ecdsa_with_SHA256 "ecdsa-with-SHA256" | ||
| 331 | #define NID_ecdsa_with_SHA256 794 | ||
| 332 | #define OBJ_ecdsa_with_SHA256 OBJ_ecdsa_with_Specified,2L | ||
| 333 | |||
| 334 | #define SN_ecdsa_with_SHA384 "ecdsa-with-SHA384" | ||
| 335 | #define NID_ecdsa_with_SHA384 795 | ||
| 336 | #define OBJ_ecdsa_with_SHA384 OBJ_ecdsa_with_Specified,3L | ||
| 337 | |||
| 338 | #define SN_ecdsa_with_SHA512 "ecdsa-with-SHA512" | ||
| 339 | #define NID_ecdsa_with_SHA512 796 | ||
| 340 | #define OBJ_ecdsa_with_SHA512 OBJ_ecdsa_with_Specified,4L | ||
| 341 | |||
| 318 | #define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L | 342 | #define OBJ_secg_ellipticCurve OBJ_certicom_arc,0L |
| 319 | 343 | ||
| 320 | #define SN_secp112r1 "secp112r1" | 344 | #define SN_secp112r1 "secp112r1" |
| @@ -1006,6 +1030,11 @@ | |||
| 1006 | #define NID_ms_csp_name 417 | 1030 | #define NID_ms_csp_name 417 |
| 1007 | #define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L | 1031 | #define OBJ_ms_csp_name 1L,3L,6L,1L,4L,1L,311L,17L,1L |
| 1008 | 1032 | ||
| 1033 | #define SN_LocalKeySet "LocalKeySet" | ||
| 1034 | #define LN_LocalKeySet "Microsoft Local Key set" | ||
| 1035 | #define NID_LocalKeySet 856 | ||
| 1036 | #define OBJ_LocalKeySet 1L,3L,6L,1L,4L,1L,311L,17L,2L | ||
| 1037 | |||
| 1009 | #define OBJ_certTypes OBJ_pkcs9,22L | 1038 | #define OBJ_certTypes OBJ_pkcs9,22L |
| 1010 | 1039 | ||
| 1011 | #define LN_x509Certificate "x509Certificate" | 1040 | #define LN_x509Certificate "x509Certificate" |
| @@ -1103,10 +1132,30 @@ | |||
| 1103 | #define LN_md5_sha1 "md5-sha1" | 1132 | #define LN_md5_sha1 "md5-sha1" |
| 1104 | #define NID_md5_sha1 114 | 1133 | #define NID_md5_sha1 114 |
| 1105 | 1134 | ||
| 1135 | #define LN_hmacWithMD5 "hmacWithMD5" | ||
| 1136 | #define NID_hmacWithMD5 797 | ||
| 1137 | #define OBJ_hmacWithMD5 OBJ_rsadsi,2L,6L | ||
| 1138 | |||
| 1106 | #define LN_hmacWithSHA1 "hmacWithSHA1" | 1139 | #define LN_hmacWithSHA1 "hmacWithSHA1" |
| 1107 | #define NID_hmacWithSHA1 163 | 1140 | #define NID_hmacWithSHA1 163 |
| 1108 | #define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L | 1141 | #define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L |
| 1109 | 1142 | ||
| 1143 | #define LN_hmacWithSHA224 "hmacWithSHA224" | ||
| 1144 | #define NID_hmacWithSHA224 798 | ||
| 1145 | #define OBJ_hmacWithSHA224 OBJ_rsadsi,2L,8L | ||
| 1146 | |||
| 1147 | #define LN_hmacWithSHA256 "hmacWithSHA256" | ||
| 1148 | #define NID_hmacWithSHA256 799 | ||
| 1149 | #define OBJ_hmacWithSHA256 OBJ_rsadsi,2L,9L | ||
| 1150 | |||
| 1151 | #define LN_hmacWithSHA384 "hmacWithSHA384" | ||
| 1152 | #define NID_hmacWithSHA384 800 | ||
| 1153 | #define OBJ_hmacWithSHA384 OBJ_rsadsi,2L,10L | ||
| 1154 | |||
| 1155 | #define LN_hmacWithSHA512 "hmacWithSHA512" | ||
| 1156 | #define NID_hmacWithSHA512 801 | ||
| 1157 | #define OBJ_hmacWithSHA512 OBJ_rsadsi,2L,11L | ||
| 1158 | |||
| 1110 | #define SN_rc2_cbc "RC2-CBC" | 1159 | #define SN_rc2_cbc "RC2-CBC" |
| 1111 | #define LN_rc2_cbc "rc2-cbc" | 1160 | #define LN_rc2_cbc "rc2-cbc" |
| 1112 | #define NID_rc2_cbc 37 | 1161 | #define NID_rc2_cbc 37 |
| @@ -1685,6 +1734,11 @@ | |||
| 1685 | #define NID_id_on_personalData 347 | 1734 | #define NID_id_on_personalData 347 |
| 1686 | #define OBJ_id_on_personalData OBJ_id_on,1L | 1735 | #define OBJ_id_on_personalData OBJ_id_on,1L |
| 1687 | 1736 | ||
| 1737 | #define SN_id_on_permanentIdentifier "id-on-permanentIdentifier" | ||
| 1738 | #define LN_id_on_permanentIdentifier "Permanent Identifier" | ||
| 1739 | #define NID_id_on_permanentIdentifier 858 | ||
| 1740 | #define OBJ_id_on_permanentIdentifier OBJ_id_on,3L | ||
| 1741 | |||
| 1688 | #define SN_id_pda_dateOfBirth "id-pda-dateOfBirth" | 1742 | #define SN_id_pda_dateOfBirth "id-pda-dateOfBirth" |
| 1689 | #define NID_id_pda_dateOfBirth 348 | 1743 | #define NID_id_pda_dateOfBirth 348 |
| 1690 | #define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L | 1744 | #define OBJ_id_pda_dateOfBirth OBJ_id_pda,1L |
| @@ -2186,6 +2240,11 @@ | |||
| 2186 | #define NID_ext_key_usage 126 | 2240 | #define NID_ext_key_usage 126 |
| 2187 | #define OBJ_ext_key_usage OBJ_id_ce,37L | 2241 | #define OBJ_ext_key_usage OBJ_id_ce,37L |
| 2188 | 2242 | ||
| 2243 | #define SN_freshest_crl "freshestCRL" | ||
| 2244 | #define LN_freshest_crl "X509v3 Freshest CRL" | ||
| 2245 | #define NID_freshest_crl 857 | ||
| 2246 | #define OBJ_freshest_crl OBJ_id_ce,46L | ||
| 2247 | |||
| 2189 | #define SN_inhibit_any_policy "inhibitAnyPolicy" | 2248 | #define SN_inhibit_any_policy "inhibitAnyPolicy" |
| 2190 | #define LN_inhibit_any_policy "X509v3 Inhibit Any Policy" | 2249 | #define LN_inhibit_any_policy "X509v3 Inhibit Any Policy" |
| 2191 | #define NID_inhibit_any_policy 748 | 2250 | #define NID_inhibit_any_policy 748 |
| @@ -2502,6 +2561,16 @@ | |||
| 2502 | #define NID_sha224 675 | 2561 | #define NID_sha224 675 |
| 2503 | #define OBJ_sha224 OBJ_nist_hashalgs,4L | 2562 | #define OBJ_sha224 OBJ_nist_hashalgs,4L |
| 2504 | 2563 | ||
| 2564 | #define OBJ_dsa_with_sha2 OBJ_nistAlgorithms,3L | ||
| 2565 | |||
| 2566 | #define SN_dsa_with_SHA224 "dsa_with_SHA224" | ||
| 2567 | #define NID_dsa_with_SHA224 802 | ||
| 2568 | #define OBJ_dsa_with_SHA224 OBJ_dsa_with_sha2,1L | ||
| 2569 | |||
| 2570 | #define SN_dsa_with_SHA256 "dsa_with_SHA256" | ||
| 2571 | #define NID_dsa_with_SHA256 803 | ||
| 2572 | #define OBJ_dsa_with_SHA256 OBJ_dsa_with_sha2,2L | ||
| 2573 | |||
| 2505 | #define SN_hold_instruction_code "holdInstructionCode" | 2574 | #define SN_hold_instruction_code "holdInstructionCode" |
| 2506 | #define LN_hold_instruction_code "Hold Instruction Code" | 2575 | #define LN_hold_instruction_code "Hold Instruction Code" |
| 2507 | #define NID_hold_instruction_code 430 | 2576 | #define NID_hold_instruction_code 430 |
| @@ -3367,6 +3436,226 @@ | |||
| 3367 | #define LN_ipsec4 "ipsec4" | 3436 | #define LN_ipsec4 "ipsec4" |
| 3368 | #define NID_ipsec4 750 | 3437 | #define NID_ipsec4 750 |
| 3369 | 3438 | ||
| 3439 | #define SN_whirlpool "whirlpool" | ||
| 3440 | #define NID_whirlpool 804 | ||
| 3441 | #define OBJ_whirlpool OBJ_iso,0L,10118L,3L,0L,55L | ||
| 3442 | |||
| 3443 | #define SN_cryptopro "cryptopro" | ||
| 3444 | #define NID_cryptopro 805 | ||
| 3445 | #define OBJ_cryptopro OBJ_member_body,643L,2L,2L | ||
| 3446 | |||
| 3447 | #define SN_cryptocom "cryptocom" | ||
| 3448 | #define NID_cryptocom 806 | ||
| 3449 | #define OBJ_cryptocom OBJ_member_body,643L,2L,9L | ||
| 3450 | |||
| 3451 | #define SN_id_GostR3411_94_with_GostR3410_2001 "id-GostR3411-94-with-GostR3410-2001" | ||
| 3452 | #define LN_id_GostR3411_94_with_GostR3410_2001 "GOST R 34.11-94 with GOST R 34.10-2001" | ||
| 3453 | #define NID_id_GostR3411_94_with_GostR3410_2001 807 | ||
| 3454 | #define OBJ_id_GostR3411_94_with_GostR3410_2001 OBJ_cryptopro,3L | ||
| 3455 | |||
| 3456 | #define SN_id_GostR3411_94_with_GostR3410_94 "id-GostR3411-94-with-GostR3410-94" | ||
| 3457 | #define LN_id_GostR3411_94_with_GostR3410_94 "GOST R 34.11-94 with GOST R 34.10-94" | ||
| 3458 | #define NID_id_GostR3411_94_with_GostR3410_94 808 | ||
| 3459 | #define OBJ_id_GostR3411_94_with_GostR3410_94 OBJ_cryptopro,4L | ||
| 3460 | |||
| 3461 | #define SN_id_GostR3411_94 "md_gost94" | ||
| 3462 | #define LN_id_GostR3411_94 "GOST R 34.11-94" | ||
| 3463 | #define NID_id_GostR3411_94 809 | ||
| 3464 | #define OBJ_id_GostR3411_94 OBJ_cryptopro,9L | ||
| 3465 | |||
| 3466 | #define SN_id_HMACGostR3411_94 "id-HMACGostR3411-94" | ||
| 3467 | #define LN_id_HMACGostR3411_94 "HMAC GOST 34.11-94" | ||
| 3468 | #define NID_id_HMACGostR3411_94 810 | ||
| 3469 | #define OBJ_id_HMACGostR3411_94 OBJ_cryptopro,10L | ||
| 3470 | |||
| 3471 | #define SN_id_GostR3410_2001 "gost2001" | ||
| 3472 | #define LN_id_GostR3410_2001 "GOST R 34.10-2001" | ||
| 3473 | #define NID_id_GostR3410_2001 811 | ||
| 3474 | #define OBJ_id_GostR3410_2001 OBJ_cryptopro,19L | ||
| 3475 | |||
| 3476 | #define SN_id_GostR3410_94 "gost94" | ||
| 3477 | #define LN_id_GostR3410_94 "GOST R 34.10-94" | ||
| 3478 | #define NID_id_GostR3410_94 812 | ||
| 3479 | #define OBJ_id_GostR3410_94 OBJ_cryptopro,20L | ||
| 3480 | |||
| 3481 | #define SN_id_Gost28147_89 "gost89" | ||
| 3482 | #define LN_id_Gost28147_89 "GOST 28147-89" | ||
| 3483 | #define NID_id_Gost28147_89 813 | ||
| 3484 | #define OBJ_id_Gost28147_89 OBJ_cryptopro,21L | ||
| 3485 | |||
| 3486 | #define SN_gost89_cnt "gost89-cnt" | ||
| 3487 | #define NID_gost89_cnt 814 | ||
| 3488 | |||
| 3489 | #define SN_id_Gost28147_89_MAC "gost-mac" | ||
| 3490 | #define LN_id_Gost28147_89_MAC "GOST 28147-89 MAC" | ||
| 3491 | #define NID_id_Gost28147_89_MAC 815 | ||
| 3492 | #define OBJ_id_Gost28147_89_MAC OBJ_cryptopro,22L | ||
| 3493 | |||
| 3494 | #define SN_id_GostR3411_94_prf "prf-gostr3411-94" | ||
| 3495 | #define LN_id_GostR3411_94_prf "GOST R 34.11-94 PRF" | ||
| 3496 | #define NID_id_GostR3411_94_prf 816 | ||
| 3497 | #define OBJ_id_GostR3411_94_prf OBJ_cryptopro,23L | ||
| 3498 | |||
| 3499 | #define SN_id_GostR3410_2001DH "id-GostR3410-2001DH" | ||
| 3500 | #define LN_id_GostR3410_2001DH "GOST R 34.10-2001 DH" | ||
| 3501 | #define NID_id_GostR3410_2001DH 817 | ||
| 3502 | #define OBJ_id_GostR3410_2001DH OBJ_cryptopro,98L | ||
| 3503 | |||
| 3504 | #define SN_id_GostR3410_94DH "id-GostR3410-94DH" | ||
| 3505 | #define LN_id_GostR3410_94DH "GOST R 34.10-94 DH" | ||
| 3506 | #define NID_id_GostR3410_94DH 818 | ||
| 3507 | #define OBJ_id_GostR3410_94DH OBJ_cryptopro,99L | ||
| 3508 | |||
| 3509 | #define SN_id_Gost28147_89_CryptoPro_KeyMeshing "id-Gost28147-89-CryptoPro-KeyMeshing" | ||
| 3510 | #define NID_id_Gost28147_89_CryptoPro_KeyMeshing 819 | ||
| 3511 | #define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing OBJ_cryptopro,14L,1L | ||
| 3512 | |||
| 3513 | #define SN_id_Gost28147_89_None_KeyMeshing "id-Gost28147-89-None-KeyMeshing" | ||
| 3514 | #define NID_id_Gost28147_89_None_KeyMeshing 820 | ||
| 3515 | #define OBJ_id_Gost28147_89_None_KeyMeshing OBJ_cryptopro,14L,0L | ||
| 3516 | |||
| 3517 | #define SN_id_GostR3411_94_TestParamSet "id-GostR3411-94-TestParamSet" | ||
| 3518 | #define NID_id_GostR3411_94_TestParamSet 821 | ||
| 3519 | #define OBJ_id_GostR3411_94_TestParamSet OBJ_cryptopro,30L,0L | ||
| 3520 | |||
| 3521 | #define SN_id_GostR3411_94_CryptoProParamSet "id-GostR3411-94-CryptoProParamSet" | ||
| 3522 | #define NID_id_GostR3411_94_CryptoProParamSet 822 | ||
| 3523 | #define OBJ_id_GostR3411_94_CryptoProParamSet OBJ_cryptopro,30L,1L | ||
| 3524 | |||
| 3525 | #define SN_id_Gost28147_89_TestParamSet "id-Gost28147-89-TestParamSet" | ||
| 3526 | #define NID_id_Gost28147_89_TestParamSet 823 | ||
| 3527 | #define OBJ_id_Gost28147_89_TestParamSet OBJ_cryptopro,31L,0L | ||
| 3528 | |||
| 3529 | #define SN_id_Gost28147_89_CryptoPro_A_ParamSet "id-Gost28147-89-CryptoPro-A-ParamSet" | ||
| 3530 | #define NID_id_Gost28147_89_CryptoPro_A_ParamSet 824 | ||
| 3531 | #define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet OBJ_cryptopro,31L,1L | ||
| 3532 | |||
| 3533 | #define SN_id_Gost28147_89_CryptoPro_B_ParamSet "id-Gost28147-89-CryptoPro-B-ParamSet" | ||
| 3534 | #define NID_id_Gost28147_89_CryptoPro_B_ParamSet 825 | ||
| 3535 | #define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet OBJ_cryptopro,31L,2L | ||
| 3536 | |||
| 3537 | #define SN_id_Gost28147_89_CryptoPro_C_ParamSet "id-Gost28147-89-CryptoPro-C-ParamSet" | ||
| 3538 | #define NID_id_Gost28147_89_CryptoPro_C_ParamSet 826 | ||
| 3539 | #define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet OBJ_cryptopro,31L,3L | ||
| 3540 | |||
| 3541 | #define SN_id_Gost28147_89_CryptoPro_D_ParamSet "id-Gost28147-89-CryptoPro-D-ParamSet" | ||
| 3542 | #define NID_id_Gost28147_89_CryptoPro_D_ParamSet 827 | ||
| 3543 | #define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet OBJ_cryptopro,31L,4L | ||
| 3544 | |||
| 3545 | #define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" | ||
| 3546 | #define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828 | ||
| 3547 | #define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet OBJ_cryptopro,31L,5L | ||
| 3548 | |||
| 3549 | #define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" | ||
| 3550 | #define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829 | ||
| 3551 | #define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet OBJ_cryptopro,31L,6L | ||
| 3552 | |||
| 3553 | #define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" | ||
| 3554 | #define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830 | ||
| 3555 | #define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet OBJ_cryptopro,31L,7L | ||
| 3556 | |||
| 3557 | #define SN_id_GostR3410_94_TestParamSet "id-GostR3410-94-TestParamSet" | ||
| 3558 | #define NID_id_GostR3410_94_TestParamSet 831 | ||
| 3559 | #define OBJ_id_GostR3410_94_TestParamSet OBJ_cryptopro,32L,0L | ||
| 3560 | |||
| 3561 | #define SN_id_GostR3410_94_CryptoPro_A_ParamSet "id-GostR3410-94-CryptoPro-A-ParamSet" | ||
| 3562 | #define NID_id_GostR3410_94_CryptoPro_A_ParamSet 832 | ||
| 3563 | #define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet OBJ_cryptopro,32L,2L | ||
| 3564 | |||
| 3565 | #define SN_id_GostR3410_94_CryptoPro_B_ParamSet "id-GostR3410-94-CryptoPro-B-ParamSet" | ||
| 3566 | #define NID_id_GostR3410_94_CryptoPro_B_ParamSet 833 | ||
| 3567 | #define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet OBJ_cryptopro,32L,3L | ||
| 3568 | |||
| 3569 | #define SN_id_GostR3410_94_CryptoPro_C_ParamSet "id-GostR3410-94-CryptoPro-C-ParamSet" | ||
| 3570 | #define NID_id_GostR3410_94_CryptoPro_C_ParamSet 834 | ||
| 3571 | #define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet OBJ_cryptopro,32L,4L | ||
| 3572 | |||
| 3573 | #define SN_id_GostR3410_94_CryptoPro_D_ParamSet "id-GostR3410-94-CryptoPro-D-ParamSet" | ||
| 3574 | #define NID_id_GostR3410_94_CryptoPro_D_ParamSet 835 | ||
| 3575 | #define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet OBJ_cryptopro,32L,5L | ||
| 3576 | |||
| 3577 | #define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet "id-GostR3410-94-CryptoPro-XchA-ParamSet" | ||
| 3578 | #define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet 836 | ||
| 3579 | #define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet OBJ_cryptopro,33L,1L | ||
| 3580 | |||
| 3581 | #define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet "id-GostR3410-94-CryptoPro-XchB-ParamSet" | ||
| 3582 | #define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet 837 | ||
| 3583 | #define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet OBJ_cryptopro,33L,2L | ||
| 3584 | |||
| 3585 | #define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet "id-GostR3410-94-CryptoPro-XchC-ParamSet" | ||
| 3586 | #define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet 838 | ||
| 3587 | #define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet OBJ_cryptopro,33L,3L | ||
| 3588 | |||
| 3589 | #define SN_id_GostR3410_2001_TestParamSet "id-GostR3410-2001-TestParamSet" | ||
| 3590 | #define NID_id_GostR3410_2001_TestParamSet 839 | ||
| 3591 | #define OBJ_id_GostR3410_2001_TestParamSet OBJ_cryptopro,35L,0L | ||
| 3592 | |||
| 3593 | #define SN_id_GostR3410_2001_CryptoPro_A_ParamSet "id-GostR3410-2001-CryptoPro-A-ParamSet" | ||
| 3594 | #define NID_id_GostR3410_2001_CryptoPro_A_ParamSet 840 | ||
| 3595 | #define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet OBJ_cryptopro,35L,1L | ||
| 3596 | |||
| 3597 | #define SN_id_GostR3410_2001_CryptoPro_B_ParamSet "id-GostR3410-2001-CryptoPro-B-ParamSet" | ||
| 3598 | #define NID_id_GostR3410_2001_CryptoPro_B_ParamSet 841 | ||
| 3599 | #define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet OBJ_cryptopro,35L,2L | ||
| 3600 | |||
| 3601 | #define SN_id_GostR3410_2001_CryptoPro_C_ParamSet "id-GostR3410-2001-CryptoPro-C-ParamSet" | ||
| 3602 | #define NID_id_GostR3410_2001_CryptoPro_C_ParamSet 842 | ||
| 3603 | #define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet OBJ_cryptopro,35L,3L | ||
| 3604 | |||
| 3605 | #define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet "id-GostR3410-2001-CryptoPro-XchA-ParamSet" | ||
| 3606 | #define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet 843 | ||
| 3607 | #define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet OBJ_cryptopro,36L,0L | ||
| 3608 | |||
| 3609 | #define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet "id-GostR3410-2001-CryptoPro-XchB-ParamSet" | ||
| 3610 | #define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet 844 | ||
| 3611 | #define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet OBJ_cryptopro,36L,1L | ||
| 3612 | |||
| 3613 | #define SN_id_GostR3410_94_a "id-GostR3410-94-a" | ||
| 3614 | #define NID_id_GostR3410_94_a 845 | ||
| 3615 | #define OBJ_id_GostR3410_94_a OBJ_id_GostR3410_94,1L | ||
| 3616 | |||
| 3617 | #define SN_id_GostR3410_94_aBis "id-GostR3410-94-aBis" | ||
| 3618 | #define NID_id_GostR3410_94_aBis 846 | ||
| 3619 | #define OBJ_id_GostR3410_94_aBis OBJ_id_GostR3410_94,2L | ||
| 3620 | |||
| 3621 | #define SN_id_GostR3410_94_b "id-GostR3410-94-b" | ||
| 3622 | #define NID_id_GostR3410_94_b 847 | ||
| 3623 | #define OBJ_id_GostR3410_94_b OBJ_id_GostR3410_94,3L | ||
| 3624 | |||
| 3625 | #define SN_id_GostR3410_94_bBis "id-GostR3410-94-bBis" | ||
| 3626 | #define NID_id_GostR3410_94_bBis 848 | ||
| 3627 | #define OBJ_id_GostR3410_94_bBis OBJ_id_GostR3410_94,4L | ||
| 3628 | |||
| 3629 | #define SN_id_Gost28147_89_cc "id-Gost28147-89-cc" | ||
| 3630 | #define LN_id_Gost28147_89_cc "GOST 28147-89 Cryptocom ParamSet" | ||
| 3631 | #define NID_id_Gost28147_89_cc 849 | ||
| 3632 | #define OBJ_id_Gost28147_89_cc OBJ_cryptocom,1L,6L,1L | ||
| 3633 | |||
| 3634 | #define SN_id_GostR3410_94_cc "gost94cc" | ||
| 3635 | #define LN_id_GostR3410_94_cc "GOST 34.10-94 Cryptocom" | ||
| 3636 | #define NID_id_GostR3410_94_cc 850 | ||
| 3637 | #define OBJ_id_GostR3410_94_cc OBJ_cryptocom,1L,5L,3L | ||
| 3638 | |||
| 3639 | #define SN_id_GostR3410_2001_cc "gost2001cc" | ||
| 3640 | #define LN_id_GostR3410_2001_cc "GOST 34.10-2001 Cryptocom" | ||
| 3641 | #define NID_id_GostR3410_2001_cc 851 | ||
| 3642 | #define OBJ_id_GostR3410_2001_cc OBJ_cryptocom,1L,5L,4L | ||
| 3643 | |||
| 3644 | #define SN_id_GostR3411_94_with_GostR3410_94_cc "id-GostR3411-94-with-GostR3410-94-cc" | ||
| 3645 | #define LN_id_GostR3411_94_with_GostR3410_94_cc "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" | ||
| 3646 | #define NID_id_GostR3411_94_with_GostR3410_94_cc 852 | ||
| 3647 | #define OBJ_id_GostR3411_94_with_GostR3410_94_cc OBJ_cryptocom,1L,3L,3L | ||
| 3648 | |||
| 3649 | #define SN_id_GostR3411_94_with_GostR3410_2001_cc "id-GostR3411-94-with-GostR3410-2001-cc" | ||
| 3650 | #define LN_id_GostR3411_94_with_GostR3410_2001_cc "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom" | ||
| 3651 | #define NID_id_GostR3411_94_with_GostR3410_2001_cc 853 | ||
| 3652 | #define OBJ_id_GostR3411_94_with_GostR3410_2001_cc OBJ_cryptocom,1L,3L,4L | ||
| 3653 | |||
| 3654 | #define SN_id_GostR3410_2001_ParamSet_cc "id-GostR3410-2001-ParamSet-cc" | ||
| 3655 | #define LN_id_GostR3410_2001_ParamSet_cc "GOST R 3410-2001 Parameter Set Cryptocom" | ||
| 3656 | #define NID_id_GostR3410_2001_ParamSet_cc 854 | ||
| 3657 | #define OBJ_id_GostR3410_2001_ParamSet_cc OBJ_cryptocom,1L,8L,1L | ||
| 3658 | |||
| 3370 | #define SN_camellia_128_cbc "CAMELLIA-128-CBC" | 3659 | #define SN_camellia_128_cbc "CAMELLIA-128-CBC" |
| 3371 | #define LN_camellia_128_cbc "camellia-128-cbc" | 3660 | #define LN_camellia_128_cbc "camellia-128-cbc" |
| 3372 | #define NID_camellia_128_cbc 751 | 3661 | #define NID_camellia_128_cbc 751 |
| @@ -3480,3 +3769,7 @@ | |||
| 3480 | #define NID_seed_ofb128 778 | 3769 | #define NID_seed_ofb128 778 |
| 3481 | #define OBJ_seed_ofb128 OBJ_kisa,1L,6L | 3770 | #define OBJ_seed_ofb128 OBJ_kisa,1L,6L |
| 3482 | 3771 | ||
| 3772 | #define SN_hmac "HMAC" | ||
| 3773 | #define LN_hmac "hmac" | ||
| 3774 | #define NID_hmac 855 | ||
| 3775 | |||
diff --git a/src/lib/libssl/src/crypto/objects/obj_mac.num b/src/lib/libssl/src/crypto/objects/obj_mac.num index 47815b1e4e..e3f56bc52c 100644 --- a/src/lib/libssl/src/crypto/objects/obj_mac.num +++ b/src/lib/libssl/src/crypto/objects/obj_mac.num | |||
| @@ -788,3 +788,71 @@ id_ct_asciiTextWithCRLF 787 | |||
| 788 | id_aes128_wrap 788 | 788 | id_aes128_wrap 788 |
| 789 | id_aes192_wrap 789 | 789 | id_aes192_wrap 789 |
| 790 | id_aes256_wrap 790 | 790 | id_aes256_wrap 790 |
| 791 | ecdsa_with_Recommended 791 | ||
| 792 | ecdsa_with_Specified 792 | ||
| 793 | ecdsa_with_SHA224 793 | ||
| 794 | ecdsa_with_SHA256 794 | ||
| 795 | ecdsa_with_SHA384 795 | ||
| 796 | ecdsa_with_SHA512 796 | ||
| 797 | hmacWithMD5 797 | ||
| 798 | hmacWithSHA224 798 | ||
| 799 | hmacWithSHA256 799 | ||
| 800 | hmacWithSHA384 800 | ||
| 801 | hmacWithSHA512 801 | ||
| 802 | dsa_with_SHA224 802 | ||
| 803 | dsa_with_SHA256 803 | ||
| 804 | whirlpool 804 | ||
| 805 | cryptopro 805 | ||
| 806 | cryptocom 806 | ||
| 807 | id_GostR3411_94_with_GostR3410_2001 807 | ||
| 808 | id_GostR3411_94_with_GostR3410_94 808 | ||
| 809 | id_GostR3411_94 809 | ||
| 810 | id_HMACGostR3411_94 810 | ||
| 811 | id_GostR3410_2001 811 | ||
| 812 | id_GostR3410_94 812 | ||
| 813 | id_Gost28147_89 813 | ||
| 814 | gost89_cnt 814 | ||
| 815 | id_Gost28147_89_MAC 815 | ||
| 816 | id_GostR3411_94_prf 816 | ||
| 817 | id_GostR3410_2001DH 817 | ||
| 818 | id_GostR3410_94DH 818 | ||
| 819 | id_Gost28147_89_CryptoPro_KeyMeshing 819 | ||
| 820 | id_Gost28147_89_None_KeyMeshing 820 | ||
| 821 | id_GostR3411_94_TestParamSet 821 | ||
| 822 | id_GostR3411_94_CryptoProParamSet 822 | ||
| 823 | id_Gost28147_89_TestParamSet 823 | ||
| 824 | id_Gost28147_89_CryptoPro_A_ParamSet 824 | ||
| 825 | id_Gost28147_89_CryptoPro_B_ParamSet 825 | ||
| 826 | id_Gost28147_89_CryptoPro_C_ParamSet 826 | ||
| 827 | id_Gost28147_89_CryptoPro_D_ParamSet 827 | ||
| 828 | id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 828 | ||
| 829 | id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 829 | ||
| 830 | id_Gost28147_89_CryptoPro_RIC_1_ParamSet 830 | ||
| 831 | id_GostR3410_94_TestParamSet 831 | ||
| 832 | id_GostR3410_94_CryptoPro_A_ParamSet 832 | ||
| 833 | id_GostR3410_94_CryptoPro_B_ParamSet 833 | ||
| 834 | id_GostR3410_94_CryptoPro_C_ParamSet 834 | ||
| 835 | id_GostR3410_94_CryptoPro_D_ParamSet 835 | ||
| 836 | id_GostR3410_94_CryptoPro_XchA_ParamSet 836 | ||
| 837 | id_GostR3410_94_CryptoPro_XchB_ParamSet 837 | ||
| 838 | id_GostR3410_94_CryptoPro_XchC_ParamSet 838 | ||
| 839 | id_GostR3410_2001_TestParamSet 839 | ||
| 840 | id_GostR3410_2001_CryptoPro_A_ParamSet 840 | ||
| 841 | id_GostR3410_2001_CryptoPro_B_ParamSet 841 | ||
| 842 | id_GostR3410_2001_CryptoPro_C_ParamSet 842 | ||
| 843 | id_GostR3410_2001_CryptoPro_XchA_ParamSet 843 | ||
| 844 | id_GostR3410_2001_CryptoPro_XchB_ParamSet 844 | ||
| 845 | id_GostR3410_94_a 845 | ||
| 846 | id_GostR3410_94_aBis 846 | ||
| 847 | id_GostR3410_94_b 847 | ||
| 848 | id_GostR3410_94_bBis 848 | ||
| 849 | id_Gost28147_89_cc 849 | ||
| 850 | id_GostR3410_94_cc 850 | ||
| 851 | id_GostR3410_2001_cc 851 | ||
| 852 | id_GostR3411_94_with_GostR3410_94_cc 852 | ||
| 853 | id_GostR3411_94_with_GostR3410_2001_cc 853 | ||
| 854 | id_GostR3410_2001_ParamSet_cc 854 | ||
| 855 | hmac 855 | ||
| 856 | LocalKeySet 856 | ||
| 857 | freshest_crl 857 | ||
| 858 | id_on_permanentIdentifier 858 | ||
diff --git a/src/lib/libssl/src/crypto/objects/objects.txt b/src/lib/libssl/src/crypto/objects/objects.txt index 34c8d1d647..a6a811b8e7 100644 --- a/src/lib/libssl/src/crypto/objects/objects.txt +++ b/src/lib/libssl/src/crypto/objects/objects.txt | |||
| @@ -79,6 +79,12 @@ X9-62_primeCurve 7 : prime256v1 | |||
| 79 | !Alias id-ecSigType ansi-X9-62 4 | 79 | !Alias id-ecSigType ansi-X9-62 4 |
| 80 | !global | 80 | !global |
| 81 | X9-62_id-ecSigType 1 : ecdsa-with-SHA1 | 81 | X9-62_id-ecSigType 1 : ecdsa-with-SHA1 |
| 82 | X9-62_id-ecSigType 2 : ecdsa-with-Recommended | ||
| 83 | X9-62_id-ecSigType 3 : ecdsa-with-Specified | ||
| 84 | ecdsa-with-Specified 1 : ecdsa-with-SHA224 | ||
| 85 | ecdsa-with-Specified 2 : ecdsa-with-SHA256 | ||
| 86 | ecdsa-with-Specified 3 : ecdsa-with-SHA384 | ||
| 87 | ecdsa-with-Specified 4 : ecdsa-with-SHA512 | ||
| 82 | 88 | ||
| 83 | # SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters" | 89 | # SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters" |
| 84 | # (http://www.secg.org/) | 90 | # (http://www.secg.org/) |
| @@ -313,6 +319,7 @@ pkcs9 20 : : friendlyName | |||
| 313 | pkcs9 21 : : localKeyID | 319 | pkcs9 21 : : localKeyID |
| 314 | !Cname ms-csp-name | 320 | !Cname ms-csp-name |
| 315 | 1 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name | 321 | 1 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name |
| 322 | 1 3 6 1 4 1 311 17 2 : LocalKeySet : Microsoft Local Key set | ||
| 316 | !Alias certTypes pkcs9 22 | 323 | !Alias certTypes pkcs9 22 |
| 317 | certTypes 1 : : x509Certificate | 324 | certTypes 1 : : x509Certificate |
| 318 | certTypes 2 : : sdsiCertificate | 325 | certTypes 2 : : sdsiCertificate |
| @@ -348,7 +355,15 @@ rsadsi 2 2 : MD2 : md2 | |||
| 348 | rsadsi 2 4 : MD4 : md4 | 355 | rsadsi 2 4 : MD4 : md4 |
| 349 | rsadsi 2 5 : MD5 : md5 | 356 | rsadsi 2 5 : MD5 : md5 |
| 350 | : MD5-SHA1 : md5-sha1 | 357 | : MD5-SHA1 : md5-sha1 |
| 358 | rsadsi 2 6 : : hmacWithMD5 | ||
| 351 | rsadsi 2 7 : : hmacWithSHA1 | 359 | rsadsi 2 7 : : hmacWithSHA1 |
| 360 | |||
| 361 | # From RFC4231 | ||
| 362 | rsadsi 2 8 : : hmacWithSHA224 | ||
| 363 | rsadsi 2 9 : : hmacWithSHA256 | ||
| 364 | rsadsi 2 10 : : hmacWithSHA384 | ||
| 365 | rsadsi 2 11 : : hmacWithSHA512 | ||
| 366 | |||
| 352 | rsadsi 3 2 : RC2-CBC : rc2-cbc | 367 | rsadsi 3 2 : RC2-CBC : rc2-cbc |
| 353 | : RC2-ECB : rc2-ecb | 368 | : RC2-ECB : rc2-ecb |
| 354 | !Cname rc2-cfb64 | 369 | !Cname rc2-cfb64 |
| @@ -542,6 +557,7 @@ id-cmc 24 : id-cmc-confirmCertAcceptance | |||
| 542 | 557 | ||
| 543 | # other names | 558 | # other names |
| 544 | id-on 1 : id-on-personalData | 559 | id-on 1 : id-on-personalData |
| 560 | id-on 3 : id-on-permanentIdentifier : Permanent Identifier | ||
| 545 | 561 | ||
| 546 | # personal data attributes | 562 | # personal data attributes |
| 547 | id-pda 1 : id-pda-dateOfBirth | 563 | id-pda 1 : id-pda-dateOfBirth |
| @@ -711,6 +727,8 @@ id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier | |||
| 711 | id-ce 36 : policyConstraints : X509v3 Policy Constraints | 727 | id-ce 36 : policyConstraints : X509v3 Policy Constraints |
| 712 | !Cname ext-key-usage | 728 | !Cname ext-key-usage |
| 713 | id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage | 729 | id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage |
| 730 | !Cname freshest-crl | ||
| 731 | id-ce 46 : freshestCRL : X509v3 Freshest CRL | ||
| 714 | !Cname inhibit-any-policy | 732 | !Cname inhibit-any-policy |
| 715 | id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy | 733 | id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy |
| 716 | !Cname target-information | 734 | !Cname target-information |
| @@ -833,6 +851,11 @@ nist_hashalgs 2 : SHA384 : sha384 | |||
| 833 | nist_hashalgs 3 : SHA512 : sha512 | 851 | nist_hashalgs 3 : SHA512 : sha512 |
| 834 | nist_hashalgs 4 : SHA224 : sha224 | 852 | nist_hashalgs 4 : SHA224 : sha224 |
| 835 | 853 | ||
| 854 | # OIDs for dsa-with-sha224 and dsa-with-sha256 | ||
| 855 | !Alias dsa_with_sha2 nistAlgorithms 3 | ||
| 856 | dsa_with_sha2 1 : dsa_with_SHA224 | ||
| 857 | dsa_with_sha2 2 : dsa_with_SHA256 | ||
| 858 | |||
| 836 | # Hold instruction CRL entry extension | 859 | # Hold instruction CRL entry extension |
| 837 | !Cname hold-instruction-code | 860 | !Cname hold-instruction-code |
| 838 | id-ce 23 : holdInstructionCode : Hold Instruction Code | 861 | id-ce 23 : holdInstructionCode : Hold Instruction Code |
| @@ -1070,13 +1093,93 @@ rsadsi 1 1 6 : rsaOAEPEncryptionSET | |||
| 1070 | : Oakley-EC2N-3 : ipsec3 | 1093 | : Oakley-EC2N-3 : ipsec3 |
| 1071 | : Oakley-EC2N-4 : ipsec4 | 1094 | : Oakley-EC2N-4 : ipsec4 |
| 1072 | 1095 | ||
| 1096 | iso 0 10118 3 0 55 : whirlpool | ||
| 1097 | |||
| 1098 | # GOST OIDs | ||
| 1099 | |||
| 1100 | member-body 643 2 2 : cryptopro | ||
| 1101 | member-body 643 2 9 : cryptocom | ||
| 1102 | |||
| 1103 | cryptopro 3 : id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001 | ||
| 1104 | cryptopro 4 : id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94 | ||
| 1105 | !Cname id-GostR3411-94 | ||
| 1106 | cryptopro 9 : md_gost94 : GOST R 34.11-94 | ||
| 1107 | cryptopro 10 : id-HMACGostR3411-94 : HMAC GOST 34.11-94 | ||
| 1108 | !Cname id-GostR3410-2001 | ||
| 1109 | cryptopro 19 : gost2001 : GOST R 34.10-2001 | ||
| 1110 | !Cname id-GostR3410-94 | ||
| 1111 | cryptopro 20 : gost94 : GOST R 34.10-94 | ||
| 1112 | !Cname id-Gost28147-89 | ||
| 1113 | cryptopro 21 : gost89 : GOST 28147-89 | ||
| 1114 | : gost89-cnt | ||
| 1115 | !Cname id-Gost28147-89-MAC | ||
| 1116 | cryptopro 22 : gost-mac : GOST 28147-89 MAC | ||
| 1117 | !Cname id-GostR3411-94-prf | ||
| 1118 | cryptopro 23 : prf-gostr3411-94 : GOST R 34.11-94 PRF | ||
| 1119 | cryptopro 98 : id-GostR3410-2001DH : GOST R 34.10-2001 DH | ||
| 1120 | cryptopro 99 : id-GostR3410-94DH : GOST R 34.10-94 DH | ||
| 1121 | |||
| 1122 | cryptopro 14 1 : id-Gost28147-89-CryptoPro-KeyMeshing | ||
| 1123 | cryptopro 14 0 : id-Gost28147-89-None-KeyMeshing | ||
| 1124 | |||
| 1125 | # GOST parameter set OIDs | ||
| 1126 | |||
| 1127 | cryptopro 30 0 : id-GostR3411-94-TestParamSet | ||
| 1128 | cryptopro 30 1 : id-GostR3411-94-CryptoProParamSet | ||
| 1129 | |||
| 1130 | cryptopro 31 0 : id-Gost28147-89-TestParamSet | ||
| 1131 | cryptopro 31 1 : id-Gost28147-89-CryptoPro-A-ParamSet | ||
| 1132 | cryptopro 31 2 : id-Gost28147-89-CryptoPro-B-ParamSet | ||
| 1133 | cryptopro 31 3 : id-Gost28147-89-CryptoPro-C-ParamSet | ||
| 1134 | cryptopro 31 4 : id-Gost28147-89-CryptoPro-D-ParamSet | ||
| 1135 | cryptopro 31 5 : id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet | ||
| 1136 | cryptopro 31 6 : id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet | ||
| 1137 | cryptopro 31 7 : id-Gost28147-89-CryptoPro-RIC-1-ParamSet | ||
| 1138 | |||
| 1139 | cryptopro 32 0 : id-GostR3410-94-TestParamSet | ||
| 1140 | cryptopro 32 2 : id-GostR3410-94-CryptoPro-A-ParamSet | ||
| 1141 | cryptopro 32 3 : id-GostR3410-94-CryptoPro-B-ParamSet | ||
| 1142 | cryptopro 32 4 : id-GostR3410-94-CryptoPro-C-ParamSet | ||
| 1143 | cryptopro 32 5 : id-GostR3410-94-CryptoPro-D-ParamSet | ||
| 1144 | |||
| 1145 | cryptopro 33 1 : id-GostR3410-94-CryptoPro-XchA-ParamSet | ||
| 1146 | cryptopro 33 2 : id-GostR3410-94-CryptoPro-XchB-ParamSet | ||
| 1147 | cryptopro 33 3 : id-GostR3410-94-CryptoPro-XchC-ParamSet | ||
| 1148 | |||
| 1149 | cryptopro 35 0 : id-GostR3410-2001-TestParamSet | ||
| 1150 | cryptopro 35 1 : id-GostR3410-2001-CryptoPro-A-ParamSet | ||
| 1151 | cryptopro 35 2 : id-GostR3410-2001-CryptoPro-B-ParamSet | ||
| 1152 | cryptopro 35 3 : id-GostR3410-2001-CryptoPro-C-ParamSet | ||
| 1153 | |||
| 1154 | cryptopro 36 0 : id-GostR3410-2001-CryptoPro-XchA-ParamSet | ||
| 1155 | cryptopro 36 1 : id-GostR3410-2001-CryptoPro-XchB-ParamSet | ||
| 1156 | |||
| 1157 | id-GostR3410-94 1 : id-GostR3410-94-a | ||
| 1158 | id-GostR3410-94 2 : id-GostR3410-94-aBis | ||
| 1159 | id-GostR3410-94 3 : id-GostR3410-94-b | ||
| 1160 | id-GostR3410-94 4 : id-GostR3410-94-bBis | ||
| 1161 | |||
| 1162 | # Cryptocom LTD GOST OIDs | ||
| 1163 | |||
| 1164 | cryptocom 1 6 1 : id-Gost28147-89-cc : GOST 28147-89 Cryptocom ParamSet | ||
| 1165 | !Cname id-GostR3410-94-cc | ||
| 1166 | cryptocom 1 5 3 : gost94cc : GOST 34.10-94 Cryptocom | ||
| 1167 | !Cname id-GostR3410-2001-cc | ||
| 1168 | cryptocom 1 5 4 : gost2001cc : GOST 34.10-2001 Cryptocom | ||
| 1169 | |||
| 1170 | cryptocom 1 3 3 : id-GostR3411-94-with-GostR3410-94-cc : GOST R 34.11-94 with GOST R 34.10-94 Cryptocom | ||
| 1171 | cryptocom 1 3 4 : id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom | ||
| 1172 | |||
| 1173 | cryptocom 1 8 1 : id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom | ||
| 1073 | 1174 | ||
| 1074 | # Definitions for Camellia cipher - CBC MODE | 1175 | # Definitions for Camellia cipher - CBC MODE |
| 1176 | |||
| 1075 | 1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc | 1177 | 1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc |
| 1076 | 1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc | 1178 | 1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc |
| 1077 | 1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc | 1179 | 1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc |
| 1078 | 1180 | ||
| 1079 | # Definitions for Camellia cipher - ECB, CFB, OFB MODE | 1181 | # Definitions for Camellia cipher - ECB, CFB, OFB MODE |
| 1182 | |||
| 1080 | !Alias ntt-ds 0 3 4401 5 | 1183 | !Alias ntt-ds 0 3 4401 5 |
| 1081 | !Alias camellia ntt-ds 3 1 9 | 1184 | !Alias camellia ntt-ds 3 1 9 |
| 1082 | 1185 | ||
| @@ -1107,7 +1210,6 @@ camellia 44 : CAMELLIA-256-CFB : camellia-256-cfb | |||
| 1107 | : CAMELLIA-192-CFB8 : camellia-192-cfb8 | 1210 | : CAMELLIA-192-CFB8 : camellia-192-cfb8 |
| 1108 | : CAMELLIA-256-CFB8 : camellia-256-cfb8 | 1211 | : CAMELLIA-256-CFB8 : camellia-256-cfb8 |
| 1109 | 1212 | ||
| 1110 | |||
| 1111 | # Definitions for SEED cipher - ECB, CBC, OFB mode | 1213 | # Definitions for SEED cipher - ECB, CBC, OFB mode |
| 1112 | 1214 | ||
| 1113 | member-body 410 200004 : KISA : kisa | 1215 | member-body 410 200004 : KISA : kisa |
| @@ -1117,3 +1219,7 @@ kisa 1 4 : SEED-CBC : seed-cbc | |||
| 1117 | kisa 1 5 : SEED-CFB : seed-cfb | 1219 | kisa 1 5 : SEED-CFB : seed-cfb |
| 1118 | !Cname seed-ofb128 | 1220 | !Cname seed-ofb128 |
| 1119 | kisa 1 6 : SEED-OFB : seed-ofb | 1221 | kisa 1 6 : SEED-OFB : seed-ofb |
| 1222 | |||
| 1223 | # There is no OID that just denotes "HMAC" oddly enough... | ||
| 1224 | |||
| 1225 | : HMAC : hmac | ||
diff --git a/src/lib/libssl/src/crypto/ocsp/Makefile b/src/lib/libssl/src/crypto/ocsp/Makefile index 0fe028960e..30a00b3372 100644 --- a/src/lib/libssl/src/crypto/ocsp/Makefile +++ b/src/lib/libssl/src/crypto/ocsp/Makefile | |||
| @@ -36,7 +36,7 @@ top: | |||
| 36 | all: lib | 36 | all: lib |
| 37 | 37 | ||
| 38 | lib: $(LIBOBJ) | 38 | lib: $(LIBOBJ) |
| 39 | $(AR) $(LIB) $(LIBOBJ) | 39 | $(ARX) $(LIB) $(LIBOBJ) |
| 40 | $(RANLIB) $(LIB) || echo Never mind. | 40 | $(RANLIB) $(LIB) || echo Never mind. |
| 41 | @touch lib | 41 | @touch lib |
| 42 | 42 | ||
| @@ -82,9 +82,10 @@ ocsp_asn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 82 | ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 82 | ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 83 | ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 83 | ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 84 | ocsp_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 84 | ocsp_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 85 | ocsp_asn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 85 | ocsp_asn.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 86 | ocsp_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 86 | ocsp_asn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 87 | ocsp_asn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h | 87 | ocsp_asn.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h |
| 88 | ocsp_asn.o: ../../include/openssl/opensslconf.h | ||
| 88 | ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 89 | ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 89 | ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 90 | ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 90 | ocsp_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 91 | ocsp_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -97,24 +98,25 @@ ocsp_cl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 97 | ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 98 | ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 98 | ocsp_cl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 99 | ocsp_cl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 99 | ocsp_cl.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 100 | ocsp_cl.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 100 | ocsp_cl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 101 | ocsp_cl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 101 | ocsp_cl.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h | 102 | ocsp_cl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 102 | ocsp_cl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 103 | ocsp_cl.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h |
| 103 | ocsp_cl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h | 104 | ocsp_cl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 104 | ocsp_cl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h | 105 | ocsp_cl.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 105 | ocsp_cl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 106 | ocsp_cl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| 106 | ocsp_cl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 107 | ocsp_cl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 107 | ocsp_cl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 108 | ocsp_cl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 108 | ocsp_cl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 109 | ocsp_cl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 109 | ocsp_cl.o: ../cryptlib.h ocsp_cl.c | 110 | ocsp_cl.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_cl.c |
| 110 | ocsp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 111 | ocsp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 111 | ocsp_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 112 | ocsp_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 112 | ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 113 | ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 113 | ocsp_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 114 | ocsp_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 114 | ocsp_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 115 | ocsp_err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 115 | ocsp_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 116 | ocsp_err.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 116 | ocsp_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 117 | ocsp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 117 | ocsp_err.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h | 118 | ocsp_err.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h |
| 119 | ocsp_err.o: ../../include/openssl/opensslconf.h | ||
| 118 | ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 120 | ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 119 | ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 121 | ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 120 | ocsp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 122 | ocsp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -127,21 +129,22 @@ ocsp_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 127 | ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 129 | ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 128 | ocsp_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 130 | ocsp_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 129 | ocsp_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 131 | ocsp_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 130 | ocsp_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 132 | ocsp_ext.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 131 | ocsp_ext.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h | 133 | ocsp_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 132 | ocsp_ext.o: ../../include/openssl/opensslconf.h | 134 | ocsp_ext.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h |
| 133 | ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 135 | ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 134 | ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 136 | ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| 135 | ocsp_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 137 | ocsp_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 136 | ocsp_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 138 | ocsp_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 137 | ocsp_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 139 | ocsp_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 138 | ocsp_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_ext.c | 140 | ocsp_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_ext.c |
| 139 | ocsp_ht.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 141 | ocsp_ht.o: ../../e_os.h ../../include/openssl/asn1.h |
| 140 | ocsp_ht.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 142 | ocsp_ht.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 141 | ocsp_ht.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 143 | ocsp_ht.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 142 | ocsp_ht.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 144 | ocsp_ht.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 143 | ocsp_ht.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 145 | ocsp_ht.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 144 | ocsp_ht.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 146 | ocsp_ht.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 147 | ocsp_ht.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 145 | ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 148 | ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 146 | ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h | 149 | ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h |
| 147 | ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 150 | ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| @@ -156,9 +159,9 @@ ocsp_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 156 | ocsp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 159 | ocsp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 157 | ocsp_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 160 | ocsp_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 158 | ocsp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 161 | ocsp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 159 | ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 162 | ocsp_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 160 | ocsp_lib.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h | 163 | ocsp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 161 | ocsp_lib.o: ../../include/openssl/opensslconf.h | 164 | ocsp_lib.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h |
| 162 | ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 165 | ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 163 | ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 166 | ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 164 | ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 167 | ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| @@ -171,9 +174,10 @@ ocsp_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | |||
| 171 | ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 174 | ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 172 | ocsp_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 175 | ocsp_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 173 | ocsp_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 176 | ocsp_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 174 | ocsp_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 177 | ocsp_prn.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 175 | ocsp_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 178 | ocsp_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 176 | ocsp_prn.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h | 179 | ocsp_prn.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h |
| 180 | ocsp_prn.o: ../../include/openssl/opensslconf.h | ||
| 177 | ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 181 | ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 178 | ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 182 | ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 179 | ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 183 | ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| @@ -187,9 +191,9 @@ ocsp_srv.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 187 | ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 191 | ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 188 | ocsp_srv.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 192 | ocsp_srv.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 189 | ocsp_srv.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 193 | ocsp_srv.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 190 | ocsp_srv.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 194 | ocsp_srv.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 191 | ocsp_srv.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h | 195 | ocsp_srv.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 192 | ocsp_srv.o: ../../include/openssl/opensslconf.h | 196 | ocsp_srv.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h |
| 193 | ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 197 | ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 194 | ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 198 | ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 195 | ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 199 | ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| @@ -202,9 +206,10 @@ ocsp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | |||
| 202 | ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 206 | ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 203 | ocsp_vfy.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 207 | ocsp_vfy.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 204 | ocsp_vfy.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 208 | ocsp_vfy.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 205 | ocsp_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 209 | ocsp_vfy.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 206 | ocsp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 210 | ocsp_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 207 | ocsp_vfy.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h | 211 | ocsp_vfy.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h |
| 212 | ocsp_vfy.o: ../../include/openssl/opensslconf.h | ||
| 208 | ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 213 | ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 209 | ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 214 | ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 210 | ocsp_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 215 | ocsp_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c b/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c index 39b7a1c568..bfe892ac70 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_asn.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* ocsp_asn.c */ | 1 | /* ocsp_asn.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c b/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c index a8e569b74a..6abb30b2c0 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_ht.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* ocsp_ht.c */ | 1 | /* ocsp_ht.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -56,11 +56,12 @@ | |||
| 56 | * | 56 | * |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/asn1.h> | ||
| 60 | #include <stdio.h> | 59 | #include <stdio.h> |
| 61 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 62 | #include <ctype.h> | 61 | #include <ctype.h> |
| 63 | #include <string.h> | 62 | #include <string.h> |
| 63 | #include "e_os.h" | ||
| 64 | #include <openssl/asn1.h> | ||
| 64 | #include <openssl/ocsp.h> | 65 | #include <openssl/ocsp.h> |
| 65 | #include <openssl/err.h> | 66 | #include <openssl/err.h> |
| 66 | #include <openssl/buffer.h> | 67 | #include <openssl/buffer.h> |
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_srv.c b/src/lib/libssl/src/crypto/ocsp/ocsp_srv.c index fffa134e75..1c606dd0b6 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_srv.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_srv.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* ocsp_srv.c */ | 1 | /* ocsp_srv.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c b/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c index 23ea41c847..4a0c3870d8 100644 --- a/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c +++ b/src/lib/libssl/src/crypto/ocsp/ocsp_vfy.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* ocsp_vfy.c */ | 1 | /* ocsp_vfy.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/opensslconf.h b/src/lib/libssl/src/crypto/opensslconf.h index 0850d4a693..60505327d3 100644 --- a/src/lib/libssl/src/crypto/opensslconf.h +++ b/src/lib/libssl/src/crypto/opensslconf.h | |||
| @@ -4,15 +4,22 @@ | |||
| 4 | /* OpenSSL was configured with the following options: */ | 4 | /* OpenSSL was configured with the following options: */ |
| 5 | #ifndef OPENSSL_DOING_MAKEDEPEND | 5 | #ifndef OPENSSL_DOING_MAKEDEPEND |
| 6 | 6 | ||
| 7 | |||
| 7 | #ifndef OPENSSL_NO_CAMELLIA | 8 | #ifndef OPENSSL_NO_CAMELLIA |
| 8 | # define OPENSSL_NO_CAMELLIA | 9 | # define OPENSSL_NO_CAMELLIA |
| 9 | #endif | 10 | #endif |
| 11 | #ifndef OPENSSL_NO_CAPIENG | ||
| 12 | # define OPENSSL_NO_CAPIENG | ||
| 13 | #endif | ||
| 10 | #ifndef OPENSSL_NO_CMS | 14 | #ifndef OPENSSL_NO_CMS |
| 11 | # define OPENSSL_NO_CMS | 15 | # define OPENSSL_NO_CMS |
| 12 | #endif | 16 | #endif |
| 13 | #ifndef OPENSSL_NO_GMP | 17 | #ifndef OPENSSL_NO_GMP |
| 14 | # define OPENSSL_NO_GMP | 18 | # define OPENSSL_NO_GMP |
| 15 | #endif | 19 | #endif |
| 20 | #ifndef OPENSSL_NO_JPAKE | ||
| 21 | # define OPENSSL_NO_JPAKE | ||
| 22 | #endif | ||
| 16 | #ifndef OPENSSL_NO_KRB5 | 23 | #ifndef OPENSSL_NO_KRB5 |
| 17 | # define OPENSSL_NO_KRB5 | 24 | # define OPENSSL_NO_KRB5 |
| 18 | #endif | 25 | #endif |
| @@ -28,11 +35,9 @@ | |||
| 28 | #ifndef OPENSSL_NO_SEED | 35 | #ifndef OPENSSL_NO_SEED |
| 29 | # define OPENSSL_NO_SEED | 36 | # define OPENSSL_NO_SEED |
| 30 | #endif | 37 | #endif |
| 31 | #ifndef OPENSSL_NO_TLSEXT | ||
| 32 | # define OPENSSL_NO_TLSEXT | ||
| 33 | #endif | ||
| 34 | 38 | ||
| 35 | #endif /* OPENSSL_DOING_MAKEDEPEND */ | 39 | #endif /* OPENSSL_DOING_MAKEDEPEND */ |
| 40 | |||
| 36 | #ifndef OPENSSL_NO_DYNAMIC_ENGINE | 41 | #ifndef OPENSSL_NO_DYNAMIC_ENGINE |
| 37 | # define OPENSSL_NO_DYNAMIC_ENGINE | 42 | # define OPENSSL_NO_DYNAMIC_ENGINE |
| 38 | #endif | 43 | #endif |
| @@ -45,12 +50,18 @@ | |||
| 45 | # if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA) | 50 | # if defined(OPENSSL_NO_CAMELLIA) && !defined(NO_CAMELLIA) |
| 46 | # define NO_CAMELLIA | 51 | # define NO_CAMELLIA |
| 47 | # endif | 52 | # endif |
| 53 | # if defined(OPENSSL_NO_CAPIENG) && !defined(NO_CAPIENG) | ||
| 54 | # define NO_CAPIENG | ||
| 55 | # endif | ||
| 48 | # if defined(OPENSSL_NO_CMS) && !defined(NO_CMS) | 56 | # if defined(OPENSSL_NO_CMS) && !defined(NO_CMS) |
| 49 | # define NO_CMS | 57 | # define NO_CMS |
| 50 | # endif | 58 | # endif |
| 51 | # if defined(OPENSSL_NO_GMP) && !defined(NO_GMP) | 59 | # if defined(OPENSSL_NO_GMP) && !defined(NO_GMP) |
| 52 | # define NO_GMP | 60 | # define NO_GMP |
| 53 | # endif | 61 | # endif |
| 62 | # if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE) | ||
| 63 | # define NO_JPAKE | ||
| 64 | # endif | ||
| 54 | # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5) | 65 | # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5) |
| 55 | # define NO_KRB5 | 66 | # define NO_KRB5 |
| 56 | # endif | 67 | # endif |
| @@ -66,13 +77,25 @@ | |||
| 66 | # if defined(OPENSSL_NO_SEED) && !defined(NO_SEED) | 77 | # if defined(OPENSSL_NO_SEED) && !defined(NO_SEED) |
| 67 | # define NO_SEED | 78 | # define NO_SEED |
| 68 | # endif | 79 | # endif |
| 69 | # if defined(OPENSSL_NO_TLSEXT) && !defined(NO_TLSEXT) | ||
| 70 | # define NO_TLSEXT | ||
| 71 | # endif | ||
| 72 | #endif | 80 | #endif |
| 73 | 81 | ||
| 74 | /* crypto/opensslconf.h.in */ | 82 | /* crypto/opensslconf.h.in */ |
| 75 | 83 | ||
| 84 | #ifdef OPENSSL_DOING_MAKEDEPEND | ||
| 85 | |||
| 86 | /* Include any symbols here that have to be explicitly set to enable a feature | ||
| 87 | * that should be visible to makedepend. | ||
| 88 | * | ||
| 89 | * [Our "make depend" doesn't actually look at this, we use actual build settings | ||
| 90 | * instead; we want to make it easy to remove subdirectories with disabled algorithms.] | ||
| 91 | */ | ||
| 92 | |||
| 93 | #ifndef OPENSSL_FIPS | ||
| 94 | #define OPENSSL_FIPS | ||
| 95 | #endif | ||
| 96 | |||
| 97 | #endif | ||
| 98 | |||
| 76 | /* Generate 80386 code? */ | 99 | /* Generate 80386 code? */ |
| 77 | #undef I386_ONLY | 100 | #undef I386_ONLY |
| 78 | 101 | ||
diff --git a/src/lib/libssl/src/crypto/opensslconf.h.in b/src/lib/libssl/src/crypto/opensslconf.h.in index cee83acf98..1c77f03c3d 100644 --- a/src/lib/libssl/src/crypto/opensslconf.h.in +++ b/src/lib/libssl/src/crypto/opensslconf.h.in | |||
| @@ -1,5 +1,20 @@ | |||
| 1 | /* crypto/opensslconf.h.in */ | 1 | /* crypto/opensslconf.h.in */ |
| 2 | 2 | ||
| 3 | #ifdef OPENSSL_DOING_MAKEDEPEND | ||
| 4 | |||
| 5 | /* Include any symbols here that have to be explicitly set to enable a feature | ||
| 6 | * that should be visible to makedepend. | ||
| 7 | * | ||
| 8 | * [Our "make depend" doesn't actually look at this, we use actual build settings | ||
| 9 | * instead; we want to make it easy to remove subdirectories with disabled algorithms.] | ||
| 10 | */ | ||
| 11 | |||
| 12 | #ifndef OPENSSL_FIPS | ||
| 13 | #define OPENSSL_FIPS | ||
| 14 | #endif | ||
| 15 | |||
| 16 | #endif | ||
| 17 | |||
| 3 | /* Generate 80386 code? */ | 18 | /* Generate 80386 code? */ |
| 4 | #undef I386_ONLY | 19 | #undef I386_ONLY |
| 5 | 20 | ||
diff --git a/src/lib/libssl/src/crypto/opensslv.h b/src/lib/libssl/src/crypto/opensslv.h index b308894f18..09687b5136 100644 --- a/src/lib/libssl/src/crypto/opensslv.h +++ b/src/lib/libssl/src/crypto/opensslv.h | |||
| @@ -25,11 +25,11 @@ | |||
| 25 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for | 25 | * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for |
| 26 | * major minor fix final patch/beta) | 26 | * major minor fix final patch/beta) |
| 27 | */ | 27 | */ |
| 28 | #define OPENSSL_VERSION_NUMBER 0x0090808fL | 28 | #define OPENSSL_VERSION_NUMBER 0x009080afL |
| 29 | #ifdef OPENSSL_FIPS | 29 | #ifdef OPENSSL_FIPS |
| 30 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8h-fips 28 May 2008" | 30 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8j-fips 07 Jan 2009" |
| 31 | #else | 31 | #else |
| 32 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8h 28 May 2008" | 32 | #define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8j 07 Jan 2009" |
| 33 | #endif | 33 | #endif |
| 34 | #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT | 34 | #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT |
| 35 | 35 | ||
diff --git a/src/lib/libssl/src/crypto/ossl_typ.h b/src/lib/libssl/src/crypto/ossl_typ.h index 345fb1dc4d..0e7a380880 100644 --- a/src/lib/libssl/src/crypto/ossl_typ.h +++ b/src/lib/libssl/src/crypto/ossl_typ.h | |||
| @@ -100,6 +100,8 @@ typedef int ASN1_NULL; | |||
| 100 | #undef X509_EXTENSIONS | 100 | #undef X509_EXTENSIONS |
| 101 | #undef X509_CERT_PAIR | 101 | #undef X509_CERT_PAIR |
| 102 | #undef PKCS7_ISSUER_AND_SERIAL | 102 | #undef PKCS7_ISSUER_AND_SERIAL |
| 103 | #undef OCSP_REQUEST | ||
| 104 | #undef OCSP_RESPONSE | ||
| 103 | #endif | 105 | #endif |
| 104 | 106 | ||
| 105 | #ifdef BIGNUM | 107 | #ifdef BIGNUM |
| @@ -140,6 +142,8 @@ typedef struct X509_crl_st X509_CRL; | |||
| 140 | typedef struct X509_name_st X509_NAME; | 142 | typedef struct X509_name_st X509_NAME; |
| 141 | typedef struct x509_store_st X509_STORE; | 143 | typedef struct x509_store_st X509_STORE; |
| 142 | typedef struct x509_store_ctx_st X509_STORE_CTX; | 144 | typedef struct x509_store_ctx_st X509_STORE_CTX; |
| 145 | typedef struct ssl_st SSL; | ||
| 146 | typedef struct ssl_ctx_st SSL_CTX; | ||
| 143 | 147 | ||
| 144 | typedef struct v3_ext_ctx X509V3_CTX; | 148 | typedef struct v3_ext_ctx X509V3_CTX; |
| 145 | typedef struct conf_st CONF; | 149 | typedef struct conf_st CONF; |
diff --git a/src/lib/libssl/src/crypto/pem/Makefile b/src/lib/libssl/src/crypto/pem/Makefile index 742194fd24..669f36612c 100644 --- a/src/lib/libssl/src/crypto/pem/Makefile +++ b/src/lib/libssl/src/crypto/pem/Makefile | |||
| @@ -36,7 +36,7 @@ top: | |||
| 36 | all: lib | 36 | all: lib |
| 37 | 37 | ||
| 38 | lib: $(LIBOBJ) | 38 | lib: $(LIBOBJ) |
| 39 | $(AR) $(LIB) $(LIBOBJ) | 39 | $(ARX) $(LIB) $(LIBOBJ) |
| 40 | $(RANLIB) $(LIB) || echo Never mind. | 40 | $(RANLIB) $(LIB) || echo Never mind. |
| 41 | @touch lib | 41 | @touch lib |
| 42 | 42 | ||
| @@ -83,36 +83,39 @@ pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | |||
| 83 | pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 83 | pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 84 | pem_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 84 | pem_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 85 | pem_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 85 | pem_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 86 | pem_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 86 | pem_all.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 87 | pem_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 87 | pem_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 88 | pem_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 88 | pem_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 89 | pem_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h | 89 | pem_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 90 | pem_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h | 90 | pem_all.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 91 | pem_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 91 | pem_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 92 | pem_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 92 | pem_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 93 | pem_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 93 | pem_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 94 | pem_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_all.c | 94 | pem_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 95 | pem_all.o: ../cryptlib.h pem_all.c | ||
| 95 | pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 96 | pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 96 | pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 97 | pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 97 | pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 98 | pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 98 | pem_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 99 | pem_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 99 | pem_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 100 | pem_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 100 | pem_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 101 | pem_err.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 101 | pem_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 102 | pem_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 102 | pem_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 103 | pem_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 103 | pem_err.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 104 | pem_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h |
| 104 | pem_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 105 | pem_err.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h |
| 105 | pem_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 106 | pem_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 106 | pem_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 107 | pem_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 107 | pem_err.o: ../../include/openssl/x509_vfy.h pem_err.c | 108 | pem_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 109 | pem_err.o: pem_err.c | ||
| 108 | pem_info.o: ../../e_os.h ../../include/openssl/asn1.h | 110 | pem_info.o: ../../e_os.h ../../include/openssl/asn1.h |
| 109 | pem_info.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 111 | pem_info.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 110 | pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h | 112 | pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h |
| 111 | pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 113 | pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 112 | pem_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 114 | pem_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 113 | pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 115 | pem_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 114 | pem_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 116 | pem_info.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 115 | pem_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 117 | pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 118 | pem_info.o: ../../include/openssl/opensslconf.h | ||
| 116 | pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 119 | pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 117 | pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 120 | pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 118 | pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h | 121 | pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| @@ -126,54 +129,55 @@ pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | |||
| 126 | pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h | 129 | pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h |
| 127 | pem_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 130 | pem_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 128 | pem_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 131 | pem_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 129 | pem_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 132 | pem_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 130 | pem_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 133 | pem_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 131 | pem_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 134 | pem_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 132 | pem_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h | 135 | pem_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 133 | pem_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h | 136 | pem_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 134 | pem_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 137 | pem_lib.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 135 | pem_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 138 | pem_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 136 | pem_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 139 | pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 137 | pem_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 140 | pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 138 | pem_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 141 | pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h |
| 139 | pem_lib.o: ../cryptlib.h pem_lib.c | 142 | pem_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_lib.c |
| 140 | pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h | 143 | pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h |
| 141 | pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 144 | pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 142 | pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 145 | pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 143 | pem_oth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 146 | pem_oth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 144 | pem_oth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 147 | pem_oth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 145 | pem_oth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 148 | pem_oth.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 146 | pem_oth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 149 | pem_oth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 147 | pem_oth.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 150 | pem_oth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 148 | pem_oth.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h | 151 | pem_oth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 149 | pem_oth.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h | 152 | pem_oth.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 150 | pem_oth.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 153 | pem_oth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| 151 | pem_oth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 154 | pem_oth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 152 | pem_oth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 155 | pem_oth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 153 | pem_oth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_oth.c | 156 | pem_oth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 157 | pem_oth.o: ../cryptlib.h pem_oth.c | ||
| 154 | pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h | 158 | pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h |
| 155 | pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 159 | pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 156 | pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 160 | pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 157 | pem_pk8.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 161 | pem_pk8.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 158 | pem_pk8.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 162 | pem_pk8.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 159 | pem_pk8.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 163 | pem_pk8.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 160 | pem_pk8.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 164 | pem_pk8.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 161 | pem_pk8.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 165 | pem_pk8.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 162 | pem_pk8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h | 166 | pem_pk8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 163 | pem_pk8.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h | 167 | pem_pk8.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 164 | pem_pk8.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 168 | pem_pk8.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 165 | pem_pk8.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 169 | pem_pk8.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 166 | pem_pk8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 170 | pem_pk8.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 167 | pem_pk8.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 171 | pem_pk8.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 168 | pem_pk8.o: ../cryptlib.h pem_pk8.c | 172 | pem_pk8.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pk8.c |
| 169 | pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h | 173 | pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h |
| 170 | pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 174 | pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 171 | pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 175 | pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 172 | pem_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 176 | pem_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 173 | pem_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 177 | pem_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 174 | pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 178 | pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 175 | pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 179 | pem_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 176 | pem_pkey.o: ../../include/openssl/opensslconf.h | 180 | pem_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 177 | pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 181 | pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 178 | pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 182 | pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 179 | pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 183 | pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| @@ -186,9 +190,9 @@ pem_seal.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 186 | pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 190 | pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 187 | pem_seal.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 191 | pem_seal.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 188 | pem_seal.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 192 | pem_seal.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 189 | pem_seal.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 193 | pem_seal.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 190 | pem_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 194 | pem_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 191 | pem_seal.o: ../../include/openssl/opensslconf.h | 195 | pem_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 192 | pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 196 | pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 193 | pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 197 | pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 194 | pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 198 | pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| @@ -201,9 +205,9 @@ pem_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 201 | pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 205 | pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 202 | pem_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 206 | pem_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 203 | pem_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 207 | pem_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 204 | pem_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 208 | pem_sign.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 205 | pem_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 209 | pem_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 206 | pem_sign.o: ../../include/openssl/opensslconf.h | 210 | pem_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 207 | pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 211 | pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 208 | pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 212 | pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 209 | pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 213 | pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| @@ -216,9 +220,9 @@ pem_x509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 216 | pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 220 | pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 217 | pem_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 221 | pem_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 218 | pem_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 222 | pem_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 219 | pem_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 223 | pem_x509.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 220 | pem_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 224 | pem_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 221 | pem_x509.o: ../../include/openssl/opensslconf.h | 225 | pem_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 222 | pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 226 | pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 223 | pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 227 | pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 224 | pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 228 | pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| @@ -230,9 +234,9 @@ pem_xaux.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 230 | pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 234 | pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 231 | pem_xaux.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 235 | pem_xaux.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 232 | pem_xaux.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 236 | pem_xaux.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 233 | pem_xaux.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 237 | pem_xaux.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 234 | pem_xaux.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 238 | pem_xaux.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 235 | pem_xaux.o: ../../include/openssl/opensslconf.h | 239 | pem_xaux.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 236 | pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 240 | pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 237 | pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 241 | pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 238 | pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 242 | pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
diff --git a/src/lib/libssl/src/crypto/pem/pem.h b/src/lib/libssl/src/crypto/pem/pem.h index 670afa670b..6f8e01544b 100644 --- a/src/lib/libssl/src/crypto/pem/pem.h +++ b/src/lib/libssl/src/crypto/pem/pem.h | |||
| @@ -125,6 +125,7 @@ extern "C" { | |||
| 125 | #define PEM_STRING_DSA "DSA PRIVATE KEY" | 125 | #define PEM_STRING_DSA "DSA PRIVATE KEY" |
| 126 | #define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY" | 126 | #define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY" |
| 127 | #define PEM_STRING_PKCS7 "PKCS7" | 127 | #define PEM_STRING_PKCS7 "PKCS7" |
| 128 | #define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA" | ||
| 128 | #define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY" | 129 | #define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY" |
| 129 | #define PEM_STRING_PKCS8INF "PRIVATE KEY" | 130 | #define PEM_STRING_PKCS8INF "PRIVATE KEY" |
| 130 | #define PEM_STRING_DHPARAMS "DH PARAMETERS" | 131 | #define PEM_STRING_DHPARAMS "DH PARAMETERS" |
diff --git a/src/lib/libssl/src/crypto/pem/pem_all.c b/src/lib/libssl/src/crypto/pem/pem_all.c index 66cbc7eb82..69dd19bf2e 100644 --- a/src/lib/libssl/src/crypto/pem/pem_all.c +++ b/src/lib/libssl/src/crypto/pem/pem_all.c | |||
| @@ -194,7 +194,49 @@ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, | |||
| 194 | 194 | ||
| 195 | #endif | 195 | #endif |
| 196 | 196 | ||
| 197 | #ifdef OPENSSL_FIPS | ||
| 198 | |||
| 199 | int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc, | ||
| 200 | unsigned char *kstr, int klen, | ||
| 201 | pem_password_cb *cb, void *u) | ||
| 202 | { | ||
| 203 | EVP_PKEY *k; | ||
| 204 | int ret; | ||
| 205 | k = EVP_PKEY_new(); | ||
| 206 | if (!k) | ||
| 207 | return 0; | ||
| 208 | EVP_PKEY_set1_RSA(k, x); | ||
| 209 | |||
| 210 | ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); | ||
| 211 | EVP_PKEY_free(k); | ||
| 212 | return ret; | ||
| 213 | } | ||
| 214 | |||
| 215 | #ifndef OPENSSL_NO_FP_API | ||
| 216 | int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc, | ||
| 217 | unsigned char *kstr, int klen, | ||
| 218 | pem_password_cb *cb, void *u) | ||
| 219 | { | ||
| 220 | EVP_PKEY *k; | ||
| 221 | int ret; | ||
| 222 | k = EVP_PKEY_new(); | ||
| 223 | if (!k) | ||
| 224 | return 0; | ||
| 225 | |||
| 226 | EVP_PKEY_set1_RSA(k, x); | ||
| 227 | |||
| 228 | ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); | ||
| 229 | EVP_PKEY_free(k); | ||
| 230 | return ret; | ||
| 231 | } | ||
| 232 | #endif | ||
| 233 | |||
| 234 | #else | ||
| 235 | |||
| 197 | IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) | 236 | IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) |
| 237 | |||
| 238 | #endif | ||
| 239 | |||
| 198 | IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) | 240 | IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) |
| 199 | IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) | 241 | IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) |
| 200 | 242 | ||
| @@ -224,7 +266,47 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, | |||
| 224 | return pkey_get_dsa(pktmp, dsa); | 266 | return pkey_get_dsa(pktmp, dsa); |
| 225 | } | 267 | } |
| 226 | 268 | ||
| 269 | #ifdef OPENSSL_FIPS | ||
| 270 | |||
| 271 | int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc, | ||
| 272 | unsigned char *kstr, int klen, | ||
| 273 | pem_password_cb *cb, void *u) | ||
| 274 | { | ||
| 275 | EVP_PKEY *k; | ||
| 276 | int ret; | ||
| 277 | k = EVP_PKEY_new(); | ||
| 278 | if (!k) | ||
| 279 | return 0; | ||
| 280 | EVP_PKEY_set1_DSA(k, x); | ||
| 281 | |||
| 282 | ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); | ||
| 283 | EVP_PKEY_free(k); | ||
| 284 | return ret; | ||
| 285 | } | ||
| 286 | |||
| 287 | #ifndef OPENSSL_NO_FP_API | ||
| 288 | int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc, | ||
| 289 | unsigned char *kstr, int klen, | ||
| 290 | pem_password_cb *cb, void *u) | ||
| 291 | { | ||
| 292 | EVP_PKEY *k; | ||
| 293 | int ret; | ||
| 294 | k = EVP_PKEY_new(); | ||
| 295 | if (!k) | ||
| 296 | return 0; | ||
| 297 | EVP_PKEY_set1_DSA(k, x); | ||
| 298 | ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); | ||
| 299 | EVP_PKEY_free(k); | ||
| 300 | return ret; | ||
| 301 | } | ||
| 302 | #endif | ||
| 303 | |||
| 304 | #else | ||
| 305 | |||
| 227 | IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) | 306 | IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) |
| 307 | |||
| 308 | #endif | ||
| 309 | |||
| 228 | IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) | 310 | IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) |
| 229 | 311 | ||
| 230 | #ifndef OPENSSL_NO_FP_API | 312 | #ifndef OPENSSL_NO_FP_API |
| @@ -270,8 +352,49 @@ EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, | |||
| 270 | 352 | ||
| 271 | IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters) | 353 | IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters) |
| 272 | 354 | ||
| 355 | |||
| 356 | |||
| 357 | #ifdef OPENSSL_FIPS | ||
| 358 | |||
| 359 | int PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, const EVP_CIPHER *enc, | ||
| 360 | unsigned char *kstr, int klen, | ||
| 361 | pem_password_cb *cb, void *u) | ||
| 362 | { | ||
| 363 | EVP_PKEY *k; | ||
| 364 | int ret; | ||
| 365 | k = EVP_PKEY_new(); | ||
| 366 | if (!k) | ||
| 367 | return 0; | ||
| 368 | EVP_PKEY_set1_EC_KEY(k, x); | ||
| 369 | |||
| 370 | ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u); | ||
| 371 | EVP_PKEY_free(k); | ||
| 372 | return ret; | ||
| 373 | } | ||
| 374 | |||
| 375 | #ifndef OPENSSL_NO_FP_API | ||
| 376 | int PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc, | ||
| 377 | unsigned char *kstr, int klen, | ||
| 378 | pem_password_cb *cb, void *u) | ||
| 379 | { | ||
| 380 | EVP_PKEY *k; | ||
| 381 | int ret; | ||
| 382 | k = EVP_PKEY_new(); | ||
| 383 | if (!k) | ||
| 384 | return 0; | ||
| 385 | EVP_PKEY_set1_EC_KEY(k, x); | ||
| 386 | ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u); | ||
| 387 | EVP_PKEY_free(k); | ||
| 388 | return ret; | ||
| 389 | } | ||
| 390 | #endif | ||
| 391 | |||
| 392 | #else | ||
| 393 | |||
| 273 | IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey) | 394 | IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey) |
| 274 | 395 | ||
| 396 | #endif | ||
| 397 | |||
| 275 | IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) | 398 | IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) |
| 276 | 399 | ||
| 277 | #ifndef OPENSSL_NO_FP_API | 400 | #ifndef OPENSSL_NO_FP_API |
| @@ -301,8 +424,59 @@ IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) | |||
| 301 | * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything | 424 | * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything |
| 302 | * appropriate.) | 425 | * appropriate.) |
| 303 | */ | 426 | */ |
| 427 | |||
| 428 | #ifdef OPENSSL_FIPS | ||
| 429 | |||
| 430 | static const char *pkey_str(EVP_PKEY *x) | ||
| 431 | { | ||
| 432 | switch (x->type) | ||
| 433 | { | ||
| 434 | case EVP_PKEY_RSA: | ||
| 435 | return PEM_STRING_RSA; | ||
| 436 | |||
| 437 | case EVP_PKEY_DSA: | ||
| 438 | return PEM_STRING_DSA; | ||
| 439 | |||
| 440 | case EVP_PKEY_EC: | ||
| 441 | return PEM_STRING_ECPRIVATEKEY; | ||
| 442 | |||
| 443 | default: | ||
| 444 | return NULL; | ||
| 445 | } | ||
| 446 | } | ||
| 447 | |||
| 448 | |||
| 449 | int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, | ||
| 450 | unsigned char *kstr, int klen, | ||
| 451 | pem_password_cb *cb, void *u) | ||
| 452 | { | ||
| 453 | if (FIPS_mode()) | ||
| 454 | return PEM_write_bio_PKCS8PrivateKey(bp, x, enc, | ||
| 455 | (char *)kstr, klen, cb, u); | ||
| 456 | else | ||
| 457 | return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, | ||
| 458 | pkey_str(x), bp,(char *)x,enc,kstr,klen,cb,u); | ||
| 459 | } | ||
| 460 | |||
| 461 | #ifndef OPENSSL_NO_FP_API | ||
| 462 | int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, | ||
| 463 | unsigned char *kstr, int klen, | ||
| 464 | pem_password_cb *cb, void *u) | ||
| 465 | { | ||
| 466 | if (FIPS_mode()) | ||
| 467 | return PEM_write_PKCS8PrivateKey(fp, x, enc, | ||
| 468 | (char *)kstr, klen, cb, u); | ||
| 469 | else | ||
| 470 | return PEM_ASN1_write((i2d_of_void *)i2d_PrivateKey, | ||
| 471 | pkey_str(x), fp,(char *)x,enc,kstr,klen,cb,u); | ||
| 472 | } | ||
| 473 | #endif | ||
| 474 | |||
| 475 | #else | ||
| 304 | IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\ | 476 | IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:\ |
| 305 | (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey) | 477 | (x->type == EVP_PKEY_RSA)?PEM_STRING_RSA:PEM_STRING_ECPRIVATEKEY), PrivateKey) |
| 306 | 478 | ||
| 479 | #endif | ||
| 480 | |||
| 307 | IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) | 481 | IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) |
| 308 | 482 | ||
diff --git a/src/lib/libssl/src/crypto/pem/pem_lib.c b/src/lib/libssl/src/crypto/pem/pem_lib.c index 9bae4c8850..cbafefe416 100644 --- a/src/lib/libssl/src/crypto/pem/pem_lib.c +++ b/src/lib/libssl/src/crypto/pem/pem_lib.c | |||
| @@ -216,6 +216,9 @@ static int check_pem(const char *nm, const char *name) | |||
| 216 | if(!strcmp(nm, PEM_STRING_X509) && | 216 | if(!strcmp(nm, PEM_STRING_X509) && |
| 217 | !strcmp(name, PEM_STRING_PKCS7)) return 1; | 217 | !strcmp(name, PEM_STRING_PKCS7)) return 1; |
| 218 | 218 | ||
| 219 | if(!strcmp(nm, PEM_STRING_PKCS7_SIGNED) && | ||
| 220 | !strcmp(name, PEM_STRING_PKCS7)) return 1; | ||
| 221 | |||
| 219 | return 0; | 222 | return 0; |
| 220 | } | 223 | } |
| 221 | 224 | ||
diff --git a/src/lib/libssl/src/crypto/pem/pem_x509.c b/src/lib/libssl/src/crypto/pem/pem_x509.c index 19f88d8d3a..3f709f13e6 100644 --- a/src/lib/libssl/src/crypto/pem/pem_x509.c +++ b/src/lib/libssl/src/crypto/pem/pem_x509.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* pem_x509.c */ | 1 | /* pem_x509.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pem/pem_xaux.c b/src/lib/libssl/src/crypto/pem/pem_xaux.c index 63ce660cf1..7cc7491009 100644 --- a/src/lib/libssl/src/crypto/pem/pem_xaux.c +++ b/src/lib/libssl/src/crypto/pem/pem_xaux.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* pem_xaux.c */ | 1 | /* pem_xaux.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/Makefile b/src/lib/libssl/src/crypto/pkcs12/Makefile index 3a7498fe7a..eed226b30d 100644 --- a/src/lib/libssl/src/crypto/pkcs12/Makefile +++ b/src/lib/libssl/src/crypto/pkcs12/Makefile | |||
| @@ -39,7 +39,7 @@ test: | |||
| 39 | all: lib | 39 | all: lib |
| 40 | 40 | ||
| 41 | lib: $(LIBOBJ) | 41 | lib: $(LIBOBJ) |
| 42 | $(AR) $(LIB) $(LIBOBJ) | 42 | $(ARX) $(LIB) $(LIBOBJ) |
| 43 | $(RANLIB) $(LIB) || echo Never mind. | 43 | $(RANLIB) $(LIB) || echo Never mind. |
| 44 | @touch lib | 44 | @touch lib |
| 45 | 45 | ||
| @@ -85,36 +85,37 @@ p12_add.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 85 | p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 85 | p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 86 | p12_add.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 86 | p12_add.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 87 | p12_add.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 87 | p12_add.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 88 | p12_add.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 88 | p12_add.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 89 | p12_add.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 89 | p12_add.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 90 | p12_add.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 90 | p12_add.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 91 | p12_add.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h | 91 | p12_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 92 | p12_add.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 92 | p12_add.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 93 | p12_add.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 93 | p12_add.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 94 | p12_add.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 94 | p12_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 95 | p12_add.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_add.c | 95 | p12_add.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 96 | p12_add.o: ../cryptlib.h p12_add.c | ||
| 96 | p12_asn.o: ../../e_os.h ../../include/openssl/asn1.h | 97 | p12_asn.o: ../../e_os.h ../../include/openssl/asn1.h |
| 97 | p12_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 98 | p12_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 98 | p12_asn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 99 | p12_asn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 99 | p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 100 | p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 100 | p12_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 101 | p12_asn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 101 | p12_asn.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 102 | p12_asn.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 102 | p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 103 | p12_asn.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 103 | p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 104 | p12_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 104 | p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 105 | p12_asn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 105 | p12_asn.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 106 | p12_asn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h |
| 106 | p12_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 107 | p12_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 107 | p12_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 108 | p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 108 | p12_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 109 | p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 109 | p12_asn.o: ../cryptlib.h p12_asn.c | 110 | p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_asn.c |
| 110 | p12_attr.o: ../../e_os.h ../../include/openssl/asn1.h | 111 | p12_attr.o: ../../e_os.h ../../include/openssl/asn1.h |
| 111 | p12_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 112 | p12_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 112 | p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 113 | p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 113 | p12_attr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 114 | p12_attr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 114 | p12_attr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 115 | p12_attr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 115 | p12_attr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 116 | p12_attr.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 116 | p12_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 117 | p12_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 117 | p12_attr.o: ../../include/openssl/opensslconf.h | 118 | p12_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 118 | p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 119 | p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 119 | p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 120 | p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 120 | p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 121 | p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -126,9 +127,9 @@ p12_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 126 | p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 127 | p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 127 | p12_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 128 | p12_crpt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 128 | p12_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 129 | p12_crpt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 129 | p12_crpt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 130 | p12_crpt.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 130 | p12_crpt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 131 | p12_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 131 | p12_crpt.o: ../../include/openssl/opensslconf.h | 132 | p12_crpt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 132 | p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 133 | p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 133 | p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 134 | p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 134 | p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 135 | p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -140,22 +141,23 @@ p12_crt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 140 | p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 141 | p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 141 | p12_crt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 142 | p12_crt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 142 | p12_crt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 143 | p12_crt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 143 | p12_crt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 144 | p12_crt.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 144 | p12_crt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 145 | p12_crt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 145 | p12_crt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 146 | p12_crt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 146 | p12_crt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h | 147 | p12_crt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 147 | p12_crt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 148 | p12_crt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 148 | p12_crt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 149 | p12_crt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 149 | p12_crt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 150 | p12_crt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 150 | p12_crt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_crt.c | 151 | p12_crt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 152 | p12_crt.o: ../cryptlib.h p12_crt.c | ||
| 151 | p12_decr.o: ../../e_os.h ../../include/openssl/asn1.h | 153 | p12_decr.o: ../../e_os.h ../../include/openssl/asn1.h |
| 152 | p12_decr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 154 | p12_decr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 153 | p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 155 | p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 154 | p12_decr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 156 | p12_decr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 155 | p12_decr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 157 | p12_decr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 156 | p12_decr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 158 | p12_decr.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 157 | p12_decr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 159 | p12_decr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 158 | p12_decr.o: ../../include/openssl/opensslconf.h | 160 | p12_decr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 159 | p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 161 | p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 160 | p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 162 | p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 161 | p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 163 | p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -167,9 +169,9 @@ p12_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 167 | p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 169 | p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 168 | p12_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 170 | p12_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 169 | p12_init.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 171 | p12_init.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 170 | p12_init.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 172 | p12_init.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 171 | p12_init.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 173 | p12_init.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 172 | p12_init.o: ../../include/openssl/opensslconf.h | 174 | p12_init.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 173 | p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 175 | p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 174 | p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 176 | p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 175 | p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 177 | p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -182,22 +184,22 @@ p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 182 | p12_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 184 | p12_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 183 | p12_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 185 | p12_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 184 | p12_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 186 | p12_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 185 | p12_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 187 | p12_key.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 186 | p12_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 188 | p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 187 | p12_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 189 | p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 188 | p12_key.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 190 | p12_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h |
| 189 | p12_key.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 191 | p12_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 190 | p12_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 192 | p12_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 191 | p12_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 193 | p12_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 192 | p12_key.o: ../cryptlib.h p12_key.c | 194 | p12_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_key.c |
| 193 | p12_kiss.o: ../../e_os.h ../../include/openssl/asn1.h | 195 | p12_kiss.o: ../../e_os.h ../../include/openssl/asn1.h |
| 194 | p12_kiss.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 196 | p12_kiss.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 195 | p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 197 | p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 196 | p12_kiss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 198 | p12_kiss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 197 | p12_kiss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 199 | p12_kiss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 198 | p12_kiss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 200 | p12_kiss.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 199 | p12_kiss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 201 | p12_kiss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 200 | p12_kiss.o: ../../include/openssl/opensslconf.h | 202 | p12_kiss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 201 | p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 203 | p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 202 | p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 204 | p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 203 | p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 205 | p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -209,9 +211,10 @@ p12_mutl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 209 | p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 211 | p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 210 | p12_mutl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 212 | p12_mutl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 211 | p12_mutl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 213 | p12_mutl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 212 | p12_mutl.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h | 214 | p12_mutl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 213 | p12_mutl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 215 | p12_mutl.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h |
| 214 | p12_mutl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 216 | p12_mutl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 217 | p12_mutl.o: ../../include/openssl/opensslconf.h | ||
| 215 | p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 218 | p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 216 | p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 219 | p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 217 | p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 220 | p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| @@ -223,8 +226,9 @@ p12_npas.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 223 | p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 226 | p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 224 | p12_npas.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 227 | p12_npas.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 225 | p12_npas.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 228 | p12_npas.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 226 | p12_npas.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 229 | p12_npas.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 227 | p12_npas.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 230 | p12_npas.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 231 | p12_npas.o: ../../include/openssl/opensslconf.h | ||
| 228 | p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 232 | p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 229 | p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 233 | p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 230 | p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 234 | p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| @@ -237,50 +241,53 @@ p12_p8d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 237 | p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 241 | p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 238 | p12_p8d.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 242 | p12_p8d.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 239 | p12_p8d.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 243 | p12_p8d.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 240 | p12_p8d.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 244 | p12_p8d.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 241 | p12_p8d.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 245 | p12_p8d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 242 | p12_p8d.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 246 | p12_p8d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 243 | p12_p8d.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h | 247 | p12_p8d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 244 | p12_p8d.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 248 | p12_p8d.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 245 | p12_p8d.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 249 | p12_p8d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 246 | p12_p8d.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 250 | p12_p8d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 247 | p12_p8d.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_p8d.c | 251 | p12_p8d.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 252 | p12_p8d.o: ../cryptlib.h p12_p8d.c | ||
| 248 | p12_p8e.o: ../../e_os.h ../../include/openssl/asn1.h | 253 | p12_p8e.o: ../../e_os.h ../../include/openssl/asn1.h |
| 249 | p12_p8e.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 254 | p12_p8e.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 250 | p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 255 | p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 251 | p12_p8e.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 256 | p12_p8e.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 252 | p12_p8e.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 257 | p12_p8e.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 253 | p12_p8e.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 258 | p12_p8e.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 254 | p12_p8e.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 259 | p12_p8e.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 255 | p12_p8e.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 260 | p12_p8e.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 256 | p12_p8e.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h | 261 | p12_p8e.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 257 | p12_p8e.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 262 | p12_p8e.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 258 | p12_p8e.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 263 | p12_p8e.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 259 | p12_p8e.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 264 | p12_p8e.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 260 | p12_p8e.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_p8e.c | 265 | p12_p8e.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 266 | p12_p8e.o: ../cryptlib.h p12_p8e.c | ||
| 261 | p12_utl.o: ../../e_os.h ../../include/openssl/asn1.h | 267 | p12_utl.o: ../../e_os.h ../../include/openssl/asn1.h |
| 262 | p12_utl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 268 | p12_utl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 263 | p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 269 | p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 264 | p12_utl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 270 | p12_utl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 265 | p12_utl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 271 | p12_utl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 266 | p12_utl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 272 | p12_utl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 267 | p12_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 273 | p12_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 268 | p12_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 274 | p12_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 269 | p12_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h | 275 | p12_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 270 | p12_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 276 | p12_utl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h |
| 271 | p12_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 277 | p12_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 272 | p12_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 278 | p12_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 273 | p12_utl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_utl.c | 279 | p12_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 280 | p12_utl.o: ../cryptlib.h p12_utl.c | ||
| 274 | pk12err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 281 | pk12err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 275 | pk12err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 282 | pk12err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 276 | pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 283 | pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 277 | pk12err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 284 | pk12err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 278 | pk12err.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 285 | pk12err.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 279 | pk12err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 286 | pk12err.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 280 | pk12err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 287 | pk12err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 281 | pk12err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 288 | pk12err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 282 | pk12err.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h | 289 | pk12err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h |
| 283 | pk12err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 290 | pk12err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 284 | pk12err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 291 | pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 285 | pk12err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 292 | pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 286 | pk12err.o: pk12err.c | 293 | pk12err.o: ../../include/openssl/x509_vfy.h pk12err.c |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_add.c b/src/lib/libssl/src/crypto/pkcs12/p12_add.c index 41bdc00551..1f3e378f5c 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_add.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_add.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_add.c */ | 1 | /* p12_add.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_asn.c b/src/lib/libssl/src/crypto/pkcs12/p12_asn.c index a3739fee1a..6e27633817 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_asn.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_asn.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_asn.c */ | 1 | /* p12_asn.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_attr.c b/src/lib/libssl/src/crypto/pkcs12/p12_attr.c index 026cf3826a..68d6c5ad15 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_attr.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_attr.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_attr.c */ | 1 | /* p12_attr.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c b/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c index 3ad33c49d8..f8b952e27e 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_crpt.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_crpt.c */ | 1 | /* p12_crpt.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_crt.c b/src/lib/libssl/src/crypto/pkcs12/p12_crt.c index dbafda17b6..e863de52ce 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_crt.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_crt.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_crt.c */ | 1 | /* p12_crt.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -59,10 +59,27 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "cryptlib.h" | 60 | #include "cryptlib.h" |
| 61 | #include <openssl/pkcs12.h> | 61 | #include <openssl/pkcs12.h> |
| 62 | #ifdef OPENSSL_FIPS | ||
| 63 | #include <openssl/fips.h> | ||
| 64 | #endif | ||
| 65 | |||
| 62 | 66 | ||
| 63 | 67 | ||
| 64 | static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag); | 68 | static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag); |
| 65 | 69 | ||
| 70 | static int copy_bag_attr(PKCS12_SAFEBAG *bag, EVP_PKEY *pkey, int nid) | ||
| 71 | { | ||
| 72 | int idx; | ||
| 73 | X509_ATTRIBUTE *attr; | ||
| 74 | idx = EVP_PKEY_get_attr_by_NID(pkey, nid, -1); | ||
| 75 | if (idx < 0) | ||
| 76 | return 1; | ||
| 77 | attr = EVP_PKEY_get_attr(pkey, idx); | ||
| 78 | if (!X509at_add1_attr(&bag->attrib, attr)) | ||
| 79 | return 0; | ||
| 80 | return 1; | ||
| 81 | } | ||
| 82 | |||
| 66 | PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | 83 | PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, |
| 67 | STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter, | 84 | STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter, |
| 68 | int keytype) | 85 | int keytype) |
| @@ -77,7 +94,14 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | |||
| 77 | 94 | ||
| 78 | /* Set defaults */ | 95 | /* Set defaults */ |
| 79 | if (!nid_cert) | 96 | if (!nid_cert) |
| 97 | { | ||
| 98 | #ifdef OPENSSL_FIPS | ||
| 99 | if (FIPS_mode()) | ||
| 100 | nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; | ||
| 101 | else | ||
| 102 | #endif | ||
| 80 | nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; | 103 | nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; |
| 104 | } | ||
| 81 | if (!nid_key) | 105 | if (!nid_key) |
| 82 | nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; | 106 | nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; |
| 83 | if (!iter) | 107 | if (!iter) |
| @@ -122,20 +146,15 @@ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, | |||
| 122 | 146 | ||
| 123 | if (pkey) | 147 | if (pkey) |
| 124 | { | 148 | { |
| 125 | int cspidx; | ||
| 126 | bag = PKCS12_add_key(&bags, pkey, keytype, iter, nid_key, pass); | 149 | bag = PKCS12_add_key(&bags, pkey, keytype, iter, nid_key, pass); |
| 127 | 150 | ||
| 128 | if (!bag) | 151 | if (!bag) |
| 129 | goto err; | 152 | goto err; |
| 130 | 153 | ||
| 131 | cspidx = EVP_PKEY_get_attr_by_NID(pkey, NID_ms_csp_name, -1); | 154 | if (!copy_bag_attr(bag, pkey, NID_ms_csp_name)) |
| 132 | if (cspidx >= 0) | 155 | goto err; |
| 133 | { | 156 | if (!copy_bag_attr(bag, pkey, NID_LocalKeySet)) |
| 134 | X509_ATTRIBUTE *cspattr; | 157 | goto err; |
| 135 | cspattr = EVP_PKEY_get_attr(pkey, cspidx); | ||
| 136 | if (!X509at_add1_attr(&bag->attrib, cspattr)) | ||
| 137 | goto err; | ||
| 138 | } | ||
| 139 | 158 | ||
| 140 | if(name && !PKCS12_add_friendlyname(bag, name, -1)) | 159 | if(name && !PKCS12_add_friendlyname(bag, name, -1)) |
| 141 | goto err; | 160 | goto err; |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_decr.c b/src/lib/libssl/src/crypto/pkcs12/p12_decr.c index 74c961a92b..ba77dbbe32 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_decr.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_decr.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_decr.c */ | 1 | /* p12_decr.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_init.c b/src/lib/libssl/src/crypto/pkcs12/p12_init.c index 6bdc132631..d4d84b056a 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_init.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_init.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_init.c */ | 1 | /* p12_init.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_key.c b/src/lib/libssl/src/crypto/pkcs12/p12_key.c index 18e72d0a1b..9e57eee4a4 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_key.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_key.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_key.c */ | 1 | /* p12_key.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c b/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c index c2ee2cc6f3..5c4c6ec988 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_kiss.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_kiss.c */ | 1 | /* p12_kiss.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c b/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c index c408cc8ab8..70bfef6e5d 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_mutl.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_mutl.c */ | 1 | /* p12_mutl.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_npas.c b/src/lib/libssl/src/crypto/pkcs12/p12_npas.c index 48eacc5c49..47e5e9c377 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_npas.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_npas.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_npas.c */ | 1 | /* p12_npas.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_p8d.c b/src/lib/libssl/src/crypto/pkcs12/p12_p8d.c index 3c6f377933..deba81e4a9 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_p8d.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_p8d.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_p8d.c */ | 1 | /* p12_p8d.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_p8e.c b/src/lib/libssl/src/crypto/pkcs12/p12_p8e.c index 3d47956652..bf20a77b4c 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_p8e.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_p8e.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_p8e.c */ | 1 | /* p12_p8e.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/p12_utl.c b/src/lib/libssl/src/crypto/pkcs12/p12_utl.c index 243ec76be9..ca30ac4f6d 100644 --- a/src/lib/libssl/src/crypto/pkcs12/p12_utl.c +++ b/src/lib/libssl/src/crypto/pkcs12/p12_utl.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* p12_utl.c */ | 1 | /* p12_utl.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs12/pkcs12.h b/src/lib/libssl/src/crypto/pkcs12/pkcs12.h index a2d7e359a0..4bee605dc0 100644 --- a/src/lib/libssl/src/crypto/pkcs12/pkcs12.h +++ b/src/lib/libssl/src/crypto/pkcs12/pkcs12.h | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* pkcs12.h */ | 1 | /* pkcs12.h */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs7/Makefile b/src/lib/libssl/src/crypto/pkcs7/Makefile index 3f7e88b40f..790d8edf36 100644 --- a/src/lib/libssl/src/crypto/pkcs7/Makefile +++ b/src/lib/libssl/src/crypto/pkcs7/Makefile | |||
| @@ -54,7 +54,7 @@ verify: verify.o example.o lib | |||
| 54 | $(CC) $(CFLAGS) -o verify verify.o $(PEX_LIBS) example.o $(LIB) $(EX_LIBS) | 54 | $(CC) $(CFLAGS) -o verify verify.o $(PEX_LIBS) example.o $(LIB) $(EX_LIBS) |
| 55 | 55 | ||
| 56 | lib: $(LIBOBJ) | 56 | lib: $(LIBOBJ) |
| 57 | $(AR) $(LIB) $(LIBOBJ) | 57 | $(ARX) $(LIB) $(LIBOBJ) |
| 58 | $(RANLIB) $(LIB) || echo Never mind. | 58 | $(RANLIB) $(LIB) || echo Never mind. |
| 59 | @touch lib | 59 | @touch lib |
| 60 | 60 | ||
| @@ -101,8 +101,9 @@ pk7_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 101 | pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 101 | pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 102 | pk7_asn1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 102 | pk7_asn1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 103 | pk7_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 103 | pk7_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 104 | pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 104 | pk7_asn1.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 105 | pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 105 | pk7_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 106 | pk7_asn1.o: ../../include/openssl/opensslconf.h | ||
| 106 | pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 107 | pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 107 | pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 108 | pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 108 | pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 109 | pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -113,8 +114,9 @@ pk7_attr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 113 | pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 114 | pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 114 | pk7_attr.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 115 | pk7_attr.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 115 | pk7_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 116 | pk7_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 116 | pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 117 | pk7_attr.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 117 | pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 118 | pk7_attr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 119 | pk7_attr.o: ../../include/openssl/opensslconf.h | ||
| 118 | pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 120 | pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 119 | pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 121 | pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 120 | pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 122 | pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| @@ -127,8 +129,9 @@ pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 127 | pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 129 | pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 128 | pk7_doit.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 130 | pk7_doit.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 129 | pk7_doit.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 131 | pk7_doit.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 130 | pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 132 | pk7_doit.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 131 | pk7_doit.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 133 | pk7_doit.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 134 | pk7_doit.o: ../../include/openssl/opensslconf.h | ||
| 132 | pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 135 | pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 133 | pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 136 | pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| 134 | pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 137 | pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -140,22 +143,22 @@ pk7_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 140 | pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 143 | pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 141 | pk7_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 144 | pk7_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 142 | pk7_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 145 | pk7_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 143 | pk7_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 146 | pk7_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 144 | pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 147 | pk7_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 145 | pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 148 | pk7_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 146 | pk7_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 149 | pk7_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 147 | pk7_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 150 | pk7_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 148 | pk7_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 151 | pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 149 | pk7_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 152 | pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 150 | pk7_lib.o: ../cryptlib.h pk7_lib.c | 153 | pk7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_lib.c |
| 151 | pk7_mime.o: ../../e_os.h ../../include/openssl/asn1.h | 154 | pk7_mime.o: ../../e_os.h ../../include/openssl/asn1.h |
| 152 | pk7_mime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 155 | pk7_mime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 153 | pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 156 | pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 154 | pk7_mime.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 157 | pk7_mime.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 155 | pk7_mime.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 158 | pk7_mime.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 156 | pk7_mime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 159 | pk7_mime.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 157 | pk7_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 160 | pk7_mime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 158 | pk7_mime.o: ../../include/openssl/opensslconf.h | 161 | pk7_mime.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 159 | pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 162 | pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 160 | pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | 163 | pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| 161 | pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 164 | pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -168,8 +171,8 @@ pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 168 | pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 171 | pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 169 | pk7_smime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 172 | pk7_smime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 170 | pk7_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 173 | pk7_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 171 | pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 174 | pk7_smime.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 172 | pk7_smime.o: ../../include/openssl/objects.h | 175 | pk7_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 173 | pk7_smime.o: ../../include/openssl/opensslconf.h | 176 | pk7_smime.o: ../../include/openssl/opensslconf.h |
| 174 | pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 177 | pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 175 | pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 178 | pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_asn1.c b/src/lib/libssl/src/crypto/pkcs7/pk7_asn1.c index 77931feeb4..1f70d31386 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_asn1.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_asn1.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* pk7_asn.c */ | 1 | /* pk7_asn.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c b/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c index 735c8800e1..d549717169 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_attr.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* pk7_attr.c */ | 1 | /* pk7_attr.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c b/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c index 17b68992f7..bf190360d7 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_mime.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* pk7_mime.c */ | 1 | /* pk7_mime.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c index 5c6b0fe24b..c34db1d6fe 100644 --- a/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c +++ b/src/lib/libssl/src/crypto/pkcs7/pk7_smime.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* pk7_smime.c */ | 1 | /* pk7_smime.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -282,6 +282,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, | |||
| 282 | PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE); | 282 | PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE); |
| 283 | goto err; | 283 | goto err; |
| 284 | } | 284 | } |
| 285 | BIO_set_mem_eof_return(tmpout, 0); | ||
| 285 | } else tmpout = out; | 286 | } else tmpout = out; |
| 286 | 287 | ||
| 287 | /* We now have to 'read' from p7bio to calculate digests etc. */ | 288 | /* We now have to 'read' from p7bio to calculate digests etc. */ |
diff --git a/src/lib/libssl/src/crypto/pqueue/pq_compat.h b/src/lib/libssl/src/crypto/pqueue/pq_compat.h index fd36578882..7b2c32725c 100644 --- a/src/lib/libssl/src/crypto/pqueue/pq_compat.h +++ b/src/lib/libssl/src/crypto/pqueue/pq_compat.h | |||
| @@ -57,6 +57,9 @@ | |||
| 57 | * | 57 | * |
| 58 | */ | 58 | */ |
| 59 | 59 | ||
| 60 | #ifndef HEADER_PQ_COMPAT_H | ||
| 61 | #define HEADER_PQ_COMPAT_H | ||
| 62 | |||
| 60 | #include <openssl/opensslconf.h> | 63 | #include <openssl/opensslconf.h> |
| 61 | #include <openssl/bn.h> | 64 | #include <openssl/bn.h> |
| 62 | 65 | ||
| @@ -145,3 +148,5 @@ | |||
| 145 | *(x) |= mask; \ | 148 | *(x) |= mask; \ |
| 146 | } while(0) | 149 | } while(0) |
| 147 | #endif /* OPENSSL_SYS_VMS */ | 150 | #endif /* OPENSSL_SYS_VMS */ |
| 151 | |||
| 152 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/rand/Makefile b/src/lib/libssl/src/crypto/rand/Makefile index 3c1ab5bbae..30794305cb 100644 --- a/src/lib/libssl/src/crypto/rand/Makefile +++ b/src/lib/libssl/src/crypto/rand/Makefile | |||
| @@ -17,9 +17,9 @@ TEST= randtest.c | |||
| 17 | APPS= | 17 | APPS= |
| 18 | 18 | ||
| 19 | LIB=$(TOP)/libcrypto.a | 19 | LIB=$(TOP)/libcrypto.a |
| 20 | LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \ | 20 | LIBSRC=md_rand.c randfile.c rand_lib.c rand_eng.c rand_err.c rand_egd.c \ |
| 21 | rand_win.c rand_unix.c rand_os2.c rand_nw.c | 21 | rand_win.c rand_unix.c rand_os2.c rand_nw.c |
| 22 | LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \ | 22 | LIBOBJ=md_rand.o randfile.o rand_lib.o rand_eng.o rand_err.o rand_egd.o \ |
| 23 | rand_win.o rand_unix.o rand_os2.o rand_nw.o | 23 | rand_win.o rand_unix.o rand_os2.o rand_nw.o |
| 24 | 24 | ||
| 25 | SRC= $(LIBSRC) | 25 | SRC= $(LIBSRC) |
| @@ -35,7 +35,7 @@ top: | |||
| 35 | all: lib | 35 | all: lib |
| 36 | 36 | ||
| 37 | lib: $(LIBOBJ) | 37 | lib: $(LIBOBJ) |
| 38 | $(AR) $(LIB) $(LIBOBJ) | 38 | $(ARX) $(LIB) $(LIBOBJ) |
| 39 | $(RANLIB) $(LIB) || echo Never mind. | 39 | $(RANLIB) $(LIB) || echo Never mind. |
| 40 | @touch lib | 40 | @touch lib |
| 41 | 41 | ||
| @@ -79,17 +79,34 @@ clean: | |||
| 79 | md_rand.o: ../../e_os.h ../../include/openssl/asn1.h | 79 | md_rand.o: ../../e_os.h ../../include/openssl/asn1.h |
| 80 | md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | 80 | md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h |
| 81 | md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 81 | md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 82 | md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 82 | md_rand.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 83 | md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 83 | md_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 84 | md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 84 | md_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 85 | md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 85 | md_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 86 | md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 86 | md_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 87 | md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 87 | md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 88 | md_rand.o: md_rand.c rand_lcl.h | 88 | md_rand.o: ../../include/openssl/symhacks.h md_rand.c rand_lcl.h |
| 89 | rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h | 89 | rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h |
| 90 | rand_egd.o: ../../include/openssl/opensslconf.h | 90 | rand_egd.o: ../../include/openssl/opensslconf.h |
| 91 | rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 91 | rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| 92 | rand_egd.o: rand_egd.c | 92 | rand_egd.o: rand_egd.c |
| 93 | rand_eng.o: ../../e_os.h ../../include/openssl/asn1.h | ||
| 94 | rand_eng.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | ||
| 95 | rand_eng.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | ||
| 96 | rand_eng.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h | ||
| 97 | rand_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 98 | rand_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 99 | rand_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 100 | rand_eng.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h | ||
| 101 | rand_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 102 | rand_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
| 103 | rand_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 104 | rand_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | ||
| 105 | rand_eng.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 106 | rand_eng.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 107 | rand_eng.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | ||
| 108 | rand_eng.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
| 109 | rand_eng.o: ../cryptlib.h rand_eng.c rand_lcl.h | ||
| 93 | rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | 110 | rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h |
| 94 | rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 111 | rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 95 | rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 112 | rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| @@ -97,31 +114,41 @@ rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | |||
| 97 | rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 114 | rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 98 | rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 115 | rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 99 | rand_err.o: rand_err.c | 116 | rand_err.o: rand_err.c |
| 100 | rand_lib.o: ../../e_os.h ../../include/openssl/bio.h | 117 | rand_lib.o: ../../e_os.h ../../include/openssl/asn1.h |
| 101 | rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 118 | rand_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 102 | rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 119 | rand_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h |
| 103 | rand_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 120 | rand_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h |
| 104 | rand_lib.o: ../../include/openssl/opensslconf.h | 121 | rand_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 122 | rand_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 123 | rand_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 124 | rand_lib.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h | ||
| 125 | rand_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 126 | rand_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
| 105 | rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 127 | rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 106 | rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 128 | rand_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h |
| 129 | rand_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 107 | rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 130 | rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 108 | rand_lib.o: ../cryptlib.h rand_lib.c | 131 | rand_lib.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 132 | rand_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
| 133 | rand_lib.o: ../cryptlib.h rand_lcl.h rand_lib.c | ||
| 109 | rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h | 134 | rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h |
| 110 | rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 135 | rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 111 | rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 136 | rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 112 | rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 137 | rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 113 | rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 138 | rand_nw.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 114 | rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 139 | rand_nw.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 115 | rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 140 | rand_nw.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 116 | rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 141 | rand_nw.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| 117 | rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 142 | rand_nw.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 118 | rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c | 143 | rand_nw.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 144 | rand_nw.o: ../cryptlib.h rand_lcl.h rand_nw.c | ||
| 119 | rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h | 145 | rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h |
| 120 | rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 146 | rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 121 | rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 147 | rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 122 | rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 148 | rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 123 | rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 149 | rand_os2.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 124 | rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 150 | rand_os2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 151 | rand_os2.o: ../../include/openssl/opensslconf.h | ||
| 125 | rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 152 | rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 126 | rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 153 | rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 127 | rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 154 | rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -131,8 +158,8 @@ rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h | |||
| 131 | rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 158 | rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 132 | rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 159 | rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 133 | rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 160 | rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 134 | rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 161 | rand_unix.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 135 | rand_unix.o: ../../include/openssl/objects.h | 162 | rand_unix.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 136 | rand_unix.o: ../../include/openssl/opensslconf.h | 163 | rand_unix.o: ../../include/openssl/opensslconf.h |
| 137 | rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 164 | rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 138 | rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 165 | rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| @@ -143,8 +170,9 @@ rand_win.o: ../../e_os.h ../../include/openssl/asn1.h | |||
| 143 | rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 170 | rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 144 | rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 171 | rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 145 | rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 172 | rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 146 | rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 173 | rand_win.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 147 | rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 174 | rand_win.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 175 | rand_win.o: ../../include/openssl/opensslconf.h | ||
| 148 | rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 176 | rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 149 | rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 177 | rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 150 | rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 178 | rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
diff --git a/src/lib/libssl/src/crypto/rand/md_rand.c b/src/lib/libssl/src/crypto/rand/md_rand.c index 9783d0c23e..0f8dd3e00f 100644 --- a/src/lib/libssl/src/crypto/rand/md_rand.c +++ b/src/lib/libssl/src/crypto/rand/md_rand.c | |||
| @@ -126,6 +126,10 @@ | |||
| 126 | 126 | ||
| 127 | #include <openssl/crypto.h> | 127 | #include <openssl/crypto.h> |
| 128 | #include <openssl/err.h> | 128 | #include <openssl/err.h> |
| 129 | #ifdef OPENSSL_FIPS | ||
| 130 | #include <openssl/fips.h> | ||
| 131 | #endif | ||
| 132 | |||
| 129 | 133 | ||
| 130 | #ifdef BN_DEBUG | 134 | #ifdef BN_DEBUG |
| 131 | # define PREDICT | 135 | # define PREDICT |
| @@ -332,6 +336,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num) | |||
| 332 | #endif | 336 | #endif |
| 333 | int do_stir_pool = 0; | 337 | int do_stir_pool = 0; |
| 334 | 338 | ||
| 339 | #ifdef OPENSSL_FIPS | ||
| 340 | if(FIPS_mode()) | ||
| 341 | { | ||
| 342 | FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD); | ||
| 343 | return 0; | ||
| 344 | } | ||
| 345 | #endif | ||
| 346 | |||
| 335 | #ifdef PREDICT | 347 | #ifdef PREDICT |
| 336 | if (rand_predictable) | 348 | if (rand_predictable) |
| 337 | { | 349 | { |
diff --git a/src/lib/libssl/src/crypto/rand/rand.h b/src/lib/libssl/src/crypto/rand/rand.h index ac6c021763..ea89153cba 100644 --- a/src/lib/libssl/src/crypto/rand/rand.h +++ b/src/lib/libssl/src/crypto/rand/rand.h | |||
| @@ -72,7 +72,7 @@ extern "C" { | |||
| 72 | #endif | 72 | #endif |
| 73 | 73 | ||
| 74 | #if defined(OPENSSL_FIPS) | 74 | #if defined(OPENSSL_FIPS) |
| 75 | #define FIPS_RAND_SIZE_T size_t | 75 | #define FIPS_RAND_SIZE_T int |
| 76 | #endif | 76 | #endif |
| 77 | 77 | ||
| 78 | /* Already defined in ossl_typ.h */ | 78 | /* Already defined in ossl_typ.h */ |
| @@ -111,6 +111,15 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes); | |||
| 111 | int RAND_egd(const char *path); | 111 | int RAND_egd(const char *path); |
| 112 | int RAND_egd_bytes(const char *path,int bytes); | 112 | int RAND_egd_bytes(const char *path,int bytes); |
| 113 | int RAND_poll(void); | 113 | int RAND_poll(void); |
| 114 | #ifndef OPENSSL_NO_ENGINE | ||
| 115 | #ifdef OPENSSL_FIPS | ||
| 116 | void int_RAND_init_engine_callbacks(void); | ||
| 117 | void int_RAND_set_callbacks( | ||
| 118 | int (*set_rand_func)(const RAND_METHOD *meth, | ||
| 119 | const RAND_METHOD **pmeth), | ||
| 120 | const RAND_METHOD *(*get_rand_func)(const RAND_METHOD **pmeth)); | ||
| 121 | #endif | ||
| 122 | #endif | ||
| 114 | 123 | ||
| 115 | #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) | 124 | #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) |
| 116 | 125 | ||
| @@ -128,11 +137,29 @@ void ERR_load_RAND_strings(void); | |||
| 128 | /* Error codes for the RAND functions. */ | 137 | /* Error codes for the RAND functions. */ |
| 129 | 138 | ||
| 130 | /* Function codes. */ | 139 | /* Function codes. */ |
| 140 | #define RAND_F_ENG_RAND_GET_RAND_METHOD 108 | ||
| 141 | #define RAND_F_FIPS_RAND 103 | ||
| 142 | #define RAND_F_FIPS_RAND_BYTES 102 | ||
| 143 | #define RAND_F_FIPS_RAND_GET_RAND_METHOD 109 | ||
| 144 | #define RAND_F_FIPS_RAND_SET_DT 106 | ||
| 145 | #define RAND_F_FIPS_SET_DT 104 | ||
| 146 | #define RAND_F_FIPS_SET_PRNG_SEED 107 | ||
| 147 | #define RAND_F_FIPS_SET_TEST_MODE 105 | ||
| 131 | #define RAND_F_RAND_GET_RAND_METHOD 101 | 148 | #define RAND_F_RAND_GET_RAND_METHOD 101 |
| 132 | #define RAND_F_SSLEAY_RAND_BYTES 100 | 149 | #define RAND_F_SSLEAY_RAND_BYTES 100 |
| 133 | 150 | ||
| 134 | /* Reason codes. */ | 151 | /* Reason codes. */ |
| 152 | #define RAND_R_NON_FIPS_METHOD 105 | ||
| 153 | #define RAND_R_NOT_IN_TEST_MODE 106 | ||
| 154 | #define RAND_R_NO_KEY_SET 107 | ||
| 155 | #define RAND_R_PRNG_ASKING_FOR_TOO_MUCH 101 | ||
| 156 | #define RAND_R_PRNG_ERROR 108 | ||
| 157 | #define RAND_R_PRNG_KEYED 109 | ||
| 158 | #define RAND_R_PRNG_NOT_REKEYED 102 | ||
| 159 | #define RAND_R_PRNG_NOT_RESEEDED 103 | ||
| 135 | #define RAND_R_PRNG_NOT_SEEDED 100 | 160 | #define RAND_R_PRNG_NOT_SEEDED 100 |
| 161 | #define RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY 110 | ||
| 162 | #define RAND_R_PRNG_STUCK 104 | ||
| 136 | 163 | ||
| 137 | #ifdef __cplusplus | 164 | #ifdef __cplusplus |
| 138 | } | 165 | } |
diff --git a/src/lib/libssl/src/crypto/rand/rand_eng.c b/src/lib/libssl/src/crypto/rand/rand_eng.c new file mode 100644 index 0000000000..1669cef43c --- /dev/null +++ b/src/lib/libssl/src/crypto/rand/rand_eng.c | |||
| @@ -0,0 +1,152 @@ | |||
| 1 | /* crypto/rand/rand_lib.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <time.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include "rand_lcl.h" | ||
| 63 | #include <openssl/rand.h> | ||
| 64 | #ifdef OPENSSL_FIPS | ||
| 65 | #include <openssl/fips.h> | ||
| 66 | #include <openssl/fips_rand.h> | ||
| 67 | #endif | ||
| 68 | |||
| 69 | #ifndef OPENSSL_NO_ENGINE | ||
| 70 | #include <openssl/engine.h> | ||
| 71 | #endif | ||
| 72 | |||
| 73 | #if defined(OPENSSL_FIPS) && !defined(OPENSSL_NO_ENGINE) | ||
| 74 | |||
| 75 | /* non-NULL if default_RAND_meth is ENGINE-provided */ | ||
| 76 | static ENGINE *funct_ref =NULL; | ||
| 77 | |||
| 78 | int eng_RAND_set_rand_method(const RAND_METHOD *meth, const RAND_METHOD **pmeth) | ||
| 79 | { | ||
| 80 | if(funct_ref) | ||
| 81 | { | ||
| 82 | ENGINE_finish(funct_ref); | ||
| 83 | funct_ref = NULL; | ||
| 84 | } | ||
| 85 | *pmeth = meth; | ||
| 86 | return 1; | ||
| 87 | } | ||
| 88 | |||
| 89 | const RAND_METHOD *eng_RAND_get_rand_method(const RAND_METHOD **pmeth) | ||
| 90 | { | ||
| 91 | if (!*pmeth) | ||
| 92 | { | ||
| 93 | ENGINE *e = ENGINE_get_default_RAND(); | ||
| 94 | if(e) | ||
| 95 | { | ||
| 96 | *pmeth = ENGINE_get_RAND(e); | ||
| 97 | if(!*pmeth) | ||
| 98 | { | ||
| 99 | ENGINE_finish(e); | ||
| 100 | e = NULL; | ||
| 101 | } | ||
| 102 | } | ||
| 103 | if(e) | ||
| 104 | funct_ref = e; | ||
| 105 | else | ||
| 106 | if(FIPS_mode()) | ||
| 107 | *pmeth=FIPS_rand_method(); | ||
| 108 | else | ||
| 109 | *pmeth = RAND_SSLeay(); | ||
| 110 | } | ||
| 111 | |||
| 112 | if(FIPS_mode() | ||
| 113 | && *pmeth != FIPS_rand_check()) | ||
| 114 | { | ||
| 115 | RANDerr(RAND_F_ENG_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD); | ||
| 116 | return 0; | ||
| 117 | } | ||
| 118 | |||
| 119 | return *pmeth; | ||
| 120 | } | ||
| 121 | |||
| 122 | int RAND_set_rand_engine(ENGINE *engine) | ||
| 123 | { | ||
| 124 | const RAND_METHOD *tmp_meth = NULL; | ||
| 125 | if(engine) | ||
| 126 | { | ||
| 127 | if(!ENGINE_init(engine)) | ||
| 128 | return 0; | ||
| 129 | tmp_meth = ENGINE_get_RAND(engine); | ||
| 130 | if(!tmp_meth) | ||
| 131 | { | ||
| 132 | ENGINE_finish(engine); | ||
| 133 | return 0; | ||
| 134 | } | ||
| 135 | } | ||
| 136 | /* This function releases any prior ENGINE so call it first */ | ||
| 137 | RAND_set_rand_method(tmp_meth); | ||
| 138 | funct_ref = engine; | ||
| 139 | return 1; | ||
| 140 | } | ||
| 141 | |||
| 142 | void int_RAND_init_engine_callbacks(void) | ||
| 143 | { | ||
| 144 | static int done = 0; | ||
| 145 | if (done) | ||
| 146 | return; | ||
| 147 | int_RAND_set_callbacks(eng_RAND_set_rand_method, | ||
| 148 | eng_RAND_get_rand_method); | ||
| 149 | done = 1; | ||
| 150 | } | ||
| 151 | |||
| 152 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/rand/rand_err.c b/src/lib/libssl/src/crypto/rand/rand_err.c index 386934dcd1..829fb44d77 100644 --- a/src/lib/libssl/src/crypto/rand/rand_err.c +++ b/src/lib/libssl/src/crypto/rand/rand_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/rand/rand_err.c */ | 1 | /* crypto/rand/rand_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -70,6 +70,14 @@ | |||
| 70 | 70 | ||
| 71 | static ERR_STRING_DATA RAND_str_functs[]= | 71 | static ERR_STRING_DATA RAND_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(RAND_F_ENG_RAND_GET_RAND_METHOD), "ENG_RAND_GET_RAND_METHOD"}, | ||
| 74 | {ERR_FUNC(RAND_F_FIPS_RAND), "FIPS_RAND"}, | ||
| 75 | {ERR_FUNC(RAND_F_FIPS_RAND_BYTES), "FIPS_RAND_BYTES"}, | ||
| 76 | {ERR_FUNC(RAND_F_FIPS_RAND_GET_RAND_METHOD), "FIPS_RAND_GET_RAND_METHOD"}, | ||
| 77 | {ERR_FUNC(RAND_F_FIPS_RAND_SET_DT), "FIPS_RAND_SET_DT"}, | ||
| 78 | {ERR_FUNC(RAND_F_FIPS_SET_DT), "FIPS_SET_DT"}, | ||
| 79 | {ERR_FUNC(RAND_F_FIPS_SET_PRNG_SEED), "FIPS_SET_PRNG_SEED"}, | ||
| 80 | {ERR_FUNC(RAND_F_FIPS_SET_TEST_MODE), "FIPS_SET_TEST_MODE"}, | ||
| 73 | {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"}, | 81 | {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"}, |
| 74 | {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, | 82 | {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"}, |
| 75 | {0,NULL} | 83 | {0,NULL} |
| @@ -77,7 +85,17 @@ static ERR_STRING_DATA RAND_str_functs[]= | |||
| 77 | 85 | ||
| 78 | static ERR_STRING_DATA RAND_str_reasons[]= | 86 | static ERR_STRING_DATA RAND_str_reasons[]= |
| 79 | { | 87 | { |
| 88 | {ERR_REASON(RAND_R_NON_FIPS_METHOD) ,"non fips method"}, | ||
| 89 | {ERR_REASON(RAND_R_NOT_IN_TEST_MODE) ,"not in test mode"}, | ||
| 90 | {ERR_REASON(RAND_R_NO_KEY_SET) ,"no key set"}, | ||
| 91 | {ERR_REASON(RAND_R_PRNG_ASKING_FOR_TOO_MUCH),"prng asking for too much"}, | ||
| 92 | {ERR_REASON(RAND_R_PRNG_ERROR) ,"prng error"}, | ||
| 93 | {ERR_REASON(RAND_R_PRNG_KEYED) ,"prng keyed"}, | ||
| 94 | {ERR_REASON(RAND_R_PRNG_NOT_REKEYED) ,"prng not rekeyed"}, | ||
| 95 | {ERR_REASON(RAND_R_PRNG_NOT_RESEEDED) ,"prng not reseeded"}, | ||
| 80 | {ERR_REASON(RAND_R_PRNG_NOT_SEEDED) ,"PRNG not seeded"}, | 96 | {ERR_REASON(RAND_R_PRNG_NOT_SEEDED) ,"PRNG not seeded"}, |
| 97 | {ERR_REASON(RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY),"prng seed must not match key"}, | ||
| 98 | {ERR_REASON(RAND_R_PRNG_STUCK) ,"prng stuck"}, | ||
| 81 | {0,NULL} | 99 | {0,NULL} |
| 82 | }; | 100 | }; |
| 83 | 101 | ||
diff --git a/src/lib/libssl/src/crypto/rand/rand_lcl.h b/src/lib/libssl/src/crypto/rand/rand_lcl.h index 618a8ec899..18cc9b1e4a 100644 --- a/src/lib/libssl/src/crypto/rand/rand_lcl.h +++ b/src/lib/libssl/src/crypto/rand/rand_lcl.h | |||
| @@ -154,5 +154,16 @@ | |||
| 154 | #define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) | 154 | #define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_md2(), NULL) |
| 155 | #endif | 155 | #endif |
| 156 | 156 | ||
| 157 | #ifndef OPENSSL_NO_ENGINE | ||
| 158 | void int_RAND_set_callbacks( | ||
| 159 | int (*set_rand_func)(const RAND_METHOD *meth, | ||
| 160 | const RAND_METHOD **pmeth), | ||
| 161 | const RAND_METHOD *(*get_rand_func) | ||
| 162 | (const RAND_METHOD **pmeth)); | ||
| 163 | int eng_RAND_set_rand_method(const RAND_METHOD *meth, | ||
| 164 | const RAND_METHOD **pmeth); | ||
| 165 | const RAND_METHOD *eng_RAND_get_rand_method(const RAND_METHOD **pmeth); | ||
| 166 | #endif | ||
| 167 | |||
| 157 | 168 | ||
| 158 | #endif | 169 | #endif |
diff --git a/src/lib/libssl/src/crypto/rand/rand_lib.c b/src/lib/libssl/src/crypto/rand/rand_lib.c index 513e338985..da6b4e0e86 100644 --- a/src/lib/libssl/src/crypto/rand/rand_lib.c +++ b/src/lib/libssl/src/crypto/rand/rand_lib.c | |||
| @@ -60,15 +60,82 @@ | |||
| 60 | #include <time.h> | 60 | #include <time.h> |
| 61 | #include "cryptlib.h" | 61 | #include "cryptlib.h" |
| 62 | #include <openssl/rand.h> | 62 | #include <openssl/rand.h> |
| 63 | #include "rand_lcl.h" | ||
| 64 | #ifdef OPENSSL_FIPS | ||
| 65 | #include <openssl/fips.h> | ||
| 66 | #include <openssl/fips_rand.h> | ||
| 67 | #endif | ||
| 68 | |||
| 63 | #ifndef OPENSSL_NO_ENGINE | 69 | #ifndef OPENSSL_NO_ENGINE |
| 64 | #include <openssl/engine.h> | 70 | #include <openssl/engine.h> |
| 65 | #endif | 71 | #endif |
| 66 | 72 | ||
| 73 | static const RAND_METHOD *default_RAND_meth = NULL; | ||
| 74 | |||
| 75 | #ifdef OPENSSL_FIPS | ||
| 76 | |||
| 77 | static int fips_RAND_set_rand_method(const RAND_METHOD *meth, | ||
| 78 | const RAND_METHOD **pmeth) | ||
| 79 | { | ||
| 80 | *pmeth = meth; | ||
| 81 | return 1; | ||
| 82 | } | ||
| 83 | |||
| 84 | static const RAND_METHOD *fips_RAND_get_rand_method(const RAND_METHOD **pmeth) | ||
| 85 | { | ||
| 86 | if (!*pmeth) | ||
| 87 | { | ||
| 88 | if(FIPS_mode()) | ||
| 89 | *pmeth=FIPS_rand_method(); | ||
| 90 | else | ||
| 91 | *pmeth = RAND_SSLeay(); | ||
| 92 | } | ||
| 93 | |||
| 94 | if(FIPS_mode() | ||
| 95 | && *pmeth != FIPS_rand_check()) | ||
| 96 | { | ||
| 97 | RANDerr(RAND_F_FIPS_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD); | ||
| 98 | return 0; | ||
| 99 | } | ||
| 100 | |||
| 101 | return *pmeth; | ||
| 102 | } | ||
| 103 | |||
| 104 | static int (*RAND_set_rand_method_func)(const RAND_METHOD *meth, | ||
| 105 | const RAND_METHOD **pmeth) | ||
| 106 | = fips_RAND_set_rand_method; | ||
| 107 | static const RAND_METHOD *(*RAND_get_rand_method_func) | ||
| 108 | (const RAND_METHOD **pmeth) | ||
| 109 | = fips_RAND_get_rand_method; | ||
| 110 | |||
| 111 | #ifndef OPENSSL_NO_ENGINE | ||
| 112 | void int_RAND_set_callbacks( | ||
| 113 | int (*set_rand_func)(const RAND_METHOD *meth, | ||
| 114 | const RAND_METHOD **pmeth), | ||
| 115 | const RAND_METHOD *(*get_rand_func) | ||
| 116 | (const RAND_METHOD **pmeth)) | ||
| 117 | { | ||
| 118 | RAND_set_rand_method_func = set_rand_func; | ||
| 119 | RAND_get_rand_method_func = get_rand_func; | ||
| 120 | } | ||
| 121 | #endif | ||
| 122 | |||
| 123 | int RAND_set_rand_method(const RAND_METHOD *meth) | ||
| 124 | { | ||
| 125 | return RAND_set_rand_method_func(meth, &default_RAND_meth); | ||
| 126 | } | ||
| 127 | |||
| 128 | const RAND_METHOD *RAND_get_rand_method(void) | ||
| 129 | { | ||
| 130 | return RAND_get_rand_method_func(&default_RAND_meth); | ||
| 131 | } | ||
| 132 | |||
| 133 | #else | ||
| 134 | |||
| 67 | #ifndef OPENSSL_NO_ENGINE | 135 | #ifndef OPENSSL_NO_ENGINE |
| 68 | /* non-NULL if default_RAND_meth is ENGINE-provided */ | 136 | /* non-NULL if default_RAND_meth is ENGINE-provided */ |
| 69 | static ENGINE *funct_ref =NULL; | 137 | static ENGINE *funct_ref =NULL; |
| 70 | #endif | 138 | #endif |
| 71 | static const RAND_METHOD *default_RAND_meth = NULL; | ||
| 72 | 139 | ||
| 73 | int RAND_set_rand_method(const RAND_METHOD *meth) | 140 | int RAND_set_rand_method(const RAND_METHOD *meth) |
| 74 | { | 141 | { |
| @@ -129,6 +196,8 @@ int RAND_set_rand_engine(ENGINE *engine) | |||
| 129 | } | 196 | } |
| 130 | #endif | 197 | #endif |
| 131 | 198 | ||
| 199 | #endif | ||
| 200 | |||
| 132 | void RAND_cleanup(void) | 201 | void RAND_cleanup(void) |
| 133 | { | 202 | { |
| 134 | const RAND_METHOD *meth = RAND_get_rand_method(); | 203 | const RAND_METHOD *meth = RAND_get_rand_method(); |
diff --git a/src/lib/libssl/src/crypto/rand/randfile.c b/src/lib/libssl/src/crypto/rand/randfile.c index 6c0ec9a41c..d108353bbc 100644 --- a/src/lib/libssl/src/crypto/rand/randfile.c +++ b/src/lib/libssl/src/crypto/rand/randfile.c | |||
| @@ -81,10 +81,25 @@ | |||
| 81 | # include <sys/stat.h> | 81 | # include <sys/stat.h> |
| 82 | #endif | 82 | #endif |
| 83 | 83 | ||
| 84 | #ifdef _WIN32 | ||
| 85 | #define stat _stat | ||
| 86 | #define chmod _chmod | ||
| 87 | #define open _open | ||
| 88 | #define fdopen _fdopen | ||
| 89 | #endif | ||
| 90 | |||
| 84 | #undef BUFSIZE | 91 | #undef BUFSIZE |
| 85 | #define BUFSIZE 1024 | 92 | #define BUFSIZE 1024 |
| 86 | #define RAND_DATA 1024 | 93 | #define RAND_DATA 1024 |
| 87 | 94 | ||
| 95 | #ifdef OPENSSL_SYS_VMS | ||
| 96 | /* This declaration is a nasty hack to get around vms' extension to fopen | ||
| 97 | * for passing in sharing options being disabled by our /STANDARD=ANSI89 */ | ||
| 98 | static FILE *(*const vms_fopen)(const char *, const char *, ...) = | ||
| 99 | (FILE *(*)(const char *, const char *, ...))fopen; | ||
| 100 | #define VMS_OPEN_ATTRS "shr=get,put,upd,del","ctx=bin,stm","rfm=stm","rat=none","mrs=0" | ||
| 101 | #endif | ||
| 102 | |||
| 88 | /* #define RFILE ".rnd" - defined in ../../e_os.h */ | 103 | /* #define RFILE ".rnd" - defined in ../../e_os.h */ |
| 89 | 104 | ||
| 90 | /* Note that these functions are intended for seed files only. | 105 | /* Note that these functions are intended for seed files only. |
| @@ -106,7 +121,11 @@ int RAND_load_file(const char *file, long bytes) | |||
| 106 | RAND_add(&sb,sizeof(sb),0.0); | 121 | RAND_add(&sb,sizeof(sb),0.0); |
| 107 | if (bytes == 0) return(ret); | 122 | if (bytes == 0) return(ret); |
| 108 | 123 | ||
| 124 | #ifdef OPENSSL_SYS_VMS | ||
| 125 | in=vms_fopen(file,"rb",VMS_OPEN_ATTRS); | ||
| 126 | #else | ||
| 109 | in=fopen(file,"rb"); | 127 | in=fopen(file,"rb"); |
| 128 | #endif | ||
| 110 | if (in == NULL) goto err; | 129 | if (in == NULL) goto err; |
| 111 | #if defined(S_IFBLK) && defined(S_IFCHR) | 130 | #if defined(S_IFBLK) && defined(S_IFCHR) |
| 112 | if (sb.st_mode & (S_IFBLK | S_IFCHR)) { | 131 | if (sb.st_mode & (S_IFBLK | S_IFCHR)) { |
| @@ -167,7 +186,7 @@ int RAND_write_file(const char *file) | |||
| 167 | #endif | 186 | #endif |
| 168 | } | 187 | } |
| 169 | 188 | ||
| 170 | #if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) | 189 | #if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_VMS) |
| 171 | { | 190 | { |
| 172 | /* For some reason Win32 can't write to files created this way */ | 191 | /* For some reason Win32 can't write to files created this way */ |
| 173 | 192 | ||
| @@ -178,8 +197,34 @@ int RAND_write_file(const char *file) | |||
| 178 | out = fdopen(fd, "wb"); | 197 | out = fdopen(fd, "wb"); |
| 179 | } | 198 | } |
| 180 | #endif | 199 | #endif |
| 200 | |||
| 201 | #ifdef OPENSSL_SYS_VMS | ||
| 202 | /* VMS NOTE: Prior versions of this routine created a _new_ | ||
| 203 | * version of the rand file for each call into this routine, then | ||
| 204 | * deleted all existing versions named ;-1, and finally renamed | ||
| 205 | * the current version as ';1'. Under concurrent usage, this | ||
| 206 | * resulted in an RMS race condition in rename() which could | ||
| 207 | * orphan files (see vms message help for RMS$_REENT). With the | ||
| 208 | * fopen() calls below, openssl/VMS now shares the top-level | ||
| 209 | * version of the rand file. Note that there may still be | ||
| 210 | * conditions where the top-level rand file is locked. If so, this | ||
| 211 | * code will then create a new version of the rand file. Without | ||
| 212 | * the delete and rename code, this can result in ascending file | ||
| 213 | * versions that stop at version 32767, and this routine will then | ||
| 214 | * return an error. The remedy for this is to recode the calling | ||
| 215 | * application to avoid concurrent use of the rand file, or | ||
| 216 | * synchronize usage at the application level. Also consider | ||
| 217 | * whether or not you NEED a persistent rand file in a concurrent | ||
| 218 | * use situation. | ||
| 219 | */ | ||
| 220 | |||
| 221 | out = vms_fopen(file,"rb+",VMS_OPEN_ATTRS); | ||
| 222 | if (out == NULL) | ||
| 223 | out = vms_fopen(file,"wb",VMS_OPEN_ATTRS); | ||
| 224 | #else | ||
| 181 | if (out == NULL) | 225 | if (out == NULL) |
| 182 | out = fopen(file,"wb"); | 226 | out = fopen(file,"wb"); |
| 227 | #endif | ||
| 183 | if (out == NULL) goto err; | 228 | if (out == NULL) goto err; |
| 184 | 229 | ||
| 185 | #ifndef NO_CHMOD | 230 | #ifndef NO_CHMOD |
| @@ -201,25 +246,6 @@ int RAND_write_file(const char *file) | |||
| 201 | ret+=i; | 246 | ret+=i; |
| 202 | if (n <= 0) break; | 247 | if (n <= 0) break; |
| 203 | } | 248 | } |
| 204 | #ifdef OPENSSL_SYS_VMS | ||
| 205 | /* Try to delete older versions of the file, until there aren't | ||
| 206 | any */ | ||
| 207 | { | ||
| 208 | char *tmpf; | ||
| 209 | |||
| 210 | tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */ | ||
| 211 | if (tmpf) | ||
| 212 | { | ||
| 213 | strcpy(tmpf, file); | ||
| 214 | strcat(tmpf, ";-1"); | ||
| 215 | while(delete(tmpf) == 0) | ||
| 216 | ; | ||
| 217 | rename(file,";1"); /* Make sure it's version 1, or we | ||
| 218 | will reach the limit (32767) at | ||
| 219 | some point... */ | ||
| 220 | } | ||
| 221 | } | ||
| 222 | #endif /* OPENSSL_SYS_VMS */ | ||
| 223 | 249 | ||
| 224 | fclose(out); | 250 | fclose(out); |
| 225 | OPENSSL_cleanse(buf,BUFSIZE); | 251 | OPENSSL_cleanse(buf,BUFSIZE); |
diff --git a/src/lib/libssl/src/crypto/rc2/Makefile b/src/lib/libssl/src/crypto/rc2/Makefile index 73eac347e7..4b6292b65f 100644 --- a/src/lib/libssl/src/crypto/rc2/Makefile +++ b/src/lib/libssl/src/crypto/rc2/Makefile | |||
| @@ -33,7 +33,7 @@ top: | |||
| 33 | all: lib | 33 | all: lib |
| 34 | 34 | ||
| 35 | lib: $(LIBOBJ) | 35 | lib: $(LIBOBJ) |
| 36 | $(AR) $(LIB) $(LIBOBJ) | 36 | $(ARX) $(LIB) $(LIBOBJ) |
| 37 | $(RANLIB) $(LIB) || echo Never mind. | 37 | $(RANLIB) $(LIB) || echo Never mind. |
| 38 | @touch lib | 38 | @touch lib |
| 39 | 39 | ||
| @@ -78,7 +78,11 @@ rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h | |||
| 78 | rc2_cbc.o: rc2_cbc.c rc2_locl.h | 78 | rc2_cbc.o: rc2_cbc.c rc2_locl.h |
| 79 | rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 79 | rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 80 | rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h | 80 | rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h |
| 81 | rc2_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h | 81 | rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 82 | rc2_skey.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h | ||
| 83 | rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 84 | rc2_skey.o: ../../include/openssl/rc2.h ../../include/openssl/safestack.h | ||
| 85 | rc2_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 82 | rc2_skey.o: rc2_locl.h rc2_skey.c | 86 | rc2_skey.o: rc2_locl.h rc2_skey.c |
| 83 | rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h | 87 | rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h |
| 84 | rc2cfb64.o: rc2_locl.h rc2cfb64.c | 88 | rc2cfb64.o: rc2_locl.h rc2cfb64.c |
diff --git a/src/lib/libssl/src/crypto/rc2/rc2.h b/src/lib/libssl/src/crypto/rc2/rc2.h index 34c8362317..e542ec94ff 100644 --- a/src/lib/libssl/src/crypto/rc2/rc2.h +++ b/src/lib/libssl/src/crypto/rc2/rc2.h | |||
| @@ -79,7 +79,9 @@ typedef struct rc2_key_st | |||
| 79 | RC2_INT data[64]; | 79 | RC2_INT data[64]; |
| 80 | } RC2_KEY; | 80 | } RC2_KEY; |
| 81 | 81 | ||
| 82 | 82 | #ifdef OPENSSL_FIPS | |
| 83 | void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); | ||
| 84 | #endif | ||
| 83 | void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); | 85 | void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); |
| 84 | void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, | 86 | void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, |
| 85 | int enc); | 87 | int enc); |
diff --git a/src/lib/libssl/src/crypto/rc2/rc2_skey.c b/src/lib/libssl/src/crypto/rc2/rc2_skey.c index 4953642056..4e000e5b99 100644 --- a/src/lib/libssl/src/crypto/rc2/rc2_skey.c +++ b/src/lib/libssl/src/crypto/rc2/rc2_skey.c | |||
| @@ -57,6 +57,11 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/rc2.h> | 59 | #include <openssl/rc2.h> |
| 60 | #include <openssl/crypto.h> | ||
| 61 | #ifdef OPENSSL_FIPS | ||
| 62 | #include <openssl/fips.h> | ||
| 63 | #endif | ||
| 64 | |||
| 60 | #include "rc2_locl.h" | 65 | #include "rc2_locl.h" |
| 61 | 66 | ||
| 62 | static unsigned char key_table[256]={ | 67 | static unsigned char key_table[256]={ |
| @@ -94,8 +99,20 @@ static unsigned char key_table[256]={ | |||
| 94 | * BSAFE uses the 'retarded' version. What I previously shipped is | 99 | * BSAFE uses the 'retarded' version. What I previously shipped is |
| 95 | * the same as specifying 1024 for the 'bits' parameter. Bsafe uses | 100 | * the same as specifying 1024 for the 'bits' parameter. Bsafe uses |
| 96 | * a version where the bits parameter is the same as len*8 */ | 101 | * a version where the bits parameter is the same as len*8 */ |
| 102 | |||
| 103 | #ifdef OPENSSL_FIPS | ||
| 97 | void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) | 104 | void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) |
| 98 | { | 105 | { |
| 106 | if (FIPS_mode()) | ||
| 107 | FIPS_BAD_ABORT(RC2) | ||
| 108 | private_RC2_set_key(key, len, data, bits); | ||
| 109 | } | ||
| 110 | void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, | ||
| 111 | int bits) | ||
| 112 | #else | ||
| 113 | void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) | ||
| 114 | #endif | ||
| 115 | { | ||
| 99 | int i,j; | 116 | int i,j; |
| 100 | unsigned char *k; | 117 | unsigned char *k; |
| 101 | RC2_INT *ki; | 118 | RC2_INT *ki; |
diff --git a/src/lib/libssl/src/crypto/rc4/Makefile b/src/lib/libssl/src/crypto/rc4/Makefile index 187ed5c668..f0bd7678fc 100644 --- a/src/lib/libssl/src/crypto/rc4/Makefile +++ b/src/lib/libssl/src/crypto/rc4/Makefile | |||
| @@ -21,8 +21,8 @@ TEST=rc4test.c | |||
| 21 | APPS= | 21 | APPS= |
| 22 | 22 | ||
| 23 | LIB=$(TOP)/libcrypto.a | 23 | LIB=$(TOP)/libcrypto.a |
| 24 | LIBSRC=rc4_skey.c rc4_enc.c | 24 | LIBSRC=rc4_skey.c rc4_enc.c rc4_fblk.c |
| 25 | LIBOBJ=$(RC4_ENC) | 25 | LIBOBJ=$(RC4_ENC) rc4_fblk.o |
| 26 | 26 | ||
| 27 | SRC= $(LIBSRC) | 27 | SRC= $(LIBSRC) |
| 28 | 28 | ||
| @@ -37,7 +37,7 @@ top: | |||
| 37 | all: lib | 37 | all: lib |
| 38 | 38 | ||
| 39 | lib: $(LIBOBJ) | 39 | lib: $(LIBOBJ) |
| 40 | $(AR) $(LIB) $(LIBOBJ) | 40 | $(ARX) $(LIB) $(LIBOBJ) |
| 41 | $(RANLIB) $(LIB) || echo Never mind. | 41 | $(RANLIB) $(LIB) || echo Never mind. |
| 42 | @touch lib | 42 | @touch lib |
| 43 | 43 | ||
| @@ -105,10 +105,20 @@ rc4_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | |||
| 105 | rc4_enc.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h | 105 | rc4_enc.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h |
| 106 | rc4_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 106 | rc4_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 107 | rc4_enc.o: ../cryptlib.h rc4_enc.c rc4_locl.h | 107 | rc4_enc.o: ../cryptlib.h rc4_enc.c rc4_locl.h |
| 108 | rc4_fblk.o: ../../e_os.h ../../include/openssl/bio.h | ||
| 109 | rc4_fblk.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
| 110 | rc4_fblk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 111 | rc4_fblk.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 112 | rc4_fblk.o: ../../include/openssl/opensslconf.h | ||
| 113 | rc4_fblk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 114 | rc4_fblk.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h | ||
| 115 | rc4_fblk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 116 | rc4_fblk.o: ../cryptlib.h rc4_fblk.c rc4_locl.h | ||
| 108 | rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h | 117 | rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h |
| 109 | rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 118 | rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 110 | rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 119 | rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 111 | rc4_skey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 120 | rc4_skey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 121 | rc4_skey.o: ../../include/openssl/opensslconf.h | ||
| 112 | rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 122 | rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 113 | rc4_skey.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h | 123 | rc4_skey.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h |
| 114 | rc4_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 124 | rc4_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
diff --git a/src/lib/libssl/src/crypto/rc4/rc4.h b/src/lib/libssl/src/crypto/rc4/rc4.h index 7aec04fe93..2d8620d33b 100644 --- a/src/lib/libssl/src/crypto/rc4/rc4.h +++ b/src/lib/libssl/src/crypto/rc4/rc4.h | |||
| @@ -76,6 +76,9 @@ typedef struct rc4_key_st | |||
| 76 | 76 | ||
| 77 | 77 | ||
| 78 | const char *RC4_options(void); | 78 | const char *RC4_options(void); |
| 79 | #ifdef OPENSSL_FIPS | ||
| 80 | void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); | ||
| 81 | #endif | ||
| 79 | void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); | 82 | void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); |
| 80 | void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, | 83 | void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, |
| 81 | unsigned char *outdata); | 84 | unsigned char *outdata); |
diff --git a/src/lib/libssl/src/crypto/rc4/rc4_fblk.c b/src/lib/libssl/src/crypto/rc4/rc4_fblk.c new file mode 100644 index 0000000000..1b2a42979b --- /dev/null +++ b/src/lib/libssl/src/crypto/rc4/rc4_fblk.c | |||
| @@ -0,0 +1,75 @@ | |||
| 1 | /* crypto/rc4/rc4_fblk.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2008 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | */ | ||
| 53 | |||
| 54 | |||
| 55 | #include <openssl/rc4.h> | ||
| 56 | #include "rc4_locl.h" | ||
| 57 | #include <openssl/opensslv.h> | ||
| 58 | #include <openssl/crypto.h> | ||
| 59 | #ifdef OPENSSL_FIPS | ||
| 60 | #include <openssl/fips.h> | ||
| 61 | #endif | ||
| 62 | |||
| 63 | /* FIPS mode blocking for RC4 has to be done separately since RC4_set_key | ||
| 64 | * may be implemented in an assembly language file. | ||
| 65 | */ | ||
| 66 | |||
| 67 | #ifdef OPENSSL_FIPS | ||
| 68 | void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) | ||
| 69 | { | ||
| 70 | if (FIPS_mode()) | ||
| 71 | FIPS_BAD_ABORT(RC4) | ||
| 72 | private_RC4_set_key(key, len, data); | ||
| 73 | } | ||
| 74 | #endif | ||
| 75 | |||
diff --git a/src/lib/libssl/src/crypto/rc4/rc4_skey.c b/src/lib/libssl/src/crypto/rc4/rc4_skey.c index 46b77ec321..4478d1a4b3 100644 --- a/src/lib/libssl/src/crypto/rc4/rc4_skey.c +++ b/src/lib/libssl/src/crypto/rc4/rc4_skey.c | |||
| @@ -59,6 +59,11 @@ | |||
| 59 | #include <openssl/rc4.h> | 59 | #include <openssl/rc4.h> |
| 60 | #include "rc4_locl.h" | 60 | #include "rc4_locl.h" |
| 61 | #include <openssl/opensslv.h> | 61 | #include <openssl/opensslv.h> |
| 62 | #include <openssl/crypto.h> | ||
| 63 | #ifdef OPENSSL_FIPS | ||
| 64 | #include <openssl/fips.h> | ||
| 65 | #endif | ||
| 66 | |||
| 62 | 67 | ||
| 63 | const char RC4_version[]="RC4" OPENSSL_VERSION_PTEXT; | 68 | const char RC4_version[]="RC4" OPENSSL_VERSION_PTEXT; |
| 64 | 69 | ||
| @@ -85,7 +90,11 @@ const char *RC4_options(void) | |||
| 85 | * Date: Wed, 14 Sep 1994 06:35:31 GMT | 90 | * Date: Wed, 14 Sep 1994 06:35:31 GMT |
| 86 | */ | 91 | */ |
| 87 | 92 | ||
| 93 | #ifdef OPENSSL_FIPS | ||
| 94 | void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) | ||
| 95 | #else | ||
| 88 | void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) | 96 | void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) |
| 97 | #endif | ||
| 89 | { | 98 | { |
| 90 | register RC4_INT tmp; | 99 | register RC4_INT tmp; |
| 91 | register int id1,id2; | 100 | register int id1,id2; |
| @@ -127,7 +136,12 @@ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) | |||
| 127 | * | 136 | * |
| 128 | * <appro@fy.chalmers.se> | 137 | * <appro@fy.chalmers.se> |
| 129 | */ | 138 | */ |
| 130 | if (OPENSSL_ia32cap_P & (1<<20)) { | 139 | #ifdef OPENSSL_FIPS |
| 140 | unsigned long *ia32cap_ptr = OPENSSL_ia32cap_loc(); | ||
| 141 | if (ia32cap_ptr && (*ia32cap_ptr & (1<<28))) { | ||
| 142 | #else | ||
| 143 | if (OPENSSL_ia32cap_P & (1<<28)) { | ||
| 144 | #endif | ||
| 131 | unsigned char *cp=(unsigned char *)d; | 145 | unsigned char *cp=(unsigned char *)d; |
| 132 | 146 | ||
| 133 | for (i=0;i<256;i++) cp[i]=i; | 147 | for (i=0;i<256;i++) cp[i]=i; |
diff --git a/src/lib/libssl/src/crypto/rc5/Makefile b/src/lib/libssl/src/crypto/rc5/Makefile index efb0f36b59..b4e21c9bb2 100644 --- a/src/lib/libssl/src/crypto/rc5/Makefile +++ b/src/lib/libssl/src/crypto/rc5/Makefile | |||
| @@ -40,7 +40,7 @@ top: | |||
| 40 | all: lib | 40 | all: lib |
| 41 | 41 | ||
| 42 | lib: $(LIBOBJ) | 42 | lib: $(LIBOBJ) |
| 43 | $(AR) $(LIB) $(LIBOBJ) | 43 | $(ARX) $(LIB) $(LIBOBJ) |
| 44 | $(RANLIB) $(LIB) || echo Never mind. | 44 | $(RANLIB) $(LIB) || echo Never mind. |
| 45 | @touch lib | 45 | @touch lib |
| 46 | 46 | ||
diff --git a/src/lib/libssl/src/crypto/rc5/rc5.h b/src/lib/libssl/src/crypto/rc5/rc5.h index 4b3c153b50..f73a2a02a4 100644 --- a/src/lib/libssl/src/crypto/rc5/rc5.h +++ b/src/lib/libssl/src/crypto/rc5/rc5.h | |||
| @@ -94,7 +94,10 @@ typedef struct rc5_key_st | |||
| 94 | RC5_32_INT data[2*(RC5_16_ROUNDS+1)]; | 94 | RC5_32_INT data[2*(RC5_16_ROUNDS+1)]; |
| 95 | } RC5_32_KEY; | 95 | } RC5_32_KEY; |
| 96 | 96 | ||
| 97 | 97 | #ifdef OPENSSL_FIPS | |
| 98 | void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, | ||
| 99 | int rounds); | ||
| 100 | #endif | ||
| 98 | void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, | 101 | void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data, |
| 99 | int rounds); | 102 | int rounds); |
| 100 | void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, | 103 | void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key, |
diff --git a/src/lib/libssl/src/crypto/ripemd/Makefile b/src/lib/libssl/src/crypto/ripemd/Makefile index d55875c20c..6145f13699 100644 --- a/src/lib/libssl/src/crypto/ripemd/Makefile +++ b/src/lib/libssl/src/crypto/ripemd/Makefile | |||
| @@ -38,7 +38,7 @@ top: | |||
| 38 | all: lib | 38 | all: lib |
| 39 | 39 | ||
| 40 | lib: $(LIBOBJ) | 40 | lib: $(LIBOBJ) |
| 41 | $(AR) $(LIB) $(LIBOBJ) | 41 | $(ARX) $(LIB) $(LIBOBJ) |
| 42 | $(RANLIB) $(LIB) || echo Never mind. | 42 | $(RANLIB) $(LIB) || echo Never mind. |
| 43 | @touch lib | 43 | @touch lib |
| 44 | 44 | ||
| @@ -89,8 +89,13 @@ clean: | |||
| 89 | 89 | ||
| 90 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 90 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 91 | 91 | ||
| 92 | rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 92 | rmd_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h |
| 93 | rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ripemd.h | 93 | rmd_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 94 | rmd_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 95 | rmd_dgst.o: ../../include/openssl/opensslconf.h | ||
| 96 | rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 97 | rmd_dgst.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h | ||
| 98 | rmd_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 94 | rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h | 99 | rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h |
| 95 | rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 100 | rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 96 | rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 101 | rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
diff --git a/src/lib/libssl/src/crypto/ripemd/ripemd.h b/src/lib/libssl/src/crypto/ripemd/ripemd.h index 033a5965b5..3b6d04386d 100644 --- a/src/lib/libssl/src/crypto/ripemd/ripemd.h +++ b/src/lib/libssl/src/crypto/ripemd/ripemd.h | |||
| @@ -90,7 +90,9 @@ typedef struct RIPEMD160state_st | |||
| 90 | RIPEMD160_LONG data[RIPEMD160_LBLOCK]; | 90 | RIPEMD160_LONG data[RIPEMD160_LBLOCK]; |
| 91 | unsigned int num; | 91 | unsigned int num; |
| 92 | } RIPEMD160_CTX; | 92 | } RIPEMD160_CTX; |
| 93 | 93 | #ifdef OPENSSL_FIPS | |
| 94 | int private_RIPEMD160_Init(RIPEMD160_CTX *c); | ||
| 95 | #endif | ||
| 94 | int RIPEMD160_Init(RIPEMD160_CTX *c); | 96 | int RIPEMD160_Init(RIPEMD160_CTX *c); |
| 95 | int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len); | 97 | int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len); |
| 96 | int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); | 98 | int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); |
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c b/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c index 61626284b8..ead11d075a 100644 --- a/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c +++ b/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c | |||
| @@ -59,6 +59,11 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include "rmd_locl.h" | 60 | #include "rmd_locl.h" |
| 61 | #include <openssl/opensslv.h> | 61 | #include <openssl/opensslv.h> |
| 62 | #include <openssl/err.h> | ||
| 63 | #ifdef OPENSSL_FIPS | ||
| 64 | #include <openssl/fips.h> | ||
| 65 | #endif | ||
| 66 | |||
| 62 | 67 | ||
| 63 | const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT; | 68 | const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT; |
| 64 | 69 | ||
| @@ -69,7 +74,7 @@ const char RMD160_version[]="RIPE-MD160" OPENSSL_VERSION_PTEXT; | |||
| 69 | void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,size_t num); | 74 | void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,size_t num); |
| 70 | # endif | 75 | # endif |
| 71 | 76 | ||
| 72 | int RIPEMD160_Init(RIPEMD160_CTX *c) | 77 | FIPS_NON_FIPS_MD_Init(RIPEMD160) |
| 73 | { | 78 | { |
| 74 | c->A=RIPEMD160_A; | 79 | c->A=RIPEMD160_A; |
| 75 | c->B=RIPEMD160_B; | 80 | c->B=RIPEMD160_B; |
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_locl.h b/src/lib/libssl/src/crypto/ripemd/rmd_locl.h index f14b346e66..ce12a8000e 100644 --- a/src/lib/libssl/src/crypto/ripemd/rmd_locl.h +++ b/src/lib/libssl/src/crypto/ripemd/rmd_locl.h | |||
| @@ -72,7 +72,7 @@ | |||
| 72 | */ | 72 | */ |
| 73 | #ifdef RMD160_ASM | 73 | #ifdef RMD160_ASM |
| 74 | # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) | 74 | # if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) |
| 75 | # define ripemd160_block_data_order ripemd160_block_asm_data_order | 75 | # define ripemd160_block_host_order ripemd160_block_asm_data_order |
| 76 | # endif | 76 | # endif |
| 77 | #endif | 77 | #endif |
| 78 | 78 | ||
diff --git a/src/lib/libssl/src/crypto/rsa/Makefile b/src/lib/libssl/src/crypto/rsa/Makefile index 13900812ac..7b1fd6428c 100644 --- a/src/lib/libssl/src/crypto/rsa/Makefile +++ b/src/lib/libssl/src/crypto/rsa/Makefile | |||
| @@ -19,10 +19,10 @@ APPS= | |||
| 19 | LIB=$(TOP)/libcrypto.a | 19 | LIB=$(TOP)/libcrypto.a |
| 20 | LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ | 20 | LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ |
| 21 | rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ | 21 | rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ |
| 22 | rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c | 22 | rsa_pss.c rsa_x931.c rsa_x931g.c rsa_asn1.c rsa_depr.c rsa_eng.c |
| 23 | LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ | 23 | LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ |
| 24 | rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ | 24 | rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ |
| 25 | rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o | 25 | rsa_pss.o rsa_x931.o rsa_x931g.o rsa_asn1.o rsa_depr.o rsa_eng.o |
| 26 | 26 | ||
| 27 | SRC= $(LIBSRC) | 27 | SRC= $(LIBSRC) |
| 28 | 28 | ||
| @@ -37,7 +37,7 @@ top: | |||
| 37 | all: lib | 37 | all: lib |
| 38 | 38 | ||
| 39 | lib: $(LIBOBJ) | 39 | lib: $(LIBOBJ) |
| 40 | $(AR) $(LIB) $(LIBOBJ) | 40 | $(ARX) $(LIB) $(LIBOBJ) |
| 41 | $(RANLIB) $(LIB) || echo Never mind. | 41 | $(RANLIB) $(LIB) || echo Never mind. |
| 42 | @touch lib | 42 | @touch lib |
| 43 | 43 | ||
| @@ -114,6 +114,21 @@ rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | |||
| 114 | rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | 114 | rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h |
| 115 | rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 115 | rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 116 | rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c | 116 | rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c |
| 117 | rsa_eng.o: ../../e_os.h ../../include/openssl/asn1.h | ||
| 118 | rsa_eng.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
| 119 | rsa_eng.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | ||
| 120 | rsa_eng.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 121 | rsa_eng.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 122 | rsa_eng.o: ../../include/openssl/engine.h ../../include/openssl/err.h | ||
| 123 | rsa_eng.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 124 | rsa_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 125 | rsa_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
| 126 | rsa_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 127 | rsa_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | ||
| 128 | rsa_eng.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
| 129 | rsa_eng.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 130 | rsa_eng.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 131 | rsa_eng.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_eng.c | ||
| 117 | rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 132 | rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 118 | rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 133 | rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 119 | rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 134 | rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h |
| @@ -133,13 +148,18 @@ rsa_gen.o: ../cryptlib.h rsa_gen.c | |||
| 133 | rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h | 148 | rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h |
| 134 | rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 149 | rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 135 | rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 150 | rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 136 | rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 151 | rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 137 | rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 152 | rsa_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 138 | rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 153 | rsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 139 | rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 154 | rsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 155 | rsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 156 | rsa_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | ||
| 157 | rsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 158 | rsa_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | ||
| 140 | rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 159 | rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h |
| 141 | rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 160 | rsa_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 142 | rsa_lib.o: ../cryptlib.h rsa_lib.c | 161 | rsa_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 162 | rsa_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h rsa_lib.c | ||
| 143 | rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h | 163 | rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h |
| 144 | rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 164 | rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 145 | rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 165 | rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| @@ -162,9 +182,9 @@ rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h | |||
| 162 | rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 182 | rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 163 | rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 183 | rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 164 | rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 184 | rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 165 | rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 185 | rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 166 | rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 186 | rsa_oaep.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 167 | rsa_oaep.o: ../../include/openssl/opensslconf.h | 187 | rsa_oaep.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 168 | rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 188 | rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 169 | rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | 189 | rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h |
| 170 | rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 190 | rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -183,21 +203,23 @@ rsa_pss.o: ../../e_os.h ../../include/openssl/asn1.h | |||
| 183 | rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 203 | rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 184 | rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 204 | rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 185 | rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 205 | rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 186 | rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 206 | rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 187 | rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 207 | rsa_pss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 188 | rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 208 | rsa_pss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 189 | rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 209 | rsa_pss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 190 | rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 210 | rsa_pss.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h |
| 191 | rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 211 | rsa_pss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 192 | rsa_pss.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pss.c | 212 | rsa_pss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 213 | rsa_pss.o: ../cryptlib.h rsa_pss.c | ||
| 193 | rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h | 214 | rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h |
| 194 | rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 215 | rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 195 | rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 216 | rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 196 | rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 217 | rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 197 | rsa_saos.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 218 | rsa_saos.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 198 | rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 219 | rsa_saos.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 199 | rsa_saos.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 220 | rsa_saos.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 200 | rsa_saos.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 221 | rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 222 | rsa_saos.o: ../../include/openssl/opensslconf.h | ||
| 201 | rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 223 | rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 202 | rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h | 224 | rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 203 | rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 225 | rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -210,8 +232,9 @@ rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 210 | rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 232 | rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 211 | rsa_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 233 | rsa_sign.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 212 | rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 234 | rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 213 | rsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 235 | rsa_sign.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 214 | rsa_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 236 | rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 237 | rsa_sign.o: ../../include/openssl/opensslconf.h | ||
| 215 | rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 238 | rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 216 | rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h | 239 | rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 217 | rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 240 | rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| @@ -237,3 +260,11 @@ rsa_x931.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | |||
| 237 | rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h | 260 | rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h |
| 238 | rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 261 | rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 239 | rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c | 262 | rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c |
| 263 | rsa_x931g.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 264 | rsa_x931g.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | ||
| 265 | rsa_x931g.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 266 | rsa_x931g.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | ||
| 267 | rsa_x931g.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 268 | rsa_x931g.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
| 269 | rsa_x931g.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 270 | rsa_x931g.o: rsa_x931g.c | ||
diff --git a/src/lib/libssl/src/crypto/rsa/rsa.h b/src/lib/libssl/src/crypto/rsa/rsa.h index 6b5e4f8a9a..5bb932ae15 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa.h +++ b/src/lib/libssl/src/crypto/rsa/rsa.h | |||
| @@ -74,6 +74,25 @@ | |||
| 74 | #error RSA is disabled. | 74 | #error RSA is disabled. |
| 75 | #endif | 75 | #endif |
| 76 | 76 | ||
| 77 | /* If this flag is set the RSA method is FIPS compliant and can be used | ||
| 78 | * in FIPS mode. This is set in the validated module method. If an | ||
| 79 | * application sets this flag in its own methods it is its reposibility | ||
| 80 | * to ensure the result is compliant. | ||
| 81 | */ | ||
| 82 | |||
| 83 | #define RSA_FLAG_FIPS_METHOD 0x0400 | ||
| 84 | |||
| 85 | /* If this flag is set the operations normally disabled in FIPS mode are | ||
| 86 | * permitted it is then the applications responsibility to ensure that the | ||
| 87 | * usage is compliant. | ||
| 88 | */ | ||
| 89 | |||
| 90 | #define RSA_FLAG_NON_FIPS_ALLOW 0x0400 | ||
| 91 | |||
| 92 | #ifdef OPENSSL_FIPS | ||
| 93 | #define FIPS_RSA_SIZE_T int | ||
| 94 | #endif | ||
| 95 | |||
| 77 | #ifdef __cplusplus | 96 | #ifdef __cplusplus |
| 78 | extern "C" { | 97 | extern "C" { |
| 79 | #endif | 98 | #endif |
| @@ -163,6 +182,8 @@ struct rsa_st | |||
| 163 | # define OPENSSL_RSA_MAX_MODULUS_BITS 16384 | 182 | # define OPENSSL_RSA_MAX_MODULUS_BITS 16384 |
| 164 | #endif | 183 | #endif |
| 165 | 184 | ||
| 185 | #define OPENSSL_RSA_FIPS_MIN_MODULUS_BITS 1024 | ||
| 186 | |||
| 166 | #ifndef OPENSSL_RSA_SMALL_MODULUS_BITS | 187 | #ifndef OPENSSL_RSA_SMALL_MODULUS_BITS |
| 167 | # define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 | 188 | # define OPENSSL_RSA_SMALL_MODULUS_BITS 3072 |
| 168 | #endif | 189 | #endif |
| @@ -240,6 +261,11 @@ RSA * RSA_generate_key(int bits, unsigned long e,void | |||
| 240 | 261 | ||
| 241 | /* New version */ | 262 | /* New version */ |
| 242 | int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); | 263 | int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); |
| 264 | int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2, | ||
| 265 | const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp, | ||
| 266 | const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq, | ||
| 267 | const BIGNUM *e, BN_GENCB *cb); | ||
| 268 | int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb); | ||
| 243 | 269 | ||
| 244 | int RSA_check_key(const RSA *); | 270 | int RSA_check_key(const RSA *); |
| 245 | /* next 4 return -1 on error */ | 271 | /* next 4 return -1 on error */ |
| @@ -257,6 +283,11 @@ int RSA_up_ref(RSA *r); | |||
| 257 | 283 | ||
| 258 | int RSA_flags(const RSA *r); | 284 | int RSA_flags(const RSA *r); |
| 259 | 285 | ||
| 286 | #ifdef OPENSSL_FIPS | ||
| 287 | RSA *FIPS_rsa_new(void); | ||
| 288 | void FIPS_rsa_free(RSA *r); | ||
| 289 | #endif | ||
| 290 | |||
| 260 | void RSA_set_default_method(const RSA_METHOD *meth); | 291 | void RSA_set_default_method(const RSA_METHOD *meth); |
| 261 | const RSA_METHOD *RSA_get_default_method(void); | 292 | const RSA_METHOD *RSA_get_default_method(void); |
| 262 | const RSA_METHOD *RSA_get_method(const RSA *rsa); | 293 | const RSA_METHOD *RSA_get_method(const RSA *rsa); |
| @@ -281,6 +312,7 @@ int RSA_print_fp(FILE *fp, const RSA *r,int offset); | |||
| 281 | int RSA_print(BIO *bp, const RSA *r,int offset); | 312 | int RSA_print(BIO *bp, const RSA *r,int offset); |
| 282 | #endif | 313 | #endif |
| 283 | 314 | ||
| 315 | #ifndef OPENSSL_NO_RC4 | ||
| 284 | int i2d_RSA_NET(const RSA *a, unsigned char **pp, | 316 | int i2d_RSA_NET(const RSA *a, unsigned char **pp, |
| 285 | int (*cb)(char *buf, int len, const char *prompt, int verify), | 317 | int (*cb)(char *buf, int len, const char *prompt, int verify), |
| 286 | int sgckey); | 318 | int sgckey); |
| @@ -294,6 +326,7 @@ int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, | |||
| 294 | RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, | 326 | RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, |
| 295 | int (*cb)(char *buf, int len, const char *prompt, | 327 | int (*cb)(char *buf, int len, const char *prompt, |
| 296 | int verify)); | 328 | int verify)); |
| 329 | #endif | ||
| 297 | 330 | ||
| 298 | /* The following 2 functions sign and verify a X509_SIG ASN1 object | 331 | /* The following 2 functions sign and verify a X509_SIG ASN1 object |
| 299 | * inside PKCS#1 padded RSA encryption */ | 332 | * inside PKCS#1 padded RSA encryption */ |
| @@ -368,6 +401,8 @@ void ERR_load_RSA_strings(void); | |||
| 368 | /* Error codes for the RSA functions. */ | 401 | /* Error codes for the RSA functions. */ |
| 369 | 402 | ||
| 370 | /* Function codes. */ | 403 | /* Function codes. */ |
| 404 | #define RSA_F_FIPS_RSA_SIGN 140 | ||
| 405 | #define RSA_F_FIPS_RSA_VERIFY 141 | ||
| 371 | #define RSA_F_MEMORY_LOCK 100 | 406 | #define RSA_F_MEMORY_LOCK 100 |
| 372 | #define RSA_F_RSA_BUILTIN_KEYGEN 129 | 407 | #define RSA_F_RSA_BUILTIN_KEYGEN 129 |
| 373 | #define RSA_F_RSA_CHECK_KEY 123 | 408 | #define RSA_F_RSA_CHECK_KEY 123 |
| @@ -399,7 +434,11 @@ void ERR_load_RSA_strings(void); | |||
| 399 | #define RSA_F_RSA_PADDING_CHECK_X931 128 | 434 | #define RSA_F_RSA_PADDING_CHECK_X931 128 |
| 400 | #define RSA_F_RSA_PRINT 115 | 435 | #define RSA_F_RSA_PRINT 115 |
| 401 | #define RSA_F_RSA_PRINT_FP 116 | 436 | #define RSA_F_RSA_PRINT_FP 116 |
| 437 | #define RSA_F_RSA_PRIVATE_ENCRYPT 137 | ||
| 438 | #define RSA_F_RSA_PUBLIC_DECRYPT 138 | ||
| 402 | #define RSA_F_RSA_SETUP_BLINDING 136 | 439 | #define RSA_F_RSA_SETUP_BLINDING 136 |
| 440 | #define RSA_F_RSA_SET_DEFAULT_METHOD 139 | ||
| 441 | #define RSA_F_RSA_SET_METHOD 142 | ||
| 403 | #define RSA_F_RSA_SIGN 117 | 442 | #define RSA_F_RSA_SIGN 117 |
| 404 | #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 | 443 | #define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 |
| 405 | #define RSA_F_RSA_VERIFY 119 | 444 | #define RSA_F_RSA_VERIFY 119 |
| @@ -433,10 +472,12 @@ void ERR_load_RSA_strings(void); | |||
| 433 | #define RSA_R_KEY_SIZE_TOO_SMALL 120 | 472 | #define RSA_R_KEY_SIZE_TOO_SMALL 120 |
| 434 | #define RSA_R_LAST_OCTET_INVALID 134 | 473 | #define RSA_R_LAST_OCTET_INVALID 134 |
| 435 | #define RSA_R_MODULUS_TOO_LARGE 105 | 474 | #define RSA_R_MODULUS_TOO_LARGE 105 |
| 475 | #define RSA_R_NON_FIPS_METHOD 141 | ||
| 436 | #define RSA_R_NO_PUBLIC_EXPONENT 140 | 476 | #define RSA_R_NO_PUBLIC_EXPONENT 140 |
| 437 | #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 | 477 | #define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 |
| 438 | #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 | 478 | #define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 |
| 439 | #define RSA_R_OAEP_DECODING_ERROR 121 | 479 | #define RSA_R_OAEP_DECODING_ERROR 121 |
| 480 | #define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 142 | ||
| 440 | #define RSA_R_PADDING_CHECK_FAILED 114 | 481 | #define RSA_R_PADDING_CHECK_FAILED 114 |
| 441 | #define RSA_R_P_NOT_PRIME 128 | 482 | #define RSA_R_P_NOT_PRIME 128 |
| 442 | #define RSA_R_Q_NOT_PRIME 129 | 483 | #define RSA_R_Q_NOT_PRIME 129 |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_asn1.c b/src/lib/libssl/src/crypto/rsa/rsa_asn1.c index bbbf26d50e..6e8a803e81 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_asn1.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_asn1.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* rsa_asn1.c */ | 1 | /* rsa_asn1.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eay.c b/src/lib/libssl/src/crypto/rsa/rsa_eay.c index ffadaab9a4..0ac6418449 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_eay.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_eay.c | |||
| @@ -115,7 +115,7 @@ | |||
| 115 | #include <openssl/rsa.h> | 115 | #include <openssl/rsa.h> |
| 116 | #include <openssl/rand.h> | 116 | #include <openssl/rand.h> |
| 117 | 117 | ||
| 118 | #ifndef RSA_NULL | 118 | #if !defined(RSA_NULL) && !defined(OPENSSL_FIPS) |
| 119 | 119 | ||
| 120 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, | 120 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, |
| 121 | unsigned char *to, RSA *rsa,int padding); | 121 | unsigned char *to, RSA *rsa,int padding); |
| @@ -150,16 +150,6 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void) | |||
| 150 | return(&rsa_pkcs1_eay_meth); | 150 | return(&rsa_pkcs1_eay_meth); |
| 151 | } | 151 | } |
| 152 | 152 | ||
| 153 | /* Usage example; | ||
| 154 | * MONT_HELPER(rsa->_method_mod_p, bn_ctx, rsa->p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); | ||
| 155 | */ | ||
| 156 | #define MONT_HELPER(method_mod, ctx, m, pre_cond, err_instr) \ | ||
| 157 | if ((pre_cond) && ((method_mod) == NULL) && \ | ||
| 158 | !BN_MONT_CTX_set_locked(&(method_mod), \ | ||
| 159 | CRYPTO_LOCK_RSA, \ | ||
| 160 | (m), (ctx))) \ | ||
| 161 | err_instr | ||
| 162 | |||
| 163 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, | 153 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, |
| 164 | unsigned char *to, RSA *rsa, int padding) | 154 | unsigned char *to, RSA *rsa, int padding) |
| 165 | { | 155 | { |
| @@ -233,7 +223,9 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from, | |||
| 233 | goto err; | 223 | goto err; |
| 234 | } | 224 | } |
| 235 | 225 | ||
| 236 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | 226 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) |
| 227 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 228 | goto err; | ||
| 237 | 229 | ||
| 238 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, | 230 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, |
| 239 | rsa->_method_mod_n)) goto err; | 231 | rsa->_method_mod_n)) goto err; |
| @@ -438,7 +430,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 438 | else | 430 | else |
| 439 | d= rsa->d; | 431 | d= rsa->d; |
| 440 | 432 | ||
| 441 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | 433 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) |
| 434 | if(!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 435 | goto err; | ||
| 442 | 436 | ||
| 443 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, | 437 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, |
| 444 | rsa->_method_mod_n)) goto err; | 438 | rsa->_method_mod_n)) goto err; |
| @@ -559,7 +553,9 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 559 | else | 553 | else |
| 560 | d = rsa->d; | 554 | d = rsa->d; |
| 561 | 555 | ||
| 562 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | 556 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) |
| 557 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 558 | goto err; | ||
| 563 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, | 559 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, |
| 564 | rsa->_method_mod_n)) | 560 | rsa->_method_mod_n)) |
| 565 | goto err; | 561 | goto err; |
| @@ -669,7 +665,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, | |||
| 669 | goto err; | 665 | goto err; |
| 670 | } | 666 | } |
| 671 | 667 | ||
| 672 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | 668 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) |
| 669 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 670 | goto err; | ||
| 673 | 671 | ||
| 674 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, | 672 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, |
| 675 | rsa->_method_mod_n)) goto err; | 673 | rsa->_method_mod_n)) goto err; |
| @@ -747,11 +745,18 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) | |||
| 747 | q = rsa->q; | 745 | q = rsa->q; |
| 748 | } | 746 | } |
| 749 | 747 | ||
| 750 | MONT_HELPER(rsa->_method_mod_p, ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); | 748 | if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) |
| 751 | MONT_HELPER(rsa->_method_mod_q, ctx, q, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); | 749 | { |
| 750 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx)) | ||
| 751 | goto err; | ||
| 752 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx)) | ||
| 753 | goto err; | ||
| 754 | } | ||
| 752 | } | 755 | } |
| 753 | 756 | ||
| 754 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | 757 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) |
| 758 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 759 | goto err; | ||
| 755 | 760 | ||
| 756 | /* compute I mod q */ | 761 | /* compute I mod q */ |
| 757 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | 762 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eng.c b/src/lib/libssl/src/crypto/rsa/rsa_eng.c new file mode 100644 index 0000000000..383a7045b2 --- /dev/null +++ b/src/lib/libssl/src/crypto/rsa/rsa_eng.c | |||
| @@ -0,0 +1,348 @@ | |||
| 1 | /* crypto/rsa/rsa_lib.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <openssl/crypto.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/lhash.h> | ||
| 63 | #include <openssl/bn.h> | ||
| 64 | #include <openssl/rsa.h> | ||
| 65 | #include <openssl/rand.h> | ||
| 66 | #ifndef OPENSSL_NO_ENGINE | ||
| 67 | #include <openssl/engine.h> | ||
| 68 | #endif | ||
| 69 | |||
| 70 | const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT; | ||
| 71 | |||
| 72 | static const RSA_METHOD *default_RSA_meth=NULL; | ||
| 73 | |||
| 74 | RSA *RSA_new(void) | ||
| 75 | { | ||
| 76 | RSA *r=RSA_new_method(NULL); | ||
| 77 | |||
| 78 | return r; | ||
| 79 | } | ||
| 80 | |||
| 81 | void RSA_set_default_method(const RSA_METHOD *meth) | ||
| 82 | { | ||
| 83 | #ifdef OPENSSL_FIPS | ||
| 84 | if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) | ||
| 85 | { | ||
| 86 | RSAerr(RSA_F_RSA_SET_DEFAULT_METHOD, RSA_R_NON_FIPS_METHOD); | ||
| 87 | return; | ||
| 88 | } | ||
| 89 | #endif | ||
| 90 | default_RSA_meth = meth; | ||
| 91 | } | ||
| 92 | |||
| 93 | const RSA_METHOD *RSA_get_default_method(void) | ||
| 94 | { | ||
| 95 | if (default_RSA_meth == NULL) | ||
| 96 | { | ||
| 97 | #ifdef RSA_NULL | ||
| 98 | default_RSA_meth=RSA_null_method(); | ||
| 99 | #else | ||
| 100 | #if 0 /* was: #ifdef RSAref */ | ||
| 101 | default_RSA_meth=RSA_PKCS1_RSAref(); | ||
| 102 | #else | ||
| 103 | default_RSA_meth=RSA_PKCS1_SSLeay(); | ||
| 104 | #endif | ||
| 105 | #endif | ||
| 106 | } | ||
| 107 | |||
| 108 | return default_RSA_meth; | ||
| 109 | } | ||
| 110 | |||
| 111 | const RSA_METHOD *RSA_get_method(const RSA *rsa) | ||
| 112 | { | ||
| 113 | return rsa->meth; | ||
| 114 | } | ||
| 115 | |||
| 116 | int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) | ||
| 117 | { | ||
| 118 | /* NB: The caller is specifically setting a method, so it's not up to us | ||
| 119 | * to deal with which ENGINE it comes from. */ | ||
| 120 | const RSA_METHOD *mtmp; | ||
| 121 | #ifdef OPENSSL_FIPS | ||
| 122 | if (FIPS_mode() && !(meth->flags & RSA_FLAG_FIPS_METHOD)) | ||
| 123 | { | ||
| 124 | RSAerr(RSA_F_RSA_SET_METHOD, RSA_R_NON_FIPS_METHOD); | ||
| 125 | return 0; | ||
| 126 | } | ||
| 127 | #endif | ||
| 128 | mtmp = rsa->meth; | ||
| 129 | if (mtmp->finish) mtmp->finish(rsa); | ||
| 130 | #ifndef OPENSSL_NO_ENGINE | ||
| 131 | if (rsa->engine) | ||
| 132 | { | ||
| 133 | ENGINE_finish(rsa->engine); | ||
| 134 | rsa->engine = NULL; | ||
| 135 | } | ||
| 136 | #endif | ||
| 137 | rsa->meth = meth; | ||
| 138 | if (meth->init) meth->init(rsa); | ||
| 139 | return 1; | ||
| 140 | } | ||
| 141 | |||
| 142 | RSA *RSA_new_method(ENGINE *engine) | ||
| 143 | { | ||
| 144 | RSA *ret; | ||
| 145 | |||
| 146 | ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); | ||
| 147 | if (ret == NULL) | ||
| 148 | { | ||
| 149 | RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); | ||
| 150 | return NULL; | ||
| 151 | } | ||
| 152 | |||
| 153 | ret->meth = RSA_get_default_method(); | ||
| 154 | #ifndef OPENSSL_NO_ENGINE | ||
| 155 | if (engine) | ||
| 156 | { | ||
| 157 | if (!ENGINE_init(engine)) | ||
| 158 | { | ||
| 159 | RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); | ||
| 160 | OPENSSL_free(ret); | ||
| 161 | return NULL; | ||
| 162 | } | ||
| 163 | ret->engine = engine; | ||
| 164 | } | ||
| 165 | else | ||
| 166 | ret->engine = ENGINE_get_default_RSA(); | ||
| 167 | if(ret->engine) | ||
| 168 | { | ||
| 169 | ret->meth = ENGINE_get_RSA(ret->engine); | ||
| 170 | if(!ret->meth) | ||
| 171 | { | ||
| 172 | RSAerr(RSA_F_RSA_NEW_METHOD, | ||
| 173 | ERR_R_ENGINE_LIB); | ||
| 174 | ENGINE_finish(ret->engine); | ||
| 175 | OPENSSL_free(ret); | ||
| 176 | return NULL; | ||
| 177 | } | ||
| 178 | } | ||
| 179 | #endif | ||
| 180 | #ifdef OPENSSL_FIPS | ||
| 181 | if (FIPS_mode() && !(ret->meth->flags & RSA_FLAG_FIPS_METHOD)) | ||
| 182 | { | ||
| 183 | RSAerr(RSA_F_RSA_NEW_METHOD, RSA_R_NON_FIPS_METHOD); | ||
| 184 | #ifndef OPENSSL_NO_ENGINE | ||
| 185 | if (ret->engine) | ||
| 186 | ENGINE_finish(ret->engine); | ||
| 187 | #endif | ||
| 188 | OPENSSL_free(ret); | ||
| 189 | return NULL; | ||
| 190 | } | ||
| 191 | #endif | ||
| 192 | |||
| 193 | ret->pad=0; | ||
| 194 | ret->version=0; | ||
| 195 | ret->n=NULL; | ||
| 196 | ret->e=NULL; | ||
| 197 | ret->d=NULL; | ||
| 198 | ret->p=NULL; | ||
| 199 | ret->q=NULL; | ||
| 200 | ret->dmp1=NULL; | ||
| 201 | ret->dmq1=NULL; | ||
| 202 | ret->iqmp=NULL; | ||
| 203 | ret->references=1; | ||
| 204 | ret->_method_mod_n=NULL; | ||
| 205 | ret->_method_mod_p=NULL; | ||
| 206 | ret->_method_mod_q=NULL; | ||
| 207 | ret->blinding=NULL; | ||
| 208 | ret->mt_blinding=NULL; | ||
| 209 | ret->bignum_data=NULL; | ||
| 210 | ret->flags=ret->meth->flags; | ||
| 211 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); | ||
| 212 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) | ||
| 213 | { | ||
| 214 | #ifndef OPENSSL_NO_ENGINE | ||
| 215 | if (ret->engine) | ||
| 216 | ENGINE_finish(ret->engine); | ||
| 217 | #endif | ||
| 218 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); | ||
| 219 | OPENSSL_free(ret); | ||
| 220 | ret=NULL; | ||
| 221 | } | ||
| 222 | return(ret); | ||
| 223 | } | ||
| 224 | |||
| 225 | void RSA_free(RSA *r) | ||
| 226 | { | ||
| 227 | int i; | ||
| 228 | |||
| 229 | if (r == NULL) return; | ||
| 230 | |||
| 231 | i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA); | ||
| 232 | #ifdef REF_PRINT | ||
| 233 | REF_PRINT("RSA",r); | ||
| 234 | #endif | ||
| 235 | if (i > 0) return; | ||
| 236 | #ifdef REF_CHECK | ||
| 237 | if (i < 0) | ||
| 238 | { | ||
| 239 | fprintf(stderr,"RSA_free, bad reference count\n"); | ||
| 240 | abort(); | ||
| 241 | } | ||
| 242 | #endif | ||
| 243 | |||
| 244 | if (r->meth->finish) | ||
| 245 | r->meth->finish(r); | ||
| 246 | #ifndef OPENSSL_NO_ENGINE | ||
| 247 | if (r->engine) | ||
| 248 | ENGINE_finish(r->engine); | ||
| 249 | #endif | ||
| 250 | |||
| 251 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); | ||
| 252 | |||
| 253 | if (r->n != NULL) BN_clear_free(r->n); | ||
| 254 | if (r->e != NULL) BN_clear_free(r->e); | ||
| 255 | if (r->d != NULL) BN_clear_free(r->d); | ||
| 256 | if (r->p != NULL) BN_clear_free(r->p); | ||
| 257 | if (r->q != NULL) BN_clear_free(r->q); | ||
| 258 | if (r->dmp1 != NULL) BN_clear_free(r->dmp1); | ||
| 259 | if (r->dmq1 != NULL) BN_clear_free(r->dmq1); | ||
| 260 | if (r->iqmp != NULL) BN_clear_free(r->iqmp); | ||
| 261 | if (r->blinding != NULL) BN_BLINDING_free(r->blinding); | ||
| 262 | if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding); | ||
| 263 | if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); | ||
| 264 | OPENSSL_free(r); | ||
| 265 | } | ||
| 266 | |||
| 267 | int RSA_up_ref(RSA *r) | ||
| 268 | { | ||
| 269 | int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA); | ||
| 270 | #ifdef REF_PRINT | ||
| 271 | REF_PRINT("RSA",r); | ||
| 272 | #endif | ||
| 273 | #ifdef REF_CHECK | ||
| 274 | if (i < 2) | ||
| 275 | { | ||
| 276 | fprintf(stderr, "RSA_up_ref, bad reference count\n"); | ||
| 277 | abort(); | ||
| 278 | } | ||
| 279 | #endif | ||
| 280 | return ((i > 1) ? 1 : 0); | ||
| 281 | } | ||
| 282 | |||
| 283 | int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, | ||
| 284 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) | ||
| 285 | { | ||
| 286 | return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp, | ||
| 287 | new_func, dup_func, free_func); | ||
| 288 | } | ||
| 289 | |||
| 290 | int RSA_set_ex_data(RSA *r, int idx, void *arg) | ||
| 291 | { | ||
| 292 | return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); | ||
| 293 | } | ||
| 294 | |||
| 295 | void *RSA_get_ex_data(const RSA *r, int idx) | ||
| 296 | { | ||
| 297 | return(CRYPTO_get_ex_data(&r->ex_data,idx)); | ||
| 298 | } | ||
| 299 | |||
| 300 | int RSA_flags(const RSA *r) | ||
| 301 | { | ||
| 302 | return((r == NULL)?0:r->meth->flags); | ||
| 303 | } | ||
| 304 | |||
| 305 | int RSA_memory_lock(RSA *r) | ||
| 306 | { | ||
| 307 | int i,j,k,off; | ||
| 308 | char *p; | ||
| 309 | BIGNUM *bn,**t[6],*b; | ||
| 310 | BN_ULONG *ul; | ||
| 311 | |||
| 312 | if (r->d == NULL) return(1); | ||
| 313 | t[0]= &r->d; | ||
| 314 | t[1]= &r->p; | ||
| 315 | t[2]= &r->q; | ||
| 316 | t[3]= &r->dmp1; | ||
| 317 | t[4]= &r->dmq1; | ||
| 318 | t[5]= &r->iqmp; | ||
| 319 | k=sizeof(BIGNUM)*6; | ||
| 320 | off=k/sizeof(BN_ULONG)+1; | ||
| 321 | j=1; | ||
| 322 | for (i=0; i<6; i++) | ||
| 323 | j+= (*t[i])->top; | ||
| 324 | if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) | ||
| 325 | { | ||
| 326 | RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); | ||
| 327 | return(0); | ||
| 328 | } | ||
| 329 | bn=(BIGNUM *)p; | ||
| 330 | ul=(BN_ULONG *)&(p[off]); | ||
| 331 | for (i=0; i<6; i++) | ||
| 332 | { | ||
| 333 | b= *(t[i]); | ||
| 334 | *(t[i])= &(bn[i]); | ||
| 335 | memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM)); | ||
| 336 | bn[i].flags=BN_FLG_STATIC_DATA; | ||
| 337 | bn[i].d=ul; | ||
| 338 | memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top); | ||
| 339 | ul+=b->top; | ||
| 340 | BN_clear_free(b); | ||
| 341 | } | ||
| 342 | |||
| 343 | /* I should fix this so it can still be done */ | ||
| 344 | r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC); | ||
| 345 | |||
| 346 | r->bignum_data=p; | ||
| 347 | return(1); | ||
| 348 | } | ||
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_err.c b/src/lib/libssl/src/crypto/rsa/rsa_err.c index fe3ba1b44b..501f5ea389 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_err.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* crypto/rsa/rsa_err.c */ | 1 | /* crypto/rsa/rsa_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -70,6 +70,8 @@ | |||
| 70 | 70 | ||
| 71 | static ERR_STRING_DATA RSA_str_functs[]= | 71 | static ERR_STRING_DATA RSA_str_functs[]= |
| 72 | { | 72 | { |
| 73 | {ERR_FUNC(RSA_F_FIPS_RSA_SIGN), "FIPS_RSA_SIGN"}, | ||
| 74 | {ERR_FUNC(RSA_F_FIPS_RSA_VERIFY), "FIPS_RSA_VERIFY"}, | ||
| 73 | {ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"}, | 75 | {ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"}, |
| 74 | {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, | 76 | {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"}, |
| 75 | {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, | 77 | {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"}, |
| @@ -101,7 +103,11 @@ static ERR_STRING_DATA RSA_str_functs[]= | |||
| 101 | {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"}, | 103 | {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"}, |
| 102 | {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, | 104 | {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"}, |
| 103 | {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, | 105 | {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"}, |
| 106 | {ERR_FUNC(RSA_F_RSA_PRIVATE_ENCRYPT), "RSA_private_encrypt"}, | ||
| 107 | {ERR_FUNC(RSA_F_RSA_PUBLIC_DECRYPT), "RSA_public_decrypt"}, | ||
| 104 | {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"}, | 108 | {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"}, |
| 109 | {ERR_FUNC(RSA_F_RSA_SET_DEFAULT_METHOD), "RSA_set_default_method"}, | ||
| 110 | {ERR_FUNC(RSA_F_RSA_SET_METHOD), "RSA_set_method"}, | ||
| 105 | {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"}, | 111 | {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"}, |
| 106 | {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"}, | 112 | {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"}, |
| 107 | {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"}, | 113 | {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"}, |
| @@ -138,10 +144,12 @@ static ERR_STRING_DATA RSA_str_reasons[]= | |||
| 138 | {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, | 144 | {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL) ,"key size too small"}, |
| 139 | {ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"}, | 145 | {ERR_REASON(RSA_R_LAST_OCTET_INVALID) ,"last octet invalid"}, |
| 140 | {ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, | 146 | {ERR_REASON(RSA_R_MODULUS_TOO_LARGE) ,"modulus too large"}, |
| 147 | {ERR_REASON(RSA_R_NON_FIPS_METHOD) ,"non fips method"}, | ||
| 141 | {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"}, | 148 | {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT) ,"no public exponent"}, |
| 142 | {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, | 149 | {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),"null before block missing"}, |
| 143 | {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, | 150 | {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q) ,"n does not equal p q"}, |
| 144 | {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, | 151 | {ERR_REASON(RSA_R_OAEP_DECODING_ERROR) ,"oaep decoding error"}, |
| 152 | {ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),"operation not allowed in fips mode"}, | ||
| 145 | {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, | 153 | {ERR_REASON(RSA_R_PADDING_CHECK_FAILED) ,"padding check failed"}, |
| 146 | {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, | 154 | {ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"}, |
| 147 | {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, | 155 | {ERR_REASON(RSA_R_Q_NOT_PRIME) ,"q not prime"}, |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_gen.c b/src/lib/libssl/src/crypto/rsa/rsa_gen.c index 767f7ab682..41278f83c6 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_gen.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_gen.c | |||
| @@ -68,6 +68,8 @@ | |||
| 68 | #include <openssl/bn.h> | 68 | #include <openssl/bn.h> |
| 69 | #include <openssl/rsa.h> | 69 | #include <openssl/rsa.h> |
| 70 | 70 | ||
| 71 | #ifndef OPENSSL_FIPS | ||
| 72 | |||
| 71 | static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); | 73 | static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); |
| 72 | 74 | ||
| 73 | /* NB: this wrapper would normally be placed in rsa_lib.c and the static | 75 | /* NB: this wrapper would normally be placed in rsa_lib.c and the static |
| @@ -217,3 +219,4 @@ err: | |||
| 217 | return ok; | 219 | return ok; |
| 218 | } | 220 | } |
| 219 | 221 | ||
| 222 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_lib.c b/src/lib/libssl/src/crypto/rsa/rsa_lib.c index 104aa4c1f2..5714841f4c 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_lib.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_lib.c | |||
| @@ -67,215 +67,6 @@ | |||
| 67 | #include <openssl/engine.h> | 67 | #include <openssl/engine.h> |
| 68 | #endif | 68 | #endif |
| 69 | 69 | ||
| 70 | const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT; | ||
| 71 | |||
| 72 | static const RSA_METHOD *default_RSA_meth=NULL; | ||
| 73 | |||
| 74 | RSA *RSA_new(void) | ||
| 75 | { | ||
| 76 | RSA *r=RSA_new_method(NULL); | ||
| 77 | |||
| 78 | return r; | ||
| 79 | } | ||
| 80 | |||
| 81 | void RSA_set_default_method(const RSA_METHOD *meth) | ||
| 82 | { | ||
| 83 | default_RSA_meth = meth; | ||
| 84 | } | ||
| 85 | |||
| 86 | const RSA_METHOD *RSA_get_default_method(void) | ||
| 87 | { | ||
| 88 | if (default_RSA_meth == NULL) | ||
| 89 | { | ||
| 90 | #ifdef RSA_NULL | ||
| 91 | default_RSA_meth=RSA_null_method(); | ||
| 92 | #else | ||
| 93 | #if 0 /* was: #ifdef RSAref */ | ||
| 94 | default_RSA_meth=RSA_PKCS1_RSAref(); | ||
| 95 | #else | ||
| 96 | default_RSA_meth=RSA_PKCS1_SSLeay(); | ||
| 97 | #endif | ||
| 98 | #endif | ||
| 99 | } | ||
| 100 | |||
| 101 | return default_RSA_meth; | ||
| 102 | } | ||
| 103 | |||
| 104 | const RSA_METHOD *RSA_get_method(const RSA *rsa) | ||
| 105 | { | ||
| 106 | return rsa->meth; | ||
| 107 | } | ||
| 108 | |||
| 109 | int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) | ||
| 110 | { | ||
| 111 | /* NB: The caller is specifically setting a method, so it's not up to us | ||
| 112 | * to deal with which ENGINE it comes from. */ | ||
| 113 | const RSA_METHOD *mtmp; | ||
| 114 | mtmp = rsa->meth; | ||
| 115 | if (mtmp->finish) mtmp->finish(rsa); | ||
| 116 | #ifndef OPENSSL_NO_ENGINE | ||
| 117 | if (rsa->engine) | ||
| 118 | { | ||
| 119 | ENGINE_finish(rsa->engine); | ||
| 120 | rsa->engine = NULL; | ||
| 121 | } | ||
| 122 | #endif | ||
| 123 | rsa->meth = meth; | ||
| 124 | if (meth->init) meth->init(rsa); | ||
| 125 | return 1; | ||
| 126 | } | ||
| 127 | |||
| 128 | RSA *RSA_new_method(ENGINE *engine) | ||
| 129 | { | ||
| 130 | RSA *ret; | ||
| 131 | |||
| 132 | ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); | ||
| 133 | if (ret == NULL) | ||
| 134 | { | ||
| 135 | RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); | ||
| 136 | return NULL; | ||
| 137 | } | ||
| 138 | |||
| 139 | ret->meth = RSA_get_default_method(); | ||
| 140 | #ifndef OPENSSL_NO_ENGINE | ||
| 141 | if (engine) | ||
| 142 | { | ||
| 143 | if (!ENGINE_init(engine)) | ||
| 144 | { | ||
| 145 | RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); | ||
| 146 | OPENSSL_free(ret); | ||
| 147 | return NULL; | ||
| 148 | } | ||
| 149 | ret->engine = engine; | ||
| 150 | } | ||
| 151 | else | ||
| 152 | ret->engine = ENGINE_get_default_RSA(); | ||
| 153 | if(ret->engine) | ||
| 154 | { | ||
| 155 | ret->meth = ENGINE_get_RSA(ret->engine); | ||
| 156 | if(!ret->meth) | ||
| 157 | { | ||
| 158 | RSAerr(RSA_F_RSA_NEW_METHOD, | ||
| 159 | ERR_R_ENGINE_LIB); | ||
| 160 | ENGINE_finish(ret->engine); | ||
| 161 | OPENSSL_free(ret); | ||
| 162 | return NULL; | ||
| 163 | } | ||
| 164 | } | ||
| 165 | #endif | ||
| 166 | |||
| 167 | ret->pad=0; | ||
| 168 | ret->version=0; | ||
| 169 | ret->n=NULL; | ||
| 170 | ret->e=NULL; | ||
| 171 | ret->d=NULL; | ||
| 172 | ret->p=NULL; | ||
| 173 | ret->q=NULL; | ||
| 174 | ret->dmp1=NULL; | ||
| 175 | ret->dmq1=NULL; | ||
| 176 | ret->iqmp=NULL; | ||
| 177 | ret->references=1; | ||
| 178 | ret->_method_mod_n=NULL; | ||
| 179 | ret->_method_mod_p=NULL; | ||
| 180 | ret->_method_mod_q=NULL; | ||
| 181 | ret->blinding=NULL; | ||
| 182 | ret->mt_blinding=NULL; | ||
| 183 | ret->bignum_data=NULL; | ||
| 184 | ret->flags=ret->meth->flags; | ||
| 185 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); | ||
| 186 | if ((ret->meth->init != NULL) && !ret->meth->init(ret)) | ||
| 187 | { | ||
| 188 | #ifndef OPENSSL_NO_ENGINE | ||
| 189 | if (ret->engine) | ||
| 190 | ENGINE_finish(ret->engine); | ||
| 191 | #endif | ||
| 192 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data); | ||
| 193 | OPENSSL_free(ret); | ||
| 194 | ret=NULL; | ||
| 195 | } | ||
| 196 | return(ret); | ||
| 197 | } | ||
| 198 | |||
| 199 | void RSA_free(RSA *r) | ||
| 200 | { | ||
| 201 | int i; | ||
| 202 | |||
| 203 | if (r == NULL) return; | ||
| 204 | |||
| 205 | i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA); | ||
| 206 | #ifdef REF_PRINT | ||
| 207 | REF_PRINT("RSA",r); | ||
| 208 | #endif | ||
| 209 | if (i > 0) return; | ||
| 210 | #ifdef REF_CHECK | ||
| 211 | if (i < 0) | ||
| 212 | { | ||
| 213 | fprintf(stderr,"RSA_free, bad reference count\n"); | ||
| 214 | abort(); | ||
| 215 | } | ||
| 216 | #endif | ||
| 217 | |||
| 218 | if (r->meth->finish) | ||
| 219 | r->meth->finish(r); | ||
| 220 | #ifndef OPENSSL_NO_ENGINE | ||
| 221 | if (r->engine) | ||
| 222 | ENGINE_finish(r->engine); | ||
| 223 | #endif | ||
| 224 | |||
| 225 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); | ||
| 226 | |||
| 227 | if (r->n != NULL) BN_clear_free(r->n); | ||
| 228 | if (r->e != NULL) BN_clear_free(r->e); | ||
| 229 | if (r->d != NULL) BN_clear_free(r->d); | ||
| 230 | if (r->p != NULL) BN_clear_free(r->p); | ||
| 231 | if (r->q != NULL) BN_clear_free(r->q); | ||
| 232 | if (r->dmp1 != NULL) BN_clear_free(r->dmp1); | ||
| 233 | if (r->dmq1 != NULL) BN_clear_free(r->dmq1); | ||
| 234 | if (r->iqmp != NULL) BN_clear_free(r->iqmp); | ||
| 235 | if (r->blinding != NULL) BN_BLINDING_free(r->blinding); | ||
| 236 | if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding); | ||
| 237 | if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); | ||
| 238 | OPENSSL_free(r); | ||
| 239 | } | ||
| 240 | |||
| 241 | int RSA_up_ref(RSA *r) | ||
| 242 | { | ||
| 243 | int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA); | ||
| 244 | #ifdef REF_PRINT | ||
| 245 | REF_PRINT("RSA",r); | ||
| 246 | #endif | ||
| 247 | #ifdef REF_CHECK | ||
| 248 | if (i < 2) | ||
| 249 | { | ||
| 250 | fprintf(stderr, "RSA_up_ref, bad reference count\n"); | ||
| 251 | abort(); | ||
| 252 | } | ||
| 253 | #endif | ||
| 254 | return ((i > 1) ? 1 : 0); | ||
| 255 | } | ||
| 256 | |||
| 257 | int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, | ||
| 258 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) | ||
| 259 | { | ||
| 260 | return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp, | ||
| 261 | new_func, dup_func, free_func); | ||
| 262 | } | ||
| 263 | |||
| 264 | int RSA_set_ex_data(RSA *r, int idx, void *arg) | ||
| 265 | { | ||
| 266 | return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); | ||
| 267 | } | ||
| 268 | |||
| 269 | void *RSA_get_ex_data(const RSA *r, int idx) | ||
| 270 | { | ||
| 271 | return(CRYPTO_get_ex_data(&r->ex_data,idx)); | ||
| 272 | } | ||
| 273 | |||
| 274 | int RSA_size(const RSA *r) | ||
| 275 | { | ||
| 276 | return(BN_num_bytes(r->n)); | ||
| 277 | } | ||
| 278 | |||
| 279 | int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, | 70 | int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, |
| 280 | RSA *rsa, int padding) | 71 | RSA *rsa, int padding) |
| 281 | { | 72 | { |
| @@ -285,6 +76,13 @@ int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, | |||
| 285 | int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, | 76 | int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, |
| 286 | RSA *rsa, int padding) | 77 | RSA *rsa, int padding) |
| 287 | { | 78 | { |
| 79 | #ifdef OPENSSL_FIPS | ||
| 80 | if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) | ||
| 81 | { | ||
| 82 | RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
| 83 | return 0; | ||
| 84 | } | ||
| 85 | #endif | ||
| 288 | return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); | 86 | return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding)); |
| 289 | } | 87 | } |
| 290 | 88 | ||
| @@ -297,12 +95,19 @@ int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, | |||
| 297 | int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, | 95 | int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, |
| 298 | RSA *rsa, int padding) | 96 | RSA *rsa, int padding) |
| 299 | { | 97 | { |
| 98 | #ifdef OPENSSL_FIPS | ||
| 99 | if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) | ||
| 100 | { | ||
| 101 | RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
| 102 | return 0; | ||
| 103 | } | ||
| 104 | #endif | ||
| 300 | return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); | 105 | return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding)); |
| 301 | } | 106 | } |
| 302 | 107 | ||
| 303 | int RSA_flags(const RSA *r) | 108 | int RSA_size(const RSA *r) |
| 304 | { | 109 | { |
| 305 | return((r == NULL)?0:r->meth->flags); | 110 | return(BN_num_bytes(r->n)); |
| 306 | } | 111 | } |
| 307 | 112 | ||
| 308 | void RSA_blinding_off(RSA *rsa) | 113 | void RSA_blinding_off(RSA *rsa) |
| @@ -427,48 +232,3 @@ err: | |||
| 427 | 232 | ||
| 428 | return ret; | 233 | return ret; |
| 429 | } | 234 | } |
| 430 | |||
| 431 | int RSA_memory_lock(RSA *r) | ||
| 432 | { | ||
| 433 | int i,j,k,off; | ||
| 434 | char *p; | ||
| 435 | BIGNUM *bn,**t[6],*b; | ||
| 436 | BN_ULONG *ul; | ||
| 437 | |||
| 438 | if (r->d == NULL) return(1); | ||
| 439 | t[0]= &r->d; | ||
| 440 | t[1]= &r->p; | ||
| 441 | t[2]= &r->q; | ||
| 442 | t[3]= &r->dmp1; | ||
| 443 | t[4]= &r->dmq1; | ||
| 444 | t[5]= &r->iqmp; | ||
| 445 | k=sizeof(BIGNUM)*6; | ||
| 446 | off=k/sizeof(BN_ULONG)+1; | ||
| 447 | j=1; | ||
| 448 | for (i=0; i<6; i++) | ||
| 449 | j+= (*t[i])->top; | ||
| 450 | if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) | ||
| 451 | { | ||
| 452 | RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); | ||
| 453 | return(0); | ||
| 454 | } | ||
| 455 | bn=(BIGNUM *)p; | ||
| 456 | ul=(BN_ULONG *)&(p[off]); | ||
| 457 | for (i=0; i<6; i++) | ||
| 458 | { | ||
| 459 | b= *(t[i]); | ||
| 460 | *(t[i])= &(bn[i]); | ||
| 461 | memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM)); | ||
| 462 | bn[i].flags=BN_FLG_STATIC_DATA; | ||
| 463 | bn[i].d=ul; | ||
| 464 | memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top); | ||
| 465 | ul+=b->top; | ||
| 466 | BN_clear_free(b); | ||
| 467 | } | ||
| 468 | |||
| 469 | /* I should fix this so it can still be done */ | ||
| 470 | r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC); | ||
| 471 | |||
| 472 | r->bignum_data=p; | ||
| 473 | return(1); | ||
| 474 | } | ||
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_null.c b/src/lib/libssl/src/crypto/rsa/rsa_null.c index 491572c82b..2f2202f142 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_null.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_null.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* rsa_null.c */ | 1 | /* rsa_null.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_oaep.c b/src/lib/libssl/src/crypto/rsa/rsa_oaep.c index 3652677a99..4d30c9d2d3 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_oaep.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_oaep.c | |||
| @@ -187,7 +187,7 @@ int PKCS1_MGF1(unsigned char *mask, long len, | |||
| 187 | int mdlen; | 187 | int mdlen; |
| 188 | 188 | ||
| 189 | EVP_MD_CTX_init(&c); | 189 | EVP_MD_CTX_init(&c); |
| 190 | mdlen = EVP_MD_size(dgst); | 190 | mdlen = M_EVP_MD_size(dgst); |
| 191 | for (i = 0; outlen < len; i++) | 191 | for (i = 0; outlen < len; i++) |
| 192 | { | 192 | { |
| 193 | cnt[0] = (unsigned char)((i >> 24) & 255); | 193 | cnt[0] = (unsigned char)((i >> 24) & 255); |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_sign.c b/src/lib/libssl/src/crypto/rsa/rsa_sign.c index 71aabeea1b..5488c06f6d 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_sign.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_sign.c | |||
| @@ -90,6 +90,14 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, | |||
| 90 | i = SSL_SIG_LENGTH; | 90 | i = SSL_SIG_LENGTH; |
| 91 | s = m; | 91 | s = m; |
| 92 | } else { | 92 | } else { |
| 93 | /* NB: in FIPS mode block anything that isn't a TLS signature */ | ||
| 94 | #ifdef OPENSSL_FIPS | ||
| 95 | if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) | ||
| 96 | { | ||
| 97 | RSAerr(RSA_F_RSA_SIGN, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
| 98 | return 0; | ||
| 99 | } | ||
| 100 | #endif | ||
| 93 | sig.algor= &algor; | 101 | sig.algor= &algor; |
| 94 | sig.algor->algorithm=OBJ_nid2obj(type); | 102 | sig.algor->algorithm=OBJ_nid2obj(type); |
| 95 | if (sig.algor->algorithm == NULL) | 103 | if (sig.algor->algorithm == NULL) |
| @@ -167,10 +175,22 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, | |||
| 167 | RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); | 175 | RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); |
| 168 | goto err; | 176 | goto err; |
| 169 | } | 177 | } |
| 170 | if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) { | 178 | if(dtype == NID_md5_sha1) |
| 179 | { | ||
| 180 | if (m_len != SSL_SIG_LENGTH) | ||
| 181 | { | ||
| 171 | RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH); | 182 | RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH); |
| 172 | goto err; | 183 | goto err; |
| 173 | } | 184 | } |
| 185 | } | ||
| 186 | /* NB: in FIPS mode block anything that isn't a TLS signature */ | ||
| 187 | #ifdef OPENSSL_FIPS | ||
| 188 | else if(FIPS_mode() && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) | ||
| 189 | { | ||
| 190 | RSAerr(RSA_F_RSA_VERIFY, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE); | ||
| 191 | return 0; | ||
| 192 | } | ||
| 193 | #endif | ||
| 174 | i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); | 194 | i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); |
| 175 | 195 | ||
| 176 | if (i <= 0) goto err; | 196 | if (i <= 0) goto err; |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_ssl.c b/src/lib/libssl/src/crypto/rsa/rsa_ssl.c index ea72629494..cfeff15bc9 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_ssl.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_ssl.c | |||
| @@ -130,7 +130,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, | |||
| 130 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING); | 130 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING); |
| 131 | return(-1); | 131 | return(-1); |
| 132 | } | 132 | } |
| 133 | for (k= -8; k<0; k++) | 133 | for (k = -9; k<-1; k++) |
| 134 | { | 134 | { |
| 135 | if (p[k] != 0x03) break; | 135 | if (p[k] != 0x03) break; |
| 136 | } | 136 | } |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_x931g.c b/src/lib/libssl/src/crypto/rsa/rsa_x931g.c new file mode 100644 index 0000000000..c640cc2ec9 --- /dev/null +++ b/src/lib/libssl/src/crypto/rsa/rsa_x931g.c | |||
| @@ -0,0 +1,255 @@ | |||
| 1 | /* crypto/rsa/rsa_gen.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <string.h> | ||
| 61 | #include <time.h> | ||
| 62 | #include <openssl/err.h> | ||
| 63 | #include <openssl/bn.h> | ||
| 64 | #include <openssl/rsa.h> | ||
| 65 | |||
| 66 | #ifndef OPENSSL_FIPS | ||
| 67 | |||
| 68 | /* X9.31 RSA key derivation and generation */ | ||
| 69 | |||
| 70 | int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2, | ||
| 71 | const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp, | ||
| 72 | const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq, | ||
| 73 | const BIGNUM *e, BN_GENCB *cb) | ||
| 74 | { | ||
| 75 | BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL; | ||
| 76 | BN_CTX *ctx=NULL,*ctx2=NULL; | ||
| 77 | |||
| 78 | if (!rsa) | ||
| 79 | goto err; | ||
| 80 | |||
| 81 | ctx = BN_CTX_new(); | ||
| 82 | BN_CTX_start(ctx); | ||
| 83 | if (!ctx) | ||
| 84 | goto err; | ||
| 85 | |||
| 86 | r0 = BN_CTX_get(ctx); | ||
| 87 | r1 = BN_CTX_get(ctx); | ||
| 88 | r2 = BN_CTX_get(ctx); | ||
| 89 | r3 = BN_CTX_get(ctx); | ||
| 90 | |||
| 91 | if (r3 == NULL) | ||
| 92 | goto err; | ||
| 93 | if (!rsa->e) | ||
| 94 | { | ||
| 95 | rsa->e = BN_dup(e); | ||
| 96 | if (!rsa->e) | ||
| 97 | goto err; | ||
| 98 | } | ||
| 99 | else | ||
| 100 | e = rsa->e; | ||
| 101 | |||
| 102 | /* If not all parameters present only calculate what we can. | ||
| 103 | * This allows test programs to output selective parameters. | ||
| 104 | */ | ||
| 105 | |||
| 106 | if (Xp && !rsa->p) | ||
| 107 | { | ||
| 108 | rsa->p = BN_new(); | ||
| 109 | if (!rsa->p) | ||
| 110 | goto err; | ||
| 111 | |||
| 112 | if (!BN_X931_derive_prime_ex(rsa->p, p1, p2, | ||
| 113 | Xp, Xp1, Xp2, e, ctx, cb)) | ||
| 114 | goto err; | ||
| 115 | } | ||
| 116 | |||
| 117 | if (Xq && !rsa->q) | ||
| 118 | { | ||
| 119 | rsa->q = BN_new(); | ||
| 120 | if (!rsa->q) | ||
| 121 | goto err; | ||
| 122 | if (!BN_X931_derive_prime_ex(rsa->q, q1, q2, | ||
| 123 | Xq, Xq1, Xq2, e, ctx, cb)) | ||
| 124 | goto err; | ||
| 125 | } | ||
| 126 | |||
| 127 | if (!rsa->p || !rsa->q) | ||
| 128 | { | ||
| 129 | BN_CTX_end(ctx); | ||
| 130 | BN_CTX_free(ctx); | ||
| 131 | return 2; | ||
| 132 | } | ||
| 133 | |||
| 134 | /* Since both primes are set we can now calculate all remaining | ||
| 135 | * components. | ||
| 136 | */ | ||
| 137 | |||
| 138 | /* calculate n */ | ||
| 139 | rsa->n=BN_new(); | ||
| 140 | if (rsa->n == NULL) | ||
| 141 | goto err; | ||
| 142 | if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) | ||
| 143 | goto err; | ||
| 144 | |||
| 145 | /* calculate d */ | ||
| 146 | if (!BN_sub(r1,rsa->p,BN_value_one())) | ||
| 147 | goto err; /* p-1 */ | ||
| 148 | if (!BN_sub(r2,rsa->q,BN_value_one())) | ||
| 149 | goto err; /* q-1 */ | ||
| 150 | if (!BN_mul(r0,r1,r2,ctx)) | ||
| 151 | goto err; /* (p-1)(q-1) */ | ||
| 152 | |||
| 153 | if (!BN_gcd(r3, r1, r2, ctx)) | ||
| 154 | goto err; | ||
| 155 | |||
| 156 | if (!BN_div(r0, NULL, r0, r3, ctx)) | ||
| 157 | goto err; /* LCM((p-1)(q-1)) */ | ||
| 158 | |||
| 159 | ctx2 = BN_CTX_new(); | ||
| 160 | if (!ctx2) | ||
| 161 | goto err; | ||
| 162 | |||
| 163 | rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ | ||
| 164 | if (rsa->d == NULL) | ||
| 165 | goto err; | ||
| 166 | |||
| 167 | /* calculate d mod (p-1) */ | ||
| 168 | rsa->dmp1=BN_new(); | ||
| 169 | if (rsa->dmp1 == NULL) | ||
| 170 | goto err; | ||
| 171 | if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) | ||
| 172 | goto err; | ||
| 173 | |||
| 174 | /* calculate d mod (q-1) */ | ||
| 175 | rsa->dmq1=BN_new(); | ||
| 176 | if (rsa->dmq1 == NULL) | ||
| 177 | goto err; | ||
| 178 | if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) | ||
| 179 | goto err; | ||
| 180 | |||
| 181 | /* calculate inverse of q mod p */ | ||
| 182 | rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); | ||
| 183 | |||
| 184 | err: | ||
| 185 | if (ctx) | ||
| 186 | { | ||
| 187 | BN_CTX_end(ctx); | ||
| 188 | BN_CTX_free(ctx); | ||
| 189 | } | ||
| 190 | if (ctx2) | ||
| 191 | BN_CTX_free(ctx2); | ||
| 192 | /* If this is set all calls successful */ | ||
| 193 | if (rsa->iqmp != NULL) | ||
| 194 | return 1; | ||
| 195 | |||
| 196 | return 0; | ||
| 197 | |||
| 198 | } | ||
| 199 | |||
| 200 | int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb) | ||
| 201 | { | ||
| 202 | int ok = 0; | ||
| 203 | BIGNUM *Xp = NULL, *Xq = NULL; | ||
| 204 | BN_CTX *ctx = NULL; | ||
| 205 | |||
| 206 | ctx = BN_CTX_new(); | ||
| 207 | if (!ctx) | ||
| 208 | goto error; | ||
| 209 | |||
| 210 | BN_CTX_start(ctx); | ||
| 211 | Xp = BN_CTX_get(ctx); | ||
| 212 | Xq = BN_CTX_get(ctx); | ||
| 213 | if (!BN_X931_generate_Xpq(Xp, Xq, bits, ctx)) | ||
| 214 | goto error; | ||
| 215 | |||
| 216 | rsa->p = BN_new(); | ||
| 217 | rsa->q = BN_new(); | ||
| 218 | if (!rsa->p || !rsa->q) | ||
| 219 | goto error; | ||
| 220 | |||
| 221 | /* Generate two primes from Xp, Xq */ | ||
| 222 | |||
| 223 | if (!BN_X931_generate_prime_ex(rsa->p, NULL, NULL, NULL, NULL, Xp, | ||
| 224 | e, ctx, cb)) | ||
| 225 | goto error; | ||
| 226 | |||
| 227 | if (!BN_X931_generate_prime_ex(rsa->q, NULL, NULL, NULL, NULL, Xq, | ||
| 228 | e, ctx, cb)) | ||
| 229 | goto error; | ||
| 230 | |||
| 231 | /* Since rsa->p and rsa->q are valid this call will just derive | ||
| 232 | * remaining RSA components. | ||
| 233 | */ | ||
| 234 | |||
| 235 | if (!RSA_X931_derive_ex(rsa, NULL, NULL, NULL, NULL, | ||
| 236 | NULL, NULL, NULL, NULL, NULL, NULL, e, cb)) | ||
| 237 | goto error; | ||
| 238 | |||
| 239 | ok = 1; | ||
| 240 | |||
| 241 | error: | ||
| 242 | if (ctx) | ||
| 243 | { | ||
| 244 | BN_CTX_end(ctx); | ||
| 245 | BN_CTX_free(ctx); | ||
| 246 | } | ||
| 247 | |||
| 248 | if (ok) | ||
| 249 | return 1; | ||
| 250 | |||
| 251 | return 0; | ||
| 252 | |||
| 253 | } | ||
| 254 | |||
| 255 | #endif | ||
diff --git a/src/lib/libssl/src/crypto/sha/Makefile b/src/lib/libssl/src/crypto/sha/Makefile index ac64fb61d3..f4741b9ee6 100644 --- a/src/lib/libssl/src/crypto/sha/Makefile +++ b/src/lib/libssl/src/crypto/sha/Makefile | |||
| @@ -38,7 +38,7 @@ top: | |||
| 38 | all: lib | 38 | all: lib |
| 39 | 39 | ||
| 40 | lib: $(LIBOBJ) | 40 | lib: $(LIBOBJ) |
| 41 | $(AR) $(LIB) $(LIBOBJ) | 41 | $(ARX) $(LIB) $(LIBOBJ) |
| 42 | $(RANLIB) $(LIB) || echo Never mind. | 42 | $(RANLIB) $(LIB) || echo Never mind. |
| 43 | @touch lib | 43 | @touch lib |
| 44 | 44 | ||
| @@ -59,7 +59,7 @@ s512sse2-out.s: asm/sha512-sse2.pl ../perlasm/x86asm.pl | |||
| 59 | (cd asm; $(PERL) sha512-sse2.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@) | 59 | (cd asm; $(PERL) sha512-sse2.pl a.out $(CFLAGS) $(PROCESSOR) > ../$@) |
| 60 | 60 | ||
| 61 | sha1-ia64.s: asm/sha1-ia64.pl | 61 | sha1-ia64.s: asm/sha1-ia64.pl |
| 62 | (cd asm; $(PERL) sha1-ia64.pl $(CFLAGS) ) > $@ | 62 | (cd asm; $(PERL) sha1-ia64.pl ../$@ $(CFLAGS)) |
| 63 | sha256-ia64.s: asm/sha512-ia64.pl | 63 | sha256-ia64.s: asm/sha512-ia64.pl |
| 64 | (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS)) | 64 | (cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS)) |
| 65 | sha512-ia64.s: asm/sha512-ia64.pl | 65 | sha512-ia64.s: asm/sha512-ia64.pl |
| @@ -113,24 +113,31 @@ sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | |||
| 113 | sha1_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 113 | sha1_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 114 | sha1_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 114 | sha1_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 115 | sha1_one.o: sha1_one.c | 115 | sha1_one.o: sha1_one.c |
| 116 | sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 116 | sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h |
| 117 | sha1dgst.o: ../../include/openssl/opensslconf.h | ||
| 117 | sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h | 118 | sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h |
| 118 | sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h | 119 | sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h |
| 119 | sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 120 | sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 120 | sha256.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 121 | sha256.o: ../../include/openssl/fips.h ../../include/openssl/opensslconf.h |
| 121 | sha256.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h | 122 | sha256.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 122 | sha256.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 123 | sha256.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 123 | sha256.o: ../../include/openssl/symhacks.h ../md32_common.h sha256.c | 124 | sha256.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 125 | sha256.o: ../md32_common.h sha256.c | ||
| 124 | sha512.o: ../../e_os.h ../../include/openssl/bio.h | 126 | sha512.o: ../../e_os.h ../../include/openssl/bio.h |
| 125 | sha512.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 127 | sha512.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 126 | sha512.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 128 | sha512.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 127 | sha512.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 129 | sha512.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 128 | sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 130 | sha512.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 129 | sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 131 | sha512.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h |
| 130 | sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 132 | sha512.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 131 | sha512.o: ../cryptlib.h sha512.c | 133 | sha512.o: ../../include/openssl/symhacks.h ../cryptlib.h sha512.c |
| 132 | sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h | 134 | sha_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h |
| 133 | sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/sha.h | 135 | sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 136 | sha_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 137 | sha_dgst.o: ../../include/openssl/opensslconf.h | ||
| 138 | sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 139 | sha_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 140 | sha_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 134 | sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h | 141 | sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h |
| 135 | sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 142 | sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 136 | sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 143 | sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
diff --git a/src/lib/libssl/src/crypto/sha/asm/sha1-586.pl b/src/lib/libssl/src/crypto/sha/asm/sha1-586.pl index 0b4dab2bd5..a787dd37da 100644 --- a/src/lib/libssl/src/crypto/sha/asm/sha1-586.pl +++ b/src/lib/libssl/src/crypto/sha/asm/sha1-586.pl | |||
| @@ -149,7 +149,7 @@ sub BODY_40_59 | |||
| 149 | &add($f,$e); # f+=ROTATE(a,5) | 149 | &add($f,$e); # f+=ROTATE(a,5) |
| 150 | } | 150 | } |
| 151 | 151 | ||
| 152 | &function_begin("sha1_block_data_order",16); | 152 | &function_begin("sha1_block_data_order"); |
| 153 | &mov($tmp1,&wparam(0)); # SHA_CTX *c | 153 | &mov($tmp1,&wparam(0)); # SHA_CTX *c |
| 154 | &mov($T,&wparam(1)); # const void *input | 154 | &mov($T,&wparam(1)); # const void *input |
| 155 | &mov($A,&wparam(2)); # size_t num | 155 | &mov($A,&wparam(2)); # size_t num |
diff --git a/src/lib/libssl/src/crypto/sha/sha.h b/src/lib/libssl/src/crypto/sha/sha.h index eed44d7f94..47a2c29f66 100644 --- a/src/lib/libssl/src/crypto/sha/sha.h +++ b/src/lib/libssl/src/crypto/sha/sha.h | |||
| @@ -106,6 +106,9 @@ typedef struct SHAstate_st | |||
| 106 | } SHA_CTX; | 106 | } SHA_CTX; |
| 107 | 107 | ||
| 108 | #ifndef OPENSSL_NO_SHA0 | 108 | #ifndef OPENSSL_NO_SHA0 |
| 109 | #ifdef OPENSSL_FIPS | ||
| 110 | int private_SHA_Init(SHA_CTX *c); | ||
| 111 | #endif | ||
| 109 | int SHA_Init(SHA_CTX *c); | 112 | int SHA_Init(SHA_CTX *c); |
| 110 | int SHA_Update(SHA_CTX *c, const void *data, size_t len); | 113 | int SHA_Update(SHA_CTX *c, const void *data, size_t len); |
| 111 | int SHA_Final(unsigned char *md, SHA_CTX *c); | 114 | int SHA_Final(unsigned char *md, SHA_CTX *c); |
diff --git a/src/lib/libssl/src/crypto/sha/sha1_one.c b/src/lib/libssl/src/crypto/sha/sha1_one.c index 7c65b60276..4831174198 100644 --- a/src/lib/libssl/src/crypto/sha/sha1_one.c +++ b/src/lib/libssl/src/crypto/sha/sha1_one.c | |||
| @@ -61,7 +61,7 @@ | |||
| 61 | #include <openssl/sha.h> | 61 | #include <openssl/sha.h> |
| 62 | #include <openssl/crypto.h> | 62 | #include <openssl/crypto.h> |
| 63 | 63 | ||
| 64 | #ifndef OPENSSL_NO_SHA1 | 64 | #if !defined(OPENSSL_NO_SHA1) |
| 65 | unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) | 65 | unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md) |
| 66 | { | 66 | { |
| 67 | SHA_CTX c; | 67 | SHA_CTX c; |
diff --git a/src/lib/libssl/src/crypto/sha/sha1dgst.c b/src/lib/libssl/src/crypto/sha/sha1dgst.c index 50d1925cde..d31f0781a0 100644 --- a/src/lib/libssl/src/crypto/sha/sha1dgst.c +++ b/src/lib/libssl/src/crypto/sha/sha1dgst.c | |||
| @@ -63,6 +63,10 @@ | |||
| 63 | #define SHA_1 | 63 | #define SHA_1 |
| 64 | 64 | ||
| 65 | #include <openssl/opensslv.h> | 65 | #include <openssl/opensslv.h> |
| 66 | #ifdef OPENSSL_FIPS | ||
| 67 | #include <openssl/fips.h> | ||
| 68 | #endif | ||
| 69 | |||
| 66 | 70 | ||
| 67 | const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT; | 71 | const char SHA1_version[]="SHA1" OPENSSL_VERSION_PTEXT; |
| 68 | 72 | ||
diff --git a/src/lib/libssl/src/crypto/sha/sha_dgst.c b/src/lib/libssl/src/crypto/sha/sha_dgst.c index 70eb56032c..598f4d721a 100644 --- a/src/lib/libssl/src/crypto/sha/sha_dgst.c +++ b/src/lib/libssl/src/crypto/sha/sha_dgst.c | |||
| @@ -57,6 +57,12 @@ | |||
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | #include <openssl/opensslconf.h> | 59 | #include <openssl/opensslconf.h> |
| 60 | #include <openssl/crypto.h> | ||
| 61 | #ifdef OPENSSL_FIPS | ||
| 62 | #include <openssl/fips.h> | ||
| 63 | #endif | ||
| 64 | |||
| 65 | #include <openssl/err.h> | ||
| 60 | #if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) | 66 | #if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA) |
| 61 | 67 | ||
| 62 | #undef SHA_1 | 68 | #undef SHA_1 |
diff --git a/src/lib/libssl/src/crypto/sha/sha_locl.h b/src/lib/libssl/src/crypto/sha/sha_locl.h index e37e5726e3..da46ddfe79 100644 --- a/src/lib/libssl/src/crypto/sha/sha_locl.h +++ b/src/lib/libssl/src/crypto/sha/sha_locl.h | |||
| @@ -122,8 +122,15 @@ void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num); | |||
| 122 | #define INIT_DATA_h3 0x10325476UL | 122 | #define INIT_DATA_h3 0x10325476UL |
| 123 | #define INIT_DATA_h4 0xc3d2e1f0UL | 123 | #define INIT_DATA_h4 0xc3d2e1f0UL |
| 124 | 124 | ||
| 125 | #if defined(SHA_0) && defined(OPENSSL_FIPS) | ||
| 126 | FIPS_NON_FIPS_MD_Init(SHA) | ||
| 127 | #else | ||
| 125 | int HASH_INIT (SHA_CTX *c) | 128 | int HASH_INIT (SHA_CTX *c) |
| 129 | #endif | ||
| 126 | { | 130 | { |
| 131 | #if defined(SHA_1) && defined(OPENSSL_FIPS) | ||
| 132 | FIPS_selftest_check(); | ||
| 133 | #endif | ||
| 127 | c->h0=INIT_DATA_h0; | 134 | c->h0=INIT_DATA_h0; |
| 128 | c->h1=INIT_DATA_h1; | 135 | c->h1=INIT_DATA_h1; |
| 129 | c->h2=INIT_DATA_h2; | 136 | c->h2=INIT_DATA_h2; |
diff --git a/src/lib/libssl/src/crypto/stack/Makefile b/src/lib/libssl/src/crypto/stack/Makefile index 5327692ac8..489a77b93c 100644 --- a/src/lib/libssl/src/crypto/stack/Makefile +++ b/src/lib/libssl/src/crypto/stack/Makefile | |||
| @@ -33,7 +33,7 @@ top: | |||
| 33 | all: lib | 33 | all: lib |
| 34 | 34 | ||
| 35 | lib: $(LIBOBJ) | 35 | lib: $(LIBOBJ) |
| 36 | $(AR) $(LIB) $(LIBOBJ) | 36 | $(ARX) $(LIB) $(LIBOBJ) |
| 37 | $(RANLIB) $(LIB) || echo Never mind. | 37 | $(RANLIB) $(LIB) || echo Never mind. |
| 38 | @touch lib | 38 | @touch lib |
| 39 | 39 | ||
diff --git a/src/lib/libssl/src/crypto/stack/safestack.h b/src/lib/libssl/src/crypto/stack/safestack.h index 78cc485e6d..40b17902e0 100644 --- a/src/lib/libssl/src/crypto/stack/safestack.h +++ b/src/lib/libssl/src/crypto/stack/safestack.h | |||
| @@ -986,6 +986,50 @@ STACK_OF(type) \ | |||
| 986 | #define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st)) | 986 | #define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st)) |
| 987 | #define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st)) | 987 | #define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st)) |
| 988 | 988 | ||
| 989 | #define sk_MIME_HEADER_new(st) SKM_sk_new(MIME_HEADER, (st)) | ||
| 990 | #define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER) | ||
| 991 | #define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st)) | ||
| 992 | #define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st)) | ||
| 993 | #define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i)) | ||
| 994 | #define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val)) | ||
| 995 | #define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st)) | ||
| 996 | #define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val)) | ||
| 997 | #define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val)) | ||
| 998 | #define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val)) | ||
| 999 | #define sk_MIME_HEADER_find_ex(st, val) SKM_sk_find_ex(MIME_HEADER, (st), (val)) | ||
| 1000 | #define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i)) | ||
| 1001 | #define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr)) | ||
| 1002 | #define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i)) | ||
| 1003 | #define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp)) | ||
| 1004 | #define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st) | ||
| 1005 | #define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func)) | ||
| 1006 | #define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st)) | ||
| 1007 | #define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st)) | ||
| 1008 | #define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st)) | ||
| 1009 | #define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st)) | ||
| 1010 | |||
| 1011 | #define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st)) | ||
| 1012 | #define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM) | ||
| 1013 | #define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st)) | ||
| 1014 | #define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st)) | ||
| 1015 | #define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i)) | ||
| 1016 | #define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val)) | ||
| 1017 | #define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st)) | ||
| 1018 | #define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val)) | ||
| 1019 | #define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val)) | ||
| 1020 | #define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val)) | ||
| 1021 | #define sk_MIME_PARAM_find_ex(st, val) SKM_sk_find_ex(MIME_PARAM, (st), (val)) | ||
| 1022 | #define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i)) | ||
| 1023 | #define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr)) | ||
| 1024 | #define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i)) | ||
| 1025 | #define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp)) | ||
| 1026 | #define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st) | ||
| 1027 | #define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func)) | ||
| 1028 | #define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st)) | ||
| 1029 | #define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st)) | ||
| 1030 | #define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st)) | ||
| 1031 | #define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st)) | ||
| 1032 | |||
| 989 | #define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st)) | 1033 | #define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st)) |
| 990 | #define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM) | 1034 | #define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM) |
| 991 | #define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st)) | 1035 | #define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st)) |
diff --git a/src/lib/libssl/src/crypto/symhacks.h b/src/lib/libssl/src/crypto/symhacks.h index 64528ad5c2..6cfb5fe479 100644 --- a/src/lib/libssl/src/crypto/symhacks.h +++ b/src/lib/libssl/src/crypto/symhacks.h | |||
| @@ -179,6 +179,11 @@ | |||
| 179 | #define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn | 179 | #define ENGINE_set_load_privkey_function ENGINE_set_load_privkey_fn |
| 180 | #undef ENGINE_get_load_privkey_function | 180 | #undef ENGINE_get_load_privkey_function |
| 181 | #define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn | 181 | #define ENGINE_get_load_privkey_function ENGINE_get_load_privkey_fn |
| 182 | #undef ENGINE_set_load_ssl_client_cert_function | ||
| 183 | #define ENGINE_set_load_ssl_client_cert_function \ | ||
| 184 | ENGINE_set_ld_ssl_clnt_cert_fn | ||
| 185 | #undef ENGINE_get_ssl_client_cert_function | ||
| 186 | #define ENGINE_get_ssl_client_cert_function ENGINE_get_ssl_client_cert_fn | ||
| 182 | 187 | ||
| 183 | /* Hack some long OCSP names */ | 188 | /* Hack some long OCSP names */ |
| 184 | #undef OCSP_REQUEST_get_ext_by_critical | 189 | #undef OCSP_REQUEST_get_ext_by_critical |
diff --git a/src/lib/libssl/src/crypto/txt_db/Makefile b/src/lib/libssl/src/crypto/txt_db/Makefile index e6f30331d8..87e57b49f6 100644 --- a/src/lib/libssl/src/crypto/txt_db/Makefile +++ b/src/lib/libssl/src/crypto/txt_db/Makefile | |||
| @@ -33,7 +33,7 @@ top: | |||
| 33 | all: lib | 33 | all: lib |
| 34 | 34 | ||
| 35 | lib: $(LIBOBJ) | 35 | lib: $(LIBOBJ) |
| 36 | $(AR) $(LIB) $(LIBOBJ) | 36 | $(ARX) $(LIB) $(LIBOBJ) |
| 37 | $(RANLIB) $(LIB) || echo Never mind. | 37 | $(RANLIB) $(LIB) || echo Never mind. |
| 38 | @touch lib | 38 | @touch lib |
| 39 | 39 | ||
diff --git a/src/lib/libssl/src/crypto/ui/Makefile b/src/lib/libssl/src/crypto/ui/Makefile index a685659fb4..4755e206f6 100644 --- a/src/lib/libssl/src/crypto/ui/Makefile +++ b/src/lib/libssl/src/crypto/ui/Makefile | |||
| @@ -37,7 +37,7 @@ top: | |||
| 37 | all: lib | 37 | all: lib |
| 38 | 38 | ||
| 39 | lib: $(LIBOBJ) | 39 | lib: $(LIBOBJ) |
| 40 | $(AR) $(LIB) $(LIBOBJ) | 40 | $(ARX) $(LIB) $(LIBOBJ) |
| 41 | $(RANLIB) $(LIB) || echo Never mind. | 41 | $(RANLIB) $(LIB) || echo Never mind. |
| 42 | @touch lib | 42 | @touch lib |
| 43 | 43 | ||
diff --git a/src/lib/libssl/src/crypto/ui/ui_openssl.c b/src/lib/libssl/src/crypto/ui/ui_openssl.c index 1f23a45a33..ef930bf247 100644 --- a/src/lib/libssl/src/crypto/ui/ui_openssl.c +++ b/src/lib/libssl/src/crypto/ui/ui_openssl.c | |||
| @@ -677,6 +677,8 @@ static int noecho_fgets(char *buf, int size, FILE *tty) | |||
| 677 | size--; | 677 | size--; |
| 678 | #ifdef WIN16TTY | 678 | #ifdef WIN16TTY |
| 679 | i=_inchar(); | 679 | i=_inchar(); |
| 680 | #elif defined(_WIN32) | ||
| 681 | i=_getch(); | ||
| 680 | #else | 682 | #else |
| 681 | i=getch(); | 683 | i=getch(); |
| 682 | #endif | 684 | #endif |
diff --git a/src/lib/libssl/src/crypto/x509/Makefile b/src/lib/libssl/src/crypto/x509/Makefile index ddcc3124a7..464752b159 100644 --- a/src/lib/libssl/src/crypto/x509/Makefile +++ b/src/lib/libssl/src/crypto/x509/Makefile | |||
| @@ -43,7 +43,7 @@ top: | |||
| 43 | all: lib | 43 | all: lib |
| 44 | 44 | ||
| 45 | lib: $(LIBOBJ) | 45 | lib: $(LIBOBJ) |
| 46 | $(AR) $(LIB) $(LIBOBJ) | 46 | $(ARX) $(LIB) $(LIBOBJ) |
| 47 | $(RANLIB) $(LIB) || echo Never mind. | 47 | $(RANLIB) $(LIB) || echo Never mind. |
| 48 | @touch lib | 48 | @touch lib |
| 49 | 49 | ||
| @@ -89,35 +89,37 @@ by_dir.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 89 | by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 89 | by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 90 | by_dir.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 90 | by_dir.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 91 | by_dir.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 91 | by_dir.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 92 | by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 92 | by_dir.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 93 | by_dir.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 93 | by_dir.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 94 | by_dir.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 94 | by_dir.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 95 | by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 95 | by_dir.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 96 | by_dir.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 96 | by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 97 | by_dir.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 97 | by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 98 | by_dir.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_dir.c | 98 | by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 99 | by_dir.o: ../cryptlib.h by_dir.c | ||
| 99 | by_file.o: ../../e_os.h ../../include/openssl/asn1.h | 100 | by_file.o: ../../e_os.h ../../include/openssl/asn1.h |
| 100 | by_file.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 101 | by_file.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 101 | by_file.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 102 | by_file.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 102 | by_file.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 103 | by_file.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 103 | by_file.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 104 | by_file.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 104 | by_file.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 105 | by_file.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 105 | by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 106 | by_file.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 106 | by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 107 | by_file.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 107 | by_file.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h | 108 | by_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 108 | by_file.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h | 109 | by_file.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 109 | by_file.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 110 | by_file.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 110 | by_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 111 | by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 111 | by_file.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 112 | by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 112 | by_file.o: ../cryptlib.h by_file.c | 113 | by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c |
| 113 | x509_att.o: ../../e_os.h ../../include/openssl/asn1.h | 114 | x509_att.o: ../../e_os.h ../../include/openssl/asn1.h |
| 114 | x509_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 115 | x509_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 115 | x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 116 | x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 116 | x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 117 | x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 117 | x509_att.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 118 | x509_att.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 118 | x509_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 119 | x509_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 119 | x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 120 | x509_att.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 120 | x509_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 121 | x509_att.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 122 | x509_att.o: ../../include/openssl/opensslconf.h | ||
| 121 | x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 123 | x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 122 | x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 124 | x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 123 | x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 125 | x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -130,8 +132,9 @@ x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 130 | x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 132 | x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 131 | x509_cmp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 133 | x509_cmp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 132 | x509_cmp.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 134 | x509_cmp.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 133 | x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 135 | x509_cmp.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 134 | x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 136 | x509_cmp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 137 | x509_cmp.o: ../../include/openssl/opensslconf.h | ||
| 135 | x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 138 | x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 136 | x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 139 | x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 137 | x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 140 | x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -143,22 +146,22 @@ x509_d2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 143 | x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 146 | x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 144 | x509_d2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 147 | x509_d2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 145 | x509_d2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 148 | x509_d2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 146 | x509_d2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 149 | x509_d2.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 147 | x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 150 | x509_d2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 148 | x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 151 | x509_d2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 149 | x509_d2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 152 | x509_d2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 150 | x509_d2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 153 | x509_d2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 151 | x509_d2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 154 | x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 152 | x509_d2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 155 | x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 153 | x509_d2.o: ../cryptlib.h x509_d2.c | 156 | x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c |
| 154 | x509_def.o: ../../e_os.h ../../include/openssl/asn1.h | 157 | x509_def.o: ../../e_os.h ../../include/openssl/asn1.h |
| 155 | x509_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 158 | x509_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 156 | x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 159 | x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 157 | x509_def.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 160 | x509_def.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 158 | x509_def.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 161 | x509_def.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 159 | x509_def.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 162 | x509_def.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 160 | x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 163 | x509_def.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 161 | x509_def.o: ../../include/openssl/opensslconf.h | 164 | x509_def.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 162 | x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 165 | x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 163 | x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 166 | x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 164 | x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 167 | x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -169,8 +172,9 @@ x509_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 169 | x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 172 | x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 170 | x509_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 173 | x509_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 171 | x509_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 174 | x509_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 172 | x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 175 | x509_err.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 173 | x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 176 | x509_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 177 | x509_err.o: ../../include/openssl/opensslconf.h | ||
| 174 | x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 178 | x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 175 | x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 179 | x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 176 | x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 180 | x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -182,8 +186,9 @@ x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 182 | x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 186 | x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 183 | x509_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 187 | x509_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 184 | x509_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 188 | x509_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 185 | x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 189 | x509_ext.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 186 | x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 190 | x509_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 191 | x509_ext.o: ../../include/openssl/opensslconf.h | ||
| 187 | x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 192 | x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 188 | x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 193 | x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 189 | x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 194 | x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -196,22 +201,22 @@ x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 196 | x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 201 | x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 197 | x509_lu.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 202 | x509_lu.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 198 | x509_lu.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 203 | x509_lu.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 199 | x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 204 | x509_lu.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 200 | x509_lu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 205 | x509_lu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 201 | x509_lu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 206 | x509_lu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 202 | x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 207 | x509_lu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 203 | x509_lu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 208 | x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 204 | x509_lu.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 209 | x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 205 | x509_lu.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 210 | x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 206 | x509_lu.o: ../cryptlib.h x509_lu.c | 211 | x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c |
| 207 | x509_obj.o: ../../e_os.h ../../include/openssl/asn1.h | 212 | x509_obj.o: ../../e_os.h ../../include/openssl/asn1.h |
| 208 | x509_obj.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 213 | x509_obj.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 209 | x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 214 | x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 210 | x509_obj.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 215 | x509_obj.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 211 | x509_obj.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 216 | x509_obj.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 212 | x509_obj.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 217 | x509_obj.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 213 | x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 218 | x509_obj.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 214 | x509_obj.o: ../../include/openssl/opensslconf.h | 219 | x509_obj.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 215 | x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 220 | x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 216 | x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 221 | x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 217 | x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 222 | x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -223,8 +228,9 @@ x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 223 | x509_r2x.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 228 | x509_r2x.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 224 | x509_r2x.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 229 | x509_r2x.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 225 | x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 230 | x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 226 | x509_r2x.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 231 | x509_r2x.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 227 | x509_r2x.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 232 | x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 233 | x509_r2x.o: ../../include/openssl/opensslconf.h | ||
| 228 | x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 234 | x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 229 | x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 235 | x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 230 | x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 236 | x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -236,8 +242,9 @@ x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 236 | x509_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 242 | x509_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 237 | x509_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 243 | x509_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 238 | x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 244 | x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 239 | x509_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 245 | x509_req.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 240 | x509_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 246 | x509_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 247 | x509_req.o: ../../include/openssl/opensslconf.h | ||
| 241 | x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 248 | x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 242 | x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h | 249 | x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h |
| 243 | x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 250 | x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| @@ -249,9 +256,9 @@ x509_set.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 249 | x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 256 | x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 250 | x509_set.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 257 | x509_set.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 251 | x509_set.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 258 | x509_set.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 252 | x509_set.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 259 | x509_set.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 253 | x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 260 | x509_set.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 254 | x509_set.o: ../../include/openssl/opensslconf.h | 261 | x509_set.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 255 | x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 262 | x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 256 | x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 263 | x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 257 | x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 264 | x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -263,8 +270,9 @@ x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 263 | x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 270 | x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 264 | x509_trs.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 271 | x509_trs.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 265 | x509_trs.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 272 | x509_trs.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 266 | x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 273 | x509_trs.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 267 | x509_trs.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 274 | x509_trs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 275 | x509_trs.o: ../../include/openssl/opensslconf.h | ||
| 268 | x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 276 | x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 269 | x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 277 | x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 270 | x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 278 | x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -276,9 +284,9 @@ x509_txt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 276 | x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 284 | x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 277 | x509_txt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 285 | x509_txt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 278 | x509_txt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 286 | x509_txt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 279 | x509_txt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 287 | x509_txt.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 280 | x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 288 | x509_txt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 281 | x509_txt.o: ../../include/openssl/opensslconf.h | 289 | x509_txt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 282 | x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 290 | x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 283 | x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 291 | x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 284 | x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 292 | x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -290,22 +298,23 @@ x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 290 | x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 298 | x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 291 | x509_v3.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 299 | x509_v3.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 292 | x509_v3.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 300 | x509_v3.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 293 | x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 301 | x509_v3.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 294 | x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 302 | x509_v3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 295 | x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 303 | x509_v3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 296 | x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 304 | x509_v3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 297 | x509_v3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 305 | x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 298 | x509_v3.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 306 | x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 299 | x509_v3.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 307 | x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 300 | x509_v3.o: ../cryptlib.h x509_v3.c | 308 | x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c |
| 301 | x509_vfy.o: ../../e_os.h ../../include/openssl/asn1.h | 309 | x509_vfy.o: ../../e_os.h ../../include/openssl/asn1.h |
| 302 | x509_vfy.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 310 | x509_vfy.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 303 | x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 311 | x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 304 | x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 312 | x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 305 | x509_vfy.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 313 | x509_vfy.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 306 | x509_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 314 | x509_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 307 | x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 315 | x509_vfy.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 308 | x509_vfy.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 316 | x509_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 317 | x509_vfy.o: ../../include/openssl/opensslconf.h | ||
| 309 | x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 318 | x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 310 | x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 319 | x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 311 | x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 320 | x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -318,8 +327,9 @@ x509_vpm.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 318 | x509_vpm.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 327 | x509_vpm.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 319 | x509_vpm.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 328 | x509_vpm.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 320 | x509_vpm.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 329 | x509_vpm.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 321 | x509_vpm.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 330 | x509_vpm.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 322 | x509_vpm.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 331 | x509_vpm.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 332 | x509_vpm.o: ../../include/openssl/opensslconf.h | ||
| 323 | x509_vpm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 333 | x509_vpm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 324 | x509_vpm.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 334 | x509_vpm.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 325 | x509_vpm.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 335 | x509_vpm.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -331,9 +341,9 @@ x509cset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 331 | x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 341 | x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 332 | x509cset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 342 | x509cset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 333 | x509cset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 343 | x509cset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 334 | x509cset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 344 | x509cset.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 335 | x509cset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 345 | x509cset.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 336 | x509cset.o: ../../include/openssl/opensslconf.h | 346 | x509cset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 337 | x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 347 | x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 338 | x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 348 | x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 339 | x509cset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 349 | x509cset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -344,9 +354,9 @@ x509name.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 344 | x509name.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 354 | x509name.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 345 | x509name.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 355 | x509name.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 346 | x509name.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 356 | x509name.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 347 | x509name.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 357 | x509name.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 348 | x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 358 | x509name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 349 | x509name.o: ../../include/openssl/opensslconf.h | 359 | x509name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 350 | x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 360 | x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 351 | x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 361 | x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 352 | x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 362 | x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -357,9 +367,9 @@ x509rset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 357 | x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 367 | x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 358 | x509rset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 368 | x509rset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 359 | x509rset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 369 | x509rset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 360 | x509rset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 370 | x509rset.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 361 | x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 371 | x509rset.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 362 | x509rset.o: ../../include/openssl/opensslconf.h | 372 | x509rset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 363 | x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 373 | x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 364 | x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 374 | x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 365 | x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 375 | x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -370,9 +380,9 @@ x509spki.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 370 | x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 380 | x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 371 | x509spki.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 381 | x509spki.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 372 | x509spki.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 382 | x509spki.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 373 | x509spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 383 | x509spki.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 374 | x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 384 | x509spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 375 | x509spki.o: ../../include/openssl/opensslconf.h | 385 | x509spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 376 | x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 386 | x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 377 | x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 387 | x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 378 | x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 388 | x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -383,9 +393,9 @@ x509type.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | |||
| 383 | x509type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 393 | x509type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 384 | x509type.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 394 | x509type.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 385 | x509type.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 395 | x509type.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 386 | x509type.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 396 | x509type.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 387 | x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 397 | x509type.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 388 | x509type.o: ../../include/openssl/opensslconf.h | 398 | x509type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 389 | x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 399 | x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 390 | x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 400 | x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 391 | x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 401 | x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -396,11 +406,12 @@ x_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | |||
| 396 | x_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 406 | x_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 397 | x_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 407 | x_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 398 | x_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 408 | x_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 399 | x_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 409 | x_all.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 400 | x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 410 | x_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 401 | x_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 411 | x_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 402 | x_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 412 | x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 403 | x_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 413 | x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h |
| 404 | x_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 414 | x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 405 | x_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 415 | x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 406 | x_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_all.c | 416 | x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 417 | x_all.o: ../cryptlib.h x_all.c | ||
diff --git a/src/lib/libssl/src/crypto/x509/by_dir.c b/src/lib/libssl/src/crypto/x509/by_dir.c index 37f9a48206..341e0ba6a4 100644 --- a/src/lib/libssl/src/crypto/x509/by_dir.c +++ b/src/lib/libssl/src/crypto/x509/by_dir.c | |||
| @@ -74,6 +74,10 @@ | |||
| 74 | #include <openssl/lhash.h> | 74 | #include <openssl/lhash.h> |
| 75 | #include <openssl/x509.h> | 75 | #include <openssl/x509.h> |
| 76 | 76 | ||
| 77 | #ifdef _WIN32 | ||
| 78 | #define stat _stat | ||
| 79 | #endif | ||
| 80 | |||
| 77 | typedef struct lookup_dir_st | 81 | typedef struct lookup_dir_st |
| 78 | { | 82 | { |
| 79 | BUF_MEM *buffer; | 83 | BUF_MEM *buffer; |
diff --git a/src/lib/libssl/src/crypto/x509/x509_att.c b/src/lib/libssl/src/crypto/x509/x509_att.c index 511b49d589..98460e8921 100644 --- a/src/lib/libssl/src/crypto/x509/x509_att.c +++ b/src/lib/libssl/src/crypto/x509/x509_att.c | |||
| @@ -245,7 +245,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, | |||
| 245 | goto err; | 245 | goto err; |
| 246 | if (!X509_ATTRIBUTE_set1_data(ret,atrtype,data,len)) | 246 | if (!X509_ATTRIBUTE_set1_data(ret,atrtype,data,len)) |
| 247 | goto err; | 247 | goto err; |
| 248 | 248 | ||
| 249 | if ((attr != NULL) && (*attr == NULL)) *attr=ret; | 249 | if ((attr != NULL) && (*attr == NULL)) *attr=ret; |
| 250 | return(ret); | 250 | return(ret); |
| 251 | err: | 251 | err: |
| @@ -302,8 +302,15 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat | |||
| 302 | atype = attrtype; | 302 | atype = attrtype; |
| 303 | } | 303 | } |
| 304 | if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; | 304 | if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; |
| 305 | attr->single = 0; | ||
| 306 | /* This is a bit naughty because the attribute should really have | ||
| 307 | * at least one value but some types use and zero length SET and | ||
| 308 | * require this. | ||
| 309 | */ | ||
| 310 | if (attrtype == 0) | ||
| 311 | return 1; | ||
| 305 | if(!(ttmp = ASN1_TYPE_new())) goto err; | 312 | if(!(ttmp = ASN1_TYPE_new())) goto err; |
| 306 | if (len == -1) | 313 | if ((len == -1) && !(attrtype & MBSTRING_FLAG)) |
| 307 | { | 314 | { |
| 308 | if (!ASN1_TYPE_set1(ttmp, attrtype, data)) | 315 | if (!ASN1_TYPE_set1(ttmp, attrtype, data)) |
| 309 | goto err; | 316 | goto err; |
| @@ -311,7 +318,6 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat | |||
| 311 | else | 318 | else |
| 312 | ASN1_TYPE_set(ttmp, atype, stmp); | 319 | ASN1_TYPE_set(ttmp, atype, stmp); |
| 313 | if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; | 320 | if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; |
| 314 | attr->single = 0; | ||
| 315 | return 1; | 321 | return 1; |
| 316 | err: | 322 | err: |
| 317 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); | 323 | X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); |
diff --git a/src/lib/libssl/src/crypto/x509/x509_cmp.c b/src/lib/libssl/src/crypto/x509/x509_cmp.c index 0d6bc653b2..e4c682fc44 100644 --- a/src/lib/libssl/src/crypto/x509/x509_cmp.c +++ b/src/lib/libssl/src/crypto/x509/x509_cmp.c | |||
| @@ -322,10 +322,16 @@ unsigned long X509_NAME_hash(X509_NAME *x) | |||
| 322 | { | 322 | { |
| 323 | unsigned long ret=0; | 323 | unsigned long ret=0; |
| 324 | unsigned char md[16]; | 324 | unsigned char md[16]; |
| 325 | EVP_MD_CTX md_ctx; | ||
| 325 | 326 | ||
| 326 | /* Make sure X509_NAME structure contains valid cached encoding */ | 327 | /* Make sure X509_NAME structure contains valid cached encoding */ |
| 327 | i2d_X509_NAME(x,NULL); | 328 | i2d_X509_NAME(x,NULL); |
| 328 | EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL); | 329 | EVP_MD_CTX_init(&md_ctx); |
| 330 | EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 331 | EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL); | ||
| 332 | EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length); | ||
| 333 | EVP_DigestFinal_ex(&md_ctx,md,NULL); | ||
| 334 | EVP_MD_CTX_cleanup(&md_ctx); | ||
| 329 | 335 | ||
| 330 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | 336 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| |
| 331 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | 337 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) |
diff --git a/src/lib/libssl/src/crypto/x509/x509_trs.c b/src/lib/libssl/src/crypto/x509/x509_trs.c index 9c84a59d52..ed18700585 100644 --- a/src/lib/libssl/src/crypto/x509/x509_trs.c +++ b/src/lib/libssl/src/crypto/x509/x509_trs.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* x509_trs.c */ | 1 | /* x509_trs.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.c b/src/lib/libssl/src/crypto/x509/x509_vfy.c index 9a62ebcf67..336c40ddd7 100644 --- a/src/lib/libssl/src/crypto/x509/x509_vfy.c +++ b/src/lib/libssl/src/crypto/x509/x509_vfy.c | |||
| @@ -394,7 +394,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) | |||
| 394 | #ifdef OPENSSL_NO_CHAIN_VERIFY | 394 | #ifdef OPENSSL_NO_CHAIN_VERIFY |
| 395 | return 1; | 395 | return 1; |
| 396 | #else | 396 | #else |
| 397 | int i, ok=0, must_be_ca; | 397 | int i, ok=0, must_be_ca, plen = 0; |
| 398 | X509 *x; | 398 | X509 *x; |
| 399 | int (*cb)(int xok,X509_STORE_CTX *xctx); | 399 | int (*cb)(int xok,X509_STORE_CTX *xctx); |
| 400 | int proxy_path_length = 0; | 400 | int proxy_path_length = 0; |
| @@ -495,9 +495,10 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) | |||
| 495 | if (!ok) goto end; | 495 | if (!ok) goto end; |
| 496 | } | 496 | } |
| 497 | } | 497 | } |
| 498 | /* Check pathlen */ | 498 | /* Check pathlen if not self issued */ |
| 499 | if ((i > 1) && (x->ex_pathlen != -1) | 499 | if ((i > 1) && !(x->ex_flags & EXFLAG_SI) |
| 500 | && (i > (x->ex_pathlen + proxy_path_length + 1))) | 500 | && (x->ex_pathlen != -1) |
| 501 | && (plen > (x->ex_pathlen + proxy_path_length + 1))) | ||
| 501 | { | 502 | { |
| 502 | ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED; | 503 | ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED; |
| 503 | ctx->error_depth = i; | 504 | ctx->error_depth = i; |
| @@ -505,6 +506,9 @@ static int check_chain_extensions(X509_STORE_CTX *ctx) | |||
| 505 | ok=cb(0,ctx); | 506 | ok=cb(0,ctx); |
| 506 | if (!ok) goto end; | 507 | if (!ok) goto end; |
| 507 | } | 508 | } |
| 509 | /* Increment path length if not self issued */ | ||
| 510 | if (!(x->ex_flags & EXFLAG_SI)) | ||
| 511 | plen++; | ||
| 508 | /* If this certificate is a proxy certificate, the next | 512 | /* If this certificate is a proxy certificate, the next |
| 509 | certificate must be another proxy certificate or a EE | 513 | certificate must be another proxy certificate or a EE |
| 510 | certificate. If not, the next certificate must be a | 514 | certificate. If not, the next certificate must be a |
diff --git a/src/lib/libssl/src/crypto/x509/x509cset.c b/src/lib/libssl/src/crypto/x509/x509cset.c index 9d1646d5c8..7f4004b291 100644 --- a/src/lib/libssl/src/crypto/x509/x509cset.c +++ b/src/lib/libssl/src/crypto/x509/x509cset.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* crypto/x509/x509cset.c */ | 1 | /* crypto/x509/x509cset.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509/x509spki.c b/src/lib/libssl/src/crypto/x509/x509spki.c index ed868b838e..02a203d72c 100644 --- a/src/lib/libssl/src/crypto/x509/x509spki.c +++ b/src/lib/libssl/src/crypto/x509/x509spki.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* x509spki.c */ | 1 | /* x509spki.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/Makefile b/src/lib/libssl/src/crypto/x509v3/Makefile index 556ef351bf..e71dc42f9f 100644 --- a/src/lib/libssl/src/crypto/x509v3/Makefile +++ b/src/lib/libssl/src/crypto/x509v3/Makefile | |||
| @@ -43,7 +43,7 @@ top: | |||
| 43 | all: lib | 43 | all: lib |
| 44 | 44 | ||
| 45 | lib: $(LIBOBJ) | 45 | lib: $(LIBOBJ) |
| 46 | $(AR) $(LIB) $(LIBOBJ) | 46 | $(ARX) $(LIB) $(LIBOBJ) |
| 47 | $(RANLIB) $(LIB) || echo Never mind. | 47 | $(RANLIB) $(LIB) || echo Never mind. |
| 48 | @touch lib | 48 | @touch lib |
| 49 | 49 | ||
| @@ -90,8 +90,8 @@ pcy_cache.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 90 | pcy_cache.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 90 | pcy_cache.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 91 | pcy_cache.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 91 | pcy_cache.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 92 | pcy_cache.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 92 | pcy_cache.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 93 | pcy_cache.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 93 | pcy_cache.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 94 | pcy_cache.o: ../../include/openssl/objects.h | 94 | pcy_cache.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 95 | pcy_cache.o: ../../include/openssl/opensslconf.h | 95 | pcy_cache.o: ../../include/openssl/opensslconf.h |
| 96 | pcy_cache.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 96 | pcy_cache.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 97 | pcy_cache.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 97 | pcy_cache.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| @@ -105,8 +105,9 @@ pcy_data.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 105 | pcy_data.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 105 | pcy_data.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 106 | pcy_data.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 106 | pcy_data.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 107 | pcy_data.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 107 | pcy_data.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 108 | pcy_data.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 108 | pcy_data.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 109 | pcy_data.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 109 | pcy_data.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 110 | pcy_data.o: ../../include/openssl/opensslconf.h | ||
| 110 | pcy_data.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 111 | pcy_data.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 111 | pcy_data.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 112 | pcy_data.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 112 | pcy_data.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 113 | pcy_data.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -119,35 +120,36 @@ pcy_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 119 | pcy_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 120 | pcy_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 120 | pcy_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 121 | pcy_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 121 | pcy_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 122 | pcy_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 122 | pcy_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 123 | pcy_lib.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 123 | pcy_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 124 | pcy_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 124 | pcy_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 125 | pcy_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 125 | pcy_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 126 | pcy_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 126 | pcy_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 127 | pcy_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 127 | pcy_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 128 | pcy_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 128 | pcy_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 129 | pcy_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 129 | pcy_lib.o: ../cryptlib.h pcy_int.h pcy_lib.c | 130 | pcy_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h pcy_int.h pcy_lib.c |
| 130 | pcy_map.o: ../../e_os.h ../../include/openssl/asn1.h | 131 | pcy_map.o: ../../e_os.h ../../include/openssl/asn1.h |
| 131 | pcy_map.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 132 | pcy_map.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 132 | pcy_map.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 133 | pcy_map.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 133 | pcy_map.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 134 | pcy_map.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 134 | pcy_map.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 135 | pcy_map.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 135 | pcy_map.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 136 | pcy_map.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 136 | pcy_map.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 137 | pcy_map.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 137 | pcy_map.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 138 | pcy_map.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 138 | pcy_map.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 139 | pcy_map.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 139 | pcy_map.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 140 | pcy_map.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 140 | pcy_map.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 141 | pcy_map.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 141 | pcy_map.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 142 | pcy_map.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 142 | pcy_map.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 143 | pcy_map.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 143 | pcy_map.o: ../cryptlib.h pcy_int.h pcy_map.c | 144 | pcy_map.o: ../../include/openssl/x509v3.h ../cryptlib.h pcy_int.h pcy_map.c |
| 144 | pcy_node.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 145 | pcy_node.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 145 | pcy_node.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 146 | pcy_node.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 146 | pcy_node.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 147 | pcy_node.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 147 | pcy_node.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 148 | pcy_node.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 148 | pcy_node.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h | 149 | pcy_node.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h |
| 149 | pcy_node.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 150 | pcy_node.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 150 | pcy_node.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 151 | pcy_node.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 152 | pcy_node.o: ../../include/openssl/opensslconf.h | ||
| 151 | pcy_node.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 153 | pcy_node.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 152 | pcy_node.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 154 | pcy_node.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 153 | pcy_node.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 155 | pcy_node.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -160,8 +162,9 @@ pcy_tree.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 160 | pcy_tree.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 162 | pcy_tree.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 161 | pcy_tree.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 163 | pcy_tree.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 162 | pcy_tree.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 164 | pcy_tree.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 163 | pcy_tree.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 165 | pcy_tree.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 164 | pcy_tree.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 166 | pcy_tree.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 167 | pcy_tree.o: ../../include/openssl/opensslconf.h | ||
| 165 | pcy_tree.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 168 | pcy_tree.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 166 | pcy_tree.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 169 | pcy_tree.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 167 | pcy_tree.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 170 | pcy_tree.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -174,37 +177,39 @@ v3_addr.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | |||
| 174 | v3_addr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 177 | v3_addr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 175 | v3_addr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 178 | v3_addr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 176 | v3_addr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 179 | v3_addr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 177 | v3_addr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 180 | v3_addr.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 178 | v3_addr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 181 | v3_addr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 179 | v3_addr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 182 | v3_addr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 180 | v3_addr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 183 | v3_addr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 181 | v3_addr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 184 | v3_addr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 182 | v3_addr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 185 | v3_addr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 183 | v3_addr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 186 | v3_addr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 184 | v3_addr.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_addr.c | 187 | v3_addr.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 188 | v3_addr.o: ../cryptlib.h v3_addr.c | ||
| 185 | v3_akey.o: ../../e_os.h ../../include/openssl/asn1.h | 189 | v3_akey.o: ../../e_os.h ../../include/openssl/asn1.h |
| 186 | v3_akey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 190 | v3_akey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 187 | v3_akey.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 191 | v3_akey.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 188 | v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 192 | v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 189 | v3_akey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 193 | v3_akey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 190 | v3_akey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 194 | v3_akey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 191 | v3_akey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 195 | v3_akey.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 192 | v3_akey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 196 | v3_akey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 193 | v3_akey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 197 | v3_akey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 194 | v3_akey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 198 | v3_akey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 195 | v3_akey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 199 | v3_akey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 196 | v3_akey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 200 | v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 197 | v3_akey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 201 | v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 198 | v3_akey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_akey.c | 202 | v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 203 | v3_akey.o: ../cryptlib.h v3_akey.c | ||
| 199 | v3_akeya.o: ../../e_os.h ../../include/openssl/asn1.h | 204 | v3_akeya.o: ../../e_os.h ../../include/openssl/asn1.h |
| 200 | v3_akeya.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 205 | v3_akeya.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 201 | v3_akeya.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 206 | v3_akeya.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 202 | v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 207 | v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 203 | v3_akeya.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 208 | v3_akeya.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 204 | v3_akeya.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 209 | v3_akeya.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 205 | v3_akeya.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 210 | v3_akeya.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 206 | v3_akeya.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 211 | v3_akeya.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 207 | v3_akeya.o: ../../include/openssl/opensslconf.h | 212 | v3_akeya.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 208 | v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 213 | v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 209 | v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 214 | v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 210 | v3_akeya.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 215 | v3_akeya.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -216,14 +221,15 @@ v3_alt.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | |||
| 216 | v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 221 | v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 217 | v3_alt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 222 | v3_alt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 218 | v3_alt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 223 | v3_alt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 219 | v3_alt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 224 | v3_alt.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 220 | v3_alt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 225 | v3_alt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 221 | v3_alt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 226 | v3_alt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 222 | v3_alt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 227 | v3_alt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 223 | v3_alt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 228 | v3_alt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 224 | v3_alt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 229 | v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 225 | v3_alt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 230 | v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 226 | v3_alt.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_alt.c | 231 | v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 232 | v3_alt.o: ../cryptlib.h v3_alt.c | ||
| 227 | v3_asid.o: ../../e_os.h ../../include/openssl/asn1.h | 233 | v3_asid.o: ../../e_os.h ../../include/openssl/asn1.h |
| 228 | v3_asid.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 234 | v3_asid.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 229 | v3_asid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | 235 | v3_asid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| @@ -231,23 +237,23 @@ v3_asid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 231 | v3_asid.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 237 | v3_asid.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 232 | v3_asid.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 238 | v3_asid.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 233 | v3_asid.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 239 | v3_asid.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 234 | v3_asid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 240 | v3_asid.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 235 | v3_asid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 241 | v3_asid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 236 | v3_asid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 242 | v3_asid.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 237 | v3_asid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 243 | v3_asid.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 238 | v3_asid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 244 | v3_asid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 239 | v3_asid.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 245 | v3_asid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 240 | v3_asid.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 246 | v3_asid.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 241 | v3_asid.o: ../cryptlib.h v3_asid.c | 247 | v3_asid.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_asid.c |
| 242 | v3_bcons.o: ../../e_os.h ../../include/openssl/asn1.h | 248 | v3_bcons.o: ../../e_os.h ../../include/openssl/asn1.h |
| 243 | v3_bcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 249 | v3_bcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 244 | v3_bcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 250 | v3_bcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 245 | v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 251 | v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 246 | v3_bcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 252 | v3_bcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 247 | v3_bcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 253 | v3_bcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 248 | v3_bcons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 254 | v3_bcons.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 249 | v3_bcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 255 | v3_bcons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 250 | v3_bcons.o: ../../include/openssl/opensslconf.h | 256 | v3_bcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 251 | v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 257 | v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 252 | v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 258 | v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 253 | v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 259 | v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -260,8 +266,9 @@ v3_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 260 | v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 266 | v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 261 | v3_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 267 | v3_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 262 | v3_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 268 | v3_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 263 | v3_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 269 | v3_bitst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 264 | v3_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 270 | v3_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 271 | v3_bitst.o: ../../include/openssl/opensslconf.h | ||
| 265 | v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 272 | v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 266 | v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 273 | v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 267 | v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 274 | v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -274,23 +281,23 @@ v3_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 274 | v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 281 | v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 275 | v3_conf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 282 | v3_conf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 276 | v3_conf.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 283 | v3_conf.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 277 | v3_conf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 284 | v3_conf.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 278 | v3_conf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 285 | v3_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 279 | v3_conf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 286 | v3_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 280 | v3_conf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 287 | v3_conf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 281 | v3_conf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 288 | v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 282 | v3_conf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 289 | v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 283 | v3_conf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 290 | v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 284 | v3_conf.o: ../cryptlib.h v3_conf.c | 291 | v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_conf.c |
| 285 | v3_cpols.o: ../../e_os.h ../../include/openssl/asn1.h | 292 | v3_cpols.o: ../../e_os.h ../../include/openssl/asn1.h |
| 286 | v3_cpols.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 293 | v3_cpols.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 287 | v3_cpols.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 294 | v3_cpols.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 288 | v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 295 | v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 289 | v3_cpols.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 296 | v3_cpols.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 290 | v3_cpols.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 297 | v3_cpols.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 291 | v3_cpols.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 298 | v3_cpols.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 292 | v3_cpols.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 299 | v3_cpols.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 293 | v3_cpols.o: ../../include/openssl/opensslconf.h | 300 | v3_cpols.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 294 | v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 301 | v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 295 | v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 302 | v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 296 | v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 303 | v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -303,37 +310,38 @@ v3_crld.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | |||
| 303 | v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 310 | v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 304 | v3_crld.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 311 | v3_crld.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 305 | v3_crld.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 312 | v3_crld.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 306 | v3_crld.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 313 | v3_crld.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 307 | v3_crld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 314 | v3_crld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 308 | v3_crld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 315 | v3_crld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 309 | v3_crld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 316 | v3_crld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 310 | v3_crld.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 317 | v3_crld.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 311 | v3_crld.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 318 | v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 312 | v3_crld.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 319 | v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 313 | v3_crld.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_crld.c | 320 | v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 321 | v3_crld.o: ../cryptlib.h v3_crld.c | ||
| 314 | v3_enum.o: ../../e_os.h ../../include/openssl/asn1.h | 322 | v3_enum.o: ../../e_os.h ../../include/openssl/asn1.h |
| 315 | v3_enum.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 323 | v3_enum.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 316 | v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 324 | v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 317 | v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 325 | v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 318 | v3_enum.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 326 | v3_enum.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 319 | v3_enum.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 327 | v3_enum.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 320 | v3_enum.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 328 | v3_enum.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 321 | v3_enum.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 329 | v3_enum.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 322 | v3_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 330 | v3_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 323 | v3_enum.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 331 | v3_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 324 | v3_enum.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 332 | v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 325 | v3_enum.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 333 | v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 326 | v3_enum.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 334 | v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 327 | v3_enum.o: ../cryptlib.h v3_enum.c | 335 | v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_enum.c |
| 328 | v3_extku.o: ../../e_os.h ../../include/openssl/asn1.h | 336 | v3_extku.o: ../../e_os.h ../../include/openssl/asn1.h |
| 329 | v3_extku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 337 | v3_extku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 330 | v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 338 | v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 331 | v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 339 | v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 332 | v3_extku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 340 | v3_extku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 333 | v3_extku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 341 | v3_extku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 334 | v3_extku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 342 | v3_extku.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 335 | v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 343 | v3_extku.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 336 | v3_extku.o: ../../include/openssl/opensslconf.h | 344 | v3_extku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 337 | v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 345 | v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 338 | v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 346 | v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 339 | v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 347 | v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -346,76 +354,81 @@ v3_genn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | |||
| 346 | v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 354 | v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 347 | v3_genn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 355 | v3_genn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 348 | v3_genn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 356 | v3_genn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 349 | v3_genn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 357 | v3_genn.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 350 | v3_genn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 358 | v3_genn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 351 | v3_genn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 359 | v3_genn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 352 | v3_genn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 360 | v3_genn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 353 | v3_genn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 361 | v3_genn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 354 | v3_genn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 362 | v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 355 | v3_genn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 363 | v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 356 | v3_genn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_genn.c | 364 | v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 365 | v3_genn.o: ../cryptlib.h v3_genn.c | ||
| 357 | v3_ia5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 366 | v3_ia5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 358 | v3_ia5.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 367 | v3_ia5.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 359 | v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 368 | v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 360 | v3_ia5.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 369 | v3_ia5.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 361 | v3_ia5.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 370 | v3_ia5.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 362 | v3_ia5.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 371 | v3_ia5.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 363 | v3_ia5.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 372 | v3_ia5.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 364 | v3_ia5.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 373 | v3_ia5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 365 | v3_ia5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 374 | v3_ia5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 366 | v3_ia5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 375 | v3_ia5.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 367 | v3_ia5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 376 | v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 368 | v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 377 | v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 369 | v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ia5.c | 378 | v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 379 | v3_ia5.o: ../cryptlib.h v3_ia5.c | ||
| 370 | v3_info.o: ../../e_os.h ../../include/openssl/asn1.h | 380 | v3_info.o: ../../e_os.h ../../include/openssl/asn1.h |
| 371 | v3_info.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 381 | v3_info.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 372 | v3_info.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 382 | v3_info.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 373 | v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 383 | v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 374 | v3_info.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 384 | v3_info.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 375 | v3_info.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 385 | v3_info.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 376 | v3_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 386 | v3_info.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 377 | v3_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 387 | v3_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 378 | v3_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 388 | v3_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 379 | v3_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 389 | v3_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 380 | v3_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 390 | v3_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 381 | v3_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 391 | v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 382 | v3_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 392 | v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 383 | v3_info.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_info.c | 393 | v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 394 | v3_info.o: ../cryptlib.h v3_info.c | ||
| 384 | v3_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 395 | v3_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 385 | v3_int.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 396 | v3_int.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 386 | v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 397 | v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 387 | v3_int.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 398 | v3_int.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 388 | v3_int.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 399 | v3_int.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 389 | v3_int.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 400 | v3_int.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 390 | v3_int.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 401 | v3_int.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 391 | v3_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 402 | v3_int.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 392 | v3_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 403 | v3_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 393 | v3_int.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 404 | v3_int.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 394 | v3_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 405 | v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 395 | v3_int.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 406 | v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 396 | v3_int.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_int.c | 407 | v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 408 | v3_int.o: ../cryptlib.h v3_int.c | ||
| 397 | v3_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 409 | v3_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 398 | v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 410 | v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 399 | v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 411 | v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 400 | v3_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 412 | v3_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 401 | v3_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 413 | v3_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 402 | v3_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 414 | v3_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 403 | v3_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 415 | v3_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 404 | v3_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 416 | v3_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 405 | v3_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 417 | v3_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 406 | v3_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 418 | v3_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 407 | v3_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 419 | v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 408 | v3_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 420 | v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 409 | v3_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ext_dat.h v3_lib.c | 421 | v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 422 | v3_lib.o: ../cryptlib.h ext_dat.h v3_lib.c | ||
| 410 | v3_ncons.o: ../../e_os.h ../../include/openssl/asn1.h | 423 | v3_ncons.o: ../../e_os.h ../../include/openssl/asn1.h |
| 411 | v3_ncons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 424 | v3_ncons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 412 | v3_ncons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 425 | v3_ncons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 413 | v3_ncons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 426 | v3_ncons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 414 | v3_ncons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 427 | v3_ncons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 415 | v3_ncons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 428 | v3_ncons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 416 | v3_ncons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 429 | v3_ncons.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 417 | v3_ncons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 430 | v3_ncons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 418 | v3_ncons.o: ../../include/openssl/opensslconf.h | 431 | v3_ncons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 419 | v3_ncons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 432 | v3_ncons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 420 | v3_ncons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 433 | v3_ncons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 421 | v3_ncons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 434 | v3_ncons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -428,49 +441,52 @@ v3_ocsp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 428 | v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 441 | v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 429 | v3_ocsp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 442 | v3_ocsp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 430 | v3_ocsp.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 443 | v3_ocsp.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 431 | v3_ocsp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 444 | v3_ocsp.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 432 | v3_ocsp.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h | 445 | v3_ocsp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 433 | v3_ocsp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 446 | v3_ocsp.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h |
| 434 | v3_ocsp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 447 | v3_ocsp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 435 | v3_ocsp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 448 | v3_ocsp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 436 | v3_ocsp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 449 | v3_ocsp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 437 | v3_ocsp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 450 | v3_ocsp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 438 | v3_ocsp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_ocsp.c | 451 | v3_ocsp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 452 | v3_ocsp.o: ../cryptlib.h v3_ocsp.c | ||
| 439 | v3_pci.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h | 453 | v3_pci.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 440 | v3_pci.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 454 | v3_pci.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 441 | v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 455 | v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 442 | v3_pci.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 456 | v3_pci.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 443 | v3_pci.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 457 | v3_pci.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 444 | v3_pci.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 458 | v3_pci.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 445 | v3_pci.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 459 | v3_pci.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 446 | v3_pci.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 460 | v3_pci.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 447 | v3_pci.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 461 | v3_pci.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 448 | v3_pci.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 462 | v3_pci.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 449 | v3_pci.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 463 | v3_pci.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 450 | v3_pci.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 464 | v3_pci.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 451 | v3_pci.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pci.c | 465 | v3_pci.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 466 | v3_pci.o: ../cryptlib.h v3_pci.c | ||
| 452 | v3_pcia.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h | 467 | v3_pcia.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h |
| 453 | v3_pcia.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 468 | v3_pcia.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 454 | v3_pcia.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 469 | v3_pcia.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 455 | v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 470 | v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 456 | v3_pcia.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 471 | v3_pcia.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 457 | v3_pcia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 472 | v3_pcia.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 458 | v3_pcia.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 473 | v3_pcia.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 459 | v3_pcia.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 474 | v3_pcia.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 460 | v3_pcia.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 475 | v3_pcia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 461 | v3_pcia.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 476 | v3_pcia.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 462 | v3_pcia.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 477 | v3_pcia.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 463 | v3_pcia.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 478 | v3_pcia.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 464 | v3_pcia.o: ../../include/openssl/x509v3.h v3_pcia.c | 479 | v3_pcia.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 480 | v3_pcia.o: v3_pcia.c | ||
| 465 | v3_pcons.o: ../../e_os.h ../../include/openssl/asn1.h | 481 | v3_pcons.o: ../../e_os.h ../../include/openssl/asn1.h |
| 466 | v3_pcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 482 | v3_pcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 467 | v3_pcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 483 | v3_pcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 468 | v3_pcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 484 | v3_pcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 469 | v3_pcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 485 | v3_pcons.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 470 | v3_pcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 486 | v3_pcons.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 471 | v3_pcons.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 487 | v3_pcons.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 472 | v3_pcons.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 488 | v3_pcons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 473 | v3_pcons.o: ../../include/openssl/opensslconf.h | 489 | v3_pcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 474 | v3_pcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 490 | v3_pcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 475 | v3_pcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 491 | v3_pcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 476 | v3_pcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 492 | v3_pcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -483,23 +499,24 @@ v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | |||
| 483 | v3_pku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 499 | v3_pku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 484 | v3_pku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 500 | v3_pku.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 485 | v3_pku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 501 | v3_pku.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 486 | v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 502 | v3_pku.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 487 | v3_pku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 503 | v3_pku.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 488 | v3_pku.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 504 | v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 489 | v3_pku.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 505 | v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 490 | v3_pku.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 506 | v3_pku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 491 | v3_pku.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 507 | v3_pku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 492 | v3_pku.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 508 | v3_pku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 493 | v3_pku.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_pku.c | 509 | v3_pku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 510 | v3_pku.o: ../cryptlib.h v3_pku.c | ||
| 494 | v3_pmaps.o: ../../e_os.h ../../include/openssl/asn1.h | 511 | v3_pmaps.o: ../../e_os.h ../../include/openssl/asn1.h |
| 495 | v3_pmaps.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 512 | v3_pmaps.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 496 | v3_pmaps.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 513 | v3_pmaps.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 497 | v3_pmaps.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 514 | v3_pmaps.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 498 | v3_pmaps.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 515 | v3_pmaps.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 499 | v3_pmaps.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 516 | v3_pmaps.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 500 | v3_pmaps.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 517 | v3_pmaps.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 501 | v3_pmaps.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 518 | v3_pmaps.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 502 | v3_pmaps.o: ../../include/openssl/opensslconf.h | 519 | v3_pmaps.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 503 | v3_pmaps.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 520 | v3_pmaps.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 504 | v3_pmaps.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 521 | v3_pmaps.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 505 | v3_pmaps.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 522 | v3_pmaps.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -511,51 +528,52 @@ v3_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | |||
| 511 | v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 528 | v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 512 | v3_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 529 | v3_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 513 | v3_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 530 | v3_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 514 | v3_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 531 | v3_prn.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 515 | v3_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 532 | v3_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 516 | v3_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 533 | v3_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 517 | v3_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 534 | v3_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 518 | v3_prn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 535 | v3_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 519 | v3_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 536 | v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 520 | v3_prn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 537 | v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 521 | v3_prn.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_prn.c | 538 | v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 539 | v3_prn.o: ../cryptlib.h v3_prn.c | ||
| 522 | v3_purp.o: ../../e_os.h ../../include/openssl/asn1.h | 540 | v3_purp.o: ../../e_os.h ../../include/openssl/asn1.h |
| 523 | v3_purp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 541 | v3_purp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 524 | v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 542 | v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 525 | v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 543 | v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 526 | v3_purp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 544 | v3_purp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 527 | v3_purp.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 545 | v3_purp.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 528 | v3_purp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 546 | v3_purp.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 529 | v3_purp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 547 | v3_purp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 530 | v3_purp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 548 | v3_purp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 531 | v3_purp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 549 | v3_purp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 532 | v3_purp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 550 | v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 533 | v3_purp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 551 | v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 534 | v3_purp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 552 | v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 535 | v3_purp.o: ../cryptlib.h v3_purp.c | 553 | v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.c |
| 536 | v3_skey.o: ../../e_os.h ../../include/openssl/asn1.h | 554 | v3_skey.o: ../../e_os.h ../../include/openssl/asn1.h |
| 537 | v3_skey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h | 555 | v3_skey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h |
| 538 | v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | 556 | v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h |
| 539 | v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 557 | v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 540 | v3_skey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 558 | v3_skey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 541 | v3_skey.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 559 | v3_skey.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 542 | v3_skey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 560 | v3_skey.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 543 | v3_skey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 561 | v3_skey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 544 | v3_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 562 | v3_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 545 | v3_skey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 563 | v3_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 546 | v3_skey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 564 | v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 547 | v3_skey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 565 | v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 548 | v3_skey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 566 | v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 549 | v3_skey.o: ../cryptlib.h v3_skey.c | 567 | v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.c |
| 550 | v3_sxnet.o: ../../e_os.h ../../include/openssl/asn1.h | 568 | v3_sxnet.o: ../../e_os.h ../../include/openssl/asn1.h |
| 551 | v3_sxnet.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h | 569 | v3_sxnet.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h |
| 552 | v3_sxnet.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 570 | v3_sxnet.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 553 | v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 571 | v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 554 | v3_sxnet.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 572 | v3_sxnet.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 555 | v3_sxnet.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 573 | v3_sxnet.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 556 | v3_sxnet.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 574 | v3_sxnet.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 557 | v3_sxnet.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 575 | v3_sxnet.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 558 | v3_sxnet.o: ../../include/openssl/opensslconf.h | 576 | v3_sxnet.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 559 | v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 577 | v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 560 | v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 578 | v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 561 | v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 579 | v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| @@ -568,24 +586,25 @@ v3_utl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | |||
| 568 | v3_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | 586 | v3_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 569 | v3_utl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | 587 | v3_utl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 570 | v3_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 588 | v3_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 571 | v3_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | 589 | v3_utl.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 572 | v3_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h | 590 | v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 573 | v3_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 591 | v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 574 | v3_utl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h | 592 | v3_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 575 | v3_utl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 593 | v3_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 576 | v3_utl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | 594 | v3_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 577 | v3_utl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h | 595 | v3_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h |
| 578 | v3_utl.o: ../cryptlib.h v3_utl.c | 596 | v3_utl.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_utl.c |
| 579 | v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 597 | v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 580 | v3err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h | 598 | v3err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h |
| 581 | v3err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | 599 | v3err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h |
| 582 | v3err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | 600 | v3err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 583 | v3err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | 601 | v3err.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h |
| 584 | v3err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | 602 | v3err.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 585 | v3err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 603 | v3err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 586 | v3err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 604 | v3err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h |
| 587 | v3err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | 605 | v3err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 588 | v3err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 606 | v3err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h |
| 589 | v3err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 607 | v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 590 | v3err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | 608 | v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 591 | v3err.o: ../../include/openssl/x509v3.h v3err.c | 609 | v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h |
| 610 | v3err.o: v3err.c | ||
diff --git a/src/lib/libssl/src/crypto/x509v3/ext_dat.h b/src/lib/libssl/src/crypto/x509v3/ext_dat.h index 5c063ac65d..3eaec46f8a 100644 --- a/src/lib/libssl/src/crypto/x509v3/ext_dat.h +++ b/src/lib/libssl/src/crypto/x509v3/ext_dat.h | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* ext_dat.h */ | 1 | /* ext_dat.h */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/tabtest.c b/src/lib/libssl/src/crypto/x509v3/tabtest.c index dad0d38dd5..5ed6eb6891 100644 --- a/src/lib/libssl/src/crypto/x509v3/tabtest.c +++ b/src/lib/libssl/src/crypto/x509v3/tabtest.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* tabtest.c */ | 1 | /* tabtest.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_akey.c b/src/lib/libssl/src/crypto/x509v3/v3_akey.c index ac0548b775..c6b68ee221 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_akey.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_akey.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_akey.c */ | 1 | /* v3_akey.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_akeya.c b/src/lib/libssl/src/crypto/x509v3/v3_akeya.c index 2aafa26ba7..2c50f7360e 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_akeya.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_akeya.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_akey_asn1.c */ | 1 | /* v3_akey_asn1.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_alt.c b/src/lib/libssl/src/crypto/x509v3/v3_alt.c index bb2f5bc54e..58b2952478 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_alt.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_alt.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_alt.c */ | 1 | /* v3_alt.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -527,7 +527,8 @@ GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, | |||
| 527 | return gen; | 527 | return gen; |
| 528 | 528 | ||
| 529 | err: | 529 | err: |
| 530 | GENERAL_NAME_free(gen); | 530 | if (!out) |
| 531 | GENERAL_NAME_free(gen); | ||
| 531 | return NULL; | 532 | return NULL; |
| 532 | } | 533 | } |
| 533 | 534 | ||
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_bcons.c b/src/lib/libssl/src/crypto/x509v3/v3_bcons.c index 74b1233071..82aa488f75 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_bcons.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_bcons.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_bcons.c */ | 1 | /* v3_bcons.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_bitst.c b/src/lib/libssl/src/crypto/x509v3/v3_bitst.c index cf31f0816e..058d0d4dce 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_bitst.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_bitst.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_bitst.c */ | 1 | /* v3_bitst.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_conf.c b/src/lib/libssl/src/crypto/x509v3/v3_conf.c index 2b867305fb..11eb6b7fd5 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_conf.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_conf.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_conf.c */ | 1 | /* v3_conf.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_cpols.c b/src/lib/libssl/src/crypto/x509v3/v3_cpols.c index a40f490aa9..95596055ab 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_cpols.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_cpols.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_cpols.c */ | 1 | /* v3_cpols.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_crld.c b/src/lib/libssl/src/crypto/x509v3/v3_crld.c index c6e3ebae7b..181a8977b1 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_crld.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_crld.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_crld.c */ | 1 | /* v3_crld.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_enum.c b/src/lib/libssl/src/crypto/x509v3/v3_enum.c index a236cb22e1..36576eaa4d 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_enum.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_enum.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_enum.c */ | 1 | /* v3_enum.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_extku.c b/src/lib/libssl/src/crypto/x509v3/v3_extku.c index a4efe0031e..c0d14500ed 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_extku.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_extku.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_extku.c */ | 1 | /* v3_extku.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_genn.c b/src/lib/libssl/src/crypto/x509v3/v3_genn.c index 650b510980..84b4b1c881 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_genn.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_genn.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_genn.c */ | 1 | /* v3_genn.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_ia5.c b/src/lib/libssl/src/crypto/x509v3/v3_ia5.c index b739ccd036..4ff12b52b5 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_ia5.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_ia5.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_ia5.c */ | 1 | /* v3_ia5.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_info.c b/src/lib/libssl/src/crypto/x509v3/v3_info.c index e0ef69de42..e1b8699f92 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_info.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_info.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_info.c */ | 1 | /* v3_info.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_int.c b/src/lib/libssl/src/crypto/x509v3/v3_int.c index 9a48dc1508..4bfd14cf46 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_int.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_int.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_int.c */ | 1 | /* v3_int.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_lib.c b/src/lib/libssl/src/crypto/x509v3/v3_lib.c index f3015ea610..df3a48f43e 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_lib.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_lib.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_lib.c */ | 1 | /* v3_lib.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c b/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c index 62aac06335..e426ea930c 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_ocsp.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_ocsp.c */ | 1 | /* v3_ocsp.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_pku.c b/src/lib/libssl/src/crypto/x509v3/v3_pku.c index 5c4626e89b..076f3ff48e 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_pku.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_pku.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_pku.c */ | 1 | /* v3_pku.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_prn.c b/src/lib/libssl/src/crypto/x509v3/v3_prn.c index 20bd9bda19..c1bb17f105 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_prn.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_prn.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_prn.c */ | 1 | /* v3_prn.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_purp.c b/src/lib/libssl/src/crypto/x509v3/v3_purp.c index b2f5cdfa05..e18751e01c 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_purp.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_purp.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_purp.c */ | 1 | /* v3_purp.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2001. | 3 | * project 2001. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -291,7 +291,9 @@ int X509_supported_extension(X509_EXTENSION *ex) | |||
| 291 | NID_sbgp_ipAddrBlock, /* 290 */ | 291 | NID_sbgp_ipAddrBlock, /* 290 */ |
| 292 | NID_sbgp_autonomousSysNum, /* 291 */ | 292 | NID_sbgp_autonomousSysNum, /* 291 */ |
| 293 | #endif | 293 | #endif |
| 294 | NID_proxyCertInfo /* 661 */ | 294 | NID_policy_constraints, /* 401 */ |
| 295 | NID_proxyCertInfo, /* 661 */ | ||
| 296 | NID_inhibit_any_policy /* 748 */ | ||
| 295 | }; | 297 | }; |
| 296 | 298 | ||
| 297 | int ex_nid; | 299 | int ex_nid; |
| @@ -325,7 +327,7 @@ static void x509v3_cache_extensions(X509 *x) | |||
| 325 | #endif | 327 | #endif |
| 326 | /* Does subject name match issuer ? */ | 328 | /* Does subject name match issuer ? */ |
| 327 | if(!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) | 329 | if(!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) |
| 328 | x->ex_flags |= EXFLAG_SS; | 330 | x->ex_flags |= EXFLAG_SI; |
| 329 | /* V1 should mean no extensions ... */ | 331 | /* V1 should mean no extensions ... */ |
| 330 | if(!X509_get_version(x)) x->ex_flags |= EXFLAG_V1; | 332 | if(!X509_get_version(x)) x->ex_flags |= EXFLAG_V1; |
| 331 | /* Handle basic constraints */ | 333 | /* Handle basic constraints */ |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_skey.c b/src/lib/libssl/src/crypto/x509v3/v3_skey.c index da0a3558f6..202c9e4896 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_skey.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_skey.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_skey.c */ | 1 | /* v3_skey.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c b/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c index eaea9ea01b..2a6bf11b65 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_sxnet.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_sxnet.c */ | 1 | /* v3_sxnet.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3_utl.c b/src/lib/libssl/src/crypto/x509v3/v3_utl.c index ac171ca940..a4236bbb6d 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3_utl.c +++ b/src/lib/libssl/src/crypto/x509v3/v3_utl.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3_utl.c */ | 1 | /* v3_utl.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -736,17 +736,20 @@ static int ipv6_from_asc(unsigned char *v6, const char *in) | |||
| 736 | 736 | ||
| 737 | /* Format result */ | 737 | /* Format result */ |
| 738 | 738 | ||
| 739 | /* Copy initial part */ | 739 | if (v6stat.zero_pos >= 0) |
| 740 | if (v6stat.zero_pos > 0) | 740 | { |
| 741 | /* Copy initial part */ | ||
| 741 | memcpy(v6, v6stat.tmp, v6stat.zero_pos); | 742 | memcpy(v6, v6stat.tmp, v6stat.zero_pos); |
| 742 | /* Zero middle */ | 743 | /* Zero middle */ |
| 743 | if (v6stat.total != 16) | ||
| 744 | memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total); | 744 | memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total); |
| 745 | /* Copy final part */ | 745 | /* Copy final part */ |
| 746 | if (v6stat.total != v6stat.zero_pos) | 746 | if (v6stat.total != v6stat.zero_pos) |
| 747 | memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total, | 747 | memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total, |
| 748 | v6stat.tmp + v6stat.zero_pos, | 748 | v6stat.tmp + v6stat.zero_pos, |
| 749 | v6stat.total - v6stat.zero_pos); | 749 | v6stat.total - v6stat.zero_pos); |
| 750 | } | ||
| 751 | else | ||
| 752 | memcpy(v6, v6stat.tmp, 16); | ||
| 750 | 753 | ||
| 751 | return 1; | 754 | return 1; |
| 752 | } | 755 | } |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3conf.c b/src/lib/libssl/src/crypto/x509v3/v3conf.c index 00cf5b4a5b..a9e6ca3542 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3conf.c +++ b/src/lib/libssl/src/crypto/x509v3/v3conf.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3conf.c */ | 1 | /* v3conf.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/v3prin.c b/src/lib/libssl/src/crypto/x509v3/v3prin.c index b529814319..d5ff268296 100644 --- a/src/lib/libssl/src/crypto/x509v3/v3prin.c +++ b/src/lib/libssl/src/crypto/x509v3/v3prin.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* v3prin.c */ | 1 | /* v3prin.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/crypto/x509v3/x509v3.h b/src/lib/libssl/src/crypto/x509v3/x509v3.h index db2b0482c1..9ef83da755 100644 --- a/src/lib/libssl/src/crypto/x509v3/x509v3.h +++ b/src/lib/libssl/src/crypto/x509v3/x509v3.h | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* x509v3.h */ | 1 | /* x509v3.h */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| @@ -363,6 +363,8 @@ DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION) | |||
| 363 | #define EXFLAG_NSCERT 0x8 | 363 | #define EXFLAG_NSCERT 0x8 |
| 364 | 364 | ||
| 365 | #define EXFLAG_CA 0x10 | 365 | #define EXFLAG_CA 0x10 |
| 366 | /* Really self issued not necessarily self signed */ | ||
| 367 | #define EXFLAG_SI 0x20 | ||
| 366 | #define EXFLAG_SS 0x20 | 368 | #define EXFLAG_SS 0x20 |
| 367 | #define EXFLAG_V1 0x40 | 369 | #define EXFLAG_V1 0x40 |
| 368 | #define EXFLAG_INVALID 0x80 | 370 | #define EXFLAG_INVALID 0x80 |
| @@ -370,7 +372,7 @@ DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION) | |||
| 370 | #define EXFLAG_CRITICAL 0x200 | 372 | #define EXFLAG_CRITICAL 0x200 |
| 371 | #define EXFLAG_PROXY 0x400 | 373 | #define EXFLAG_PROXY 0x400 |
| 372 | 374 | ||
| 373 | #define EXFLAG_INVALID_POLICY 0x400 | 375 | #define EXFLAG_INVALID_POLICY 0x800 |
| 374 | 376 | ||
| 375 | #define KU_DIGITAL_SIGNATURE 0x0080 | 377 | #define KU_DIGITAL_SIGNATURE 0x0080 |
| 376 | #define KU_NON_REPUDIATION 0x0040 | 378 | #define KU_NON_REPUDIATION 0x0040 |
diff --git a/src/lib/libssl/src/demos/asn1/ocsp.c b/src/lib/libssl/src/demos/asn1/ocsp.c index 0199fe1004..e89f1f72a6 100644 --- a/src/lib/libssl/src/demos/asn1/ocsp.c +++ b/src/lib/libssl/src/demos/asn1/ocsp.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* ocsp.c */ | 1 | /* ocsp.c */ |
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
diff --git a/src/lib/libssl/src/demos/jpake/Makefile b/src/lib/libssl/src/demos/jpake/Makefile new file mode 100644 index 0000000000..09b8f03d0c --- /dev/null +++ b/src/lib/libssl/src/demos/jpake/Makefile | |||
| @@ -0,0 +1,7 @@ | |||
| 1 | LDFLAGS=-L../.. -lcrypto | ||
| 2 | CFLAGS=-I../../include -Wall -Werror -g | ||
| 3 | |||
| 4 | all: jpakedemo | ||
| 5 | |||
| 6 | jpakedemo: jpakedemo.o | ||
| 7 | $(CC) -g -o jpakedemo jpakedemo.o $(LDFLAGS) | ||
diff --git a/src/lib/libssl/src/demos/jpake/jpakedemo.c b/src/lib/libssl/src/demos/jpake/jpakedemo.c new file mode 100644 index 0000000000..338a8810d9 --- /dev/null +++ b/src/lib/libssl/src/demos/jpake/jpakedemo.c | |||
| @@ -0,0 +1,469 @@ | |||
| 1 | #include "openssl/bn.h" | ||
| 2 | #include "openssl/sha.h" | ||
| 3 | #include <assert.h> | ||
| 4 | #include <string.h> | ||
| 5 | #include <stdlib.h> | ||
| 6 | |||
| 7 | /* Copyright (C) 2008 Ben Laurie (ben@links.org) */ | ||
| 8 | |||
| 9 | /* | ||
| 10 | * Implement J-PAKE, as described in | ||
| 11 | * http://grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf | ||
| 12 | * | ||
| 13 | * With hints from http://www.cl.cam.ac.uk/~fh240/software/JPAKE2.java. | ||
| 14 | */ | ||
| 15 | |||
| 16 | static void showbn(const char *name, const BIGNUM *bn) | ||
| 17 | { | ||
| 18 | fputs(name, stdout); | ||
| 19 | fputs(" = ", stdout); | ||
| 20 | BN_print_fp(stdout, bn); | ||
| 21 | putc('\n', stdout); | ||
| 22 | } | ||
| 23 | |||
| 24 | typedef struct | ||
| 25 | { | ||
| 26 | BN_CTX *ctx; // Perhaps not the best place for this? | ||
| 27 | BIGNUM *p; | ||
| 28 | BIGNUM *q; | ||
| 29 | BIGNUM *g; | ||
| 30 | } JPakeParameters; | ||
| 31 | |||
| 32 | static void JPakeParametersInit(JPakeParameters *params) | ||
| 33 | { | ||
| 34 | params->ctx = BN_CTX_new(); | ||
| 35 | |||
| 36 | // For now use p, q, g from Java sample code. Later, generate them. | ||
| 37 | params->p = NULL; | ||
| 38 | BN_hex2bn(¶ms->p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7"); | ||
| 39 | params->q = NULL; | ||
| 40 | BN_hex2bn(¶ms->q, "9760508f15230bccb292b982a2eb840bf0581cf5"); | ||
| 41 | params->g = NULL; | ||
| 42 | BN_hex2bn(¶ms->g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a"); | ||
| 43 | |||
| 44 | showbn("p", params->p); | ||
| 45 | showbn("q", params->q); | ||
| 46 | showbn("g", params->g); | ||
| 47 | } | ||
| 48 | |||
| 49 | typedef struct | ||
| 50 | { | ||
| 51 | BIGNUM *gr; // g^r (r random) | ||
| 52 | BIGNUM *b; // b = r - x*h, h=hash(g, g^r, g^x, name) | ||
| 53 | } JPakeZKP; | ||
| 54 | |||
| 55 | typedef struct | ||
| 56 | { | ||
| 57 | BIGNUM *gx; // g^x | ||
| 58 | JPakeZKP zkpx; // ZKP(x) | ||
| 59 | } JPakeStep1; | ||
| 60 | |||
| 61 | typedef struct | ||
| 62 | { | ||
| 63 | BIGNUM *X; // g^(xa + xc + xd) * xb * s | ||
| 64 | JPakeZKP zkpxbs; // ZKP(xb * s) | ||
| 65 | } JPakeStep2; | ||
| 66 | |||
| 67 | typedef struct | ||
| 68 | { | ||
| 69 | const char *name; // Must be unique | ||
| 70 | int base; // 1 for Alice, 3 for Bob. Only used for printing stuff. | ||
| 71 | JPakeStep1 s1c; // Alice's g^x3, ZKP(x3) or Bob's g^x1, ZKP(x1) | ||
| 72 | JPakeStep1 s1d; // Alice's g^x4, ZKP(x4) or Bob's g^x2, ZKP(x2) | ||
| 73 | JPakeStep2 s2; // Alice's A, ZKP(x2 * s) or Bob's B, ZKP(x4 * s) | ||
| 74 | } JPakeUserPublic; | ||
| 75 | |||
| 76 | /* | ||
| 77 | * The user structure. In the definition, (xa, xb, xc, xd) are Alice's | ||
| 78 | * (x1, x2, x3, x4) or Bob's (x3, x4, x1, x2). If you see what I mean. | ||
| 79 | */ | ||
| 80 | typedef struct | ||
| 81 | { | ||
| 82 | JPakeUserPublic p; | ||
| 83 | BIGNUM *secret; // The shared secret | ||
| 84 | BIGNUM *key; // The calculated (shared) key | ||
| 85 | BIGNUM *xa; // Alice's x1 or Bob's x3 | ||
| 86 | BIGNUM *xb; // Alice's x2 or Bob's x4 | ||
| 87 | } JPakeUser; | ||
| 88 | |||
| 89 | // Generate each party's random numbers. xa is in [0, q), xb is in [1, q). | ||
| 90 | static void genrand(JPakeUser *user, const JPakeParameters *params) | ||
| 91 | { | ||
| 92 | BIGNUM *qm1; | ||
| 93 | |||
| 94 | // xa in [0, q) | ||
| 95 | user->xa = BN_new(); | ||
| 96 | BN_rand_range(user->xa, params->q); | ||
| 97 | |||
| 98 | // q-1 | ||
| 99 | qm1 = BN_new(); | ||
| 100 | BN_copy(qm1, params->q); | ||
| 101 | BN_sub_word(qm1, 1); | ||
| 102 | |||
| 103 | // ... and xb in [0, q-1) | ||
| 104 | user->xb = BN_new(); | ||
| 105 | BN_rand_range(user->xb, qm1); | ||
| 106 | // [1, q) | ||
| 107 | BN_add_word(user->xb, 1); | ||
| 108 | |||
| 109 | // cleanup | ||
| 110 | BN_free(qm1); | ||
| 111 | |||
| 112 | // Show | ||
| 113 | printf("x%d", user->p.base); | ||
| 114 | showbn("", user->xa); | ||
| 115 | printf("x%d", user->p.base+1); | ||
| 116 | showbn("", user->xb); | ||
| 117 | } | ||
| 118 | |||
| 119 | static void hashlength(SHA_CTX *sha, size_t l) | ||
| 120 | { | ||
| 121 | unsigned char b[2]; | ||
| 122 | |||
| 123 | assert(l <= 0xffff); | ||
| 124 | b[0] = l >> 8; | ||
| 125 | b[1] = l&0xff; | ||
| 126 | SHA1_Update(sha, b, 2); | ||
| 127 | } | ||
| 128 | |||
| 129 | static void hashstring(SHA_CTX *sha, const char *string) | ||
| 130 | { | ||
| 131 | size_t l = strlen(string); | ||
| 132 | |||
| 133 | hashlength(sha, l); | ||
| 134 | SHA1_Update(sha, string, l); | ||
| 135 | } | ||
| 136 | |||
| 137 | static void hashbn(SHA_CTX *sha, const BIGNUM *bn) | ||
| 138 | { | ||
| 139 | size_t l = BN_num_bytes(bn); | ||
| 140 | unsigned char *bin = alloca(l); | ||
| 141 | |||
| 142 | hashlength(sha, l); | ||
| 143 | BN_bn2bin(bn, bin); | ||
| 144 | SHA1_Update(sha, bin, l); | ||
| 145 | } | ||
| 146 | |||
| 147 | // h=hash(g, g^r, g^x, name) | ||
| 148 | static void zkpHash(BIGNUM *h, const JPakeZKP *zkp, const BIGNUM *gx, | ||
| 149 | const JPakeUserPublic *from, const JPakeParameters *params) | ||
| 150 | { | ||
| 151 | unsigned char md[SHA_DIGEST_LENGTH]; | ||
| 152 | SHA_CTX sha; | ||
| 153 | |||
| 154 | // XXX: hash should not allow moving of the boundaries - Java code | ||
| 155 | // is flawed in this respect. Length encoding seems simplest. | ||
| 156 | SHA1_Init(&sha); | ||
| 157 | hashbn(&sha, params->g); | ||
| 158 | hashbn(&sha, zkp->gr); | ||
| 159 | hashbn(&sha, gx); | ||
| 160 | hashstring(&sha, from->name); | ||
| 161 | SHA1_Final(md, &sha); | ||
| 162 | BN_bin2bn(md, SHA_DIGEST_LENGTH, h); | ||
| 163 | } | ||
| 164 | |||
| 165 | // Prove knowledge of x | ||
| 166 | // Note that we don't send g^x because, as it happens, we've always | ||
| 167 | // sent it elsewhere. Also note that because of that, we could avoid | ||
| 168 | // calculating it here, but we don't, for clarity... | ||
| 169 | static void CreateZKP(JPakeZKP *zkp, const BIGNUM *x, const JPakeUser *us, | ||
| 170 | const BIGNUM *zkpg, const JPakeParameters *params, | ||
| 171 | int n, const char *suffix) | ||
| 172 | { | ||
| 173 | BIGNUM *r = BN_new(); | ||
| 174 | BIGNUM *gx = BN_new(); | ||
| 175 | BIGNUM *h = BN_new(); | ||
| 176 | BIGNUM *t = BN_new(); | ||
| 177 | |||
| 178 | // r in [0,q) | ||
| 179 | // XXX: Java chooses r in [0, 2^160) - i.e. distribution not uniform | ||
| 180 | BN_rand_range(r, params->q); | ||
| 181 | // g^r | ||
| 182 | zkp->gr = BN_new(); | ||
| 183 | BN_mod_exp(zkp->gr, zkpg, r, params->p, params->ctx); | ||
| 184 | // g^x | ||
| 185 | BN_mod_exp(gx, zkpg, x, params->p, params->ctx); | ||
| 186 | |||
| 187 | // h=hash... | ||
| 188 | zkpHash(h, zkp, gx, &us->p, params); | ||
| 189 | |||
| 190 | // b = r - x*h | ||
| 191 | BN_mod_mul(t, x, h, params->q, params->ctx); | ||
| 192 | zkp->b = BN_new(); | ||
| 193 | BN_mod_sub(zkp->b, r, t, params->q, params->ctx); | ||
| 194 | |||
| 195 | // show | ||
| 196 | printf(" ZKP(x%d%s)\n", n, suffix); | ||
| 197 | showbn(" zkpg", zkpg); | ||
| 198 | showbn(" g^x", gx); | ||
| 199 | showbn(" g^r", zkp->gr); | ||
| 200 | showbn(" b", zkp->b); | ||
| 201 | |||
| 202 | // cleanup | ||
| 203 | BN_free(t); | ||
| 204 | BN_free(h); | ||
| 205 | BN_free(gx); | ||
| 206 | BN_free(r); | ||
| 207 | } | ||
| 208 | |||
| 209 | static int VerifyZKP(const JPakeZKP *zkp, BIGNUM *gx, | ||
| 210 | const JPakeUserPublic *them, const BIGNUM *zkpg, | ||
| 211 | const JPakeParameters *params, int n, const char *suffix) | ||
| 212 | { | ||
| 213 | BIGNUM *h = BN_new(); | ||
| 214 | BIGNUM *t1 = BN_new(); | ||
| 215 | BIGNUM *t2 = BN_new(); | ||
| 216 | BIGNUM *t3 = BN_new(); | ||
| 217 | int ret = 0; | ||
| 218 | |||
| 219 | zkpHash(h, zkp, gx, them, params); | ||
| 220 | |||
| 221 | // t1 = g^b | ||
| 222 | BN_mod_exp(t1, zkpg, zkp->b, params->p, params->ctx); | ||
| 223 | // t2 = (g^x)^h = g^{hx} | ||
| 224 | BN_mod_exp(t2, gx, h, params->p, params->ctx); | ||
| 225 | // t3 = t1 * t2 = g^{hx} * g^b = g^{hx+b} = g^r (allegedly) | ||
| 226 | BN_mod_mul(t3, t1, t2, params->p, params->ctx); | ||
| 227 | |||
| 228 | printf(" ZKP(x%d%s)\n", n, suffix); | ||
| 229 | showbn(" zkpg", zkpg); | ||
| 230 | showbn(" g^r'", t3); | ||
| 231 | |||
| 232 | // verify t3 == g^r | ||
| 233 | if(BN_cmp(t3, zkp->gr) == 0) | ||
| 234 | ret = 1; | ||
| 235 | |||
| 236 | // cleanup | ||
| 237 | BN_free(t3); | ||
| 238 | BN_free(t2); | ||
| 239 | BN_free(t1); | ||
| 240 | BN_free(h); | ||
| 241 | |||
| 242 | if(ret) | ||
| 243 | puts(" OK"); | ||
| 244 | else | ||
| 245 | puts(" FAIL"); | ||
| 246 | |||
| 247 | return ret; | ||
| 248 | } | ||
| 249 | |||
| 250 | static void sendstep1_substep(JPakeStep1 *s1, const BIGNUM *x, | ||
| 251 | const JPakeUser *us, | ||
| 252 | const JPakeParameters *params, int n) | ||
| 253 | { | ||
| 254 | s1->gx = BN_new(); | ||
| 255 | BN_mod_exp(s1->gx, params->g, x, params->p, params->ctx); | ||
| 256 | printf(" g^{x%d}", n); | ||
| 257 | showbn("", s1->gx); | ||
| 258 | |||
| 259 | CreateZKP(&s1->zkpx, x, us, params->g, params, n, ""); | ||
| 260 | } | ||
| 261 | |||
| 262 | static void sendstep1(const JPakeUser *us, JPakeUserPublic *them, | ||
| 263 | const JPakeParameters *params) | ||
| 264 | { | ||
| 265 | printf("\n%s sends %s:\n\n", us->p.name, them->name); | ||
| 266 | |||
| 267 | // from's g^xa (which becomes to's g^xc) and ZKP(xa) | ||
| 268 | sendstep1_substep(&them->s1c, us->xa, us, params, us->p.base); | ||
| 269 | // from's g^xb (which becomes to's g^xd) and ZKP(xb) | ||
| 270 | sendstep1_substep(&them->s1d, us->xb, us, params, us->p.base+1); | ||
| 271 | } | ||
| 272 | |||
| 273 | static int verifystep1(const JPakeUser *us, const JPakeUserPublic *them, | ||
| 274 | const JPakeParameters *params) | ||
| 275 | { | ||
| 276 | printf("\n%s verifies %s:\n\n", us->p.name, them->name); | ||
| 277 | |||
| 278 | // verify their ZKP(xc) | ||
| 279 | if(!VerifyZKP(&us->p.s1c.zkpx, us->p.s1c.gx, them, params->g, params, | ||
| 280 | them->base, "")) | ||
| 281 | return 0; | ||
| 282 | |||
| 283 | // verify their ZKP(xd) | ||
| 284 | if(!VerifyZKP(&us->p.s1d.zkpx, us->p.s1d.gx, them, params->g, params, | ||
| 285 | them->base+1, "")) | ||
| 286 | return 0; | ||
| 287 | |||
| 288 | // g^xd != 1 | ||
| 289 | printf(" g^{x%d} != 1: ", them->base+1); | ||
| 290 | if(BN_is_one(us->p.s1d.gx)) | ||
| 291 | { | ||
| 292 | puts("FAIL"); | ||
| 293 | return 0; | ||
| 294 | } | ||
| 295 | puts("OK"); | ||
| 296 | |||
| 297 | return 1; | ||
| 298 | } | ||
| 299 | |||
| 300 | static void sendstep2(const JPakeUser *us, JPakeUserPublic *them, | ||
| 301 | const JPakeParameters *params) | ||
| 302 | { | ||
| 303 | BIGNUM *t1 = BN_new(); | ||
| 304 | BIGNUM *t2 = BN_new(); | ||
| 305 | |||
| 306 | printf("\n%s sends %s:\n\n", us->p.name, them->name); | ||
| 307 | |||
| 308 | // X = g^{(xa + xc + xd) * xb * s} | ||
| 309 | // t1 = g^xa | ||
| 310 | BN_mod_exp(t1, params->g, us->xa, params->p, params->ctx); | ||
| 311 | // t2 = t1 * g^{xc} = g^{xa} * g^{xc} = g^{xa + xc} | ||
| 312 | BN_mod_mul(t2, t1, us->p.s1c.gx, params->p, params->ctx); | ||
| 313 | // t1 = t2 * g^{xd} = g^{xa + xc + xd} | ||
| 314 | BN_mod_mul(t1, t2, us->p.s1d.gx, params->p, params->ctx); | ||
| 315 | // t2 = xb * s | ||
| 316 | BN_mod_mul(t2, us->xb, us->secret, params->q, params->ctx); | ||
| 317 | // X = t1^{t2} = t1^{xb * s} = g^{(xa + xc + xd) * xb * s} | ||
| 318 | them->s2.X = BN_new(); | ||
| 319 | BN_mod_exp(them->s2.X, t1, t2, params->p, params->ctx); | ||
| 320 | |||
| 321 | // Show | ||
| 322 | printf(" g^{(x%d + x%d + x%d) * x%d * s)", us->p.base, them->base, | ||
| 323 | them->base+1, us->p.base+1); | ||
| 324 | showbn("", them->s2.X); | ||
| 325 | |||
| 326 | // ZKP(xb * s) | ||
| 327 | // XXX: this is kinda funky, because we're using | ||
| 328 | // | ||
| 329 | // g' = g^{xa + xc + xd} | ||
| 330 | // | ||
| 331 | // as the generator, which means X is g'^{xb * s} | ||
| 332 | CreateZKP(&them->s2.zkpxbs, t2, us, t1, params, us->p.base+1, " * s"); | ||
| 333 | |||
| 334 | // cleanup | ||
| 335 | BN_free(t1); | ||
| 336 | BN_free(t2); | ||
| 337 | } | ||
| 338 | |||
| 339 | static int verifystep2(const JPakeUser *us, const JPakeUserPublic *them, | ||
| 340 | const JPakeParameters *params) | ||
| 341 | { | ||
| 342 | BIGNUM *t1 = BN_new(); | ||
| 343 | BIGNUM *t2 = BN_new(); | ||
| 344 | int ret = 0; | ||
| 345 | |||
| 346 | printf("\n%s verifies %s:\n\n", us->p.name, them->name); | ||
| 347 | |||
| 348 | // g' = g^{xc + xa + xb} [from our POV] | ||
| 349 | // t1 = xa + xb | ||
| 350 | BN_mod_add(t1, us->xa, us->xb, params->q, params->ctx); | ||
| 351 | // t2 = g^{t1} = g^{xa+xb} | ||
| 352 | BN_mod_exp(t2, params->g, t1, params->p, params->ctx); | ||
| 353 | // t1 = g^{xc} * t2 = g^{xc + xa + xb} | ||
| 354 | BN_mod_mul(t1, us->p.s1c.gx, t2, params->p, params->ctx); | ||
| 355 | |||
| 356 | if(VerifyZKP(&us->p.s2.zkpxbs, us->p.s2.X, them, t1, params, them->base+1, | ||
| 357 | " * s")) | ||
| 358 | ret = 1; | ||
| 359 | |||
| 360 | // cleanup | ||
| 361 | BN_free(t2); | ||
| 362 | BN_free(t1); | ||
| 363 | |||
| 364 | return ret; | ||
| 365 | } | ||
| 366 | |||
| 367 | static void computekey(JPakeUser *us, const JPakeParameters *params) | ||
| 368 | { | ||
| 369 | BIGNUM *t1 = BN_new(); | ||
| 370 | BIGNUM *t2 = BN_new(); | ||
| 371 | BIGNUM *t3 = BN_new(); | ||
| 372 | |||
| 373 | printf("\n%s calculates the shared key:\n\n", us->p.name); | ||
| 374 | |||
| 375 | // K = (X/g^{xb * xd * s})^{xb} | ||
| 376 | // = (g^{(xc + xa + xb) * xd * s - xb * xd *s})^{xb} | ||
| 377 | // = (g^{(xa + xc) * xd * s})^{xb} | ||
| 378 | // = g^{(xa + xc) * xb * xd * s} | ||
| 379 | // [which is the same regardless of who calculates it] | ||
| 380 | |||
| 381 | // t1 = (g^{xd})^{xb} = g^{xb * xd} | ||
| 382 | BN_mod_exp(t1, us->p.s1d.gx, us->xb, params->p, params->ctx); | ||
| 383 | // t2 = -s = q-s | ||
| 384 | BN_sub(t2, params->q, us->secret); | ||
| 385 | // t3 = t1^t2 = g^{-xb * xd * s} | ||
| 386 | BN_mod_exp(t3, t1, t2, params->p, params->ctx); | ||
| 387 | // t1 = X * t3 = X/g^{xb * xd * s} | ||
| 388 | BN_mod_mul(t1, us->p.s2.X, t3, params->p, params->ctx); | ||
| 389 | // K = t1^{xb} | ||
| 390 | us->key = BN_new(); | ||
| 391 | BN_mod_exp(us->key, t1, us->xb, params->p, params->ctx); | ||
| 392 | |||
| 393 | // show | ||
| 394 | showbn(" K", us->key); | ||
| 395 | |||
| 396 | // cleanup | ||
| 397 | BN_free(t3); | ||
| 398 | BN_free(t2); | ||
| 399 | BN_free(t1); | ||
| 400 | } | ||
| 401 | |||
| 402 | int main(int argc, char **argv) | ||
| 403 | { | ||
| 404 | JPakeParameters params; | ||
| 405 | JPakeUser alice, bob; | ||
| 406 | |||
| 407 | alice.p.name = "Alice"; | ||
| 408 | alice.p.base = 1; | ||
| 409 | bob.p.name = "Bob"; | ||
| 410 | bob.p.base = 3; | ||
| 411 | |||
| 412 | JPakeParametersInit(¶ms); | ||
| 413 | |||
| 414 | // Shared secret | ||
| 415 | alice.secret = BN_new(); | ||
| 416 | BN_rand(alice.secret, 32, -1, 0); | ||
| 417 | bob.secret = alice.secret; | ||
| 418 | showbn("secret", alice.secret); | ||
| 419 | |||
| 420 | assert(BN_cmp(alice.secret, params.q) < 0); | ||
| 421 | |||
| 422 | // Alice's x1, x2 | ||
| 423 | genrand(&alice, ¶ms); | ||
| 424 | |||
| 425 | // Bob's x3, x4 | ||
| 426 | genrand(&bob, ¶ms); | ||
| 427 | |||
| 428 | // Now send stuff to each other... | ||
| 429 | sendstep1(&alice, &bob.p, ¶ms); | ||
| 430 | sendstep1(&bob, &alice.p, ¶ms); | ||
| 431 | |||
| 432 | // And verify what each other sent | ||
| 433 | if(!verifystep1(&alice, &bob.p, ¶ms)) | ||
| 434 | return 1; | ||
| 435 | if(!verifystep1(&bob, &alice.p, ¶ms)) | ||
| 436 | return 2; | ||
| 437 | |||
| 438 | // Second send | ||
| 439 | sendstep2(&alice, &bob.p, ¶ms); | ||
| 440 | sendstep2(&bob, &alice.p, ¶ms); | ||
| 441 | |||
| 442 | // And second verify | ||
| 443 | if(!verifystep2(&alice, &bob.p, ¶ms)) | ||
| 444 | return 3; | ||
| 445 | if(!verifystep2(&bob, &alice.p, ¶ms)) | ||
| 446 | return 4; | ||
| 447 | |||
| 448 | // Compute common key | ||
| 449 | computekey(&alice, ¶ms); | ||
| 450 | computekey(&bob, ¶ms); | ||
| 451 | |||
| 452 | // Confirm the common key is identical | ||
| 453 | // XXX: if the two secrets are not the same, everything works up | ||
| 454 | // to this point, so the only way to detect a failure is by the | ||
| 455 | // difference in the calculated keys. | ||
| 456 | // Since we're all the same code, just compare them directly. In a | ||
| 457 | // real system, Alice sends Bob H(H(K)), Bob checks it, then sends | ||
| 458 | // back H(K), which Alice checks, or something equivalent. | ||
| 459 | puts("\nAlice and Bob check keys are the same:"); | ||
| 460 | if(BN_cmp(alice.key, bob.key) == 0) | ||
| 461 | puts(" OK"); | ||
| 462 | else | ||
| 463 | { | ||
| 464 | puts(" FAIL"); | ||
| 465 | return 5; | ||
| 466 | } | ||
| 467 | |||
| 468 | return 0; | ||
| 469 | } | ||
diff --git a/src/lib/libssl/src/doc/crypto/RAND_egd.pod b/src/lib/libssl/src/doc/crypto/RAND_egd.pod index 079838ea2e..8b8c61d161 100644 --- a/src/lib/libssl/src/doc/crypto/RAND_egd.pod +++ b/src/lib/libssl/src/doc/crypto/RAND_egd.pod | |||
| @@ -45,8 +45,11 @@ EGD is available from http://www.lothar.com/tech/crypto/ (C<perl | |||
| 45 | Makefile.PL; make; make install> to install). It is run as B<egd> | 45 | Makefile.PL; make; make install> to install). It is run as B<egd> |
| 46 | I<path>, where I<path> is an absolute path designating a socket. When | 46 | I<path>, where I<path> is an absolute path designating a socket. When |
| 47 | RAND_egd() is called with that path as an argument, it tries to read | 47 | RAND_egd() is called with that path as an argument, it tries to read |
| 48 | random bytes that EGD has collected. The read is performed in | 48 | random bytes that EGD has collected. RAND_egd() retrieves entropy from the |
| 49 | non-blocking mode. | 49 | daemon using the daemon's "non-blocking read" command which shall |
| 50 | be answered immediately by the daemon without waiting for additional | ||
| 51 | entropy to be collected. The write and read socket operations in the | ||
| 52 | communication are blocking. | ||
| 50 | 53 | ||
| 51 | Alternatively, the EGD-interface compatible daemon PRNGD can be used. It is | 54 | Alternatively, the EGD-interface compatible daemon PRNGD can be used. It is |
| 52 | available from | 55 | available from |
diff --git a/src/lib/libssl/src/doc/ssl/SSL_read.pod b/src/lib/libssl/src/doc/ssl/SSL_read.pod index f6c37f77e4..7038cd2d75 100644 --- a/src/lib/libssl/src/doc/ssl/SSL_read.pod +++ b/src/lib/libssl/src/doc/ssl/SSL_read.pod | |||
| @@ -64,6 +64,11 @@ non-blocking socket, nothing is to be done, but select() can be used to check | |||
| 64 | for the required condition. When using a buffering BIO, like a BIO pair, data | 64 | for the required condition. When using a buffering BIO, like a BIO pair, data |
| 65 | must be written into or retrieved out of the BIO before being able to continue. | 65 | must be written into or retrieved out of the BIO before being able to continue. |
| 66 | 66 | ||
| 67 | L<SSL_pending(3)|SSL_pending(3)> can be used to find out whether there | ||
| 68 | are buffered bytes available for immediate retrieval. In this case | ||
| 69 | SSL_read() can be called without blocking or actually receiving new | ||
| 70 | data from the underlying socket. | ||
| 71 | |||
| 67 | =head1 WARNING | 72 | =head1 WARNING |
| 68 | 73 | ||
| 69 | When an SSL_read() operation has to be repeated because of | 74 | When an SSL_read() operation has to be repeated because of |
| @@ -112,6 +117,7 @@ L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_write(3)|SSL_write(3)>, | |||
| 112 | L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>, | 117 | L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>, |
| 113 | L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)> | 118 | L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)> |
| 114 | L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>, | 119 | L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>, |
| 120 | L<SSL_pending(3)|SSL_pending(3)>, | ||
| 115 | L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>, | 121 | L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>, |
| 116 | L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)> | 122 | L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)> |
| 117 | 123 | ||
diff --git a/src/lib/libssl/src/e_os.h b/src/lib/libssl/src/e_os.h index acc6a15eb7..9c5c6fdb92 100644 --- a/src/lib/libssl/src/e_os.h +++ b/src/lib/libssl/src/e_os.h | |||
| @@ -269,6 +269,7 @@ extern "C" { | |||
| 269 | # define _WIN32_WINNT 0x0400 | 269 | # define _WIN32_WINNT 0x0400 |
| 270 | # endif | 270 | # endif |
| 271 | # include <windows.h> | 271 | # include <windows.h> |
| 272 | # include <stdio.h> | ||
| 272 | # include <stddef.h> | 273 | # include <stddef.h> |
| 273 | # include <errno.h> | 274 | # include <errno.h> |
| 274 | # include <string.h> | 275 | # include <string.h> |
| @@ -284,13 +285,38 @@ static unsigned int _strlen31(const char *str) | |||
| 284 | # endif | 285 | # endif |
| 285 | # include <malloc.h> | 286 | # include <malloc.h> |
| 286 | # if defined(_MSC_VER) && _MSC_VER<=1200 && defined(_MT) && defined(isspace) | 287 | # if defined(_MSC_VER) && _MSC_VER<=1200 && defined(_MT) && defined(isspace) |
| 287 | /* compensate for bug is VC6 ctype.h */ | 288 | /* compensate for bug in VC6 ctype.h */ |
| 288 | # undef isspace | 289 | # undef isspace |
| 289 | # undef isdigit | 290 | # undef isdigit |
| 290 | # undef isalnum | 291 | # undef isalnum |
| 291 | # undef isupper | 292 | # undef isupper |
| 292 | # undef isxdigit | 293 | # undef isxdigit |
| 293 | # endif | 294 | # endif |
| 295 | # if defined(_MSC_VER) && !defined(_DLL) && defined(stdin) | ||
| 296 | # if _MSC_VER>=1300 | ||
| 297 | # undef stdin | ||
| 298 | # undef stdout | ||
| 299 | # undef stderr | ||
| 300 | FILE *__iob_func(); | ||
| 301 | # define stdin (&__iob_func()[0]) | ||
| 302 | # define stdout (&__iob_func()[1]) | ||
| 303 | # define stderr (&__iob_func()[2]) | ||
| 304 | # elif defined(I_CAN_LIVE_WITH_LNK4049) | ||
| 305 | # undef stdin | ||
| 306 | # undef stdout | ||
| 307 | # undef stderr | ||
| 308 | /* pre-1300 has __p__iob(), but it's available only in msvcrt.lib, | ||
| 309 | * or in other words with /MD. Declaring implicit import, i.e. | ||
| 310 | * with _imp_ prefix, works correctly with all compiler options, | ||
| 311 | * but without /MD results in LINK warning LNK4049: | ||
| 312 | * 'locally defined symbol "__iob" imported'. | ||
| 313 | */ | ||
| 314 | extern FILE *_imp___iob; | ||
| 315 | # define stdin (&_imp___iob[0]) | ||
| 316 | # define stdout (&_imp___iob[1]) | ||
| 317 | # define stderr (&_imp___iob[2]) | ||
| 318 | # endif | ||
| 319 | # endif | ||
| 294 | # endif | 320 | # endif |
| 295 | # include <io.h> | 321 | # include <io.h> |
| 296 | # include <fcntl.h> | 322 | # include <fcntl.h> |
diff --git a/src/lib/libssl/src/fips/Makefile b/src/lib/libssl/src/fips/Makefile index 63e4cf82be..d6dcb79a28 100644 --- a/src/lib/libssl/src/fips/Makefile +++ b/src/lib/libssl/src/fips/Makefile | |||
| @@ -1,199 +1,219 @@ | |||
| 1 | # | 1 | # |
| 2 | # SSLeay/fips/Makefile | 2 | # OpenSSL/crypto/Makefile |
| 3 | # | 3 | # |
| 4 | 4 | ||
| 5 | DIR= fips | 5 | DIR= fips |
| 6 | TOP= .. | 6 | TOP= .. |
| 7 | CC= cc | 7 | CC= cc |
| 8 | INCLUDE= -I. -I$(TOP) -I../include | 8 | INCLUDE= -I. -I$(TOP) -I../include |
| 9 | # INCLUDES targets sudbirs! | ||
| 9 | INCLUDES= -I.. -I../.. -I../../include | 10 | INCLUDES= -I.. -I../.. -I../../include |
| 10 | CFLAG= -g | 11 | CFLAG= -g |
| 11 | INSTALL_PREFIX= | ||
| 12 | OPENSSLDIR= /usr/local/ssl | ||
| 13 | INSTALLTOP= /usr/local/ssl | ||
| 14 | MAKEDEPPROG= makedepend | 12 | MAKEDEPPROG= makedepend |
| 15 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | 13 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) |
| 16 | MAKEFILE= Makefile | 14 | MAKEFILE= Makefile |
| 17 | RM= rm -f | 15 | RM= rm -f |
| 18 | AR= ar r | 16 | AR= ar r |
| 17 | ARD= ar d | ||
| 18 | TEST= fips_test_suite.c | ||
| 19 | FIPS_TVDIR= testvectors | ||
| 20 | FIPS_TVOK= $$HOME/fips/tv.ok | ||
| 19 | 21 | ||
| 20 | PEX_LIBS= | 22 | FIPSCANLOC= $(FIPSLIBDIR)fipscanister.o |
| 21 | EX_LIBS= | ||
| 22 | 23 | ||
| 23 | CFLAGS= $(INCLUDE) $(CFLAG) | 24 | RECURSIVE_MAKE= [ -n "$(FDIRS)" ] && for i in $(FDIRS) ; do \ |
| 25 | (cd $$i && echo "making $$target in $(DIR)/$$i..." && \ | ||
| 26 | $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='${INCLUDES}' $$target ) || exit 1; \ | ||
| 27 | done; | ||
| 24 | 28 | ||
| 29 | PEX_LIBS= | ||
| 30 | EX_LIBS= | ||
| 31 | |||
| 32 | CFLAGS= $(INCLUDE) $(CFLAG) -DHMAC_EXT=\"$${HMAC_EXT:-sha1}\" | ||
| 33 | ASFLAGS= $(INCLUDE) $(ASFLAG) | ||
| 34 | AFLAGS=$(ASFLAGS) | ||
| 25 | 35 | ||
| 26 | LIBS= | 36 | LIBS= |
| 27 | 37 | ||
| 28 | FDIRS=sha1 rand des aes dsa rsa dh | 38 | FDIRS=sha rand des aes dsa rsa dh hmac |
| 29 | 39 | ||
| 30 | GENERAL=Makefile README fips-lib.com install.com | 40 | GENERAL=Makefile README fips-lib.com install.com |
| 31 | 41 | ||
| 32 | LIB= $(TOP)/libcrypto.a | 42 | LIB= $(TOP)/libcrypto.a |
| 33 | SHARED_LIB= libcrypto$(SHLIB_EXT) | 43 | SHARED_LIB= $(FIPSCANLIB)$(SHLIB_EXT) |
| 34 | LIBSRC=fips.c fips_err_wrapper.c | 44 | LIBSRC=fips.c |
| 35 | LIBOBJ=fips.o fips_err_wrapper.o | 45 | LIBOBJ=fips.o |
| 46 | |||
| 47 | FIPS_OBJ_LISTS=sha/lib hmac/lib rand/lib des/lib aes/lib dsa/lib rsa/lib dh/lib | ||
| 36 | 48 | ||
| 37 | SRC= $(LIBSRC) | 49 | SRC= $(LIBSRC) |
| 38 | 50 | ||
| 39 | EXHEADER=fips.h | 51 | EXHEADER=fips.h |
| 40 | HEADER=$(EXHEADER) fips_err.h | 52 | HEADER=$(EXHEADER) fips_utl.h fips_locl.h |
| 41 | EXE=openssl_fips_fingerprint | 53 | EXE=fipsld |
| 42 | 54 | ||
| 43 | ALL= $(GENERAL) $(SRC) $(HEADER) | 55 | ALL= $(GENERAL) $(SRC) $(HEADER) |
| 44 | 56 | ||
| 45 | top: | 57 | top: |
| 46 | @(cd ..; $(MAKE) DIRS=$(DIR) all) | 58 | @(cd ..; $(MAKE) DIRS=$(DIR) all) |
| 47 | 59 | ||
| 60 | testapps: | ||
| 61 | @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi | ||
| 62 | |||
| 48 | all: | 63 | all: |
| 49 | @if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \ | 64 | @if [ -z "$(FIPSLIBDIR)" ]; then \ |
| 50 | $(MAKE) -e subdirs check lib shared; \ | 65 | $(MAKE) -e subdirs lib fips_premain_dso$(EXE_EXT); \ |
| 66 | else \ | ||
| 67 | $(MAKE) -e lib fips_premain_dso$(EXE_EXT) fips_standalone_sha1$(EXE_EXT); \ | ||
| 51 | fi | 68 | fi |
| 52 | 69 | ||
| 53 | check: | 70 | # Idea behind fipscanister.o is to "seize" the sequestered code between |
| 54 | TOP=`pwd`/$(TOP) ./fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | 71 | # known symbols for fingerprinting purposes, which would be commonly |
| 72 | # done with ld -r start.o ... end.o. The latter however presents a minor | ||
| 73 | # challenge on multi-ABI platforms. As just implied, we'd rather use ld, | ||
| 74 | # but the trouble is that we don't generally know how ABI-selection | ||
| 75 | # compiler flag is translated to corresponding linker flag. All compiler | ||
| 76 | # drivers seem to recognize -r flag and pass it down to linker, but some | ||
| 77 | # of them, including gcc, erroneously add -lc, as well as run-time | ||
| 78 | # components, such as crt1.o and alike. Fortunately among those vendor | ||
| 79 | # compilers which were observed to misinterpret -r flag multi-ABI ones | ||
| 80 | # are equipped with smart linkers, which don't require any ABI-selection | ||
| 81 | # flag and simply assume that all objects are of the same type as first | ||
| 82 | # one in command line. So the idea is to identify gcc and deficient | ||
| 83 | # vendor compiler drivers... | ||
| 84 | |||
| 85 | fipscanister.o: fips_start.o $(LIBOBJ) $(FIPS_OBJ_LISTS) fips_end.o | ||
| 86 | FIPS_ASM=""; \ | ||
| 87 | list="$(BN_ASM)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/bn/$$i" ; done; \ | ||
| 88 | list="$(AES_ASM_OBJ)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/aes/$$i" ; done; \ | ||
| 89 | list="$(DES_ENC)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/des/$$i" ; done; \ | ||
| 90 | list="$(SHA1_ASM_OBJ)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/sha/$$i" ; done; \ | ||
| 91 | if [ -n "$(CPUID_OBJ)" ]; then \ | ||
| 92 | CPUID=../crypto/$(CPUID_OBJ) ; \ | ||
| 93 | else \ | ||
| 94 | CPUID="" ; \ | ||
| 95 | fi ; \ | ||
| 96 | objs="fips_start.o $(LIBOBJ) $(FIPS_EX_OBJ) $$CPUID $$FIPS_ASM"; \ | ||
| 97 | for i in $(FIPS_OBJ_LISTS); do \ | ||
| 98 | dir=`dirname $$i`; script="s|^|$$dir/|;s| | $$dir/|g"; \ | ||
| 99 | objs="$$objs `sed "$$script" $$i`"; \ | ||
| 100 | done; \ | ||
| 101 | objs="$$objs fips_end.o" ; \ | ||
| 102 | os="`(uname -s) 2>/dev/null`"; cflags="$(CFLAGS)"; \ | ||
| 103 | [ "$$os" = "AIX" ] && cflags="$$cflags -Wl,-bnoobjreorder"; \ | ||
| 104 | if [ -n "${FIPS_SITE_LD}" ]; then \ | ||
| 105 | set -x; ${FIPS_SITE_LD} -r -o $@ $$objs; \ | ||
| 106 | elif $(CC) -dumpversion >/dev/null 2>&1; then \ | ||
| 107 | set -x; $(CC) $$cflags -r -nostdlib -o $@ $$objs ; \ | ||
| 108 | else case "$$os" in \ | ||
| 109 | HP-UX|OSF1|SunOS) set -x; /usr/ccs/bin/ld -r -o $@ $$objs ;; \ | ||
| 110 | *) set -x; $(CC) $$cflags -r -o $@ $$objs ;; \ | ||
| 111 | esac fi | ||
| 112 | ./fips_standalone_sha1 fipscanister.o > fipscanister.o.sha1 | ||
| 113 | |||
| 114 | # If another exception is immediately required, assign approprite | ||
| 115 | # site-specific ld command to FIPS_SITE_LD environment variable. | ||
| 116 | |||
| 117 | fips_start.o: fips_canister.c | ||
| 118 | $(CC) $(CFLAGS) -DFIPS_START -c -o $@ fips_canister.c | ||
| 119 | fips_end.o: fips_canister.c | ||
| 120 | $(CC) $(CFLAGS) -DFIPS_END -c -o $@ fips_canister.c | ||
| 121 | fips_premain_dso$(EXE_EXT): fips_premain.c | ||
| 122 | $(CC) $(CFLAGS) -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ fips_premain.c \ | ||
| 123 | $(FIPSLIBDIR)fipscanister.o ../libcrypto.a $(EX_LIBS) | ||
| 124 | # this is executed only when linking with external fipscanister.o | ||
| 125 | fips_standalone_sha1$(EXE_EXT): sha/fips_standalone_sha1.c | ||
| 126 | $(CC) $(CFLAGS) -DFIPSCANISTER_O -o $@ sha/fips_standalone_sha1.c $(FIPSLIBDIR)fipscanister.o | ||
| 55 | 127 | ||
| 56 | subdirs: | 128 | subdirs: |
| 57 | @for i in $(FDIRS) ;\ | 129 | @target=all; $(RECURSIVE_MAKE) |
| 58 | do \ | ||
| 59 | (cd $$i && echo "making all in fips/$$i..." && \ | ||
| 60 | $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' all ) || exit 1; \ | ||
| 61 | done; | ||
| 62 | |||
| 63 | sub_target: | ||
| 64 | @for i in $(FDIRS) ;\ | ||
| 65 | do \ | ||
| 66 | (cd $$i && echo "making $(TARGET) in fips/$$i..." && \ | ||
| 67 | $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' $(TARGET) ) || exit 1; \ | ||
| 68 | done; | ||
| 69 | 130 | ||
| 70 | files: | 131 | files: |
| 71 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | 132 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
| 72 | @for i in $(FDIRS) ;\ | 133 | @target=files; $(RECURSIVE_MAKE) |
| 73 | do \ | ||
| 74 | (cd $$i && echo "making 'files' in fips/$$i..." && \ | ||
| 75 | $(MAKE) PERL='${PERL}' files ); \ | ||
| 76 | done; | ||
| 77 | 134 | ||
| 78 | links: | 135 | links: |
| 79 | @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) | 136 | @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) |
| 80 | @for i in $(FDIRS); do \ | 137 | @$(PERL) $(TOP)/util/mklink.pl ../test $(TEST) |
| 81 | (cd $$i && echo "making links in fips/$$i..." && \ | 138 | @target=links; $(RECURSIVE_MAKE) |
| 82 | $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PERL='${PERL}' links ); \ | ||
| 83 | done; | ||
| 84 | 139 | ||
| 85 | lib: $(LIBOBJ) | 140 | # lib: and $(LIB): are splitted to avoid end-less loop |
| 86 | $(AR) $(LIB) $(LIBOBJ) | 141 | lib: $(LIB) |
| 87 | $(RANLIB) $(LIB) || echo Never mind. | 142 | if [ "$(FIPSCANISTERINTERNAL)" = "n" -a -n "$(FIPSCANLOC)" ]; then $(AR) ../$(FIPSCANLIB).a $(FIPSCANLOC); fi |
| 88 | @touch lib | 143 | @touch lib |
| 89 | 144 | ||
| 90 | shared: | 145 | $(LIB): $(FIPSLIBDIR)fipscanister.o |
| 91 | if [ -n "$(SHARED_LIBS)" ]; then \ | 146 | $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o |
| 92 | (cd ..; $(MAKE) $(SHARED_LIB)); \ | 147 | $(RANLIB) $(LIB) || echo Never mind. |
| 148 | |||
| 149 | $(FIPSCANLIB): $(FIPSCANLOC) | ||
| 150 | $(AR) ../$(FIPSCANLIB).a $(FIPSCANLOC) | ||
| 151 | if [ "$(FIPSCANLIB)" = "libfips" ]; then \ | ||
| 152 | $(AR) $(LIB) $(FIPSCANLOC) ; \ | ||
| 153 | $(RANLIB) $(LIB) || echo Never Mind. ; \ | ||
| 93 | fi | 154 | fi |
| 155 | $(RANLIB) ../$(FIPSCANLIB).a || echo Never mind. | ||
| 156 | @touch lib | ||
| 94 | 157 | ||
| 95 | libs: | 158 | shared: lib subdirs fips_premain_dso$(EXE_EXT) |
| 96 | @for i in $(FDIRS) ;\ | ||
| 97 | do \ | ||
| 98 | (cd $$i && echo "making libs in fips/$$i..." && \ | ||
| 99 | $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \ | ||
| 100 | done; | ||
| 101 | 159 | ||
| 102 | tests: | 160 | libs: |
| 103 | @for i in $(FDIRS) ;\ | 161 | @target=lib; $(RECURSIVE_MAKE) |
| 104 | do \ | ||
| 105 | (cd $$i && echo "making tests in fips/$$i..." && \ | ||
| 106 | $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \ | ||
| 107 | done; | ||
| 108 | 162 | ||
| 109 | top_fips_test_suite: | 163 | fips_test: top |
| 110 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=. TARGET=fips_test_suite sub_target) | 164 | @target=fips_test; $(RECURSIVE_MAKE) |
| 111 | 165 | ||
| 112 | fips_test_suite: fips_test_suite.o $(TOP)/libcrypto.a | 166 | fips_test_diff: |
| 113 | $(CC) $(CFLAGS) -o fips_test_suite fips_test_suite.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) | 167 | @if diff -b -B -I '^\#' -cr -X fips-nodiff.txt $(FIPS_TVDIR) $(FIPS_TVOK) ; then \ |
| 114 | TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_test_suite || { rm fips_test_suite; false; } | 168 | echo "FIPS diff OK" ; \ |
| 169 | else \ | ||
| 170 | echo "***FIPS DIFF ERROR***" ; exit 1 ; \ | ||
| 171 | fi | ||
| 115 | 172 | ||
| 116 | fips_test: top top_fips_test_suite | ||
| 117 | cd testvectors && perl -p -i -e 's/COUNT=/COUNT = /' des[23]/req/*.req | ||
| 118 | @for i in dsa sha1 aes des ; \ | ||
| 119 | do \ | ||
| 120 | (cd $$i && echo "making fips_test in fips/$$i..." && $(MAKE) fips_test) \ | ||
| 121 | done; | ||
| 122 | 173 | ||
| 123 | install: | 174 | install: |
| 175 | @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... | ||
| 124 | @headerlist="$(EXHEADER)"; for i in $$headerlist ;\ | 176 | @headerlist="$(EXHEADER)"; for i in $$headerlist ;\ |
| 125 | do \ | 177 | do \ |
| 126 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | 178 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ |
| 127 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | 179 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ |
| 128 | done; | ||
| 129 | @for i in $(FDIRS) ;\ | ||
| 130 | do \ | ||
| 131 | (cd $$i && echo "making install in fips/$$i..." && \ | ||
| 132 | $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALL_PREFIX='${INSTALL_PREFIX}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \ | ||
| 133 | done; | 180 | done; |
| 134 | @for i in $(EXE) ; \ | 181 | @target=install; $(RECURSIVE_MAKE) |
| 135 | do \ | 182 | @cp -p -f fipscanister.o fipscanister.o.sha1 fips_premain.c \ |
| 136 | echo "installing $$i"; \ | 183 | fips_premain.c.sha1 \ |
| 137 | cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ | 184 | $(INSTALL_PREFIX)$(INSTALLTOP)/lib/; \ |
| 138 | chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \ | 185 | chmod 0444 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/fips* |
| 139 | mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i; \ | ||
| 140 | done | ||
| 141 | 186 | ||
| 142 | lint: | 187 | lint: |
| 143 | @for i in $(FDIRS) ;\ | 188 | @target=lint; $(RECURSIVE_MAKE) |
| 144 | do \ | ||
| 145 | (cd $$i && echo "making lint in fips/$$i..." && \ | ||
| 146 | $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \ | ||
| 147 | done; | ||
| 148 | 189 | ||
| 149 | depend: | 190 | depend: |
| 150 | if [ ! -f buildinf.h ]; then touch buildinf.h; fi # fake buildinf.h if it does not exist | 191 | @[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC) |
| 151 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(SRC) | 192 | @[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) ) |
| 152 | if [ ! -s buildinf.h ]; then rm buildinf.h; fi | 193 | @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi |
| 153 | @for i in $(FDIRS) ;\ | ||
| 154 | do \ | ||
| 155 | (cd $$i && echo "making depend in fips/$$i..." && \ | ||
| 156 | $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ); \ | ||
| 157 | done; | ||
| 158 | 194 | ||
| 159 | clean: | 195 | clean: |
| 160 | rm -f buildinf.h *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 196 | rm -f fipscanister.o.sha1 fips_premain_dso$(EXE_EXT) fips_standalone_sha1$(EXE_EXT) \ |
| 161 | @for i in $(FDIRS) ;\ | 197 | *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 162 | do \ | 198 | @target=clean; $(RECURSIVE_MAKE) |
| 163 | (cd $$i && echo "making clean in fips/$$i..." && \ | ||
| 164 | $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \ | ||
| 165 | done; | ||
| 166 | 199 | ||
| 167 | dclean: | 200 | dclean: |
| 168 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | 201 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new |
| 169 | mv -f Makefile.new $(MAKEFILE) | 202 | mv -f Makefile.new $(MAKEFILE) |
| 170 | @for i in $(FDIRS) ;\ | 203 | @target=dclean; $(RECURSIVE_MAKE) |
| 171 | do \ | ||
| 172 | (cd $$i && echo "making dclean in fips/$$i..." && \ | ||
| 173 | $(MAKE) PERL='${PERL}' CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \ | ||
| 174 | done; | ||
| 175 | 204 | ||
| 176 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 205 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 177 | 206 | ||
| 178 | fips.o: ../include/openssl/aes.h ../include/openssl/asn1.h | 207 | fips.o: ../include/openssl/asn1.h ../include/openssl/bio.h |
| 179 | fips.o: ../include/openssl/bio.h ../include/openssl/blowfish.h | ||
| 180 | fips.o: ../include/openssl/bn.h ../include/openssl/cast.h | ||
| 181 | fips.o: ../include/openssl/crypto.h ../include/openssl/des.h | 208 | fips.o: ../include/openssl/crypto.h ../include/openssl/des.h |
| 182 | fips.o: ../include/openssl/des_old.h ../include/openssl/dh.h | 209 | fips.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h |
| 183 | fips.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h | ||
| 184 | fips.o: ../include/openssl/err.h ../include/openssl/evp.h | 210 | fips.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 185 | fips.o: ../include/openssl/fips.h ../include/openssl/fips_rand.h | 211 | fips.o: ../include/openssl/fips.h ../include/openssl/fips_rand.h |
| 186 | fips.o: ../include/openssl/hmac.h ../include/openssl/idea.h | 212 | fips.o: ../include/openssl/hmac.h ../include/openssl/lhash.h |
| 187 | fips.o: ../include/openssl/lhash.h ../include/openssl/md2.h | 213 | fips.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 188 | fips.o: ../include/openssl/md4.h ../include/openssl/md5.h | 214 | fips.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 189 | fips.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h | 215 | fips.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h |
| 190 | fips.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 216 | fips.o: ../include/openssl/rsa.h ../include/openssl/safestack.h |
| 191 | fips.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | ||
| 192 | fips.o: ../include/openssl/rand.h ../include/openssl/rc2.h | ||
| 193 | fips.o: ../include/openssl/rc4.h ../include/openssl/rc5.h | ||
| 194 | fips.o: ../include/openssl/ripemd.h ../include/openssl/rsa.h | ||
| 195 | fips.o: ../include/openssl/safestack.h ../include/openssl/sha.h | ||
| 196 | fips.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 217 | fips.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 197 | fips.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h fips.c | 218 | fips.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h fips.c |
| 198 | fips.o: fips_locl.h | 219 | fips.o: fips_locl.h |
| 199 | fips_err_wrapper.o: ../include/openssl/opensslconf.h fips_err_wrapper.c | ||
diff --git a/src/lib/libssl/src/fips/aes/Makefile b/src/lib/libssl/src/fips/aes/Makefile index fce5eeb5f7..403525d4c0 100644 --- a/src/lib/libssl/src/fips/aes/Makefile +++ b/src/lib/libssl/src/fips/aes/Makefile | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | # | 1 | # |
| 2 | # SSLeay/fips/aes/Makefile | 2 | # OpenSSL/fips/aes/Makefile |
| 3 | # | 3 | # |
| 4 | 4 | ||
| 5 | DIR= aes | 5 | DIR= aes |
| @@ -15,6 +15,9 @@ MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | |||
| 15 | MAKEFILE= Makefile | 15 | MAKEFILE= Makefile |
| 16 | AR= ar r | 16 | AR= ar r |
| 17 | 17 | ||
| 18 | ASFLAGS= $(INCLUDES) $(ASFLAG) | ||
| 19 | AFLAGS= $(ASFLAGS) | ||
| 20 | |||
| 18 | CFLAGS= $(INCLUDES) $(CFLAG) | 21 | CFLAGS= $(INCLUDES) $(CFLAG) |
| 19 | 22 | ||
| 20 | GENERAL=Makefile | 23 | GENERAL=Makefile |
| @@ -23,28 +26,23 @@ TESTDATA=fips_aes_data | |||
| 23 | APPS= | 26 | APPS= |
| 24 | 27 | ||
| 25 | LIB=$(TOP)/libcrypto.a | 28 | LIB=$(TOP)/libcrypto.a |
| 26 | LIBSRC=fips_aes_core.c fips_aes_selftest.c | 29 | LIBSRC=fips_aes_selftest.c |
| 27 | LIBOBJ=fips_aes_core.o fips_aes_selftest.o | 30 | LIBOBJ=fips_aes_selftest.o |
| 28 | 31 | ||
| 29 | SRC= $(LIBSRC) | 32 | SRC= $(LIBSRC) |
| 30 | 33 | ||
| 31 | EXHEADER= | 34 | EXHEADER= |
| 32 | HEADER= $(EXHEADER) fips_aes_locl.h | 35 | HEADER= |
| 33 | 36 | ||
| 34 | ALL= $(GENERAL) $(SRC) $(HEADER) | 37 | ALL= $(GENERAL) $(SRC) $(HEADER) |
| 35 | 38 | ||
| 36 | top: | 39 | top: |
| 37 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) | 40 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) |
| 38 | 41 | ||
| 39 | all: check lib | 42 | all: lib |
| 40 | |||
| 41 | check: | ||
| 42 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
| 43 | 43 | ||
| 44 | lib: $(LIBOBJ) | 44 | lib: $(LIBOBJ) |
| 45 | $(AR) $(LIB) $(LIBOBJ) | 45 | @echo $(LIBOBJ) > lib |
| 46 | $(RANLIB) $(LIB) || echo Never mind. | ||
| 47 | @sleep 2; touch lib | ||
| 48 | 46 | ||
| 49 | files: | 47 | files: |
| 50 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | 48 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
| @@ -67,18 +65,11 @@ tags: | |||
| 67 | 65 | ||
| 68 | tests: | 66 | tests: |
| 69 | 67 | ||
| 70 | top_fips_aesavs: | 68 | fips_test: |
| 71 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) TARGET=fips_aesavs sub_target) | 69 | -find ../testvectors/aes/req -name '*.req' > testlist |
| 72 | |||
| 73 | fips_aesavs: fips_aesavs.o $(TOP)/libcrypto.a | ||
| 74 | $(CC) $(CFLAGS) -o fips_aesavs fips_aesavs.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) | ||
| 75 | TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_aesavs | ||
| 76 | |||
| 77 | fips_test: top top_fips_aesavs | ||
| 78 | find ../testvectors/aes/req -name '*.req' > testlist | ||
| 79 | -rm -rf ../testvectors/aes/rsp | 70 | -rm -rf ../testvectors/aes/rsp |
| 80 | mkdir ../testvectors/aes/rsp | 71 | mkdir ../testvectors/aes/rsp |
| 81 | ./fips_aesavs -d testlist | 72 | if [ -s testlist ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_aesavs -d testlist; fi |
| 82 | 73 | ||
| 83 | lint: | 74 | lint: |
| 84 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 75 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| @@ -92,40 +83,31 @@ dclean: | |||
| 92 | mv -f Makefile.new $(MAKEFILE) | 83 | mv -f Makefile.new $(MAKEFILE) |
| 93 | 84 | ||
| 94 | clean: | 85 | clean: |
| 95 | rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 86 | rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff testlist |
| 96 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 87 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 97 | 88 | ||
| 98 | fips_aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h | 89 | fips_aes_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 99 | fips_aes_core.o: ../../include/openssl/fips.h | ||
| 100 | fips_aes_core.o: ../../include/openssl/opensslconf.h fips_aes_core.c | ||
| 101 | fips_aes_core.o: fips_aes_locl.h | ||
| 102 | fips_aes_selftest.o: ../../include/openssl/aes.h ../../include/openssl/bio.h | ||
| 103 | fips_aes_selftest.o: ../../include/openssl/crypto.h | 90 | fips_aes_selftest.o: ../../include/openssl/crypto.h |
| 104 | fips_aes_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 91 | fips_aes_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 105 | fips_aes_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | 92 | fips_aes_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 93 | fips_aes_selftest.o: ../../include/openssl/lhash.h | ||
| 94 | fips_aes_selftest.o: ../../include/openssl/obj_mac.h | ||
| 95 | fips_aes_selftest.o: ../../include/openssl/objects.h | ||
| 106 | fips_aes_selftest.o: ../../include/openssl/opensslconf.h | 96 | fips_aes_selftest.o: ../../include/openssl/opensslconf.h |
| 107 | fips_aes_selftest.o: ../../include/openssl/opensslv.h | 97 | fips_aes_selftest.o: ../../include/openssl/opensslv.h |
| 98 | fips_aes_selftest.o: ../../include/openssl/ossl_typ.h | ||
| 108 | fips_aes_selftest.o: ../../include/openssl/safestack.h | 99 | fips_aes_selftest.o: ../../include/openssl/safestack.h |
| 109 | fips_aes_selftest.o: ../../include/openssl/stack.h | 100 | fips_aes_selftest.o: ../../include/openssl/stack.h |
| 110 | fips_aes_selftest.o: ../../include/openssl/symhacks.h fips_aes_selftest.c | 101 | fips_aes_selftest.o: ../../include/openssl/symhacks.h fips_aes_selftest.c |
| 111 | fips_aesavs.o: ../../e_os.h ../../include/openssl/aes.h | 102 | fips_aesavs.o: ../../e_os.h ../../include/openssl/aes.h |
| 112 | fips_aesavs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 103 | fips_aesavs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 113 | fips_aesavs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h | 104 | fips_aesavs.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h |
| 114 | fips_aesavs.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h | ||
| 115 | fips_aesavs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | ||
| 116 | fips_aesavs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
| 117 | fips_aesavs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 105 | fips_aesavs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 118 | fips_aesavs.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | 106 | fips_aesavs.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 119 | fips_aesavs.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h | 107 | fips_aesavs.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 120 | fips_aesavs.o: ../../include/openssl/md2.h ../../include/openssl/md4.h | 108 | fips_aesavs.o: ../../include/openssl/objects.h |
| 121 | fips_aesavs.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h | ||
| 122 | fips_aesavs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 123 | fips_aesavs.o: ../../include/openssl/opensslconf.h | 109 | fips_aesavs.o: ../../include/openssl/opensslconf.h |
| 124 | fips_aesavs.o: ../../include/openssl/opensslv.h | 110 | fips_aesavs.o: ../../include/openssl/opensslv.h |
| 125 | fips_aesavs.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h | 111 | fips_aesavs.o: ../../include/openssl/ossl_typ.h |
| 126 | fips_aesavs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h | 112 | fips_aesavs.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 127 | fips_aesavs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h | 113 | fips_aesavs.o: ../../include/openssl/symhacks.h ../fips_utl.h fips_aesavs.c |
| 128 | fips_aesavs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 129 | fips_aesavs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 130 | fips_aesavs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | ||
| 131 | fips_aesavs.o: fips_aesavs.c | ||
diff --git a/src/lib/libssl/src/fips/aes/fips_aes_selftest.c b/src/lib/libssl/src/fips/aes/fips_aes_selftest.c index 0e53d21bd0..441bbc18e7 100644 --- a/src/lib/libssl/src/fips/aes/fips_aes_selftest.c +++ b/src/lib/libssl/src/fips/aes/fips_aes_selftest.c | |||
| @@ -50,7 +50,7 @@ | |||
| 50 | #include <string.h> | 50 | #include <string.h> |
| 51 | #include <openssl/err.h> | 51 | #include <openssl/err.h> |
| 52 | #include <openssl/fips.h> | 52 | #include <openssl/fips.h> |
| 53 | #include <openssl/aes.h> | 53 | #include <openssl/evp.h> |
| 54 | 54 | ||
| 55 | #ifdef OPENSSL_FIPS | 55 | #ifdef OPENSSL_FIPS |
| 56 | static struct | 56 | static struct |
| @@ -78,35 +78,24 @@ void FIPS_corrupt_aes() | |||
| 78 | int FIPS_selftest_aes() | 78 | int FIPS_selftest_aes() |
| 79 | { | 79 | { |
| 80 | int n; | 80 | int n; |
| 81 | int ret = 0; | ||
| 82 | EVP_CIPHER_CTX ctx; | ||
| 83 | EVP_CIPHER_CTX_init(&ctx); | ||
| 81 | 84 | ||
| 82 | /* Encrypt and check against known ciphertext */ | ||
| 83 | for(n=0 ; n < 1 ; ++n) | 85 | for(n=0 ; n < 1 ; ++n) |
| 84 | { | 86 | { |
| 85 | AES_KEY key; | 87 | if (fips_cipher_test(&ctx, EVP_aes_128_ecb(), |
| 86 | unsigned char buf[16]; | 88 | tests[n].key, NULL, |
| 87 | 89 | tests[n].plaintext, | |
| 88 | AES_set_encrypt_key(tests[n].key,128,&key); | 90 | tests[n].ciphertext, |
| 89 | AES_encrypt(tests[n].plaintext,buf,&key); | 91 | 16) <= 0) |
| 90 | if(memcmp(buf,tests[n].ciphertext,sizeof buf)) | 92 | goto err; |
| 91 | { | ||
| 92 | FIPSerr(FIPS_F_FIPS_SELFTEST_AES,FIPS_R_SELFTEST_FAILED); | ||
| 93 | return 0; | ||
| 94 | } | ||
| 95 | } | 93 | } |
| 96 | /* Decrypt and check against known plaintext */ | 94 | ret = 1; |
| 97 | for(n=0 ; n < 1 ; ++n) | 95 | err: |
| 98 | { | 96 | EVP_CIPHER_CTX_cleanup(&ctx); |
| 99 | AES_KEY key; | 97 | if (ret == 0) |
| 100 | unsigned char buf[16]; | ||
| 101 | |||
| 102 | AES_set_decrypt_key(tests[n].key,128,&key); | ||
| 103 | AES_decrypt(tests[n].ciphertext,buf,&key); | ||
| 104 | if(memcmp(buf,tests[n].plaintext,sizeof buf)) | ||
| 105 | { | ||
| 106 | FIPSerr(FIPS_F_FIPS_SELFTEST_AES,FIPS_R_SELFTEST_FAILED); | 98 | FIPSerr(FIPS_F_FIPS_SELFTEST_AES,FIPS_R_SELFTEST_FAILED); |
| 107 | return 0; | 99 | return ret; |
| 108 | } | ||
| 109 | } | ||
| 110 | return 1; | ||
| 111 | } | 100 | } |
| 112 | #endif | 101 | #endif |
diff --git a/src/lib/libssl/src/fips/aes/fips_aesavs.c b/src/lib/libssl/src/fips/aes/fips_aesavs.c index 5fc2879067..9ce613b96d 100644 --- a/src/lib/libssl/src/fips/aes/fips_aesavs.c +++ b/src/lib/libssl/src/fips/aes/fips_aesavs.c | |||
| @@ -62,16 +62,30 @@ | |||
| 62 | #include <string.h> | 62 | #include <string.h> |
| 63 | #include <errno.h> | 63 | #include <errno.h> |
| 64 | #include <assert.h> | 64 | #include <assert.h> |
| 65 | 65 | #include <ctype.h> | |
| 66 | #include <openssl/aes.h> | 66 | #include <openssl/aes.h> |
| 67 | #include <openssl/evp.h> | 67 | #include <openssl/evp.h> |
| 68 | #include <openssl/fips.h> | 68 | #include <openssl/bn.h> |
| 69 | |||
| 69 | #include <openssl/err.h> | 70 | #include <openssl/err.h> |
| 70 | #include "e_os.h" | 71 | #include "e_os.h" |
| 71 | 72 | ||
| 73 | #ifndef OPENSSL_FIPS | ||
| 74 | |||
| 75 | int main(int argc, char *argv[]) | ||
| 76 | { | ||
| 77 | printf("No FIPS AES support\n"); | ||
| 78 | return(0); | ||
| 79 | } | ||
| 80 | |||
| 81 | #else | ||
| 82 | |||
| 83 | #include <openssl/fips.h> | ||
| 84 | #include "fips_utl.h" | ||
| 85 | |||
| 72 | #define AES_BLOCK_SIZE 16 | 86 | #define AES_BLOCK_SIZE 16 |
| 73 | 87 | ||
| 74 | #define VERBOSE 1 | 88 | #define VERBOSE 0 |
| 75 | 89 | ||
| 76 | /*-----------------------------------------------*/ | 90 | /*-----------------------------------------------*/ |
| 77 | 91 | ||
| @@ -82,232 +96,130 @@ int AESTest(EVP_CIPHER_CTX *ctx, | |||
| 82 | unsigned char *plaintext, unsigned char *ciphertext, int len) | 96 | unsigned char *plaintext, unsigned char *ciphertext, int len) |
| 83 | { | 97 | { |
| 84 | const EVP_CIPHER *cipher = NULL; | 98 | const EVP_CIPHER *cipher = NULL; |
| 85 | int ret = 1; | ||
| 86 | int kt = 0; | ||
| 87 | |||
| 88 | if (ctx) | ||
| 89 | memset(ctx, 0, sizeof(EVP_CIPHER_CTX)); | ||
| 90 | 99 | ||
| 91 | if (strcasecmp(amode, "CBC") == 0) | 100 | if (strcasecmp(amode, "CBC") == 0) |
| 92 | kt = 1000; | ||
| 93 | else if (strcasecmp(amode, "ECB") == 0) | ||
| 94 | kt = 2000; | ||
| 95 | else if (strcasecmp(amode, "CFB128") == 0) | ||
| 96 | kt = 3000; | ||
| 97 | else if (strncasecmp(amode, "OFB", 3) == 0) | ||
| 98 | kt = 4000; | ||
| 99 | else if(!strcasecmp(amode,"CFB1")) | ||
| 100 | kt=5000; | ||
| 101 | else if(!strcasecmp(amode,"CFB8")) | ||
| 102 | kt=6000; | ||
| 103 | else | ||
| 104 | { | ||
| 105 | printf("Unknown mode: %s\n", amode); | ||
| 106 | EXIT(1); | ||
| 107 | } | ||
| 108 | if (ret) | ||
| 109 | { | 101 | { |
| 110 | if ((akeysz != 128) && (akeysz != 192) && (akeysz != 256)) | 102 | switch (akeysz) |
| 111 | { | ||
| 112 | printf("Invalid key size: %d\n", akeysz); | ||
| 113 | ret = 0; | ||
| 114 | } | ||
| 115 | else | ||
| 116 | { | ||
| 117 | kt += akeysz; | ||
| 118 | switch (kt) | ||
| 119 | { | 103 | { |
| 120 | case 1128: /* CBC 128 */ | 104 | case 128: |
| 121 | cipher = EVP_aes_128_cbc(); | 105 | cipher = EVP_aes_128_cbc(); |
| 122 | break; | 106 | break; |
| 123 | case 1192: /* CBC 192 */ | 107 | |
| 108 | case 192: | ||
| 124 | cipher = EVP_aes_192_cbc(); | 109 | cipher = EVP_aes_192_cbc(); |
| 125 | break; | 110 | break; |
| 126 | case 1256: /* CBC 256 */ | 111 | |
| 112 | case 256: | ||
| 127 | cipher = EVP_aes_256_cbc(); | 113 | cipher = EVP_aes_256_cbc(); |
| 128 | break; | 114 | break; |
| 129 | case 2128: /* ECB 128 */ | 115 | } |
| 116 | |||
| 117 | } | ||
| 118 | else if (strcasecmp(amode, "ECB") == 0) | ||
| 119 | { | ||
| 120 | switch (akeysz) | ||
| 121 | { | ||
| 122 | case 128: | ||
| 130 | cipher = EVP_aes_128_ecb(); | 123 | cipher = EVP_aes_128_ecb(); |
| 131 | break; | 124 | break; |
| 132 | case 2192: /* ECB 192 */ | 125 | |
| 126 | case 192: | ||
| 133 | cipher = EVP_aes_192_ecb(); | 127 | cipher = EVP_aes_192_ecb(); |
| 134 | break; | 128 | break; |
| 135 | case 2256: /* ECB 256 */ | 129 | |
| 130 | case 256: | ||
| 136 | cipher = EVP_aes_256_ecb(); | 131 | cipher = EVP_aes_256_ecb(); |
| 137 | break; | 132 | break; |
| 138 | case 3128: /* CFB 128 */ | 133 | } |
| 139 | cipher = EVP_aes_128_cfb(); | 134 | } |
| 135 | else if (strcasecmp(amode, "CFB128") == 0) | ||
| 136 | { | ||
| 137 | switch (akeysz) | ||
| 138 | { | ||
| 139 | case 128: | ||
| 140 | cipher = EVP_aes_128_cfb128(); | ||
| 140 | break; | 141 | break; |
| 141 | case 3192: /* CFB 192 */ | 142 | |
| 142 | cipher = EVP_aes_192_cfb(); | 143 | case 192: |
| 144 | cipher = EVP_aes_192_cfb128(); | ||
| 143 | break; | 145 | break; |
| 144 | case 3256: /* CFB 256 */ | 146 | |
| 145 | cipher = EVP_aes_256_cfb(); | 147 | case 256: |
| 148 | cipher = EVP_aes_256_cfb128(); | ||
| 146 | break; | 149 | break; |
| 147 | case 4128: /* OFB 128 */ | 150 | } |
| 151 | |||
| 152 | } | ||
| 153 | else if (strncasecmp(amode, "OFB", 3) == 0) | ||
| 154 | { | ||
| 155 | switch (akeysz) | ||
| 156 | { | ||
| 157 | case 128: | ||
| 148 | cipher = EVP_aes_128_ofb(); | 158 | cipher = EVP_aes_128_ofb(); |
| 149 | break; | 159 | break; |
| 150 | case 4192: /* OFB 192 */ | 160 | |
| 161 | case 192: | ||
| 151 | cipher = EVP_aes_192_ofb(); | 162 | cipher = EVP_aes_192_ofb(); |
| 152 | break; | 163 | break; |
| 153 | case 4256: /* OFB 256 */ | 164 | |
| 165 | case 256: | ||
| 154 | cipher = EVP_aes_256_ofb(); | 166 | cipher = EVP_aes_256_ofb(); |
| 155 | break; | 167 | break; |
| 156 | case 5128: | 168 | } |
| 157 | cipher=EVP_aes_128_cfb1(); | 169 | } |
| 170 | else if(!strcasecmp(amode,"CFB1")) | ||
| 171 | { | ||
| 172 | switch (akeysz) | ||
| 173 | { | ||
| 174 | case 128: | ||
| 175 | cipher = EVP_aes_128_cfb1(); | ||
| 158 | break; | 176 | break; |
| 159 | case 5192: | 177 | |
| 160 | cipher=EVP_aes_192_cfb1(); | 178 | case 192: |
| 179 | cipher = EVP_aes_192_cfb1(); | ||
| 161 | break; | 180 | break; |
| 162 | case 5256: | 181 | |
| 163 | cipher=EVP_aes_256_cfb1(); | 182 | case 256: |
| 183 | cipher = EVP_aes_256_cfb1(); | ||
| 164 | break; | 184 | break; |
| 165 | case 6128: | 185 | } |
| 166 | cipher=EVP_aes_128_cfb8(); | 186 | } |
| 187 | else if(!strcasecmp(amode,"CFB8")) | ||
| 188 | { | ||
| 189 | switch (akeysz) | ||
| 190 | { | ||
| 191 | case 128: | ||
| 192 | cipher = EVP_aes_128_cfb8(); | ||
| 167 | break; | 193 | break; |
| 168 | case 6192: | 194 | |
| 169 | cipher=EVP_aes_192_cfb8(); | 195 | case 192: |
| 196 | cipher = EVP_aes_192_cfb8(); | ||
| 170 | break; | 197 | break; |
| 171 | case 6256: | 198 | |
| 172 | cipher=EVP_aes_256_cfb8(); | 199 | case 256: |
| 200 | cipher = EVP_aes_256_cfb8(); | ||
| 173 | break; | 201 | break; |
| 174 | default: | ||
| 175 | printf("Didn't handle mode %d\n",kt); | ||
| 176 | EXIT(1); | ||
| 177 | } | ||
| 178 | if (dir) | ||
| 179 | { /* encrypt */ | ||
| 180 | if(!EVP_CipherInit(ctx, cipher, aKey, iVec, AES_ENCRYPT)) | ||
| 181 | { | ||
| 182 | ERR_print_errors_fp(stderr); | ||
| 183 | EXIT(1); | ||
| 184 | } | ||
| 185 | |||
| 186 | EVP_Cipher(ctx, ciphertext, (unsigned char*)plaintext, len); | ||
| 187 | } | ||
| 188 | else | ||
| 189 | { /* decrypt */ | ||
| 190 | if(!EVP_CipherInit(ctx, cipher, aKey, iVec, AES_DECRYPT)) | ||
| 191 | { | ||
| 192 | ERR_print_errors_fp(stderr); | ||
| 193 | EXIT(1); | ||
| 194 | } | ||
| 195 | EVP_Cipher(ctx, (unsigned char*)plaintext, ciphertext, len); | ||
| 196 | } | 202 | } |
| 197 | } | ||
| 198 | } | 203 | } |
| 199 | return ret; | ||
| 200 | } | ||
| 201 | |||
| 202 | /*-----------------------------------------------*/ | ||
| 203 | |||
| 204 | int hex2bin(char *in, int len, unsigned char *out) | ||
| 205 | { | ||
| 206 | int n1, n2; | ||
| 207 | unsigned char ch; | ||
| 208 | |||
| 209 | for (n1 = 0, n2 = 0; n1 < len; ) | ||
| 210 | { /* first byte */ | ||
| 211 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
| 212 | ch = in[n1++] - '0'; | ||
| 213 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
| 214 | ch = in[n1++] - 'A' + 10; | ||
| 215 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
| 216 | ch = in[n1++] - 'a' + 10; | ||
| 217 | else | ||
| 218 | return -1; | ||
| 219 | if(len == 1) | ||
| 220 | { | ||
| 221 | out[n2++]=ch; | ||
| 222 | break; | ||
| 223 | } | ||
| 224 | out[n2] = ch << 4; | ||
| 225 | /* second byte */ | ||
| 226 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
| 227 | ch = in[n1++] - '0'; | ||
| 228 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
| 229 | ch = in[n1++] - 'A' + 10; | ||
| 230 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
| 231 | ch = in[n1++] - 'a' + 10; | ||
| 232 | else | ||
| 233 | return -1; | ||
| 234 | out[n2++] |= ch; | ||
| 235 | } | ||
| 236 | return n2; | ||
| 237 | } | ||
| 238 | |||
| 239 | /*-----------------------------------------------*/ | ||
| 240 | |||
| 241 | int bin2hex(unsigned char *in, int len, char *out) | ||
| 242 | { | ||
| 243 | int n1, n2; | ||
| 244 | unsigned char ch; | ||
| 245 | |||
| 246 | for (n1 = 0, n2 = 0; n1 < len; ++n1) | ||
| 247 | { | ||
| 248 | /* first nibble */ | ||
| 249 | ch = in[n1] >> 4; | ||
| 250 | if (ch <= 0x09) | ||
| 251 | out[n2++] = ch + '0'; | ||
| 252 | else | ||
| 253 | out[n2++] = ch - 10 + 'a'; | ||
| 254 | /* second nibble */ | ||
| 255 | ch = in[n1] & 0x0f; | ||
| 256 | if (ch <= 0x09) | ||
| 257 | out[n2++] = ch + '0'; | ||
| 258 | else | ||
| 259 | out[n2++] = ch - 10 + 'a'; | ||
| 260 | } | ||
| 261 | return n2; | ||
| 262 | } | ||
| 263 | |||
| 264 | /* NB: this return the number of _bits_ read */ | ||
| 265 | int bint2bin(const char *in, int len, unsigned char *out) | ||
| 266 | { | ||
| 267 | int n; | ||
| 268 | |||
| 269 | memset(out,0,len); | ||
| 270 | for(n=0 ; n < len ; ++n) | ||
| 271 | if(in[n] == '1') | ||
| 272 | out[n/8]|=(0x80 >> (n%8)); | ||
| 273 | return len; | ||
| 274 | } | ||
| 275 | |||
| 276 | int bin2bint(const unsigned char *in,int len,char *out) | ||
| 277 | { | ||
| 278 | int n; | ||
| 279 | |||
| 280 | for(n=0 ; n < len ; ++n) | ||
| 281 | out[n]=(in[n/8]&(0x80 >> (n%8))) ? '1' : '0'; | ||
| 282 | return n; | ||
| 283 | } | ||
| 284 | |||
| 285 | /*-----------------------------------------------*/ | ||
| 286 | |||
| 287 | void PrintValue(char *tag, unsigned char *val, int len) | ||
| 288 | { | ||
| 289 | #if VERBOSE | ||
| 290 | char obuf[2048]; | ||
| 291 | int olen; | ||
| 292 | olen = bin2hex(val, len, obuf); | ||
| 293 | printf("%s = %.*s\n", tag, olen, obuf); | ||
| 294 | #endif | ||
| 295 | } | ||
| 296 | |||
| 297 | void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode) | ||
| 298 | { | ||
| 299 | char obuf[2048]; | ||
| 300 | int olen; | ||
| 301 | |||
| 302 | if(bitmode) | ||
| 303 | olen=bin2bint(val,len,obuf); | ||
| 304 | else | 204 | else |
| 305 | olen=bin2hex(val,len,obuf); | 205 | { |
| 306 | 206 | printf("Unknown mode: %s\n", amode); | |
| 307 | fprintf(rfp, "%s = %.*s\n", tag, olen, obuf); | 207 | return 0; |
| 308 | #if VERBOSE | 208 | } |
| 309 | printf("%s = %.*s\n", tag, olen, obuf); | 209 | if (!cipher) |
| 310 | #endif | 210 | { |
| 211 | printf("Invalid key size: %d\n", akeysz); | ||
| 212 | return 0; | ||
| 213 | } | ||
| 214 | if (EVP_CipherInit_ex(ctx, cipher, NULL, aKey, iVec, dir) <= 0) | ||
| 215 | return 0; | ||
| 216 | if(!strcasecmp(amode,"CFB1")) | ||
| 217 | M_EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS); | ||
| 218 | if (dir) | ||
| 219 | EVP_Cipher(ctx, ciphertext, plaintext, len); | ||
| 220 | else | ||
| 221 | EVP_Cipher(ctx, plaintext, ciphertext, len); | ||
| 222 | return 1; | ||
| 311 | } | 223 | } |
| 312 | 224 | ||
| 313 | /*-----------------------------------------------*/ | 225 | /*-----------------------------------------------*/ |
| @@ -340,6 +252,7 @@ int do_mct(char *amode, | |||
| 340 | int i, j, n, n1, n2; | 252 | int i, j, n, n1, n2; |
| 341 | int imode = 0, nkeysz = akeysz/8; | 253 | int imode = 0, nkeysz = akeysz/8; |
| 342 | EVP_CIPHER_CTX ctx; | 254 | EVP_CIPHER_CTX ctx; |
| 255 | EVP_CIPHER_CTX_init(&ctx); | ||
| 343 | 256 | ||
| 344 | if (len > 32) | 257 | if (len > 32) |
| 345 | { | 258 | { |
| @@ -467,10 +380,12 @@ int do_mct(char *amode, | |||
| 467 | case CFB1: | 380 | case CFB1: |
| 468 | if(j == 0) | 381 | if(j == 0) |
| 469 | { | 382 | { |
| 383 | #if 0 | ||
| 470 | /* compensate for wrong endianness of input file */ | 384 | /* compensate for wrong endianness of input file */ |
| 471 | if(i == 0) | 385 | if(i == 0) |
| 472 | ptext[0][0]<<=7; | 386 | ptext[0][0]<<=7; |
| 473 | ret=AESTest(&ctx,amode,akeysz,key[i],iv[i],dir, | 387 | #endif |
| 388 | ret = AESTest(&ctx,amode,akeysz,key[i],iv[i],dir, | ||
| 474 | ptext[j], ctext[j], len); | 389 | ptext[j], ctext[j], len); |
| 475 | } | 390 | } |
| 476 | else | 391 | else |
| @@ -631,11 +546,12 @@ int do_mct(char *amode, | |||
| 631 | # Fri Aug 30 04:07:22 PM | 546 | # Fri Aug 30 04:07:22 PM |
| 632 | ----------------------------*/ | 547 | ----------------------------*/ |
| 633 | 548 | ||
| 634 | int proc_file(char *rqfile) | 549 | int proc_file(char *rqfile, char *rspfile) |
| 635 | { | 550 | { |
| 636 | char afn[256], rfn[256]; | 551 | char afn[256], rfn[256]; |
| 637 | FILE *afp = NULL, *rfp = NULL; | 552 | FILE *afp = NULL, *rfp = NULL; |
| 638 | char ibuf[2048]; | 553 | char ibuf[2048]; |
| 554 | char tbuf[2048]; | ||
| 639 | int ilen, len, ret = 0; | 555 | int ilen, len, ret = 0; |
| 640 | char algo[8] = ""; | 556 | char algo[8] = ""; |
| 641 | char amode[8] = ""; | 557 | char amode[8] = ""; |
| @@ -647,6 +563,7 @@ int proc_file(char *rqfile) | |||
| 647 | unsigned char ciphertext[2048]; | 563 | unsigned char ciphertext[2048]; |
| 648 | char *rp; | 564 | char *rp; |
| 649 | EVP_CIPHER_CTX ctx; | 565 | EVP_CIPHER_CTX ctx; |
| 566 | EVP_CIPHER_CTX_init(&ctx); | ||
| 650 | 567 | ||
| 651 | if (!rqfile || !(*rqfile)) | 568 | if (!rqfile || !(*rqfile)) |
| 652 | { | 569 | { |
| @@ -661,13 +578,21 @@ int proc_file(char *rqfile) | |||
| 661 | afn, strerror(errno)); | 578 | afn, strerror(errno)); |
| 662 | return -1; | 579 | return -1; |
| 663 | } | 580 | } |
| 664 | strcpy(rfn,afn); | 581 | if (!rspfile) |
| 665 | rp=strstr(rfn,"req/"); | 582 | { |
| 666 | assert(rp); | 583 | strcpy(rfn,afn); |
| 667 | memcpy(rp,"rsp",3); | 584 | rp=strstr(rfn,"req/"); |
| 668 | rp = strstr(rfn, ".req"); | 585 | #ifdef OPENSSL_SYS_WIN32 |
| 669 | memcpy(rp, ".rsp", 4); | 586 | if (!rp) |
| 670 | if ((rfp = fopen(rfn, "w")) == NULL) | 587 | rp=strstr(rfn,"req\\"); |
| 588 | #endif | ||
| 589 | assert(rp); | ||
| 590 | memcpy(rp,"rsp",3); | ||
| 591 | rp = strstr(rfn, ".req"); | ||
| 592 | memcpy(rp, ".rsp", 4); | ||
| 593 | rspfile = rfn; | ||
| 594 | } | ||
| 595 | if ((rfp = fopen(rspfile, "w")) == NULL) | ||
| 671 | { | 596 | { |
| 672 | printf("Cannot open file: %s, %s\n", | 597 | printf("Cannot open file: %s, %s\n", |
| 673 | rfn, strerror(errno)); | 598 | rfn, strerror(errno)); |
| @@ -677,6 +602,7 @@ int proc_file(char *rqfile) | |||
| 677 | } | 602 | } |
| 678 | while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL) | 603 | while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL) |
| 679 | { | 604 | { |
| 605 | tidy_line(tbuf, ibuf); | ||
| 680 | ilen = strlen(ibuf); | 606 | ilen = strlen(ibuf); |
| 681 | /* printf("step=%d ibuf=%s",step,ibuf); */ | 607 | /* printf("step=%d ibuf=%s",step,ibuf); */ |
| 682 | switch (step) | 608 | switch (step) |
| @@ -730,12 +656,14 @@ int proc_file(char *rqfile) | |||
| 730 | strncpy(amode, xp+1, n); | 656 | strncpy(amode, xp+1, n); |
| 731 | amode[n] = '\0'; | 657 | amode[n] = '\0'; |
| 732 | /* amode[3] = '\0'; */ | 658 | /* amode[3] = '\0'; */ |
| 733 | printf("Test = %s, Mode = %s\n", atest, amode); | 659 | if (VERBOSE) |
| 660 | printf("Test = %s, Mode = %s\n", atest, amode); | ||
| 734 | } | 661 | } |
| 735 | else if (strncasecmp(pp, "Key Length : ", 13) == 0) | 662 | else if (strncasecmp(pp, "Key Length : ", 13) == 0) |
| 736 | { | 663 | { |
| 737 | akeysz = atoi(pp+13); | 664 | akeysz = atoi(pp+13); |
| 738 | printf("Key size = %d\n", akeysz); | 665 | if (VERBOSE) |
| 666 | printf("Key size = %d\n", akeysz); | ||
| 739 | } | 667 | } |
| 740 | } | 668 | } |
| 741 | } | 669 | } |
| @@ -780,7 +708,7 @@ int proc_file(char *rqfile) | |||
| 780 | } | 708 | } |
| 781 | else | 709 | else |
| 782 | { | 710 | { |
| 783 | len = hex2bin((char*)ibuf+6, strlen(ibuf+6)-1, aKey); | 711 | len = hex2bin((char*)ibuf+6, aKey); |
| 784 | if (len < 0) | 712 | if (len < 0) |
| 785 | { | 713 | { |
| 786 | printf("Invalid KEY\n"); | 714 | printf("Invalid KEY\n"); |
| @@ -807,7 +735,7 @@ int proc_file(char *rqfile) | |||
| 807 | } | 735 | } |
| 808 | else | 736 | else |
| 809 | { | 737 | { |
| 810 | len = hex2bin((char*)ibuf+5, strlen(ibuf+5)-1, iVec); | 738 | len = hex2bin((char*)ibuf+5, iVec); |
| 811 | if (len < 0) | 739 | if (len < 0) |
| 812 | { | 740 | { |
| 813 | printf("Invalid IV\n"); | 741 | printf("Invalid IV\n"); |
| @@ -832,7 +760,7 @@ int proc_file(char *rqfile) | |||
| 832 | if(!strcmp(amode,"CFB1")) | 760 | if(!strcmp(amode,"CFB1")) |
| 833 | len=bint2bin(ibuf+12,nn-1,plaintext); | 761 | len=bint2bin(ibuf+12,nn-1,plaintext); |
| 834 | else | 762 | else |
| 835 | len=hex2bin(ibuf+12, nn-1,plaintext); | 763 | len=hex2bin(ibuf+12, plaintext); |
| 836 | if (len < 0) | 764 | if (len < 0) |
| 837 | { | 765 | { |
| 838 | printf("Invalid PLAINTEXT: %s", ibuf+12); | 766 | printf("Invalid PLAINTEXT: %s", ibuf+12); |
| @@ -875,7 +803,7 @@ int proc_file(char *rqfile) | |||
| 875 | if(!strcmp(amode,"CFB1")) | 803 | if(!strcmp(amode,"CFB1")) |
| 876 | len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); | 804 | len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); |
| 877 | else | 805 | else |
| 878 | len = hex2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); | 806 | len = hex2bin(ibuf+13,ciphertext); |
| 879 | if (len < 0) | 807 | if (len < 0) |
| 880 | { | 808 | { |
| 881 | printf("Invalid CIPHERTEXT\n"); | 809 | printf("Invalid CIPHERTEXT\n"); |
| @@ -933,19 +861,18 @@ int proc_file(char *rqfile) | |||
| 933 | --------------------------------------------------*/ | 861 | --------------------------------------------------*/ |
| 934 | int main(int argc, char **argv) | 862 | int main(int argc, char **argv) |
| 935 | { | 863 | { |
| 936 | char *rqlist = "req.txt"; | 864 | char *rqlist = "req.txt", *rspfile = NULL; |
| 937 | FILE *fp = NULL; | 865 | FILE *fp = NULL; |
| 938 | char fn[250] = "", rfn[256] = ""; | 866 | char fn[250] = "", rfn[256] = ""; |
| 939 | int f_opt = 0, d_opt = 1; | 867 | int f_opt = 0, d_opt = 1; |
| 940 | 868 | ||
| 941 | #ifdef OPENSSL_FIPS | 869 | #ifdef OPENSSL_FIPS |
| 942 | if(!FIPS_mode_set(1,argv[0])) | 870 | if(!FIPS_mode_set(1)) |
| 943 | { | 871 | { |
| 944 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | 872 | do_print_errors(); |
| 945 | EXIT(1); | 873 | EXIT(1); |
| 946 | } | 874 | } |
| 947 | #endif | 875 | #endif |
| 948 | ERR_load_crypto_strings(); | ||
| 949 | if (argc > 1) | 876 | if (argc > 1) |
| 950 | { | 877 | { |
| 951 | if (strcasecmp(argv[1], "-d") == 0) | 878 | if (strcasecmp(argv[1], "-d") == 0) |
| @@ -970,7 +897,10 @@ int main(int argc, char **argv) | |||
| 970 | if (d_opt) | 897 | if (d_opt) |
| 971 | rqlist = argv[2]; | 898 | rqlist = argv[2]; |
| 972 | else | 899 | else |
| 900 | { | ||
| 973 | strcpy(fn, argv[2]); | 901 | strcpy(fn, argv[2]); |
| 902 | rspfile = argv[3]; | ||
| 903 | } | ||
| 974 | } | 904 | } |
| 975 | if (d_opt) | 905 | if (d_opt) |
| 976 | { /* list of files (directory) */ | 906 | { /* list of files (directory) */ |
| @@ -983,8 +913,9 @@ int main(int argc, char **argv) | |||
| 983 | { | 913 | { |
| 984 | strtok(fn, "\r\n"); | 914 | strtok(fn, "\r\n"); |
| 985 | strcpy(rfn, fn); | 915 | strcpy(rfn, fn); |
| 986 | printf("Processing: %s\n", rfn); | 916 | if (VERBOSE) |
| 987 | if (proc_file(rfn)) | 917 | printf("Processing: %s\n", rfn); |
| 918 | if (proc_file(rfn, rspfile)) | ||
| 988 | { | 919 | { |
| 989 | printf(">>> Processing failed for: %s <<<\n", rfn); | 920 | printf(">>> Processing failed for: %s <<<\n", rfn); |
| 990 | EXIT(1); | 921 | EXIT(1); |
| @@ -994,8 +925,9 @@ int main(int argc, char **argv) | |||
| 994 | } | 925 | } |
| 995 | else /* single file */ | 926 | else /* single file */ |
| 996 | { | 927 | { |
| 997 | printf("Processing: %s\n", fn); | 928 | if (VERBOSE) |
| 998 | if (proc_file(fn)) | 929 | printf("Processing: %s\n", fn); |
| 930 | if (proc_file(fn, rspfile)) | ||
| 999 | { | 931 | { |
| 1000 | printf(">>> Processing failed for: %s <<<\n", fn); | 932 | printf(">>> Processing failed for: %s <<<\n", fn); |
| 1001 | } | 933 | } |
| @@ -1003,3 +935,5 @@ int main(int argc, char **argv) | |||
| 1003 | EXIT(0); | 935 | EXIT(0); |
| 1004 | return 0; | 936 | return 0; |
| 1005 | } | 937 | } |
| 938 | |||
| 939 | #endif | ||
diff --git a/src/lib/libssl/src/fips/des/Makefile b/src/lib/libssl/src/fips/des/Makefile index 87a5329d53..ba1d0952b9 100644 --- a/src/lib/libssl/src/fips/des/Makefile +++ b/src/lib/libssl/src/fips/des/Makefile | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | # | 1 | # |
| 2 | # SSLeay/fips/des/Makefile | 2 | # OpenSSL/fips/des/Makefile |
| 3 | # | 3 | # |
| 4 | 4 | ||
| 5 | DIR= des | 5 | DIR= des |
| @@ -15,7 +15,8 @@ MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | |||
| 15 | MAKEFILE= Makefile | 15 | MAKEFILE= Makefile |
| 16 | AR= ar r | 16 | AR= ar r |
| 17 | 17 | ||
| 18 | FIPS_DES_ENC=fips_des_enc.o | 18 | ASFLAGS= $(INCLUDES) $(ASFLAG) |
| 19 | AFLAGS= $(ASFLAGS) | ||
| 19 | 20 | ||
| 20 | CFLAGS= $(INCLUDES) $(CFLAG) | 21 | CFLAGS= $(INCLUDES) $(CFLAG) |
| 21 | 22 | ||
| @@ -24,28 +25,23 @@ TEST= fips_desmovs.c | |||
| 24 | APPS= | 25 | APPS= |
| 25 | 26 | ||
| 26 | LIB=$(TOP)/libcrypto.a | 27 | LIB=$(TOP)/libcrypto.a |
| 27 | LIBSRC=fips_des_enc.c asm/fips-dx86-elf.s fips_des_selftest.c fips_set_key.c | 28 | LIBSRC=fips_des_selftest.c |
| 28 | LIBOBJ=$(FIPS_DES_ENC) fips_des_selftest.o fips_set_key.o | 29 | LIBOBJ=fips_des_selftest.o |
| 29 | 30 | ||
| 30 | SRC= $(LIBSRC) | 31 | SRC= $(LIBSRC) |
| 31 | 32 | ||
| 32 | EXHEADER= | 33 | EXHEADER= |
| 33 | HEADER= $(EXHEADER) fips_des_locl.h | 34 | HEADER= |
| 34 | 35 | ||
| 35 | ALL= $(GENERAL) $(SRC) $(HEADER) | 36 | ALL= $(GENERAL) $(SRC) $(HEADER) |
| 36 | 37 | ||
| 37 | top: | 38 | top: |
| 38 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) | 39 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) |
| 39 | 40 | ||
| 40 | all: check lib | 41 | all: lib |
| 41 | |||
| 42 | check: | ||
| 43 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
| 44 | 42 | ||
| 45 | lib: $(LIBOBJ) | 43 | lib: $(LIBOBJ) |
| 46 | $(AR) $(LIB) $(LIBOBJ) | 44 | @echo $(LIBOBJ) > lib |
| 47 | $(RANLIB) $(LIB) || echo Never mind. | ||
| 48 | @sleep 2; touch lib | ||
| 49 | 45 | ||
| 50 | files: | 46 | files: |
| 51 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | 47 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
| @@ -67,26 +63,11 @@ tags: | |||
| 67 | 63 | ||
| 68 | tests: | 64 | tests: |
| 69 | 65 | ||
| 70 | top_fips_desmovs: | 66 | fips_test: |
| 71 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) TARGET=fips_desmovs sub_target) | 67 | -find ../testvectors/tdes/req -name '*.req' > testlist |
| 72 | 68 | -rm -rf ../testvectors/tdes/rsp | |
| 73 | fips_desmovs: fips_desmovs.o $(TOP)/libcrypto.a | 69 | mkdir ../testvectors/tdes/rsp |
| 74 | $(CC) $(CFLAGS) -o fips_desmovs fips_desmovs.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) | 70 | if [ -s testlist ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_desmovs -d testlist; fi |
| 75 | TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_desmovs | ||
| 76 | |||
| 77 | fips_test: top_fips_desmovs | ||
| 78 | find ../testvectors/des/req -name '*.req' > testlist | ||
| 79 | -rm -rf ../testvectors/des/rsp | ||
| 80 | mkdir ../testvectors/des/rsp | ||
| 81 | ./fips_desmovs -d testlist | ||
| 82 | find ../testvectors/des2/req -name '*.req' > testlist | ||
| 83 | -rm -rf ../testvectors/des2/rsp | ||
| 84 | mkdir ../testvectors/des2/rsp | ||
| 85 | ./fips_desmovs -d testlist | ||
| 86 | find ../testvectors/des3/req -name '*.req' > testlist | ||
| 87 | -rm -rf ../testvectors/des3/rsp | ||
| 88 | mkdir ../testvectors/des3/rsp | ||
| 89 | ./fips_desmovs -d testlist | ||
| 90 | 71 | ||
| 91 | lint: | 72 | lint: |
| 92 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 73 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| @@ -99,57 +80,32 @@ dclean: | |||
| 99 | mv -f Makefile.new $(MAKEFILE) | 80 | mv -f Makefile.new $(MAKEFILE) |
| 100 | 81 | ||
| 101 | clean: | 82 | clean: |
| 102 | rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 83 | rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff testlist |
| 103 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 84 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 104 | 85 | ||
| 105 | fips_des_enc.o: ../../e_os.h ../../include/openssl/crypto.h | 86 | fips_des_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 106 | fips_des_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | 87 | fips_des_selftest.o: ../../include/openssl/crypto.h |
| 107 | fips_des_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h | ||
| 108 | fips_des_enc.o: ../../include/openssl/opensslconf.h | ||
| 109 | fips_des_enc.o: ../../include/openssl/opensslv.h | ||
| 110 | fips_des_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 111 | fips_des_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
| 112 | fips_des_enc.o: ../../include/openssl/ui_compat.h fips_des_enc.c | ||
| 113 | fips_des_enc.o: fips_des_locl.h | ||
| 114 | fips_des_selftest.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h | ||
| 115 | fips_des_selftest.o: ../../include/openssl/des.h | ||
| 116 | fips_des_selftest.o: ../../include/openssl/des_old.h | ||
| 117 | fips_des_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 88 | fips_des_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 118 | fips_des_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | 89 | fips_des_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 90 | fips_des_selftest.o: ../../include/openssl/lhash.h | ||
| 91 | fips_des_selftest.o: ../../include/openssl/obj_mac.h | ||
| 92 | fips_des_selftest.o: ../../include/openssl/objects.h | ||
| 119 | fips_des_selftest.o: ../../include/openssl/opensslconf.h | 93 | fips_des_selftest.o: ../../include/openssl/opensslconf.h |
| 120 | fips_des_selftest.o: ../../include/openssl/opensslv.h | 94 | fips_des_selftest.o: ../../include/openssl/opensslv.h |
| 95 | fips_des_selftest.o: ../../include/openssl/ossl_typ.h | ||
| 121 | fips_des_selftest.o: ../../include/openssl/safestack.h | 96 | fips_des_selftest.o: ../../include/openssl/safestack.h |
| 122 | fips_des_selftest.o: ../../include/openssl/stack.h | 97 | fips_des_selftest.o: ../../include/openssl/stack.h |
| 123 | fips_des_selftest.o: ../../include/openssl/symhacks.h | 98 | fips_des_selftest.o: ../../include/openssl/symhacks.h fips_des_selftest.c |
| 124 | fips_des_selftest.o: ../../include/openssl/ui.h | 99 | fips_desmovs.o: ../../e_os.h ../../include/openssl/asn1.h |
| 125 | fips_des_selftest.o: ../../include/openssl/ui_compat.h fips_des_selftest.c | 100 | fips_desmovs.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 126 | fips_desmovs.o: ../../e_os.h ../../include/openssl/aes.h | 101 | fips_desmovs.o: ../../include/openssl/crypto.h ../../include/openssl/des.h |
| 127 | fips_desmovs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 102 | fips_desmovs.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h |
| 128 | fips_desmovs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h | 103 | fips_desmovs.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 129 | fips_desmovs.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h | 104 | fips_desmovs.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 130 | fips_desmovs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | ||
| 131 | fips_desmovs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | ||
| 132 | fips_desmovs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 133 | fips_desmovs.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 134 | fips_desmovs.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h | ||
| 135 | fips_desmovs.o: ../../include/openssl/md2.h ../../include/openssl/md4.h | ||
| 136 | fips_desmovs.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h | ||
| 137 | fips_desmovs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | 105 | fips_desmovs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 138 | fips_desmovs.o: ../../include/openssl/opensslconf.h | 106 | fips_desmovs.o: ../../include/openssl/opensslconf.h |
| 139 | fips_desmovs.o: ../../include/openssl/opensslv.h | 107 | fips_desmovs.o: ../../include/openssl/opensslv.h |
| 140 | fips_desmovs.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h | 108 | fips_desmovs.o: ../../include/openssl/ossl_typ.h |
| 141 | fips_desmovs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h | 109 | fips_desmovs.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 142 | fips_desmovs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h | 110 | fips_desmovs.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 143 | fips_desmovs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | 111 | fips_desmovs.o: ../../include/openssl/ui_compat.h ../fips_utl.h fips_desmovs.c |
| 144 | fips_desmovs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 145 | fips_desmovs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | ||
| 146 | fips_desmovs.o: fips_desmovs.c | ||
| 147 | fips_set_key.o: ../../e_os.h ../../include/openssl/crypto.h | ||
| 148 | fips_set_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | ||
| 149 | fips_set_key.o: ../../include/openssl/e_os2.h ../../include/openssl/fips.h | ||
| 150 | fips_set_key.o: ../../include/openssl/opensslconf.h | ||
| 151 | fips_set_key.o: ../../include/openssl/opensslv.h | ||
| 152 | fips_set_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 153 | fips_set_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | ||
| 154 | fips_set_key.o: ../../include/openssl/ui_compat.h fips_des_locl.h | ||
| 155 | fips_set_key.o: fips_set_key.c | ||
diff --git a/src/lib/libssl/src/fips/des/fips_des_selftest.c b/src/lib/libssl/src/fips/des/fips_des_selftest.c index 3e0778eb5e..61c39ce80b 100644 --- a/src/lib/libssl/src/fips/des/fips_des_selftest.c +++ b/src/lib/libssl/src/fips/des/fips_des_selftest.c | |||
| @@ -50,46 +50,27 @@ | |||
| 50 | #include <string.h> | 50 | #include <string.h> |
| 51 | #include <openssl/err.h> | 51 | #include <openssl/err.h> |
| 52 | #include <openssl/fips.h> | 52 | #include <openssl/fips.h> |
| 53 | #include <openssl/des.h> | 53 | #include <openssl/evp.h> |
| 54 | #include <openssl/opensslconf.h> | 54 | #include <openssl/opensslconf.h> |
| 55 | 55 | ||
| 56 | #ifdef OPENSSL_FIPS | 56 | #ifdef OPENSSL_FIPS |
| 57 | static struct | ||
| 58 | { | ||
| 59 | DES_cblock key; | ||
| 60 | unsigned char plaintext[8]; | ||
| 61 | unsigned char ciphertext[8]; | ||
| 62 | } tests[]= | ||
| 63 | { | ||
| 64 | { | ||
| 65 | { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, | ||
| 66 | { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, | ||
| 67 | { 0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7 } | ||
| 68 | }, | ||
| 69 | { | ||
| 70 | { 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10 }, | ||
| 71 | { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, | ||
| 72 | { 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 }, | ||
| 73 | }, | ||
| 74 | }; | ||
| 75 | 57 | ||
| 76 | static struct | 58 | static struct |
| 77 | { | 59 | { |
| 78 | DES_cblock key1; | 60 | unsigned char key[16]; |
| 79 | DES_cblock key2; | ||
| 80 | unsigned char plaintext[8]; | 61 | unsigned char plaintext[8]; |
| 81 | unsigned char ciphertext[8]; | 62 | unsigned char ciphertext[8]; |
| 82 | } tests2[]= | 63 | } tests2[]= |
| 83 | { | 64 | { |
| 84 | { | 65 | { |
| 85 | { 0x7c,0x4f,0x6e,0xf7,0xa2,0x04,0x16,0xec }, | 66 | { 0x7c,0x4f,0x6e,0xf7,0xa2,0x04,0x16,0xec, |
| 86 | { 0x0b,0x6b,0x7c,0x9e,0x5e,0x19,0xa7,0xc4 }, | 67 | 0x0b,0x6b,0x7c,0x9e,0x5e,0x19,0xa7,0xc4 }, |
| 87 | { 0x06,0xa7,0xd8,0x79,0xaa,0xce,0x69,0xef }, | 68 | { 0x06,0xa7,0xd8,0x79,0xaa,0xce,0x69,0xef }, |
| 88 | { 0x4c,0x11,0x17,0x55,0xbf,0xc4,0x4e,0xfd } | 69 | { 0x4c,0x11,0x17,0x55,0xbf,0xc4,0x4e,0xfd } |
| 89 | }, | 70 | }, |
| 90 | { | 71 | { |
| 91 | { 0x5d,0x9e,0x01,0xd3,0x25,0xc7,0x3e,0x34 }, | 72 | { 0x5d,0x9e,0x01,0xd3,0x25,0xc7,0x3e,0x34, |
| 92 | { 0x01,0x16,0x7c,0x85,0x23,0xdf,0xe0,0x68 }, | 73 | 0x01,0x16,0x7c,0x85,0x23,0xdf,0xe0,0x68 }, |
| 93 | { 0x9c,0x50,0x09,0x0f,0x5e,0x7d,0x69,0x7e }, | 74 | { 0x9c,0x50,0x09,0x0f,0x5e,0x7d,0x69,0x7e }, |
| 94 | { 0xd2,0x0b,0x18,0xdf,0xd9,0x0d,0x9e,0xff }, | 75 | { 0xd2,0x0b,0x18,0xdf,0xd9,0x0d,0x9e,0xff }, |
| 95 | } | 76 | } |
| @@ -97,24 +78,22 @@ static struct | |||
| 97 | 78 | ||
| 98 | static struct | 79 | static struct |
| 99 | { | 80 | { |
| 100 | DES_cblock key1; | 81 | unsigned char key[24]; |
| 101 | DES_cblock key2; | ||
| 102 | DES_cblock key3; | ||
| 103 | unsigned char plaintext[8]; | 82 | unsigned char plaintext[8]; |
| 104 | unsigned char ciphertext[8]; | 83 | unsigned char ciphertext[8]; |
| 105 | } tests3[]= | 84 | } tests3[]= |
| 106 | { | 85 | { |
| 107 | { | 86 | { |
| 108 | { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, | 87 | { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, |
| 109 | { 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10 }, | 88 | 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10, |
| 110 | { 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0 }, | 89 | 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0 }, |
| 111 | { 0x8f,0x8f,0xbf,0x9b,0x5d,0x48,0xb4,0x1c}, | 90 | { 0x8f,0x8f,0xbf,0x9b,0x5d,0x48,0xb4,0x1c }, |
| 112 | { 0x59,0x8c,0xe5,0xd3,0x6c,0xa2,0xea,0x1b}, | 91 | { 0x59,0x8c,0xe5,0xd3,0x6c,0xa2,0xea,0x1b }, |
| 113 | }, | 92 | }, |
| 114 | { | 93 | { |
| 115 | { 0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,0xFE }, | 94 | { 0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,0xFE, |
| 116 | { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, | 95 | 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF, |
| 117 | { 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 }, | 96 | 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4 }, |
| 118 | { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, | 97 | { 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF }, |
| 119 | { 0x11,0x25,0xb0,0x35,0xbe,0xa0,0x82,0x86 }, | 98 | { 0x11,0x25,0xb0,0x35,0xbe,0xa0,0x82,0x86 }, |
| 120 | }, | 99 | }, |
| @@ -122,79 +101,37 @@ static struct | |||
| 122 | 101 | ||
| 123 | void FIPS_corrupt_des() | 102 | void FIPS_corrupt_des() |
| 124 | { | 103 | { |
| 125 | tests[0].plaintext[0]++; | 104 | tests2[0].plaintext[0]++; |
| 126 | } | 105 | } |
| 127 | 106 | ||
| 128 | int FIPS_selftest_des() | 107 | int FIPS_selftest_des() |
| 129 | { | 108 | { |
| 130 | int n; | 109 | int n, ret = 0; |
| 131 | 110 | EVP_CIPHER_CTX ctx; | |
| 132 | /* Encrypt/decrypt with DES and compare to known answers */ | 111 | EVP_CIPHER_CTX_init(&ctx); |
| 133 | for(n=0 ; n < 2 ; ++n) | ||
| 134 | { | ||
| 135 | DES_key_schedule key; | ||
| 136 | DES_cblock buf; | ||
| 137 | |||
| 138 | DES_set_key(&tests[n].key,&key); | ||
| 139 | DES_ecb_encrypt(&tests[n].plaintext,&buf,&key,1); | ||
| 140 | if(memcmp(buf,tests[n].ciphertext,sizeof buf)) | ||
| 141 | { | ||
| 142 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
| 143 | return 0; | ||
| 144 | } | ||
| 145 | DES_ecb_encrypt(&tests[n].ciphertext,&buf,&key,0); | ||
| 146 | if(memcmp(buf,tests[n].plaintext,sizeof buf)) | ||
| 147 | { | ||
| 148 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
| 149 | return 0; | ||
| 150 | } | ||
| 151 | } | ||
| 152 | |||
| 153 | /* Encrypt/decrypt with 2-key 3DES and compare to known answers */ | 112 | /* Encrypt/decrypt with 2-key 3DES and compare to known answers */ |
| 154 | for(n=0 ; n < 2 ; ++n) | 113 | for(n=0 ; n < 2 ; ++n) |
| 155 | { | 114 | { |
| 156 | DES_key_schedule key1, key2; | 115 | if (!fips_cipher_test(&ctx, EVP_des_ede_ecb(), |
| 157 | unsigned char buf[8]; | 116 | tests2[n].key, NULL, |
| 158 | 117 | tests2[n].plaintext, tests2[n].ciphertext, 8)) | |
| 159 | DES_set_key(&tests2[n].key1,&key1); | 118 | goto err; |
| 160 | DES_set_key(&tests2[n].key2,&key2); | ||
| 161 | DES_ecb2_encrypt(tests2[n].plaintext,buf,&key1,&key2,1); | ||
| 162 | if(memcmp(buf,tests2[n].ciphertext,sizeof buf)) | ||
| 163 | { | ||
| 164 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
| 165 | return 0; | ||
| 166 | } | ||
| 167 | DES_ecb2_encrypt(tests2[n].ciphertext,buf,&key1,&key2,0); | ||
| 168 | if(memcmp(buf,tests2[n].plaintext,sizeof buf)) | ||
| 169 | { | ||
| 170 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
| 171 | return 0; | ||
| 172 | } | ||
| 173 | } | 119 | } |
| 174 | 120 | ||
| 175 | /* Encrypt/decrypt with 3DES and compare to known answers */ | 121 | /* Encrypt/decrypt with 3DES and compare to known answers */ |
| 176 | for(n=0 ; n < 2 ; ++n) | 122 | for(n=0 ; n < 2 ; ++n) |
| 177 | { | 123 | { |
| 178 | DES_key_schedule key1, key2, key3; | 124 | if (!fips_cipher_test(&ctx, EVP_des_ede3_ecb(), |
| 179 | unsigned char buf[8]; | 125 | tests3[n].key, NULL, |
| 180 | 126 | tests3[n].plaintext, tests3[n].ciphertext, 8)) | |
| 181 | DES_set_key(&tests3[n].key1,&key1); | 127 | goto err; |
| 182 | DES_set_key(&tests3[n].key2,&key2); | ||
| 183 | DES_set_key(&tests3[n].key3,&key3); | ||
| 184 | DES_ecb3_encrypt(tests3[n].plaintext,buf,&key1,&key2,&key3,1); | ||
| 185 | if(memcmp(buf,tests3[n].ciphertext,sizeof buf)) | ||
| 186 | { | ||
| 187 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
| 188 | return 0; | ||
| 189 | } | ||
| 190 | DES_ecb3_encrypt(tests3[n].ciphertext,buf,&key1,&key2,&key3,0); | ||
| 191 | if(memcmp(buf,tests3[n].plaintext,sizeof buf)) | ||
| 192 | { | ||
| 193 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
| 194 | return 0; | ||
| 195 | } | ||
| 196 | } | 128 | } |
| 129 | ret = 1; | ||
| 130 | err: | ||
| 131 | EVP_CIPHER_CTX_cleanup(&ctx); | ||
| 132 | if (ret == 0) | ||
| 133 | FIPSerr(FIPS_F_FIPS_SELFTEST_DES,FIPS_R_SELFTEST_FAILED); | ||
| 197 | 134 | ||
| 198 | return 1; | 135 | return ret; |
| 199 | } | 136 | } |
| 200 | #endif | 137 | #endif |
diff --git a/src/lib/libssl/src/fips/des/fips_desmovs.c b/src/lib/libssl/src/fips/des/fips_desmovs.c index d1b60c1a40..2d3424cf9f 100644 --- a/src/lib/libssl/src/fips/des/fips_desmovs.c +++ b/src/lib/libssl/src/fips/des/fips_desmovs.c | |||
| @@ -63,18 +63,30 @@ | |||
| 63 | #include <string.h> | 63 | #include <string.h> |
| 64 | #include <errno.h> | 64 | #include <errno.h> |
| 65 | #include <assert.h> | 65 | #include <assert.h> |
| 66 | 66 | #include <ctype.h> | |
| 67 | #include <openssl/des.h> | 67 | #include <openssl/des.h> |
| 68 | #include <openssl/evp.h> | 68 | #include <openssl/evp.h> |
| 69 | #include <openssl/fips.h> | 69 | #include <openssl/bn.h> |
| 70 | |||
| 70 | #include <openssl/err.h> | 71 | #include <openssl/err.h> |
| 71 | #include "e_os.h" | 72 | #include "e_os.h" |
| 72 | 73 | ||
| 73 | /*#define AES_BLOCK_SIZE 16*/ | 74 | #ifndef OPENSSL_FIPS |
| 74 | 75 | ||
| 75 | #define VERBOSE 0 | 76 | int main(int argc, char *argv[]) |
| 77 | { | ||
| 78 | printf("No FIPS DES support\n"); | ||
| 79 | return(0); | ||
| 80 | } | ||
| 76 | 81 | ||
| 77 | /*-----------------------------------------------*/ | 82 | #else |
| 83 | |||
| 84 | #include <openssl/fips.h> | ||
| 85 | #include "fips_utl.h" | ||
| 86 | |||
| 87 | #define DES_BLOCK_SIZE 8 | ||
| 88 | |||
| 89 | #define VERBOSE 0 | ||
| 78 | 90 | ||
| 79 | int DESTest(EVP_CIPHER_CTX *ctx, | 91 | int DESTest(EVP_CIPHER_CTX *ctx, |
| 80 | char *amode, int akeysz, unsigned char *aKey, | 92 | char *amode, int akeysz, unsigned char *aKey, |
| @@ -83,181 +95,41 @@ int DESTest(EVP_CIPHER_CTX *ctx, | |||
| 83 | unsigned char *out, unsigned char *in, int len) | 95 | unsigned char *out, unsigned char *in, int len) |
| 84 | { | 96 | { |
| 85 | const EVP_CIPHER *cipher = NULL; | 97 | const EVP_CIPHER *cipher = NULL; |
| 86 | int kt = 0; | ||
| 87 | 98 | ||
| 88 | if (ctx) | 99 | if (akeysz != 192) |
| 89 | memset(ctx, 0, sizeof(EVP_CIPHER_CTX)); | 100 | { |
| 101 | printf("Invalid key size: %d\n", akeysz); | ||
| 102 | EXIT(1); | ||
| 103 | } | ||
| 90 | 104 | ||
| 91 | if (strcasecmp(amode, "CBC") == 0) | 105 | if (strcasecmp(amode, "CBC") == 0) |
| 92 | kt = 1000; | 106 | cipher = EVP_des_ede3_cbc(); |
| 93 | else if (strcasecmp(amode, "ECB") == 0) | 107 | else if (strcasecmp(amode, "ECB") == 0) |
| 94 | kt = 2000; | 108 | cipher = EVP_des_ede3_ecb(); |
| 95 | else if (strcasecmp(amode, "CFB64") == 0) | 109 | else if (strcasecmp(amode, "CFB64") == 0) |
| 96 | kt = 3000; | 110 | cipher = EVP_des_ede3_cfb64(); |
| 97 | else if (strncasecmp(amode, "OFB", 3) == 0) | 111 | else if (strncasecmp(amode, "OFB", 3) == 0) |
| 98 | kt = 4000; | 112 | cipher = EVP_des_ede3_ofb(); |
| 113 | #if 0 | ||
| 99 | else if(!strcasecmp(amode,"CFB1")) | 114 | else if(!strcasecmp(amode,"CFB1")) |
| 100 | kt=5000; | 115 | { |
| 116 | ctx->cbits = 1; | ||
| 117 | ctx->cmode = EVP_CIPH_CFB_MODE; | ||
| 118 | } | ||
| 119 | #endif | ||
| 101 | else if(!strcasecmp(amode,"CFB8")) | 120 | else if(!strcasecmp(amode,"CFB8")) |
| 102 | kt=6000; | 121 | cipher = EVP_des_ede3_cfb8(); |
| 103 | else | 122 | else |
| 104 | { | 123 | { |
| 105 | printf("Unknown mode: %s\n", amode); | 124 | printf("Unknown mode: %s\n", amode); |
| 106 | EXIT(1); | 125 | EXIT(1); |
| 107 | } | 126 | } |
| 108 | if (akeysz != 64 && akeysz != 192) | ||
| 109 | { | ||
| 110 | printf("Invalid key size: %d\n", akeysz); | ||
| 111 | EXIT(1); | ||
| 112 | } | ||
| 113 | else | ||
| 114 | { | ||
| 115 | kt += akeysz; | ||
| 116 | switch (kt) | ||
| 117 | { | ||
| 118 | case 1064: | ||
| 119 | cipher=EVP_des_cbc(); | ||
| 120 | break; | ||
| 121 | case 1192: | ||
| 122 | cipher=EVP_des_ede3_cbc(); | ||
| 123 | break; | ||
| 124 | case 2064: | ||
| 125 | cipher=EVP_des_ecb(); | ||
| 126 | break; | ||
| 127 | case 2192: | ||
| 128 | cipher=EVP_des_ede3_ecb(); | ||
| 129 | break; | ||
| 130 | case 3064: | ||
| 131 | cipher=EVP_des_cfb64(); | ||
| 132 | break; | ||
| 133 | case 3192: | ||
| 134 | cipher=EVP_des_ede3_cfb64(); | ||
| 135 | break; | ||
| 136 | case 4064: | ||
| 137 | cipher=EVP_des_ofb(); | ||
| 138 | break; | ||
| 139 | case 4192: | ||
| 140 | cipher=EVP_des_ede3_ofb(); | ||
| 141 | break; | ||
| 142 | case 5064: | ||
| 143 | cipher=EVP_des_cfb1(); | ||
| 144 | break; | ||
| 145 | case 5192: | ||
| 146 | cipher=EVP_des_ede3_cfb1(); | ||
| 147 | break; | ||
| 148 | case 6064: | ||
| 149 | cipher=EVP_des_cfb8(); | ||
| 150 | break; | ||
| 151 | case 6192: | ||
| 152 | cipher=EVP_des_ede3_cfb8(); | ||
| 153 | break; | ||
| 154 | default: | ||
| 155 | printf("Didn't handle mode %d\n",kt); | ||
| 156 | EXIT(1); | ||
| 157 | } | ||
| 158 | if(!EVP_CipherInit(ctx, cipher, aKey, iVec, dir)) | ||
| 159 | { | ||
| 160 | ERR_print_errors_fp(stderr); | ||
| 161 | EXIT(1); | ||
| 162 | } | ||
| 163 | EVP_Cipher(ctx, out, in, len); | ||
| 164 | } | ||
| 165 | return 1; | ||
| 166 | } | ||
| 167 | |||
| 168 | /*-----------------------------------------------*/ | ||
| 169 | |||
| 170 | int hex2bin(char *in, int len, unsigned char *out) | ||
| 171 | { | ||
| 172 | int n1, n2; | ||
| 173 | unsigned char ch; | ||
| 174 | |||
| 175 | for (n1 = 0, n2 = 0; n1 < len; ) | ||
| 176 | { /* first byte */ | ||
| 177 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
| 178 | ch = in[n1++] - '0'; | ||
| 179 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
| 180 | ch = in[n1++] - 'A' + 10; | ||
| 181 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
| 182 | ch = in[n1++] - 'a' + 10; | ||
| 183 | else | ||
| 184 | return -1; | ||
| 185 | if(len == 1) | ||
| 186 | { | ||
| 187 | out[n2++]=ch; | ||
| 188 | break; | ||
| 189 | } | ||
| 190 | out[n2] = ch << 4; | ||
| 191 | /* second byte */ | ||
| 192 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
| 193 | ch = in[n1++] - '0'; | ||
| 194 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
| 195 | ch = in[n1++] - 'A' + 10; | ||
| 196 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
| 197 | ch = in[n1++] - 'a' + 10; | ||
| 198 | else | ||
| 199 | return -1; | ||
| 200 | out[n2++] |= ch; | ||
| 201 | } | ||
| 202 | return n2; | ||
| 203 | } | ||
| 204 | |||
| 205 | /*-----------------------------------------------*/ | ||
| 206 | |||
| 207 | int bin2hex(unsigned char *in, int len, char *out) | ||
| 208 | { | ||
| 209 | int n1, n2; | ||
| 210 | unsigned char ch; | ||
| 211 | |||
| 212 | for (n1 = 0, n2 = 0; n1 < len; ++n1) | ||
| 213 | { | ||
| 214 | /* first nibble */ | ||
| 215 | ch = in[n1] >> 4; | ||
| 216 | if (ch <= 0x09) | ||
| 217 | out[n2++] = ch + '0'; | ||
| 218 | else | ||
| 219 | out[n2++] = ch - 10 + 'a'; | ||
| 220 | /* second nibble */ | ||
| 221 | ch = in[n1] & 0x0f; | ||
| 222 | if (ch <= 0x09) | ||
| 223 | out[n2++] = ch + '0'; | ||
| 224 | else | ||
| 225 | out[n2++] = ch - 10 + 'a'; | ||
| 226 | } | ||
| 227 | return n2; | ||
| 228 | } | ||
| 229 | 127 | ||
| 230 | /* NB: this return the number of _bits_ read */ | 128 | if (EVP_CipherInit_ex(ctx, cipher, NULL, aKey, iVec, dir) <= 0) |
| 231 | int bint2bin(const char *in, int len, unsigned char *out) | 129 | return 0; |
| 232 | { | 130 | EVP_Cipher(ctx, out, in, len); |
| 233 | int n; | ||
| 234 | 131 | ||
| 235 | memset(out,0,len); | 132 | return 1; |
| 236 | for(n=0 ; n < len ; ++n) | ||
| 237 | if(in[n] == '1') | ||
| 238 | out[n/8]|=(0x80 >> (n%8)); | ||
| 239 | return len; | ||
| 240 | } | ||
| 241 | |||
| 242 | int bin2bint(const unsigned char *in,int len,char *out) | ||
| 243 | { | ||
| 244 | int n; | ||
| 245 | |||
| 246 | for(n=0 ; n < len ; ++n) | ||
| 247 | out[n]=(in[n/8]&(0x80 >> (n%8))) ? '1' : '0'; | ||
| 248 | return n; | ||
| 249 | } | ||
| 250 | |||
| 251 | /*-----------------------------------------------*/ | ||
| 252 | |||
| 253 | void PrintValue(char *tag, unsigned char *val, int len) | ||
| 254 | { | ||
| 255 | #if VERBOSE | ||
| 256 | char obuf[2048]; | ||
| 257 | int olen; | ||
| 258 | olen = bin2hex(val, len, obuf); | ||
| 259 | printf("%s = %.*s\n", tag, olen, obuf); | ||
| 260 | #endif | ||
| 261 | } | 133 | } |
| 262 | 134 | ||
| 263 | void DebugValue(char *tag, unsigned char *val, int len) | 135 | void DebugValue(char *tag, unsigned char *val, int len) |
| @@ -268,22 +140,6 @@ void DebugValue(char *tag, unsigned char *val, int len) | |||
| 268 | printf("%s = %.*s\n", tag, olen, obuf); | 140 | printf("%s = %.*s\n", tag, olen, obuf); |
| 269 | } | 141 | } |
| 270 | 142 | ||
| 271 | void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode) | ||
| 272 | { | ||
| 273 | char obuf[2048]; | ||
| 274 | int olen; | ||
| 275 | |||
| 276 | if(bitmode) | ||
| 277 | olen=bin2bint(val,len,obuf); | ||
| 278 | else | ||
| 279 | olen=bin2hex(val,len,obuf); | ||
| 280 | |||
| 281 | fprintf(rfp, "%s = %.*s\n", tag, olen, obuf); | ||
| 282 | #if VERBOSE | ||
| 283 | printf("%s = %.*s\n", tag, olen, obuf); | ||
| 284 | #endif | ||
| 285 | } | ||
| 286 | |||
| 287 | void shiftin(unsigned char *dst,unsigned char *src,int nbits) | 143 | void shiftin(unsigned char *dst,unsigned char *src,int nbits) |
| 288 | { | 144 | { |
| 289 | int n; | 145 | int n; |
| @@ -326,9 +182,10 @@ void do_mct(char *amode, | |||
| 326 | { | 182 | { |
| 327 | int j; | 183 | int j; |
| 328 | int n; | 184 | int n; |
| 329 | EVP_CIPHER_CTX ctx; | ||
| 330 | int kp=akeysz/64; | 185 | int kp=akeysz/64; |
| 331 | unsigned char old_iv[8]; | 186 | unsigned char old_iv[8]; |
| 187 | EVP_CIPHER_CTX ctx; | ||
| 188 | EVP_CIPHER_CTX_init(&ctx); | ||
| 332 | 189 | ||
| 333 | fprintf(rfp,"\nCOUNT = %d\n",i); | 190 | fprintf(rfp,"\nCOUNT = %d\n",i); |
| 334 | if(kp == 1) | 191 | if(kp == 1) |
| @@ -410,11 +267,11 @@ void do_mct(char *amode, | |||
| 410 | } | 267 | } |
| 411 | } | 268 | } |
| 412 | 269 | ||
| 413 | int proc_file(char *rqfile) | 270 | int proc_file(char *rqfile, char *rspfile) |
| 414 | { | 271 | { |
| 415 | char afn[256], rfn[256]; | 272 | char afn[256], rfn[256]; |
| 416 | FILE *afp = NULL, *rfp = NULL; | 273 | FILE *afp = NULL, *rfp = NULL; |
| 417 | char ibuf[2048]; | 274 | char ibuf[2048], tbuf[2048]; |
| 418 | int ilen, len, ret = 0; | 275 | int ilen, len, ret = 0; |
| 419 | char amode[8] = ""; | 276 | char amode[8] = ""; |
| 420 | char atest[100] = ""; | 277 | char atest[100] = ""; |
| @@ -426,6 +283,7 @@ int proc_file(char *rqfile) | |||
| 426 | char *rp; | 283 | char *rp; |
| 427 | EVP_CIPHER_CTX ctx; | 284 | EVP_CIPHER_CTX ctx; |
| 428 | int numkeys=1; | 285 | int numkeys=1; |
| 286 | EVP_CIPHER_CTX_init(&ctx); | ||
| 429 | 287 | ||
| 430 | if (!rqfile || !(*rqfile)) | 288 | if (!rqfile || !(*rqfile)) |
| 431 | { | 289 | { |
| @@ -440,13 +298,21 @@ int proc_file(char *rqfile) | |||
| 440 | afn, strerror(errno)); | 298 | afn, strerror(errno)); |
| 441 | return -1; | 299 | return -1; |
| 442 | } | 300 | } |
| 443 | strcpy(rfn,afn); | 301 | if (!rspfile) |
| 444 | rp=strstr(rfn,"req/"); | 302 | { |
| 445 | assert(rp); | 303 | strcpy(rfn,afn); |
| 446 | memcpy(rp,"rsp",3); | 304 | rp=strstr(rfn,"req/"); |
| 447 | rp = strstr(rfn, ".req"); | 305 | #ifdef OPENSSL_SYS_WIN32 |
| 448 | memcpy(rp, ".rsp", 4); | 306 | if (!rp) |
| 449 | if ((rfp = fopen(rfn, "w")) == NULL) | 307 | rp=strstr(rfn,"req\\"); |
| 308 | #endif | ||
| 309 | assert(rp); | ||
| 310 | memcpy(rp,"rsp",3); | ||
| 311 | rp = strstr(rfn, ".req"); | ||
| 312 | memcpy(rp, ".rsp", 4); | ||
| 313 | rspfile = rfn; | ||
| 314 | } | ||
| 315 | if ((rfp = fopen(rspfile, "w")) == NULL) | ||
| 450 | { | 316 | { |
| 451 | printf("Cannot open file: %s, %s\n", | 317 | printf("Cannot open file: %s, %s\n", |
| 452 | rfn, strerror(errno)); | 318 | rfn, strerror(errno)); |
| @@ -456,6 +322,7 @@ int proc_file(char *rqfile) | |||
| 456 | } | 322 | } |
| 457 | while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL) | 323 | while (!err && (fgets(ibuf, sizeof(ibuf), afp)) != NULL) |
| 458 | { | 324 | { |
| 325 | tidy_line(tbuf, ibuf); | ||
| 459 | ilen = strlen(ibuf); | 326 | ilen = strlen(ibuf); |
| 460 | /* printf("step=%d ibuf=%s",step,ibuf);*/ | 327 | /* printf("step=%d ibuf=%s",step,ibuf);*/ |
| 461 | if(step == 3 && !strcmp(amode,"ECB")) | 328 | if(step == 3 && !strcmp(amode,"ECB")) |
| @@ -517,7 +384,8 @@ int proc_file(char *rqfile) | |||
| 517 | strncpy(amode, xp+1, n); | 384 | strncpy(amode, xp+1, n); |
| 518 | amode[n] = '\0'; | 385 | amode[n] = '\0'; |
| 519 | /* amode[3] = '\0'; */ | 386 | /* amode[3] = '\0'; */ |
| 520 | printf("Test=%s, Mode=%s\n",atest,amode); | 387 | if (VERBOSE) |
| 388 | printf("Test=%s, Mode=%s\n",atest,amode); | ||
| 521 | } | 389 | } |
| 522 | } | 390 | } |
| 523 | } | 391 | } |
| @@ -576,7 +444,7 @@ int proc_file(char *rqfile) | |||
| 576 | if(!strncasecmp(ibuf,"KEY = ",6)) | 444 | if(!strncasecmp(ibuf,"KEY = ",6)) |
| 577 | { | 445 | { |
| 578 | akeysz=64; | 446 | akeysz=64; |
| 579 | len = hex2bin((char*)ibuf+6, strlen(ibuf+6)-1, aKey); | 447 | len = hex2bin((char*)ibuf+6, aKey); |
| 580 | if (len < 0) | 448 | if (len < 0) |
| 581 | { | 449 | { |
| 582 | printf("Invalid KEY\n"); | 450 | printf("Invalid KEY\n"); |
| @@ -589,7 +457,7 @@ int proc_file(char *rqfile) | |||
| 589 | else if(!strncasecmp(ibuf,"KEYs = ",7)) | 457 | else if(!strncasecmp(ibuf,"KEYs = ",7)) |
| 590 | { | 458 | { |
| 591 | akeysz=64*3; | 459 | akeysz=64*3; |
| 592 | len=hex2bin(ibuf+7,strlen(ibuf+7)-1,aKey); | 460 | len=hex2bin(ibuf+7,aKey); |
| 593 | if(len != 8) | 461 | if(len != 8) |
| 594 | { | 462 | { |
| 595 | printf("Invalid KEY\n"); | 463 | printf("Invalid KEY\n"); |
| @@ -607,7 +475,7 @@ int proc_file(char *rqfile) | |||
| 607 | int n=ibuf[3]-'1'; | 475 | int n=ibuf[3]-'1'; |
| 608 | 476 | ||
| 609 | akeysz=64*3; | 477 | akeysz=64*3; |
| 610 | len=hex2bin(ibuf+7,strlen(ibuf+7)-1,aKey+n*8); | 478 | len=hex2bin(ibuf+7,aKey+n*8); |
| 611 | if(len != 8) | 479 | if(len != 8) |
| 612 | { | 480 | { |
| 613 | printf("Invalid KEY\n"); | 481 | printf("Invalid KEY\n"); |
| @@ -635,7 +503,7 @@ int proc_file(char *rqfile) | |||
| 635 | } | 503 | } |
| 636 | else | 504 | else |
| 637 | { | 505 | { |
| 638 | len = hex2bin((char*)ibuf+5, strlen(ibuf+5)-1, iVec); | 506 | len = hex2bin((char*)ibuf+5, iVec); |
| 639 | if (len < 0) | 507 | if (len < 0) |
| 640 | { | 508 | { |
| 641 | printf("Invalid IV\n"); | 509 | printf("Invalid IV\n"); |
| @@ -660,7 +528,7 @@ int proc_file(char *rqfile) | |||
| 660 | if(!strcmp(amode,"CFB1")) | 528 | if(!strcmp(amode,"CFB1")) |
| 661 | len=bint2bin(ibuf+12,nn-1,plaintext); | 529 | len=bint2bin(ibuf+12,nn-1,plaintext); |
| 662 | else | 530 | else |
| 663 | len=hex2bin(ibuf+12, nn-1,plaintext); | 531 | len=hex2bin(ibuf+12, plaintext); |
| 664 | if (len < 0) | 532 | if (len < 0) |
| 665 | { | 533 | { |
| 666 | printf("Invalid PLAINTEXT: %s", ibuf+12); | 534 | printf("Invalid PLAINTEXT: %s", ibuf+12); |
| @@ -701,7 +569,7 @@ int proc_file(char *rqfile) | |||
| 701 | if(!strcmp(amode,"CFB1")) | 569 | if(!strcmp(amode,"CFB1")) |
| 702 | len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); | 570 | len=bint2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); |
| 703 | else | 571 | else |
| 704 | len = hex2bin(ibuf+13,strlen(ibuf+13)-1,ciphertext); | 572 | len = hex2bin(ibuf+13,ciphertext); |
| 705 | if (len < 0) | 573 | if (len < 0) |
| 706 | { | 574 | { |
| 707 | printf("Invalid CIPHERTEXT\n"); | 575 | printf("Invalid CIPHERTEXT\n"); |
| @@ -760,20 +628,18 @@ int proc_file(char *rqfile) | |||
| 760 | --------------------------------------------------*/ | 628 | --------------------------------------------------*/ |
| 761 | int main(int argc, char **argv) | 629 | int main(int argc, char **argv) |
| 762 | { | 630 | { |
| 763 | char *rqlist = "req.txt"; | 631 | char *rqlist = "req.txt", *rspfile = NULL; |
| 764 | FILE *fp = NULL; | 632 | FILE *fp = NULL; |
| 765 | char fn[250] = "", rfn[256] = ""; | 633 | char fn[250] = "", rfn[256] = ""; |
| 766 | int f_opt = 0, d_opt = 1; | 634 | int f_opt = 0, d_opt = 1; |
| 767 | 635 | ||
| 768 | #ifdef OPENSSL_FIPS | 636 | #ifdef OPENSSL_FIPS |
| 769 | if(!FIPS_mode_set(1,argv[0])) | 637 | if(!FIPS_mode_set(1)) |
| 770 | { | 638 | { |
| 771 | ERR_load_crypto_strings(); | 639 | do_print_errors(); |
| 772 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | ||
| 773 | EXIT(1); | 640 | EXIT(1); |
| 774 | } | 641 | } |
| 775 | #endif | 642 | #endif |
| 776 | ERR_load_crypto_strings(); | ||
| 777 | if (argc > 1) | 643 | if (argc > 1) |
| 778 | { | 644 | { |
| 779 | if (strcasecmp(argv[1], "-d") == 0) | 645 | if (strcasecmp(argv[1], "-d") == 0) |
| @@ -798,7 +664,10 @@ int main(int argc, char **argv) | |||
| 798 | if (d_opt) | 664 | if (d_opt) |
| 799 | rqlist = argv[2]; | 665 | rqlist = argv[2]; |
| 800 | else | 666 | else |
| 667 | { | ||
| 801 | strcpy(fn, argv[2]); | 668 | strcpy(fn, argv[2]); |
| 669 | rspfile = argv[3]; | ||
| 670 | } | ||
| 802 | } | 671 | } |
| 803 | if (d_opt) | 672 | if (d_opt) |
| 804 | { /* list of files (directory) */ | 673 | { /* list of files (directory) */ |
| @@ -812,7 +681,7 @@ int main(int argc, char **argv) | |||
| 812 | strtok(fn, "\r\n"); | 681 | strtok(fn, "\r\n"); |
| 813 | strcpy(rfn, fn); | 682 | strcpy(rfn, fn); |
| 814 | printf("Processing: %s\n", rfn); | 683 | printf("Processing: %s\n", rfn); |
| 815 | if (proc_file(rfn)) | 684 | if (proc_file(rfn, rspfile)) |
| 816 | { | 685 | { |
| 817 | printf(">>> Processing failed for: %s <<<\n", rfn); | 686 | printf(">>> Processing failed for: %s <<<\n", rfn); |
| 818 | EXIT(1); | 687 | EXIT(1); |
| @@ -822,8 +691,9 @@ int main(int argc, char **argv) | |||
| 822 | } | 691 | } |
| 823 | else /* single file */ | 692 | else /* single file */ |
| 824 | { | 693 | { |
| 825 | printf("Processing: %s\n", fn); | 694 | if (VERBOSE) |
| 826 | if (proc_file(fn)) | 695 | printf("Processing: %s\n", fn); |
| 696 | if (proc_file(fn, rspfile)) | ||
| 827 | { | 697 | { |
| 828 | printf(">>> Processing failed for: %s <<<\n", fn); | 698 | printf(">>> Processing failed for: %s <<<\n", fn); |
| 829 | } | 699 | } |
| @@ -831,3 +701,5 @@ int main(int argc, char **argv) | |||
| 831 | EXIT(0); | 701 | EXIT(0); |
| 832 | return 0; | 702 | return 0; |
| 833 | } | 703 | } |
| 704 | |||
| 705 | #endif | ||
diff --git a/src/lib/libssl/src/fips/dh/Makefile b/src/lib/libssl/src/fips/dh/Makefile index 10b40aa9f6..2d3833a822 100644 --- a/src/lib/libssl/src/fips/dh/Makefile +++ b/src/lib/libssl/src/fips/dh/Makefile | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | # | 1 | # |
| 2 | # SSLeay/fips/dh/Makefile | 2 | # OpenSSL/fips/dh/Makefile |
| 3 | # | 3 | # |
| 4 | 4 | ||
| 5 | DIR= dh | 5 | DIR= dh |
| @@ -22,8 +22,8 @@ TEST= | |||
| 22 | APPS= | 22 | APPS= |
| 23 | 23 | ||
| 24 | LIB=$(TOP)/libcrypto.a | 24 | LIB=$(TOP)/libcrypto.a |
| 25 | LIBSRC=fips_dh_check.c fips_dh_gen.c fips_dh_key.c | 25 | LIBSRC=fips_dh_check.c fips_dh_gen.c fips_dh_key.c fips_dh_lib.c |
| 26 | LIBOBJ=fips_dh_check.o fips_dh_gen.o fips_dh_key.o | 26 | LIBOBJ=fips_dh_check.o fips_dh_gen.o fips_dh_key.o fips_dh_lib.o |
| 27 | 27 | ||
| 28 | SRC= $(LIBSRC) | 28 | SRC= $(LIBSRC) |
| 29 | 29 | ||
| @@ -35,15 +35,10 @@ ALL= $(GENERAL) $(SRC) $(HEADER) | |||
| 35 | top: | 35 | top: |
| 36 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) | 36 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) |
| 37 | 37 | ||
| 38 | all: check lib | 38 | all: lib |
| 39 | 39 | ||
| 40 | lib: $(LIBOBJ) | 40 | lib: $(LIBOBJ) |
| 41 | $(AR) $(LIB) $(LIBOBJ) | 41 | @echo $(LIBOBJ) > lib |
| 42 | $(RANLIB) $(LIB) || echo Never mind. | ||
| 43 | @sleep 2; touch lib | ||
| 44 | |||
| 45 | check: | ||
| 46 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
| 47 | 42 | ||
| 48 | files: | 43 | files: |
| 49 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | 44 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
| @@ -65,6 +60,8 @@ tags: | |||
| 65 | 60 | ||
| 66 | tests: | 61 | tests: |
| 67 | 62 | ||
| 63 | fips_test: | ||
| 64 | |||
| 68 | lint: | 65 | lint: |
| 69 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 66 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 70 | 67 | ||
| @@ -82,7 +79,8 @@ clean: | |||
| 82 | 79 | ||
| 83 | fips_dh_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 80 | fips_dh_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 84 | fips_dh_check.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | 81 | fips_dh_check.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h |
| 85 | fips_dh_check.o: ../../include/openssl/e_os2.h | 82 | fips_dh_check.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 83 | fips_dh_check.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 86 | fips_dh_check.o: ../../include/openssl/opensslconf.h | 84 | fips_dh_check.o: ../../include/openssl/opensslconf.h |
| 87 | fips_dh_check.o: ../../include/openssl/opensslv.h | 85 | fips_dh_check.o: ../../include/openssl/opensslv.h |
| 88 | fips_dh_check.o: ../../include/openssl/ossl_typ.h | 86 | fips_dh_check.o: ../../include/openssl/ossl_typ.h |
| @@ -101,9 +99,17 @@ fips_dh_gen.o: ../../include/openssl/symhacks.h fips_dh_gen.c | |||
| 101 | fips_dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 99 | fips_dh_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 102 | fips_dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | 100 | fips_dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h |
| 103 | fips_dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 101 | fips_dh_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 104 | fips_dh_key.o: ../../include/openssl/lhash.h | 102 | fips_dh_key.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 105 | fips_dh_key.o: ../../include/openssl/opensslconf.h | 103 | fips_dh_key.o: ../../include/openssl/opensslconf.h |
| 106 | fips_dh_key.o: ../../include/openssl/opensslv.h | 104 | fips_dh_key.o: ../../include/openssl/opensslv.h |
| 107 | fips_dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 105 | fips_dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| 108 | fips_dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 106 | fips_dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 109 | fips_dh_key.o: ../../include/openssl/symhacks.h fips_dh_key.c | 107 | fips_dh_key.o: ../../include/openssl/symhacks.h fips_dh_key.c |
| 108 | fips_dh_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
| 109 | fips_dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | ||
| 110 | fips_dh_lib.o: ../../include/openssl/e_os2.h | ||
| 111 | fips_dh_lib.o: ../../include/openssl/opensslconf.h | ||
| 112 | fips_dh_lib.o: ../../include/openssl/opensslv.h | ||
| 113 | fips_dh_lib.o: ../../include/openssl/ossl_typ.h | ||
| 114 | fips_dh_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 115 | fips_dh_lib.o: ../../include/openssl/symhacks.h fips_dh_lib.c | ||
diff --git a/src/lib/libssl/src/fips/dh/dh_gen.c b/src/lib/libssl/src/fips/dh/dh_gen.c new file mode 100644 index 0000000000..999e1deb40 --- /dev/null +++ b/src/lib/libssl/src/fips/dh/dh_gen.c | |||
| @@ -0,0 +1,179 @@ | |||
| 1 | /* crypto/dh/dh_gen.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | /* NB: These functions have been upgraded - the previous prototypes are in | ||
| 60 | * dh_depr.c as wrappers to these ones. | ||
| 61 | * - Geoff | ||
| 62 | */ | ||
| 63 | |||
| 64 | #include <stdio.h> | ||
| 65 | #include "cryptlib.h" | ||
| 66 | #include <openssl/bn.h> | ||
| 67 | #include <openssl/dh.h> | ||
| 68 | |||
| 69 | #ifndef OPENSSL_FIPS | ||
| 70 | |||
| 71 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); | ||
| 72 | |||
| 73 | int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) | ||
| 74 | { | ||
| 75 | if(ret->meth->generate_params) | ||
| 76 | return ret->meth->generate_params(ret, prime_len, generator, cb); | ||
| 77 | return dh_builtin_genparams(ret, prime_len, generator, cb); | ||
| 78 | } | ||
| 79 | |||
| 80 | /* We generate DH parameters as follows | ||
| 81 | * find a prime q which is prime_len/2 bits long. | ||
| 82 | * p=(2*q)+1 or (p-1)/2 = q | ||
| 83 | * For this case, g is a generator if | ||
| 84 | * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1. | ||
| 85 | * Since the factors of p-1 are q and 2, we just need to check | ||
| 86 | * g^2 mod p != 1 and g^q mod p != 1. | ||
| 87 | * | ||
| 88 | * Having said all that, | ||
| 89 | * there is another special case method for the generators 2, 3 and 5. | ||
| 90 | * for 2, p mod 24 == 11 | ||
| 91 | * for 3, p mod 12 == 5 <<<<< does not work for safe primes. | ||
| 92 | * for 5, p mod 10 == 3 or 7 | ||
| 93 | * | ||
| 94 | * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the | ||
| 95 | * special generators and for answering some of my questions. | ||
| 96 | * | ||
| 97 | * I've implemented the second simple method :-). | ||
| 98 | * Since DH should be using a safe prime (both p and q are prime), | ||
| 99 | * this generator function can take a very very long time to run. | ||
| 100 | */ | ||
| 101 | /* Actually there is no reason to insist that 'generator' be a generator. | ||
| 102 | * It's just as OK (and in some sense better) to use a generator of the | ||
| 103 | * order-q subgroup. | ||
| 104 | */ | ||
| 105 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb) | ||
| 106 | { | ||
| 107 | BIGNUM *t1,*t2; | ||
| 108 | int g,ok= -1; | ||
| 109 | BN_CTX *ctx=NULL; | ||
| 110 | |||
| 111 | ctx=BN_CTX_new(); | ||
| 112 | if (ctx == NULL) goto err; | ||
| 113 | BN_CTX_start(ctx); | ||
| 114 | t1 = BN_CTX_get(ctx); | ||
| 115 | t2 = BN_CTX_get(ctx); | ||
| 116 | if (t1 == NULL || t2 == NULL) goto err; | ||
| 117 | |||
| 118 | /* Make sure 'ret' has the necessary elements */ | ||
| 119 | if(!ret->p && ((ret->p = BN_new()) == NULL)) goto err; | ||
| 120 | if(!ret->g && ((ret->g = BN_new()) == NULL)) goto err; | ||
| 121 | |||
| 122 | if (generator <= 1) | ||
| 123 | { | ||
| 124 | DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR); | ||
| 125 | goto err; | ||
| 126 | } | ||
| 127 | if (generator == DH_GENERATOR_2) | ||
| 128 | { | ||
| 129 | if (!BN_set_word(t1,24)) goto err; | ||
| 130 | if (!BN_set_word(t2,11)) goto err; | ||
| 131 | g=2; | ||
| 132 | } | ||
| 133 | #if 0 /* does not work for safe primes */ | ||
| 134 | else if (generator == DH_GENERATOR_3) | ||
| 135 | { | ||
| 136 | if (!BN_set_word(t1,12)) goto err; | ||
| 137 | if (!BN_set_word(t2,5)) goto err; | ||
| 138 | g=3; | ||
| 139 | } | ||
| 140 | #endif | ||
| 141 | else if (generator == DH_GENERATOR_5) | ||
| 142 | { | ||
| 143 | if (!BN_set_word(t1,10)) goto err; | ||
| 144 | if (!BN_set_word(t2,3)) goto err; | ||
| 145 | /* BN_set_word(t3,7); just have to miss | ||
| 146 | * out on these ones :-( */ | ||
| 147 | g=5; | ||
| 148 | } | ||
| 149 | else | ||
| 150 | { | ||
| 151 | /* in the general case, don't worry if 'generator' is a | ||
| 152 | * generator or not: since we are using safe primes, | ||
| 153 | * it will generate either an order-q or an order-2q group, | ||
| 154 | * which both is OK */ | ||
| 155 | if (!BN_set_word(t1,2)) goto err; | ||
| 156 | if (!BN_set_word(t2,1)) goto err; | ||
| 157 | g=generator; | ||
| 158 | } | ||
| 159 | |||
| 160 | if(!BN_generate_prime_ex(ret->p,prime_len,1,t1,t2,cb)) goto err; | ||
| 161 | if(!BN_GENCB_call(cb, 3, 0)) goto err; | ||
| 162 | if (!BN_set_word(ret->g,g)) goto err; | ||
| 163 | ok=1; | ||
| 164 | err: | ||
| 165 | if (ok == -1) | ||
| 166 | { | ||
| 167 | DHerr(DH_F_DH_BUILTIN_GENPARAMS,ERR_R_BN_LIB); | ||
| 168 | ok=0; | ||
| 169 | } | ||
| 170 | |||
| 171 | if (ctx != NULL) | ||
| 172 | { | ||
| 173 | BN_CTX_end(ctx); | ||
| 174 | BN_CTX_free(ctx); | ||
| 175 | } | ||
| 176 | return ok; | ||
| 177 | } | ||
| 178 | |||
| 179 | #endif | ||
diff --git a/src/lib/libssl/src/fips/dh/fips_dh_check.c b/src/lib/libssl/src/fips/dh/fips_dh_check.c index 874920b466..7333f7c80f 100644 --- a/src/lib/libssl/src/fips/dh/fips_dh_check.c +++ b/src/lib/libssl/src/fips/dh/fips_dh_check.c | |||
| @@ -58,10 +58,9 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <openssl/bn.h> | 60 | #include <openssl/bn.h> |
| 61 | #ifndef OPENSSL_NO_DH | ||
| 62 | #include <openssl/dh.h> | 61 | #include <openssl/dh.h> |
| 63 | 62 | #include <openssl/err.h> | |
| 64 | #ifdef OPENSSL_FIPS | 63 | #include <openssl/fips.h> |
| 65 | 64 | ||
| 66 | /* Check that p is a safe prime and | 65 | /* Check that p is a safe prime and |
| 67 | * if g is 2, 3 or 5, check that is is a suitable generator | 66 | * if g is 2, 3 or 5, check that is is a suitable generator |
| @@ -72,6 +71,8 @@ | |||
| 72 | * should hold. | 71 | * should hold. |
| 73 | */ | 72 | */ |
| 74 | 73 | ||
| 74 | #ifdef OPENSSL_FIPS | ||
| 75 | |||
| 75 | int DH_check(const DH *dh, int *ret) | 76 | int DH_check(const DH *dh, int *ret) |
| 76 | { | 77 | { |
| 77 | int ok=0; | 78 | int ok=0; |
| @@ -106,12 +107,12 @@ int DH_check(const DH *dh, int *ret) | |||
| 106 | else | 107 | else |
| 107 | *ret|=DH_UNABLE_TO_CHECK_GENERATOR; | 108 | *ret|=DH_UNABLE_TO_CHECK_GENERATOR; |
| 108 | 109 | ||
| 109 | if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL)) | 110 | if (!BN_is_prime_ex(dh->p,BN_prime_checks,ctx,NULL)) |
| 110 | *ret|=DH_CHECK_P_NOT_PRIME; | 111 | *ret|=DH_CHECK_P_NOT_PRIME; |
| 111 | else | 112 | else |
| 112 | { | 113 | { |
| 113 | if (!BN_rshift1(q,dh->p)) goto err; | 114 | if (!BN_rshift1(q,dh->p)) goto err; |
| 114 | if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL)) | 115 | if (!BN_is_prime_ex(q,BN_prime_checks,ctx,NULL)) |
| 115 | *ret|=DH_CHECK_P_NOT_SAFE_PRIME; | 116 | *ret|=DH_CHECK_P_NOT_SAFE_PRIME; |
| 116 | } | 117 | } |
| 117 | ok=1; | 118 | ok=1; |
| @@ -121,5 +122,26 @@ err: | |||
| 121 | return(ok); | 122 | return(ok); |
| 122 | } | 123 | } |
| 123 | 124 | ||
| 124 | #endif | 125 | int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) |
| 126 | { | ||
| 127 | int ok=0; | ||
| 128 | BIGNUM *q=NULL; | ||
| 129 | |||
| 130 | *ret=0; | ||
| 131 | q=BN_new(); | ||
| 132 | if (q == NULL) goto err; | ||
| 133 | BN_set_word(q,1); | ||
| 134 | if (BN_cmp(pub_key,q) <= 0) | ||
| 135 | *ret|=DH_CHECK_PUBKEY_TOO_SMALL; | ||
| 136 | BN_copy(q,dh->p); | ||
| 137 | BN_sub_word(q,1); | ||
| 138 | if (BN_cmp(pub_key,q) >= 0) | ||
| 139 | *ret|=DH_CHECK_PUBKEY_TOO_LARGE; | ||
| 140 | |||
| 141 | ok = 1; | ||
| 142 | err: | ||
| 143 | if (q != NULL) BN_free(q); | ||
| 144 | return(ok); | ||
| 145 | } | ||
| 146 | |||
| 125 | #endif | 147 | #endif |
diff --git a/src/lib/libssl/src/fips/dh/fips_dh_gen.c b/src/lib/libssl/src/fips/dh/fips_dh_gen.c index b569e3912d..d115f9d5d2 100644 --- a/src/lib/libssl/src/fips/dh/fips_dh_gen.c +++ b/src/lib/libssl/src/fips/dh/fips_dh_gen.c | |||
| @@ -56,18 +56,28 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | /* NB: These functions have been upgraded - the previous prototypes are in | ||
| 60 | * dh_depr.c as wrappers to these ones. | ||
| 61 | * - Geoff | ||
| 62 | */ | ||
| 63 | |||
| 59 | #include <stdio.h> | 64 | #include <stdio.h> |
| 60 | #include <string.h> | ||
| 61 | #include <openssl/err.h> | ||
| 62 | #include <openssl/bn.h> | 65 | #include <openssl/bn.h> |
| 63 | #ifndef OPENSSL_NO_DH | ||
| 64 | #include <openssl/dh.h> | 66 | #include <openssl/dh.h> |
| 65 | #endif | 67 | #include <openssl/err.h> |
| 66 | #include <openssl/fips.h> | 68 | #include <openssl/fips.h> |
| 67 | 69 | ||
| 68 | #ifndef OPENSSL_NO_DH | ||
| 69 | #ifdef OPENSSL_FIPS | 70 | #ifdef OPENSSL_FIPS |
| 70 | 71 | ||
| 72 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); | ||
| 73 | |||
| 74 | int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) | ||
| 75 | { | ||
| 76 | if(ret->meth->generate_params) | ||
| 77 | return ret->meth->generate_params(ret, prime_len, generator, cb); | ||
| 78 | return dh_builtin_genparams(ret, prime_len, generator, cb); | ||
| 79 | } | ||
| 80 | |||
| 71 | /* We generate DH parameters as follows | 81 | /* We generate DH parameters as follows |
| 72 | * find a prime q which is prime_len/2 bits long. | 82 | * find a prime q which is prime_len/2 bits long. |
| 73 | * p=(2*q)+1 or (p-1)/2 = q | 83 | * p=(2*q)+1 or (p-1)/2 = q |
| @@ -93,33 +103,38 @@ | |||
| 93 | * It's just as OK (and in some sense better) to use a generator of the | 103 | * It's just as OK (and in some sense better) to use a generator of the |
| 94 | * order-q subgroup. | 104 | * order-q subgroup. |
| 95 | */ | 105 | */ |
| 96 | 106 | static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb) | |
| 97 | DH *DH_generate_parameters(int prime_len, int generator, | ||
| 98 | void (*callback)(int,int,void *), void *cb_arg) | ||
| 99 | { | 107 | { |
| 100 | BIGNUM *p=NULL,*t1,*t2; | 108 | BIGNUM *t1,*t2; |
| 101 | DH *ret=NULL; | ||
| 102 | int g,ok= -1; | 109 | int g,ok= -1; |
| 103 | BN_CTX *ctx=NULL; | 110 | BN_CTX *ctx=NULL; |
| 104 | 111 | ||
| 105 | if(FIPS_selftest_failed()) | 112 | if(FIPS_selftest_failed()) |
| 106 | { | 113 | { |
| 107 | FIPSerr(FIPS_F_DH_GENERATE_PARAMETERS,FIPS_R_FIPS_SELFTEST_FAILED); | 114 | FIPSerr(FIPS_F_DH_BUILTIN_GENPARAMS,FIPS_R_FIPS_SELFTEST_FAILED); |
| 108 | return NULL; | 115 | return 0; |
| 116 | } | ||
| 117 | |||
| 118 | if (FIPS_mode() && (prime_len < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) | ||
| 119 | { | ||
| 120 | DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_KEY_SIZE_TOO_SMALL); | ||
| 121 | goto err; | ||
| 109 | } | 122 | } |
| 110 | 123 | ||
| 111 | ret=DH_new(); | ||
| 112 | if (ret == NULL) goto err; | ||
| 113 | ctx=BN_CTX_new(); | 124 | ctx=BN_CTX_new(); |
| 114 | if (ctx == NULL) goto err; | 125 | if (ctx == NULL) goto err; |
| 115 | BN_CTX_start(ctx); | 126 | BN_CTX_start(ctx); |
| 116 | t1 = BN_CTX_get(ctx); | 127 | t1 = BN_CTX_get(ctx); |
| 117 | t2 = BN_CTX_get(ctx); | 128 | t2 = BN_CTX_get(ctx); |
| 118 | if (t1 == NULL || t2 == NULL) goto err; | 129 | if (t1 == NULL || t2 == NULL) goto err; |
| 130 | |||
| 131 | /* Make sure 'ret' has the necessary elements */ | ||
| 132 | if(!ret->p && ((ret->p = BN_new()) == NULL)) goto err; | ||
| 133 | if(!ret->g && ((ret->g = BN_new()) == NULL)) goto err; | ||
| 119 | 134 | ||
| 120 | if (generator <= 1) | 135 | if (generator <= 1) |
| 121 | { | 136 | { |
| 122 | DHerr(DH_F_DH_GENERATE_PARAMETERS, DH_R_BAD_GENERATOR); | 137 | DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR); |
| 123 | goto err; | 138 | goto err; |
| 124 | } | 139 | } |
| 125 | if (generator == DH_GENERATOR_2) | 140 | if (generator == DH_GENERATOR_2) |
| @@ -155,17 +170,14 @@ DH *DH_generate_parameters(int prime_len, int generator, | |||
| 155 | g=generator; | 170 | g=generator; |
| 156 | } | 171 | } |
| 157 | 172 | ||
| 158 | p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); | 173 | if(!BN_generate_prime_ex(ret->p,prime_len,1,t1,t2,cb)) goto err; |
| 159 | if (p == NULL) goto err; | 174 | if(!BN_GENCB_call(cb, 3, 0)) goto err; |
| 160 | if (callback != NULL) callback(3,0,cb_arg); | ||
| 161 | ret->p=p; | ||
| 162 | ret->g=BN_new(); | ||
| 163 | if (!BN_set_word(ret->g,g)) goto err; | 175 | if (!BN_set_word(ret->g,g)) goto err; |
| 164 | ok=1; | 176 | ok=1; |
| 165 | err: | 177 | err: |
| 166 | if (ok == -1) | 178 | if (ok == -1) |
| 167 | { | 179 | { |
| 168 | DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB); | 180 | DHerr(DH_F_DH_BUILTIN_GENPARAMS,ERR_R_BN_LIB); |
| 169 | ok=0; | 181 | ok=0; |
| 170 | } | 182 | } |
| 171 | 183 | ||
| @@ -174,13 +186,7 @@ err: | |||
| 174 | BN_CTX_end(ctx); | 186 | BN_CTX_end(ctx); |
| 175 | BN_CTX_free(ctx); | 187 | BN_CTX_free(ctx); |
| 176 | } | 188 | } |
| 177 | if (!ok && (ret != NULL)) | 189 | return ok; |
| 178 | { | ||
| 179 | DH_free(ret); | ||
| 180 | ret=NULL; | ||
| 181 | } | ||
| 182 | return(ret); | ||
| 183 | } | 190 | } |
| 184 | 191 | ||
| 185 | #endif | 192 | #endif |
| 186 | #endif | ||
diff --git a/src/lib/libssl/src/fips/dh/fips_dh_key.c b/src/lib/libssl/src/fips/dh/fips_dh_key.c index 41e3a661c0..d20fa91d5e 100644 --- a/src/lib/libssl/src/fips/dh/fips_dh_key.c +++ b/src/lib/libssl/src/fips/dh/fips_dh_key.c | |||
| @@ -64,6 +64,7 @@ | |||
| 64 | #endif | 64 | #endif |
| 65 | #ifndef OPENSSL_NO_DH | 65 | #ifndef OPENSSL_NO_DH |
| 66 | #include <openssl/dh.h> | 66 | #include <openssl/dh.h> |
| 67 | #include <openssl/fips.h> | ||
| 67 | 68 | ||
| 68 | #ifdef OPENSSL_FIPS | 69 | #ifdef OPENSSL_FIPS |
| 69 | 70 | ||
| @@ -86,7 +87,7 @@ int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | |||
| 86 | return dh->meth->compute_key(key, pub_key, dh); | 87 | return dh->meth->compute_key(key, pub_key, dh); |
| 87 | } | 88 | } |
| 88 | 89 | ||
| 89 | static DH_METHOD dh_ossl = { | 90 | static const DH_METHOD dh_ossl = { |
| 90 | "OpenSSL DH Method", | 91 | "OpenSSL DH Method", |
| 91 | generate_key, | 92 | generate_key, |
| 92 | compute_key, | 93 | compute_key, |
| @@ -108,9 +109,15 @@ static int generate_key(DH *dh) | |||
| 108 | int generate_new_key=0; | 109 | int generate_new_key=0; |
| 109 | unsigned l; | 110 | unsigned l; |
| 110 | BN_CTX *ctx; | 111 | BN_CTX *ctx; |
| 111 | BN_MONT_CTX *mont; | 112 | BN_MONT_CTX *mont=NULL; |
| 112 | BIGNUM *pub_key=NULL,*priv_key=NULL; | 113 | BIGNUM *pub_key=NULL,*priv_key=NULL; |
| 113 | 114 | ||
| 115 | if (FIPS_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) | ||
| 116 | { | ||
| 117 | DHerr(DH_F_GENERATE_KEY, DH_R_KEY_SIZE_TOO_SMALL); | ||
| 118 | return 0; | ||
| 119 | } | ||
| 120 | |||
| 114 | ctx = BN_CTX_new(); | 121 | ctx = BN_CTX_new(); |
| 115 | if (ctx == NULL) goto err; | 122 | if (ctx == NULL) goto err; |
| 116 | 123 | ||
| @@ -131,28 +138,44 @@ static int generate_key(DH *dh) | |||
| 131 | else | 138 | else |
| 132 | pub_key=dh->pub_key; | 139 | pub_key=dh->pub_key; |
| 133 | 140 | ||
| 134 | if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) | 141 | if (dh->flags & DH_FLAG_CACHE_MONT_P) |
| 135 | { | 142 | { |
| 136 | if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) | 143 | mont = BN_MONT_CTX_set_locked( |
| 137 | if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, | 144 | (BN_MONT_CTX **)&dh->method_mont_p, |
| 138 | dh->p,ctx)) goto err; | 145 | CRYPTO_LOCK_DH, dh->p, ctx); |
| 146 | if (!mont) | ||
| 147 | goto err; | ||
| 139 | } | 148 | } |
| 140 | mont=(BN_MONT_CTX *)dh->method_mont_p; | ||
| 141 | 149 | ||
| 142 | if (generate_new_key) | 150 | if (generate_new_key) |
| 143 | { | 151 | { |
| 144 | l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ | 152 | l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */ |
| 145 | if (!BN_rand(priv_key, l, 0, 0)) goto err; | 153 | if (!BN_rand(priv_key, l, 0, 0)) goto err; |
| 146 | } | 154 | } |
| 147 | if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont)) | 155 | |
| 148 | goto err; | 156 | { |
| 157 | BIGNUM local_prk; | ||
| 158 | BIGNUM *prk; | ||
| 159 | |||
| 160 | if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) | ||
| 161 | { | ||
| 162 | BN_init(&local_prk); | ||
| 163 | prk = &local_prk; | ||
| 164 | BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); | ||
| 165 | } | ||
| 166 | else | ||
| 167 | prk = priv_key; | ||
| 168 | |||
| 169 | if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) | ||
| 170 | goto err; | ||
| 171 | } | ||
| 149 | 172 | ||
| 150 | dh->pub_key=pub_key; | 173 | dh->pub_key=pub_key; |
| 151 | dh->priv_key=priv_key; | 174 | dh->priv_key=priv_key; |
| 152 | ok=1; | 175 | ok=1; |
| 153 | err: | 176 | err: |
| 154 | if (ok != 1) | 177 | if (ok != 1) |
| 155 | DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB); | 178 | DHerr(DH_F_GENERATE_KEY,ERR_R_BN_LIB); |
| 156 | 179 | ||
| 157 | if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); | 180 | if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); |
| 158 | if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); | 181 | if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); |
| @@ -163,7 +186,7 @@ err: | |||
| 163 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | 186 | static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) |
| 164 | { | 187 | { |
| 165 | BN_CTX *ctx; | 188 | BN_CTX *ctx; |
| 166 | BN_MONT_CTX *mont; | 189 | BN_MONT_CTX *mont=NULL; |
| 167 | BIGNUM *tmp; | 190 | BIGNUM *tmp; |
| 168 | int ret= -1; | 191 | int ret= -1; |
| 169 | 192 | ||
| @@ -171,23 +194,42 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) | |||
| 171 | if (ctx == NULL) goto err; | 194 | if (ctx == NULL) goto err; |
| 172 | BN_CTX_start(ctx); | 195 | BN_CTX_start(ctx); |
| 173 | tmp = BN_CTX_get(ctx); | 196 | tmp = BN_CTX_get(ctx); |
| 174 | 197 | ||
| 198 | if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) | ||
| 199 | { | ||
| 200 | DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); | ||
| 201 | goto err; | ||
| 202 | } | ||
| 203 | |||
| 204 | if (FIPS_mode() && (BN_num_bits(dh->p) < OPENSSL_DH_FIPS_MIN_MODULUS_BITS)) | ||
| 205 | { | ||
| 206 | DHerr(DH_F_COMPUTE_KEY, DH_R_KEY_SIZE_TOO_SMALL); | ||
| 207 | goto err; | ||
| 208 | } | ||
| 209 | |||
| 175 | if (dh->priv_key == NULL) | 210 | if (dh->priv_key == NULL) |
| 176 | { | 211 | { |
| 177 | DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); | 212 | DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); |
| 178 | goto err; | 213 | goto err; |
| 179 | } | 214 | } |
| 180 | if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) | 215 | |
| 216 | if (dh->flags & DH_FLAG_CACHE_MONT_P) | ||
| 181 | { | 217 | { |
| 182 | if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) | 218 | mont = BN_MONT_CTX_set_locked( |
| 183 | if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, | 219 | (BN_MONT_CTX **)&dh->method_mont_p, |
| 184 | dh->p,ctx)) goto err; | 220 | CRYPTO_LOCK_DH, dh->p, ctx); |
| 221 | if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) | ||
| 222 | { | ||
| 223 | /* XXX */ | ||
| 224 | BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME); | ||
| 225 | } | ||
| 226 | if (!mont) | ||
| 227 | goto err; | ||
| 185 | } | 228 | } |
| 186 | 229 | ||
| 187 | mont=(BN_MONT_CTX *)dh->method_mont_p; | ||
| 188 | if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) | 230 | if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) |
| 189 | { | 231 | { |
| 190 | DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); | 232 | DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB); |
| 191 | goto err; | 233 | goto err; |
| 192 | } | 234 | } |
| 193 | 235 | ||
| @@ -203,7 +245,10 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, | |||
| 203 | const BIGNUM *m, BN_CTX *ctx, | 245 | const BIGNUM *m, BN_CTX *ctx, |
| 204 | BN_MONT_CTX *m_ctx) | 246 | BN_MONT_CTX *m_ctx) |
| 205 | { | 247 | { |
| 206 | if (a->top == 1) | 248 | /* If a is only one word long and constant time is false, use the faster |
| 249 | * exponenentiation function. | ||
| 250 | */ | ||
| 251 | if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0)) | ||
| 207 | { | 252 | { |
| 208 | BN_ULONG A = a->d[0]; | 253 | BN_ULONG A = a->d[0]; |
| 209 | return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx); | 254 | return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx); |
| @@ -215,6 +260,7 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, | |||
| 215 | 260 | ||
| 216 | static int dh_init(DH *dh) | 261 | static int dh_init(DH *dh) |
| 217 | { | 262 | { |
| 263 | FIPS_selftest_check(); | ||
| 218 | dh->flags |= DH_FLAG_CACHE_MONT_P; | 264 | dh->flags |= DH_FLAG_CACHE_MONT_P; |
| 219 | return(1); | 265 | return(1); |
| 220 | } | 266 | } |
diff --git a/src/lib/libssl/src/fips/dh/fips_dh_lib.c b/src/lib/libssl/src/fips/dh/fips_dh_lib.c new file mode 100644 index 0000000000..4a822cf192 --- /dev/null +++ b/src/lib/libssl/src/fips/dh/fips_dh_lib.c | |||
| @@ -0,0 +1,95 @@ | |||
| 1 | /* fips_dh_lib.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project 2007. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2007 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <string.h> | ||
| 60 | #include <openssl/bn.h> | ||
| 61 | #include <openssl/dh.h> | ||
| 62 | |||
| 63 | /* Minimal FIPS versions of FIPS_dh_new() and FIPS_dh_free(): to | ||
| 64 | * reduce external dependencies. | ||
| 65 | */ | ||
| 66 | |||
| 67 | DH *FIPS_dh_new(void) | ||
| 68 | { | ||
| 69 | DH *ret; | ||
| 70 | ret = OPENSSL_malloc(sizeof(DH)); | ||
| 71 | if (!ret) | ||
| 72 | return NULL; | ||
| 73 | memset(ret, 0, sizeof(DH)); | ||
| 74 | ret->meth = DH_OpenSSL(); | ||
| 75 | if (ret->meth->init) | ||
| 76 | ret->meth->init(ret); | ||
| 77 | return ret; | ||
| 78 | } | ||
| 79 | |||
| 80 | void FIPS_dh_free(DH *r) | ||
| 81 | { | ||
| 82 | if (!r) | ||
| 83 | return; | ||
| 84 | if (r->meth->finish) | ||
| 85 | r->meth->finish(r); | ||
| 86 | if (r->p != NULL) BN_clear_free(r->p); | ||
| 87 | if (r->g != NULL) BN_clear_free(r->g); | ||
| 88 | if (r->q != NULL) BN_clear_free(r->q); | ||
| 89 | if (r->j != NULL) BN_clear_free(r->j); | ||
| 90 | if (r->seed) OPENSSL_free(r->seed); | ||
| 91 | if (r->counter != NULL) BN_clear_free(r->counter); | ||
| 92 | if (r->pub_key != NULL) BN_clear_free(r->pub_key); | ||
| 93 | if (r->priv_key != NULL) BN_clear_free(r->priv_key); | ||
| 94 | OPENSSL_free(r); | ||
| 95 | } | ||
diff --git a/src/lib/libssl/src/fips/dsa/Makefile b/src/lib/libssl/src/fips/dsa/Makefile index 0cc5704ed1..251615e9ad 100644 --- a/src/lib/libssl/src/fips/dsa/Makefile +++ b/src/lib/libssl/src/fips/dsa/Makefile | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | # | 1 | # |
| 2 | # SSLeay/fips/dsa/Makefile | 2 | # OpenSSL/fips/dsa/Makefile |
| 3 | # | 3 | # |
| 4 | 4 | ||
| 5 | DIR= dsa | 5 | DIR= dsa |
| @@ -18,12 +18,14 @@ AR= ar r | |||
| 18 | CFLAGS= $(INCLUDES) $(CFLAG) | 18 | CFLAGS= $(INCLUDES) $(CFLAG) |
| 19 | 19 | ||
| 20 | GENERAL=Makefile | 20 | GENERAL=Makefile |
| 21 | TEST=fips_dsatest.c | 21 | TEST=fips_dsatest.c fips_dssvs.c |
| 22 | APPS= | 22 | APPS= |
| 23 | 23 | ||
| 24 | LIB=$(TOP)/libcrypto.a | 24 | LIB=$(TOP)/libcrypto.a |
| 25 | LIBSRC=fips_dsa_ossl.c fips_dsa_gen.c fips_dsa_selftest.c | 25 | LIBSRC=fips_dsa_ossl.c fips_dsa_gen.c fips_dsa_selftest.c fips_dsa_key.c \ |
| 26 | LIBOBJ=fips_dsa_ossl.o fips_dsa_gen.o fips_dsa_selftest.o | 26 | fips_dsa_lib.c fips_dsa_sign.c |
| 27 | LIBOBJ=fips_dsa_ossl.o fips_dsa_gen.o fips_dsa_selftest.o fips_dsa_key.o \ | ||
| 28 | fips_dsa_lib.o fips_dsa_sign.o | ||
| 27 | 29 | ||
| 28 | SRC= $(LIBSRC) | 30 | SRC= $(LIBSRC) |
| 29 | 31 | ||
| @@ -35,15 +37,10 @@ ALL= $(GENERAL) $(SRC) $(HEADER) | |||
| 35 | top: | 37 | top: |
| 36 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) | 38 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) |
| 37 | 39 | ||
| 38 | all: check lib | 40 | all: lib |
| 39 | 41 | ||
| 40 | lib: $(LIBOBJ) | 42 | lib: $(LIBOBJ) |
| 41 | $(AR) $(LIB) $(LIBOBJ) | 43 | @echo $(LIBOBJ) > lib |
| 42 | $(RANLIB) $(LIB) || echo Never mind. | ||
| 43 | @sleep 2; touch lib | ||
| 44 | |||
| 45 | check: | ||
| 46 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
| 47 | 44 | ||
| 48 | files: | 45 | files: |
| 49 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | 46 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
| @@ -65,23 +62,16 @@ tags: | |||
| 65 | 62 | ||
| 66 | tests: | 63 | tests: |
| 67 | 64 | ||
| 68 | top_fips_dssvs: | ||
| 69 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) TARGET=fips_dssvs sub_target) | ||
| 70 | |||
| 71 | fips_dssvs: fips_dssvs.o $(TOP)/libcrypto.a | ||
| 72 | $(CC) $(CFLAGS) -o fips_dssvs fips_dssvs.o $(PEX_LIBS) $(TOP)/libcrypto.a $(EX_LIBS) | ||
| 73 | TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a fips_dssvs | ||
| 74 | |||
| 75 | Q=../testvectors/dsa/req | 65 | Q=../testvectors/dsa/req |
| 76 | A=../testvectors/dsa/rsp | 66 | A=../testvectors/dsa/rsp |
| 77 | 67 | ||
| 78 | fips_test: top_fips_dssvs | 68 | fips_test: |
| 79 | -rm -rf $A | 69 | -rm -rf $A |
| 80 | mkdir $A | 70 | mkdir $A |
| 81 | ./fips_dssvs pqg < $Q/PQGGen.req > $A/PQGGen.rsp | 71 | if [ -f $(Q)/PQGGen.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_dssvs pqg < $(Q)/PQGGen.req > $(A)/PQGGen.rsp; fi |
| 82 | ./fips_dssvs keypair < $Q/KeyPair.req > $A/KeyPair.rsp | 72 | if [ -f $(Q)/KeyPair.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_dssvs keypair < $(Q)/KeyPair.req > $(A)/KeyPair.rsp; fi |
| 83 | ./fips_dssvs siggen < $Q/SigGen.req > $A/SigGen.rsp | 73 | if [ -f $(Q)/SigGen.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_dssvs siggen < $(Q)/SigGen.req > $(A)/SigGen.rsp; fi |
| 84 | ./fips_dssvs sigver < $Q/SigVer.req > $A/SigVer.rsp | 74 | if [ -f $(Q)/SigVer.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_dssvs sigver < $Q/SigVer.req > $A/SigVer.rsp; fi |
| 85 | 75 | ||
| 86 | lint: | 76 | lint: |
| 87 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 77 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| @@ -97,62 +87,105 @@ clean: | |||
| 97 | rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | 87 | rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff |
| 98 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 88 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 99 | 89 | ||
| 100 | fips_dsa_gen.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h | 90 | fips_dsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 101 | fips_dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h | 91 | fips_dsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h |
| 102 | fips_dsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/cast.h | ||
| 103 | fips_dsa_gen.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | ||
| 104 | fips_dsa_gen.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h | ||
| 105 | fips_dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 92 | fips_dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 106 | fips_dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h | 93 | fips_dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 107 | fips_dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/idea.h | 94 | fips_dsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 108 | fips_dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h | 95 | fips_dsa_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h |
| 109 | fips_dsa_gen.o: ../../include/openssl/md4.h ../../include/openssl/md5.h | ||
| 110 | fips_dsa_gen.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h | ||
| 111 | fips_dsa_gen.o: ../../include/openssl/objects.h | ||
| 112 | fips_dsa_gen.o: ../../include/openssl/opensslconf.h | 96 | fips_dsa_gen.o: ../../include/openssl/opensslconf.h |
| 113 | fips_dsa_gen.o: ../../include/openssl/opensslv.h | 97 | fips_dsa_gen.o: ../../include/openssl/opensslv.h |
| 114 | fips_dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 98 | fips_dsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h |
| 115 | fips_dsa_gen.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h | 99 | fips_dsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h |
| 116 | fips_dsa_gen.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h | 100 | fips_dsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 117 | fips_dsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 101 | fips_dsa_gen.o: fips_dsa_gen.c |
| 118 | fips_dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 102 | fips_dsa_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 119 | fips_dsa_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h | 103 | fips_dsa_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h |
| 120 | fips_dsa_gen.o: ../../include/openssl/ui_compat.h fips_dsa_gen.c | 104 | fips_dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 105 | fips_dsa_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 106 | fips_dsa_key.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 107 | fips_dsa_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 108 | fips_dsa_key.o: ../../include/openssl/opensslconf.h | ||
| 109 | fips_dsa_key.o: ../../include/openssl/opensslv.h | ||
| 110 | fips_dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | ||
| 111 | fips_dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 112 | fips_dsa_key.o: ../../include/openssl/symhacks.h ../fips_locl.h fips_dsa_key.c | ||
| 113 | fips_dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | ||
| 114 | fips_dsa_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h | ||
| 115 | fips_dsa_lib.o: ../../include/openssl/e_os2.h | ||
| 116 | fips_dsa_lib.o: ../../include/openssl/opensslconf.h | ||
| 117 | fips_dsa_lib.o: ../../include/openssl/opensslv.h | ||
| 118 | fips_dsa_lib.o: ../../include/openssl/ossl_typ.h | ||
| 119 | fips_dsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 120 | fips_dsa_lib.o: ../../include/openssl/symhacks.h fips_dsa_lib.c | ||
| 121 | fips_dsa_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 121 | fips_dsa_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 122 | fips_dsa_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | 122 | fips_dsa_ossl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h |
| 123 | fips_dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h | 123 | fips_dsa_ossl.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h |
| 124 | fips_dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 124 | fips_dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 125 | fips_dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/fips.h | 125 | fips_dsa_ossl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 126 | fips_dsa_ossl.o: ../../include/openssl/lhash.h | 126 | fips_dsa_ossl.o: ../../include/openssl/engine.h ../../include/openssl/err.h |
| 127 | fips_dsa_ossl.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 128 | fips_dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 129 | fips_dsa_ossl.o: ../../include/openssl/objects.h | ||
| 127 | fips_dsa_ossl.o: ../../include/openssl/opensslconf.h | 130 | fips_dsa_ossl.o: ../../include/openssl/opensslconf.h |
| 128 | fips_dsa_ossl.o: ../../include/openssl/opensslv.h | 131 | fips_dsa_ossl.o: ../../include/openssl/opensslv.h |
| 129 | fips_dsa_ossl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 132 | fips_dsa_ossl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 130 | fips_dsa_ossl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 133 | fips_dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 131 | fips_dsa_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 134 | fips_dsa_ossl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 132 | fips_dsa_ossl.o: ../../include/openssl/ui.h fips_dsa_ossl.c | 135 | fips_dsa_ossl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h |
| 133 | fips_dsa_selftest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 136 | fips_dsa_ossl.o: ../../include/openssl/x509_vfy.h fips_dsa_ossl.c |
| 134 | fips_dsa_selftest.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h | 137 | fips_dsa_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 138 | fips_dsa_selftest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | ||
| 135 | fips_dsa_selftest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 139 | fips_dsa_selftest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 136 | fips_dsa_selftest.o: ../../include/openssl/err.h ../../include/openssl/fips.h | 140 | fips_dsa_selftest.o: ../../include/openssl/err.h ../../include/openssl/evp.h |
| 137 | fips_dsa_selftest.o: ../../include/openssl/lhash.h | 141 | fips_dsa_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h |
| 142 | fips_dsa_selftest.o: ../../include/openssl/obj_mac.h | ||
| 143 | fips_dsa_selftest.o: ../../include/openssl/objects.h | ||
| 138 | fips_dsa_selftest.o: ../../include/openssl/opensslconf.h | 144 | fips_dsa_selftest.o: ../../include/openssl/opensslconf.h |
| 139 | fips_dsa_selftest.o: ../../include/openssl/opensslv.h | 145 | fips_dsa_selftest.o: ../../include/openssl/opensslv.h |
| 140 | fips_dsa_selftest.o: ../../include/openssl/ossl_typ.h | 146 | fips_dsa_selftest.o: ../../include/openssl/ossl_typ.h |
| 141 | fips_dsa_selftest.o: ../../include/openssl/safestack.h | 147 | fips_dsa_selftest.o: ../../include/openssl/safestack.h |
| 142 | fips_dsa_selftest.o: ../../include/openssl/stack.h | 148 | fips_dsa_selftest.o: ../../include/openssl/stack.h |
| 143 | fips_dsa_selftest.o: ../../include/openssl/symhacks.h fips_dsa_selftest.c | 149 | fips_dsa_selftest.o: ../../include/openssl/symhacks.h fips_dsa_selftest.c |
| 150 | fips_dsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 151 | fips_dsa_sign.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | ||
| 152 | fips_dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
| 153 | fips_dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 154 | fips_dsa_sign.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 155 | fips_dsa_sign.o: ../../include/openssl/obj_mac.h | ||
| 156 | fips_dsa_sign.o: ../../include/openssl/objects.h | ||
| 157 | fips_dsa_sign.o: ../../include/openssl/opensslconf.h | ||
| 158 | fips_dsa_sign.o: ../../include/openssl/opensslv.h | ||
| 159 | fips_dsa_sign.o: ../../include/openssl/ossl_typ.h | ||
| 160 | fips_dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 161 | fips_dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 162 | fips_dsa_sign.o: fips_dsa_sign.c | ||
| 144 | fips_dsatest.o: ../../e_os.h ../../include/openssl/asn1.h | 163 | fips_dsatest.o: ../../e_os.h ../../include/openssl/asn1.h |
| 145 | fips_dsatest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 164 | fips_dsatest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 146 | fips_dsatest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | 165 | fips_dsatest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 147 | fips_dsatest.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h | 166 | fips_dsatest.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 148 | fips_dsatest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | 167 | fips_dsatest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h |
| 149 | fips_dsatest.o: ../../include/openssl/engine.h ../../include/openssl/err.h | 168 | fips_dsatest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h |
| 169 | fips_dsatest.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h | ||
| 170 | fips_dsatest.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 150 | fips_dsatest.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h | 171 | fips_dsatest.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h |
| 151 | fips_dsatest.o: ../../include/openssl/lhash.h | 172 | fips_dsatest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h |
| 173 | fips_dsatest.o: ../../include/openssl/objects.h | ||
| 152 | fips_dsatest.o: ../../include/openssl/opensslconf.h | 174 | fips_dsatest.o: ../../include/openssl/opensslconf.h |
| 153 | fips_dsatest.o: ../../include/openssl/opensslv.h | 175 | fips_dsatest.o: ../../include/openssl/opensslv.h |
| 154 | fips_dsatest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 176 | fips_dsatest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 155 | fips_dsatest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 177 | fips_dsatest.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 156 | fips_dsatest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 178 | fips_dsatest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h |
| 157 | fips_dsatest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 179 | fips_dsatest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h |
| 158 | fips_dsatest.o: fips_dsatest.c | 180 | fips_dsatest.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h |
| 181 | fips_dsatest.o: ../../include/openssl/x509_vfy.h ../fips_utl.h fips_dsatest.c | ||
| 182 | fips_dssvs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 183 | fips_dssvs.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | ||
| 184 | fips_dssvs.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
| 185 | fips_dssvs.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 186 | fips_dssvs.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 187 | fips_dssvs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 188 | fips_dssvs.o: ../../include/openssl/opensslconf.h | ||
| 189 | fips_dssvs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 190 | fips_dssvs.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 191 | fips_dssvs.o: ../../include/openssl/symhacks.h ../fips_utl.h fips_dssvs.c | ||
diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_gen.c b/src/lib/libssl/src/fips/dsa/fips_dsa_gen.c index 21fa3d1783..0cecf34ab2 100644 --- a/src/lib/libssl/src/fips/dsa/fips_dsa_gen.c +++ b/src/lib/libssl/src/fips/dsa/fips_dsa_gen.c | |||
| @@ -69,47 +69,40 @@ | |||
| 69 | #define HASH EVP_sha1() | 69 | #define HASH EVP_sha1() |
| 70 | #endif | 70 | #endif |
| 71 | 71 | ||
| 72 | #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_SHA is defined */ | ||
| 73 | |||
| 74 | #ifndef OPENSSL_NO_SHA | ||
| 75 | |||
| 72 | #include <stdio.h> | 76 | #include <stdio.h> |
| 73 | #include <string.h> | ||
| 74 | #include <time.h> | 77 | #include <time.h> |
| 75 | /*#include "cryptlib.h"*/ | 78 | #include <string.h> |
| 76 | #include <openssl/evp.h> | 79 | #include <openssl/evp.h> |
| 77 | #include <openssl/bn.h> | 80 | #include <openssl/bn.h> |
| 78 | #ifndef OPENSSL_NO_DSA | ||
| 79 | #include <openssl/dsa.h> | 81 | #include <openssl/dsa.h> |
| 80 | #endif | ||
| 81 | #ifndef OPENSSL_NO_RAND | ||
| 82 | #include <openssl/rand.h> | 82 | #include <openssl/rand.h> |
| 83 | #endif | ||
| 84 | #ifndef OPENSSL_NO_SHA | ||
| 85 | #include <openssl/sha.h> | 83 | #include <openssl/sha.h> |
| 86 | #endif | ||
| 87 | #include <openssl/fips.h> | ||
| 88 | #include <openssl/err.h> | 84 | #include <openssl/err.h> |
| 89 | 85 | ||
| 90 | #ifndef OPENSSL_NO_DSA | ||
| 91 | #ifdef OPENSSL_FIPS | 86 | #ifdef OPENSSL_FIPS |
| 92 | 87 | ||
| 93 | static int fips_check_dsa(DSA *dsa) | 88 | static int dsa_builtin_paramgen(DSA *ret, int bits, |
| 94 | { | 89 | unsigned char *seed_in, int seed_len, |
| 95 | static const unsigned char str1[]="12345678901234567890"; | 90 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); |
| 96 | unsigned char sig[256]; | ||
| 97 | unsigned int siglen; | ||
| 98 | 91 | ||
| 99 | DSA_sign(0, str1, 20, sig, &siglen, dsa); | 92 | int DSA_generate_parameters_ex(DSA *ret, int bits, |
| 100 | if(DSA_verify(0, str1, 20, sig, siglen, dsa) != 1) | 93 | unsigned char *seed_in, int seed_len, |
| 94 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) | ||
| 101 | { | 95 | { |
| 102 | FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED); | 96 | if(ret->meth->dsa_paramgen) |
| 103 | return 0; | 97 | return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, |
| 98 | counter_ret, h_ret, cb); | ||
| 99 | return dsa_builtin_paramgen(ret, bits, seed_in, seed_len, | ||
| 100 | counter_ret, h_ret, cb); | ||
| 104 | } | 101 | } |
| 105 | return 1; | 102 | |
| 106 | } | 103 | static int dsa_builtin_paramgen(DSA *ret, int bits, |
| 107 | 104 | unsigned char *seed_in, int seed_len, | |
| 108 | DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits, | 105 | int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) |
| 109 | unsigned char *seed_in, FIPS_DSA_SIZE_T seed_len, | ||
| 110 | int *counter_ret, unsigned long *h_ret, | ||
| 111 | void (*callback)(int, int, void *), | ||
| 112 | void *cb_arg) | ||
| 113 | { | 106 | { |
| 114 | int ok=0; | 107 | int ok=0; |
| 115 | unsigned char seed[SHA_DIGEST_LENGTH]; | 108 | unsigned char seed[SHA_DIGEST_LENGTH]; |
| @@ -121,47 +114,56 @@ DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits, | |||
| 121 | int k,n=0,i,b,m=0; | 114 | int k,n=0,i,b,m=0; |
| 122 | int counter=0; | 115 | int counter=0; |
| 123 | int r=0; | 116 | int r=0; |
| 124 | BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL; | 117 | BN_CTX *ctx=NULL; |
| 125 | unsigned int h=2; | 118 | unsigned int h=2; |
| 126 | DSA *ret=NULL; | ||
| 127 | unsigned char *seed_out=seed_in; | ||
| 128 | 119 | ||
| 129 | if(FIPS_selftest_failed()) | 120 | if(FIPS_selftest_failed()) |
| 130 | { | 121 | { |
| 131 | FIPSerr(FIPS_F_DSA_GENERATE_PARAMETERS, | 122 | FIPSerr(FIPS_F_DSA_BUILTIN_PARAMGEN, |
| 132 | FIPS_R_FIPS_SELFTEST_FAILED); | 123 | FIPS_R_FIPS_SELFTEST_FAILED); |
| 133 | goto err; | 124 | goto err; |
| 134 | } | 125 | } |
| 135 | 126 | ||
| 127 | if (FIPS_mode() && (bits < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) | ||
| 128 | { | ||
| 129 | DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN, DSA_R_KEY_SIZE_TOO_SMALL); | ||
| 130 | goto err; | ||
| 131 | } | ||
| 132 | |||
| 136 | if (bits < 512) bits=512; | 133 | if (bits < 512) bits=512; |
| 137 | bits=(bits+63)/64*64; | 134 | bits=(bits+63)/64*64; |
| 138 | 135 | ||
| 139 | if (seed_len < 20) | 136 | /* NB: seed_len == 0 is special case: copy generated seed to |
| 137 | * seed_in if it is not NULL. | ||
| 138 | */ | ||
| 139 | if (seed_len && (seed_len < 20)) | ||
| 140 | seed_in = NULL; /* seed buffer too small -- ignore */ | 140 | seed_in = NULL; /* seed buffer too small -- ignore */ |
| 141 | if (seed_len > 20) | 141 | if (seed_len > 20) |
| 142 | seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, | 142 | seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, |
| 143 | * but our internal buffers are restricted to 160 bits*/ | 143 | * but our internal buffers are restricted to 160 bits*/ |
| 144 | if ((seed_in != NULL) && (seed_len == 20)) | 144 | if ((seed_in != NULL) && (seed_len == 20)) |
| 145 | { | ||
| 145 | memcpy(seed,seed_in,seed_len); | 146 | memcpy(seed,seed_in,seed_len); |
| 147 | /* set seed_in to NULL to avoid it being copied back */ | ||
| 148 | seed_in = NULL; | ||
| 149 | } | ||
| 146 | 150 | ||
| 147 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 151 | if ((ctx=BN_CTX_new()) == NULL) goto err; |
| 148 | if ((ctx2=BN_CTX_new()) == NULL) goto err; | ||
| 149 | if ((ctx3=BN_CTX_new()) == NULL) goto err; | ||
| 150 | if ((ret=DSA_new()) == NULL) goto err; | ||
| 151 | 152 | ||
| 152 | if ((mont=BN_MONT_CTX_new()) == NULL) goto err; | 153 | if ((mont=BN_MONT_CTX_new()) == NULL) goto err; |
| 153 | 154 | ||
| 154 | BN_CTX_start(ctx2); | 155 | BN_CTX_start(ctx); |
| 155 | r0 = BN_CTX_get(ctx2); | 156 | r0 = BN_CTX_get(ctx); |
| 156 | g = BN_CTX_get(ctx2); | 157 | g = BN_CTX_get(ctx); |
| 157 | W = BN_CTX_get(ctx2); | 158 | W = BN_CTX_get(ctx); |
| 158 | q = BN_CTX_get(ctx2); | 159 | q = BN_CTX_get(ctx); |
| 159 | X = BN_CTX_get(ctx2); | 160 | X = BN_CTX_get(ctx); |
| 160 | c = BN_CTX_get(ctx2); | 161 | c = BN_CTX_get(ctx); |
| 161 | p = BN_CTX_get(ctx2); | 162 | p = BN_CTX_get(ctx); |
| 162 | test = BN_CTX_get(ctx2); | 163 | test = BN_CTX_get(ctx); |
| 163 | 164 | ||
| 164 | BN_lshift(test,BN_value_one(),bits-1); | 165 | if (!BN_lshift(test,BN_value_one(),bits-1)) |
| 166 | goto err; | ||
| 165 | 167 | ||
| 166 | for (;;) | 168 | for (;;) |
| 167 | { | 169 | { |
| @@ -170,12 +172,12 @@ DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits, | |||
| 170 | int seed_is_random; | 172 | int seed_is_random; |
| 171 | 173 | ||
| 172 | /* step 1 */ | 174 | /* step 1 */ |
| 173 | if (callback != NULL) callback(0,m++,cb_arg); | 175 | if(!BN_GENCB_call(cb, 0, m++)) |
| 176 | goto err; | ||
| 174 | 177 | ||
| 175 | if (!seed_len) | 178 | if (!seed_len) |
| 176 | { | 179 | { |
| 177 | if(RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH) < 0) | 180 | RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH); |
| 178 | goto err; | ||
| 179 | seed_is_random = 1; | 181 | seed_is_random = 1; |
| 180 | } | 182 | } |
| 181 | else | 183 | else |
| @@ -204,7 +206,8 @@ DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits, | |||
| 204 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err; | 206 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err; |
| 205 | 207 | ||
| 206 | /* step 4 */ | 208 | /* step 4 */ |
| 207 | r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random); | 209 | r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx, |
| 210 | seed_is_random, cb); | ||
| 208 | if (r > 0) | 211 | if (r > 0) |
| 209 | break; | 212 | break; |
| 210 | if (r != 0) | 213 | if (r != 0) |
| @@ -214,8 +217,8 @@ DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits, | |||
| 214 | /* step 5 */ | 217 | /* step 5 */ |
| 215 | } | 218 | } |
| 216 | 219 | ||
| 217 | if (callback != NULL) callback(2,0,cb_arg); | 220 | if(!BN_GENCB_call(cb, 2, 0)) goto err; |
| 218 | if (callback != NULL) callback(3,0,cb_arg); | 221 | if(!BN_GENCB_call(cb, 3, 0)) goto err; |
| 219 | 222 | ||
| 220 | /* step 6 */ | 223 | /* step 6 */ |
| 221 | counter=0; | 224 | counter=0; |
| @@ -226,8 +229,8 @@ DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits, | |||
| 226 | 229 | ||
| 227 | for (;;) | 230 | for (;;) |
| 228 | { | 231 | { |
| 229 | if (callback != NULL && counter != 0) | 232 | if ((counter != 0) && !BN_GENCB_call(cb, 0, counter)) |
| 230 | callback(0,counter,cb_arg); | 233 | goto err; |
| 231 | 234 | ||
| 232 | /* step 7 */ | 235 | /* step 7 */ |
| 233 | BN_zero(W); | 236 | BN_zero(W); |
| @@ -246,26 +249,27 @@ DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits, | |||
| 246 | /* step 8 */ | 249 | /* step 8 */ |
| 247 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) | 250 | if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) |
| 248 | goto err; | 251 | goto err; |
| 249 | BN_lshift(r0,r0,160*k); | 252 | if (!BN_lshift(r0,r0,160*k)) goto err; |
| 250 | BN_add(W,W,r0); | 253 | if (!BN_add(W,W,r0)) goto err; |
| 251 | } | 254 | } |
| 252 | 255 | ||
| 253 | /* more of step 8 */ | 256 | /* more of step 8 */ |
| 254 | BN_mask_bits(W,bits-1); | 257 | if (!BN_mask_bits(W,bits-1)) goto err; |
| 255 | BN_copy(X,W); /* this should be ok */ | 258 | if (!BN_copy(X,W)) goto err; |
| 256 | BN_add(X,X,test); /* this should be ok */ | 259 | if (!BN_add(X,X,test)) goto err; |
| 257 | 260 | ||
| 258 | /* step 9 */ | 261 | /* step 9 */ |
| 259 | BN_lshift1(r0,q); | 262 | if (!BN_lshift1(r0,q)) goto err; |
| 260 | BN_mod(c,X,r0,ctx); | 263 | if (!BN_mod(c,X,r0,ctx)) goto err; |
| 261 | BN_sub(r0,c,BN_value_one()); | 264 | if (!BN_sub(r0,c,BN_value_one())) goto err; |
| 262 | BN_sub(p,X,r0); | 265 | if (!BN_sub(p,X,r0)) goto err; |
| 263 | 266 | ||
| 264 | /* step 10 */ | 267 | /* step 10 */ |
| 265 | if (BN_cmp(p,test) >= 0) | 268 | if (BN_cmp(p,test) >= 0) |
| 266 | { | 269 | { |
| 267 | /* step 11 */ | 270 | /* step 11 */ |
| 268 | r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1); | 271 | r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, |
| 272 | ctx, 1, cb); | ||
| 269 | if (r > 0) | 273 | if (r > 0) |
| 270 | goto end; /* found it */ | 274 | goto end; /* found it */ |
| 271 | if (r != 0) | 275 | if (r != 0) |
| @@ -281,94 +285,55 @@ DSA *DSA_generate_parameters(FIPS_DSA_SIZE_T bits, | |||
| 281 | } | 285 | } |
| 282 | } | 286 | } |
| 283 | end: | 287 | end: |
| 284 | if (callback != NULL) callback(2,1,cb_arg); | 288 | if(!BN_GENCB_call(cb, 2, 1)) |
| 289 | goto err; | ||
| 285 | 290 | ||
| 286 | /* We now need to generate g */ | 291 | /* We now need to generate g */ |
| 287 | /* Set r0=(p-1)/q */ | 292 | /* Set r0=(p-1)/q */ |
| 288 | BN_sub(test,p,BN_value_one()); | 293 | if (!BN_sub(test,p,BN_value_one())) goto err; |
| 289 | BN_div(r0,NULL,test,q,ctx); | 294 | if (!BN_div(r0,NULL,test,q,ctx)) goto err; |
| 290 | 295 | ||
| 291 | BN_set_word(test,h); | 296 | if (!BN_set_word(test,h)) goto err; |
| 292 | BN_MONT_CTX_set(mont,p,ctx); | 297 | if (!BN_MONT_CTX_set(mont,p,ctx)) goto err; |
| 293 | 298 | ||
| 294 | for (;;) | 299 | for (;;) |
| 295 | { | 300 | { |
| 296 | /* g=test^r0%p */ | 301 | /* g=test^r0%p */ |
| 297 | BN_mod_exp_mont(g,test,r0,p,ctx,mont); | 302 | if (!BN_mod_exp_mont(g,test,r0,p,ctx,mont)) goto err; |
| 298 | if (!BN_is_one(g)) break; | 303 | if (!BN_is_one(g)) break; |
| 299 | BN_add(test,test,BN_value_one()); | 304 | if (!BN_add(test,test,BN_value_one())) goto err; |
| 300 | h++; | 305 | h++; |
| 301 | } | 306 | } |
| 302 | 307 | ||
| 303 | if (callback != NULL) callback(3,1,cb_arg); | 308 | if(!BN_GENCB_call(cb, 3, 1)) |
| 309 | goto err; | ||
| 304 | 310 | ||
| 305 | ok=1; | 311 | ok=1; |
| 306 | err: | 312 | err: |
| 307 | if (!ok) | 313 | if (ok) |
| 308 | { | ||
| 309 | if (ret != NULL) DSA_free(ret); | ||
| 310 | } | ||
| 311 | else | ||
| 312 | { | 314 | { |
| 315 | if(ret->p) BN_free(ret->p); | ||
| 316 | if(ret->q) BN_free(ret->q); | ||
| 317 | if(ret->g) BN_free(ret->g); | ||
| 313 | ret->p=BN_dup(p); | 318 | ret->p=BN_dup(p); |
| 314 | ret->q=BN_dup(q); | 319 | ret->q=BN_dup(q); |
| 315 | ret->g=BN_dup(g); | 320 | ret->g=BN_dup(g); |
| 316 | if(seed_out != NULL) memcpy(seed_out,seed,20); | 321 | if (ret->p == NULL || ret->q == NULL || ret->g == NULL) |
| 322 | { | ||
| 323 | ok=0; | ||
| 324 | goto err; | ||
| 325 | } | ||
| 326 | if (seed_in != NULL) memcpy(seed_in,seed,20); | ||
| 317 | if (counter_ret != NULL) *counter_ret=counter; | 327 | if (counter_ret != NULL) *counter_ret=counter; |
| 318 | if (h_ret != NULL) *h_ret=h; | 328 | if (h_ret != NULL) *h_ret=h; |
| 319 | } | 329 | } |
| 320 | if (ctx != NULL) BN_CTX_free(ctx); | 330 | if(ctx) |
| 321 | if (ctx2 != NULL) | ||
| 322 | { | 331 | { |
| 323 | BN_CTX_end(ctx2); | 332 | BN_CTX_end(ctx); |
| 324 | BN_CTX_free(ctx2); | 333 | BN_CTX_free(ctx); |
| 325 | } | 334 | } |
| 326 | if (ctx3 != NULL) BN_CTX_free(ctx3); | ||
| 327 | if (mont != NULL) BN_MONT_CTX_free(mont); | 335 | if (mont != NULL) BN_MONT_CTX_free(mont); |
| 328 | return(ok?ret:NULL); | 336 | return ok; |
| 329 | } | ||
| 330 | |||
| 331 | int DSA_generate_key(DSA *dsa) | ||
| 332 | { | ||
| 333 | int ok=0; | ||
| 334 | BN_CTX *ctx=NULL; | ||
| 335 | BIGNUM *pub_key=NULL,*priv_key=NULL; | ||
| 336 | |||
| 337 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
| 338 | |||
| 339 | if (dsa->priv_key == NULL) | ||
| 340 | { | ||
| 341 | if ((priv_key=BN_new()) == NULL) goto err; | ||
| 342 | } | ||
| 343 | else | ||
| 344 | priv_key=dsa->priv_key; | ||
| 345 | |||
| 346 | do | ||
| 347 | if (!BN_rand_range(priv_key,dsa->q)) goto err; | ||
| 348 | while (BN_is_zero(priv_key)); | ||
| 349 | |||
| 350 | if (dsa->pub_key == NULL) | ||
| 351 | { | ||
| 352 | if ((pub_key=BN_new()) == NULL) goto err; | ||
| 353 | } | ||
| 354 | else | ||
| 355 | pub_key=dsa->pub_key; | ||
| 356 | |||
| 357 | if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err; | ||
| 358 | |||
| 359 | dsa->priv_key=priv_key; | ||
| 360 | dsa->pub_key=pub_key; | ||
| 361 | |||
| 362 | if(!fips_check_dsa(dsa)) | ||
| 363 | goto err; | ||
| 364 | |||
| 365 | ok=1; | ||
| 366 | |||
| 367 | err: | ||
| 368 | if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key); | ||
| 369 | if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key); | ||
| 370 | if (ctx != NULL) BN_CTX_free(ctx); | ||
| 371 | return(ok); | ||
| 372 | } | 337 | } |
| 373 | #endif | 338 | #endif |
| 374 | #endif | 339 | #endif |
diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_key.c b/src/lib/libssl/src/fips/dsa/fips_dsa_key.c new file mode 100644 index 0000000000..b5f8cfa1d0 --- /dev/null +++ b/src/lib/libssl/src/fips/dsa/fips_dsa_key.c | |||
| @@ -0,0 +1,169 @@ | |||
| 1 | /* crypto/dsa/dsa_key.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <time.h> | ||
| 61 | #ifndef OPENSSL_NO_SHA | ||
| 62 | #include <openssl/bn.h> | ||
| 63 | #include <openssl/dsa.h> | ||
| 64 | #include <openssl/rand.h> | ||
| 65 | #include <openssl/err.h> | ||
| 66 | #include <openssl/evp.h> | ||
| 67 | #include <openssl/fips.h> | ||
| 68 | #include "fips_locl.h" | ||
| 69 | |||
| 70 | #ifdef OPENSSL_FIPS | ||
| 71 | |||
| 72 | static int fips_dsa_pairwise_fail = 0; | ||
| 73 | |||
| 74 | void FIPS_corrupt_dsa_keygen(void) | ||
| 75 | { | ||
| 76 | fips_dsa_pairwise_fail = 1; | ||
| 77 | } | ||
| 78 | |||
| 79 | static int dsa_builtin_keygen(DSA *dsa); | ||
| 80 | |||
| 81 | int fips_check_dsa(DSA *dsa) | ||
| 82 | { | ||
| 83 | EVP_PKEY pk; | ||
| 84 | unsigned char tbs[] = "DSA Pairwise Check Data"; | ||
| 85 | pk.type = EVP_PKEY_DSA; | ||
| 86 | pk.pkey.dsa = dsa; | ||
| 87 | |||
| 88 | if (!fips_pkey_signature_test(&pk, tbs, -1, | ||
| 89 | NULL, 0, EVP_dss1(), 0, NULL)) | ||
| 90 | { | ||
| 91 | FIPSerr(FIPS_F_FIPS_CHECK_DSA,FIPS_R_PAIRWISE_TEST_FAILED); | ||
| 92 | fips_set_selftest_fail(); | ||
| 93 | return 0; | ||
| 94 | } | ||
| 95 | return 1; | ||
| 96 | } | ||
| 97 | |||
| 98 | int DSA_generate_key(DSA *dsa) | ||
| 99 | { | ||
| 100 | if(dsa->meth->dsa_keygen) | ||
| 101 | return dsa->meth->dsa_keygen(dsa); | ||
| 102 | return dsa_builtin_keygen(dsa); | ||
| 103 | } | ||
| 104 | |||
| 105 | static int dsa_builtin_keygen(DSA *dsa) | ||
| 106 | { | ||
| 107 | int ok=0; | ||
| 108 | BN_CTX *ctx=NULL; | ||
| 109 | BIGNUM *pub_key=NULL,*priv_key=NULL; | ||
| 110 | |||
| 111 | if (FIPS_mode() && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) | ||
| 112 | { | ||
| 113 | DSAerr(DSA_F_DSA_BUILTIN_KEYGEN, DSA_R_KEY_SIZE_TOO_SMALL); | ||
| 114 | goto err; | ||
| 115 | } | ||
| 116 | |||
| 117 | if ((ctx=BN_CTX_new()) == NULL) goto err; | ||
| 118 | |||
| 119 | if (dsa->priv_key == NULL) | ||
| 120 | { | ||
| 121 | if ((priv_key=BN_new()) == NULL) goto err; | ||
| 122 | } | ||
| 123 | else | ||
| 124 | priv_key=dsa->priv_key; | ||
| 125 | |||
| 126 | do | ||
| 127 | if (!BN_rand_range(priv_key,dsa->q)) goto err; | ||
| 128 | while (BN_is_zero(priv_key)); | ||
| 129 | |||
| 130 | if (dsa->pub_key == NULL) | ||
| 131 | { | ||
| 132 | if ((pub_key=BN_new()) == NULL) goto err; | ||
| 133 | } | ||
| 134 | else | ||
| 135 | pub_key=dsa->pub_key; | ||
| 136 | |||
| 137 | { | ||
| 138 | BIGNUM local_prk; | ||
| 139 | BIGNUM *prk; | ||
| 140 | |||
| 141 | if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) | ||
| 142 | { | ||
| 143 | BN_init(&local_prk); | ||
| 144 | prk = &local_prk; | ||
| 145 | BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); | ||
| 146 | } | ||
| 147 | else | ||
| 148 | prk = priv_key; | ||
| 149 | |||
| 150 | if (!BN_mod_exp(pub_key,dsa->g,prk,dsa->p,ctx)) goto err; | ||
| 151 | } | ||
| 152 | |||
| 153 | dsa->priv_key=priv_key; | ||
| 154 | dsa->pub_key=pub_key; | ||
| 155 | if (fips_dsa_pairwise_fail) | ||
| 156 | BN_add_word(dsa->pub_key, 1); | ||
| 157 | if(!fips_check_dsa(dsa)) | ||
| 158 | goto err; | ||
| 159 | ok=1; | ||
| 160 | |||
| 161 | err: | ||
| 162 | if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key); | ||
| 163 | if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key); | ||
| 164 | if (ctx != NULL) BN_CTX_free(ctx); | ||
| 165 | return(ok); | ||
| 166 | } | ||
| 167 | #endif | ||
| 168 | |||
| 169 | #endif | ||
diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_lib.c b/src/lib/libssl/src/fips/dsa/fips_dsa_lib.c new file mode 100644 index 0000000000..2545966d2a --- /dev/null +++ b/src/lib/libssl/src/fips/dsa/fips_dsa_lib.c | |||
| @@ -0,0 +1,95 @@ | |||
| 1 | /* fips_dsa_lib.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project 2007. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2007 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <string.h> | ||
| 60 | #include <openssl/dsa.h> | ||
| 61 | #include <openssl/bn.h> | ||
| 62 | |||
| 63 | /* Minimal FIPS versions of FIPS_dsa_new() and FIPS_dsa_free: to | ||
| 64 | * reduce external dependencies. | ||
| 65 | */ | ||
| 66 | |||
| 67 | DSA *FIPS_dsa_new(void) | ||
| 68 | { | ||
| 69 | DSA *ret; | ||
| 70 | ret = OPENSSL_malloc(sizeof(DSA)); | ||
| 71 | if (!ret) | ||
| 72 | return NULL; | ||
| 73 | memset(ret, 0, sizeof(DSA)); | ||
| 74 | ret->meth = DSA_OpenSSL(); | ||
| 75 | if (ret->meth->init) | ||
| 76 | ret->meth->init(ret); | ||
| 77 | return ret; | ||
| 78 | } | ||
| 79 | |||
| 80 | void FIPS_dsa_free(DSA *r) | ||
| 81 | { | ||
| 82 | if (!r) | ||
| 83 | return; | ||
| 84 | if (r->meth->finish) | ||
| 85 | r->meth->finish(r); | ||
| 86 | if (r->p != NULL) BN_clear_free(r->p); | ||
| 87 | if (r->q != NULL) BN_clear_free(r->q); | ||
| 88 | if (r->g != NULL) BN_clear_free(r->g); | ||
| 89 | if (r->pub_key != NULL) BN_clear_free(r->pub_key); | ||
| 90 | if (r->priv_key != NULL) BN_clear_free(r->priv_key); | ||
| 91 | if (r->kinv != NULL) BN_clear_free(r->kinv); | ||
| 92 | if (r->r != NULL) BN_clear_free(r->r); | ||
| 93 | OPENSSL_free(r); | ||
| 94 | } | ||
| 95 | |||
diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c b/src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c index 0ae5eb4b9e..50a6c13318 100644 --- a/src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c +++ b/src/lib/libssl/src/fips/dsa/fips_dsa_ossl.c | |||
| @@ -63,6 +63,7 @@ | |||
| 63 | #include <openssl/dsa.h> | 63 | #include <openssl/dsa.h> |
| 64 | #include <openssl/rand.h> | 64 | #include <openssl/rand.h> |
| 65 | #include <openssl/asn1.h> | 65 | #include <openssl/asn1.h> |
| 66 | #include <openssl/err.h> | ||
| 66 | #ifndef OPENSSL_NO_ENGINE | 67 | #ifndef OPENSSL_NO_ENGINE |
| 67 | #include <openssl/engine.h> | 68 | #include <openssl/engine.h> |
| 68 | #endif | 69 | #endif |
| @@ -83,7 +84,7 @@ static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, | |||
| 83 | const BIGNUM *m, BN_CTX *ctx, | 84 | const BIGNUM *m, BN_CTX *ctx, |
| 84 | BN_MONT_CTX *m_ctx); | 85 | BN_MONT_CTX *m_ctx); |
| 85 | 86 | ||
| 86 | static DSA_METHOD openssl_dsa_meth = { | 87 | static const DSA_METHOD openssl_dsa_meth = { |
| 87 | "OpenSSL FIPS DSA method", | 88 | "OpenSSL FIPS DSA method", |
| 88 | dsa_do_sign, | 89 | dsa_do_sign, |
| 89 | dsa_sign_setup, | 90 | dsa_sign_setup, |
| @@ -92,10 +93,10 @@ dsa_mod_exp, | |||
| 92 | dsa_bn_mod_exp, | 93 | dsa_bn_mod_exp, |
| 93 | dsa_init, | 94 | dsa_init, |
| 94 | dsa_finish, | 95 | dsa_finish, |
| 95 | 0, | 96 | DSA_FLAG_FIPS_METHOD, |
| 96 | NULL | 97 | NULL |
| 97 | }; | 98 | }; |
| 98 | 99 | #if 0 | |
| 99 | int FIPS_dsa_check(struct dsa_st *dsa) | 100 | int FIPS_dsa_check(struct dsa_st *dsa) |
| 100 | { | 101 | { |
| 101 | if(dsa->meth != &openssl_dsa_meth || dsa->meth->dsa_do_sign != dsa_do_sign | 102 | if(dsa->meth != &openssl_dsa_meth || dsa->meth->dsa_do_sign != dsa_do_sign |
| @@ -110,6 +111,7 @@ int FIPS_dsa_check(struct dsa_st *dsa) | |||
| 110 | } | 111 | } |
| 111 | return 1; | 112 | return 1; |
| 112 | } | 113 | } |
| 114 | #endif | ||
| 113 | 115 | ||
| 114 | const DSA_METHOD *DSA_OpenSSL(void) | 116 | const DSA_METHOD *DSA_OpenSSL(void) |
| 115 | { | 117 | { |
| @@ -131,6 +133,12 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA | |||
| 131 | return NULL; | 133 | return NULL; |
| 132 | } | 134 | } |
| 133 | 135 | ||
| 136 | if (FIPS_mode() && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) | ||
| 137 | { | ||
| 138 | DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_KEY_SIZE_TOO_SMALL); | ||
| 139 | return NULL; | ||
| 140 | } | ||
| 141 | |||
| 134 | BN_init(&m); | 142 | BN_init(&m); |
| 135 | BN_init(&xr); | 143 | BN_init(&xr); |
| 136 | 144 | ||
| @@ -153,17 +161,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA | |||
| 153 | ctx=BN_CTX_new(); | 161 | ctx=BN_CTX_new(); |
| 154 | if (ctx == NULL) goto err; | 162 | if (ctx == NULL) goto err; |
| 155 | 163 | ||
| 156 | if ((dsa->kinv == NULL) || (dsa->r == NULL)) | 164 | if (!dsa->meth->dsa_sign_setup(dsa,ctx,&kinv,&r)) goto err; |
| 157 | { | ||
| 158 | if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err; | ||
| 159 | } | ||
| 160 | else | ||
| 161 | { | ||
| 162 | kinv=dsa->kinv; | ||
| 163 | dsa->kinv=NULL; | ||
| 164 | r=dsa->r; | ||
| 165 | dsa->r=NULL; | ||
| 166 | } | ||
| 167 | 165 | ||
| 168 | if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err; | 166 | if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err; |
| 169 | 167 | ||
| @@ -174,7 +172,7 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, FIPS_DSA_SIZE_T dlen, DSA | |||
| 174 | BN_sub(s,s,dsa->q); | 172 | BN_sub(s,s,dsa->q); |
| 175 | if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; | 173 | if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; |
| 176 | 174 | ||
| 177 | ret=DSA_SIG_new(); | 175 | ret= DSA_SIG_new(); |
| 178 | if (ret == NULL) goto err; | 176 | if (ret == NULL) goto err; |
| 179 | ret->r = r; | 177 | ret->r = r; |
| 180 | ret->s = s; | 178 | ret->s = s; |
| @@ -197,7 +195,7 @@ err: | |||
| 197 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | 195 | static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) |
| 198 | { | 196 | { |
| 199 | BN_CTX *ctx; | 197 | BN_CTX *ctx; |
| 200 | BIGNUM k,*kinv=NULL,*r=NULL; | 198 | BIGNUM k,kq,*K,*kinv=NULL,*r=NULL; |
| 201 | int ret=0; | 199 | int ret=0; |
| 202 | 200 | ||
| 203 | if (!dsa->p || !dsa->q || !dsa->g) | 201 | if (!dsa->p || !dsa->q || !dsa->g) |
| @@ -207,6 +205,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | |||
| 207 | } | 205 | } |
| 208 | 206 | ||
| 209 | BN_init(&k); | 207 | BN_init(&k); |
| 208 | BN_init(&kq); | ||
| 210 | 209 | ||
| 211 | if (ctx_in == NULL) | 210 | if (ctx_in == NULL) |
| 212 | { | 211 | { |
| @@ -216,22 +215,49 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) | |||
| 216 | ctx=ctx_in; | 215 | ctx=ctx_in; |
| 217 | 216 | ||
| 218 | if ((r=BN_new()) == NULL) goto err; | 217 | if ((r=BN_new()) == NULL) goto err; |
| 219 | kinv=NULL; | ||
| 220 | 218 | ||
| 221 | /* Get random k */ | 219 | /* Get random k */ |
| 222 | do | 220 | do |
| 223 | if (!BN_rand_range(&k, dsa->q)) goto err; | 221 | if (!BN_rand_range(&k, dsa->q)) goto err; |
| 224 | while (BN_is_zero(&k)); | 222 | while (BN_is_zero(&k)); |
| 223 | if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) | ||
| 224 | { | ||
| 225 | BN_set_flags(&k, BN_FLG_CONSTTIME); | ||
| 226 | } | ||
| 225 | 227 | ||
| 226 | if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) | 228 | if (dsa->flags & DSA_FLAG_CACHE_MONT_P) |
| 227 | { | 229 | { |
| 228 | if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) | 230 | if (!BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p, |
| 229 | if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, | 231 | CRYPTO_LOCK_DSA, |
| 230 | dsa->p,ctx)) goto err; | 232 | dsa->p, ctx)) |
| 233 | goto err; | ||
| 231 | } | 234 | } |
| 232 | 235 | ||
| 233 | /* Compute r = (g^k mod p) mod q */ | 236 | /* Compute r = (g^k mod p) mod q */ |
| 234 | if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx, | 237 | |
| 238 | if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) | ||
| 239 | { | ||
| 240 | if (!BN_copy(&kq, &k)) goto err; | ||
| 241 | |||
| 242 | /* We do not want timing information to leak the length of k, | ||
| 243 | * so we compute g^k using an equivalent exponent of fixed length. | ||
| 244 | * | ||
| 245 | * (This is a kludge that we need because the BN_mod_exp_mont() | ||
| 246 | * does not let us specify the desired timing behaviour.) */ | ||
| 247 | |||
| 248 | if (!BN_add(&kq, &kq, dsa->q)) goto err; | ||
| 249 | if (BN_num_bits(&kq) <= BN_num_bits(dsa->q)) | ||
| 250 | { | ||
| 251 | if (!BN_add(&kq, &kq, dsa->q)) goto err; | ||
| 252 | } | ||
| 253 | |||
| 254 | K = &kq; | ||
| 255 | } | ||
| 256 | else | ||
| 257 | { | ||
| 258 | K = &k; | ||
| 259 | } | ||
| 260 | if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,K,dsa->p,ctx, | ||
| 235 | (BN_MONT_CTX *)dsa->method_mont_p)) goto err; | 261 | (BN_MONT_CTX *)dsa->method_mont_p)) goto err; |
| 236 | if (!BN_mod(r,r,dsa->q,ctx)) goto err; | 262 | if (!BN_mod(r,r,dsa->q,ctx)) goto err; |
| 237 | 263 | ||
| @@ -254,6 +280,7 @@ err: | |||
| 254 | if (ctx_in == NULL) BN_CTX_free(ctx); | 280 | if (ctx_in == NULL) BN_CTX_free(ctx); |
| 255 | if (kinv != NULL) BN_clear_free(kinv); | 281 | if (kinv != NULL) BN_clear_free(kinv); |
| 256 | BN_clear_free(&k); | 282 | BN_clear_free(&k); |
| 283 | BN_clear_free(&kq); | ||
| 257 | return(ret); | 284 | return(ret); |
| 258 | } | 285 | } |
| 259 | 286 | ||
| @@ -277,6 +304,24 @@ static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DS | |||
| 277 | return -1; | 304 | return -1; |
| 278 | } | 305 | } |
| 279 | 306 | ||
| 307 | if (BN_num_bits(dsa->q) != 160) | ||
| 308 | { | ||
| 309 | DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_BAD_Q_VALUE); | ||
| 310 | return -1; | ||
| 311 | } | ||
| 312 | |||
| 313 | if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) | ||
| 314 | { | ||
| 315 | DSAerr(DSA_F_DSA_DO_VERIFY,DSA_R_MODULUS_TOO_LARGE); | ||
| 316 | return -1; | ||
| 317 | } | ||
| 318 | |||
| 319 | if (FIPS_mode() && (BN_num_bits(dsa->p) < OPENSSL_DSA_FIPS_MIN_MODULUS_BITS)) | ||
| 320 | { | ||
| 321 | DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_KEY_SIZE_TOO_SMALL); | ||
| 322 | return -1; | ||
| 323 | } | ||
| 324 | |||
| 280 | BN_init(&u1); | 325 | BN_init(&u1); |
| 281 | BN_init(&u2); | 326 | BN_init(&u2); |
| 282 | BN_init(&t1); | 327 | BN_init(&t1); |
| @@ -307,13 +352,15 @@ static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DS | |||
| 307 | /* u2 = r * w mod q */ | 352 | /* u2 = r * w mod q */ |
| 308 | if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err; | 353 | if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err; |
| 309 | 354 | ||
| 310 | if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) | 355 | |
| 356 | if (dsa->flags & DSA_FLAG_CACHE_MONT_P) | ||
| 311 | { | 357 | { |
| 312 | if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) | 358 | mont = BN_MONT_CTX_set_locked( |
| 313 | if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, | 359 | (BN_MONT_CTX **)&dsa->method_mont_p, |
| 314 | dsa->p,ctx)) goto err; | 360 | CRYPTO_LOCK_DSA, dsa->p, ctx); |
| 361 | if (!mont) | ||
| 362 | goto err; | ||
| 315 | } | 363 | } |
| 316 | mont=(BN_MONT_CTX *)dsa->method_mont_p; | ||
| 317 | 364 | ||
| 318 | #if 0 | 365 | #if 0 |
| 319 | { | 366 | { |
| @@ -355,6 +402,7 @@ static int dsa_do_verify(const unsigned char *dgst, FIPS_DSA_SIZE_T dgst_len, DS | |||
| 355 | 402 | ||
| 356 | static int dsa_init(DSA *dsa) | 403 | static int dsa_init(DSA *dsa) |
| 357 | { | 404 | { |
| 405 | FIPS_selftest_check(); | ||
| 358 | dsa->flags|=DSA_FLAG_CACHE_MONT_P; | 406 | dsa->flags|=DSA_FLAG_CACHE_MONT_P; |
| 359 | return(1); | 407 | return(1); |
| 360 | } | 408 | } |
diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c b/src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c index 2c88f0af44..6880760a77 100644 --- a/src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c +++ b/src/lib/libssl/src/fips/dsa/fips_dsa_selftest.c | |||
| @@ -61,42 +61,49 @@ | |||
| 61 | #include <openssl/dsa.h> | 61 | #include <openssl/dsa.h> |
| 62 | #include <openssl/fips.h> | 62 | #include <openssl/fips.h> |
| 63 | #include <openssl/err.h> | 63 | #include <openssl/err.h> |
| 64 | #include <openssl/evp.h> | ||
| 65 | #include <openssl/bn.h> | ||
| 64 | 66 | ||
| 65 | #ifdef OPENSSL_FIPS | 67 | #ifdef OPENSSL_FIPS |
| 66 | 68 | ||
| 67 | /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to | 69 | /* seed, out_p, out_q, out_g are taken the NIST test vectors */ |
| 68 | * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ | 70 | |
| 69 | static unsigned char seed[20]={ | 71 | static unsigned char seed[20] = { |
| 70 | 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40, | 72 | 0x77, 0x8f, 0x40, 0x74, 0x6f, 0x66, 0xbe, 0x33, 0xce, 0xbe, 0x99, 0x34, |
| 71 | 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3, | 73 | 0x4c, 0xfc, 0xf3, 0x28, 0xaa, 0x70, 0x2d, 0x3a |
| 72 | }; | 74 | }; |
| 73 | 75 | ||
| 74 | static unsigned char out_p[]={ | 76 | static unsigned char out_p[] = { |
| 75 | 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa, | 77 | 0xf7, 0x7c, 0x1b, 0x83, 0xd8, 0xe8, 0x5c, 0x7f, 0x85, 0x30, 0x17, 0x57, |
| 76 | 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb, | 78 | 0x21, 0x95, 0xfe, 0x26, 0x04, 0xeb, 0x47, 0x4c, 0x3a, 0x4a, 0x81, 0x4b, |
| 77 | 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7, | 79 | 0x71, 0x2e, 0xed, 0x6e, 0x4f, 0x3d, 0x11, 0x0f, 0x7c, 0xfe, 0x36, 0x43, |
| 78 | 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5, | 80 | 0x51, 0xd9, 0x81, 0x39, 0x17, 0xdf, 0x62, 0xf6, 0x9c, 0x01, 0xa8, 0x69, |
| 79 | 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf, | 81 | 0x71, 0xdd, 0x29, 0x7f, 0x47, 0xe6, 0x65, 0xa6, 0x22, 0xe8, 0x6a, 0x12, |
| 80 | 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac, | 82 | 0x2b, 0xc2, 0x81, 0xff, 0x32, 0x70, 0x2f, 0x9e, 0xca, 0x53, 0x26, 0x47, |
| 81 | 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2, | 83 | 0x0f, 0x59, 0xd7, 0x9e, 0x2c, 0xa5, 0x07, 0xc4, 0x49, 0x52, 0xa3, 0xe4, |
| 82 | 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91, | 84 | 0x6b, 0x04, 0x00, 0x25, 0x49, 0xe2, 0xe6, 0x7f, 0x28, 0x78, 0x97, 0xb8, |
| 85 | 0x3a, 0x32, 0x14, 0x38, 0xa2, 0x51, 0x33, 0x22, 0x44, 0x7e, 0xd7, 0xef, | ||
| 86 | 0x45, 0xdb, 0x06, 0x4a, 0xd2, 0x82, 0x4a, 0x82, 0x2c, 0xb1, 0xd7, 0xd8, | ||
| 87 | 0xb6, 0x73, 0x00, 0x4d, 0x94, 0x77, 0x94, 0xef | ||
| 83 | }; | 88 | }; |
| 84 | 89 | ||
| 85 | static unsigned char out_q[]={ | 90 | static unsigned char out_q[] = { |
| 86 | 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee, | 91 | 0xd4, 0x0a, 0xac, 0x9f, 0xbd, 0x8c, 0x80, 0xc2, 0x38, 0x7e, 0x2e, 0x0c, |
| 87 | 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e, | 92 | 0x52, 0x5c, 0xea, 0x34, 0xa1, 0x83, 0x32, 0xf3 |
| 88 | 0xda,0xce,0x91,0x5f, | ||
| 89 | }; | 93 | }; |
| 90 | 94 | ||
| 91 | static unsigned char out_g[]={ | 95 | static unsigned char out_g[] = { |
| 92 | 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13, | 96 | 0x34, 0x73, 0x8b, 0x57, 0x84, 0x8e, 0x55, 0xbf, 0x57, 0xcc, 0x41, 0xbb, |
| 93 | 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00, | 97 | 0x5e, 0x2b, 0xd5, 0x42, 0xdd, 0x24, 0x22, 0x2a, 0x09, 0xea, 0x26, 0x1e, |
| 94 | 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb, | 98 | 0x17, 0x65, 0xcb, 0x1a, 0xb3, 0x12, 0x44, 0xa3, 0x9e, 0x99, 0xe9, 0x63, |
| 95 | 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e, | 99 | 0xeb, 0x30, 0xb1, 0x78, 0x7b, 0x09, 0x40, 0x30, 0xfa, 0x83, 0xc2, 0x35, |
| 96 | 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf, | 100 | 0xe1, 0xc4, 0x2d, 0x74, 0x1a, 0xb1, 0x83, 0x54, 0xd8, 0x29, 0xf4, 0xcf, |
| 97 | 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c, | 101 | 0x7f, 0x6f, 0x67, 0x1c, 0x36, 0x49, 0xee, 0x6c, 0xa2, 0x3c, 0x2d, 0x6a, |
| 98 | 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c, | 102 | 0xe9, 0xd3, 0x9a, 0xf6, 0x57, 0x78, 0x6f, 0xfd, 0x33, 0xcd, 0x3c, 0xed, |
| 99 | 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02, | 103 | 0xfd, 0xd4, 0x41, 0xe6, 0x5c, 0x8b, 0xe0, 0x68, 0x31, 0x47, 0x47, 0xaf, |
| 104 | 0x12, 0xa7, 0xf9, 0x32, 0x0d, 0x94, 0x15, 0x48, 0xd0, 0x54, 0x85, 0xb2, | ||
| 105 | 0x04, 0xb5, 0x4d, 0xd4, 0x9d, 0x05, 0x22, 0x25, 0xd9, 0xfd, 0x6c, 0x36, | ||
| 106 | 0xef, 0xbe, 0x69, 0x6c, 0x55, 0xf4, 0xee, 0xec | ||
| 100 | }; | 107 | }; |
| 101 | 108 | ||
| 102 | static const unsigned char str1[]="12345678901234567890"; | 109 | static const unsigned char str1[]="12345678901234567890"; |
| @@ -109,60 +116,65 @@ void FIPS_corrupt_dsa() | |||
| 109 | int FIPS_selftest_dsa() | 116 | int FIPS_selftest_dsa() |
| 110 | { | 117 | { |
| 111 | DSA *dsa=NULL; | 118 | DSA *dsa=NULL; |
| 112 | int counter,i,j; | 119 | int counter,i,j, ret = 0; |
| 120 | unsigned int slen; | ||
| 113 | unsigned char buf[256]; | 121 | unsigned char buf[256]; |
| 114 | unsigned long h; | 122 | unsigned long h; |
| 115 | unsigned char sig[256]; | 123 | EVP_MD_CTX mctx; |
| 116 | unsigned int siglen; | 124 | EVP_PKEY pk; |
| 117 | 125 | ||
| 118 | dsa=DSA_generate_parameters(512,seed,20,&counter,&h,NULL,NULL); | 126 | EVP_MD_CTX_init(&mctx); |
| 127 | |||
| 128 | dsa = FIPS_dsa_new(); | ||
| 119 | 129 | ||
| 120 | if(dsa == NULL) | 130 | if(dsa == NULL) |
| 121 | { | 131 | goto err; |
| 122 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | 132 | if(!DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,NULL)) |
| 123 | return 0; | 133 | goto err; |
| 124 | } | 134 | if (counter != 378) |
| 125 | if (counter != 105) | 135 | goto err; |
| 126 | { | ||
| 127 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
| 128 | return 0; | ||
| 129 | } | ||
| 130 | if (h != 2) | 136 | if (h != 2) |
| 131 | { | 137 | goto err; |
| 132 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
| 133 | return 0; | ||
| 134 | } | ||
| 135 | i=BN_bn2bin(dsa->q,buf); | 138 | i=BN_bn2bin(dsa->q,buf); |
| 136 | j=sizeof(out_q); | 139 | j=sizeof(out_q); |
| 137 | if (i != j || memcmp(buf,out_q,i) != 0) | 140 | if (i != j || memcmp(buf,out_q,i) != 0) |
| 138 | { | 141 | goto err; |
| 139 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
| 140 | return 0; | ||
| 141 | } | ||
| 142 | 142 | ||
| 143 | i=BN_bn2bin(dsa->p,buf); | 143 | i=BN_bn2bin(dsa->p,buf); |
| 144 | j=sizeof(out_p); | 144 | j=sizeof(out_p); |
| 145 | if (i != j || memcmp(buf,out_p,i) != 0) | 145 | if (i != j || memcmp(buf,out_p,i) != 0) |
| 146 | { | 146 | goto err; |
| 147 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
| 148 | return 0; | ||
| 149 | } | ||
| 150 | 147 | ||
| 151 | i=BN_bn2bin(dsa->g,buf); | 148 | i=BN_bn2bin(dsa->g,buf); |
| 152 | j=sizeof(out_g); | 149 | j=sizeof(out_g); |
| 153 | if (i != j || memcmp(buf,out_g,i) != 0) | 150 | if (i != j || memcmp(buf,out_g,i) != 0) |
| 154 | { | 151 | goto err; |
| 155 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
| 156 | return 0; | ||
| 157 | } | ||
| 158 | DSA_generate_key(dsa); | 152 | DSA_generate_key(dsa); |
| 159 | DSA_sign(0, str1, 20, sig, &siglen, dsa); | 153 | pk.type = EVP_PKEY_DSA; |
| 160 | if(DSA_verify(0, str1, 20, sig, siglen, dsa) != 1) | 154 | pk.pkey.dsa = dsa; |
| 161 | { | 155 | |
| 162 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | 156 | if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL)) |
| 163 | return 0; | 157 | goto err; |
| 164 | } | 158 | if (!EVP_SignUpdate(&mctx, str1, 20)) |
| 165 | DSA_free(dsa); | 159 | goto err; |
| 166 | return 1; | 160 | if (!EVP_SignFinal(&mctx, buf, &slen, &pk)) |
| 161 | goto err; | ||
| 162 | |||
| 163 | if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL)) | ||
| 164 | goto err; | ||
| 165 | if (!EVP_VerifyUpdate(&mctx, str1, 20)) | ||
| 166 | goto err; | ||
| 167 | if (EVP_VerifyFinal(&mctx, buf, slen, &pk) != 1) | ||
| 168 | goto err; | ||
| 169 | |||
| 170 | ret = 1; | ||
| 171 | |||
| 172 | err: | ||
| 173 | EVP_MD_CTX_cleanup(&mctx); | ||
| 174 | if (dsa) | ||
| 175 | FIPS_dsa_free(dsa); | ||
| 176 | if (ret == 0) | ||
| 177 | FIPSerr(FIPS_F_FIPS_SELFTEST_DSA,FIPS_R_SELFTEST_FAILED); | ||
| 178 | return ret; | ||
| 167 | } | 179 | } |
| 168 | #endif | 180 | #endif |
diff --git a/src/lib/libssl/src/fips/dsa/fips_dsa_sign.c b/src/lib/libssl/src/fips/dsa/fips_dsa_sign.c new file mode 100644 index 0000000000..32ea0b0fea --- /dev/null +++ b/src/lib/libssl/src/fips/dsa/fips_dsa_sign.c | |||
| @@ -0,0 +1,256 @@ | |||
| 1 | /* fips_dsa_sign.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project 2007. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2007 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <string.h> | ||
| 60 | #include <openssl/evp.h> | ||
| 61 | #include <openssl/dsa.h> | ||
| 62 | #include <openssl/err.h> | ||
| 63 | #include <openssl/sha.h> | ||
| 64 | #include <openssl/bn.h> | ||
| 65 | |||
| 66 | #ifdef OPENSSL_FIPS | ||
| 67 | |||
| 68 | /* FIPS versions of DSA_sign() and DSA_verify(). | ||
| 69 | * These include a tiny ASN1 encoder/decoder to handle the specific | ||
| 70 | * case of a DSA signature. | ||
| 71 | */ | ||
| 72 | |||
| 73 | int FIPS_dsa_size(DSA *r) | ||
| 74 | { | ||
| 75 | int ilen; | ||
| 76 | ilen = BN_num_bytes(r->q); | ||
| 77 | if (ilen > 20) | ||
| 78 | return -1; | ||
| 79 | /* If MSB set need padding byte */ | ||
| 80 | ilen ++; | ||
| 81 | /* Also need 2 bytes INTEGER header for r and s plus | ||
| 82 | * 2 bytes SEQUENCE header making 6 in total. | ||
| 83 | */ | ||
| 84 | return ilen * 2 + 6; | ||
| 85 | } | ||
| 86 | |||
| 87 | /* Tiny ASN1 encoder for DSA_SIG structure. We can assume r, s smaller than | ||
| 88 | * 0x80 octets as by the DSA standards they will be less than 2^160 | ||
| 89 | */ | ||
| 90 | |||
| 91 | int FIPS_dsa_sig_encode(unsigned char *out, DSA_SIG *sig) | ||
| 92 | { | ||
| 93 | int rlen, slen, rpad, spad, seqlen; | ||
| 94 | rlen = BN_num_bytes(sig->r); | ||
| 95 | if (rlen > 20) | ||
| 96 | return -1; | ||
| 97 | if (BN_num_bits(sig->r) & 0x7) | ||
| 98 | rpad = 0; | ||
| 99 | else | ||
| 100 | rpad = 1; | ||
| 101 | slen = BN_num_bytes(sig->s); | ||
| 102 | if (slen > 20) | ||
| 103 | return -1; | ||
| 104 | if (BN_num_bits(sig->s) & 0x7) | ||
| 105 | spad = 0; | ||
| 106 | else | ||
| 107 | spad = 1; | ||
| 108 | /* Length of SEQUENCE, (1 tag + 1 len octet) * 2 + content octets */ | ||
| 109 | seqlen = rlen + rpad + slen + spad + 4; | ||
| 110 | /* Actual encoded length: include SEQUENCE header */ | ||
| 111 | if (!out) | ||
| 112 | return seqlen + 2; | ||
| 113 | |||
| 114 | /* Output SEQUENCE header */ | ||
| 115 | *out++ = V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED; | ||
| 116 | *out++ = (unsigned char)seqlen; | ||
| 117 | |||
| 118 | /* Output r */ | ||
| 119 | *out++ = V_ASN1_INTEGER; | ||
| 120 | *out++ = (unsigned char)(rlen + rpad); | ||
| 121 | if (rpad) | ||
| 122 | *out++ = 0; | ||
| 123 | BN_bn2bin(sig->r, out); | ||
| 124 | out += rlen; | ||
| 125 | |||
| 126 | /* Output s */ | ||
| 127 | *out++ = V_ASN1_INTEGER; | ||
| 128 | *out++ = (unsigned char)(slen + spad); | ||
| 129 | if (spad) | ||
| 130 | *out++ = 0; | ||
| 131 | BN_bn2bin(sig->s, out); | ||
| 132 | return seqlen + 2; | ||
| 133 | } | ||
| 134 | |||
| 135 | /* Companion DSA_SIG decoder */ | ||
| 136 | |||
| 137 | int FIPS_dsa_sig_decode(DSA_SIG *sig, const unsigned char *in, int inlen) | ||
| 138 | { | ||
| 139 | int seqlen, rlen, slen; | ||
| 140 | const unsigned char *rbin; | ||
| 141 | /* Sanity check */ | ||
| 142 | |||
| 143 | /* Need SEQUENCE tag */ | ||
| 144 | if (*in++ != (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) | ||
| 145 | return 0; | ||
| 146 | /* Get length octet */ | ||
| 147 | seqlen = *in++; | ||
| 148 | /* Check sensible length value */ | ||
| 149 | if (seqlen < 4 || seqlen > 0x7F) | ||
| 150 | return 0; | ||
| 151 | /* Check INTEGER tag */ | ||
| 152 | if (*in++ != V_ASN1_INTEGER) | ||
| 153 | return 0; | ||
| 154 | rlen = *in++; | ||
| 155 | seqlen -= 2 + rlen; | ||
| 156 | /* Check sensible seqlen value */ | ||
| 157 | if (seqlen < 2) | ||
| 158 | return 0; | ||
| 159 | rbin = in; | ||
| 160 | in += rlen; | ||
| 161 | /* Check INTEGER tag */ | ||
| 162 | if (*in++ != V_ASN1_INTEGER) | ||
| 163 | return 0; | ||
| 164 | slen = *in++; | ||
| 165 | /* Remaining bytes of SEQUENCE should exactly match | ||
| 166 | * encoding of s | ||
| 167 | */ | ||
| 168 | if (seqlen != (slen + 2)) | ||
| 169 | return 0; | ||
| 170 | if (!sig->r && !(sig->r = BN_new())) | ||
| 171 | return 0; | ||
| 172 | if (!sig->s && !(sig->s = BN_new())) | ||
| 173 | return 0; | ||
| 174 | if (!BN_bin2bn(rbin, rlen, sig->r)) | ||
| 175 | return 0; | ||
| 176 | if (!BN_bin2bn(in, slen, sig->s)) | ||
| 177 | return 0; | ||
| 178 | return 1; | ||
| 179 | } | ||
| 180 | |||
| 181 | static int fips_dsa_sign(int type, const unsigned char *x, int y, | ||
| 182 | unsigned char *sig, unsigned int *siglen, EVP_MD_SVCTX *sv) | ||
| 183 | { | ||
| 184 | DSA *dsa = sv->key; | ||
| 185 | unsigned char dig[EVP_MAX_MD_SIZE]; | ||
| 186 | unsigned int dlen; | ||
| 187 | DSA_SIG *s; | ||
| 188 | EVP_DigestFinal_ex(sv->mctx, dig, &dlen); | ||
| 189 | s=dsa->meth->dsa_do_sign(dig,dlen,dsa); | ||
| 190 | OPENSSL_cleanse(dig, dlen); | ||
| 191 | if (s == NULL) | ||
| 192 | { | ||
| 193 | *siglen=0; | ||
| 194 | return 0; | ||
| 195 | } | ||
| 196 | *siglen= FIPS_dsa_sig_encode(sig, s); | ||
| 197 | DSA_SIG_free(s); | ||
| 198 | if (*siglen < 0) | ||
| 199 | return 0; | ||
| 200 | return 1; | ||
| 201 | } | ||
| 202 | |||
| 203 | static int fips_dsa_verify(int type, const unsigned char *x, int y, | ||
| 204 | const unsigned char *sigbuf, unsigned int siglen, EVP_MD_SVCTX *sv) | ||
| 205 | { | ||
| 206 | DSA *dsa = sv->key; | ||
| 207 | DSA_SIG *s; | ||
| 208 | int ret=-1; | ||
| 209 | unsigned char dig[EVP_MAX_MD_SIZE]; | ||
| 210 | unsigned int dlen; | ||
| 211 | |||
| 212 | s = DSA_SIG_new(); | ||
| 213 | if (s == NULL) | ||
| 214 | return ret; | ||
| 215 | if (!FIPS_dsa_sig_decode(s,sigbuf,siglen)) | ||
| 216 | goto err; | ||
| 217 | EVP_DigestFinal_ex(sv->mctx, dig, &dlen); | ||
| 218 | ret=dsa->meth->dsa_do_verify(dig,dlen,s,dsa); | ||
| 219 | OPENSSL_cleanse(dig, dlen); | ||
| 220 | err: | ||
| 221 | DSA_SIG_free(s); | ||
| 222 | return ret; | ||
| 223 | } | ||
| 224 | |||
| 225 | static int init(EVP_MD_CTX *ctx) | ||
| 226 | { return SHA1_Init(ctx->md_data); } | ||
| 227 | |||
| 228 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) | ||
| 229 | { return SHA1_Update(ctx->md_data,data,count); } | ||
| 230 | |||
| 231 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | ||
| 232 | { return SHA1_Final(md,ctx->md_data); } | ||
| 233 | |||
| 234 | static const EVP_MD dss1_md= | ||
| 235 | { | ||
| 236 | NID_dsa, | ||
| 237 | NID_dsaWithSHA1, | ||
| 238 | SHA_DIGEST_LENGTH, | ||
| 239 | EVP_MD_FLAG_FIPS|EVP_MD_FLAG_SVCTX, | ||
| 240 | init, | ||
| 241 | update, | ||
| 242 | final, | ||
| 243 | NULL, | ||
| 244 | NULL, | ||
| 245 | (evp_sign_method *)fips_dsa_sign, | ||
| 246 | (evp_verify_method *)fips_dsa_verify, | ||
| 247 | {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, EVP_PKEY_DSA4,0}, | ||
| 248 | SHA_CBLOCK, | ||
| 249 | sizeof(EVP_MD *)+sizeof(SHA_CTX), | ||
| 250 | }; | ||
| 251 | |||
| 252 | const EVP_MD *EVP_dss1(void) | ||
| 253 | { | ||
| 254 | return(&dss1_md); | ||
| 255 | } | ||
| 256 | #endif | ||
diff --git a/src/lib/libssl/src/fips/dsa/fips_dsatest.c b/src/lib/libssl/src/fips/dsa/fips_dsatest.c index 7215940ede..c7e0f5164f 100644 --- a/src/lib/libssl/src/fips/dsa/fips_dsatest.c +++ b/src/lib/libssl/src/fips/dsa/fips_dsatest.c | |||
| @@ -59,6 +59,7 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <stdlib.h> | 60 | #include <stdlib.h> |
| 61 | #include <string.h> | 61 | #include <string.h> |
| 62 | #include <ctype.h> | ||
| 62 | #include <sys/types.h> | 63 | #include <sys/types.h> |
| 63 | #include <sys/stat.h> | 64 | #include <sys/stat.h> |
| 64 | 65 | ||
| @@ -68,11 +69,12 @@ | |||
| 68 | #include <openssl/rand.h> | 69 | #include <openssl/rand.h> |
| 69 | #include <openssl/bio.h> | 70 | #include <openssl/bio.h> |
| 70 | #include <openssl/err.h> | 71 | #include <openssl/err.h> |
| 72 | #include <openssl/dsa.h> | ||
| 73 | #include <openssl/bn.h> | ||
| 71 | #ifndef OPENSSL_NO_ENGINE | 74 | #ifndef OPENSSL_NO_ENGINE |
| 72 | #include <openssl/engine.h> | 75 | #include <openssl/engine.h> |
| 73 | #endif | 76 | #endif |
| 74 | #include <openssl/fips.h> | 77 | |
| 75 | #include <openssl/fips_rand.h> | ||
| 76 | 78 | ||
| 77 | #if defined(OPENSSL_NO_DSA) || !defined(OPENSSL_FIPS) | 79 | #if defined(OPENSSL_NO_DSA) || !defined(OPENSSL_FIPS) |
| 78 | int main(int argc, char *argv[]) | 80 | int main(int argc, char *argv[]) |
| @@ -81,6 +83,8 @@ int main(int argc, char *argv[]) | |||
| 81 | return(0); | 83 | return(0); |
| 82 | } | 84 | } |
| 83 | #else | 85 | #else |
| 86 | #include <openssl/fips.h> | ||
| 87 | #include <openssl/fips_rand.h> | ||
| 84 | #include <openssl/dsa.h> | 88 | #include <openssl/dsa.h> |
| 85 | 89 | ||
| 86 | #ifdef OPENSSL_SYS_WIN16 | 90 | #ifdef OPENSSL_SYS_WIN16 |
| @@ -89,100 +93,98 @@ int main(int argc, char *argv[]) | |||
| 89 | #define MS_CALLBACK | 93 | #define MS_CALLBACK |
| 90 | #endif | 94 | #endif |
| 91 | 95 | ||
| 92 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg); | 96 | #include "fips_utl.h" |
| 93 | 97 | ||
| 94 | /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to | 98 | static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb); |
| 95 | * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */ | ||
| 96 | static unsigned char seed[20]={ | ||
| 97 | 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40, | ||
| 98 | 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3, | ||
| 99 | }; | ||
| 100 | 99 | ||
| 101 | static unsigned char out_p[]={ | 100 | /* seed, out_p, out_q, out_g are taken from the earlier validation test |
| 102 | 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa, | 101 | * vectors. |
| 103 | 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb, | 102 | */ |
| 104 | 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7, | 103 | |
| 105 | 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5, | 104 | static unsigned char seed[20] = { |
| 106 | 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf, | 105 | 0x1c, 0xfb, 0xa9, 0x6c, 0xf7, 0x95, 0xb3, 0x2e, 0x01, 0x01, 0x3c, 0x8d, |
| 107 | 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac, | 106 | 0x7f, 0x6e, 0xf4, 0x59, 0xcc, 0x2f, 0x19, 0x59 |
| 108 | 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2, | 107 | }; |
| 109 | 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91, | 108 | |
| 109 | static unsigned char out_p[] = { | ||
| 110 | 0xc2, 0x3c, 0x48, 0x31, 0x7e, 0x3b, 0x4e, 0x5d, 0x3c, 0x93, 0x78, 0x60, | ||
| 111 | 0x5c, 0xf2, 0x60, 0xbb, 0x5a, 0xfa, 0x7f, 0x17, 0xf9, 0x26, 0x69, 0x46, | ||
| 112 | 0xe7, 0x07, 0xbb, 0x3b, 0x2e, 0xc4, 0xb5, 0x66, 0xf7, 0x4d, 0xae, 0x9b, | ||
| 113 | 0x8f, 0xf0, 0x42, 0xea, 0xb3, 0xa0, 0x7e, 0x81, 0x85, 0x89, 0xe6, 0xb0, | ||
| 114 | 0x29, 0x03, 0x6b, 0xcc, 0xfb, 0x8e, 0x46, 0x15, 0x4d, 0xc1, 0x69, 0xd8, | ||
| 115 | 0x2f, 0xef, 0x5c, 0x8b, 0x29, 0x32, 0x41, 0xbd, 0x13, 0x72, 0x3d, 0xac, | ||
| 116 | 0x81, 0xcc, 0x86, 0x6c, 0x06, 0x5d, 0x51, 0xa1, 0xa5, 0x07, 0x0c, 0x3e, | ||
| 117 | 0xbe, 0xdd, 0xf4, 0x6e, 0xa8, 0xed, 0xb4, 0x2f, 0xbd, 0x3e, 0x64, 0xea, | ||
| 118 | 0xee, 0x92, 0xec, 0x51, 0xe1, 0x0d, 0xab, 0x25, 0x45, 0xae, 0x55, 0x21, | ||
| 119 | 0x4d, 0xd6, 0x96, 0x6f, 0xe6, 0xaa, 0xd3, 0xca, 0x87, 0x92, 0xb1, 0x1c, | ||
| 120 | 0x3c, 0xaf, 0x29, 0x09, 0x8b, 0xc6, 0xed, 0xe1 | ||
| 110 | }; | 121 | }; |
| 111 | 122 | ||
| 112 | static unsigned char out_q[]={ | 123 | static unsigned char out_q[] = { |
| 113 | 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee, | 124 | 0xae, 0x0a, 0x8c, 0xfb, 0x80, 0xe1, 0xc6, 0xd1, 0x09, 0x0f, 0x26, 0xde, |
| 114 | 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e, | 125 | 0x91, 0x53, 0xc2, 0x8b, 0x2b, 0x0f, 0xde, 0x7f |
| 115 | 0xda,0xce,0x91,0x5f, | ||
| 116 | }; | 126 | }; |
| 117 | 127 | ||
| 118 | static unsigned char out_g[]={ | 128 | static unsigned char out_g[] = { |
| 119 | 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13, | 129 | 0x0d, 0x7d, 0x92, 0x74, 0x10, 0xf6, 0xa4, 0x43, 0x86, 0x9a, 0xd1, 0xd9, |
| 120 | 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00, | 130 | 0x56, 0x00, 0xbc, 0x18, 0x97, 0x99, 0x4e, 0x9a, 0x93, 0xfb, 0x00, 0x3d, |
| 121 | 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb, | 131 | 0x6c, 0xa0, 0x1b, 0x95, 0x6b, 0xbd, 0xf7, 0x7a, 0xbc, 0x36, 0x3f, 0x3d, |
| 122 | 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e, | 132 | 0xb9, 0xbf, 0xf9, 0x91, 0x37, 0x68, 0xd1, 0xb9, 0x1e, 0xfe, 0x7f, 0x10, |
| 123 | 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf, | 133 | 0xc0, 0x6a, 0xcd, 0x5f, 0xc1, 0x65, 0x1a, 0xb8, 0xe7, 0xab, 0xb5, 0xc6, |
| 124 | 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c, | 134 | 0x8d, 0xb7, 0x86, 0xad, 0x3a, 0xbf, 0x6b, 0x7b, 0x0a, 0x66, 0xbe, 0xd5, |
| 125 | 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c, | 135 | 0x58, 0x23, 0x16, 0x48, 0x83, 0x29, 0xb6, 0xa7, 0x64, 0xc7, 0x08, 0xbe, |
| 126 | 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02, | 136 | 0x55, 0x4c, 0x6f, 0xcb, 0x34, 0xc1, 0x73, 0xb0, 0x39, 0x68, 0x52, 0xdf, |
| 137 | 0x27, 0x7f, 0x32, 0xbc, 0x2b, 0x0d, 0x63, 0xed, 0x75, 0x3e, 0xb5, 0x54, | ||
| 138 | 0xac, 0xc8, 0x20, 0x2a, 0x73, 0xe8, 0x29, 0x51, 0x03, 0x77, 0xe8, 0xc9, | ||
| 139 | 0x61, 0x32, 0x25, 0xaf, 0x21, 0x5b, 0x6e, 0xda | ||
| 127 | }; | 140 | }; |
| 128 | 141 | ||
| 142 | |||
| 129 | static const unsigned char str1[]="12345678901234567890"; | 143 | static const unsigned char str1[]="12345678901234567890"; |
| 130 | 144 | ||
| 131 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; | 145 | static const char rnd_seed[] = "string to make the random number generator think it has entropy"; |
| 132 | static const unsigned char rnd_key1[]="12345678"; | ||
| 133 | static const unsigned char rnd_key2[]="abcdefgh"; | ||
| 134 | |||
| 135 | static BIO *bio_err=NULL; | ||
| 136 | 146 | ||
| 137 | int main(int argc, char **argv) | 147 | int main(int argc, char **argv) |
| 138 | { | 148 | { |
| 139 | DSA *dsa=NULL; | 149 | DSA *dsa=NULL; |
| 150 | EVP_PKEY pk; | ||
| 140 | int counter,ret=0,i,j; | 151 | int counter,ret=0,i,j; |
| 152 | unsigned int slen; | ||
| 141 | unsigned char buf[256]; | 153 | unsigned char buf[256]; |
| 142 | unsigned long h; | 154 | unsigned long h; |
| 143 | unsigned char sig[256]; | 155 | BN_GENCB cb; |
| 144 | unsigned int siglen; | 156 | EVP_MD_CTX mctx; |
| 157 | BN_GENCB_set(&cb, dsa_cb, stderr); | ||
| 158 | EVP_MD_CTX_init(&mctx); | ||
| 145 | 159 | ||
| 146 | if (bio_err == NULL) | 160 | if(!FIPS_mode_set(1)) |
| 147 | bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); | ||
| 148 | |||
| 149 | #ifdef OPENSSL_FIPS | ||
| 150 | if(!FIPS_mode_set(1,argv[0])) | ||
| 151 | { | 161 | { |
| 152 | ERR_print_errors(bio_err); | 162 | do_print_errors(); |
| 153 | EXIT(1); | 163 | EXIT(1); |
| 154 | } | 164 | } |
| 155 | #endif | ||
| 156 | CRYPTO_malloc_debug_init(); | ||
| 157 | CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); | ||
| 158 | CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); | ||
| 159 | |||
| 160 | ERR_load_crypto_strings(); | ||
| 161 | FIPS_set_prng_key(rnd_key1,rnd_key2); | ||
| 162 | RAND_seed(rnd_seed, sizeof rnd_seed); | ||
| 163 | 165 | ||
| 164 | BIO_printf(bio_err,"test generation of DSA parameters\n"); | 166 | fprintf(stderr,"test generation of DSA parameters\n"); |
| 165 | 167 | ||
| 166 | dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err); | 168 | dsa = FIPS_dsa_new(); |
| 169 | DSA_generate_parameters_ex(dsa, 1024,seed,20,&counter,&h,&cb); | ||
| 167 | 170 | ||
| 168 | BIO_printf(bio_err,"seed\n"); | 171 | fprintf(stderr,"seed\n"); |
| 169 | for (i=0; i<20; i+=4) | 172 | for (i=0; i<20; i+=4) |
| 170 | { | 173 | { |
| 171 | BIO_printf(bio_err,"%02X%02X%02X%02X ", | 174 | fprintf(stderr,"%02X%02X%02X%02X ", |
| 172 | seed[i],seed[i+1],seed[i+2],seed[i+3]); | 175 | seed[i],seed[i+1],seed[i+2],seed[i+3]); |
| 173 | } | 176 | } |
| 174 | BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h); | 177 | fprintf(stderr,"\ncounter=%d h=%ld\n",counter,h); |
| 175 | 178 | ||
| 176 | if (dsa == NULL) goto end; | 179 | if (dsa == NULL) goto end; |
| 177 | DSA_print(bio_err,dsa,0); | 180 | if (counter != 16) |
| 178 | if (counter != 105) | ||
| 179 | { | 181 | { |
| 180 | BIO_printf(bio_err,"counter should be 105\n"); | 182 | fprintf(stderr,"counter should be 105\n"); |
| 181 | goto end; | 183 | goto end; |
| 182 | } | 184 | } |
| 183 | if (h != 2) | 185 | if (h != 2) |
| 184 | { | 186 | { |
| 185 | BIO_printf(bio_err,"h should be 2\n"); | 187 | fprintf(stderr,"h should be 2\n"); |
| 186 | goto end; | 188 | goto end; |
| 187 | } | 189 | } |
| 188 | 190 | ||
| @@ -190,7 +192,7 @@ int main(int argc, char **argv) | |||
| 190 | j=sizeof(out_q); | 192 | j=sizeof(out_q); |
| 191 | if ((i != j) || (memcmp(buf,out_q,i) != 0)) | 193 | if ((i != j) || (memcmp(buf,out_q,i) != 0)) |
| 192 | { | 194 | { |
| 193 | BIO_printf(bio_err,"q value is wrong\n"); | 195 | fprintf(stderr,"q value is wrong\n"); |
| 194 | goto end; | 196 | goto end; |
| 195 | } | 197 | } |
| 196 | 198 | ||
| @@ -198,7 +200,7 @@ int main(int argc, char **argv) | |||
| 198 | j=sizeof(out_p); | 200 | j=sizeof(out_p); |
| 199 | if ((i != j) || (memcmp(buf,out_p,i) != 0)) | 201 | if ((i != j) || (memcmp(buf,out_p,i) != 0)) |
| 200 | { | 202 | { |
| 201 | BIO_printf(bio_err,"p value is wrong\n"); | 203 | fprintf(stderr,"p value is wrong\n"); |
| 202 | goto end; | 204 | goto end; |
| 203 | } | 205 | } |
| 204 | 206 | ||
| @@ -206,26 +208,37 @@ int main(int argc, char **argv) | |||
| 206 | j=sizeof(out_g); | 208 | j=sizeof(out_g); |
| 207 | if ((i != j) || (memcmp(buf,out_g,i) != 0)) | 209 | if ((i != j) || (memcmp(buf,out_g,i) != 0)) |
| 208 | { | 210 | { |
| 209 | BIO_printf(bio_err,"g value is wrong\n"); | 211 | fprintf(stderr,"g value is wrong\n"); |
| 210 | goto end; | 212 | goto end; |
| 211 | } | 213 | } |
| 212 | DSA_generate_key(dsa); | 214 | DSA_generate_key(dsa); |
| 213 | DSA_sign(0, str1, 20, sig, &siglen, dsa); | 215 | pk.type = EVP_PKEY_DSA; |
| 214 | if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1) | 216 | pk.pkey.dsa = dsa; |
| 215 | ret=1; | 217 | |
| 218 | if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL)) | ||
| 219 | goto end; | ||
| 220 | if (!EVP_SignUpdate(&mctx, str1, 20)) | ||
| 221 | goto end; | ||
| 222 | if (!EVP_SignFinal(&mctx, buf, &slen, &pk)) | ||
| 223 | goto end; | ||
| 224 | |||
| 225 | if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL)) | ||
| 226 | goto end; | ||
| 227 | if (!EVP_VerifyUpdate(&mctx, str1, 20)) | ||
| 228 | goto end; | ||
| 229 | if (EVP_VerifyFinal(&mctx, buf, slen, &pk) != 1) | ||
| 230 | goto end; | ||
| 231 | |||
| 232 | ret = 1; | ||
| 233 | |||
| 216 | end: | 234 | end: |
| 217 | if (!ret) | 235 | if (!ret) |
| 218 | ERR_print_errors(bio_err); | 236 | do_print_errors(); |
| 219 | if (dsa != NULL) DSA_free(dsa); | 237 | if (dsa != NULL) FIPS_dsa_free(dsa); |
| 220 | CRYPTO_cleanup_all_ex_data(); | 238 | EVP_MD_CTX_cleanup(&mctx); |
| 221 | ERR_remove_state(0); | 239 | #if 0 |
| 222 | ERR_free_strings(); | ||
| 223 | CRYPTO_mem_leaks(bio_err); | 240 | CRYPTO_mem_leaks(bio_err); |
| 224 | if (bio_err != NULL) | 241 | #endif |
| 225 | { | ||
| 226 | BIO_free(bio_err); | ||
| 227 | bio_err = NULL; | ||
| 228 | } | ||
| 229 | EXIT(!ret); | 242 | EXIT(!ret); |
| 230 | return(!ret); | 243 | return(!ret); |
| 231 | } | 244 | } |
| @@ -236,7 +249,7 @@ static int cb_exit(int ec) | |||
| 236 | return(0); /* To keep some compilers quiet */ | 249 | return(0); /* To keep some compilers quiet */ |
| 237 | } | 250 | } |
| 238 | 251 | ||
| 239 | static void MS_CALLBACK dsa_cb(int p, int n, void *arg) | 252 | static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb) |
| 240 | { | 253 | { |
| 241 | char c='*'; | 254 | char c='*'; |
| 242 | static int ok=0,num=0; | 255 | static int ok=0,num=0; |
| @@ -245,13 +258,14 @@ static void MS_CALLBACK dsa_cb(int p, int n, void *arg) | |||
| 245 | if (p == 1) c='+'; | 258 | if (p == 1) c='+'; |
| 246 | if (p == 2) { c='*'; ok++; } | 259 | if (p == 2) { c='*'; ok++; } |
| 247 | if (p == 3) c='\n'; | 260 | if (p == 3) c='\n'; |
| 248 | BIO_write(arg,&c,1); | 261 | fwrite(&c,1, 1, cb->arg); |
| 249 | (void)BIO_flush(arg); | 262 | fflush(cb->arg); |
| 250 | 263 | ||
| 251 | if (!ok && (p == 0) && (num > 1)) | 264 | if (!ok && (p == 0) && (num > 1)) |
| 252 | { | 265 | { |
| 253 | BIO_printf((BIO *)arg,"error in dsatest\n"); | 266 | fprintf(cb->arg,"error in dsatest\n"); |
| 254 | cb_exit(1); | 267 | cb_exit(1); |
| 255 | } | 268 | } |
| 269 | return 1; | ||
| 256 | } | 270 | } |
| 257 | #endif | 271 | #endif |
diff --git a/src/lib/libssl/src/fips/dsa/fips_dssvs.c b/src/lib/libssl/src/fips/dsa/fips_dssvs.c index 50a4d96986..aa74e8e636 100644 --- a/src/lib/libssl/src/fips/dsa/fips_dssvs.c +++ b/src/lib/libssl/src/fips/dsa/fips_dssvs.c | |||
| @@ -1,104 +1,64 @@ | |||
| 1 | #include <openssl/opensslconf.h> | ||
| 2 | |||
| 3 | #ifndef OPENSSL_FIPS | ||
| 4 | #include <stdio.h> | ||
| 5 | |||
| 6 | int main(int argc, char **argv) | ||
| 7 | { | ||
| 8 | printf("No FIPS DSA support\n"); | ||
| 9 | return(0); | ||
| 10 | } | ||
| 11 | #else | ||
| 12 | |||
| 1 | #include <openssl/bn.h> | 13 | #include <openssl/bn.h> |
| 2 | #include <openssl/dsa.h> | 14 | #include <openssl/dsa.h> |
| 3 | #include <openssl/fips.h> | 15 | #include <openssl/fips.h> |
| 4 | #include <openssl/err.h> | 16 | #include <openssl/err.h> |
| 5 | #include <openssl/sha.h> | 17 | #include <openssl/evp.h> |
| 6 | #include <string.h> | 18 | #include <string.h> |
| 19 | #include <ctype.h> | ||
| 7 | 20 | ||
| 8 | int hex2bin(const char *in, unsigned char *out) | 21 | #include "fips_utl.h" |
| 9 | { | ||
| 10 | int n1, n2; | ||
| 11 | unsigned char ch; | ||
| 12 | |||
| 13 | for (n1=0,n2=0 ; in[n1] && in[n1] != '\n' ; ) | ||
| 14 | { /* first byte */ | ||
| 15 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
| 16 | ch = in[n1++] - '0'; | ||
| 17 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
| 18 | ch = in[n1++] - 'A' + 10; | ||
| 19 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
| 20 | ch = in[n1++] - 'a' + 10; | ||
| 21 | else | ||
| 22 | return -1; | ||
| 23 | if(!in[n1]) | ||
| 24 | { | ||
| 25 | out[n2++]=ch; | ||
| 26 | break; | ||
| 27 | } | ||
| 28 | out[n2] = ch << 4; | ||
| 29 | /* second byte */ | ||
| 30 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
| 31 | ch = in[n1++] - '0'; | ||
| 32 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
| 33 | ch = in[n1++] - 'A' + 10; | ||
| 34 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
| 35 | ch = in[n1++] - 'a' + 10; | ||
| 36 | else | ||
| 37 | return -1; | ||
| 38 | out[n2++] |= ch; | ||
| 39 | } | ||
| 40 | return n2; | ||
| 41 | } | ||
| 42 | |||
| 43 | BIGNUM *hex2bn(const char *in) | ||
| 44 | { | ||
| 45 | BIGNUM *p=BN_new(); | ||
| 46 | |||
| 47 | BN_hex2bn(&p,in); | ||
| 48 | 22 | ||
| 49 | return p; | 23 | static void pbn(const char *name, BIGNUM *bn) |
| 50 | } | ||
| 51 | |||
| 52 | int bin2hex(const unsigned char *in,int len,char *out) | ||
| 53 | { | ||
| 54 | int n1, n2; | ||
| 55 | unsigned char ch; | ||
| 56 | |||
| 57 | for (n1=0,n2=0 ; n1 < len ; ++n1) | ||
| 58 | { | 24 | { |
| 59 | ch=in[n1] >> 4; | 25 | int len, i; |
| 60 | if (ch <= 0x09) | 26 | unsigned char *tmp; |
| 61 | out[n2++]=ch+'0'; | 27 | len = BN_num_bytes(bn); |
| 62 | else | 28 | tmp = OPENSSL_malloc(len); |
| 63 | out[n2++]=ch-10+'a'; | 29 | if (!tmp) |
| 64 | ch=in[n1] & 0x0f; | 30 | { |
| 65 | if(ch <= 0x09) | 31 | fprintf(stderr, "Memory allocation error\n"); |
| 66 | out[n2++]=ch+'0'; | 32 | return; |
| 67 | else | 33 | } |
| 68 | out[n2++]=ch-10+'a'; | 34 | BN_bn2bin(bn, tmp); |
| 35 | printf("%s = ", name); | ||
| 36 | for (i = 0; i < len; i++) | ||
| 37 | printf("%02X", tmp[i]); | ||
| 38 | fputs("\n", stdout); | ||
| 39 | OPENSSL_free(tmp); | ||
| 40 | return; | ||
| 69 | } | 41 | } |
| 70 | out[n2]='\0'; | ||
| 71 | return n2; | ||
| 72 | } | ||
| 73 | |||
| 74 | void pv(const char *tag,const unsigned char *val,int len) | ||
| 75 | { | ||
| 76 | char obuf[2048]; | ||
| 77 | |||
| 78 | bin2hex(val,len,obuf); | ||
| 79 | printf("%s = %s\n",tag,obuf); | ||
| 80 | } | ||
| 81 | |||
| 82 | void pbn(const char *tag,const BIGNUM *val) | ||
| 83 | { | ||
| 84 | printf("%s = %s\n",tag,BN_bn2hex(val)); | ||
| 85 | } | ||
| 86 | 42 | ||
| 87 | void primes() | 43 | void primes() |
| 88 | { | 44 | { |
| 89 | char buf[10240]; | 45 | char buf[10240]; |
| 46 | char lbuf[10240]; | ||
| 47 | char *keyword, *value; | ||
| 90 | 48 | ||
| 91 | while(fgets(buf,sizeof buf,stdin) != NULL) | 49 | while(fgets(buf,sizeof buf,stdin) != NULL) |
| 92 | { | 50 | { |
| 93 | fputs(buf,stdout); | 51 | fputs(buf,stdout); |
| 94 | if(!strncmp(buf,"Prime= ",7)) | 52 | if (!parse_line(&keyword, &value, lbuf, buf)) |
| 53 | continue; | ||
| 54 | if(!strcmp(keyword,"Prime")) | ||
| 95 | { | 55 | { |
| 96 | BIGNUM *pp; | 56 | BIGNUM *pp; |
| 97 | 57 | ||
| 98 | pp=BN_new(); | 58 | pp=BN_new(); |
| 99 | BN_hex2bn(&pp,buf+7); | 59 | do_hex2bn(&pp,value); |
| 100 | printf("result= %c\n", | 60 | printf("result= %c\n", |
| 101 | BN_is_prime(pp,20,NULL,NULL,NULL) ? 'P' : 'F'); | 61 | BN_is_prime_ex(pp,20,NULL,NULL) ? 'P' : 'F'); |
| 102 | } | 62 | } |
| 103 | } | 63 | } |
| 104 | } | 64 | } |
| @@ -106,15 +66,22 @@ void primes() | |||
| 106 | void pqg() | 66 | void pqg() |
| 107 | { | 67 | { |
| 108 | char buf[1024]; | 68 | char buf[1024]; |
| 69 | char lbuf[1024]; | ||
| 70 | char *keyword, *value; | ||
| 109 | int nmod=0; | 71 | int nmod=0; |
| 110 | 72 | ||
| 111 | while(fgets(buf,sizeof buf,stdin) != NULL) | 73 | while(fgets(buf,sizeof buf,stdin) != NULL) |
| 112 | { | 74 | { |
| 113 | if(!strncmp(buf,"[mod = ",7)) | 75 | if (!parse_line(&keyword, &value, lbuf, buf)) |
| 114 | nmod=atoi(buf+7); | 76 | { |
| 115 | else if(!strncmp(buf,"N = ",4)) | 77 | fputs(buf,stdout); |
| 78 | continue; | ||
| 79 | } | ||
| 80 | if(!strcmp(keyword,"[mod")) | ||
| 81 | nmod=atoi(value); | ||
| 82 | else if(!strcmp(keyword,"N")) | ||
| 116 | { | 83 | { |
| 117 | int n=atoi(buf+4); | 84 | int n=atoi(value); |
| 118 | 85 | ||
| 119 | printf("[mod = %d]\n\n",nmod); | 86 | printf("[mod = %d]\n\n",nmod); |
| 120 | 87 | ||
| @@ -124,11 +91,16 @@ void pqg() | |||
| 124 | DSA *dsa; | 91 | DSA *dsa; |
| 125 | int counter; | 92 | int counter; |
| 126 | unsigned long h; | 93 | unsigned long h; |
| 127 | 94 | dsa = FIPS_dsa_new(); | |
| 128 | dsa=DSA_generate_parameters(nmod,seed,0,&counter,&h,NULL,NULL); | 95 | |
| 129 | printf("P = %s\n",BN_bn2hex(dsa->p)); | 96 | if (!DSA_generate_parameters_ex(dsa, nmod,seed,0,&counter,&h,NULL)) |
| 130 | printf("Q = %s\n",BN_bn2hex(dsa->q)); | 97 | { |
| 131 | printf("G = %s\n",BN_bn2hex(dsa->g)); | 98 | do_print_errors(); |
| 99 | exit(1); | ||
| 100 | } | ||
| 101 | pbn("P",dsa->p); | ||
| 102 | pbn("Q",dsa->q); | ||
| 103 | pbn("G",dsa->g); | ||
| 132 | pv("Seed",seed,20); | 104 | pv("Seed",seed,20); |
| 133 | printf("c = %d\n",counter); | 105 | printf("c = %d\n",counter); |
| 134 | printf("H = %lx\n",h); | 106 | printf("H = %lx\n",h); |
| @@ -140,23 +112,226 @@ void pqg() | |||
| 140 | } | 112 | } |
| 141 | } | 113 | } |
| 142 | 114 | ||
| 115 | void pqgver() | ||
| 116 | { | ||
| 117 | char buf[1024]; | ||
| 118 | char lbuf[1024]; | ||
| 119 | char *keyword, *value; | ||
| 120 | BIGNUM *p = NULL, *q = NULL, *g = NULL; | ||
| 121 | int counter, counter2; | ||
| 122 | unsigned long h, h2; | ||
| 123 | DSA *dsa=NULL; | ||
| 124 | int nmod=0; | ||
| 125 | unsigned char seed[1024]; | ||
| 126 | |||
| 127 | while(fgets(buf,sizeof buf,stdin) != NULL) | ||
| 128 | { | ||
| 129 | if (!parse_line(&keyword, &value, lbuf, buf)) | ||
| 130 | { | ||
| 131 | fputs(buf,stdout); | ||
| 132 | continue; | ||
| 133 | } | ||
| 134 | if(!strcmp(keyword,"[mod")) | ||
| 135 | nmod=atoi(value); | ||
| 136 | else if(!strcmp(keyword,"P")) | ||
| 137 | p=hex2bn(value); | ||
| 138 | else if(!strcmp(keyword,"Q")) | ||
| 139 | q=hex2bn(value); | ||
| 140 | else if(!strcmp(keyword,"G")) | ||
| 141 | g=hex2bn(value); | ||
| 142 | else if(!strcmp(keyword,"Seed")) | ||
| 143 | { | ||
| 144 | int slen = hex2bin(value, seed); | ||
| 145 | if (slen != 20) | ||
| 146 | { | ||
| 147 | fprintf(stderr, "Seed parse length error\n"); | ||
| 148 | exit (1); | ||
| 149 | } | ||
| 150 | } | ||
| 151 | else if(!strcmp(keyword,"c")) | ||
| 152 | counter =atoi(buf+4); | ||
| 153 | else if(!strcmp(keyword,"H")) | ||
| 154 | { | ||
| 155 | h = atoi(value); | ||
| 156 | if (!p || !q || !g) | ||
| 157 | { | ||
| 158 | fprintf(stderr, "Parse Error\n"); | ||
| 159 | exit (1); | ||
| 160 | } | ||
| 161 | pbn("P",p); | ||
| 162 | pbn("Q",q); | ||
| 163 | pbn("G",g); | ||
| 164 | pv("Seed",seed,20); | ||
| 165 | printf("c = %d\n",counter); | ||
| 166 | printf("H = %lx\n",h); | ||
| 167 | dsa = FIPS_dsa_new(); | ||
| 168 | if (!DSA_generate_parameters_ex(dsa, nmod,seed,20 ,&counter2,&h2,NULL)) | ||
| 169 | { | ||
| 170 | do_print_errors(); | ||
| 171 | exit(1); | ||
| 172 | } | ||
| 173 | if (BN_cmp(dsa->p, p) || BN_cmp(dsa->q, q) || BN_cmp(dsa->g, g) | ||
| 174 | || (counter != counter2) || (h != h2)) | ||
| 175 | printf("Result = F\n"); | ||
| 176 | else | ||
| 177 | printf("Result = T\n"); | ||
| 178 | BN_free(p); | ||
| 179 | BN_free(q); | ||
| 180 | BN_free(g); | ||
| 181 | p = NULL; | ||
| 182 | q = NULL; | ||
| 183 | g = NULL; | ||
| 184 | FIPS_dsa_free(dsa); | ||
| 185 | dsa = NULL; | ||
| 186 | } | ||
| 187 | } | ||
| 188 | } | ||
| 189 | |||
| 190 | /* Keypair verification routine. NB: this isn't part of the standard FIPS140-2 | ||
| 191 | * algorithm tests. It is an additional test to perform sanity checks on the | ||
| 192 | * output of the KeyPair test. | ||
| 193 | */ | ||
| 194 | |||
| 195 | static int dss_paramcheck(int nmod, BIGNUM *p, BIGNUM *q, BIGNUM *g, | ||
| 196 | BN_CTX *ctx) | ||
| 197 | { | ||
| 198 | BIGNUM *rem = NULL; | ||
| 199 | if (BN_num_bits(p) != nmod) | ||
| 200 | return 0; | ||
| 201 | if (BN_num_bits(q) != 160) | ||
| 202 | return 0; | ||
| 203 | if (BN_is_prime_ex(p, BN_prime_checks, ctx, NULL) != 1) | ||
| 204 | return 0; | ||
| 205 | if (BN_is_prime_ex(q, BN_prime_checks, ctx, NULL) != 1) | ||
| 206 | return 0; | ||
| 207 | rem = BN_new(); | ||
| 208 | if (!BN_mod(rem, p, q, ctx) || !BN_is_one(rem) | ||
| 209 | || (BN_cmp(g, BN_value_one()) <= 0) | ||
| 210 | || !BN_mod_exp(rem, g, q, p, ctx) || !BN_is_one(rem)) | ||
| 211 | { | ||
| 212 | BN_free(rem); | ||
| 213 | return 0; | ||
| 214 | } | ||
| 215 | /* Todo: check g */ | ||
| 216 | BN_free(rem); | ||
| 217 | return 1; | ||
| 218 | } | ||
| 219 | |||
| 220 | void keyver() | ||
| 221 | { | ||
| 222 | char buf[1024]; | ||
| 223 | char lbuf[1024]; | ||
| 224 | char *keyword, *value; | ||
| 225 | BIGNUM *p = NULL, *q = NULL, *g = NULL, *X = NULL, *Y = NULL; | ||
| 226 | BIGNUM *Y2; | ||
| 227 | BN_CTX *ctx = NULL; | ||
| 228 | int nmod=0, paramcheck = 0; | ||
| 229 | |||
| 230 | ctx = BN_CTX_new(); | ||
| 231 | Y2 = BN_new(); | ||
| 232 | |||
| 233 | while(fgets(buf,sizeof buf,stdin) != NULL) | ||
| 234 | { | ||
| 235 | if (!parse_line(&keyword, &value, lbuf, buf)) | ||
| 236 | { | ||
| 237 | fputs(buf,stdout); | ||
| 238 | continue; | ||
| 239 | } | ||
| 240 | if(!strcmp(keyword,"[mod")) | ||
| 241 | { | ||
| 242 | if (p) | ||
| 243 | BN_free(p); | ||
| 244 | p = NULL; | ||
| 245 | if (q) | ||
| 246 | BN_free(q); | ||
| 247 | q = NULL; | ||
| 248 | if (g) | ||
| 249 | BN_free(g); | ||
| 250 | g = NULL; | ||
| 251 | paramcheck = 0; | ||
| 252 | nmod=atoi(value); | ||
| 253 | } | ||
| 254 | else if(!strcmp(keyword,"P")) | ||
| 255 | p=hex2bn(value); | ||
| 256 | else if(!strcmp(keyword,"Q")) | ||
| 257 | q=hex2bn(value); | ||
| 258 | else if(!strcmp(keyword,"G")) | ||
| 259 | g=hex2bn(value); | ||
| 260 | else if(!strcmp(keyword,"X")) | ||
| 261 | X=hex2bn(value); | ||
| 262 | else if(!strcmp(keyword,"Y")) | ||
| 263 | { | ||
| 264 | Y=hex2bn(value); | ||
| 265 | if (!p || !q || !g || !X || !Y) | ||
| 266 | { | ||
| 267 | fprintf(stderr, "Parse Error\n"); | ||
| 268 | exit (1); | ||
| 269 | } | ||
| 270 | pbn("P",p); | ||
| 271 | pbn("Q",q); | ||
| 272 | pbn("G",g); | ||
| 273 | pbn("X",X); | ||
| 274 | pbn("Y",Y); | ||
| 275 | if (!paramcheck) | ||
| 276 | { | ||
| 277 | if (dss_paramcheck(nmod, p, q, g, ctx)) | ||
| 278 | paramcheck = 1; | ||
| 279 | else | ||
| 280 | paramcheck = -1; | ||
| 281 | } | ||
| 282 | if (paramcheck != 1) | ||
| 283 | printf("Result = F\n"); | ||
| 284 | else | ||
| 285 | { | ||
| 286 | if (!BN_mod_exp(Y2, g, X, p, ctx) || BN_cmp(Y2, Y)) | ||
| 287 | printf("Result = F\n"); | ||
| 288 | else | ||
| 289 | printf("Result = T\n"); | ||
| 290 | } | ||
| 291 | BN_free(X); | ||
| 292 | BN_free(Y); | ||
| 293 | X = NULL; | ||
| 294 | Y = NULL; | ||
| 295 | } | ||
| 296 | } | ||
| 297 | if (p) | ||
| 298 | BN_free(p); | ||
| 299 | if (q) | ||
| 300 | BN_free(q); | ||
| 301 | if (g) | ||
| 302 | BN_free(g); | ||
| 303 | if (Y2) | ||
| 304 | BN_free(Y2); | ||
| 305 | } | ||
| 306 | |||
| 143 | void keypair() | 307 | void keypair() |
| 144 | { | 308 | { |
| 145 | char buf[1024]; | 309 | char buf[1024]; |
| 310 | char lbuf[1024]; | ||
| 311 | char *keyword, *value; | ||
| 146 | int nmod=0; | 312 | int nmod=0; |
| 147 | 313 | ||
| 148 | while(fgets(buf,sizeof buf,stdin) != NULL) | 314 | while(fgets(buf,sizeof buf,stdin) != NULL) |
| 149 | { | 315 | { |
| 150 | if(!strncmp(buf,"[mod = ",7)) | 316 | if (!parse_line(&keyword, &value, lbuf, buf)) |
| 151 | nmod=atoi(buf+7); | 317 | { |
| 152 | else if(!strncmp(buf,"N = ",4)) | 318 | fputs(buf,stdout); |
| 319 | continue; | ||
| 320 | } | ||
| 321 | if(!strcmp(keyword,"[mod")) | ||
| 322 | nmod=atoi(value); | ||
| 323 | else if(!strcmp(keyword,"N")) | ||
| 153 | { | 324 | { |
| 154 | DSA *dsa; | 325 | DSA *dsa; |
| 155 | int n=atoi(buf+4); | 326 | int n=atoi(value); |
| 156 | 327 | ||
| 157 | printf("[mod = %d]\n\n",nmod); | 328 | printf("[mod = %d]\n\n",nmod); |
| 158 | 329 | dsa = FIPS_dsa_new(); | |
| 159 | dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL); | 330 | if (!DSA_generate_parameters_ex(dsa, nmod,NULL,0,NULL,NULL,NULL)) |
| 331 | { | ||
| 332 | do_print_errors(); | ||
| 333 | exit(1); | ||
| 334 | } | ||
| 160 | pbn("P",dsa->p); | 335 | pbn("P",dsa->p); |
| 161 | pbn("Q",dsa->q); | 336 | pbn("Q",dsa->q); |
| 162 | pbn("G",dsa->g); | 337 | pbn("G",dsa->g); |
| @@ -164,7 +339,11 @@ void keypair() | |||
| 164 | 339 | ||
| 165 | while(n--) | 340 | while(n--) |
| 166 | { | 341 | { |
| 167 | DSA_generate_key(dsa); | 342 | if (!DSA_generate_key(dsa)) |
| 343 | { | ||
| 344 | do_print_errors(); | ||
| 345 | exit(1); | ||
| 346 | } | ||
| 168 | 347 | ||
| 169 | pbn("X",dsa->priv_key); | 348 | pbn("X",dsa->priv_key); |
| 170 | pbn("Y",dsa->pub_key); | 349 | pbn("Y",dsa->pub_key); |
| @@ -177,68 +356,110 @@ void keypair() | |||
| 177 | void siggen() | 356 | void siggen() |
| 178 | { | 357 | { |
| 179 | char buf[1024]; | 358 | char buf[1024]; |
| 359 | char lbuf[1024]; | ||
| 360 | char *keyword, *value; | ||
| 180 | int nmod=0; | 361 | int nmod=0; |
| 181 | DSA *dsa=NULL; | 362 | DSA *dsa=NULL; |
| 182 | 363 | ||
| 183 | while(fgets(buf,sizeof buf,stdin) != NULL) | 364 | while(fgets(buf,sizeof buf,stdin) != NULL) |
| 184 | { | 365 | { |
| 185 | if(!strncmp(buf,"[mod = ",7)) | 366 | if (!parse_line(&keyword, &value, lbuf, buf)) |
| 367 | { | ||
| 368 | fputs(buf,stdout); | ||
| 369 | continue; | ||
| 370 | } | ||
| 371 | if(!strcmp(keyword,"[mod")) | ||
| 186 | { | 372 | { |
| 187 | nmod=atoi(buf+7); | 373 | nmod=atoi(value); |
| 188 | printf("[mod = %d]\n\n",nmod); | 374 | printf("[mod = %d]\n\n",nmod); |
| 189 | 375 | if (dsa) | |
| 190 | dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL); | 376 | FIPS_dsa_free(dsa); |
| 377 | dsa = FIPS_dsa_new(); | ||
| 378 | if (!DSA_generate_parameters_ex(dsa, nmod,NULL,0,NULL,NULL,NULL)) | ||
| 379 | { | ||
| 380 | do_print_errors(); | ||
| 381 | exit(1); | ||
| 382 | } | ||
| 191 | pbn("P",dsa->p); | 383 | pbn("P",dsa->p); |
| 192 | pbn("Q",dsa->q); | 384 | pbn("Q",dsa->q); |
| 193 | pbn("G",dsa->g); | 385 | pbn("G",dsa->g); |
| 194 | putc('\n',stdout); | 386 | putc('\n',stdout); |
| 195 | } | 387 | } |
| 196 | else if(!strncmp(buf,"Msg = ",6)) | 388 | else if(!strcmp(keyword,"Msg")) |
| 197 | { | 389 | { |
| 198 | unsigned char msg[1024]; | 390 | unsigned char msg[1024]; |
| 199 | unsigned char hash[20]; | 391 | unsigned char sbuf[60]; |
| 392 | unsigned int slen; | ||
| 200 | int n; | 393 | int n; |
| 394 | EVP_PKEY pk; | ||
| 395 | EVP_MD_CTX mctx; | ||
| 201 | DSA_SIG *sig; | 396 | DSA_SIG *sig; |
| 397 | EVP_MD_CTX_init(&mctx); | ||
| 202 | 398 | ||
| 203 | n=hex2bin(buf+6,msg); | 399 | n=hex2bin(value,msg); |
| 204 | pv("Msg",msg,n); | 400 | pv("Msg",msg,n); |
| 205 | 401 | ||
| 206 | DSA_generate_key(dsa); | 402 | if (!DSA_generate_key(dsa)) |
| 403 | { | ||
| 404 | do_print_errors(); | ||
| 405 | exit(1); | ||
| 406 | } | ||
| 407 | pk.type = EVP_PKEY_DSA; | ||
| 408 | pk.pkey.dsa = dsa; | ||
| 207 | pbn("Y",dsa->pub_key); | 409 | pbn("Y",dsa->pub_key); |
| 208 | 410 | ||
| 209 | SHA1(msg,n,hash); | 411 | EVP_SignInit_ex(&mctx, EVP_dss1(), NULL); |
| 210 | sig=DSA_do_sign(hash,sizeof hash,dsa); | 412 | EVP_SignUpdate(&mctx, msg, n); |
| 413 | EVP_SignFinal(&mctx, sbuf, &slen, &pk); | ||
| 414 | |||
| 415 | sig = DSA_SIG_new(); | ||
| 416 | FIPS_dsa_sig_decode(sig, sbuf, slen); | ||
| 417 | |||
| 211 | pbn("R",sig->r); | 418 | pbn("R",sig->r); |
| 212 | pbn("S",sig->s); | 419 | pbn("S",sig->s); |
| 213 | putc('\n',stdout); | 420 | putc('\n',stdout); |
| 421 | DSA_SIG_free(sig); | ||
| 422 | EVP_MD_CTX_cleanup(&mctx); | ||
| 214 | } | 423 | } |
| 215 | } | 424 | } |
| 425 | if (dsa) | ||
| 426 | FIPS_dsa_free(dsa); | ||
| 216 | } | 427 | } |
| 217 | 428 | ||
| 218 | void sigver() | 429 | void sigver() |
| 219 | { | 430 | { |
| 220 | DSA *dsa=NULL; | 431 | DSA *dsa=NULL; |
| 221 | char buf[1024]; | 432 | char buf[1024]; |
| 222 | int nmod=0; | 433 | char lbuf[1024]; |
| 223 | unsigned char hash[20]; | 434 | unsigned char msg[1024]; |
| 224 | DSA_SIG *sig=DSA_SIG_new(); | 435 | char *keyword, *value; |
| 436 | int nmod=0, n=0; | ||
| 437 | DSA_SIG sg, *sig = &sg; | ||
| 438 | |||
| 439 | sig->r = NULL; | ||
| 440 | sig->s = NULL; | ||
| 225 | 441 | ||
| 226 | while(fgets(buf,sizeof buf,stdin) != NULL) | 442 | while(fgets(buf,sizeof buf,stdin) != NULL) |
| 227 | { | 443 | { |
| 228 | if(!strncmp(buf,"[mod = ",7)) | 444 | if (!parse_line(&keyword, &value, lbuf, buf)) |
| 445 | { | ||
| 446 | fputs(buf,stdout); | ||
| 447 | continue; | ||
| 448 | } | ||
| 449 | if(!strcmp(keyword,"[mod")) | ||
| 229 | { | 450 | { |
| 230 | nmod=atoi(buf+7); | 451 | nmod=atoi(value); |
| 231 | if(dsa) | 452 | if(dsa) |
| 232 | DSA_free(dsa); | 453 | FIPS_dsa_free(dsa); |
| 233 | dsa=DSA_new(); | 454 | dsa=FIPS_dsa_new(); |
| 234 | } | 455 | } |
| 235 | else if(!strncmp(buf,"P = ",4)) | 456 | else if(!strcmp(keyword,"P")) |
| 236 | dsa->p=hex2bn(buf+4); | 457 | dsa->p=hex2bn(value); |
| 237 | else if(!strncmp(buf,"Q = ",4)) | 458 | else if(!strcmp(keyword,"Q")) |
| 238 | dsa->q=hex2bn(buf+4); | 459 | dsa->q=hex2bn(value); |
| 239 | else if(!strncmp(buf,"G = ",4)) | 460 | else if(!strcmp(keyword,"G")) |
| 240 | { | 461 | { |
| 241 | dsa->g=hex2bn(buf+4); | 462 | dsa->g=hex2bn(value); |
| 242 | 463 | ||
| 243 | printf("[mod = %d]\n\n",nmod); | 464 | printf("[mod = %d]\n\n",nmod); |
| 244 | pbn("P",dsa->p); | 465 | pbn("P",dsa->p); |
| @@ -246,28 +467,38 @@ void sigver() | |||
| 246 | pbn("G",dsa->g); | 467 | pbn("G",dsa->g); |
| 247 | putc('\n',stdout); | 468 | putc('\n',stdout); |
| 248 | } | 469 | } |
| 249 | else if(!strncmp(buf,"Msg = ",6)) | 470 | else if(!strcmp(keyword,"Msg")) |
| 250 | { | 471 | { |
| 251 | unsigned char msg[1024]; | 472 | n=hex2bin(value,msg); |
| 252 | int n; | ||
| 253 | |||
| 254 | n=hex2bin(buf+6,msg); | ||
| 255 | pv("Msg",msg,n); | 473 | pv("Msg",msg,n); |
| 256 | SHA1(msg,n,hash); | ||
| 257 | } | 474 | } |
| 258 | else if(!strncmp(buf,"Y = ",4)) | 475 | else if(!strcmp(keyword,"Y")) |
| 259 | dsa->pub_key=hex2bn(buf+4); | 476 | dsa->pub_key=hex2bn(value); |
| 260 | else if(!strncmp(buf,"R = ",4)) | 477 | else if(!strcmp(keyword,"R")) |
| 261 | sig->r=hex2bn(buf+4); | 478 | sig->r=hex2bn(value); |
| 262 | else if(!strncmp(buf,"S = ",4)) | 479 | else if(!strcmp(keyword,"S")) |
| 263 | { | 480 | { |
| 264 | sig->s=hex2bn(buf+4); | 481 | EVP_MD_CTX mctx; |
| 482 | EVP_PKEY pk; | ||
| 483 | unsigned char sigbuf[60]; | ||
| 484 | unsigned int slen; | ||
| 485 | int r; | ||
| 486 | EVP_MD_CTX_init(&mctx); | ||
| 487 | pk.type = EVP_PKEY_DSA; | ||
| 488 | pk.pkey.dsa = dsa; | ||
| 489 | sig->s=hex2bn(value); | ||
| 265 | 490 | ||
| 266 | pbn("Y",dsa->pub_key); | 491 | pbn("Y",dsa->pub_key); |
| 267 | pbn("R",sig->r); | 492 | pbn("R",sig->r); |
| 268 | pbn("S",sig->s); | 493 | pbn("S",sig->s); |
| 269 | printf("Result = %c\n",DSA_do_verify(hash,sizeof hash,sig,dsa) | 494 | |
| 270 | ? 'P' : 'F'); | 495 | slen = FIPS_dsa_sig_encode(sigbuf, sig); |
| 496 | EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL); | ||
| 497 | EVP_VerifyUpdate(&mctx, msg, n); | ||
| 498 | r = EVP_VerifyFinal(&mctx, sigbuf, slen, &pk); | ||
| 499 | EVP_MD_CTX_cleanup(&mctx); | ||
| 500 | |||
| 501 | printf("Result = %c\n", r == 1 ? 'P' : 'F'); | ||
| 271 | putc('\n',stdout); | 502 | putc('\n',stdout); |
| 272 | } | 503 | } |
| 273 | } | 504 | } |
| @@ -277,21 +508,24 @@ int main(int argc,char **argv) | |||
| 277 | { | 508 | { |
| 278 | if(argc != 2) | 509 | if(argc != 2) |
| 279 | { | 510 | { |
| 280 | fprintf(stderr,"%s [prime|pqg]\n",argv[0]); | 511 | fprintf(stderr,"%s [prime|pqg|pqgver|keypair|siggen|sigver]\n",argv[0]); |
| 281 | exit(1); | 512 | exit(1); |
| 282 | } | 513 | } |
| 283 | if(!FIPS_mode_set(1,argv[0])) | 514 | if(!FIPS_mode_set(1)) |
| 284 | { | 515 | { |
| 285 | ERR_load_crypto_strings(); | 516 | do_print_errors(); |
| 286 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | ||
| 287 | exit(1); | 517 | exit(1); |
| 288 | } | 518 | } |
| 289 | if(!strcmp(argv[1],"prime")) | 519 | if(!strcmp(argv[1],"prime")) |
| 290 | primes(); | 520 | primes(); |
| 291 | else if(!strcmp(argv[1],"pqg")) | 521 | else if(!strcmp(argv[1],"pqg")) |
| 292 | pqg(); | 522 | pqg(); |
| 523 | else if(!strcmp(argv[1],"pqgver")) | ||
| 524 | pqgver(); | ||
| 293 | else if(!strcmp(argv[1],"keypair")) | 525 | else if(!strcmp(argv[1],"keypair")) |
| 294 | keypair(); | 526 | keypair(); |
| 527 | else if(!strcmp(argv[1],"keyver")) | ||
| 528 | keyver(); | ||
| 295 | else if(!strcmp(argv[1],"siggen")) | 529 | else if(!strcmp(argv[1],"siggen")) |
| 296 | siggen(); | 530 | siggen(); |
| 297 | else if(!strcmp(argv[1],"sigver")) | 531 | else if(!strcmp(argv[1],"sigver")) |
| @@ -304,3 +538,5 @@ int main(int argc,char **argv) | |||
| 304 | 538 | ||
| 305 | return 0; | 539 | return 0; |
| 306 | } | 540 | } |
| 541 | |||
| 542 | #endif | ||
diff --git a/src/lib/libssl/src/fips/fips-lib.com b/src/lib/libssl/src/fips/fips-lib.com index f3571bf845..539117b2ed 100644 --- a/src/lib/libssl/src/fips/fips-lib.com +++ b/src/lib/libssl/src/fips/fips-lib.com | |||
| @@ -75,7 +75,7 @@ $ ENDIF | |||
| 75 | $! | 75 | $! |
| 76 | $! Define The Different Encryption Types. | 76 | $! Define The Different Encryption Types. |
| 77 | $! | 77 | $! |
| 78 | $ ENCRYPT_TYPES = "Basic,SHA1,RAND,DES,AES,DSA,RSA,DH" | 78 | $ ENCRYPT_TYPES = "Basic,SHA,RAND,DES,AES,DSA,RSA,DH,HMAC" |
| 79 | $! | 79 | $! |
| 80 | $! Check To Make Sure We Have Valid Command Line Parameters. | 80 | $! Check To Make Sure We Have Valid Command Line Parameters. |
| 81 | $! | 81 | $! |
| @@ -151,20 +151,26 @@ $! | |||
| 151 | $! Define The Different Encryption "library" Strings. | 151 | $! Define The Different Encryption "library" Strings. |
| 152 | $! | 152 | $! |
| 153 | $ LIB_ = "fips,fips_err_wrapper" | 153 | $ LIB_ = "fips,fips_err_wrapper" |
| 154 | $ LIB_SHA1 = "fips_sha1dgst,fips_sha1_selftest" | 154 | $ LIB_SHA = "fips_sha1dgst,fips_sha1_selftest,fips_sha256,fips_sha512" |
| 155 | $ LIB_RAND = "fips_rand" | 155 | $ LIB_RAND = "fips_rand,fips_rand_selftest" |
| 156 | $ LIB_DES = "fips_des_enc,fips_des_selftest,fips_set_key" | 156 | $ LIB_DES = "fips_des_enc,fips_des_selftest,fips_set_key" |
| 157 | $ LIB_AES = "fips_aes_core,fips_aes_selftest" | 157 | $ LIB_AES = "fips_aes_core,fips_aes_selftest" |
| 158 | $ LIB_DSA = "fips_dsa_ossl,fips_dsa_gen,fips_dsa_selftest" | 158 | $ LIB_DSA = "fips_dsa_ossl,fips_dsa_gen,fips_dsa_selftest" |
| 159 | $ LIB_RSA = "fips_rsa_eay,fips_rsa_gen,fips_rsa_selftest" | 159 | $ LIB_RSA = "fips_rsa_eay,fips_rsa_gen,fips_rsa_selftest,fips_rsa_x931g" |
| 160 | $ LIB_DH = "fips_dh_check,fips_dh_gen,fips_dh_key" | 160 | $ LIB_DH = "fips_dh_check,fips_dh_gen,fips_dh_key" |
| 161 | $ LIB_HMAC = "fips_hmac,fips_hmac_selftest" | ||
| 161 | $! | 162 | $! |
| 162 | $! Setup exceptional compilations | 163 | $! Setup exceptional compilations |
| 163 | $! | 164 | $! |
| 165 | $ ! Add definitions for no threads on OpenVMS 7.1 and higher | ||
| 164 | $ COMPILEWITH_CC3 = ",bss_rtcp," | 166 | $ COMPILEWITH_CC3 = ",bss_rtcp," |
| 167 | $ ! Disable the DOLLARID warning | ||
| 165 | $ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," | 168 | $ COMPILEWITH_CC4 = ",a_utctm,bss_log,o_time," |
| 169 | $ ! Disable disjoint optimization | ||
| 166 | $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - | 170 | $ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + - |
| 167 | "sha_dgst,sha1dgst,rmd_dgst,bf_enc," | 171 | "sha_dgst,sha1dgst,rmd_dgst,bf_enc," |
| 172 | $ ! Disable the MIXLINKAGE warning | ||
| 173 | $ COMPILEWITH_CC6 = ",fips_set_key," | ||
| 168 | $! | 174 | $! |
| 169 | $! Figure Out What Other Modules We Are To Build. | 175 | $! Figure Out What Other Modules We Are To Build. |
| 170 | $! | 176 | $! |
| @@ -393,7 +399,12 @@ $ IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5 | |||
| 393 | $ THEN | 399 | $ THEN |
| 394 | $ CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE' | 400 | $ CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE' |
| 395 | $ ELSE | 401 | $ ELSE |
| 396 | $ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE' | 402 | $ IF COMPILEWITH_CC6 - FILE_NAME0 .NES. COMPILEWITH_CC6 |
| 403 | $ THEN | ||
| 404 | $ CC6/OBJECT='OBJECT_FILE' 'SOURCE_FILE' | ||
| 405 | $ ELSE | ||
| 406 | $ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE' | ||
| 407 | $ ENDIF | ||
| 397 | $ ENDIF | 408 | $ ENDIF |
| 398 | $ ENDIF | 409 | $ ENDIF |
| 399 | $ ENDIF | 410 | $ ENDIF |
| @@ -856,7 +867,7 @@ $ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS" | |||
| 856 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS | 867 | $ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS |
| 857 | $ CCEXTRAFLAGS = "" | 868 | $ CCEXTRAFLAGS = "" |
| 858 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS | 869 | $ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS |
| 859 | $ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX" | 870 | $ CCDISABLEWARNINGS = "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR" |
| 860 | $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - | 871 | $ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN - |
| 861 | CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS | 872 | CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS |
| 862 | $! | 873 | $! |
| @@ -973,14 +984,18 @@ $ THEN | |||
| 973 | $ IF CCDISABLEWARNINGS .EQS. "" | 984 | $ IF CCDISABLEWARNINGS .EQS. "" |
| 974 | $ THEN | 985 | $ THEN |
| 975 | $ CC4DISABLEWARNINGS = "DOLLARID" | 986 | $ CC4DISABLEWARNINGS = "DOLLARID" |
| 987 | $ CC6DISABLEWARNINGS = "MIXLINKAGE" | ||
| 976 | $ ELSE | 988 | $ ELSE |
| 977 | $ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID" | 989 | $ CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID" |
| 990 | $ CC6DISABLEWARNINGS = CCDISABLEWARNINGS + ",MIXLINKAGE" | ||
| 978 | $ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))" | 991 | $ CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))" |
| 979 | $ ENDIF | 992 | $ ENDIF |
| 980 | $ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))" | 993 | $ CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))" |
| 994 | $ CC6DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC6DISABLEWARNINGS + "))" | ||
| 981 | $ ELSE | 995 | $ ELSE |
| 982 | $ CCDISABLEWARNINGS = "" | 996 | $ CCDISABLEWARNINGS = "" |
| 983 | $ CC4DISABLEWARNINGS = "" | 997 | $ CC4DISABLEWARNINGS = "" |
| 998 | $ CC6DISABLEWARNINGS = "" | ||
| 984 | $ ENDIF | 999 | $ ENDIF |
| 985 | $ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS | 1000 | $ CC3 = CC + "/DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS |
| 986 | $ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS | 1001 | $ CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS |
| @@ -991,6 +1006,7 @@ $ ELSE | |||
| 991 | $ CC5 = CC + "/NOOPTIMIZE" | 1006 | $ CC5 = CC + "/NOOPTIMIZE" |
| 992 | $ ENDIF | 1007 | $ ENDIF |
| 993 | $ CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS | 1008 | $ CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS |
| 1009 | $ CC6 = CC - CCDISABLEWARNINGS + CC6DISABLEWARNINGS | ||
| 994 | $! | 1010 | $! |
| 995 | $! Show user the result | 1011 | $! Show user the result |
| 996 | $! | 1012 | $! |
| @@ -1153,7 +1169,7 @@ $! Save directory information | |||
| 1153 | $! | 1169 | $! |
| 1154 | $ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;" | 1170 | $ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;" |
| 1155 | $ __HERE = F$EDIT(__HERE,"UPCASE") | 1171 | $ __HERE = F$EDIT(__HERE,"UPCASE") |
| 1156 | $ __TOP = __HERE - "FIPS]" | 1172 | $ __TOP = __HERE - "FIPS-1_0]" |
| 1157 | $ __INCLUDE = __TOP + "INCLUDE.OPENSSL]" | 1173 | $ __INCLUDE = __TOP + "INCLUDE.OPENSSL]" |
| 1158 | $! | 1174 | $! |
| 1159 | $! Set up the logical name OPENSSL to point at the include directory | 1175 | $! Set up the logical name OPENSSL to point at the include directory |
diff --git a/src/lib/libssl/src/fips/fips-nodiff.txt b/src/lib/libssl/src/fips/fips-nodiff.txt new file mode 100644 index 0000000000..fb2944b4fc --- /dev/null +++ b/src/lib/libssl/src/fips/fips-nodiff.txt | |||
| @@ -0,0 +1,7 @@ | |||
| 1 | KeyPair.rsp | ||
| 2 | PQGGen.rsp | ||
| 3 | SigGen.rsp | ||
| 4 | SigGen15.rsp | ||
| 5 | SigGenPSS.rsp | ||
| 6 | SigGenRSA.rsp | ||
| 7 | SigGenPSS.rsp | ||
diff --git a/src/lib/libssl/src/fips/fips.c b/src/lib/libssl/src/fips/fips.c index 7ecba57f70..7dcc34403f 100644 --- a/src/lib/libssl/src/fips/fips.c +++ b/src/lib/libssl/src/fips/fips.c | |||
| @@ -47,50 +47,80 @@ | |||
| 47 | * | 47 | * |
| 48 | */ | 48 | */ |
| 49 | 49 | ||
| 50 | #include <openssl/fips.h> | 50 | |
| 51 | #include <openssl/rand.h> | 51 | #include <openssl/rand.h> |
| 52 | #include <openssl/fips_rand.h> | 52 | #include <openssl/fips_rand.h> |
| 53 | #include <openssl/err.h> | 53 | #include <openssl/err.h> |
| 54 | #include <openssl/bio.h> | 54 | #include <openssl/bio.h> |
| 55 | #include <openssl/hmac.h> | 55 | #include <openssl/hmac.h> |
| 56 | #include <openssl/rsa.h> | ||
| 56 | #include <string.h> | 57 | #include <string.h> |
| 57 | #include <limits.h> | 58 | #include <limits.h> |
| 58 | #include "fips_locl.h" | 59 | #include "fips_locl.h" |
| 59 | 60 | ||
| 60 | #ifdef OPENSSL_FIPS | 61 | #ifdef OPENSSL_FIPS |
| 61 | 62 | ||
| 63 | #include <openssl/fips.h> | ||
| 64 | |||
| 62 | #ifndef PATH_MAX | 65 | #ifndef PATH_MAX |
| 63 | #define PATH_MAX 1024 | 66 | #define PATH_MAX 1024 |
| 64 | #endif | 67 | #endif |
| 65 | 68 | ||
| 66 | static int fips_md5_allowed = 0; | 69 | static int fips_selftest_fail; |
| 67 | static int fips_selftest_fail = 0; | 70 | static int fips_mode; |
| 71 | static const void *fips_rand_check; | ||
| 68 | 72 | ||
| 69 | void FIPS_allow_md5(int onoff) | 73 | static void fips_set_mode(int onoff) |
| 70 | { | ||
| 71 | if (fips_is_started()) | ||
| 72 | { | 74 | { |
| 73 | int owning_thread = fips_is_owning_thread(); | 75 | int owning_thread = fips_is_owning_thread(); |
| 74 | 76 | ||
| 75 | if (!owning_thread) CRYPTO_w_lock(CRYPTO_LOCK_FIPS); | 77 | if (fips_is_started()) |
| 76 | fips_md5_allowed = onoff; | 78 | { |
| 77 | if (!owning_thread) CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); | 79 | if (!owning_thread) fips_w_lock(); |
| 80 | fips_mode = onoff; | ||
| 81 | if (!owning_thread) fips_w_unlock(); | ||
| 82 | } | ||
| 78 | } | 83 | } |
| 79 | } | ||
| 80 | 84 | ||
| 81 | int FIPS_md5_allowed(void) | 85 | static void fips_set_rand_check(const void *rand_check) |
| 82 | { | ||
| 83 | int ret = 1; | ||
| 84 | if (fips_is_started()) | ||
| 85 | { | 86 | { |
| 86 | int owning_thread = fips_is_owning_thread(); | 87 | int owning_thread = fips_is_owning_thread(); |
| 87 | 88 | ||
| 88 | if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS); | 89 | if (fips_is_started()) |
| 89 | ret = fips_md5_allowed; | 90 | { |
| 90 | if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); | 91 | if (!owning_thread) fips_w_lock(); |
| 92 | fips_rand_check = rand_check; | ||
| 93 | if (!owning_thread) fips_w_unlock(); | ||
| 94 | } | ||
| 95 | } | ||
| 96 | |||
| 97 | int FIPS_mode(void) | ||
| 98 | { | ||
| 99 | int ret = 0; | ||
| 100 | int owning_thread = fips_is_owning_thread(); | ||
| 101 | |||
| 102 | if (fips_is_started()) | ||
| 103 | { | ||
| 104 | if (!owning_thread) fips_r_lock(); | ||
| 105 | ret = fips_mode; | ||
| 106 | if (!owning_thread) fips_r_unlock(); | ||
| 107 | } | ||
| 108 | return ret; | ||
| 109 | } | ||
| 110 | |||
| 111 | const void *FIPS_rand_check(void) | ||
| 112 | { | ||
| 113 | const void *ret = 0; | ||
| 114 | int owning_thread = fips_is_owning_thread(); | ||
| 115 | |||
| 116 | if (fips_is_started()) | ||
| 117 | { | ||
| 118 | if (!owning_thread) fips_r_lock(); | ||
| 119 | ret = fips_rand_check; | ||
| 120 | if (!owning_thread) fips_r_unlock(); | ||
| 121 | } | ||
| 122 | return ret; | ||
| 91 | } | 123 | } |
| 92 | return ret; | ||
| 93 | } | ||
| 94 | 124 | ||
| 95 | int FIPS_selftest_failed(void) | 125 | int FIPS_selftest_failed(void) |
| 96 | { | 126 | { |
| @@ -99,99 +129,134 @@ int FIPS_selftest_failed(void) | |||
| 99 | { | 129 | { |
| 100 | int owning_thread = fips_is_owning_thread(); | 130 | int owning_thread = fips_is_owning_thread(); |
| 101 | 131 | ||
| 102 | if (!owning_thread) CRYPTO_r_lock(CRYPTO_LOCK_FIPS); | 132 | if (!owning_thread) fips_r_lock(); |
| 103 | ret = fips_selftest_fail; | 133 | ret = fips_selftest_fail; |
| 104 | if (!owning_thread) CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); | 134 | if (!owning_thread) fips_r_unlock(); |
| 105 | } | 135 | } |
| 106 | return ret; | 136 | return ret; |
| 107 | } | 137 | } |
| 108 | 138 | ||
| 139 | /* Selftest failure fatal exit routine. This will be called | ||
| 140 | * during *any* cryptographic operation. It has the minimum | ||
| 141 | * overhead possible to avoid too big a performance hit. | ||
| 142 | */ | ||
| 143 | |||
| 144 | void FIPS_selftest_check(void) | ||
| 145 | { | ||
| 146 | if (fips_selftest_fail) | ||
| 147 | { | ||
| 148 | OpenSSLDie(__FILE__,__LINE__, "FATAL FIPS SELFTEST FAILURE"); | ||
| 149 | } | ||
| 150 | } | ||
| 151 | |||
| 152 | void fips_set_selftest_fail(void) | ||
| 153 | { | ||
| 154 | fips_selftest_fail = 1; | ||
| 155 | } | ||
| 156 | |||
| 109 | int FIPS_selftest() | 157 | int FIPS_selftest() |
| 110 | { | 158 | { |
| 111 | ERR_load_crypto_strings(); | ||
| 112 | 159 | ||
| 113 | return FIPS_selftest_sha1() | 160 | return FIPS_selftest_sha1() |
| 161 | && FIPS_selftest_hmac() | ||
| 114 | && FIPS_selftest_aes() | 162 | && FIPS_selftest_aes() |
| 115 | && FIPS_selftest_des() | 163 | && FIPS_selftest_des() |
| 116 | && FIPS_selftest_rsa() | 164 | && FIPS_selftest_rsa() |
| 117 | && FIPS_selftest_dsa(); | 165 | && FIPS_selftest_dsa(); |
| 118 | } | 166 | } |
| 119 | 167 | ||
| 120 | static int FIPS_check_exe(const char *path) | 168 | extern const void *FIPS_text_start(), *FIPS_text_end(); |
| 169 | extern const unsigned char FIPS_rodata_start[], FIPS_rodata_end[]; | ||
| 170 | unsigned char FIPS_signature [20] = { 0 }; | ||
| 171 | static const char FIPS_hmac_key[]="etaonrishdlcupfm"; | ||
| 172 | |||
| 173 | unsigned int FIPS_incore_fingerprint(unsigned char *sig,unsigned int len) | ||
| 121 | { | 174 | { |
| 122 | unsigned char buf[1024]; | 175 | const unsigned char *p1 = FIPS_text_start(); |
| 123 | char p2[PATH_MAX]; | 176 | const unsigned char *p2 = FIPS_text_end(); |
| 124 | unsigned int n; | 177 | const unsigned char *p3 = FIPS_rodata_start; |
| 125 | unsigned char mdbuf[EVP_MAX_MD_SIZE]; | 178 | const unsigned char *p4 = FIPS_rodata_end; |
| 126 | FILE *f; | 179 | HMAC_CTX c; |
| 127 | static char key[]="etaonrishdlcupfm"; | 180 | |
| 128 | HMAC_CTX hmac; | 181 | HMAC_CTX_init(&c); |
| 129 | const char *sha1_fmt="%s.sha1"; | 182 | HMAC_Init(&c,FIPS_hmac_key,strlen(FIPS_hmac_key),EVP_sha1()); |
| 130 | 183 | ||
| 131 | f=fopen(path,"rb"); | 184 | /* detect overlapping regions */ |
| 132 | #ifdef __CYGWIN32__ | 185 | if (p1<=p3 && p2>=p3) |
| 133 | /* cygwin scrupulously strips .exe extentions:-( as of now it's | 186 | p3=p1, p4=p2>p4?p2:p4, p1=NULL, p2=NULL; |
| 134 | actually no point to attempt above fopen, but we keep the call | 187 | else if (p3<=p1 && p4>=p1) |
| 135 | just in case the behavior changes in the future... */ | 188 | p3=p3, p4=p2>p4?p2:p4, p1=NULL, p2=NULL; |
| 136 | if (!f) | 189 | |
| 190 | if (p1) | ||
| 191 | HMAC_Update(&c,p1,(size_t)p2-(size_t)p1); | ||
| 192 | |||
| 193 | if (FIPS_signature>=p3 && FIPS_signature<p4) | ||
| 137 | { | 194 | { |
| 138 | sha1_fmt="%s.exe.sha1"; | 195 | /* "punch" hole */ |
| 139 | BIO_snprintf(p2,sizeof p2,"%s.exe",path); | 196 | HMAC_Update(&c,p3,(size_t)FIPS_signature-(size_t)p3); |
| 140 | f=fopen(p2,"rb"); | 197 | p3 = FIPS_signature+sizeof(FIPS_signature); |
| 198 | if (p3<p4) | ||
| 199 | HMAC_Update(&c,p3,(size_t)p4-(size_t)p3); | ||
| 141 | } | 200 | } |
| 201 | else | ||
| 202 | HMAC_Update(&c,p3,(size_t)p4-(size_t)p3); | ||
| 203 | |||
| 204 | HMAC_Final(&c,sig,&len); | ||
| 205 | HMAC_CTX_cleanup(&c); | ||
| 206 | |||
| 207 | return len; | ||
| 208 | } | ||
| 209 | |||
| 210 | int FIPS_check_incore_fingerprint(void) | ||
| 211 | { | ||
| 212 | unsigned char sig[EVP_MAX_MD_SIZE]; | ||
| 213 | unsigned int len; | ||
| 214 | #if defined(__sgi) && (defined(__mips) || defined(mips)) | ||
| 215 | extern int __dso_displacement[]; | ||
| 216 | #else | ||
| 217 | extern int OPENSSL_NONPIC_relocated; | ||
| 142 | #endif | 218 | #endif |
| 143 | if(!f) | 219 | |
| 144 | { | 220 | if (FIPS_text_start()==NULL) |
| 145 | FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_CANNOT_READ_EXE); | ||
| 146 | return 0; | ||
| 147 | } | ||
| 148 | HMAC_Init(&hmac,key,strlen(key),EVP_sha1()); | ||
| 149 | while(!feof(f)) | ||
| 150 | { | ||
| 151 | n=fread(buf,1,sizeof buf,f); | ||
| 152 | if(ferror(f)) | ||
| 153 | { | ||
| 154 | clearerr(f); | ||
| 155 | fclose(f); | ||
| 156 | FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_CANNOT_READ_EXE); | ||
| 157 | return 0; | ||
| 158 | } | ||
| 159 | if (n) HMAC_Update(&hmac,buf,n); | ||
| 160 | } | ||
| 161 | fclose(f); | ||
| 162 | HMAC_Final(&hmac,mdbuf,&n); | ||
| 163 | HMAC_CTX_cleanup(&hmac); | ||
| 164 | BIO_snprintf(p2,sizeof p2,sha1_fmt,path); | ||
| 165 | f=fopen(p2,"rb"); | ||
| 166 | if(!f || fread(buf,1,20,f) != 20) | ||
| 167 | { | 221 | { |
| 168 | if (f) fclose(f); | 222 | FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_UNSUPPORTED_PLATFORM); |
| 169 | FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_CANNOT_READ_EXE_DIGEST); | ||
| 170 | return 0; | 223 | return 0; |
| 171 | } | 224 | } |
| 172 | fclose(f); | 225 | |
| 173 | if(memcmp(buf,mdbuf,20)) | 226 | len=FIPS_incore_fingerprint (sig,sizeof(sig)); |
| 227 | |||
| 228 | if (len!=sizeof(FIPS_signature) || | ||
| 229 | memcmp(FIPS_signature,sig,sizeof(FIPS_signature))) | ||
| 174 | { | 230 | { |
| 175 | FIPSerr(FIPS_F_FIPS_CHECK_EXE,FIPS_R_EXE_DIGEST_DOES_NOT_MATCH); | 231 | if (FIPS_signature>=FIPS_rodata_start && FIPS_signature<FIPS_rodata_end) |
| 232 | FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING); | ||
| 233 | #if defined(__sgi) && (defined(__mips) || defined(mips)) | ||
| 234 | else if (__dso_displacement!=NULL) | ||
| 235 | #else | ||
| 236 | else if (OPENSSL_NONPIC_relocated) | ||
| 237 | #endif | ||
| 238 | FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED); | ||
| 239 | else | ||
| 240 | FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH); | ||
| 176 | return 0; | 241 | return 0; |
| 177 | } | 242 | } |
| 243 | |||
| 178 | return 1; | 244 | return 1; |
| 179 | } | 245 | } |
| 180 | 246 | ||
| 181 | int FIPS_mode_set(int onoff,const char *path) | 247 | int FIPS_mode_set(int onoff) |
| 182 | { | 248 | { |
| 183 | void fips_set_mode(int _onoff); | ||
| 184 | int fips_set_owning_thread(); | 249 | int fips_set_owning_thread(); |
| 185 | int fips_clear_owning_thread(); | 250 | int fips_clear_owning_thread(); |
| 186 | int ret = 0; | 251 | int ret = 0; |
| 187 | 252 | ||
| 188 | CRYPTO_w_lock(CRYPTO_LOCK_FIPS); | 253 | fips_w_lock(); |
| 189 | fips_set_started(); | 254 | fips_set_started(); |
| 190 | fips_set_owning_thread(); | 255 | fips_set_owning_thread(); |
| 191 | 256 | ||
| 192 | if(onoff) | 257 | if(onoff) |
| 193 | { | 258 | { |
| 194 | unsigned char buf[24]; | 259 | unsigned char buf[48]; |
| 195 | 260 | ||
| 196 | fips_selftest_fail = 0; | 261 | fips_selftest_fail = 0; |
| 197 | 262 | ||
| @@ -205,7 +270,33 @@ int FIPS_mode_set(int onoff,const char *path) | |||
| 205 | goto end; | 270 | goto end; |
| 206 | } | 271 | } |
| 207 | 272 | ||
| 208 | if(!FIPS_check_exe(path)) | 273 | #ifdef OPENSSL_IA32_SSE2 |
| 274 | if ((OPENSSL_ia32cap & (1<<25|1<<26)) != (1<<25|1<<26)) | ||
| 275 | { | ||
| 276 | FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_UNSUPPORTED_PLATFORM); | ||
| 277 | fips_selftest_fail = 1; | ||
| 278 | ret = 0; | ||
| 279 | goto end; | ||
| 280 | } | ||
| 281 | #endif | ||
| 282 | |||
| 283 | if(fips_signature_witness() != FIPS_signature) | ||
| 284 | { | ||
| 285 | FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_CONTRADICTING_EVIDENCE); | ||
| 286 | fips_selftest_fail = 1; | ||
| 287 | ret = 0; | ||
| 288 | goto end; | ||
| 289 | } | ||
| 290 | |||
| 291 | if(!FIPS_check_incore_fingerprint()) | ||
| 292 | { | ||
| 293 | fips_selftest_fail = 1; | ||
| 294 | ret = 0; | ||
| 295 | goto end; | ||
| 296 | } | ||
| 297 | |||
| 298 | /* Perform RNG KAT before seeding */ | ||
| 299 | if (!FIPS_selftest_rng()) | ||
| 209 | { | 300 | { |
| 210 | fips_selftest_fail = 1; | 301 | fips_selftest_fail = 1; |
| 211 | ret = 0; | 302 | ret = 0; |
| @@ -213,7 +304,7 @@ int FIPS_mode_set(int onoff,const char *path) | |||
| 213 | } | 304 | } |
| 214 | 305 | ||
| 215 | /* automagically seed PRNG if not already seeded */ | 306 | /* automagically seed PRNG if not already seeded */ |
| 216 | if(!FIPS_rand_seeded()) | 307 | if(!FIPS_rand_status()) |
| 217 | { | 308 | { |
| 218 | if(RAND_bytes(buf,sizeof buf) <= 0) | 309 | if(RAND_bytes(buf,sizeof buf) <= 0) |
| 219 | { | 310 | { |
| @@ -221,8 +312,8 @@ int FIPS_mode_set(int onoff,const char *path) | |||
| 221 | ret = 0; | 312 | ret = 0; |
| 222 | goto end; | 313 | goto end; |
| 223 | } | 314 | } |
| 224 | FIPS_set_prng_key(buf,buf+8); | 315 | FIPS_rand_set_key(buf,32); |
| 225 | FIPS_rand_seed(buf+16,8); | 316 | FIPS_rand_seed(buf+32,16); |
| 226 | } | 317 | } |
| 227 | 318 | ||
| 228 | /* now switch into FIPS mode */ | 319 | /* now switch into FIPS mode */ |
| @@ -244,17 +335,185 @@ int FIPS_mode_set(int onoff,const char *path) | |||
| 244 | ret = 1; | 335 | ret = 1; |
| 245 | end: | 336 | end: |
| 246 | fips_clear_owning_thread(); | 337 | fips_clear_owning_thread(); |
| 247 | CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); | 338 | fips_w_unlock(); |
| 248 | return ret; | 339 | return ret; |
| 249 | } | 340 | } |
| 250 | 341 | ||
| 342 | void fips_w_lock(void) { CRYPTO_w_lock(CRYPTO_LOCK_FIPS); } | ||
| 343 | void fips_w_unlock(void) { CRYPTO_w_unlock(CRYPTO_LOCK_FIPS); } | ||
| 344 | void fips_r_lock(void) { CRYPTO_r_lock(CRYPTO_LOCK_FIPS); } | ||
| 345 | void fips_r_unlock(void) { CRYPTO_r_unlock(CRYPTO_LOCK_FIPS); } | ||
| 346 | |||
| 347 | static int fips_started = 0; | ||
| 348 | static unsigned long fips_thread = 0; | ||
| 349 | |||
| 350 | void fips_set_started(void) | ||
| 351 | { | ||
| 352 | fips_started = 1; | ||
| 353 | } | ||
| 354 | |||
| 355 | int fips_is_started(void) | ||
| 356 | { | ||
| 357 | return fips_started; | ||
| 358 | } | ||
| 359 | |||
| 360 | int fips_is_owning_thread(void) | ||
| 361 | { | ||
| 362 | int ret = 0; | ||
| 363 | |||
| 364 | if (fips_is_started()) | ||
| 365 | { | ||
| 366 | CRYPTO_r_lock(CRYPTO_LOCK_FIPS2); | ||
| 367 | if (fips_thread != 0 && fips_thread == CRYPTO_thread_id()) | ||
| 368 | ret = 1; | ||
| 369 | CRYPTO_r_unlock(CRYPTO_LOCK_FIPS2); | ||
| 370 | } | ||
| 371 | return ret; | ||
| 372 | } | ||
| 373 | |||
| 374 | int fips_set_owning_thread(void) | ||
| 375 | { | ||
| 376 | int ret = 0; | ||
| 377 | |||
| 378 | if (fips_is_started()) | ||
| 379 | { | ||
| 380 | CRYPTO_w_lock(CRYPTO_LOCK_FIPS2); | ||
| 381 | if (fips_thread == 0) | ||
| 382 | { | ||
| 383 | fips_thread = CRYPTO_thread_id(); | ||
| 384 | ret = 1; | ||
| 385 | } | ||
| 386 | CRYPTO_w_unlock(CRYPTO_LOCK_FIPS2); | ||
| 387 | } | ||
| 388 | return ret; | ||
| 389 | } | ||
| 390 | |||
| 391 | int fips_clear_owning_thread(void) | ||
| 392 | { | ||
| 393 | int ret = 0; | ||
| 394 | |||
| 395 | if (fips_is_started()) | ||
| 396 | { | ||
| 397 | CRYPTO_w_lock(CRYPTO_LOCK_FIPS2); | ||
| 398 | if (fips_thread == CRYPTO_thread_id()) | ||
| 399 | { | ||
| 400 | fips_thread = 0; | ||
| 401 | ret = 1; | ||
| 402 | } | ||
| 403 | CRYPTO_w_unlock(CRYPTO_LOCK_FIPS2); | ||
| 404 | } | ||
| 405 | return ret; | ||
| 406 | } | ||
| 407 | |||
| 408 | unsigned char *fips_signature_witness(void) | ||
| 409 | { | ||
| 410 | extern unsigned char FIPS_signature[]; | ||
| 411 | return FIPS_signature; | ||
| 412 | } | ||
| 413 | |||
| 414 | /* Generalized public key test routine. Signs and verifies the data | ||
| 415 | * supplied in tbs using mesage digest md and setting option digest | ||
| 416 | * flags md_flags. If the 'kat' parameter is not NULL it will | ||
| 417 | * additionally check the signature matches it: a known answer test | ||
| 418 | * The string "fail_str" is used for identification purposes in case | ||
| 419 | * of failure. | ||
| 420 | */ | ||
| 421 | |||
| 422 | int fips_pkey_signature_test(EVP_PKEY *pkey, | ||
| 423 | const unsigned char *tbs, int tbslen, | ||
| 424 | const unsigned char *kat, unsigned int katlen, | ||
| 425 | const EVP_MD *digest, unsigned int md_flags, | ||
| 426 | const char *fail_str) | ||
| 427 | { | ||
| 428 | int ret = 0; | ||
| 429 | unsigned char sigtmp[256], *sig = sigtmp; | ||
| 430 | unsigned int siglen; | ||
| 431 | EVP_MD_CTX mctx; | ||
| 432 | EVP_MD_CTX_init(&mctx); | ||
| 433 | |||
| 434 | if ((pkey->type == EVP_PKEY_RSA) | ||
| 435 | && (RSA_size(pkey->pkey.rsa) > sizeof(sigtmp))) | ||
| 436 | { | ||
| 437 | sig = OPENSSL_malloc(RSA_size(pkey->pkey.rsa)); | ||
| 438 | if (!sig) | ||
| 439 | { | ||
| 440 | FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,ERR_R_MALLOC_FAILURE); | ||
| 441 | return 0; | ||
| 442 | } | ||
| 443 | } | ||
| 444 | |||
| 445 | if (tbslen == -1) | ||
| 446 | tbslen = strlen((char *)tbs); | ||
| 447 | |||
| 448 | if (md_flags) | ||
| 449 | M_EVP_MD_CTX_set_flags(&mctx, md_flags); | ||
| 450 | |||
| 451 | if (!EVP_SignInit_ex(&mctx, digest, NULL)) | ||
| 452 | goto error; | ||
| 453 | if (!EVP_SignUpdate(&mctx, tbs, tbslen)) | ||
| 454 | goto error; | ||
| 455 | if (!EVP_SignFinal(&mctx, sig, &siglen, pkey)) | ||
| 456 | goto error; | ||
| 457 | |||
| 458 | if (kat && ((siglen != katlen) || memcmp(kat, sig, katlen))) | ||
| 459 | goto error; | ||
| 460 | |||
| 461 | if (!EVP_VerifyInit_ex(&mctx, digest, NULL)) | ||
| 462 | goto error; | ||
| 463 | if (!EVP_VerifyUpdate(&mctx, tbs, tbslen)) | ||
| 464 | goto error; | ||
| 465 | ret = EVP_VerifyFinal(&mctx, sig, siglen, pkey); | ||
| 466 | |||
| 467 | error: | ||
| 468 | if (sig != sigtmp) | ||
| 469 | OPENSSL_free(sig); | ||
| 470 | EVP_MD_CTX_cleanup(&mctx); | ||
| 471 | if (ret != 1) | ||
| 472 | { | ||
| 473 | FIPSerr(FIPS_F_FIPS_PKEY_SIGNATURE_TEST,FIPS_R_TEST_FAILURE); | ||
| 474 | if (fail_str) | ||
| 475 | ERR_add_error_data(2, "Type=", fail_str); | ||
| 476 | return 0; | ||
| 477 | } | ||
| 478 | return 1; | ||
| 479 | } | ||
| 480 | |||
| 481 | /* Generalized symmetric cipher test routine. Encrypt data, verify result | ||
| 482 | * against known answer, decrypt and compare with original plaintext. | ||
| 483 | */ | ||
| 484 | |||
| 485 | int fips_cipher_test(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, | ||
| 486 | const unsigned char *key, | ||
| 487 | const unsigned char *iv, | ||
| 488 | const unsigned char *plaintext, | ||
| 489 | const unsigned char *ciphertext, | ||
| 490 | int len) | ||
| 491 | { | ||
| 492 | unsigned char pltmp[FIPS_MAX_CIPHER_TEST_SIZE]; | ||
| 493 | unsigned char citmp[FIPS_MAX_CIPHER_TEST_SIZE]; | ||
| 494 | OPENSSL_assert(len <= FIPS_MAX_CIPHER_TEST_SIZE); | ||
| 495 | if (EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 1) <= 0) | ||
| 496 | return 0; | ||
| 497 | EVP_Cipher(ctx, citmp, plaintext, len); | ||
| 498 | if (memcmp(citmp, ciphertext, len)) | ||
| 499 | return 0; | ||
| 500 | if (EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 0) <= 0) | ||
| 501 | return 0; | ||
| 502 | EVP_Cipher(ctx, pltmp, citmp, len); | ||
| 503 | if (memcmp(pltmp, plaintext, len)) | ||
| 504 | return 0; | ||
| 505 | return 1; | ||
| 506 | } | ||
| 507 | |||
| 251 | #if 0 | 508 | #if 0 |
| 252 | /* here just to cause error codes to exist */ | 509 | /* The purpose of this is to ensure the error code exists and the function |
| 253 | static void dummy() | 510 | * name is to keep the error checking script quiet |
| 254 | { | 511 | */ |
| 255 | FIPSerr(FIPS_F_HASH_FINAL,FIPS_F_NON_FIPS_METHOD); | 512 | void hash_final(void) |
| 256 | FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_FIPS_SELFTEST_FAILED); | 513 | { |
| 257 | } | 514 | FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); |
| 515 | } | ||
| 258 | #endif | 516 | #endif |
| 259 | 517 | ||
| 518 | |||
| 260 | #endif | 519 | #endif |
diff --git a/src/lib/libssl/src/fips/fips.h b/src/lib/libssl/src/fips/fips.h index a4df06b148..42bdcf2596 100644 --- a/src/lib/libssl/src/fips/fips.h +++ b/src/lib/libssl/src/fips/fips.h | |||
| @@ -49,22 +49,27 @@ | |||
| 49 | 49 | ||
| 50 | #include <openssl/opensslconf.h> | 50 | #include <openssl/opensslconf.h> |
| 51 | 51 | ||
| 52 | #ifndef OPENSSL_FIPS | ||
| 53 | #error FIPS is disabled. | ||
| 54 | #endif | ||
| 55 | |||
| 52 | #ifdef OPENSSL_FIPS | 56 | #ifdef OPENSSL_FIPS |
| 53 | 57 | ||
| 54 | #ifdef __cplusplus | 58 | #ifdef __cplusplus |
| 55 | extern "C" { | 59 | extern "C" { |
| 56 | #endif | 60 | #endif |
| 57 | 61 | ||
| 58 | /* Note that these are defined in crypto/cryptlib.c so they're | ||
| 59 | * available even without -lfips. | ||
| 60 | */ | ||
| 61 | struct dsa_st; | 62 | struct dsa_st; |
| 63 | struct evp_pkey_st; | ||
| 64 | struct env_md_st; | ||
| 65 | struct evp_cipher_st; | ||
| 66 | struct evp_cipher_ctx_st; | ||
| 62 | 67 | ||
| 63 | int FIPS_mode_set(int onoff,const char *path); | 68 | int FIPS_mode_set(int onoff); |
| 64 | void FIPS_allow_md5(int onoff); | 69 | int FIPS_mode(void); |
| 65 | int FIPS_md5_allowed(void); | 70 | const void *FIPS_rand_check(void); |
| 66 | int FIPS_selftest_failed(void); | 71 | int FIPS_selftest_failed(void); |
| 67 | int FIPS_dsa_check(struct dsa_st *dsa); | 72 | void FIPS_selftest_check(void); |
| 68 | void FIPS_corrupt_sha1(void); | 73 | void FIPS_corrupt_sha1(void); |
| 69 | int FIPS_selftest_sha1(void); | 74 | int FIPS_selftest_sha1(void); |
| 70 | void FIPS_corrupt_aes(void); | 75 | void FIPS_corrupt_aes(void); |
| @@ -72,14 +77,29 @@ int FIPS_selftest_aes(void); | |||
| 72 | void FIPS_corrupt_des(void); | 77 | void FIPS_corrupt_des(void); |
| 73 | int FIPS_selftest_des(void); | 78 | int FIPS_selftest_des(void); |
| 74 | void FIPS_corrupt_rsa(void); | 79 | void FIPS_corrupt_rsa(void); |
| 80 | void FIPS_corrupt_rsa_keygen(void); | ||
| 75 | int FIPS_selftest_rsa(void); | 81 | int FIPS_selftest_rsa(void); |
| 76 | void FIPS_corrupt_dsa(void); | 82 | void FIPS_corrupt_dsa(void); |
| 83 | void FIPS_corrupt_dsa_keygen(void); | ||
| 77 | int FIPS_selftest_dsa(void); | 84 | int FIPS_selftest_dsa(void); |
| 85 | void FIPS_corrupt_rng(void); | ||
| 86 | void FIPS_rng_stick(void); | ||
| 87 | int FIPS_selftest_rng(void); | ||
| 88 | int FIPS_selftest_hmac(void); | ||
| 78 | 89 | ||
| 79 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 90 | int fips_pkey_signature_test(struct evp_pkey_st *pkey, |
| 80 | * made after this point may be overwritten when the script is next run. | 91 | const unsigned char *tbs, int tbslen, |
| 81 | */ | 92 | const unsigned char *kat, unsigned int katlen, |
| 82 | void ERR_load_FIPS_strings(void); | 93 | const struct env_md_st *digest, unsigned int md_flags, |
| 94 | const char *fail_str); | ||
| 95 | |||
| 96 | int fips_cipher_test(struct evp_cipher_ctx_st *ctx, | ||
| 97 | const struct evp_cipher_st *cipher, | ||
| 98 | const unsigned char *key, | ||
| 99 | const unsigned char *iv, | ||
| 100 | const unsigned char *plaintext, | ||
| 101 | const unsigned char *ciphertext, | ||
| 102 | int len); | ||
| 83 | 103 | ||
| 84 | /* BEGIN ERROR CODES */ | 104 | /* BEGIN ERROR CODES */ |
| 85 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 105 | /* The following lines are auto generated by the script mkerr.pl. Any changes |
| @@ -90,34 +110,52 @@ void ERR_load_FIPS_strings(void); | |||
| 90 | /* Error codes for the FIPS functions. */ | 110 | /* Error codes for the FIPS functions. */ |
| 91 | 111 | ||
| 92 | /* Function codes. */ | 112 | /* Function codes. */ |
| 93 | #define FIPS_F_DSA_DO_SIGN 111 | 113 | #define FIPS_F_DH_BUILTIN_GENPARAMS 100 |
| 94 | #define FIPS_F_DSA_DO_VERIFY 112 | 114 | #define FIPS_F_DSA_BUILTIN_PARAMGEN 101 |
| 95 | #define FIPS_F_DSA_GENERATE_PARAMETERS 110 | 115 | #define FIPS_F_DSA_DO_SIGN 102 |
| 96 | #define FIPS_F_FIPS_CHECK_DSA 116 | 116 | #define FIPS_F_DSA_DO_VERIFY 103 |
| 97 | #define FIPS_F_FIPS_CHECK_EXE 106 | 117 | #define FIPS_F_EVP_CIPHERINIT_EX 124 |
| 98 | #define FIPS_F_FIPS_CHECK_RSA 115 | 118 | #define FIPS_F_EVP_DIGESTINIT_EX 125 |
| 99 | #define FIPS_F_FIPS_DSA_CHECK 102 | 119 | #define FIPS_F_FIPS_CHECK_DSA 104 |
| 100 | #define FIPS_F_FIPS_MODE_SET 105 | 120 | #define FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT 105 |
| 101 | #define FIPS_F_FIPS_SELFTEST_AES 104 | 121 | #define FIPS_F_FIPS_CHECK_RSA 106 |
| 102 | #define FIPS_F_FIPS_SELFTEST_DES 107 | 122 | #define FIPS_F_FIPS_DSA_CHECK 107 |
| 103 | #define FIPS_F_FIPS_SELFTEST_DSA 109 | 123 | #define FIPS_F_FIPS_MODE_SET 108 |
| 104 | #define FIPS_F_FIPS_SELFTEST_RSA 108 | 124 | #define FIPS_F_FIPS_PKEY_SIGNATURE_TEST 109 |
| 105 | #define FIPS_F_FIPS_SELFTEST_SHA1 103 | 125 | #define FIPS_F_FIPS_SELFTEST_AES 110 |
| 106 | #define FIPS_F_HASH_FINAL 100 | 126 | #define FIPS_F_FIPS_SELFTEST_DES 111 |
| 107 | #define FIPS_F_DH_GENERATE_PARAMETERS 117 | 127 | #define FIPS_F_FIPS_SELFTEST_DSA 112 |
| 108 | #define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 114 | 128 | #define FIPS_F_FIPS_SELFTEST_HMAC 113 |
| 109 | #define FIPS_F_RSA_GENERATE_KEY 113 | 129 | #define FIPS_F_FIPS_SELFTEST_RNG 114 |
| 110 | #define FIPS_F_SSLEAY_RAND_BYTES 101 | 130 | #define FIPS_F_FIPS_SELFTEST_SHA1 115 |
| 131 | #define FIPS_F_HASH_FINAL 123 | ||
| 132 | #define FIPS_F_RSA_BUILTIN_KEYGEN 116 | ||
| 133 | #define FIPS_F_RSA_EAY_PRIVATE_DECRYPT 117 | ||
| 134 | #define FIPS_F_RSA_EAY_PRIVATE_ENCRYPT 118 | ||
| 135 | #define FIPS_F_RSA_EAY_PUBLIC_DECRYPT 119 | ||
| 136 | #define FIPS_F_RSA_EAY_PUBLIC_ENCRYPT 120 | ||
| 137 | #define FIPS_F_RSA_X931_GENERATE_KEY_EX 121 | ||
| 138 | #define FIPS_F_SSLEAY_RAND_BYTES 122 | ||
| 111 | 139 | ||
| 112 | /* Reason codes. */ | 140 | /* Reason codes. */ |
| 113 | #define FIPS_R_CANNOT_READ_EXE 103 | 141 | #define FIPS_R_CANNOT_READ_EXE 103 |
| 114 | #define FIPS_R_CANNOT_READ_EXE_DIGEST 104 | 142 | #define FIPS_R_CANNOT_READ_EXE_DIGEST 104 |
| 143 | #define FIPS_R_CONTRADICTING_EVIDENCE 114 | ||
| 115 | #define FIPS_R_EXE_DIGEST_DOES_NOT_MATCH 105 | 144 | #define FIPS_R_EXE_DIGEST_DOES_NOT_MATCH 105 |
| 145 | #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH 110 | ||
| 146 | #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED 111 | ||
| 147 | #define FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING 112 | ||
| 116 | #define FIPS_R_FIPS_MODE_ALREADY_SET 102 | 148 | #define FIPS_R_FIPS_MODE_ALREADY_SET 102 |
| 117 | #define FIPS_R_FIPS_SELFTEST_FAILED 106 | 149 | #define FIPS_R_FIPS_SELFTEST_FAILED 106 |
| 150 | #define FIPS_R_INVALID_KEY_LENGTH 109 | ||
| 151 | #define FIPS_R_KEY_TOO_SHORT 108 | ||
| 118 | #define FIPS_R_NON_FIPS_METHOD 100 | 152 | #define FIPS_R_NON_FIPS_METHOD 100 |
| 119 | #define FIPS_R_PAIRWISE_TEST_FAILED 107 | 153 | #define FIPS_R_PAIRWISE_TEST_FAILED 107 |
| 154 | #define FIPS_R_RSA_DECRYPT_ERROR 115 | ||
| 155 | #define FIPS_R_RSA_ENCRYPT_ERROR 116 | ||
| 120 | #define FIPS_R_SELFTEST_FAILED 101 | 156 | #define FIPS_R_SELFTEST_FAILED 101 |
| 157 | #define FIPS_R_TEST_FAILURE 117 | ||
| 158 | #define FIPS_R_UNSUPPORTED_PLATFORM 113 | ||
| 121 | 159 | ||
| 122 | #ifdef __cplusplus | 160 | #ifdef __cplusplus |
| 123 | } | 161 | } |
diff --git a/src/lib/libssl/src/fips/fips_canister.c b/src/lib/libssl/src/fips/fips_canister.c new file mode 100644 index 0000000000..64580694c4 --- /dev/null +++ b/src/lib/libssl/src/fips/fips_canister.c | |||
| @@ -0,0 +1,186 @@ | |||
| 1 | /* ==================================================================== | ||
| 2 | * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution | ||
| 3 | * and usage in source and binary forms are granted according to the | ||
| 4 | * OpenSSL license. | ||
| 5 | */ | ||
| 6 | |||
| 7 | #include <stdio.h> | ||
| 8 | #if defined(__DECC) | ||
| 9 | # include <c_asm.h> | ||
| 10 | # pragma __nostandard | ||
| 11 | #endif | ||
| 12 | |||
| 13 | #include "e_os.h" | ||
| 14 | |||
| 15 | #if !defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION) | ||
| 16 | # if (defined(__sun) && (defined(__sparc) || defined(__sparcv9))) || \ | ||
| 17 | (defined(__sgi) && (defined(__mips) || defined(mips))) || \ | ||
| 18 | (defined(__osf__) && defined(__alpha)) || \ | ||
| 19 | (defined(__linux) && (defined(__arm) || defined(__arm__))) || \ | ||
| 20 | (defined(__i386) || defined(__i386__)) || \ | ||
| 21 | (defined(__x86_64) || defined(__x86_64__)) || \ | ||
| 22 | (defined(vax) || defined(__vax__)) | ||
| 23 | # define POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION | ||
| 24 | # endif | ||
| 25 | #endif | ||
| 26 | |||
| 27 | #if defined(__xlC__) && __xlC__>=0x600 && (defined(_POWER) || defined(_ARCH_PPC)) | ||
| 28 | static void *instruction_pointer_xlc(void); | ||
| 29 | # pragma mc_func instruction_pointer_xlc {\ | ||
| 30 | "7c0802a6" /* mflr r0 */ \ | ||
| 31 | "48000005" /* bl $+4 */ \ | ||
| 32 | "7c6802a6" /* mflr r3 */ \ | ||
| 33 | "7c0803a6" /* mtlr r0 */ } | ||
| 34 | # pragma reg_killed_by instruction_pointer_xlc gr0 gr3 | ||
| 35 | # define INSTRUCTION_POINTER_IMPLEMENTED(ret) (ret=instruction_pointer_xlc()); | ||
| 36 | #endif | ||
| 37 | |||
| 38 | #ifdef FIPS_START | ||
| 39 | #define FIPS_ref_point FIPS_text_start | ||
| 40 | /* Some compilers put string literals into a separate segment. As we | ||
| 41 | * are mostly interested to hash AES tables in .rodata, we declare | ||
| 42 | * reference points accordingly. In case you wonder, the values are | ||
| 43 | * big-endian encoded variable names, just to prevent these arrays | ||
| 44 | * from being merged by linker. */ | ||
| 45 | const unsigned int FIPS_rodata_start[]= | ||
| 46 | { 0x46495053, 0x5f726f64, 0x6174615f, 0x73746172 }; | ||
| 47 | #else | ||
| 48 | #define FIPS_ref_point FIPS_text_end | ||
| 49 | const unsigned int FIPS_rodata_end[]= | ||
| 50 | { 0x46495053, 0x5f726f64, 0x6174615f, 0x656e645b }; | ||
| 51 | #endif | ||
| 52 | |||
| 53 | /* | ||
| 54 | * I declare reference function as static in order to avoid certain | ||
| 55 | * pitfalls in -dynamic linker behaviour... | ||
| 56 | */ | ||
| 57 | static void *instruction_pointer(void) | ||
| 58 | { void *ret=NULL; | ||
| 59 | /* These are ABI-neutral CPU-specific snippets. ABI-neutrality means | ||
| 60 | * that they are designed to work under any OS running on particular | ||
| 61 | * CPU, which is why you don't find any #ifdef THIS_OR_THAT_OS in | ||
| 62 | * this function. */ | ||
| 63 | #if defined(INSTRUCTION_POINTER_IMPLEMENTED) | ||
| 64 | INSTRUCTION_POINTER_IMPLEMENTED(ret); | ||
| 65 | #elif defined(__GNUC__) && __GNUC__>=2 | ||
| 66 | # if defined(__alpha) || defined(__alpha__) | ||
| 67 | # define INSTRUCTION_POINTER_IMPLEMENTED | ||
| 68 | __asm __volatile ( "br %0,1f\n1:" : "=r"(ret) ); | ||
| 69 | # elif defined(__i386) || defined(__i386__) | ||
| 70 | # define INSTRUCTION_POINTER_IMPLEMENTED | ||
| 71 | __asm __volatile ( "call 1f\n1: popl %0" : "=r"(ret) ); | ||
| 72 | ret = (void *)((size_t)ret&~3UL); /* align for better performance */ | ||
| 73 | # elif defined(__ia64) || defined(__ia64__) | ||
| 74 | # define INSTRUCTION_POINTER_IMPLEMENTED | ||
| 75 | __asm __volatile ( "mov %0=ip" : "=r"(ret) ); | ||
| 76 | # elif defined(__hppa) || defined(__hppa__) || defined(__pa_risc) | ||
| 77 | # define INSTRUCTION_POINTER_IMPLEMENTED | ||
| 78 | __asm __volatile ( "blr %%r0,%0\n\tnop" : "=r"(ret) ); | ||
| 79 | ret = (void *)((size_t)ret&~3UL); /* mask privilege level */ | ||
| 80 | # elif defined(__mips) || defined(__mips__) | ||
| 81 | # define INSTRUCTION_POINTER_IMPLEMENTED | ||
| 82 | void *scratch; | ||
| 83 | __asm __volatile ( "move %1,$31\n\t" /* save ra */ | ||
| 84 | "bal .+8; nop\n\t" | ||
| 85 | "move %0,$31\n\t" | ||
| 86 | "move $31,%1" /* restore ra */ | ||
| 87 | : "=r"(ret),"=r"(scratch) ); | ||
| 88 | # elif defined(__ppc__) || defined(__powerpc) || defined(__powerpc__) || \ | ||
| 89 | defined(__POWERPC__) || defined(_POWER) || defined(__PPC__) || \ | ||
| 90 | defined(__PPC64__) || defined(__powerpc64__) | ||
| 91 | # define INSTRUCTION_POINTER_IMPLEMENTED | ||
| 92 | void *scratch; | ||
| 93 | __asm __volatile ( "mfspr %1,8\n\t" /* save lr */ | ||
| 94 | "bl $+4\n\t" | ||
| 95 | "mfspr %0,8\n\t" /* mflr ret */ | ||
| 96 | "mtspr 8,%1" /* restore lr */ | ||
| 97 | : "=r"(ret),"=r"(scratch) ); | ||
| 98 | # elif defined(__s390__) || defined(__s390x__) | ||
| 99 | # define INSTRUCTION_POINTER_IMPLEMENTED | ||
| 100 | __asm __volatile ( "bras %0,1f\n1:" : "=r"(ret) ); | ||
| 101 | ret = (void *)((size_t)ret&~3UL); | ||
| 102 | # elif defined(__sparc) || defined(__sparc__) || defined(__sparcv9) | ||
| 103 | # define INSTRUCTION_POINTER_IMPLEMENTED | ||
| 104 | void *scratch; | ||
| 105 | __asm __volatile ( "mov %%o7,%1\n\t" | ||
| 106 | "call .+8; nop\n\t" | ||
| 107 | "mov %%o7,%0\n\t" | ||
| 108 | "mov %1,%%o7" | ||
| 109 | : "=r"(ret),"=r"(scratch) ); | ||
| 110 | # elif defined(__x86_64) || defined(__x86_64__) | ||
| 111 | # define INSTRUCTION_POINTER_IMPLEMENTED | ||
| 112 | __asm __volatile ( "leaq 0(%%rip),%0" : "=r"(ret) ); | ||
| 113 | ret = (void *)((size_t)ret&~3UL); /* align for better performance */ | ||
| 114 | # endif | ||
| 115 | #elif defined(__DECC) && defined(__alpha) | ||
| 116 | # define INSTRUCTION_POINTER_IMPLEMENTED | ||
| 117 | ret = (void *)(size_t)asm("br %v0,1f\n1:"); | ||
| 118 | #elif defined(_MSC_VER) && defined(_M_IX86) | ||
| 119 | # define INSTRUCTION_POINTER_IMPLEMENTED | ||
| 120 | void *scratch; | ||
| 121 | _asm { | ||
| 122 | call self | ||
| 123 | self: pop eax | ||
| 124 | mov scratch,eax | ||
| 125 | } | ||
| 126 | ret = (void *)((size_t)scratch&~3UL); | ||
| 127 | #endif | ||
| 128 | return ret; | ||
| 129 | } | ||
| 130 | |||
| 131 | /* | ||
| 132 | * This function returns pointer to an instruction in the vicinity of | ||
| 133 | * its entry point, but not outside this object module. This guarantees | ||
| 134 | * that sequestered code is covered... | ||
| 135 | */ | ||
| 136 | void *FIPS_ref_point() | ||
| 137 | { | ||
| 138 | #if defined(INSTRUCTION_POINTER_IMPLEMENTED) | ||
| 139 | return instruction_pointer(); | ||
| 140 | /* Below we essentially cover vendor compilers which do not support | ||
| 141 | * inline assembler... */ | ||
| 142 | #elif defined(_AIX) | ||
| 143 | struct { void *ip,*gp,*env; } *p = (void *)instruction_pointer; | ||
| 144 | return p->ip; | ||
| 145 | #elif defined(_HPUX_SOURCE) | ||
| 146 | # if defined(__hppa) || defined(__hppa__) | ||
| 147 | struct { void *i[4]; } *p = (void *)FIPS_ref_point; | ||
| 148 | |||
| 149 | if (sizeof(p) == 8) /* 64-bit */ | ||
| 150 | return p->i[2]; | ||
| 151 | else if ((size_t)p & 2) | ||
| 152 | { p = (void *)((size_t)p&~3UL); | ||
| 153 | return p->i[0]; | ||
| 154 | } | ||
| 155 | else | ||
| 156 | return (void *)p; | ||
| 157 | # elif defined(__ia64) || defined(__ia64__) | ||
| 158 | struct { unsigned long long ip,gp; } *p=(void *)instruction_pointer; | ||
| 159 | return (void *)(size_t)p->ip; | ||
| 160 | # endif | ||
| 161 | #elif (defined(__VMS) || defined(VMS)) && !(defined(vax) || defined(__vax__)) | ||
| 162 | /* applies to both alpha and ia64 */ | ||
| 163 | struct { unsigned __int64 opaque,ip; } *p=(void *)instruction_pointer; | ||
| 164 | return (void *)(size_t)p->ip; | ||
| 165 | #elif defined(__VOS__) | ||
| 166 | /* applies to both pa-risc and ia32 */ | ||
| 167 | struct { void *dp,*ip,*gp; } *p = (void *)instruction_pointer; | ||
| 168 | return p->ip; | ||
| 169 | #elif defined(_WIN32) | ||
| 170 | # if defined(_WIN64) && defined(_M_IA64) | ||
| 171 | struct { void *ip,*gp; } *p = (void *)FIPS_ref_point; | ||
| 172 | return p->ip; | ||
| 173 | # else | ||
| 174 | return (void *)FIPS_ref_point; | ||
| 175 | # endif | ||
| 176 | /* | ||
| 177 | * In case you wonder why there is no #ifdef __linux. All Linux targets | ||
| 178 | * are GCC-based and therefore are covered by instruction_pointer above | ||
| 179 | * [well, some are covered by by the one below]... | ||
| 180 | */ | ||
| 181 | #elif defined(POINTER_TO_FUNCTION_IS_POINTER_TO_1ST_INSTRUCTION) | ||
| 182 | return (void *)instruction_pointer; | ||
| 183 | #else | ||
| 184 | return NULL; | ||
| 185 | #endif | ||
| 186 | } | ||
diff --git a/src/lib/libssl/src/fips/fips_locl.h b/src/lib/libssl/src/fips/fips_locl.h index 215e382549..03fed36e3c 100644 --- a/src/lib/libssl/src/fips/fips_locl.h +++ b/src/lib/libssl/src/fips/fips_locl.h | |||
| @@ -53,13 +53,19 @@ | |||
| 53 | extern "C" { | 53 | extern "C" { |
| 54 | #endif | 54 | #endif |
| 55 | 55 | ||
| 56 | /* These are really defined in crypto/cryptlib.c */ | 56 | void fips_w_lock(void); |
| 57 | void fips_set_started(void); | 57 | void fips_w_unlock(void); |
| 58 | void fips_r_lock(void); | ||
| 59 | void fips_r_unlock(void); | ||
| 58 | int fips_is_started(void); | 60 | int fips_is_started(void); |
| 61 | void fips_set_started(void); | ||
| 59 | int fips_is_owning_thread(void); | 62 | int fips_is_owning_thread(void); |
| 60 | int fips_set_owning_thread(void); | 63 | int fips_set_owning_thread(void); |
| 64 | void fips_set_selftest_fail(void); | ||
| 61 | int fips_clear_owning_thread(void); | 65 | int fips_clear_owning_thread(void); |
| 62 | void fips_set_rand_check(void *rand_check); | 66 | unsigned char *fips_signature_witness(void); |
| 67 | |||
| 68 | #define FIPS_MAX_CIPHER_TEST_SIZE 16 | ||
| 63 | 69 | ||
| 64 | #ifdef __cplusplus | 70 | #ifdef __cplusplus |
| 65 | } | 71 | } |
diff --git a/src/lib/libssl/src/fips/fips_premain.c b/src/lib/libssl/src/fips/fips_premain.c new file mode 100644 index 0000000000..165d2c5dc9 --- /dev/null +++ b/src/lib/libssl/src/fips/fips_premain.c | |||
| @@ -0,0 +1,176 @@ | |||
| 1 | /* ==================================================================== | ||
| 2 | * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution | ||
| 3 | * and usage in source and binary forms are granted according to the | ||
| 4 | * OpenSSL license. | ||
| 5 | */ | ||
| 6 | |||
| 7 | #include <stdio.h> | ||
| 8 | #include <stdlib.h> | ||
| 9 | #include <string.h> | ||
| 10 | #if defined(__unix) || defined(__unix__) | ||
| 11 | #include <unistd.h> | ||
| 12 | #endif | ||
| 13 | |||
| 14 | #ifndef FINGERPRINT_PREMAIN_DSO_LOAD | ||
| 15 | |||
| 16 | #if defined(__GNUC__) && __GNUC__>=2 | ||
| 17 | void FINGERPRINT_premain(void) __attribute__((constructor)); | ||
| 18 | /* Most commonly this results in pointer to premain to be dropped | ||
| 19 | * to .ctors segment, which is traversed by GCC crtbegin.o upon | ||
| 20 | * program startup. Except on a.out OpenBSD where it results in | ||
| 21 | * _GLOBAL_$I$premain() {premain();} being auto-generated by | ||
| 22 | * compiler... But one way or another this is believed to cover | ||
| 23 | * *all* GCC targets. */ | ||
| 24 | #elif defined(_MSC_VER) | ||
| 25 | # ifdef _WINDLL | ||
| 26 | __declspec(dllexport) /* this is essentially cosmetics... */ | ||
| 27 | # endif | ||
| 28 | void FINGERPRINT_premain(void); | ||
| 29 | static int premain_wrapper(void) { FINGERPRINT_premain(); return 0; } | ||
| 30 | # ifdef _WIN64 | ||
| 31 | # pragma section(".CRT$XCU",read) | ||
| 32 | __declspec(allocate(".CRT$XCU")) | ||
| 33 | # else | ||
| 34 | # pragma data_seg(".CRT$XCU") | ||
| 35 | # endif | ||
| 36 | static int (*p)(void) = premain_wrapper; | ||
| 37 | /* This results in pointer to premain to appear in .CRT segment, | ||
| 38 | * which is traversed by Visual C run-time initialization code. | ||
| 39 | * This applies to both Win32 and [all flavors of] Win64. */ | ||
| 40 | # pragma data_seg() | ||
| 41 | #elif defined(__SUNPRO_C) | ||
| 42 | void FINGERPRINT_premain(void); | ||
| 43 | # pragma init(FINGERPRINT_premain) | ||
| 44 | /* This results in a call to premain to appear in .init segment. */ | ||
| 45 | #elif defined(__DECC) && (defined(__VMS) || defined(VMS)) | ||
| 46 | void FINGERPRINT_premain(void); | ||
| 47 | # pragma __nostandard | ||
| 48 | globaldef { "LIB$INITIALIZ" } readonly _align (LONGWORD) | ||
| 49 | int spare[8] = {0}; | ||
| 50 | globaldef { "LIB$INITIALIZE" } readonly _align (LONGWORD) | ||
| 51 | void (*x_FINGERPRINT_premain)(void) = FINGERPRINT_premain; | ||
| 52 | /* Refer to LIB$INITIALIZE to ensure it exists in the image. */ | ||
| 53 | int lib$initialize(); | ||
| 54 | globaldef int (*lib_init_ref)() = lib$initialize; | ||
| 55 | # pragma __standard | ||
| 56 | #elif 0 | ||
| 57 | The rest has to be taken care of through command line: | ||
| 58 | |||
| 59 | -Wl,-init,FINGERPRINT_premain on OSF1 and IRIX | ||
| 60 | -Wl,+init,FINGERPRINT_premain on HP-UX | ||
| 61 | -Wl,-binitfini:FINGERPRINT_premain on AIX | ||
| 62 | |||
| 63 | On ELF platforms this results in a call to premain to appear in | ||
| 64 | .init segment... | ||
| 65 | #endif | ||
| 66 | |||
| 67 | #ifndef HMAC_SHA1_SIG | ||
| 68 | #define HMAC_SHA1_SIG "?have to make sure this string is unique" | ||
| 69 | #endif | ||
| 70 | |||
| 71 | static const unsigned char FINGERPRINT_ascii_value[40] = HMAC_SHA1_SIG; | ||
| 72 | |||
| 73 | #define atox(c) ((c)>='a'?((c)-'a'+10):((c)>='A'?(c)-'A'+10:(c)-'0')) | ||
| 74 | |||
| 75 | extern const void *FIPS_text_start(), *FIPS_text_end(); | ||
| 76 | extern const unsigned char FIPS_rodata_start[], FIPS_rodata_end[]; | ||
| 77 | extern unsigned char FIPS_signature[20]; | ||
| 78 | extern unsigned int FIPS_incore_fingerprint(unsigned char *,unsigned int); | ||
| 79 | |||
| 80 | /* | ||
| 81 | * As name suggests this code is executed prior main(). We use this | ||
| 82 | * opportunity to fingerprint sequestered code in virtual address | ||
| 83 | * space of target application. | ||
| 84 | */ | ||
| 85 | void FINGERPRINT_premain(void) | ||
| 86 | { unsigned char sig[sizeof(FIPS_signature)]; | ||
| 87 | const unsigned char * volatile p=FINGERPRINT_ascii_value; | ||
| 88 | unsigned int len=sizeof(sig),i; | ||
| 89 | |||
| 90 | /* "volatilization" is done to disengage unwanted optimization... */ | ||
| 91 | if (*((volatile unsigned char *)p)=='?') | ||
| 92 | { if (FIPS_text_start()==NULL) | ||
| 93 | { fprintf(stderr,"FIPS_text_start() returns NULL\n"); | ||
| 94 | _exit(1); | ||
| 95 | } | ||
| 96 | #if defined(DEBUG_FINGERPRINT_PREMAIN) | ||
| 97 | fprintf(stderr,".text:%p+%d=%p\n",FIPS_text_start(), | ||
| 98 | (int)((size_t)FIPS_text_end()-(size_t)FIPS_text_start()), | ||
| 99 | FIPS_text_end()); | ||
| 100 | fprintf(stderr,".rodata:%p+%d=%p\n",FIPS_rodata_start, | ||
| 101 | (int)((size_t)FIPS_rodata_end-(size_t)FIPS_rodata_start), | ||
| 102 | FIPS_rodata_end); | ||
| 103 | #endif | ||
| 104 | |||
| 105 | len=FIPS_incore_fingerprint(sig,sizeof(sig)); | ||
| 106 | |||
| 107 | if (len!=sizeof(sig)) | ||
| 108 | { fprintf(stderr,"fingerprint length mismatch: %u\n",len); | ||
| 109 | _exit(1); | ||
| 110 | } | ||
| 111 | |||
| 112 | for (i=0;i<len;i++) printf("%02x",sig[i]); | ||
| 113 | printf("\n"); | ||
| 114 | fflush(stdout); | ||
| 115 | _exit(0); | ||
| 116 | } | ||
| 117 | else if (FIPS_signature[0]=='\0') do | ||
| 118 | { for (i=0;i<sizeof(FIPS_signature);i++,p+=2) | ||
| 119 | FIPS_signature[i] = (atox(p[0])<<4)|atox(p[1]); | ||
| 120 | |||
| 121 | #if defined(DEBUG_FINGERPRINT_PREMAIN) | ||
| 122 | if (getenv("OPENSSL_FIPS")==NULL) break; | ||
| 123 | |||
| 124 | len=FIPS_incore_fingerprint(sig,sizeof(sig)); | ||
| 125 | |||
| 126 | if (memcmp(FIPS_signature,sig,sizeof(FIPS_signature))) | ||
| 127 | { fprintf(stderr,"FINGERPRINT_premain: FIPS_signature mismatch\n"); | ||
| 128 | _exit(1); | ||
| 129 | } | ||
| 130 | #endif | ||
| 131 | } while(0); | ||
| 132 | } | ||
| 133 | |||
| 134 | #else | ||
| 135 | |||
| 136 | #include <openssl/bio.h> | ||
| 137 | #include <openssl/dso.h> | ||
| 138 | #include <openssl/err.h> | ||
| 139 | |||
| 140 | int main(int argc,char *argv[]) | ||
| 141 | { DSO *dso; | ||
| 142 | DSO_FUNC_TYPE func; | ||
| 143 | BIO *bio_err; | ||
| 144 | |||
| 145 | if (argc < 2) | ||
| 146 | { fprintf (stderr,"usage: %s libcrypto.dso\n",argv[0]); | ||
| 147 | return 1; | ||
| 148 | } | ||
| 149 | |||
| 150 | if ((bio_err=BIO_new(BIO_s_file())) == NULL) | ||
| 151 | { fprintf (stderr,"unable to allocate BIO\n"); | ||
| 152 | return 1; | ||
| 153 | } | ||
| 154 | BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); | ||
| 155 | ERR_load_crypto_strings(); | ||
| 156 | |||
| 157 | dso = DSO_load(NULL,argv[1],NULL,DSO_FLAG_NO_NAME_TRANSLATION); | ||
| 158 | if (dso == NULL) | ||
| 159 | { ERR_print_errors(bio_err); | ||
| 160 | return 1; | ||
| 161 | } | ||
| 162 | |||
| 163 | /* This is not normally reached, because FINGERPRINT_premain should | ||
| 164 | * have executed and terminated application already upon DSO_load... */ | ||
| 165 | func = DSO_bind_func(dso,"FINGERPRINT_premain"); | ||
| 166 | if (func == NULL) | ||
| 167 | { ERR_print_errors(bio_err); | ||
| 168 | return 1; | ||
| 169 | } | ||
| 170 | |||
| 171 | (*func)(); | ||
| 172 | |||
| 173 | return 0; | ||
| 174 | } | ||
| 175 | |||
| 176 | #endif | ||
diff --git a/src/lib/libssl/src/fips/fips_premain.c.sha1 b/src/lib/libssl/src/fips/fips_premain.c.sha1 new file mode 100644 index 0000000000..c16f964bb8 --- /dev/null +++ b/src/lib/libssl/src/fips/fips_premain.c.sha1 | |||
| @@ -0,0 +1 @@ | |||
| HMAC-SHA1(fips_premain.c)= 9e5ddba185ac446e0cf36fcf8e1b3acffe5d0b2c | |||
diff --git a/src/lib/libssl/src/fips/fips_test_suite.c b/src/lib/libssl/src/fips/fips_test_suite.c index 60ee8d856b..78a15b7758 100644 --- a/src/lib/libssl/src/fips/fips_test_suite.c +++ b/src/lib/libssl/src/fips/fips_test_suite.c | |||
| @@ -20,12 +20,15 @@ | |||
| 20 | #include <openssl/des.h> | 20 | #include <openssl/des.h> |
| 21 | #include <openssl/rsa.h> | 21 | #include <openssl/rsa.h> |
| 22 | #include <openssl/dsa.h> | 22 | #include <openssl/dsa.h> |
| 23 | #include <openssl/sha.h> | 23 | #include <openssl/dh.h> |
| 24 | #include <openssl/md5.h> | 24 | #include <openssl/hmac.h> |
| 25 | #include <openssl/err.h> | 25 | #include <openssl/err.h> |
| 26 | #include <openssl/fips.h> | 26 | |
| 27 | #include <openssl/bn.h> | 27 | #include <openssl/bn.h> |
| 28 | #include <openssl/rand.h> | 28 | #include <openssl/rand.h> |
| 29 | #include <openssl/sha.h> | ||
| 30 | |||
| 31 | |||
| 29 | #ifndef OPENSSL_FIPS | 32 | #ifndef OPENSSL_FIPS |
| 30 | int main(int argc, char *argv[]) | 33 | int main(int argc, char *argv[]) |
| 31 | { | 34 | { |
| @@ -34,150 +37,338 @@ int main(int argc, char *argv[]) | |||
| 34 | } | 37 | } |
| 35 | #else | 38 | #else |
| 36 | 39 | ||
| 40 | #include <openssl/fips.h> | ||
| 41 | #include "fips_utl.h" | ||
| 42 | |||
| 37 | /* AES: encrypt and decrypt known plaintext, verify result matches original plaintext | 43 | /* AES: encrypt and decrypt known plaintext, verify result matches original plaintext |
| 38 | */ | 44 | */ |
| 39 | static int FIPS_aes_test() | 45 | static int FIPS_aes_test(void) |
| 46 | { | ||
| 47 | int ret = 0; | ||
| 48 | unsigned char pltmp[16]; | ||
| 49 | unsigned char citmp[16]; | ||
| 50 | unsigned char key[16] = { 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16}; | ||
| 51 | unsigned char plaintext[16] = "etaonrishdlcu"; | ||
| 52 | EVP_CIPHER_CTX ctx; | ||
| 53 | EVP_CIPHER_CTX_init(&ctx); | ||
| 54 | if (EVP_CipherInit_ex(&ctx, EVP_aes_128_ecb(),NULL, key, NULL, 1) <= 0) | ||
| 55 | goto err; | ||
| 56 | EVP_Cipher(&ctx, citmp, plaintext, 16); | ||
| 57 | if (EVP_CipherInit_ex(&ctx, EVP_aes_128_ecb(),NULL, key, NULL, 0) <= 0) | ||
| 58 | goto err; | ||
| 59 | EVP_Cipher(&ctx, pltmp, citmp, 16); | ||
| 60 | if (memcmp(pltmp, plaintext, 16)) | ||
| 61 | goto err; | ||
| 62 | ret = 1; | ||
| 63 | err: | ||
| 64 | EVP_CIPHER_CTX_cleanup(&ctx); | ||
| 65 | return ret; | ||
| 66 | } | ||
| 67 | |||
| 68 | static int FIPS_des3_test(void) | ||
| 69 | { | ||
| 70 | int ret = 0; | ||
| 71 | unsigned char pltmp[8]; | ||
| 72 | unsigned char citmp[8]; | ||
| 73 | unsigned char key[] = { 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18, | ||
| 74 | 19,20,21,22,23,24}; | ||
| 75 | unsigned char plaintext[] = { 'e', 't', 'a', 'o', 'n', 'r', 'i', 's' }; | ||
| 76 | EVP_CIPHER_CTX ctx; | ||
| 77 | EVP_CIPHER_CTX_init(&ctx); | ||
| 78 | if (EVP_CipherInit_ex(&ctx, EVP_des_ede3_ecb(),NULL, key, NULL, 1) <= 0) | ||
| 79 | goto err; | ||
| 80 | EVP_Cipher(&ctx, citmp, plaintext, 8); | ||
| 81 | if (EVP_CipherInit_ex(&ctx, EVP_des_ede3_ecb(),NULL, key, NULL, 0) <= 0) | ||
| 82 | goto err; | ||
| 83 | EVP_Cipher(&ctx, pltmp, citmp, 8); | ||
| 84 | if (memcmp(pltmp, plaintext, 8)) | ||
| 85 | goto err; | ||
| 86 | ret = 1; | ||
| 87 | err: | ||
| 88 | EVP_CIPHER_CTX_cleanup(&ctx); | ||
| 89 | return ret; | ||
| 90 | } | ||
| 91 | |||
| 92 | /* | ||
| 93 | * DSA: generate keys and sign, verify input plaintext. | ||
| 94 | */ | ||
| 95 | static int FIPS_dsa_test(int bad) | ||
| 40 | { | 96 | { |
| 41 | unsigned char userkey[16] = { 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xf0, 0x0d }; | 97 | DSA *dsa = NULL; |
| 42 | unsigned char plaintext[16] = "etaonrishdlcu"; | 98 | EVP_PKEY pk; |
| 43 | unsigned char ciphertext[16]; | 99 | unsigned char dgst[] = "etaonrishdlc"; |
| 44 | unsigned char buf[16]; | 100 | unsigned char buf[60]; |
| 45 | AES_KEY key; | 101 | unsigned int slen; |
| 46 | AES_KEY dkey; | 102 | int r = 0; |
| 103 | EVP_MD_CTX mctx; | ||
| 47 | 104 | ||
| 48 | ERR_clear_error(); | 105 | ERR_clear_error(); |
| 49 | if (AES_set_encrypt_key( userkey, 128, &key )) | 106 | EVP_MD_CTX_init(&mctx); |
| 107 | dsa = FIPS_dsa_new(); | ||
| 108 | if (!dsa) | ||
| 109 | goto end; | ||
| 110 | if (!DSA_generate_parameters_ex(dsa, 1024,NULL,0,NULL,NULL,NULL)) | ||
| 111 | goto end; | ||
| 112 | if (!DSA_generate_key(dsa)) | ||
| 113 | goto end; | ||
| 114 | if (bad) | ||
| 115 | BN_add_word(dsa->pub_key, 1); | ||
| 116 | |||
| 117 | pk.type = EVP_PKEY_DSA; | ||
| 118 | pk.pkey.dsa = dsa; | ||
| 119 | |||
| 120 | if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL)) | ||
| 121 | goto end; | ||
| 122 | if (!EVP_SignUpdate(&mctx, dgst, sizeof(dgst) - 1)) | ||
| 123 | goto end; | ||
| 124 | if (!EVP_SignFinal(&mctx, buf, &slen, &pk)) | ||
| 125 | goto end; | ||
| 126 | |||
| 127 | if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL)) | ||
| 128 | goto end; | ||
| 129 | if (!EVP_VerifyUpdate(&mctx, dgst, sizeof(dgst) - 1)) | ||
| 130 | goto end; | ||
| 131 | r = EVP_VerifyFinal(&mctx, buf, slen, &pk); | ||
| 132 | end: | ||
| 133 | EVP_MD_CTX_cleanup(&mctx); | ||
| 134 | if (dsa) | ||
| 135 | FIPS_dsa_free(dsa); | ||
| 136 | if (r != 1) | ||
| 137 | return 0; | ||
| 138 | return 1; | ||
| 139 | } | ||
| 140 | |||
| 141 | /* | ||
| 142 | * RSA: generate keys and sign, verify input plaintext. | ||
| 143 | */ | ||
| 144 | static int FIPS_rsa_test(int bad) | ||
| 145 | { | ||
| 146 | RSA *key; | ||
| 147 | unsigned char input_ptext[] = "etaonrishdlc"; | ||
| 148 | unsigned char buf[256]; | ||
| 149 | unsigned int slen; | ||
| 150 | BIGNUM *bn; | ||
| 151 | EVP_MD_CTX mctx; | ||
| 152 | EVP_PKEY pk; | ||
| 153 | int r = 0; | ||
| 154 | |||
| 155 | ERR_clear_error(); | ||
| 156 | EVP_MD_CTX_init(&mctx); | ||
| 157 | key = FIPS_rsa_new(); | ||
| 158 | bn = BN_new(); | ||
| 159 | if (!key || !bn) | ||
| 50 | return 0; | 160 | return 0; |
| 51 | AES_encrypt( plaintext, ciphertext, &key); | 161 | BN_set_word(bn, 65537); |
| 52 | if (AES_set_decrypt_key( userkey, 128, &dkey )) | 162 | if (!RSA_generate_key_ex(key, 1024,bn,NULL)) |
| 163 | return 0; | ||
| 164 | BN_free(bn); | ||
| 165 | if (bad) | ||
| 166 | BN_add_word(key->n, 1); | ||
| 167 | |||
| 168 | pk.type = EVP_PKEY_RSA; | ||
| 169 | pk.pkey.rsa = key; | ||
| 170 | |||
| 171 | if (!EVP_SignInit_ex(&mctx, EVP_sha1(), NULL)) | ||
| 172 | goto end; | ||
| 173 | if (!EVP_SignUpdate(&mctx, input_ptext, sizeof(input_ptext) - 1)) | ||
| 174 | goto end; | ||
| 175 | if (!EVP_SignFinal(&mctx, buf, &slen, &pk)) | ||
| 176 | goto end; | ||
| 177 | |||
| 178 | if (!EVP_VerifyInit_ex(&mctx, EVP_sha1(), NULL)) | ||
| 179 | goto end; | ||
| 180 | if (!EVP_VerifyUpdate(&mctx, input_ptext, sizeof(input_ptext) - 1)) | ||
| 181 | goto end; | ||
| 182 | r = EVP_VerifyFinal(&mctx, buf, slen, &pk); | ||
| 183 | end: | ||
| 184 | EVP_MD_CTX_cleanup(&mctx); | ||
| 185 | if (key) | ||
| 186 | FIPS_rsa_free(key); | ||
| 187 | if (r != 1) | ||
| 188 | return 0; | ||
| 189 | return 1; | ||
| 190 | } | ||
| 191 | |||
| 192 | /* SHA1: generate hash of known digest value and compare to known | ||
| 193 | precomputed correct hash | ||
| 194 | */ | ||
| 195 | static int FIPS_sha1_test() | ||
| 196 | { | ||
| 197 | unsigned char digest[SHA_DIGEST_LENGTH] = | ||
| 198 | { 0x11, 0xf1, 0x9a, 0x3a, 0xec, 0x1a, 0x1e, 0x8e, 0x65, 0xd4, 0x9a, 0x38, 0x0c, 0x8b, 0x1e, 0x2c, 0xe8, 0xb3, 0xc5, 0x18 }; | ||
| 199 | unsigned char str[] = "etaonrishd"; | ||
| 200 | |||
| 201 | unsigned char md[SHA_DIGEST_LENGTH]; | ||
| 202 | |||
| 203 | ERR_clear_error(); | ||
| 204 | if (!EVP_Digest(str,sizeof(str) - 1,md, NULL, EVP_sha1(), NULL)) return 0; | ||
| 205 | if (memcmp(md,digest,sizeof(md))) | ||
| 53 | return 0; | 206 | return 0; |
| 54 | AES_decrypt( ciphertext, buf, &dkey); | 207 | return 1; |
| 55 | if (memcmp(buf, plaintext, sizeof(buf))) | 208 | } |
| 209 | |||
| 210 | /* SHA256: generate hash of known digest value and compare to known | ||
| 211 | precomputed correct hash | ||
| 212 | */ | ||
| 213 | static int FIPS_sha256_test() | ||
| 214 | { | ||
| 215 | unsigned char digest[SHA256_DIGEST_LENGTH] = | ||
| 216 | {0xf5, 0x53, 0xcd, 0xb8, 0xcf, 0x1, 0xee, 0x17, 0x9b, 0x93, 0xc9, 0x68, 0xc0, 0xea, 0x40, 0x91, | ||
| 217 | 0x6, 0xec, 0x8e, 0x11, 0x96, 0xc8, 0x5d, 0x1c, 0xaf, 0x64, 0x22, 0xe6, 0x50, 0x4f, 0x47, 0x57}; | ||
| 218 | unsigned char str[] = "etaonrishd"; | ||
| 219 | |||
| 220 | unsigned char md[SHA256_DIGEST_LENGTH]; | ||
| 221 | |||
| 222 | ERR_clear_error(); | ||
| 223 | if (!EVP_Digest(str,sizeof(str) - 1,md, NULL, EVP_sha256(), NULL)) return 0; | ||
| 224 | if (memcmp(md,digest,sizeof(md))) | ||
| 56 | return 0; | 225 | return 0; |
| 57 | return 1; | 226 | return 1; |
| 58 | } | 227 | } |
| 59 | 228 | ||
| 60 | /* DES: encrypt and decrypt known plaintext, verify result matches original plaintext | 229 | /* SHA512: generate hash of known digest value and compare to known |
| 230 | precomputed correct hash | ||
| 61 | */ | 231 | */ |
| 62 | static int FIPS_des_test() | 232 | static int FIPS_sha512_test() |
| 63 | { | 233 | { |
| 64 | DES_cblock userkey = { 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xf0, 0x0d }; | 234 | unsigned char digest[SHA512_DIGEST_LENGTH] = |
| 65 | DES_cblock plaintext = { 'e', 't', 'a', 'o', 'n', 'r', 'i', 's' }; | 235 | {0x99, 0xc9, 0xe9, 0x5b, 0x88, 0xd4, 0x78, 0x88, 0xdf, 0x88, 0x5f, 0x94, 0x71, 0x64, 0x28, 0xca, |
| 236 | 0x16, 0x1f, 0x3d, 0xf4, 0x1f, 0xf3, 0x0f, 0xc5, 0x03, 0x99, 0xb2, 0xd0, 0xe7, 0x0b, 0x94, 0x4a, | ||
| 237 | 0x45, 0xd2, 0x6c, 0x4f, 0x20, 0x06, 0xef, 0x71, 0xa9, 0x25, 0x7f, 0x24, 0xb1, 0xd9, 0x40, 0x22, | ||
| 238 | 0x49, 0x54, 0x10, 0xc2, 0x22, 0x9d, 0x27, 0xfe, 0xbd, 0xd6, 0xd6, 0xeb, 0x2d, 0x42, 0x1d, 0xa3}; | ||
| 239 | unsigned char str[] = "etaonrishd"; | ||
| 66 | 240 | ||
| 67 | DES_key_schedule key; | 241 | unsigned char md[SHA512_DIGEST_LENGTH]; |
| 68 | DES_cblock ciphertext; | ||
| 69 | DES_cblock buf; | ||
| 70 | 242 | ||
| 71 | ERR_clear_error(); | 243 | ERR_clear_error(); |
| 72 | if (DES_set_key(&userkey, &key) < 0) | 244 | if (!EVP_Digest(str,sizeof(str) - 1,md, NULL, EVP_sha512(), NULL)) return 0; |
| 245 | if (memcmp(md,digest,sizeof(md))) | ||
| 73 | return 0; | 246 | return 0; |
| 74 | DES_ecb_encrypt( &plaintext, &ciphertext, &key, 1); | 247 | return 1; |
| 75 | DES_ecb_encrypt( &ciphertext, &buf, &key, 0); | 248 | } |
| 76 | if (memcmp(buf, plaintext, sizeof(buf))) | 249 | |
| 250 | /* HMAC-SHA1: generate hash of known digest value and compare to known | ||
| 251 | precomputed correct hash | ||
| 252 | */ | ||
| 253 | static int FIPS_hmac_sha1_test() | ||
| 254 | { | ||
| 255 | unsigned char key[] = "etaonrishd"; | ||
| 256 | unsigned char iv[] = "Sample text"; | ||
| 257 | unsigned char kaval[EVP_MAX_MD_SIZE] = | ||
| 258 | {0x73, 0xf7, 0xa0, 0x48, 0xf8, 0x94, 0xed, 0xdd, 0x0a, 0xea, 0xea, 0x56, 0x1b, 0x61, 0x2e, 0x70, | ||
| 259 | 0xb2, 0xfb, 0xec, 0xc6}; | ||
| 260 | |||
| 261 | unsigned char out[EVP_MAX_MD_SIZE]; | ||
| 262 | unsigned int outlen; | ||
| 263 | |||
| 264 | ERR_clear_error(); | ||
| 265 | if (!HMAC(EVP_sha1(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0; | ||
| 266 | if (memcmp(out,kaval,outlen)) | ||
| 77 | return 0; | 267 | return 0; |
| 78 | return 1; | 268 | return 1; |
| 79 | } | 269 | } |
| 80 | 270 | ||
| 81 | /* DSA: generate key and sign a known digest, then verify the signature | 271 | /* HMAC-SHA224: generate hash of known digest value and compare to known |
| 82 | * against the digest | 272 | precomputed correct hash |
| 83 | */ | 273 | */ |
| 84 | static int FIPS_dsa_test() | 274 | static int FIPS_hmac_sha224_test() |
| 85 | { | 275 | { |
| 86 | DSA *dsa = NULL; | 276 | unsigned char key[] = "etaonrishd"; |
| 87 | unsigned char dgst[] = "etaonrishdlc"; | 277 | unsigned char iv[] = "Sample text"; |
| 88 | unsigned char sig[256]; | 278 | unsigned char kaval[EVP_MAX_MD_SIZE] = |
| 89 | unsigned int siglen; | 279 | {0x75, 0x58, 0xd5, 0xbd, 0x55, 0x6d, 0x87, 0x0f, 0x75, 0xff, 0xbe, 0x1c, 0xb2, 0xf0, 0x20, 0x35, |
| 280 | 0xe5, 0x62, 0x49, 0xb6, 0x94, 0xb9, 0xfc, 0x65, 0x34, 0x33, 0x3a, 0x19}; | ||
| 281 | |||
| 282 | unsigned char out[EVP_MAX_MD_SIZE]; | ||
| 283 | unsigned int outlen; | ||
| 90 | 284 | ||
| 91 | ERR_clear_error(); | 285 | ERR_clear_error(); |
| 92 | dsa = DSA_generate_parameters(512,NULL,0,NULL,NULL,NULL,NULL); | 286 | if (!HMAC(EVP_sha224(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0; |
| 93 | if (!dsa) | 287 | if (memcmp(out,kaval,outlen)) |
| 94 | return 0; | 288 | return 0; |
| 95 | if (!DSA_generate_key(dsa)) | ||
| 96 | return 0; | ||
| 97 | if ( DSA_sign(0,dgst,sizeof(dgst) - 1,sig,&siglen,dsa) != 1 ) | ||
| 98 | return 0; | ||
| 99 | if ( DSA_verify(0,dgst,sizeof(dgst) - 1,sig,siglen,dsa) != 1 ) | ||
| 100 | return 0; | ||
| 101 | DSA_free(dsa); | ||
| 102 | return 1; | 289 | return 1; |
| 103 | } | 290 | } |
| 104 | 291 | ||
| 105 | /* RSA: generate keys and encrypt and decrypt known plaintext, verify result | 292 | /* HMAC-SHA256: generate hash of known digest value and compare to known |
| 106 | * matches the original plaintext | 293 | precomputed correct hash |
| 107 | */ | 294 | */ |
| 108 | static int FIPS_rsa_test() | 295 | static int FIPS_hmac_sha256_test() |
| 109 | { | 296 | { |
| 110 | RSA *key; | 297 | unsigned char key[] = "etaonrishd"; |
| 111 | unsigned char input_ptext[] = "etaonrishdlc"; | 298 | unsigned char iv[] = "Sample text"; |
| 112 | unsigned char ctext[256]; | 299 | unsigned char kaval[EVP_MAX_MD_SIZE] = |
| 113 | unsigned char ptext[256]; | 300 | {0xe9, 0x17, 0xc1, 0x7b, 0x4c, 0x6b, 0x77, 0xda, 0xd2, 0x30, 0x36, 0x02, 0xf5, 0x72, 0x33, 0x87, |
| 114 | int n; | 301 | 0x9f, 0xc6, 0x6e, 0x7b, 0x7e, 0xa8, 0xea, 0xaa, 0x9f, 0xba, 0xee, 0x51, 0xff, 0xda, 0x24, 0xf4}; |
| 302 | |||
| 303 | unsigned char out[EVP_MAX_MD_SIZE]; | ||
| 304 | unsigned int outlen; | ||
| 115 | 305 | ||
| 116 | ERR_clear_error(); | 306 | ERR_clear_error(); |
| 117 | key = RSA_generate_key(1024,65537,NULL,NULL); | 307 | if (!HMAC(EVP_sha256(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0; |
| 118 | if (!key) | 308 | if (memcmp(out,kaval,outlen)) |
| 119 | return 0; | ||
| 120 | n = RSA_size(key); | ||
| 121 | n = RSA_public_encrypt(sizeof(input_ptext) - 1,input_ptext,ctext,key,RSA_PKCS1_PADDING); | ||
| 122 | if (n < 0) | ||
| 123 | return 0; | ||
| 124 | n = RSA_private_decrypt(n,ctext,ptext,key,RSA_PKCS1_PADDING); | ||
| 125 | if (n < 0) | ||
| 126 | return 0; | ||
| 127 | RSA_free(key); | ||
| 128 | if (memcmp(input_ptext,ptext,sizeof(input_ptext) - 1)) | ||
| 129 | return 0; | 309 | return 0; |
| 130 | return 1; | 310 | return 1; |
| 131 | } | 311 | } |
| 132 | 312 | ||
| 133 | /* SHA1: generate hash of known digest value and compare to known | 313 | /* HMAC-SHA384: generate hash of known digest value and compare to known |
| 134 | precomputed correct hash | 314 | precomputed correct hash |
| 135 | */ | 315 | */ |
| 136 | static int FIPS_sha1_test() | 316 | static int FIPS_hmac_sha384_test() |
| 137 | { | 317 | { |
| 138 | unsigned char digest[SHA_DIGEST_LENGTH] = | 318 | unsigned char key[] = "etaonrishd"; |
| 139 | { 0x11, 0xf1, 0x9a, 0x3a, 0xec, 0x1a, 0x1e, 0x8e, 0x65, 0xd4, 0x9a, 0x38, 0x0c, 0x8b, 0x1e, 0x2c, 0xe8, 0xb3, 0xc5, 0x18 }; | 319 | unsigned char iv[] = "Sample text"; |
| 140 | unsigned char str[] = "etaonrishd"; | 320 | unsigned char kaval[EVP_MAX_MD_SIZE] = |
| 321 | {0xb2, 0x9d, 0x40, 0x58, 0x32, 0xc4, 0xe3, 0x31, 0xb6, 0x63, 0x08, 0x26, 0x99, 0xef, 0x3b, 0x10, | ||
| 322 | 0xe2, 0xdf, 0xf8, 0xff, 0xc6, 0xe1, 0x03, 0x29, 0x81, 0x2a, 0x1b, 0xac, 0xb0, 0x07, 0x39, 0x08, | ||
| 323 | 0xf3, 0x91, 0x35, 0x11, 0x76, 0xd6, 0x4c, 0x20, 0xfb, 0x4d, 0xc3, 0xf3, 0xb8, 0x9b, 0x88, 0x1c}; | ||
| 141 | 324 | ||
| 142 | unsigned char md[SHA_DIGEST_LENGTH]; | 325 | unsigned char out[EVP_MAX_MD_SIZE]; |
| 326 | unsigned int outlen; | ||
| 143 | 327 | ||
| 144 | ERR_clear_error(); | 328 | ERR_clear_error(); |
| 145 | if (!SHA1(str,sizeof(str) - 1,md)) return 0; | 329 | if (!HMAC(EVP_sha384(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0; |
| 146 | if (memcmp(md,digest,sizeof(md))) | 330 | if (memcmp(out,kaval,outlen)) |
| 147 | return 0; | 331 | return 0; |
| 148 | return 1; | 332 | return 1; |
| 149 | } | 333 | } |
| 150 | 334 | ||
| 151 | /* MD5: generate hash of known digest value and compare to known | 335 | /* HMAC-SHA512: generate hash of known digest value and compare to known |
| 152 | precomputed correct hash | 336 | precomputed correct hash |
| 153 | */ | 337 | */ |
| 154 | static int md5_test() | 338 | static int FIPS_hmac_sha512_test() |
| 155 | { | 339 | { |
| 156 | unsigned char digest[MD5_DIGEST_LENGTH] = | 340 | unsigned char key[] = "etaonrishd"; |
| 157 | { 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 }; | 341 | unsigned char iv[] = "Sample text"; |
| 158 | unsigned char str[] = "etaonrishd"; | 342 | unsigned char kaval[EVP_MAX_MD_SIZE] = |
| 343 | {0xcd, 0x3e, 0xb9, 0x51, 0xb8, 0xbc, 0x7f, 0x9a, 0x23, 0xaf, 0xf3, 0x77, 0x59, 0x85, 0xa9, 0xe6, | ||
| 344 | 0xf7, 0xd1, 0x51, 0x96, 0x17, 0xe0, 0x92, 0xd8, 0xa6, 0x3b, 0xc1, 0xad, 0x7e, 0x24, 0xca, 0xb1, | ||
| 345 | 0xd7, 0x79, 0x0a, 0xa5, 0xea, 0x2c, 0x02, 0x58, 0x0b, 0xa6, 0x52, 0x6b, 0x61, 0x7f, 0xeb, 0x9c, | ||
| 346 | 0x47, 0x86, 0x5d, 0x74, 0x2b, 0x88, 0xdf, 0xee, 0x46, 0x69, 0x96, 0x3d, 0xa6, 0xd9, 0x2a, 0x53}; | ||
| 159 | 347 | ||
| 160 | unsigned char md[MD5_DIGEST_LENGTH]; | 348 | unsigned char out[EVP_MAX_MD_SIZE]; |
| 349 | unsigned int outlen; | ||
| 161 | 350 | ||
| 162 | ERR_clear_error(); | 351 | ERR_clear_error(); |
| 163 | if (!MD5(str,sizeof(str) - 1,md)) | 352 | if (!HMAC(EVP_sha512(),key,sizeof(key)-1,iv,sizeof(iv)-1,out,&outlen)) return 0; |
| 164 | return 0; | 353 | if (memcmp(out,kaval,outlen)) |
| 165 | if (memcmp(md,digest,sizeof(md))) | 354 | return 0; |
| 166 | return 0; | ||
| 167 | return 1; | 355 | return 1; |
| 168 | } | 356 | } |
| 169 | 357 | ||
| 358 | |||
| 170 | /* DH: generate shared parameters | 359 | /* DH: generate shared parameters |
| 171 | */ | 360 | */ |
| 172 | static int dh_test() | 361 | static int dh_test() |
| 173 | { | 362 | { |
| 174 | DH *dh; | 363 | DH *dh; |
| 175 | |||
| 176 | ERR_clear_error(); | 364 | ERR_clear_error(); |
| 177 | dh = DH_generate_parameters(256, 2, NULL, NULL); | 365 | dh = FIPS_dh_new(); |
| 178 | if (dh) | 366 | if (!dh) |
| 179 | return 1; | 367 | return 0; |
| 180 | return 0; | 368 | if (!DH_generate_parameters_ex(dh, 1024, 2, NULL)) |
| 369 | return 0; | ||
| 370 | FIPS_dh_free(dh); | ||
| 371 | return 1; | ||
| 181 | } | 372 | } |
| 182 | 373 | ||
| 183 | /* Zeroize | 374 | /* Zeroize |
| @@ -185,18 +376,27 @@ static int dh_test() | |||
| 185 | static int Zeroize() | 376 | static int Zeroize() |
| 186 | { | 377 | { |
| 187 | RSA *key; | 378 | RSA *key; |
| 379 | BIGNUM *bn; | ||
| 188 | unsigned char userkey[16] = | 380 | unsigned char userkey[16] = |
| 189 | { 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 }; | 381 | { 0x48, 0x50, 0xf0, 0xa3, 0x3a, 0xed, 0xd3, 0xaf, 0x6e, 0x47, 0x7f, 0x83, 0x02, 0xb1, 0x09, 0x68 }; |
| 190 | int i, n; | 382 | int i, n; |
| 191 | 383 | ||
| 192 | key = RSA_generate_key(1024,65537,NULL,NULL); | 384 | key = FIPS_rsa_new(); |
| 193 | if (!key) | 385 | bn = BN_new(); |
| 386 | if (!key || !bn) | ||
| 387 | return 0; | ||
| 388 | BN_set_word(bn, 65537); | ||
| 389 | if (!RSA_generate_key_ex(key, 1024,bn,NULL)) | ||
| 194 | return 0; | 390 | return 0; |
| 391 | BN_free(bn); | ||
| 392 | |||
| 195 | n = BN_num_bytes(key->d); | 393 | n = BN_num_bytes(key->d); |
| 196 | printf(" Generated %d byte RSA private key\n", n); | 394 | printf(" Generated %d byte RSA private key\n", n); |
| 197 | printf("\tBN key before overwriting:\n%s\n", BN_bn2hex(key->d)); | 395 | printf("\tBN key before overwriting:\n"); |
| 396 | do_bn_print(stdout, key->d); | ||
| 198 | BN_rand(key->d,n*8,-1,0); | 397 | BN_rand(key->d,n*8,-1,0); |
| 199 | printf("\tBN key after overwriting:\n%s\n", BN_bn2hex(key->d)); | 398 | printf("\tBN key after overwriting:\n"); |
| 399 | do_bn_print(stdout, key->d); | ||
| 200 | 400 | ||
| 201 | printf("\tchar buffer key before overwriting: \n\t\t"); | 401 | printf("\tchar buffer key before overwriting: \n\t\t"); |
| 202 | for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]); | 402 | for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]); |
| @@ -212,6 +412,7 @@ static int Zeroize() | |||
| 212 | static int Error; | 412 | static int Error; |
| 213 | const char * Fail(const char *msg) | 413 | const char * Fail(const char *msg) |
| 214 | { | 414 | { |
| 415 | do_print_errors(); | ||
| 215 | Error++; | 416 | Error++; |
| 216 | return msg; | 417 | return msg; |
| 217 | } | 418 | } |
| @@ -219,6 +420,11 @@ const char * Fail(const char *msg) | |||
| 219 | int main(int argc,char **argv) | 420 | int main(int argc,char **argv) |
| 220 | { | 421 | { |
| 221 | 422 | ||
| 423 | int do_corrupt_rsa_keygen = 0, do_corrupt_dsa_keygen = 0; | ||
| 424 | int bad_rsa = 0, bad_dsa = 0; | ||
| 425 | int do_rng_stick = 0; | ||
| 426 | int no_exit = 0; | ||
| 427 | |||
| 222 | printf("\tFIPS-mode test application\n\n"); | 428 | printf("\tFIPS-mode test application\n\n"); |
| 223 | 429 | ||
| 224 | /* Load entropy from external file, if any */ | 430 | /* Load entropy from external file, if any */ |
| @@ -228,72 +434,79 @@ int main(int argc,char **argv) | |||
| 228 | /* Corrupted KAT tests */ | 434 | /* Corrupted KAT tests */ |
| 229 | if (!strcmp(argv[1], "aes")) { | 435 | if (!strcmp(argv[1], "aes")) { |
| 230 | FIPS_corrupt_aes(); | 436 | FIPS_corrupt_aes(); |
| 231 | printf("3. AES encryption/decryption with corrupted KAT...\n"); | 437 | printf("AES encryption/decryption with corrupted KAT...\n"); |
| 232 | } else if (!strcmp(argv[1], "des")) { | 438 | } else if (!strcmp(argv[1], "des")) { |
| 233 | FIPS_corrupt_des(); | 439 | FIPS_corrupt_des(); |
| 234 | printf("5. DES-ECB encryption/decryption with corrupted KAT...\n"); | 440 | printf("DES3-ECB encryption/decryption with corrupted KAT...\n"); |
| 235 | } else if (!strcmp(argv[1], "dsa")) { | 441 | } else if (!strcmp(argv[1], "dsa")) { |
| 236 | FIPS_corrupt_dsa(); | 442 | FIPS_corrupt_dsa(); |
| 237 | printf("6. DSA key generation and signature validation with corrupted KAT...\n"); | 443 | printf("DSA key generation and signature validation with corrupted KAT...\n"); |
| 238 | } else if (!strcmp(argv[1], "rsa")) { | 444 | } else if (!strcmp(argv[1], "rsa")) { |
| 239 | FIPS_corrupt_rsa(); | 445 | FIPS_corrupt_rsa(); |
| 240 | printf("4. RSA key generation and encryption/decryption with corrupted KAT...\n"); | 446 | printf("RSA key generation and signature validation with corrupted KAT...\n"); |
| 447 | } else if (!strcmp(argv[1], "rsakey")) { | ||
| 448 | printf("RSA key generation and signature validation with corrupted key...\n"); | ||
| 449 | bad_rsa = 1; | ||
| 450 | no_exit = 1; | ||
| 451 | } else if (!strcmp(argv[1], "rsakeygen")) { | ||
| 452 | do_corrupt_rsa_keygen = 1; | ||
| 453 | no_exit = 1; | ||
| 454 | printf("RSA key generation and signature validation with corrupted keygen...\n"); | ||
| 455 | } else if (!strcmp(argv[1], "dsakey")) { | ||
| 456 | printf("DSA key generation and signature validation with corrupted key...\n"); | ||
| 457 | bad_dsa = 1; | ||
| 458 | no_exit = 1; | ||
| 459 | } else if (!strcmp(argv[1], "dsakeygen")) { | ||
| 460 | do_corrupt_dsa_keygen = 1; | ||
| 461 | no_exit = 1; | ||
| 462 | printf("DSA key generation and signature validation with corrupted keygen...\n"); | ||
| 241 | } else if (!strcmp(argv[1], "sha1")) { | 463 | } else if (!strcmp(argv[1], "sha1")) { |
| 242 | FIPS_corrupt_sha1(); | 464 | FIPS_corrupt_sha1(); |
| 243 | printf("7. SHA-1 hash with corrupted KAT...\n"); | 465 | printf("SHA-1 hash with corrupted KAT...\n"); |
| 466 | } else if (!strcmp(argv[1], "rng")) { | ||
| 467 | FIPS_corrupt_rng(); | ||
| 468 | } else if (!strcmp(argv[1], "rngstick")) { | ||
| 469 | do_rng_stick = 1; | ||
| 470 | no_exit = 1; | ||
| 471 | printf("RNG test with stuck continuous test...\n"); | ||
| 244 | } else { | 472 | } else { |
| 245 | printf("Bad argument \"%s\"\n", argv[1]); | 473 | printf("Bad argument \"%s\"\n", argv[1]); |
| 246 | exit(1); | 474 | exit(1); |
| 247 | } | 475 | } |
| 248 | if (!FIPS_mode_set(1,argv[0])) | 476 | if (!no_exit) { |
| 249 | { | 477 | if (!FIPS_mode_set(1)) { |
| 250 | ERR_load_crypto_strings(); | 478 | do_print_errors(); |
| 251 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | 479 | printf("Power-up self test failed\n"); |
| 252 | printf("Power-up self test failed\n"); | 480 | exit(1); |
| 253 | exit(1); | 481 | } |
| 482 | printf("Power-up self test successful\n"); | ||
| 483 | exit(0); | ||
| 254 | } | 484 | } |
| 255 | printf("Power-up self test successful\n"); | ||
| 256 | exit(0); | ||
| 257 | } | 485 | } |
| 258 | 486 | ||
| 259 | /* Non-Approved cryptographic operation | 487 | /* Non-Approved cryptographic operation |
| 260 | */ | 488 | */ |
| 261 | printf("0. Non-Approved cryptographic operation test...\n"); | 489 | printf("1. Non-Approved cryptographic operation test...\n"); |
| 262 | printf("\ta. Excluded algorithm (MD5)..."); | 490 | printf("\ta. Included algorithm (D-H)..."); |
| 263 | printf( md5_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
| 264 | printf("\tb. Included algorithm (D-H)..."); | ||
| 265 | printf( dh_test() ? "successful\n" : Fail("FAILED!\n") ); | 491 | printf( dh_test() ? "successful\n" : Fail("FAILED!\n") ); |
| 266 | 492 | ||
| 267 | /* Power-up self test failure | 493 | /* Power-up self test |
| 268 | */ | ||
| 269 | printf("1. Automatic power-up self test..."); | ||
| 270 | printf( FIPS_mode_set(1,"/dev/null") ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); | ||
| 271 | |||
| 272 | /* Algorithm call when uninitialized failure | ||
| 273 | */ | ||
| 274 | printf("\ta. AES API failure on failed power-up self test..."); | ||
| 275 | printf( FIPS_aes_test() ? Fail("passed INCORRECTLY!\n") :"failed as expected\n" ); | ||
| 276 | printf("\tb. RSA API failure on failed power-up self test..."); | ||
| 277 | printf( FIPS_rsa_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); | ||
| 278 | printf("\tc. DES API failure on failed power-up self test..."); | ||
| 279 | printf( FIPS_des_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); | ||
| 280 | printf("\td. DSA API failure on failed power-up self test..."); | ||
| 281 | printf( FIPS_dsa_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); | ||
| 282 | printf("\te. SHA1 API failure on failed power-up self test..."); | ||
| 283 | printf( FIPS_sha1_test() ? Fail("passed INCORRECTLY!\n") : "failed as expected\n" ); | ||
| 284 | |||
| 285 | /* Power-up self test retry | ||
| 286 | */ | 494 | */ |
| 287 | ERR_clear_error(); | 495 | ERR_clear_error(); |
| 288 | printf("2. Automatic power-up self test retry..."); | 496 | printf("2. Automatic power-up self test..."); |
| 289 | if (!FIPS_mode_set(1,argv[0])) | 497 | if (!FIPS_mode_set(1)) |
| 290 | { | 498 | { |
| 291 | ERR_load_crypto_strings(); | 499 | do_print_errors(); |
| 292 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | ||
| 293 | printf(Fail("FAILED!\n")); | 500 | printf(Fail("FAILED!\n")); |
| 294 | exit(1); | 501 | exit(1); |
| 295 | } | 502 | } |
| 296 | printf("successful\n"); | 503 | printf("successful\n"); |
| 504 | if (do_corrupt_dsa_keygen) | ||
| 505 | FIPS_corrupt_dsa_keygen(); | ||
| 506 | if (do_corrupt_rsa_keygen) | ||
| 507 | FIPS_corrupt_rsa_keygen(); | ||
| 508 | if (do_rng_stick) | ||
| 509 | FIPS_rng_stick(); | ||
| 297 | 510 | ||
| 298 | /* AES encryption/decryption | 511 | /* AES encryption/decryption |
| 299 | */ | 512 | */ |
| @@ -303,39 +516,73 @@ int main(int argc,char **argv) | |||
| 303 | /* RSA key generation and encryption/decryption | 516 | /* RSA key generation and encryption/decryption |
| 304 | */ | 517 | */ |
| 305 | printf("4. RSA key generation and encryption/decryption..."); | 518 | printf("4. RSA key generation and encryption/decryption..."); |
| 306 | printf( FIPS_rsa_test() ? "successful\n" : Fail("FAILED!\n") ); | 519 | printf( FIPS_rsa_test(bad_rsa) ? "successful\n" : Fail("FAILED!\n") ); |
| 307 | 520 | ||
| 308 | /* DES-CBC encryption/decryption | 521 | /* DES-CBC encryption/decryption |
| 309 | */ | 522 | */ |
| 310 | printf("5. DES-ECB encryption/decryption..."); | 523 | printf("5. DES-ECB encryption/decryption..."); |
| 311 | printf( FIPS_des_test() ? "successful\n" : Fail("FAILED!\n") ); | 524 | printf( FIPS_des3_test() ? "successful\n" : Fail("FAILED!\n") ); |
| 312 | 525 | ||
| 313 | /* DSA key generation and signature validation | 526 | /* DSA key generation and signature validation |
| 314 | */ | 527 | */ |
| 315 | printf("6. DSA key generation and signature validation..."); | 528 | printf("6. DSA key generation and signature validation..."); |
| 316 | printf( FIPS_dsa_test() ? "successful\n" : Fail("FAILED!\n") ); | 529 | printf( FIPS_dsa_test(bad_dsa) ? "successful\n" : Fail("FAILED!\n") ); |
| 317 | 530 | ||
| 318 | /* SHA-1 hash | 531 | /* SHA-1 hash |
| 319 | */ | 532 | */ |
| 320 | printf("7. SHA-1 hash..."); | 533 | printf("7a. SHA-1 hash..."); |
| 321 | printf( FIPS_sha1_test() ? "successful\n" : Fail("FAILED!\n") ); | 534 | printf( FIPS_sha1_test() ? "successful\n" : Fail("FAILED!\n") ); |
| 322 | 535 | ||
| 536 | /* SHA-256 hash | ||
| 537 | */ | ||
| 538 | printf("7b. SHA-256 hash..."); | ||
| 539 | printf( FIPS_sha256_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
| 540 | |||
| 541 | /* SHA-512 hash | ||
| 542 | */ | ||
| 543 | printf("7c. SHA-512 hash..."); | ||
| 544 | printf( FIPS_sha512_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
| 545 | |||
| 546 | /* HMAC-SHA-1 hash | ||
| 547 | */ | ||
| 548 | printf("7d. HMAC-SHA-1 hash..."); | ||
| 549 | printf( FIPS_hmac_sha1_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
| 550 | |||
| 551 | /* HMAC-SHA-224 hash | ||
| 552 | */ | ||
| 553 | printf("7e. HMAC-SHA-224 hash..."); | ||
| 554 | printf( FIPS_hmac_sha224_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
| 555 | |||
| 556 | /* HMAC-SHA-256 hash | ||
| 557 | */ | ||
| 558 | printf("7f. HMAC-SHA-256 hash..."); | ||
| 559 | printf( FIPS_hmac_sha256_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
| 560 | |||
| 561 | /* HMAC-SHA-384 hash | ||
| 562 | */ | ||
| 563 | printf("7g. HMAC-SHA-384 hash..."); | ||
| 564 | printf( FIPS_hmac_sha384_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
| 565 | |||
| 566 | /* HMAC-SHA-512 hash | ||
| 567 | */ | ||
| 568 | printf("7h. HMAC-SHA-512 hash..."); | ||
| 569 | printf( FIPS_hmac_sha512_test() ? "successful\n" : Fail("FAILED!\n") ); | ||
| 570 | |||
| 323 | /* Non-Approved cryptographic operation | 571 | /* Non-Approved cryptographic operation |
| 324 | */ | 572 | */ |
| 325 | printf("8. Non-Approved cryptographic operation test...\n"); | 573 | printf("8. Non-Approved cryptographic operation test...\n"); |
| 326 | printf("\ta. Excluded algorithm (MD5)..."); | 574 | printf("\ta. Included algorithm (D-H)..."); |
| 327 | printf( md5_test() ? Fail("passed INCORRECTLY!\n") | ||
| 328 | : "failed as expected\n" ); | ||
| 329 | printf("\tb. Included algorithm (D-H)..."); | ||
| 330 | printf( dh_test() ? "successful as expected\n" | 575 | printf( dh_test() ? "successful as expected\n" |
| 331 | : Fail("failed INCORRECTLY!\n") ); | 576 | : Fail("failed INCORRECTLY!\n") ); |
| 332 | 577 | ||
| 333 | /* Zeroization | 578 | /* Zeroization |
| 334 | */ | 579 | */ |
| 335 | printf("9. Zero-ization...\n"); | 580 | printf("9. Zero-ization...\n"); |
| 336 | Zeroize(); | 581 | printf( Zeroize() ? "\tsuccessful as expected\n" |
| 582 | : Fail("\tfailed INCORRECTLY!\n") ); | ||
| 337 | 583 | ||
| 338 | printf("\nAll tests completed with %d errors\n", Error); | 584 | printf("\nAll tests completed with %d errors\n", Error); |
| 339 | return 0; | 585 | return Error ? 1 : 0; |
| 340 | } | 586 | } |
| 587 | |||
| 341 | #endif | 588 | #endif |
diff --git a/src/lib/libssl/src/fips/fips_utl.h b/src/lib/libssl/src/fips/fips_utl.h new file mode 100644 index 0000000000..02d4e44c82 --- /dev/null +++ b/src/lib/libssl/src/fips/fips_utl.h | |||
| @@ -0,0 +1,343 @@ | |||
| 1 | /* ==================================================================== | ||
| 2 | * Copyright (c) 2007 The OpenSSL Project. All rights reserved. | ||
| 3 | * | ||
| 4 | * Redistribution and use in source and binary forms, with or without | ||
| 5 | * modification, are permitted provided that the following conditions | ||
| 6 | * are met: | ||
| 7 | * | ||
| 8 | * 1. Redistributions of source code must retain the above copyright | ||
| 9 | * notice, this list of conditions and the following disclaimer. | ||
| 10 | * | ||
| 11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 12 | * notice, this list of conditions and the following disclaimer in | ||
| 13 | * the documentation and/or other materials provided with the | ||
| 14 | * distribution. | ||
| 15 | * | ||
| 16 | * 3. All advertising materials mentioning features or use of this | ||
| 17 | * software must display the following acknowledgment: | ||
| 18 | * "This product includes software developed by the OpenSSL Project | ||
| 19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 20 | * | ||
| 21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 22 | * endorse or promote products derived from this software without | ||
| 23 | * prior written permission. For written permission, please contact | ||
| 24 | * openssl-core@openssl.org. | ||
| 25 | * | ||
| 26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 27 | * nor may "OpenSSL" appear in their names without prior written | ||
| 28 | * permission of the OpenSSL Project. | ||
| 29 | * | ||
| 30 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 31 | * acknowledgment: | ||
| 32 | * "This product includes software developed by the OpenSSL Project | ||
| 33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 34 | * | ||
| 35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 47 | * | ||
| 48 | */ | ||
| 49 | |||
| 50 | void do_print_errors(void) | ||
| 51 | { | ||
| 52 | const char *file, *data; | ||
| 53 | int line, flags; | ||
| 54 | unsigned long l; | ||
| 55 | while ((l = ERR_get_error_line_data(&file, &line, &data, &flags))) | ||
| 56 | { | ||
| 57 | fprintf(stderr, "ERROR:%lx:lib=%d,func=%d,reason=%d" | ||
| 58 | ":file=%s:line=%d:%s\n", | ||
| 59 | l, ERR_GET_LIB(l), ERR_GET_FUNC(l), ERR_GET_REASON(l), | ||
| 60 | file, line, flags & ERR_TXT_STRING ? data : ""); | ||
| 61 | } | ||
| 62 | } | ||
| 63 | |||
| 64 | int hex2bin(const char *in, unsigned char *out) | ||
| 65 | { | ||
| 66 | int n1, n2; | ||
| 67 | unsigned char ch; | ||
| 68 | |||
| 69 | for (n1=0,n2=0 ; in[n1] && in[n1] != '\n' ; ) | ||
| 70 | { /* first byte */ | ||
| 71 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
| 72 | ch = in[n1++] - '0'; | ||
| 73 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
| 74 | ch = in[n1++] - 'A' + 10; | ||
| 75 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
| 76 | ch = in[n1++] - 'a' + 10; | ||
| 77 | else | ||
| 78 | return -1; | ||
| 79 | if(!in[n1]) | ||
| 80 | { | ||
| 81 | out[n2++]=ch; | ||
| 82 | break; | ||
| 83 | } | ||
| 84 | out[n2] = ch << 4; | ||
| 85 | /* second byte */ | ||
| 86 | if ((in[n1] >= '0') && (in[n1] <= '9')) | ||
| 87 | ch = in[n1++] - '0'; | ||
| 88 | else if ((in[n1] >= 'A') && (in[n1] <= 'F')) | ||
| 89 | ch = in[n1++] - 'A' + 10; | ||
| 90 | else if ((in[n1] >= 'a') && (in[n1] <= 'f')) | ||
| 91 | ch = in[n1++] - 'a' + 10; | ||
| 92 | else | ||
| 93 | return -1; | ||
| 94 | out[n2++] |= ch; | ||
| 95 | } | ||
| 96 | return n2; | ||
| 97 | } | ||
| 98 | |||
| 99 | unsigned char *hex2bin_m(const char *in, long *plen) | ||
| 100 | { | ||
| 101 | unsigned char *p; | ||
| 102 | p = OPENSSL_malloc((strlen(in) + 1)/2); | ||
| 103 | *plen = hex2bin(in, p); | ||
| 104 | return p; | ||
| 105 | } | ||
| 106 | |||
| 107 | int do_hex2bn(BIGNUM **pr, const char *in) | ||
| 108 | { | ||
| 109 | unsigned char *p; | ||
| 110 | long plen; | ||
| 111 | int r = 0; | ||
| 112 | p = hex2bin_m(in, &plen); | ||
| 113 | if (!p) | ||
| 114 | return 0; | ||
| 115 | if (!*pr) | ||
| 116 | *pr = BN_new(); | ||
| 117 | if (!*pr) | ||
| 118 | return 0; | ||
| 119 | if (BN_bin2bn(p, plen, *pr)) | ||
| 120 | r = 1; | ||
| 121 | OPENSSL_free(p); | ||
| 122 | return r; | ||
| 123 | } | ||
| 124 | |||
| 125 | int do_bn_print(FILE *out, BIGNUM *bn) | ||
| 126 | { | ||
| 127 | int len, i; | ||
| 128 | unsigned char *tmp; | ||
| 129 | len = BN_num_bytes(bn); | ||
| 130 | if (len == 0) | ||
| 131 | { | ||
| 132 | fputs("00", out); | ||
| 133 | return 1; | ||
| 134 | } | ||
| 135 | |||
| 136 | tmp = OPENSSL_malloc(len); | ||
| 137 | if (!tmp) | ||
| 138 | { | ||
| 139 | fprintf(stderr, "Memory allocation error\n"); | ||
| 140 | return 0; | ||
| 141 | } | ||
| 142 | BN_bn2bin(bn, tmp); | ||
| 143 | for (i = 0; i < len; i++) | ||
| 144 | fprintf(out, "%02x", tmp[i]); | ||
| 145 | OPENSSL_free(tmp); | ||
| 146 | return 1; | ||
| 147 | } | ||
| 148 | |||
| 149 | int do_bn_print_name(FILE *out, const char *name, BIGNUM *bn) | ||
| 150 | { | ||
| 151 | int r; | ||
| 152 | fprintf(out, "%s = ", name); | ||
| 153 | r = do_bn_print(out, bn); | ||
| 154 | if (!r) | ||
| 155 | return 0; | ||
| 156 | fputs("\n", out); | ||
| 157 | return 1; | ||
| 158 | } | ||
| 159 | |||
| 160 | int parse_line(char **pkw, char **pval, char *linebuf, char *olinebuf) | ||
| 161 | { | ||
| 162 | char *keyword, *value, *p, *q; | ||
| 163 | strcpy(linebuf, olinebuf); | ||
| 164 | keyword = linebuf; | ||
| 165 | /* Skip leading space */ | ||
| 166 | while (isspace((unsigned char)*keyword)) | ||
| 167 | keyword++; | ||
| 168 | |||
| 169 | /* Look for = sign */ | ||
| 170 | p = strchr(linebuf, '='); | ||
| 171 | |||
| 172 | /* If no '=' exit */ | ||
| 173 | if (!p) | ||
| 174 | return 0; | ||
| 175 | |||
| 176 | q = p - 1; | ||
| 177 | |||
| 178 | /* Remove trailing space */ | ||
| 179 | while (isspace((unsigned char)*q)) | ||
| 180 | *q-- = 0; | ||
| 181 | |||
| 182 | *p = 0; | ||
| 183 | value = p + 1; | ||
| 184 | |||
| 185 | /* Remove leading space from value */ | ||
| 186 | while (isspace((unsigned char)*value)) | ||
| 187 | value++; | ||
| 188 | |||
| 189 | /* Remove trailing space from value */ | ||
| 190 | p = value + strlen(value) - 1; | ||
| 191 | |||
| 192 | while (*p == '\n' || isspace((unsigned char)*p)) | ||
| 193 | *p-- = 0; | ||
| 194 | |||
| 195 | *pkw = keyword; | ||
| 196 | *pval = value; | ||
| 197 | return 1; | ||
| 198 | } | ||
| 199 | |||
| 200 | BIGNUM *hex2bn(const char *in) | ||
| 201 | { | ||
| 202 | BIGNUM *p=NULL; | ||
| 203 | |||
| 204 | if (!do_hex2bn(&p, in)) | ||
| 205 | return NULL; | ||
| 206 | |||
| 207 | return p; | ||
| 208 | } | ||
| 209 | |||
| 210 | int bin2hex(const unsigned char *in,int len,char *out) | ||
| 211 | { | ||
| 212 | int n1, n2; | ||
| 213 | unsigned char ch; | ||
| 214 | |||
| 215 | for (n1=0,n2=0 ; n1 < len ; ++n1) | ||
| 216 | { | ||
| 217 | ch=in[n1] >> 4; | ||
| 218 | if (ch <= 0x09) | ||
| 219 | out[n2++]=ch+'0'; | ||
| 220 | else | ||
| 221 | out[n2++]=ch-10+'a'; | ||
| 222 | ch=in[n1] & 0x0f; | ||
| 223 | if(ch <= 0x09) | ||
| 224 | out[n2++]=ch+'0'; | ||
| 225 | else | ||
| 226 | out[n2++]=ch-10+'a'; | ||
| 227 | } | ||
| 228 | out[n2]='\0'; | ||
| 229 | return n2; | ||
| 230 | } | ||
| 231 | |||
| 232 | void pv(const char *tag,const unsigned char *val,int len) | ||
| 233 | { | ||
| 234 | char obuf[2048]; | ||
| 235 | |||
| 236 | bin2hex(val,len,obuf); | ||
| 237 | printf("%s = %s\n",tag,obuf); | ||
| 238 | } | ||
| 239 | |||
| 240 | /* To avoid extensive changes to test program at this stage just convert | ||
| 241 | * the input line into an acceptable form. Keyword lines converted to form | ||
| 242 | * "keyword = value\n" no matter what white space present, all other lines | ||
| 243 | * just have leading and trailing space removed. | ||
| 244 | */ | ||
| 245 | |||
| 246 | int tidy_line(char *linebuf, char *olinebuf) | ||
| 247 | { | ||
| 248 | char *keyword, *value, *p, *q; | ||
| 249 | strcpy(linebuf, olinebuf); | ||
| 250 | keyword = linebuf; | ||
| 251 | /* Skip leading space */ | ||
| 252 | while (isspace((unsigned char)*keyword)) | ||
| 253 | keyword++; | ||
| 254 | /* Look for = sign */ | ||
| 255 | p = strchr(linebuf, '='); | ||
| 256 | |||
| 257 | /* If no '=' just chop leading, trailing ws */ | ||
| 258 | if (!p) | ||
| 259 | { | ||
| 260 | p = keyword + strlen(keyword) - 1; | ||
| 261 | while (*p == '\n' || isspace((unsigned char)*p)) | ||
| 262 | *p-- = 0; | ||
| 263 | strcpy(olinebuf, keyword); | ||
| 264 | strcat(olinebuf, "\n"); | ||
| 265 | return 1; | ||
| 266 | } | ||
| 267 | |||
| 268 | q = p - 1; | ||
| 269 | |||
| 270 | /* Remove trailing space */ | ||
| 271 | while (isspace((unsigned char)*q)) | ||
| 272 | *q-- = 0; | ||
| 273 | |||
| 274 | *p = 0; | ||
| 275 | value = p + 1; | ||
| 276 | |||
| 277 | /* Remove leading space from value */ | ||
| 278 | while (isspace((unsigned char)*value)) | ||
| 279 | value++; | ||
| 280 | |||
| 281 | /* Remove trailing space from value */ | ||
| 282 | p = value + strlen(value) - 1; | ||
| 283 | |||
| 284 | while (*p == '\n' || isspace((unsigned char)*p)) | ||
| 285 | *p-- = 0; | ||
| 286 | |||
| 287 | strcpy(olinebuf, keyword); | ||
| 288 | strcat(olinebuf, " = "); | ||
| 289 | strcat(olinebuf, value); | ||
| 290 | strcat(olinebuf, "\n"); | ||
| 291 | |||
| 292 | return 1; | ||
| 293 | } | ||
| 294 | |||
| 295 | /* NB: this return the number of _bits_ read */ | ||
| 296 | int bint2bin(const char *in, int len, unsigned char *out) | ||
| 297 | { | ||
| 298 | int n; | ||
| 299 | |||
| 300 | memset(out,0,len); | ||
| 301 | for(n=0 ; n < len ; ++n) | ||
| 302 | if(in[n] == '1') | ||
| 303 | out[n/8]|=(0x80 >> (n%8)); | ||
| 304 | return len; | ||
| 305 | } | ||
| 306 | |||
| 307 | int bin2bint(const unsigned char *in,int len,char *out) | ||
| 308 | { | ||
| 309 | int n; | ||
| 310 | |||
| 311 | for(n=0 ; n < len ; ++n) | ||
| 312 | out[n]=(in[n/8]&(0x80 >> (n%8))) ? '1' : '0'; | ||
| 313 | return n; | ||
| 314 | } | ||
| 315 | |||
| 316 | /*-----------------------------------------------*/ | ||
| 317 | |||
| 318 | void PrintValue(char *tag, unsigned char *val, int len) | ||
| 319 | { | ||
| 320 | #if VERBOSE | ||
| 321 | char obuf[2048]; | ||
| 322 | int olen; | ||
| 323 | olen = bin2hex(val, len, obuf); | ||
| 324 | printf("%s = %.*s\n", tag, olen, obuf); | ||
| 325 | #endif | ||
| 326 | } | ||
| 327 | |||
| 328 | void OutputValue(char *tag, unsigned char *val, int len, FILE *rfp,int bitmode) | ||
| 329 | { | ||
| 330 | char obuf[2048]; | ||
| 331 | int olen; | ||
| 332 | |||
| 333 | if(bitmode) | ||
| 334 | olen=bin2bint(val,len,obuf); | ||
| 335 | else | ||
| 336 | olen=bin2hex(val,len,obuf); | ||
| 337 | |||
| 338 | fprintf(rfp, "%s = %.*s\n", tag, olen, obuf); | ||
| 339 | #if VERBOSE | ||
| 340 | printf("%s = %.*s\n", tag, olen, obuf); | ||
| 341 | #endif | ||
| 342 | } | ||
| 343 | |||
diff --git a/src/lib/libssl/src/fips/fipsalgtest.pl b/src/lib/libssl/src/fips/fipsalgtest.pl new file mode 100644 index 0000000000..44a5ccac7a --- /dev/null +++ b/src/lib/libssl/src/fips/fipsalgtest.pl | |||
| @@ -0,0 +1,848 @@ | |||
| 1 | #!/usr/bin/perl -w | ||
| 2 | # Perl utility to run or verify FIPS 140-2 CMVP algorithm tests based on the | ||
| 3 | # pathnames of input algorithm test files actually present (the unqualified | ||
| 4 | # file names are consistent but the pathnames are not). | ||
| 5 | # | ||
| 6 | |||
| 7 | # FIPS test definitions | ||
| 8 | # List of all the unqualified file names we expect and command lines to run | ||
| 9 | |||
| 10 | # DSA tests | ||
| 11 | my @fips_dsa_test_list = ( | ||
| 12 | |||
| 13 | "DSA", | ||
| 14 | |||
| 15 | [ "PQGGen", "fips_dssvs pqg" ], | ||
| 16 | [ "KeyPair", "fips_dssvs keypair" ], | ||
| 17 | [ "SigGen", "fips_dssvs siggen" ], | ||
| 18 | [ "SigVer", "fips_dssvs sigver" ] | ||
| 19 | |||
| 20 | ); | ||
| 21 | |||
| 22 | # RSA tests | ||
| 23 | |||
| 24 | my @fips_rsa_test_list = ( | ||
| 25 | |||
| 26 | "RSA", | ||
| 27 | |||
| 28 | [ "SigGen15", "fips_rsastest" ], | ||
| 29 | [ "SigVer15", "fips_rsavtest" ], | ||
| 30 | [ "SigVerRSA", "fips_rsavtest -x931" ], | ||
| 31 | [ "KeyGenRSA", "fips_rsagtest" ], | ||
| 32 | [ "SigGenRSA", "fips_rsastest -x931" ] | ||
| 33 | |||
| 34 | ); | ||
| 35 | |||
| 36 | # Special cases for PSS. The filename itself is | ||
| 37 | # not sufficient to determine the test. Addditionally we | ||
| 38 | # need to examine the file contents to determine the salt length | ||
| 39 | # In these cases the test filename has (saltlen) appended. | ||
| 40 | |||
| 41 | # RSA PSS salt length 0 tests | ||
| 42 | |||
| 43 | my @fips_rsa_pss0_test_list = ( | ||
| 44 | |||
| 45 | [ "SigGenPSS(0)", "fips_rsastest -saltlen 0" ], | ||
| 46 | [ "SigVerPSS(0)", "fips_rsavtest -saltlen 0" ] | ||
| 47 | |||
| 48 | ); | ||
| 49 | |||
| 50 | # RSA PSS salt length 62 tests | ||
| 51 | |||
| 52 | my @fips_rsa_pss62_test_list = ( | ||
| 53 | [ "SigGenPSS(62)", "fips_rsastest -saltlen 62" ], | ||
| 54 | [ "SigVerPSS(62)", "fips_rsavtest -saltlen 62" ] | ||
| 55 | |||
| 56 | ); | ||
| 57 | |||
| 58 | # SHA tests | ||
| 59 | |||
| 60 | my @fips_sha_test_list = ( | ||
| 61 | |||
| 62 | "SHA", | ||
| 63 | |||
| 64 | [ "SHA1LongMsg", "fips_shatest" ], | ||
| 65 | [ "SHA1Monte", "fips_shatest" ], | ||
| 66 | [ "SHA1ShortMsg", "fips_shatest" ], | ||
| 67 | [ "SHA224LongMsg", "fips_shatest" ], | ||
| 68 | [ "SHA224Monte", "fips_shatest" ], | ||
| 69 | [ "SHA224ShortMsg", "fips_shatest" ], | ||
| 70 | [ "SHA256LongMsg", "fips_shatest" ], | ||
| 71 | [ "SHA256Monte", "fips_shatest" ], | ||
| 72 | [ "SHA256ShortMsg", "fips_shatest" ], | ||
| 73 | [ "SHA384LongMsg", "fips_shatest" ], | ||
| 74 | [ "SHA384Monte", "fips_shatest" ], | ||
| 75 | [ "SHA384ShortMsg", "fips_shatest" ], | ||
| 76 | [ "SHA512LongMsg", "fips_shatest" ], | ||
| 77 | [ "SHA512Monte", "fips_shatest" ], | ||
| 78 | [ "SHA512ShortMsg", "fips_shatest" ] | ||
| 79 | |||
| 80 | ); | ||
| 81 | |||
| 82 | # HMAC | ||
| 83 | |||
| 84 | my @fips_hmac_test_list = ( | ||
| 85 | |||
| 86 | "HMAC", | ||
| 87 | |||
| 88 | [ "HMAC", "fips_hmactest" ] | ||
| 89 | |||
| 90 | ); | ||
| 91 | |||
| 92 | # RAND tests, AES version | ||
| 93 | |||
| 94 | my @fips_rand_aes_test_list = ( | ||
| 95 | |||
| 96 | "RAND (AES)", | ||
| 97 | |||
| 98 | [ "ANSI931_AES128MCT", "fips_rngvs mct" ], | ||
| 99 | [ "ANSI931_AES192MCT", "fips_rngvs mct" ], | ||
| 100 | [ "ANSI931_AES256MCT", "fips_rngvs mct" ], | ||
| 101 | [ "ANSI931_AES128VST", "fips_rngvs vst" ], | ||
| 102 | [ "ANSI931_AES192VST", "fips_rngvs vst" ], | ||
| 103 | [ "ANSI931_AES256VST", "fips_rngvs vst" ] | ||
| 104 | |||
| 105 | ); | ||
| 106 | |||
| 107 | # RAND tests, DES2 version | ||
| 108 | |||
| 109 | my @fips_rand_des2_test_list = ( | ||
| 110 | |||
| 111 | "RAND (DES2)", | ||
| 112 | |||
| 113 | [ "ANSI931_TDES2MCT", "fips_rngvs mct" ], | ||
| 114 | [ "ANSI931_TDES2VST", "fips_rngvs vst" ] | ||
| 115 | |||
| 116 | ); | ||
| 117 | |||
| 118 | # AES tests | ||
| 119 | |||
| 120 | my @fips_aes_test_list = ( | ||
| 121 | |||
| 122 | "AES", | ||
| 123 | |||
| 124 | [ "CBCGFSbox128", "fips_aesavs -f" ], | ||
| 125 | [ "CBCGFSbox192", "fips_aesavs -f" ], | ||
| 126 | [ "CBCGFSbox256", "fips_aesavs -f" ], | ||
| 127 | [ "CBCKeySbox128", "fips_aesavs -f" ], | ||
| 128 | [ "CBCKeySbox192", "fips_aesavs -f" ], | ||
| 129 | [ "CBCKeySbox256", "fips_aesavs -f" ], | ||
| 130 | [ "CBCMCT128", "fips_aesavs -f" ], | ||
| 131 | [ "CBCMCT192", "fips_aesavs -f" ], | ||
| 132 | [ "CBCMCT256", "fips_aesavs -f" ], | ||
| 133 | [ "CBCMMT128", "fips_aesavs -f" ], | ||
| 134 | [ "CBCMMT192", "fips_aesavs -f" ], | ||
| 135 | [ "CBCMMT256", "fips_aesavs -f" ], | ||
| 136 | [ "CBCVarKey128", "fips_aesavs -f" ], | ||
| 137 | [ "CBCVarKey192", "fips_aesavs -f" ], | ||
| 138 | [ "CBCVarKey256", "fips_aesavs -f" ], | ||
| 139 | [ "CBCVarTxt128", "fips_aesavs -f" ], | ||
| 140 | [ "CBCVarTxt192", "fips_aesavs -f" ], | ||
| 141 | [ "CBCVarTxt256", "fips_aesavs -f" ], | ||
| 142 | [ "CFB128GFSbox128", "fips_aesavs -f" ], | ||
| 143 | [ "CFB128GFSbox192", "fips_aesavs -f" ], | ||
| 144 | [ "CFB128GFSbox256", "fips_aesavs -f" ], | ||
| 145 | [ "CFB128KeySbox128", "fips_aesavs -f" ], | ||
| 146 | [ "CFB128KeySbox192", "fips_aesavs -f" ], | ||
| 147 | [ "CFB128KeySbox256", "fips_aesavs -f" ], | ||
| 148 | [ "CFB128MCT128", "fips_aesavs -f" ], | ||
| 149 | [ "CFB128MCT192", "fips_aesavs -f" ], | ||
| 150 | [ "CFB128MCT256", "fips_aesavs -f" ], | ||
| 151 | [ "CFB128MMT128", "fips_aesavs -f" ], | ||
| 152 | [ "CFB128MMT192", "fips_aesavs -f" ], | ||
| 153 | [ "CFB128MMT256", "fips_aesavs -f" ], | ||
| 154 | [ "CFB128VarKey128", "fips_aesavs -f" ], | ||
| 155 | [ "CFB128VarKey192", "fips_aesavs -f" ], | ||
| 156 | [ "CFB128VarKey256", "fips_aesavs -f" ], | ||
| 157 | [ "CFB128VarTxt128", "fips_aesavs -f" ], | ||
| 158 | [ "CFB128VarTxt192", "fips_aesavs -f" ], | ||
| 159 | [ "CFB128VarTxt256", "fips_aesavs -f" ], | ||
| 160 | [ "CFB8GFSbox128", "fips_aesavs -f" ], | ||
| 161 | [ "CFB8GFSbox192", "fips_aesavs -f" ], | ||
| 162 | [ "CFB8GFSbox256", "fips_aesavs -f" ], | ||
| 163 | [ "CFB8KeySbox128", "fips_aesavs -f" ], | ||
| 164 | [ "CFB8KeySbox192", "fips_aesavs -f" ], | ||
| 165 | [ "CFB8KeySbox256", "fips_aesavs -f" ], | ||
| 166 | [ "CFB8MCT128", "fips_aesavs -f" ], | ||
| 167 | [ "CFB8MCT192", "fips_aesavs -f" ], | ||
| 168 | [ "CFB8MCT256", "fips_aesavs -f" ], | ||
| 169 | [ "CFB8MMT128", "fips_aesavs -f" ], | ||
| 170 | [ "CFB8MMT192", "fips_aesavs -f" ], | ||
| 171 | [ "CFB8MMT256", "fips_aesavs -f" ], | ||
| 172 | [ "CFB8VarKey128", "fips_aesavs -f" ], | ||
| 173 | [ "CFB8VarKey192", "fips_aesavs -f" ], | ||
| 174 | [ "CFB8VarKey256", "fips_aesavs -f" ], | ||
| 175 | [ "CFB8VarTxt128", "fips_aesavs -f" ], | ||
| 176 | [ "CFB8VarTxt192", "fips_aesavs -f" ], | ||
| 177 | [ "CFB8VarTxt256", "fips_aesavs -f" ], | ||
| 178 | |||
| 179 | [ "ECBGFSbox128", "fips_aesavs -f" ], | ||
| 180 | [ "ECBGFSbox192", "fips_aesavs -f" ], | ||
| 181 | [ "ECBGFSbox256", "fips_aesavs -f" ], | ||
| 182 | [ "ECBKeySbox128", "fips_aesavs -f" ], | ||
| 183 | [ "ECBKeySbox192", "fips_aesavs -f" ], | ||
| 184 | [ "ECBKeySbox256", "fips_aesavs -f" ], | ||
| 185 | [ "ECBMCT128", "fips_aesavs -f" ], | ||
| 186 | [ "ECBMCT192", "fips_aesavs -f" ], | ||
| 187 | [ "ECBMCT256", "fips_aesavs -f" ], | ||
| 188 | [ "ECBMMT128", "fips_aesavs -f" ], | ||
| 189 | [ "ECBMMT192", "fips_aesavs -f" ], | ||
| 190 | [ "ECBMMT256", "fips_aesavs -f" ], | ||
| 191 | [ "ECBVarKey128", "fips_aesavs -f" ], | ||
| 192 | [ "ECBVarKey192", "fips_aesavs -f" ], | ||
| 193 | [ "ECBVarKey256", "fips_aesavs -f" ], | ||
| 194 | [ "ECBVarTxt128", "fips_aesavs -f" ], | ||
| 195 | [ "ECBVarTxt192", "fips_aesavs -f" ], | ||
| 196 | [ "ECBVarTxt256", "fips_aesavs -f" ], | ||
| 197 | [ "OFBGFSbox128", "fips_aesavs -f" ], | ||
| 198 | [ "OFBGFSbox192", "fips_aesavs -f" ], | ||
| 199 | [ "OFBGFSbox256", "fips_aesavs -f" ], | ||
| 200 | [ "OFBKeySbox128", "fips_aesavs -f" ], | ||
| 201 | [ "OFBKeySbox192", "fips_aesavs -f" ], | ||
| 202 | [ "OFBKeySbox256", "fips_aesavs -f" ], | ||
| 203 | [ "OFBMCT128", "fips_aesavs -f" ], | ||
| 204 | [ "OFBMCT192", "fips_aesavs -f" ], | ||
| 205 | [ "OFBMCT256", "fips_aesavs -f" ], | ||
| 206 | [ "OFBMMT128", "fips_aesavs -f" ], | ||
| 207 | [ "OFBMMT192", "fips_aesavs -f" ], | ||
| 208 | [ "OFBMMT256", "fips_aesavs -f" ], | ||
| 209 | [ "OFBVarKey128", "fips_aesavs -f" ], | ||
| 210 | [ "OFBVarKey192", "fips_aesavs -f" ], | ||
| 211 | [ "OFBVarKey256", "fips_aesavs -f" ], | ||
| 212 | [ "OFBVarTxt128", "fips_aesavs -f" ], | ||
| 213 | [ "OFBVarTxt192", "fips_aesavs -f" ], | ||
| 214 | [ "OFBVarTxt256", "fips_aesavs -f" ] | ||
| 215 | |||
| 216 | ); | ||
| 217 | |||
| 218 | my @fips_aes_cfb1_test_list = ( | ||
| 219 | |||
| 220 | # AES CFB1 tests | ||
| 221 | |||
| 222 | [ "CFB1GFSbox128", "fips_aesavs -f" ], | ||
| 223 | [ "CFB1GFSbox192", "fips_aesavs -f" ], | ||
| 224 | [ "CFB1GFSbox256", "fips_aesavs -f" ], | ||
| 225 | [ "CFB1KeySbox128", "fips_aesavs -f" ], | ||
| 226 | [ "CFB1KeySbox192", "fips_aesavs -f" ], | ||
| 227 | [ "CFB1KeySbox256", "fips_aesavs -f" ], | ||
| 228 | [ "CFB1MCT128", "fips_aesavs -f" ], | ||
| 229 | [ "CFB1MCT192", "fips_aesavs -f" ], | ||
| 230 | [ "CFB1MCT256", "fips_aesavs -f" ], | ||
| 231 | [ "CFB1MMT128", "fips_aesavs -f" ], | ||
| 232 | [ "CFB1MMT192", "fips_aesavs -f" ], | ||
| 233 | [ "CFB1MMT256", "fips_aesavs -f" ], | ||
| 234 | [ "CFB1VarKey128", "fips_aesavs -f" ], | ||
| 235 | [ "CFB1VarKey192", "fips_aesavs -f" ], | ||
| 236 | [ "CFB1VarKey256", "fips_aesavs -f" ], | ||
| 237 | [ "CFB1VarTxt128", "fips_aesavs -f" ], | ||
| 238 | [ "CFB1VarTxt192", "fips_aesavs -f" ], | ||
| 239 | [ "CFB1VarTxt256", "fips_aesavs -f" ] | ||
| 240 | |||
| 241 | ); | ||
| 242 | |||
| 243 | # Triple DES tests | ||
| 244 | |||
| 245 | my @fips_des3_test_list = ( | ||
| 246 | |||
| 247 | "Triple DES", | ||
| 248 | |||
| 249 | [ "TCBCinvperm", "fips_desmovs -f" ], | ||
| 250 | [ "TCBCMMT1", "fips_desmovs -f" ], | ||
| 251 | [ "TCBCMMT2", "fips_desmovs -f" ], | ||
| 252 | [ "TCBCMMT3", "fips_desmovs -f" ], | ||
| 253 | [ "TCBCMonte1", "fips_desmovs -f" ], | ||
| 254 | [ "TCBCMonte2", "fips_desmovs -f" ], | ||
| 255 | [ "TCBCMonte3", "fips_desmovs -f" ], | ||
| 256 | [ "TCBCpermop", "fips_desmovs -f" ], | ||
| 257 | [ "TCBCsubtab", "fips_desmovs -f" ], | ||
| 258 | [ "TCBCvarkey", "fips_desmovs -f" ], | ||
| 259 | [ "TCBCvartext", "fips_desmovs -f" ], | ||
| 260 | [ "TCFB64invperm", "fips_desmovs -f" ], | ||
| 261 | [ "TCFB64MMT1", "fips_desmovs -f" ], | ||
| 262 | [ "TCFB64MMT2", "fips_desmovs -f" ], | ||
| 263 | [ "TCFB64MMT3", "fips_desmovs -f" ], | ||
| 264 | [ "TCFB64Monte1", "fips_desmovs -f" ], | ||
| 265 | [ "TCFB64Monte2", "fips_desmovs -f" ], | ||
| 266 | [ "TCFB64Monte3", "fips_desmovs -f" ], | ||
| 267 | [ "TCFB64permop", "fips_desmovs -f" ], | ||
| 268 | [ "TCFB64subtab", "fips_desmovs -f" ], | ||
| 269 | [ "TCFB64varkey", "fips_desmovs -f" ], | ||
| 270 | [ "TCFB64vartext", "fips_desmovs -f" ], | ||
| 271 | [ "TCFB8invperm", "fips_desmovs -f" ], | ||
| 272 | [ "TCFB8MMT1", "fips_desmovs -f" ], | ||
| 273 | [ "TCFB8MMT2", "fips_desmovs -f" ], | ||
| 274 | [ "TCFB8MMT3", "fips_desmovs -f" ], | ||
| 275 | [ "TCFB8Monte1", "fips_desmovs -f" ], | ||
| 276 | [ "TCFB8Monte2", "fips_desmovs -f" ], | ||
| 277 | [ "TCFB8Monte3", "fips_desmovs -f" ], | ||
| 278 | [ "TCFB8permop", "fips_desmovs -f" ], | ||
| 279 | [ "TCFB8subtab", "fips_desmovs -f" ], | ||
| 280 | [ "TCFB8varkey", "fips_desmovs -f" ], | ||
| 281 | [ "TCFB8vartext", "fips_desmovs -f" ], | ||
| 282 | [ "TECBinvperm", "fips_desmovs -f" ], | ||
| 283 | [ "TECBMMT1", "fips_desmovs -f" ], | ||
| 284 | [ "TECBMMT2", "fips_desmovs -f" ], | ||
| 285 | [ "TECBMMT3", "fips_desmovs -f" ], | ||
| 286 | [ "TECBMonte1", "fips_desmovs -f" ], | ||
| 287 | [ "TECBMonte2", "fips_desmovs -f" ], | ||
| 288 | [ "TECBMonte3", "fips_desmovs -f" ], | ||
| 289 | [ "TECBpermop", "fips_desmovs -f" ], | ||
| 290 | [ "TECBsubtab", "fips_desmovs -f" ], | ||
| 291 | [ "TECBvarkey", "fips_desmovs -f" ], | ||
| 292 | [ "TECBvartext", "fips_desmovs -f" ], | ||
| 293 | [ "TOFBinvperm", "fips_desmovs -f" ], | ||
| 294 | [ "TOFBMMT1", "fips_desmovs -f" ], | ||
| 295 | [ "TOFBMMT2", "fips_desmovs -f" ], | ||
| 296 | [ "TOFBMMT3", "fips_desmovs -f" ], | ||
| 297 | [ "TOFBMonte1", "fips_desmovs -f" ], | ||
| 298 | [ "TOFBMonte2", "fips_desmovs -f" ], | ||
| 299 | [ "TOFBMonte3", "fips_desmovs -f" ], | ||
| 300 | [ "TOFBpermop", "fips_desmovs -f" ], | ||
| 301 | [ "TOFBsubtab", "fips_desmovs -f" ], | ||
| 302 | [ "TOFBvarkey", "fips_desmovs -f" ], | ||
| 303 | [ "TOFBvartext", "fips_desmovs -f" ] | ||
| 304 | |||
| 305 | ); | ||
| 306 | |||
| 307 | # Verification special cases. | ||
| 308 | # In most cases the output of a test is deterministic and | ||
| 309 | # it can be compared to a known good result. A few involve | ||
| 310 | # the genration and use of random keys and the output will | ||
| 311 | # be different each time. In thoses cases we perform special tests | ||
| 312 | # to simply check their consistency. For example signature generation | ||
| 313 | # output will be run through signature verification to see if all outputs | ||
| 314 | # show as valid. | ||
| 315 | # | ||
| 316 | |||
| 317 | my %verify_special = ( | ||
| 318 | "PQGGen" => "fips_dssvs pqgver", | ||
| 319 | "KeyPair" => "fips_dssvs keyver", | ||
| 320 | "SigGen" => "fips_dssvs sigver", | ||
| 321 | "SigGen15" => "fips_rsavtest", | ||
| 322 | "SigGenRSA" => "fips_rsavtest -x931", | ||
| 323 | "SigGenPSS(0)" => "fips_rsavtest -saltlen 0", | ||
| 324 | "SigGenPSS(62)" => "fips_rsavtest -saltlen 62", | ||
| 325 | ); | ||
| 326 | |||
| 327 | my $win32 = $^O =~ m/mswin/i; | ||
| 328 | my $onedir = 0; | ||
| 329 | my $filter = ""; | ||
| 330 | my $tvdir; | ||
| 331 | my $tprefix; | ||
| 332 | my $shwrap_prefix; | ||
| 333 | my $debug = 0; | ||
| 334 | my $quiet = 0; | ||
| 335 | my $notest = 0; | ||
| 336 | my $verify = 1; | ||
| 337 | my $rspdir = "rsp"; | ||
| 338 | my $ignore_missing = 0; | ||
| 339 | my $ignore_bogus = 0; | ||
| 340 | my $bufout = ''; | ||
| 341 | my $list_tests = 0; | ||
| 342 | |||
| 343 | my %fips_enabled = ( | ||
| 344 | dsa => 1, | ||
| 345 | rsa => 1, | ||
| 346 | "rsa-pss0" => 0, | ||
| 347 | "rsa-pss62" => 1, | ||
| 348 | sha => 1, | ||
| 349 | hmac => 1, | ||
| 350 | "rand-aes" => 1, | ||
| 351 | "rand-des2" => 0, | ||
| 352 | aes => 1, | ||
| 353 | "aes-cfb1" => 0, | ||
| 354 | des3 => 1 | ||
| 355 | ); | ||
| 356 | |||
| 357 | foreach (@ARGV) { | ||
| 358 | if ( $_ eq "--win32" ) { | ||
| 359 | $win32 = 1; | ||
| 360 | } | ||
| 361 | elsif ( $_ eq "--onedir" ) { | ||
| 362 | $onedir = 1; | ||
| 363 | } | ||
| 364 | elsif ( $_ eq "--debug" ) { | ||
| 365 | $debug = 1; | ||
| 366 | } | ||
| 367 | elsif ( $_ eq "--ignore-missing" ) { | ||
| 368 | $ignore_missing = 1; | ||
| 369 | } | ||
| 370 | elsif ( $_ eq "--ignore-bogus" ) { | ||
| 371 | $ignore_bogus = 1; | ||
| 372 | } | ||
| 373 | elsif ( $_ eq "--generate" ) { | ||
| 374 | $verify = 0; | ||
| 375 | } | ||
| 376 | elsif ( $_ eq "--notest" ) { | ||
| 377 | $notest = 1; | ||
| 378 | } | ||
| 379 | elsif ( $_ eq "--quiet" ) { | ||
| 380 | $quiet = 1; | ||
| 381 | } | ||
| 382 | elsif (/--dir=(.*)$/) { | ||
| 383 | $tvdir = $1; | ||
| 384 | } | ||
| 385 | elsif (/--rspdir=(.*)$/) { | ||
| 386 | $rspdir = $1; | ||
| 387 | } | ||
| 388 | elsif (/--tprefix=(.*)$/) { | ||
| 389 | $tprefix = $1; | ||
| 390 | } | ||
| 391 | elsif (/--shwrap_prefix=(.*)$/) { | ||
| 392 | $shwrap_prefix = $1; | ||
| 393 | } | ||
| 394 | elsif (/^--(enable|disable)-(.*)$/) { | ||
| 395 | if ( !exists $fips_enabled{$2} ) { | ||
| 396 | print STDERR "Unknown test $2\n"; | ||
| 397 | } | ||
| 398 | if ( $1 eq "enable" ) { | ||
| 399 | $fips_enabled{$2} = 1; | ||
| 400 | } | ||
| 401 | else { | ||
| 402 | $fips_enabled{$2} = 0; | ||
| 403 | } | ||
| 404 | } | ||
| 405 | elsif (/--filter=(.*)$/) { | ||
| 406 | $filter = $1; | ||
| 407 | } | ||
| 408 | elsif (/^--list-tests$/) { | ||
| 409 | $list_tests = 1; | ||
| 410 | } | ||
| 411 | else { | ||
| 412 | Help(); | ||
| 413 | exit(1); | ||
| 414 | } | ||
| 415 | } | ||
| 416 | |||
| 417 | my @fips_test_list; | ||
| 418 | |||
| 419 | push @fips_test_list, @fips_dsa_test_list if $fips_enabled{"dsa"}; | ||
| 420 | push @fips_test_list, @fips_rsa_test_list if $fips_enabled{"rsa"}; | ||
| 421 | push @fips_test_list, @fips_rsa_pss0_test_list if $fips_enabled{"rsa-pss0"}; | ||
| 422 | push @fips_test_list, @fips_rsa_pss62_test_list if $fips_enabled{"rsa-pss62"}; | ||
| 423 | push @fips_test_list, @fips_sha_test_list if $fips_enabled{"sha"}; | ||
| 424 | push @fips_test_list, @fips_hmac_test_list if $fips_enabled{"hmac"}; | ||
| 425 | push @fips_test_list, @fips_rand_aes_test_list if $fips_enabled{"rand-aes"}; | ||
| 426 | push @fips_test_list, @fips_rand_des2_test_list if $fips_enabled{"rand-des2"}; | ||
| 427 | push @fips_test_list, @fips_aes_test_list if $fips_enabled{"aes"}; | ||
| 428 | push @fips_test_list, @fips_aes_cfb1_test_list if $fips_enabled{"aes-cfb1"}; | ||
| 429 | push @fips_test_list, @fips_des3_test_list if $fips_enabled{"des3"}; | ||
| 430 | |||
| 431 | if ($list_tests) { | ||
| 432 | my ( $test, $en ); | ||
| 433 | print "=====TEST LIST=====\n"; | ||
| 434 | foreach $test ( sort keys %fips_enabled ) { | ||
| 435 | $en = $fips_enabled{$test}; | ||
| 436 | $test =~ tr/[a-z]/[A-Z]/; | ||
| 437 | printf "%-10s %s\n", $test, $en ? "enabled" : "disabled"; | ||
| 438 | } | ||
| 439 | exit(0); | ||
| 440 | } | ||
| 441 | |||
| 442 | foreach (@fips_test_list) { | ||
| 443 | next unless ref($_); | ||
| 444 | my $nm = $_->[0]; | ||
| 445 | $_->[2] = ""; | ||
| 446 | $_->[3] = ""; | ||
| 447 | print STDERR "Duplicate test $nm\n" if exists $fips_tests{$nm}; | ||
| 448 | $fips_tests{$nm} = $_; | ||
| 449 | } | ||
| 450 | |||
| 451 | $tvdir = "." unless defined $tvdir; | ||
| 452 | |||
| 453 | if ($win32) { | ||
| 454 | if ( !defined $tprefix ) { | ||
| 455 | if ($onedir) { | ||
| 456 | $tprefix = ".\\"; | ||
| 457 | } | ||
| 458 | else { | ||
| 459 | $tprefix = "..\\out32dll\\"; | ||
| 460 | } | ||
| 461 | } | ||
| 462 | } | ||
| 463 | else { | ||
| 464 | if ($onedir) { | ||
| 465 | $tprefix = "./" unless defined $tprefix; | ||
| 466 | $shwrap_prefix = "./" unless defined $shwrap_prefix; | ||
| 467 | } | ||
| 468 | else { | ||
| 469 | $tprefix = "../test/" unless defined $tprefix; | ||
| 470 | $shwrap_prefix = "../util/" unless defined $shwrap_prefix; | ||
| 471 | } | ||
| 472 | } | ||
| 473 | |||
| 474 | sanity_check_exe( $win32, $tprefix, $shwrap_prefix ); | ||
| 475 | |||
| 476 | my $cmd_prefix = $win32 ? "" : "${shwrap_prefix}shlib_wrap.sh "; | ||
| 477 | |||
| 478 | find_files( $filter, $tvdir ); | ||
| 479 | |||
| 480 | sanity_check_files(); | ||
| 481 | |||
| 482 | my ( $runerr, $cmperr, $cmpok, $scheckrunerr, $scheckerr, $scheckok, $skipcnt ) | ||
| 483 | = ( 0, 0, 0, 0, 0, 0, 0 ); | ||
| 484 | |||
| 485 | exit(0) if $notest; | ||
| 486 | |||
| 487 | run_tests( $verify, $win32, $tprefix, $filter, $tvdir ); | ||
| 488 | |||
| 489 | if ($verify) { | ||
| 490 | print "ALGORITHM TEST VERIFY SUMMARY REPORT:\n"; | ||
| 491 | print "Tests skipped due to missing files: $skipcnt\n"; | ||
| 492 | print "Algorithm test program execution failures: $runerr\n"; | ||
| 493 | print "Test comparisons successful: $cmpok\n"; | ||
| 494 | print "Test comparisons failed: $cmperr\n"; | ||
| 495 | print "Test sanity checks successful: $scheckok\n"; | ||
| 496 | print "Test sanity checks failed: $scheckerr\n"; | ||
| 497 | print "Sanity check program execution failures: $scheckrunerr\n"; | ||
| 498 | |||
| 499 | if ( $runerr || $cmperr || $scheckrunerr || $scheckerr ) { | ||
| 500 | print "***TEST FAILURE***\n"; | ||
| 501 | } | ||
| 502 | else { | ||
| 503 | print "***ALL TESTS SUCCESSFUL***\n"; | ||
| 504 | } | ||
| 505 | } | ||
| 506 | else { | ||
| 507 | print "ALGORITHM TEST SUMMARY REPORT:\n"; | ||
| 508 | print "Tests skipped due to missing files: $skipcnt\n"; | ||
| 509 | print "Algorithm test program execution failures: $runerr\n"; | ||
| 510 | |||
| 511 | if ($runerr) { | ||
| 512 | print "***TEST FAILURE***\n"; | ||
| 513 | } | ||
| 514 | else { | ||
| 515 | print "***ALL TESTS SUCCESSFUL***\n"; | ||
| 516 | } | ||
| 517 | } | ||
| 518 | |||
| 519 | #-------------------------------- | ||
| 520 | sub Help { | ||
| 521 | ( my $cmd ) = ( $0 =~ m#([^/]+)$# ); | ||
| 522 | print <<EOF; | ||
| 523 | $cmd: generate run CMVP algorithm tests | ||
| 524 | --debug Enable debug output | ||
| 525 | --dir=<dirname> Optional root for *.req file search | ||
| 526 | --filter=<regexp> | ||
| 527 | --onedir <dirname> Assume all components in current directory | ||
| 528 | --rspdir=<dirname> Name of subdirectories containing *.rsp files, default "resp" | ||
| 529 | --shwrap_prefix=<prefix> | ||
| 530 | --tprefix=<prefix> | ||
| 531 | --ignore-bogus Ignore duplicate or bogus files | ||
| 532 | --ignore-missing Ignore missing test files | ||
| 533 | --quiet Shhh.... | ||
| 534 | --generate Generate algorithm test output | ||
| 535 | --win32 Win32 environment | ||
| 536 | EOF | ||
| 537 | } | ||
| 538 | |||
| 539 | # Sanity check to see if all necessary executables exist | ||
| 540 | |||
| 541 | sub sanity_check_exe { | ||
| 542 | my ( $win32, $tprefix, $shwrap_prefix ) = @_; | ||
| 543 | my %exe_list; | ||
| 544 | my $bad = 0; | ||
| 545 | $exe_list{ $shwrap_prefix . "shlib_wrap.sh" } = 1 unless $win32; | ||
| 546 | foreach (@fips_test_list) { | ||
| 547 | next unless ref($_); | ||
| 548 | my $cmd = $_->[1]; | ||
| 549 | $cmd =~ s/ .*$//; | ||
| 550 | $cmd = $tprefix . $cmd; | ||
| 551 | $cmd .= ".exe" if $win32; | ||
| 552 | $exe_list{$cmd} = 1; | ||
| 553 | } | ||
| 554 | |||
| 555 | foreach ( sort keys %exe_list ) { | ||
| 556 | if ( !-f $_ ) { | ||
| 557 | print STDERR "ERROR: can't find executable $_\n"; | ||
| 558 | $bad = 1; | ||
| 559 | } | ||
| 560 | } | ||
| 561 | if ($bad) { | ||
| 562 | print STDERR "FATAL ERROR: executables missing\n"; | ||
| 563 | exit(1); | ||
| 564 | } | ||
| 565 | elsif ($debug) { | ||
| 566 | print STDERR "Executable sanity check passed OK\n"; | ||
| 567 | } | ||
| 568 | } | ||
| 569 | |||
| 570 | # Search for all request and response files | ||
| 571 | |||
| 572 | sub find_files { | ||
| 573 | my ( $filter, $dir ) = @_; | ||
| 574 | my ( $dirh, $testname ); | ||
| 575 | opendir( $dirh, $dir ); | ||
| 576 | while ( $_ = readdir($dirh) ) { | ||
| 577 | next if ( $_ eq "." || $_ eq ".." ); | ||
| 578 | $_ = "$dir/$_"; | ||
| 579 | if ( -f "$_" ) { | ||
| 580 | if (/\/([^\/]*)\.rsp$/) { | ||
| 581 | $testname = fix_pss( $1, $_ ); | ||
| 582 | if ( exists $fips_tests{$testname} ) { | ||
| 583 | if ( $fips_tests{$testname}->[3] eq "" ) { | ||
| 584 | $fips_tests{$testname}->[3] = $_; | ||
| 585 | } | ||
| 586 | else { | ||
| 587 | print STDERR | ||
| 588 | "WARNING: duplicate response file $_ for test $testname\n"; | ||
| 589 | $nbogus++; | ||
| 590 | } | ||
| 591 | } | ||
| 592 | else { | ||
| 593 | print STDERR "WARNING: bogus file $_\n"; | ||
| 594 | $nbogus++; | ||
| 595 | } | ||
| 596 | } | ||
| 597 | next unless /$filter.*\.req$/i; | ||
| 598 | if (/\/([^\/]*)\.req$/) { | ||
| 599 | $testname = fix_pss( $1, $_ ); | ||
| 600 | if ( exists $fips_tests{$testname} ) { | ||
| 601 | if ( $fips_tests{$testname}->[2] eq "" ) { | ||
| 602 | $fips_tests{$testname}->[2] = $_; | ||
| 603 | } | ||
| 604 | else { | ||
| 605 | print STDERR | ||
| 606 | "WARNING: duplicate request file $_ for test $testname\n"; | ||
| 607 | $nbogus++; | ||
| 608 | } | ||
| 609 | |||
| 610 | } | ||
| 611 | elsif ( !/SHAmix\.req$/ ) { | ||
| 612 | print STDERR "WARNING: unrecognized filename $_\n"; | ||
| 613 | $nbogus++; | ||
| 614 | } | ||
| 615 | } | ||
| 616 | } | ||
| 617 | elsif ( -d "$_" ) { | ||
| 618 | find_files( $filter, $_ ); | ||
| 619 | } | ||
| 620 | } | ||
| 621 | closedir($dirh); | ||
| 622 | } | ||
| 623 | |||
| 624 | sub fix_pss { | ||
| 625 | my ( $test, $path ) = @_; | ||
| 626 | my $sl = ""; | ||
| 627 | local $_; | ||
| 628 | if ( $test =~ /PSS/ ) { | ||
| 629 | open( IN, $path ) || die "Can't Open File $path"; | ||
| 630 | while (<IN>) { | ||
| 631 | if (/^\s*#\s*salt\s+len:\s+(\d+)\s*$/i) { | ||
| 632 | $sl = $1; | ||
| 633 | last; | ||
| 634 | } | ||
| 635 | } | ||
| 636 | close IN; | ||
| 637 | if ( $sl eq "" ) { | ||
| 638 | print STDERR "WARNING: No Salt length detected for file $path\n"; | ||
| 639 | } | ||
| 640 | else { | ||
| 641 | return $test . "($sl)"; | ||
| 642 | } | ||
| 643 | } | ||
| 644 | return $test; | ||
| 645 | } | ||
| 646 | |||
| 647 | sub sanity_check_files { | ||
| 648 | my $bad = 0; | ||
| 649 | foreach (@fips_test_list) { | ||
| 650 | next unless ref($_); | ||
| 651 | my ( $tst, $cmd, $req, $resp ) = @$_; | ||
| 652 | |||
| 653 | #print STDERR "FILES $tst, $cmd, $req, $resp\n"; | ||
| 654 | if ( $req eq "" ) { | ||
| 655 | print STDERR "WARNING: missing request file for $tst\n"; | ||
| 656 | $bad = 1; | ||
| 657 | next; | ||
| 658 | } | ||
| 659 | if ( $verify && $resp eq "" ) { | ||
| 660 | print STDERR "WARNING: no response file for test $tst\n"; | ||
| 661 | $bad = 1; | ||
| 662 | } | ||
| 663 | elsif ( !$verify && $resp ne "" ) { | ||
| 664 | print STDERR "WARNING: response file $resp will be overwritten\n"; | ||
| 665 | } | ||
| 666 | } | ||
| 667 | if ($bad) { | ||
| 668 | print STDERR "ERROR: test vector file set not complete\n"; | ||
| 669 | exit(1) unless $ignore_missing; | ||
| 670 | } | ||
| 671 | if ($nbogus) { | ||
| 672 | print STDERR | ||
| 673 | "ERROR: $nbogus bogus or duplicate request and response files\n"; | ||
| 674 | exit(1) unless $ignore_bogus; | ||
| 675 | } | ||
| 676 | if ( $debug && !$nbogus && !$bad ) { | ||
| 677 | print STDERR "test vector file set complete\n"; | ||
| 678 | } | ||
| 679 | } | ||
| 680 | |||
| 681 | sub run_tests { | ||
| 682 | my ( $verify, $win32, $tprefix, $filter, $tvdir ) = @_; | ||
| 683 | my ( $tname, $tref ); | ||
| 684 | my $bad = 0; | ||
| 685 | foreach (@fips_test_list) { | ||
| 686 | if ( !ref($_) ) { | ||
| 687 | print "Running $_ tests\n" unless $quiet; | ||
| 688 | next; | ||
| 689 | } | ||
| 690 | my ( $tname, $tcmd, $req, $rsp ) = @$_; | ||
| 691 | my $out = $rsp; | ||
| 692 | if ($verify) { | ||
| 693 | $out =~ s/\.rsp$/.tst/; | ||
| 694 | } | ||
| 695 | if ( $req eq "" ) { | ||
| 696 | print STDERR | ||
| 697 | "WARNING: Request file for $tname missing: test skipped\n"; | ||
| 698 | $skipcnt++; | ||
| 699 | next; | ||
| 700 | } | ||
| 701 | if ( $verify && $rsp eq "" ) { | ||
| 702 | print STDERR | ||
| 703 | "WARNING: Response file for $tname missing: test skipped\n"; | ||
| 704 | $skipcnt++; | ||
| 705 | next; | ||
| 706 | } | ||
| 707 | elsif ( !$verify ) { | ||
| 708 | if ( $rsp ne "" ) { | ||
| 709 | print STDERR "WARNING: Response file for $tname deleted\n"; | ||
| 710 | unlink $rsp; | ||
| 711 | } | ||
| 712 | $out = $req; | ||
| 713 | $out =~ s|/req/(\S+)\.req|/$rspdir/$1.rsp|; | ||
| 714 | my $outdir = $out; | ||
| 715 | $outdir =~ s|/[^/]*$||; | ||
| 716 | if ( !-d $outdir ) { | ||
| 717 | print STDERR "DEBUG: Creating directory $outdir\n" if $debug; | ||
| 718 | mkdir($outdir) || die "Can't create directory $outdir"; | ||
| 719 | } | ||
| 720 | } | ||
| 721 | my $cmd = "$cmd_prefix$tprefix$tcmd "; | ||
| 722 | if ( $tcmd =~ /-f$/ ) { | ||
| 723 | $cmd .= "$req $out"; | ||
| 724 | } | ||
| 725 | else { | ||
| 726 | $cmd .= "<$req >$out"; | ||
| 727 | } | ||
| 728 | print STDERR "DEBUG: running test $tname\n" if ( $debug && !$verify ); | ||
| 729 | system($cmd); | ||
| 730 | if ( $? != 0 ) { | ||
| 731 | print STDERR | ||
| 732 | "WARNING: error executing test $tname for command: $cmd\n"; | ||
| 733 | $runerr++; | ||
| 734 | next; | ||
| 735 | } | ||
| 736 | if ($verify) { | ||
| 737 | if ( exists $verify_special{$tname} ) { | ||
| 738 | my $vout = $rsp; | ||
| 739 | $vout =~ s/\.rsp$/.ver/; | ||
| 740 | $tcmd = $verify_special{$tname}; | ||
| 741 | $cmd = "$cmd_prefix$tprefix$tcmd "; | ||
| 742 | $cmd .= "<$out >$vout"; | ||
| 743 | system($cmd); | ||
| 744 | if ( $? != 0 ) { | ||
| 745 | print STDERR | ||
| 746 | "WARNING: error executing verify test $tname $cmd\n"; | ||
| 747 | $scheckrunerr++; | ||
| 748 | next; | ||
| 749 | } | ||
| 750 | my ( $fcount, $pcount ) = ( 0, 0 ); | ||
| 751 | open VER, "$vout"; | ||
| 752 | while (<VER>) { | ||
| 753 | if (/^Result\s*=\s*(\S*)\s*$/i) | ||
| 754 | |||
| 755 | { | ||
| 756 | if ( $1 eq "F" ) { | ||
| 757 | $fcount++; | ||
| 758 | } | ||
| 759 | else { | ||
| 760 | $pcount++; | ||
| 761 | } | ||
| 762 | } | ||
| 763 | } | ||
| 764 | close VER; | ||
| 765 | |||
| 766 | unlink $vout; | ||
| 767 | if ( $fcount || $debug ) { | ||
| 768 | print STDERR "DEBUG: $tname, Pass=$pcount, Fail=$fcount\n"; | ||
| 769 | } | ||
| 770 | if ( $fcount || !$pcount ) { | ||
| 771 | $scheckerr++; | ||
| 772 | } | ||
| 773 | else { | ||
| 774 | $scheckok++; | ||
| 775 | } | ||
| 776 | |||
| 777 | } | ||
| 778 | elsif ( !cmp_file( $tname, $rsp, $out ) ) { | ||
| 779 | $cmperr++; | ||
| 780 | } | ||
| 781 | else { | ||
| 782 | $cmpok++; | ||
| 783 | } | ||
| 784 | unlink $out; | ||
| 785 | } | ||
| 786 | } | ||
| 787 | } | ||
| 788 | |||
| 789 | sub cmp_file { | ||
| 790 | my ( $tname, $rsp, $tst ) = @_; | ||
| 791 | my ( $rspf, $tstf ); | ||
| 792 | my ( $rspline, $tstline ); | ||
| 793 | if ( !open( $rspf, $rsp ) ) { | ||
| 794 | print STDERR "ERROR: can't open request file $rsp\n"; | ||
| 795 | return 0; | ||
| 796 | } | ||
| 797 | if ( !open( $tstf, $tst ) ) { | ||
| 798 | print STDERR "ERROR: can't open output file $tst\n"; | ||
| 799 | return 0; | ||
| 800 | } | ||
| 801 | for ( ; ; ) { | ||
| 802 | $rspline = next_line($rspf); | ||
| 803 | $tstline = next_line($tstf); | ||
| 804 | if ( !defined($rspline) && !defined($tstline) ) { | ||
| 805 | print STDERR "DEBUG: $tname file comparison OK\n" if $debug; | ||
| 806 | return 1; | ||
| 807 | } | ||
| 808 | if ( !defined($rspline) ) { | ||
| 809 | print STDERR "ERROR: $tname EOF on $rspf\n"; | ||
| 810 | return 0; | ||
| 811 | } | ||
| 812 | if ( !defined($tstline) ) { | ||
| 813 | print STDERR "ERROR: $tname EOF on $tstf\n"; | ||
| 814 | return 0; | ||
| 815 | } | ||
| 816 | |||
| 817 | # Workaround for bug in RAND des2 test output */ | ||
| 818 | if ( $tstline =~ /^Key2 =/ && $rspline =~ /^Key1 =/ ) { | ||
| 819 | $rspline =~ s/^Key1/Key2/; | ||
| 820 | } | ||
| 821 | |||
| 822 | if ( $tstline ne $rspline ) { | ||
| 823 | print STDERR "ERROR: $tname mismatch:\n"; | ||
| 824 | print STDERR "\t $tstline != $rspline\n"; | ||
| 825 | return 0; | ||
| 826 | } | ||
| 827 | } | ||
| 828 | return 1; | ||
| 829 | } | ||
| 830 | |||
| 831 | sub next_line { | ||
| 832 | my ($in) = @_; | ||
| 833 | |||
| 834 | while (<$in>) { | ||
| 835 | chomp; | ||
| 836 | |||
| 837 | # Delete comments | ||
| 838 | s/#.*$//; | ||
| 839 | |||
| 840 | # Ignore blank lines | ||
| 841 | next if (/^\s*$/); | ||
| 842 | |||
| 843 | # Translate multiple space into one | ||
| 844 | s/\s+/ /g; | ||
| 845 | return $_; | ||
| 846 | } | ||
| 847 | return undef; | ||
| 848 | } | ||
diff --git a/src/lib/libssl/src/fips/fipsld b/src/lib/libssl/src/fips/fipsld new file mode 100755 index 0000000000..c71d4d95a5 --- /dev/null +++ b/src/lib/libssl/src/fips/fipsld | |||
| @@ -0,0 +1,170 @@ | |||
| 1 | #!/bin/sh -e | ||
| 2 | # | ||
| 3 | # Copyright (c) 2005-2007 The OpenSSL Project. | ||
| 4 | # | ||
| 5 | # Depending on output file name, the script either embeds fingerprint | ||
| 6 | # into libcrypto.so or static application. "Static" refers to static | ||
| 7 | # libcrypto.a, not [necessarily] application per se. | ||
| 8 | # | ||
| 9 | # Even though this script is called fipsld, it expects C compiler | ||
| 10 | # command line syntax and $FIPSLD_CC or $CC environment variable set | ||
| 11 | # and can even be used to compile source files. | ||
| 12 | |||
| 13 | #set -x | ||
| 14 | |||
| 15 | CC=${FIPSLD_CC:-${CC}} | ||
| 16 | [ -n "${CC}" ] || { echo '$CC is not defined'; exit 1; } | ||
| 17 | |||
| 18 | # Initially -c wasn't intended to be interpreted here, but it might | ||
| 19 | # make life easier for those who want to build FIPS-ified applications | ||
| 20 | # with minimal [if any] modifications to their Makefiles... | ||
| 21 | ( while [ "x$1" != "x" -a "x$1" != "x-c" -a "x$1" != "x-E" ]; do shift; done; | ||
| 22 | [ $# -ge 1 ] | ||
| 23 | ) && exec ${CC} "$@" | ||
| 24 | |||
| 25 | TARGET=`(while [ "x$1" != "x" -a "x$1" != "x-o" ]; do shift; done; echo $2)` | ||
| 26 | |||
| 27 | # If using an auto-tooled (autoconf/automake/libtool) project, | ||
| 28 | # configure will fail when testing the compiler or even performing | ||
| 29 | # simple checks. Pass-through to compiler directly if application is | ||
| 30 | # is not being linked with libcrypto, allowing auto-tooled applications | ||
| 31 | # to utilize fipsld (e.g. CC=/usr/local/ssl/bin/fipsld FIPSLD_CC=gcc | ||
| 32 | # ./configure && make). But keep in mind[!] that if certified code | ||
| 33 | # resides in a shared library, then fipsld *may not* be used and | ||
| 34 | # end-developer should not modify application configuration and build | ||
| 35 | # procedures. This is because in-core fingerprint and associated | ||
| 36 | # procedures are already embedded into and executed in shared library | ||
| 37 | # context. | ||
| 38 | case `basename "${TARGET}"` in | ||
| 39 | libcrypto*|libfips*|*.dll) ;; | ||
| 40 | *) case "$*" in | ||
| 41 | *libcrypto.a*|*-lcrypto*|*fipscanister.o*) ;; | ||
| 42 | *) exec ${CC} "$@" ;; | ||
| 43 | esac | ||
| 44 | esac | ||
| 45 | |||
| 46 | [ -n "${TARGET}" ] || { echo 'no -o specified'; exit 1; } | ||
| 47 | |||
| 48 | # Turn on debugging output? | ||
| 49 | ( while [ "x$1" != "x" -a "x$1" != "x-DDEBUG_FINGERPRINT_PREMAIN" ]; do shift; done; | ||
| 50 | [ $# -ge 1 ] | ||
| 51 | ) && set -x | ||
| 52 | |||
| 53 | THERE="`echo $0 | sed -e 's|[^/]*$||'`".. | ||
| 54 | |||
| 55 | # fipscanister.o can appear in command line | ||
| 56 | CANISTER_O=`(while [ "x$1" != "x" ]; do case "$1" in *fipscanister.o) echo $1; exit;; esac; shift; done)` | ||
| 57 | if [ -z "${CANISTER_O}" ]; then | ||
| 58 | # If set, FIPSLIBDIR is location of installed validated FIPS module | ||
| 59 | if [ -n "${FIPSLIBDIR}" ]; then | ||
| 60 | CANISTER_O="${FIPSLIBDIR}/fipscanister.o" | ||
| 61 | elif [ -f "${THERE}/fips/fipscanister.o" ]; then | ||
| 62 | CANISTER_O="${THERE}/fips/fipscanister.o" | ||
| 63 | elif [ -f "${THERE}/lib/fipscanister.o" ]; then | ||
| 64 | CANISTER_O="${THERE}/lib/fipscanister.o" | ||
| 65 | fi | ||
| 66 | CANISTER_O_CMD="${CANISTER_O}" | ||
| 67 | fi | ||
| 68 | [ -f ${CANISTER_O} ] || { echo "unable to find ${CANISTER_O}"; exit 1; } | ||
| 69 | |||
| 70 | PREMAIN_C=`dirname "${CANISTER_O}"`/fips_premain.c | ||
| 71 | |||
| 72 | HMAC_KEY="etaonrishdlcupfm" | ||
| 73 | |||
| 74 | case "`(uname -s) 2>/dev/null`" in | ||
| 75 | OSF1|IRIX*) _WL_PREMAIN="-Wl,-init,FINGERPRINT_premain" ;; | ||
| 76 | HP-UX) _WL_PREMAIN="-Wl,+init,FINGERPRINT_premain" ;; | ||
| 77 | AIX) _WL_PREMAIN="-Wl,-binitfini:FINGERPRINT_premain,-bnoobjreorder";; | ||
| 78 | Darwin) ( while [ "x$1" != "x" -a "x$1" != "x-dynamiclib" ]; do shift; done; | ||
| 79 | [ $# -ge 1 ] | ||
| 80 | ) && _WL_PREMAIN="-Wl,-init,_FINGERPRINT_premain" ;; | ||
| 81 | esac | ||
| 82 | |||
| 83 | case "${TARGET}" in | ||
| 84 | [!/]*) TARGET=./${TARGET} ;; | ||
| 85 | esac | ||
| 86 | |||
| 87 | case `basename "${TARGET}"` in | ||
| 88 | lib*|*.dll) # must be linking a shared lib... | ||
| 89 | # Shared lib creation can be taking place in the source | ||
| 90 | # directory only, but fipscanister.o can reside elsewhere... | ||
| 91 | FINGERTYPE="${THERE}/fips/fips_standalone_sha1" | ||
| 92 | |||
| 93 | # verify fipspremain.c against its detached signature... | ||
| 94 | ${FINGERTYPE} "${PREMAIN_C}" | sed "s/(.*\//(/" | \ | ||
| 95 | diff -w "${PREMAIN_C}.sha1" - || \ | ||
| 96 | { echo "${PREMAIN_C} fingerprint mismatch"; exit 1; } | ||
| 97 | # verify fipscanister.o against its detached signature... | ||
| 98 | ${FINGERTYPE} "${CANISTER_O}" | sed "s/(.*\//(/" | \ | ||
| 99 | diff -w "${CANISTER_O}.sha1" - || \ | ||
| 100 | { echo "${CANISTER_O} fingerprint mismatch"; exit 1; } | ||
| 101 | |||
| 102 | # Temporarily remove fipscanister.o from libcrypto.a! | ||
| 103 | # We are required to use the standalone copy... | ||
| 104 | if [ -f "${THERE}/libcrypto.a" ]; then | ||
| 105 | if ar d "${THERE}/libcrypto.a" fipscanister.o; then | ||
| 106 | (ranlib "${THERE}/libcrypto.a") 2>/dev/null || : | ||
| 107 | trap 'ar r "${THERE}/libcrypto.a" "${CANISTER_O}"; | ||
| 108 | (ranlib "${THERE}/libcrypto.a") 2>/dev/null || :; | ||
| 109 | sleep 1; | ||
| 110 | touch -c "${TARGET}"' 0 | ||
| 111 | fi | ||
| 112 | fi | ||
| 113 | |||
| 114 | /bin/rm -f "${TARGET}" | ||
| 115 | ${CC} ${CANISTER_O_CMD:+"${CANISTER_O_CMD}"} \ | ||
| 116 | "${PREMAIN_C}" \ | ||
| 117 | ${_WL_PREMAIN} "$@" | ||
| 118 | |||
| 119 | # generate signature... | ||
| 120 | SIG=`"${THERE}/fips/fips_premain_dso" "${TARGET}"` | ||
| 121 | /bin/rm -f "${TARGET}" | ||
| 122 | if [ -z "${SIG}" ]; then | ||
| 123 | echo "unable to collect signature"; exit 1 | ||
| 124 | fi | ||
| 125 | |||
| 126 | # recompile with signature... | ||
| 127 | ${CC} ${CANISTER_O_CMD:+"${CANISTER_O_CMD}"} \ | ||
| 128 | -DHMAC_SHA1_SIG=\"${SIG}\" "${PREMAIN_C}" \ | ||
| 129 | ${_WL_PREMAIN} "$@" | ||
| 130 | ;; | ||
| 131 | |||
| 132 | *) # must be linking statically... | ||
| 133 | # Static linking can be taking place either in the source | ||
| 134 | # directory or off the installed binary target destination. | ||
| 135 | if [ -x "${THERE}/fips/fips_standalone_sha1" ]; then | ||
| 136 | FINGERTYPE="${THERE}/fips/fips_standalone_sha1" | ||
| 137 | else # Installed tree is expected to contain | ||
| 138 | # lib/fipscanister.o, lib/fipscanister.o.sha1 and | ||
| 139 | # lib/fips_premain.c [not to mention bin/openssl]. | ||
| 140 | FINGERTYPE="${THERE}/bin/openssl sha1 -hmac ${HMAC_KEY}" | ||
| 141 | fi | ||
| 142 | |||
| 143 | # verify fipscanister.o against its detached signature... | ||
| 144 | ${FINGERTYPE} "${CANISTER_O}" | sed "s/(.*\//(/" | \ | ||
| 145 | diff -w "${CANISTER_O}.sha1" - || \ | ||
| 146 | { echo "${CANISTER_O} fingerprint mismatch"; exit 1; } | ||
| 147 | |||
| 148 | # verify fips_premain.c against its detached signature... | ||
| 149 | ${FINGERTYPE} "${PREMAIN_C}" | sed "s/(.*\//(/" | \ | ||
| 150 | diff -w "${PREMAIN_C}.sha1" - || \ | ||
| 151 | { echo "${PREMAIN_C} fingerprint mismatch"; exit 1; } | ||
| 152 | |||
| 153 | /bin/rm -f "${TARGET}" | ||
| 154 | ${CC} ${CANISTER_O_CMD:+"${CANISTER_O_CMD}"} \ | ||
| 155 | "${PREMAIN_C}" \ | ||
| 156 | ${_WL_PREMAIN} "$@" | ||
| 157 | |||
| 158 | # generate signature... | ||
| 159 | SIG=`"${TARGET}"` | ||
| 160 | /bin/rm -f "${TARGET}" | ||
| 161 | if [ -z "${SIG}" ]; then | ||
| 162 | echo "unable to collect signature"; exit 1 | ||
| 163 | fi | ||
| 164 | |||
| 165 | # recompile with signature... | ||
| 166 | ${CC} ${CANISTER_O_CMD:+"${CANISTER_O_CMD}"} \ | ||
| 167 | -DHMAC_SHA1_SIG=\"${SIG}\" "${PREMAIN_C}" \ | ||
| 168 | ${_WL_PREMAIN} "$@" | ||
| 169 | ;; | ||
| 170 | esac | ||
diff --git a/src/lib/libssl/src/fips/fipstests.bat b/src/lib/libssl/src/fips/fipstests.bat new file mode 100644 index 0000000000..aae3b13fd1 --- /dev/null +++ b/src/lib/libssl/src/fips/fipstests.bat | |||
| @@ -0,0 +1,229 @@ | |||
| 1 | @echo off | ||
| 2 | rem Test vector run script | ||
| 3 | rem Auto generated by mkfipsscr.pl script | ||
| 4 | rem Do not edit | ||
| 5 | |||
| 6 | |||
| 7 | echo Running tests in .\testvectors\AES\req | ||
| 8 | if exist ".\testvectors\AES\rsp" rd /s /q ".\testvectors\AES\rsp" | ||
| 9 | md ".\testvectors\AES\rsp" | ||
| 10 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCGFSbox128.req" ".\testvectors\AES\rsp\CBCGFSbox128.rsp" | ||
| 11 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCGFSbox192.req" ".\testvectors\AES\rsp\CBCGFSbox192.rsp" | ||
| 12 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCGFSbox256.req" ".\testvectors\AES\rsp\CBCGFSbox256.rsp" | ||
| 13 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCKeySbox128.req" ".\testvectors\AES\rsp\CBCKeySbox128.rsp" | ||
| 14 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCKeySbox192.req" ".\testvectors\AES\rsp\CBCKeySbox192.rsp" | ||
| 15 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCKeySbox256.req" ".\testvectors\AES\rsp\CBCKeySbox256.rsp" | ||
| 16 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCMCT128.req" ".\testvectors\AES\rsp\CBCMCT128.rsp" | ||
| 17 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCMCT192.req" ".\testvectors\AES\rsp\CBCMCT192.rsp" | ||
| 18 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCMCT256.req" ".\testvectors\AES\rsp\CBCMCT256.rsp" | ||
| 19 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCMMT128.req" ".\testvectors\AES\rsp\CBCMMT128.rsp" | ||
| 20 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCMMT192.req" ".\testvectors\AES\rsp\CBCMMT192.rsp" | ||
| 21 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCMMT256.req" ".\testvectors\AES\rsp\CBCMMT256.rsp" | ||
| 22 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCVarKey128.req" ".\testvectors\AES\rsp\CBCVarKey128.rsp" | ||
| 23 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCVarKey192.req" ".\testvectors\AES\rsp\CBCVarKey192.rsp" | ||
| 24 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCVarKey256.req" ".\testvectors\AES\rsp\CBCVarKey256.rsp" | ||
| 25 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCVarTxt128.req" ".\testvectors\AES\rsp\CBCVarTxt128.rsp" | ||
| 26 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCVarTxt192.req" ".\testvectors\AES\rsp\CBCVarTxt192.rsp" | ||
| 27 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CBCVarTxt256.req" ".\testvectors\AES\rsp\CBCVarTxt256.rsp" | ||
| 28 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128GFSbox128.req" ".\testvectors\AES\rsp\CFB128GFSbox128.rsp" | ||
| 29 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128GFSbox192.req" ".\testvectors\AES\rsp\CFB128GFSbox192.rsp" | ||
| 30 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128GFSbox256.req" ".\testvectors\AES\rsp\CFB128GFSbox256.rsp" | ||
| 31 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128KeySbox128.req" ".\testvectors\AES\rsp\CFB128KeySbox128.rsp" | ||
| 32 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128KeySbox192.req" ".\testvectors\AES\rsp\CFB128KeySbox192.rsp" | ||
| 33 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128KeySbox256.req" ".\testvectors\AES\rsp\CFB128KeySbox256.rsp" | ||
| 34 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128MCT128.req" ".\testvectors\AES\rsp\CFB128MCT128.rsp" | ||
| 35 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128MCT192.req" ".\testvectors\AES\rsp\CFB128MCT192.rsp" | ||
| 36 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128MCT256.req" ".\testvectors\AES\rsp\CFB128MCT256.rsp" | ||
| 37 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128MMT128.req" ".\testvectors\AES\rsp\CFB128MMT128.rsp" | ||
| 38 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128MMT192.req" ".\testvectors\AES\rsp\CFB128MMT192.rsp" | ||
| 39 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128MMT256.req" ".\testvectors\AES\rsp\CFB128MMT256.rsp" | ||
| 40 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128VarKey128.req" ".\testvectors\AES\rsp\CFB128VarKey128.rsp" | ||
| 41 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128VarKey192.req" ".\testvectors\AES\rsp\CFB128VarKey192.rsp" | ||
| 42 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128VarKey256.req" ".\testvectors\AES\rsp\CFB128VarKey256.rsp" | ||
| 43 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128VarTxt128.req" ".\testvectors\AES\rsp\CFB128VarTxt128.rsp" | ||
| 44 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128VarTxt192.req" ".\testvectors\AES\rsp\CFB128VarTxt192.rsp" | ||
| 45 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB128VarTxt256.req" ".\testvectors\AES\rsp\CFB128VarTxt256.rsp" | ||
| 46 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1GFSbox128.req" ".\testvectors\AES\rsp\CFB1GFSbox128.rsp" | ||
| 47 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1GFSbox192.req" ".\testvectors\AES\rsp\CFB1GFSbox192.rsp" | ||
| 48 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1GFSbox256.req" ".\testvectors\AES\rsp\CFB1GFSbox256.rsp" | ||
| 49 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1KeySbox128.req" ".\testvectors\AES\rsp\CFB1KeySbox128.rsp" | ||
| 50 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1KeySbox192.req" ".\testvectors\AES\rsp\CFB1KeySbox192.rsp" | ||
| 51 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1KeySbox256.req" ".\testvectors\AES\rsp\CFB1KeySbox256.rsp" | ||
| 52 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1MCT128.req" ".\testvectors\AES\rsp\CFB1MCT128.rsp" | ||
| 53 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1MCT192.req" ".\testvectors\AES\rsp\CFB1MCT192.rsp" | ||
| 54 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1MCT256.req" ".\testvectors\AES\rsp\CFB1MCT256.rsp" | ||
| 55 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1MMT128.req" ".\testvectors\AES\rsp\CFB1MMT128.rsp" | ||
| 56 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1MMT192.req" ".\testvectors\AES\rsp\CFB1MMT192.rsp" | ||
| 57 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1MMT256.req" ".\testvectors\AES\rsp\CFB1MMT256.rsp" | ||
| 58 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1VarKey128.req" ".\testvectors\AES\rsp\CFB1VarKey128.rsp" | ||
| 59 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1VarKey192.req" ".\testvectors\AES\rsp\CFB1VarKey192.rsp" | ||
| 60 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1VarKey256.req" ".\testvectors\AES\rsp\CFB1VarKey256.rsp" | ||
| 61 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1VarTxt128.req" ".\testvectors\AES\rsp\CFB1VarTxt128.rsp" | ||
| 62 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1VarTxt192.req" ".\testvectors\AES\rsp\CFB1VarTxt192.rsp" | ||
| 63 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB1VarTxt256.req" ".\testvectors\AES\rsp\CFB1VarTxt256.rsp" | ||
| 64 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8GFSbox128.req" ".\testvectors\AES\rsp\CFB8GFSbox128.rsp" | ||
| 65 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8GFSbox192.req" ".\testvectors\AES\rsp\CFB8GFSbox192.rsp" | ||
| 66 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8GFSbox256.req" ".\testvectors\AES\rsp\CFB8GFSbox256.rsp" | ||
| 67 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8KeySbox128.req" ".\testvectors\AES\rsp\CFB8KeySbox128.rsp" | ||
| 68 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8KeySbox192.req" ".\testvectors\AES\rsp\CFB8KeySbox192.rsp" | ||
| 69 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8KeySbox256.req" ".\testvectors\AES\rsp\CFB8KeySbox256.rsp" | ||
| 70 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8MCT128.req" ".\testvectors\AES\rsp\CFB8MCT128.rsp" | ||
| 71 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8MCT192.req" ".\testvectors\AES\rsp\CFB8MCT192.rsp" | ||
| 72 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8MCT256.req" ".\testvectors\AES\rsp\CFB8MCT256.rsp" | ||
| 73 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8MMT128.req" ".\testvectors\AES\rsp\CFB8MMT128.rsp" | ||
| 74 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8MMT192.req" ".\testvectors\AES\rsp\CFB8MMT192.rsp" | ||
| 75 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8MMT256.req" ".\testvectors\AES\rsp\CFB8MMT256.rsp" | ||
| 76 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8VarKey128.req" ".\testvectors\AES\rsp\CFB8VarKey128.rsp" | ||
| 77 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8VarKey192.req" ".\testvectors\AES\rsp\CFB8VarKey192.rsp" | ||
| 78 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8VarKey256.req" ".\testvectors\AES\rsp\CFB8VarKey256.rsp" | ||
| 79 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8VarTxt128.req" ".\testvectors\AES\rsp\CFB8VarTxt128.rsp" | ||
| 80 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8VarTxt192.req" ".\testvectors\AES\rsp\CFB8VarTxt192.rsp" | ||
| 81 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\CFB8VarTxt256.req" ".\testvectors\AES\rsp\CFB8VarTxt256.rsp" | ||
| 82 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBGFSbox128.req" ".\testvectors\AES\rsp\ECBGFSbox128.rsp" | ||
| 83 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBGFSbox192.req" ".\testvectors\AES\rsp\ECBGFSbox192.rsp" | ||
| 84 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBGFSbox256.req" ".\testvectors\AES\rsp\ECBGFSbox256.rsp" | ||
| 85 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBKeySbox128.req" ".\testvectors\AES\rsp\ECBKeySbox128.rsp" | ||
| 86 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBKeySbox192.req" ".\testvectors\AES\rsp\ECBKeySbox192.rsp" | ||
| 87 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBKeySbox256.req" ".\testvectors\AES\rsp\ECBKeySbox256.rsp" | ||
| 88 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBMCT128.req" ".\testvectors\AES\rsp\ECBMCT128.rsp" | ||
| 89 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBMCT192.req" ".\testvectors\AES\rsp\ECBMCT192.rsp" | ||
| 90 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBMCT256.req" ".\testvectors\AES\rsp\ECBMCT256.rsp" | ||
| 91 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBMMT128.req" ".\testvectors\AES\rsp\ECBMMT128.rsp" | ||
| 92 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBMMT192.req" ".\testvectors\AES\rsp\ECBMMT192.rsp" | ||
| 93 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBMMT256.req" ".\testvectors\AES\rsp\ECBMMT256.rsp" | ||
| 94 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBVarKey128.req" ".\testvectors\AES\rsp\ECBVarKey128.rsp" | ||
| 95 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBVarKey192.req" ".\testvectors\AES\rsp\ECBVarKey192.rsp" | ||
| 96 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBVarKey256.req" ".\testvectors\AES\rsp\ECBVarKey256.rsp" | ||
| 97 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBVarTxt128.req" ".\testvectors\AES\rsp\ECBVarTxt128.rsp" | ||
| 98 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBVarTxt192.req" ".\testvectors\AES\rsp\ECBVarTxt192.rsp" | ||
| 99 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\ECBVarTxt256.req" ".\testvectors\AES\rsp\ECBVarTxt256.rsp" | ||
| 100 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBGFSbox128.req" ".\testvectors\AES\rsp\OFBGFSbox128.rsp" | ||
| 101 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBGFSbox192.req" ".\testvectors\AES\rsp\OFBGFSbox192.rsp" | ||
| 102 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBGFSbox256.req" ".\testvectors\AES\rsp\OFBGFSbox256.rsp" | ||
| 103 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBKeySbox128.req" ".\testvectors\AES\rsp\OFBKeySbox128.rsp" | ||
| 104 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBKeySbox192.req" ".\testvectors\AES\rsp\OFBKeySbox192.rsp" | ||
| 105 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBKeySbox256.req" ".\testvectors\AES\rsp\OFBKeySbox256.rsp" | ||
| 106 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBMCT128.req" ".\testvectors\AES\rsp\OFBMCT128.rsp" | ||
| 107 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBMCT192.req" ".\testvectors\AES\rsp\OFBMCT192.rsp" | ||
| 108 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBMCT256.req" ".\testvectors\AES\rsp\OFBMCT256.rsp" | ||
| 109 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBMMT128.req" ".\testvectors\AES\rsp\OFBMMT128.rsp" | ||
| 110 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBMMT192.req" ".\testvectors\AES\rsp\OFBMMT192.rsp" | ||
| 111 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBMMT256.req" ".\testvectors\AES\rsp\OFBMMT256.rsp" | ||
| 112 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBVarKey128.req" ".\testvectors\AES\rsp\OFBVarKey128.rsp" | ||
| 113 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBVarKey192.req" ".\testvectors\AES\rsp\OFBVarKey192.rsp" | ||
| 114 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBVarKey256.req" ".\testvectors\AES\rsp\OFBVarKey256.rsp" | ||
| 115 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBVarTxt128.req" ".\testvectors\AES\rsp\OFBVarTxt128.rsp" | ||
| 116 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBVarTxt192.req" ".\testvectors\AES\rsp\OFBVarTxt192.rsp" | ||
| 117 | ..\out32dll\fips_aesavs -f ".\testvectors\AES\req\OFBVarTxt256.req" ".\testvectors\AES\rsp\OFBVarTxt256.rsp" | ||
| 118 | |||
| 119 | echo Running tests in .\testvectors\DSA\req | ||
| 120 | if exist ".\testvectors\DSA\rsp" rd /s /q ".\testvectors\DSA\rsp" | ||
| 121 | md ".\testvectors\DSA\rsp" | ||
| 122 | ..\out32dll\fips_dssvs keypair < ".\testvectors\DSA\req\KeyPair.req" > ".\testvectors\DSA\rsp\KeyPair.rsp" | ||
| 123 | ..\out32dll\fips_dssvs pqg < ".\testvectors\DSA\req\PQGGen.req" > ".\testvectors\DSA\rsp\PQGGen.rsp" | ||
| 124 | ..\out32dll\fips_dssvs siggen < ".\testvectors\DSA\req\SigGen.req" > ".\testvectors\DSA\rsp\SigGen.rsp" | ||
| 125 | ..\out32dll\fips_dssvs sigver < ".\testvectors\DSA\req\SigVer.req" > ".\testvectors\DSA\rsp\SigVer.rsp" | ||
| 126 | |||
| 127 | echo Running tests in .\testvectors\HMAC\req | ||
| 128 | if exist ".\testvectors\HMAC\rsp" rd /s /q ".\testvectors\HMAC\rsp" | ||
| 129 | md ".\testvectors\HMAC\rsp" | ||
| 130 | ..\out32dll\fips_hmactest < ".\testvectors\HMAC\req\HMAC.req" > ".\testvectors\HMAC\rsp\HMAC.rsp" | ||
| 131 | |||
| 132 | echo Running tests in .\testvectors\RNG\req | ||
| 133 | if exist ".\testvectors\RNG\rsp" rd /s /q ".\testvectors\RNG\rsp" | ||
| 134 | md ".\testvectors\RNG\rsp" | ||
| 135 | ..\out32dll\fips_rngvs mct < ".\testvectors\RNG\req\ANSI931_AES128MCT.req" > ".\testvectors\RNG\rsp\ANSI931_AES128MCT.rsp" | ||
| 136 | ..\out32dll\fips_rngvs vst < ".\testvectors\RNG\req\ANSI931_AES128VST.req" > ".\testvectors\RNG\rsp\ANSI931_AES128VST.rsp" | ||
| 137 | ..\out32dll\fips_rngvs mct < ".\testvectors\RNG\req\ANSI931_AES192MCT.req" > ".\testvectors\RNG\rsp\ANSI931_AES192MCT.rsp" | ||
| 138 | ..\out32dll\fips_rngvs vst < ".\testvectors\RNG\req\ANSI931_AES192VST.req" > ".\testvectors\RNG\rsp\ANSI931_AES192VST.rsp" | ||
| 139 | ..\out32dll\fips_rngvs mct < ".\testvectors\RNG\req\ANSI931_AES256MCT.req" > ".\testvectors\RNG\rsp\ANSI931_AES256MCT.rsp" | ||
| 140 | ..\out32dll\fips_rngvs vst < ".\testvectors\RNG\req\ANSI931_AES256VST.req" > ".\testvectors\RNG\rsp\ANSI931_AES256VST.rsp" | ||
| 141 | |||
| 142 | echo Running tests in .\testvectors\RSA\req | ||
| 143 | if exist ".\testvectors\RSA\rsp" rd /s /q ".\testvectors\RSA\rsp" | ||
| 144 | md ".\testvectors\RSA\rsp" | ||
| 145 | ..\out32dll\fips_rsagtest < ".\testvectors\RSA\req\KeyGenRSA.req" > ".\testvectors\RSA\rsp\KeyGenRSA.rsp" | ||
| 146 | ..\out32dll\fips_rsastest < ".\testvectors\RSA\req\SigGen15.req" > ".\testvectors\RSA\rsp\SigGen15.rsp" | ||
| 147 | ..\out32dll\fips_rsastest -saltlen 0 < ".\testvectors\RSA\req\SigGenPSS.req" > ".\testvectors\RSA\rsp\SigGenPSS.rsp" | ||
| 148 | ..\out32dll\fips_rsastest -x931 < ".\testvectors\RSA\req\SigGenRSA.req" > ".\testvectors\RSA\rsp\SigGenRSA.rsp" | ||
| 149 | ..\out32dll\fips_rsavtest < ".\testvectors\RSA\req\SigVer15.req" > ".\testvectors\RSA\rsp\SigVer15.rsp" | ||
| 150 | ..\out32dll\fips_rsavtest -saltlen 0 < ".\testvectors\RSA\req\SigVerPSS.req" > ".\testvectors\RSA\rsp\SigVerPSS.rsp" | ||
| 151 | ..\out32dll\fips_rsavtest -x931 < ".\testvectors\RSA\req\SigVerRSA.req" > ".\testvectors\RSA\rsp\SigVerRSA.rsp" | ||
| 152 | |||
| 153 | echo Running tests in .\testvectors\SHA\req | ||
| 154 | if exist ".\testvectors\SHA\rsp" rd /s /q ".\testvectors\SHA\rsp" | ||
| 155 | md ".\testvectors\SHA\rsp" | ||
| 156 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA1LongMsg.req" > ".\testvectors\SHA\rsp\SHA1LongMsg.rsp" | ||
| 157 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA1Monte.req" > ".\testvectors\SHA\rsp\SHA1Monte.rsp" | ||
| 158 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA1ShortMsg.req" > ".\testvectors\SHA\rsp\SHA1ShortMsg.rsp" | ||
| 159 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA224LongMsg.req" > ".\testvectors\SHA\rsp\SHA224LongMsg.rsp" | ||
| 160 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA224Monte.req" > ".\testvectors\SHA\rsp\SHA224Monte.rsp" | ||
| 161 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA224ShortMsg.req" > ".\testvectors\SHA\rsp\SHA224ShortMsg.rsp" | ||
| 162 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA256LongMsg.req" > ".\testvectors\SHA\rsp\SHA256LongMsg.rsp" | ||
| 163 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA256Monte.req" > ".\testvectors\SHA\rsp\SHA256Monte.rsp" | ||
| 164 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA256ShortMsg.req" > ".\testvectors\SHA\rsp\SHA256ShortMsg.rsp" | ||
| 165 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA384LongMsg.req" > ".\testvectors\SHA\rsp\SHA384LongMsg.rsp" | ||
| 166 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA384Monte.req" > ".\testvectors\SHA\rsp\SHA384Monte.rsp" | ||
| 167 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA384ShortMsg.req" > ".\testvectors\SHA\rsp\SHA384ShortMsg.rsp" | ||
| 168 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA512LongMsg.req" > ".\testvectors\SHA\rsp\SHA512LongMsg.rsp" | ||
| 169 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA512Monte.req" > ".\testvectors\SHA\rsp\SHA512Monte.rsp" | ||
| 170 | ..\out32dll\fips_shatest < ".\testvectors\SHA\req\SHA512ShortMsg.req" > ".\testvectors\SHA\rsp\SHA512ShortMsg.rsp" | ||
| 171 | |||
| 172 | echo Running tests in .\testvectors\TDES\req | ||
| 173 | if exist ".\testvectors\TDES\rsp" rd /s /q ".\testvectors\TDES\rsp" | ||
| 174 | md ".\testvectors\TDES\rsp" | ||
| 175 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCBCinvperm.req" ".\testvectors\TDES\rsp\TCBCinvperm.rsp" | ||
| 176 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCBCMMT1.req" ".\testvectors\TDES\rsp\TCBCMMT1.rsp" | ||
| 177 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCBCMMT2.req" ".\testvectors\TDES\rsp\TCBCMMT2.rsp" | ||
| 178 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCBCMMT3.req" ".\testvectors\TDES\rsp\TCBCMMT3.rsp" | ||
| 179 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCBCMonte1.req" ".\testvectors\TDES\rsp\TCBCMonte1.rsp" | ||
| 180 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCBCMonte2.req" ".\testvectors\TDES\rsp\TCBCMonte2.rsp" | ||
| 181 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCBCMonte3.req" ".\testvectors\TDES\rsp\TCBCMonte3.rsp" | ||
| 182 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCBCpermop.req" ".\testvectors\TDES\rsp\TCBCpermop.rsp" | ||
| 183 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCBCsubtab.req" ".\testvectors\TDES\rsp\TCBCsubtab.rsp" | ||
| 184 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCBCvarkey.req" ".\testvectors\TDES\rsp\TCBCvarkey.rsp" | ||
| 185 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCBCvartext.req" ".\testvectors\TDES\rsp\TCBCvartext.rsp" | ||
| 186 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB64invperm.req" ".\testvectors\TDES\rsp\TCFB64invperm.rsp" | ||
| 187 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB64MMT1.req" ".\testvectors\TDES\rsp\TCFB64MMT1.rsp" | ||
| 188 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB64MMT2.req" ".\testvectors\TDES\rsp\TCFB64MMT2.rsp" | ||
| 189 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB64MMT3.req" ".\testvectors\TDES\rsp\TCFB64MMT3.rsp" | ||
| 190 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB64Monte1.req" ".\testvectors\TDES\rsp\TCFB64Monte1.rsp" | ||
| 191 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB64Monte2.req" ".\testvectors\TDES\rsp\TCFB64Monte2.rsp" | ||
| 192 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB64Monte3.req" ".\testvectors\TDES\rsp\TCFB64Monte3.rsp" | ||
| 193 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB64permop.req" ".\testvectors\TDES\rsp\TCFB64permop.rsp" | ||
| 194 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB64subtab.req" ".\testvectors\TDES\rsp\TCFB64subtab.rsp" | ||
| 195 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB64varkey.req" ".\testvectors\TDES\rsp\TCFB64varkey.rsp" | ||
| 196 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB64vartext.req" ".\testvectors\TDES\rsp\TCFB64vartext.rsp" | ||
| 197 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB8invperm.req" ".\testvectors\TDES\rsp\TCFB8invperm.rsp" | ||
| 198 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB8MMT1.req" ".\testvectors\TDES\rsp\TCFB8MMT1.rsp" | ||
| 199 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB8MMT2.req" ".\testvectors\TDES\rsp\TCFB8MMT2.rsp" | ||
| 200 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB8MMT3.req" ".\testvectors\TDES\rsp\TCFB8MMT3.rsp" | ||
| 201 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB8Monte1.req" ".\testvectors\TDES\rsp\TCFB8Monte1.rsp" | ||
| 202 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB8Monte2.req" ".\testvectors\TDES\rsp\TCFB8Monte2.rsp" | ||
| 203 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB8Monte3.req" ".\testvectors\TDES\rsp\TCFB8Monte3.rsp" | ||
| 204 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB8permop.req" ".\testvectors\TDES\rsp\TCFB8permop.rsp" | ||
| 205 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB8subtab.req" ".\testvectors\TDES\rsp\TCFB8subtab.rsp" | ||
| 206 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB8varkey.req" ".\testvectors\TDES\rsp\TCFB8varkey.rsp" | ||
| 207 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TCFB8vartext.req" ".\testvectors\TDES\rsp\TCFB8vartext.rsp" | ||
| 208 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TECBinvperm.req" ".\testvectors\TDES\rsp\TECBinvperm.rsp" | ||
| 209 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TECBMMT1.req" ".\testvectors\TDES\rsp\TECBMMT1.rsp" | ||
| 210 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TECBMMT2.req" ".\testvectors\TDES\rsp\TECBMMT2.rsp" | ||
| 211 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TECBMMT3.req" ".\testvectors\TDES\rsp\TECBMMT3.rsp" | ||
| 212 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TECBMonte1.req" ".\testvectors\TDES\rsp\TECBMonte1.rsp" | ||
| 213 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TECBMonte2.req" ".\testvectors\TDES\rsp\TECBMonte2.rsp" | ||
| 214 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TECBMonte3.req" ".\testvectors\TDES\rsp\TECBMonte3.rsp" | ||
| 215 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TECBpermop.req" ".\testvectors\TDES\rsp\TECBpermop.rsp" | ||
| 216 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TECBsubtab.req" ".\testvectors\TDES\rsp\TECBsubtab.rsp" | ||
| 217 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TECBvarkey.req" ".\testvectors\TDES\rsp\TECBvarkey.rsp" | ||
| 218 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TECBvartext.req" ".\testvectors\TDES\rsp\TECBvartext.rsp" | ||
| 219 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TOFBinvperm.req" ".\testvectors\TDES\rsp\TOFBinvperm.rsp" | ||
| 220 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TOFBMMT1.req" ".\testvectors\TDES\rsp\TOFBMMT1.rsp" | ||
| 221 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TOFBMMT2.req" ".\testvectors\TDES\rsp\TOFBMMT2.rsp" | ||
| 222 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TOFBMMT3.req" ".\testvectors\TDES\rsp\TOFBMMT3.rsp" | ||
| 223 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TOFBMonte1.req" ".\testvectors\TDES\rsp\TOFBMonte1.rsp" | ||
| 224 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TOFBMonte2.req" ".\testvectors\TDES\rsp\TOFBMonte2.rsp" | ||
| 225 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TOFBMonte3.req" ".\testvectors\TDES\rsp\TOFBMonte3.rsp" | ||
| 226 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TOFBpermop.req" ".\testvectors\TDES\rsp\TOFBpermop.rsp" | ||
| 227 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TOFBsubtab.req" ".\testvectors\TDES\rsp\TOFBsubtab.rsp" | ||
| 228 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TOFBvarkey.req" ".\testvectors\TDES\rsp\TOFBvarkey.rsp" | ||
| 229 | ..\out32dll\fips_desmovs -f ".\testvectors\TDES\req\TOFBvartext.req" ".\testvectors\TDES\rsp\TOFBvartext.rsp" | ||
diff --git a/src/lib/libssl/src/fips/fipstests.sh b/src/lib/libssl/src/fips/fipstests.sh new file mode 100644 index 0000000000..a351446942 --- /dev/null +++ b/src/lib/libssl/src/fips/fipstests.sh | |||
| @@ -0,0 +1,400 @@ | |||
| 1 | #!/bin/sh | ||
| 2 | |||
| 3 | # Test vector run script | ||
| 4 | # Auto generated by mkfipsscr.pl script | ||
| 5 | # Do not edit | ||
| 6 | |||
| 7 | |||
| 8 | echo Running tests in "./testvectors/AES/req" | ||
| 9 | rm -rf "./testvectors/AES/rsp" | ||
| 10 | mkdir "./testvectors/AES/rsp" | ||
| 11 | |||
| 12 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCGFSbox128.req" "./testvectors/AES/rsp/CBCGFSbox128.rsp" || { echo "./testvectors/AES/req/CBCGFSbox128.req failure" ; exit 1 | ||
| 13 | } | ||
| 14 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCGFSbox192.req" "./testvectors/AES/rsp/CBCGFSbox192.rsp" || { echo "./testvectors/AES/req/CBCGFSbox192.req failure" ; exit 1 | ||
| 15 | } | ||
| 16 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCGFSbox256.req" "./testvectors/AES/rsp/CBCGFSbox256.rsp" || { echo "./testvectors/AES/req/CBCGFSbox256.req failure" ; exit 1 | ||
| 17 | } | ||
| 18 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCKeySbox128.req" "./testvectors/AES/rsp/CBCKeySbox128.rsp" || { echo "./testvectors/AES/req/CBCKeySbox128.req failure" ; exit 1 | ||
| 19 | } | ||
| 20 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCKeySbox192.req" "./testvectors/AES/rsp/CBCKeySbox192.rsp" || { echo "./testvectors/AES/req/CBCKeySbox192.req failure" ; exit 1 | ||
| 21 | } | ||
| 22 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCKeySbox256.req" "./testvectors/AES/rsp/CBCKeySbox256.rsp" || { echo "./testvectors/AES/req/CBCKeySbox256.req failure" ; exit 1 | ||
| 23 | } | ||
| 24 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCMCT128.req" "./testvectors/AES/rsp/CBCMCT128.rsp" || { echo "./testvectors/AES/req/CBCMCT128.req failure" ; exit 1 | ||
| 25 | } | ||
| 26 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCMCT192.req" "./testvectors/AES/rsp/CBCMCT192.rsp" || { echo "./testvectors/AES/req/CBCMCT192.req failure" ; exit 1 | ||
| 27 | } | ||
| 28 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCMCT256.req" "./testvectors/AES/rsp/CBCMCT256.rsp" || { echo "./testvectors/AES/req/CBCMCT256.req failure" ; exit 1 | ||
| 29 | } | ||
| 30 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCMMT128.req" "./testvectors/AES/rsp/CBCMMT128.rsp" || { echo "./testvectors/AES/req/CBCMMT128.req failure" ; exit 1 | ||
| 31 | } | ||
| 32 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCMMT192.req" "./testvectors/AES/rsp/CBCMMT192.rsp" || { echo "./testvectors/AES/req/CBCMMT192.req failure" ; exit 1 | ||
| 33 | } | ||
| 34 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCMMT256.req" "./testvectors/AES/rsp/CBCMMT256.rsp" || { echo "./testvectors/AES/req/CBCMMT256.req failure" ; exit 1 | ||
| 35 | } | ||
| 36 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCVarKey128.req" "./testvectors/AES/rsp/CBCVarKey128.rsp" || { echo "./testvectors/AES/req/CBCVarKey128.req failure" ; exit 1 | ||
| 37 | } | ||
| 38 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCVarKey192.req" "./testvectors/AES/rsp/CBCVarKey192.rsp" || { echo "./testvectors/AES/req/CBCVarKey192.req failure" ; exit 1 | ||
| 39 | } | ||
| 40 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCVarKey256.req" "./testvectors/AES/rsp/CBCVarKey256.rsp" || { echo "./testvectors/AES/req/CBCVarKey256.req failure" ; exit 1 | ||
| 41 | } | ||
| 42 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCVarTxt128.req" "./testvectors/AES/rsp/CBCVarTxt128.rsp" || { echo "./testvectors/AES/req/CBCVarTxt128.req failure" ; exit 1 | ||
| 43 | } | ||
| 44 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCVarTxt192.req" "./testvectors/AES/rsp/CBCVarTxt192.rsp" || { echo "./testvectors/AES/req/CBCVarTxt192.req failure" ; exit 1 | ||
| 45 | } | ||
| 46 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CBCVarTxt256.req" "./testvectors/AES/rsp/CBCVarTxt256.rsp" || { echo "./testvectors/AES/req/CBCVarTxt256.req failure" ; exit 1 | ||
| 47 | } | ||
| 48 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128GFSbox128.req" "./testvectors/AES/rsp/CFB128GFSbox128.rsp" || { echo "./testvectors/AES/req/CFB128GFSbox128.req failure" ; exit 1 | ||
| 49 | } | ||
| 50 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128GFSbox192.req" "./testvectors/AES/rsp/CFB128GFSbox192.rsp" || { echo "./testvectors/AES/req/CFB128GFSbox192.req failure" ; exit 1 | ||
| 51 | } | ||
| 52 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128GFSbox256.req" "./testvectors/AES/rsp/CFB128GFSbox256.rsp" || { echo "./testvectors/AES/req/CFB128GFSbox256.req failure" ; exit 1 | ||
| 53 | } | ||
| 54 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128KeySbox128.req" "./testvectors/AES/rsp/CFB128KeySbox128.rsp" || { echo "./testvectors/AES/req/CFB128KeySbox128.req failure" ; exit 1 | ||
| 55 | } | ||
| 56 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128KeySbox192.req" "./testvectors/AES/rsp/CFB128KeySbox192.rsp" || { echo "./testvectors/AES/req/CFB128KeySbox192.req failure" ; exit 1 | ||
| 57 | } | ||
| 58 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128KeySbox256.req" "./testvectors/AES/rsp/CFB128KeySbox256.rsp" || { echo "./testvectors/AES/req/CFB128KeySbox256.req failure" ; exit 1 | ||
| 59 | } | ||
| 60 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128MCT128.req" "./testvectors/AES/rsp/CFB128MCT128.rsp" || { echo "./testvectors/AES/req/CFB128MCT128.req failure" ; exit 1 | ||
| 61 | } | ||
| 62 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128MCT192.req" "./testvectors/AES/rsp/CFB128MCT192.rsp" || { echo "./testvectors/AES/req/CFB128MCT192.req failure" ; exit 1 | ||
| 63 | } | ||
| 64 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128MCT256.req" "./testvectors/AES/rsp/CFB128MCT256.rsp" || { echo "./testvectors/AES/req/CFB128MCT256.req failure" ; exit 1 | ||
| 65 | } | ||
| 66 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128MMT128.req" "./testvectors/AES/rsp/CFB128MMT128.rsp" || { echo "./testvectors/AES/req/CFB128MMT128.req failure" ; exit 1 | ||
| 67 | } | ||
| 68 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128MMT192.req" "./testvectors/AES/rsp/CFB128MMT192.rsp" || { echo "./testvectors/AES/req/CFB128MMT192.req failure" ; exit 1 | ||
| 69 | } | ||
| 70 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128MMT256.req" "./testvectors/AES/rsp/CFB128MMT256.rsp" || { echo "./testvectors/AES/req/CFB128MMT256.req failure" ; exit 1 | ||
| 71 | } | ||
| 72 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128VarKey128.req" "./testvectors/AES/rsp/CFB128VarKey128.rsp" || { echo "./testvectors/AES/req/CFB128VarKey128.req failure" ; exit 1 | ||
| 73 | } | ||
| 74 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128VarKey192.req" "./testvectors/AES/rsp/CFB128VarKey192.rsp" || { echo "./testvectors/AES/req/CFB128VarKey192.req failure" ; exit 1 | ||
| 75 | } | ||
| 76 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128VarKey256.req" "./testvectors/AES/rsp/CFB128VarKey256.rsp" || { echo "./testvectors/AES/req/CFB128VarKey256.req failure" ; exit 1 | ||
| 77 | } | ||
| 78 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128VarTxt128.req" "./testvectors/AES/rsp/CFB128VarTxt128.rsp" || { echo "./testvectors/AES/req/CFB128VarTxt128.req failure" ; exit 1 | ||
| 79 | } | ||
| 80 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128VarTxt192.req" "./testvectors/AES/rsp/CFB128VarTxt192.rsp" || { echo "./testvectors/AES/req/CFB128VarTxt192.req failure" ; exit 1 | ||
| 81 | } | ||
| 82 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB128VarTxt256.req" "./testvectors/AES/rsp/CFB128VarTxt256.rsp" || { echo "./testvectors/AES/req/CFB128VarTxt256.req failure" ; exit 1 | ||
| 83 | } | ||
| 84 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1GFSbox128.req" "./testvectors/AES/rsp/CFB1GFSbox128.rsp" || { echo "./testvectors/AES/req/CFB1GFSbox128.req failure" ; exit 1 | ||
| 85 | } | ||
| 86 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1GFSbox192.req" "./testvectors/AES/rsp/CFB1GFSbox192.rsp" || { echo "./testvectors/AES/req/CFB1GFSbox192.req failure" ; exit 1 | ||
| 87 | } | ||
| 88 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1GFSbox256.req" "./testvectors/AES/rsp/CFB1GFSbox256.rsp" || { echo "./testvectors/AES/req/CFB1GFSbox256.req failure" ; exit 1 | ||
| 89 | } | ||
| 90 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1KeySbox128.req" "./testvectors/AES/rsp/CFB1KeySbox128.rsp" || { echo "./testvectors/AES/req/CFB1KeySbox128.req failure" ; exit 1 | ||
| 91 | } | ||
| 92 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1KeySbox192.req" "./testvectors/AES/rsp/CFB1KeySbox192.rsp" || { echo "./testvectors/AES/req/CFB1KeySbox192.req failure" ; exit 1 | ||
| 93 | } | ||
| 94 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1KeySbox256.req" "./testvectors/AES/rsp/CFB1KeySbox256.rsp" || { echo "./testvectors/AES/req/CFB1KeySbox256.req failure" ; exit 1 | ||
| 95 | } | ||
| 96 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1MCT128.req" "./testvectors/AES/rsp/CFB1MCT128.rsp" || { echo "./testvectors/AES/req/CFB1MCT128.req failure" ; exit 1 | ||
| 97 | } | ||
| 98 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1MCT192.req" "./testvectors/AES/rsp/CFB1MCT192.rsp" || { echo "./testvectors/AES/req/CFB1MCT192.req failure" ; exit 1 | ||
| 99 | } | ||
| 100 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1MCT256.req" "./testvectors/AES/rsp/CFB1MCT256.rsp" || { echo "./testvectors/AES/req/CFB1MCT256.req failure" ; exit 1 | ||
| 101 | } | ||
| 102 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1MMT128.req" "./testvectors/AES/rsp/CFB1MMT128.rsp" || { echo "./testvectors/AES/req/CFB1MMT128.req failure" ; exit 1 | ||
| 103 | } | ||
| 104 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1MMT192.req" "./testvectors/AES/rsp/CFB1MMT192.rsp" || { echo "./testvectors/AES/req/CFB1MMT192.req failure" ; exit 1 | ||
| 105 | } | ||
| 106 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1MMT256.req" "./testvectors/AES/rsp/CFB1MMT256.rsp" || { echo "./testvectors/AES/req/CFB1MMT256.req failure" ; exit 1 | ||
| 107 | } | ||
| 108 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1VarKey128.req" "./testvectors/AES/rsp/CFB1VarKey128.rsp" || { echo "./testvectors/AES/req/CFB1VarKey128.req failure" ; exit 1 | ||
| 109 | } | ||
| 110 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1VarKey192.req" "./testvectors/AES/rsp/CFB1VarKey192.rsp" || { echo "./testvectors/AES/req/CFB1VarKey192.req failure" ; exit 1 | ||
| 111 | } | ||
| 112 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1VarKey256.req" "./testvectors/AES/rsp/CFB1VarKey256.rsp" || { echo "./testvectors/AES/req/CFB1VarKey256.req failure" ; exit 1 | ||
| 113 | } | ||
| 114 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1VarTxt128.req" "./testvectors/AES/rsp/CFB1VarTxt128.rsp" || { echo "./testvectors/AES/req/CFB1VarTxt128.req failure" ; exit 1 | ||
| 115 | } | ||
| 116 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1VarTxt192.req" "./testvectors/AES/rsp/CFB1VarTxt192.rsp" || { echo "./testvectors/AES/req/CFB1VarTxt192.req failure" ; exit 1 | ||
| 117 | } | ||
| 118 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB1VarTxt256.req" "./testvectors/AES/rsp/CFB1VarTxt256.rsp" || { echo "./testvectors/AES/req/CFB1VarTxt256.req failure" ; exit 1 | ||
| 119 | } | ||
| 120 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8GFSbox128.req" "./testvectors/AES/rsp/CFB8GFSbox128.rsp" || { echo "./testvectors/AES/req/CFB8GFSbox128.req failure" ; exit 1 | ||
| 121 | } | ||
| 122 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8GFSbox192.req" "./testvectors/AES/rsp/CFB8GFSbox192.rsp" || { echo "./testvectors/AES/req/CFB8GFSbox192.req failure" ; exit 1 | ||
| 123 | } | ||
| 124 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8GFSbox256.req" "./testvectors/AES/rsp/CFB8GFSbox256.rsp" || { echo "./testvectors/AES/req/CFB8GFSbox256.req failure" ; exit 1 | ||
| 125 | } | ||
| 126 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8KeySbox128.req" "./testvectors/AES/rsp/CFB8KeySbox128.rsp" || { echo "./testvectors/AES/req/CFB8KeySbox128.req failure" ; exit 1 | ||
| 127 | } | ||
| 128 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8KeySbox192.req" "./testvectors/AES/rsp/CFB8KeySbox192.rsp" || { echo "./testvectors/AES/req/CFB8KeySbox192.req failure" ; exit 1 | ||
| 129 | } | ||
| 130 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8KeySbox256.req" "./testvectors/AES/rsp/CFB8KeySbox256.rsp" || { echo "./testvectors/AES/req/CFB8KeySbox256.req failure" ; exit 1 | ||
| 131 | } | ||
| 132 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8MCT128.req" "./testvectors/AES/rsp/CFB8MCT128.rsp" || { echo "./testvectors/AES/req/CFB8MCT128.req failure" ; exit 1 | ||
| 133 | } | ||
| 134 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8MCT192.req" "./testvectors/AES/rsp/CFB8MCT192.rsp" || { echo "./testvectors/AES/req/CFB8MCT192.req failure" ; exit 1 | ||
| 135 | } | ||
| 136 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8MCT256.req" "./testvectors/AES/rsp/CFB8MCT256.rsp" || { echo "./testvectors/AES/req/CFB8MCT256.req failure" ; exit 1 | ||
| 137 | } | ||
| 138 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8MMT128.req" "./testvectors/AES/rsp/CFB8MMT128.rsp" || { echo "./testvectors/AES/req/CFB8MMT128.req failure" ; exit 1 | ||
| 139 | } | ||
| 140 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8MMT192.req" "./testvectors/AES/rsp/CFB8MMT192.rsp" || { echo "./testvectors/AES/req/CFB8MMT192.req failure" ; exit 1 | ||
| 141 | } | ||
| 142 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8MMT256.req" "./testvectors/AES/rsp/CFB8MMT256.rsp" || { echo "./testvectors/AES/req/CFB8MMT256.req failure" ; exit 1 | ||
| 143 | } | ||
| 144 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8VarKey128.req" "./testvectors/AES/rsp/CFB8VarKey128.rsp" || { echo "./testvectors/AES/req/CFB8VarKey128.req failure" ; exit 1 | ||
| 145 | } | ||
| 146 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8VarKey192.req" "./testvectors/AES/rsp/CFB8VarKey192.rsp" || { echo "./testvectors/AES/req/CFB8VarKey192.req failure" ; exit 1 | ||
| 147 | } | ||
| 148 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8VarKey256.req" "./testvectors/AES/rsp/CFB8VarKey256.rsp" || { echo "./testvectors/AES/req/CFB8VarKey256.req failure" ; exit 1 | ||
| 149 | } | ||
| 150 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8VarTxt128.req" "./testvectors/AES/rsp/CFB8VarTxt128.rsp" || { echo "./testvectors/AES/req/CFB8VarTxt128.req failure" ; exit 1 | ||
| 151 | } | ||
| 152 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8VarTxt192.req" "./testvectors/AES/rsp/CFB8VarTxt192.rsp" || { echo "./testvectors/AES/req/CFB8VarTxt192.req failure" ; exit 1 | ||
| 153 | } | ||
| 154 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/CFB8VarTxt256.req" "./testvectors/AES/rsp/CFB8VarTxt256.rsp" || { echo "./testvectors/AES/req/CFB8VarTxt256.req failure" ; exit 1 | ||
| 155 | } | ||
| 156 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBGFSbox128.req" "./testvectors/AES/rsp/ECBGFSbox128.rsp" || { echo "./testvectors/AES/req/ECBGFSbox128.req failure" ; exit 1 | ||
| 157 | } | ||
| 158 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBGFSbox192.req" "./testvectors/AES/rsp/ECBGFSbox192.rsp" || { echo "./testvectors/AES/req/ECBGFSbox192.req failure" ; exit 1 | ||
| 159 | } | ||
| 160 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBGFSbox256.req" "./testvectors/AES/rsp/ECBGFSbox256.rsp" || { echo "./testvectors/AES/req/ECBGFSbox256.req failure" ; exit 1 | ||
| 161 | } | ||
| 162 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBKeySbox128.req" "./testvectors/AES/rsp/ECBKeySbox128.rsp" || { echo "./testvectors/AES/req/ECBKeySbox128.req failure" ; exit 1 | ||
| 163 | } | ||
| 164 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBKeySbox192.req" "./testvectors/AES/rsp/ECBKeySbox192.rsp" || { echo "./testvectors/AES/req/ECBKeySbox192.req failure" ; exit 1 | ||
| 165 | } | ||
| 166 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBKeySbox256.req" "./testvectors/AES/rsp/ECBKeySbox256.rsp" || { echo "./testvectors/AES/req/ECBKeySbox256.req failure" ; exit 1 | ||
| 167 | } | ||
| 168 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBMCT128.req" "./testvectors/AES/rsp/ECBMCT128.rsp" || { echo "./testvectors/AES/req/ECBMCT128.req failure" ; exit 1 | ||
| 169 | } | ||
| 170 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBMCT192.req" "./testvectors/AES/rsp/ECBMCT192.rsp" || { echo "./testvectors/AES/req/ECBMCT192.req failure" ; exit 1 | ||
| 171 | } | ||
| 172 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBMCT256.req" "./testvectors/AES/rsp/ECBMCT256.rsp" || { echo "./testvectors/AES/req/ECBMCT256.req failure" ; exit 1 | ||
| 173 | } | ||
| 174 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBMMT128.req" "./testvectors/AES/rsp/ECBMMT128.rsp" || { echo "./testvectors/AES/req/ECBMMT128.req failure" ; exit 1 | ||
| 175 | } | ||
| 176 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBMMT192.req" "./testvectors/AES/rsp/ECBMMT192.rsp" || { echo "./testvectors/AES/req/ECBMMT192.req failure" ; exit 1 | ||
| 177 | } | ||
| 178 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBMMT256.req" "./testvectors/AES/rsp/ECBMMT256.rsp" || { echo "./testvectors/AES/req/ECBMMT256.req failure" ; exit 1 | ||
| 179 | } | ||
| 180 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBVarKey128.req" "./testvectors/AES/rsp/ECBVarKey128.rsp" || { echo "./testvectors/AES/req/ECBVarKey128.req failure" ; exit 1 | ||
| 181 | } | ||
| 182 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBVarKey192.req" "./testvectors/AES/rsp/ECBVarKey192.rsp" || { echo "./testvectors/AES/req/ECBVarKey192.req failure" ; exit 1 | ||
| 183 | } | ||
| 184 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBVarKey256.req" "./testvectors/AES/rsp/ECBVarKey256.rsp" || { echo "./testvectors/AES/req/ECBVarKey256.req failure" ; exit 1 | ||
| 185 | } | ||
| 186 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBVarTxt128.req" "./testvectors/AES/rsp/ECBVarTxt128.rsp" || { echo "./testvectors/AES/req/ECBVarTxt128.req failure" ; exit 1 | ||
| 187 | } | ||
| 188 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBVarTxt192.req" "./testvectors/AES/rsp/ECBVarTxt192.rsp" || { echo "./testvectors/AES/req/ECBVarTxt192.req failure" ; exit 1 | ||
| 189 | } | ||
| 190 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/ECBVarTxt256.req" "./testvectors/AES/rsp/ECBVarTxt256.rsp" || { echo "./testvectors/AES/req/ECBVarTxt256.req failure" ; exit 1 | ||
| 191 | } | ||
| 192 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBGFSbox128.req" "./testvectors/AES/rsp/OFBGFSbox128.rsp" || { echo "./testvectors/AES/req/OFBGFSbox128.req failure" ; exit 1 | ||
| 193 | } | ||
| 194 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBGFSbox192.req" "./testvectors/AES/rsp/OFBGFSbox192.rsp" || { echo "./testvectors/AES/req/OFBGFSbox192.req failure" ; exit 1 | ||
| 195 | } | ||
| 196 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBGFSbox256.req" "./testvectors/AES/rsp/OFBGFSbox256.rsp" || { echo "./testvectors/AES/req/OFBGFSbox256.req failure" ; exit 1 | ||
| 197 | } | ||
| 198 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBKeySbox128.req" "./testvectors/AES/rsp/OFBKeySbox128.rsp" || { echo "./testvectors/AES/req/OFBKeySbox128.req failure" ; exit 1 | ||
| 199 | } | ||
| 200 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBKeySbox192.req" "./testvectors/AES/rsp/OFBKeySbox192.rsp" || { echo "./testvectors/AES/req/OFBKeySbox192.req failure" ; exit 1 | ||
| 201 | } | ||
| 202 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBKeySbox256.req" "./testvectors/AES/rsp/OFBKeySbox256.rsp" || { echo "./testvectors/AES/req/OFBKeySbox256.req failure" ; exit 1 | ||
| 203 | } | ||
| 204 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBMCT128.req" "./testvectors/AES/rsp/OFBMCT128.rsp" || { echo "./testvectors/AES/req/OFBMCT128.req failure" ; exit 1 | ||
| 205 | } | ||
| 206 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBMCT192.req" "./testvectors/AES/rsp/OFBMCT192.rsp" || { echo "./testvectors/AES/req/OFBMCT192.req failure" ; exit 1 | ||
| 207 | } | ||
| 208 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBMCT256.req" "./testvectors/AES/rsp/OFBMCT256.rsp" || { echo "./testvectors/AES/req/OFBMCT256.req failure" ; exit 1 | ||
| 209 | } | ||
| 210 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBMMT128.req" "./testvectors/AES/rsp/OFBMMT128.rsp" || { echo "./testvectors/AES/req/OFBMMT128.req failure" ; exit 1 | ||
| 211 | } | ||
| 212 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBMMT192.req" "./testvectors/AES/rsp/OFBMMT192.rsp" || { echo "./testvectors/AES/req/OFBMMT192.req failure" ; exit 1 | ||
| 213 | } | ||
| 214 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBMMT256.req" "./testvectors/AES/rsp/OFBMMT256.rsp" || { echo "./testvectors/AES/req/OFBMMT256.req failure" ; exit 1 | ||
| 215 | } | ||
| 216 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBVarKey128.req" "./testvectors/AES/rsp/OFBVarKey128.rsp" || { echo "./testvectors/AES/req/OFBVarKey128.req failure" ; exit 1 | ||
| 217 | } | ||
| 218 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBVarKey192.req" "./testvectors/AES/rsp/OFBVarKey192.rsp" || { echo "./testvectors/AES/req/OFBVarKey192.req failure" ; exit 1 | ||
| 219 | } | ||
| 220 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBVarKey256.req" "./testvectors/AES/rsp/OFBVarKey256.rsp" || { echo "./testvectors/AES/req/OFBVarKey256.req failure" ; exit 1 | ||
| 221 | } | ||
| 222 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBVarTxt128.req" "./testvectors/AES/rsp/OFBVarTxt128.rsp" || { echo "./testvectors/AES/req/OFBVarTxt128.req failure" ; exit 1 | ||
| 223 | } | ||
| 224 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBVarTxt192.req" "./testvectors/AES/rsp/OFBVarTxt192.rsp" || { echo "./testvectors/AES/req/OFBVarTxt192.req failure" ; exit 1 | ||
| 225 | } | ||
| 226 | ../util/shlib_wrap.sh ../test/fips_aesavs -f "./testvectors/AES/req/OFBVarTxt256.req" "./testvectors/AES/rsp/OFBVarTxt256.rsp" || { echo "./testvectors/AES/req/OFBVarTxt256.req failure" ; exit 1 | ||
| 227 | } | ||
| 228 | |||
| 229 | echo Running tests in "./testvectors/DSA/req" | ||
| 230 | rm -rf "./testvectors/DSA/rsp" | ||
| 231 | mkdir "./testvectors/DSA/rsp" | ||
| 232 | |||
| 233 | ../util/shlib_wrap.sh ../test/fips_dssvs keypair < "./testvectors/DSA/req/KeyPair.req" > "./testvectors/DSA/rsp/KeyPair.rsp" || { echo "./testvectors/DSA/req/KeyPair.req failure" ; exit 1; } | ||
| 234 | ../util/shlib_wrap.sh ../test/fips_dssvs pqg < "./testvectors/DSA/req/PQGGen.req" > "./testvectors/DSA/rsp/PQGGen.rsp" || { echo "./testvectors/DSA/req/PQGGen.req failure" ; exit 1; } | ||
| 235 | ../util/shlib_wrap.sh ../test/fips_dssvs siggen < "./testvectors/DSA/req/SigGen.req" > "./testvectors/DSA/rsp/SigGen.rsp" || { echo "./testvectors/DSA/req/SigGen.req failure" ; exit 1; } | ||
| 236 | ../util/shlib_wrap.sh ../test/fips_dssvs sigver < "./testvectors/DSA/req/SigVer.req" > "./testvectors/DSA/rsp/SigVer.rsp" || { echo "./testvectors/DSA/req/SigVer.req failure" ; exit 1; } | ||
| 237 | |||
| 238 | echo Running tests in "./testvectors/HMAC/req" | ||
| 239 | rm -rf "./testvectors/HMAC/rsp" | ||
| 240 | mkdir "./testvectors/HMAC/rsp" | ||
| 241 | |||
| 242 | ../util/shlib_wrap.sh ../test/fips_hmactest < "./testvectors/HMAC/req/HMAC.req" > "./testvectors/HMAC/rsp/HMAC.rsp" || { echo "./testvectors/HMAC/req/HMAC.req failure" ; exit 1; } | ||
| 243 | |||
| 244 | echo Running tests in "./testvectors/RNG/req" | ||
| 245 | rm -rf "./testvectors/RNG/rsp" | ||
| 246 | mkdir "./testvectors/RNG/rsp" | ||
| 247 | |||
| 248 | ../util/shlib_wrap.sh ../test/fips_rngvs mct < "./testvectors/RNG/req/ANSI931_AES128MCT.req" > "./testvectors/RNG/rsp/ANSI931_AES128MCT.rsp" || { echo "./testvectors/RNG/req/ANSI931_AES128MCT.req failure" ; exit 1; } | ||
| 249 | ../util/shlib_wrap.sh ../test/fips_rngvs vst < "./testvectors/RNG/req/ANSI931_AES128VST.req" > "./testvectors/RNG/rsp/ANSI931_AES128VST.rsp" || { echo "./testvectors/RNG/req/ANSI931_AES128VST.req failure" ; exit 1; } | ||
| 250 | ../util/shlib_wrap.sh ../test/fips_rngvs mct < "./testvectors/RNG/req/ANSI931_AES192MCT.req" > "./testvectors/RNG/rsp/ANSI931_AES192MCT.rsp" || { echo "./testvectors/RNG/req/ANSI931_AES192MCT.req failure" ; exit 1; } | ||
| 251 | ../util/shlib_wrap.sh ../test/fips_rngvs vst < "./testvectors/RNG/req/ANSI931_AES192VST.req" > "./testvectors/RNG/rsp/ANSI931_AES192VST.rsp" || { echo "./testvectors/RNG/req/ANSI931_AES192VST.req failure" ; exit 1; } | ||
| 252 | ../util/shlib_wrap.sh ../test/fips_rngvs mct < "./testvectors/RNG/req/ANSI931_AES256MCT.req" > "./testvectors/RNG/rsp/ANSI931_AES256MCT.rsp" || { echo "./testvectors/RNG/req/ANSI931_AES256MCT.req failure" ; exit 1; } | ||
| 253 | ../util/shlib_wrap.sh ../test/fips_rngvs vst < "./testvectors/RNG/req/ANSI931_AES256VST.req" > "./testvectors/RNG/rsp/ANSI931_AES256VST.rsp" || { echo "./testvectors/RNG/req/ANSI931_AES256VST.req failure" ; exit 1; } | ||
| 254 | |||
| 255 | echo Running tests in "./testvectors/RSA/req" | ||
| 256 | rm -rf "./testvectors/RSA/rsp" | ||
| 257 | mkdir "./testvectors/RSA/rsp" | ||
| 258 | |||
| 259 | ../util/shlib_wrap.sh ../test/fips_rsagtest < "./testvectors/RSA/req/KeyGenRSA.req" > "./testvectors/RSA/rsp/KeyGenRSA.rsp" || { echo "./testvectors/RSA/req/KeyGenRSA.req failure" ; exit 1; } | ||
| 260 | ../util/shlib_wrap.sh ../test/fips_rsastest < "./testvectors/RSA/req/SigGen15.req" > "./testvectors/RSA/rsp/SigGen15.rsp" || { echo "./testvectors/RSA/req/SigGen15.req failure" ; exit 1; } | ||
| 261 | ../util/shlib_wrap.sh ../test/fips_rsastest -saltlen 0 < "./testvectors/RSA/req/SigGenPSS.req" > "./testvectors/RSA/rsp/SigGenPSS.rsp" || { echo "./testvectors/RSA/req/SigGenPSS.req failure" ; exit 1; } | ||
| 262 | ../util/shlib_wrap.sh ../test/fips_rsastest -x931 < "./testvectors/RSA/req/SigGenRSA.req" > "./testvectors/RSA/rsp/SigGenRSA.rsp" || { echo "./testvectors/RSA/req/SigGenRSA.req failure" ; exit 1; } | ||
| 263 | ../util/shlib_wrap.sh ../test/fips_rsavtest < "./testvectors/RSA/req/SigVer15.req" > "./testvectors/RSA/rsp/SigVer15.rsp" || { echo "./testvectors/RSA/req/SigVer15.req failure" ; exit 1; } | ||
| 264 | ../util/shlib_wrap.sh ../test/fips_rsavtest -saltlen 0 < "./testvectors/RSA/req/SigVerPSS.req" > "./testvectors/RSA/rsp/SigVerPSS.rsp" || { echo "./testvectors/RSA/req/SigVerPSS.req failure" ; exit 1; } | ||
| 265 | ../util/shlib_wrap.sh ../test/fips_rsavtest -x931 < "./testvectors/RSA/req/SigVerRSA.req" > "./testvectors/RSA/rsp/SigVerRSA.rsp" || { echo "./testvectors/RSA/req/SigVerRSA.req failure" ; exit 1; } | ||
| 266 | |||
| 267 | echo Running tests in "./testvectors/SHA/req" | ||
| 268 | rm -rf "./testvectors/SHA/rsp" | ||
| 269 | mkdir "./testvectors/SHA/rsp" | ||
| 270 | |||
| 271 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA1LongMsg.req" > "./testvectors/SHA/rsp/SHA1LongMsg.rsp" || { echo "./testvectors/SHA/req/SHA1LongMsg.req failure" ; exit 1; } | ||
| 272 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA1Monte.req" > "./testvectors/SHA/rsp/SHA1Monte.rsp" || { echo "./testvectors/SHA/req/SHA1Monte.req failure" ; exit 1; } | ||
| 273 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA1ShortMsg.req" > "./testvectors/SHA/rsp/SHA1ShortMsg.rsp" || { echo "./testvectors/SHA/req/SHA1ShortMsg.req failure" ; exit 1; } | ||
| 274 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA224LongMsg.req" > "./testvectors/SHA/rsp/SHA224LongMsg.rsp" || { echo "./testvectors/SHA/req/SHA224LongMsg.req failure" ; exit 1; } | ||
| 275 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA224Monte.req" > "./testvectors/SHA/rsp/SHA224Monte.rsp" || { echo "./testvectors/SHA/req/SHA224Monte.req failure" ; exit 1; } | ||
| 276 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA224ShortMsg.req" > "./testvectors/SHA/rsp/SHA224ShortMsg.rsp" || { echo "./testvectors/SHA/req/SHA224ShortMsg.req failure" ; exit 1; } | ||
| 277 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA256LongMsg.req" > "./testvectors/SHA/rsp/SHA256LongMsg.rsp" || { echo "./testvectors/SHA/req/SHA256LongMsg.req failure" ; exit 1; } | ||
| 278 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA256Monte.req" > "./testvectors/SHA/rsp/SHA256Monte.rsp" || { echo "./testvectors/SHA/req/SHA256Monte.req failure" ; exit 1; } | ||
| 279 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA256ShortMsg.req" > "./testvectors/SHA/rsp/SHA256ShortMsg.rsp" || { echo "./testvectors/SHA/req/SHA256ShortMsg.req failure" ; exit 1; } | ||
| 280 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA384LongMsg.req" > "./testvectors/SHA/rsp/SHA384LongMsg.rsp" || { echo "./testvectors/SHA/req/SHA384LongMsg.req failure" ; exit 1; } | ||
| 281 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA384Monte.req" > "./testvectors/SHA/rsp/SHA384Monte.rsp" || { echo "./testvectors/SHA/req/SHA384Monte.req failure" ; exit 1; } | ||
| 282 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA384ShortMsg.req" > "./testvectors/SHA/rsp/SHA384ShortMsg.rsp" || { echo "./testvectors/SHA/req/SHA384ShortMsg.req failure" ; exit 1; } | ||
| 283 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA512LongMsg.req" > "./testvectors/SHA/rsp/SHA512LongMsg.rsp" || { echo "./testvectors/SHA/req/SHA512LongMsg.req failure" ; exit 1; } | ||
| 284 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA512Monte.req" > "./testvectors/SHA/rsp/SHA512Monte.rsp" || { echo "./testvectors/SHA/req/SHA512Monte.req failure" ; exit 1; } | ||
| 285 | ../util/shlib_wrap.sh ../test/fips_shatest < "./testvectors/SHA/req/SHA512ShortMsg.req" > "./testvectors/SHA/rsp/SHA512ShortMsg.rsp" || { echo "./testvectors/SHA/req/SHA512ShortMsg.req failure" ; exit 1; } | ||
| 286 | |||
| 287 | echo Running tests in "./testvectors/TDES/req" | ||
| 288 | rm -rf "./testvectors/TDES/rsp" | ||
| 289 | mkdir "./testvectors/TDES/rsp" | ||
| 290 | |||
| 291 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCBCinvperm.req" "./testvectors/TDES/rsp/TCBCinvperm.rsp" || { echo "./testvectors/TDES/req/TCBCinvperm.req failure" ; exit 1 | ||
| 292 | } | ||
| 293 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCBCMMT1.req" "./testvectors/TDES/rsp/TCBCMMT1.rsp" || { echo "./testvectors/TDES/req/TCBCMMT1.req failure" ; exit 1 | ||
| 294 | } | ||
| 295 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCBCMMT2.req" "./testvectors/TDES/rsp/TCBCMMT2.rsp" || { echo "./testvectors/TDES/req/TCBCMMT2.req failure" ; exit 1 | ||
| 296 | } | ||
| 297 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCBCMMT3.req" "./testvectors/TDES/rsp/TCBCMMT3.rsp" || { echo "./testvectors/TDES/req/TCBCMMT3.req failure" ; exit 1 | ||
| 298 | } | ||
| 299 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCBCMonte1.req" "./testvectors/TDES/rsp/TCBCMonte1.rsp" || { echo "./testvectors/TDES/req/TCBCMonte1.req failure" ; exit 1 | ||
| 300 | } | ||
| 301 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCBCMonte2.req" "./testvectors/TDES/rsp/TCBCMonte2.rsp" || { echo "./testvectors/TDES/req/TCBCMonte2.req failure" ; exit 1 | ||
| 302 | } | ||
| 303 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCBCMonte3.req" "./testvectors/TDES/rsp/TCBCMonte3.rsp" || { echo "./testvectors/TDES/req/TCBCMonte3.req failure" ; exit 1 | ||
| 304 | } | ||
| 305 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCBCpermop.req" "./testvectors/TDES/rsp/TCBCpermop.rsp" || { echo "./testvectors/TDES/req/TCBCpermop.req failure" ; exit 1 | ||
| 306 | } | ||
| 307 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCBCsubtab.req" "./testvectors/TDES/rsp/TCBCsubtab.rsp" || { echo "./testvectors/TDES/req/TCBCsubtab.req failure" ; exit 1 | ||
| 308 | } | ||
| 309 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCBCvarkey.req" "./testvectors/TDES/rsp/TCBCvarkey.rsp" || { echo "./testvectors/TDES/req/TCBCvarkey.req failure" ; exit 1 | ||
| 310 | } | ||
| 311 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCBCvartext.req" "./testvectors/TDES/rsp/TCBCvartext.rsp" || { echo "./testvectors/TDES/req/TCBCvartext.req failure" ; exit 1 | ||
| 312 | } | ||
| 313 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB64invperm.req" "./testvectors/TDES/rsp/TCFB64invperm.rsp" || { echo "./testvectors/TDES/req/TCFB64invperm.req failure" ; exit 1 | ||
| 314 | } | ||
| 315 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB64MMT1.req" "./testvectors/TDES/rsp/TCFB64MMT1.rsp" || { echo "./testvectors/TDES/req/TCFB64MMT1.req failure" ; exit 1 | ||
| 316 | } | ||
| 317 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB64MMT2.req" "./testvectors/TDES/rsp/TCFB64MMT2.rsp" || { echo "./testvectors/TDES/req/TCFB64MMT2.req failure" ; exit 1 | ||
| 318 | } | ||
| 319 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB64MMT3.req" "./testvectors/TDES/rsp/TCFB64MMT3.rsp" || { echo "./testvectors/TDES/req/TCFB64MMT3.req failure" ; exit 1 | ||
| 320 | } | ||
| 321 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB64Monte1.req" "./testvectors/TDES/rsp/TCFB64Monte1.rsp" || { echo "./testvectors/TDES/req/TCFB64Monte1.req failure" ; exit 1 | ||
| 322 | } | ||
| 323 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB64Monte2.req" "./testvectors/TDES/rsp/TCFB64Monte2.rsp" || { echo "./testvectors/TDES/req/TCFB64Monte2.req failure" ; exit 1 | ||
| 324 | } | ||
| 325 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB64Monte3.req" "./testvectors/TDES/rsp/TCFB64Monte3.rsp" || { echo "./testvectors/TDES/req/TCFB64Monte3.req failure" ; exit 1 | ||
| 326 | } | ||
| 327 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB64permop.req" "./testvectors/TDES/rsp/TCFB64permop.rsp" || { echo "./testvectors/TDES/req/TCFB64permop.req failure" ; exit 1 | ||
| 328 | } | ||
| 329 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB64subtab.req" "./testvectors/TDES/rsp/TCFB64subtab.rsp" || { echo "./testvectors/TDES/req/TCFB64subtab.req failure" ; exit 1 | ||
| 330 | } | ||
| 331 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB64varkey.req" "./testvectors/TDES/rsp/TCFB64varkey.rsp" || { echo "./testvectors/TDES/req/TCFB64varkey.req failure" ; exit 1 | ||
| 332 | } | ||
| 333 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB64vartext.req" "./testvectors/TDES/rsp/TCFB64vartext.rsp" || { echo "./testvectors/TDES/req/TCFB64vartext.req failure" ; exit 1 | ||
| 334 | } | ||
| 335 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB8invperm.req" "./testvectors/TDES/rsp/TCFB8invperm.rsp" || { echo "./testvectors/TDES/req/TCFB8invperm.req failure" ; exit 1 | ||
| 336 | } | ||
| 337 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB8MMT1.req" "./testvectors/TDES/rsp/TCFB8MMT1.rsp" || { echo "./testvectors/TDES/req/TCFB8MMT1.req failure" ; exit 1 | ||
| 338 | } | ||
| 339 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB8MMT2.req" "./testvectors/TDES/rsp/TCFB8MMT2.rsp" || { echo "./testvectors/TDES/req/TCFB8MMT2.req failure" ; exit 1 | ||
| 340 | } | ||
| 341 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB8MMT3.req" "./testvectors/TDES/rsp/TCFB8MMT3.rsp" || { echo "./testvectors/TDES/req/TCFB8MMT3.req failure" ; exit 1 | ||
| 342 | } | ||
| 343 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB8Monte1.req" "./testvectors/TDES/rsp/TCFB8Monte1.rsp" || { echo "./testvectors/TDES/req/TCFB8Monte1.req failure" ; exit 1 | ||
| 344 | } | ||
| 345 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB8Monte2.req" "./testvectors/TDES/rsp/TCFB8Monte2.rsp" || { echo "./testvectors/TDES/req/TCFB8Monte2.req failure" ; exit 1 | ||
| 346 | } | ||
| 347 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB8Monte3.req" "./testvectors/TDES/rsp/TCFB8Monte3.rsp" || { echo "./testvectors/TDES/req/TCFB8Monte3.req failure" ; exit 1 | ||
| 348 | } | ||
| 349 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB8permop.req" "./testvectors/TDES/rsp/TCFB8permop.rsp" || { echo "./testvectors/TDES/req/TCFB8permop.req failure" ; exit 1 | ||
| 350 | } | ||
| 351 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB8subtab.req" "./testvectors/TDES/rsp/TCFB8subtab.rsp" || { echo "./testvectors/TDES/req/TCFB8subtab.req failure" ; exit 1 | ||
| 352 | } | ||
| 353 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB8varkey.req" "./testvectors/TDES/rsp/TCFB8varkey.rsp" || { echo "./testvectors/TDES/req/TCFB8varkey.req failure" ; exit 1 | ||
| 354 | } | ||
| 355 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TCFB8vartext.req" "./testvectors/TDES/rsp/TCFB8vartext.rsp" || { echo "./testvectors/TDES/req/TCFB8vartext.req failure" ; exit 1 | ||
| 356 | } | ||
| 357 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TECBinvperm.req" "./testvectors/TDES/rsp/TECBinvperm.rsp" || { echo "./testvectors/TDES/req/TECBinvperm.req failure" ; exit 1 | ||
| 358 | } | ||
| 359 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TECBMMT1.req" "./testvectors/TDES/rsp/TECBMMT1.rsp" || { echo "./testvectors/TDES/req/TECBMMT1.req failure" ; exit 1 | ||
| 360 | } | ||
| 361 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TECBMMT2.req" "./testvectors/TDES/rsp/TECBMMT2.rsp" || { echo "./testvectors/TDES/req/TECBMMT2.req failure" ; exit 1 | ||
| 362 | } | ||
| 363 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TECBMMT3.req" "./testvectors/TDES/rsp/TECBMMT3.rsp" || { echo "./testvectors/TDES/req/TECBMMT3.req failure" ; exit 1 | ||
| 364 | } | ||
| 365 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TECBMonte1.req" "./testvectors/TDES/rsp/TECBMonte1.rsp" || { echo "./testvectors/TDES/req/TECBMonte1.req failure" ; exit 1 | ||
| 366 | } | ||
| 367 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TECBMonte2.req" "./testvectors/TDES/rsp/TECBMonte2.rsp" || { echo "./testvectors/TDES/req/TECBMonte2.req failure" ; exit 1 | ||
| 368 | } | ||
| 369 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TECBMonte3.req" "./testvectors/TDES/rsp/TECBMonte3.rsp" || { echo "./testvectors/TDES/req/TECBMonte3.req failure" ; exit 1 | ||
| 370 | } | ||
| 371 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TECBpermop.req" "./testvectors/TDES/rsp/TECBpermop.rsp" || { echo "./testvectors/TDES/req/TECBpermop.req failure" ; exit 1 | ||
| 372 | } | ||
| 373 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TECBsubtab.req" "./testvectors/TDES/rsp/TECBsubtab.rsp" || { echo "./testvectors/TDES/req/TECBsubtab.req failure" ; exit 1 | ||
| 374 | } | ||
| 375 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TECBvarkey.req" "./testvectors/TDES/rsp/TECBvarkey.rsp" || { echo "./testvectors/TDES/req/TECBvarkey.req failure" ; exit 1 | ||
| 376 | } | ||
| 377 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TECBvartext.req" "./testvectors/TDES/rsp/TECBvartext.rsp" || { echo "./testvectors/TDES/req/TECBvartext.req failure" ; exit 1 | ||
| 378 | } | ||
| 379 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TOFBinvperm.req" "./testvectors/TDES/rsp/TOFBinvperm.rsp" || { echo "./testvectors/TDES/req/TOFBinvperm.req failure" ; exit 1 | ||
| 380 | } | ||
| 381 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TOFBMMT1.req" "./testvectors/TDES/rsp/TOFBMMT1.rsp" || { echo "./testvectors/TDES/req/TOFBMMT1.req failure" ; exit 1 | ||
| 382 | } | ||
| 383 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TOFBMMT2.req" "./testvectors/TDES/rsp/TOFBMMT2.rsp" || { echo "./testvectors/TDES/req/TOFBMMT2.req failure" ; exit 1 | ||
| 384 | } | ||
| 385 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TOFBMMT3.req" "./testvectors/TDES/rsp/TOFBMMT3.rsp" || { echo "./testvectors/TDES/req/TOFBMMT3.req failure" ; exit 1 | ||
| 386 | } | ||
| 387 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TOFBMonte1.req" "./testvectors/TDES/rsp/TOFBMonte1.rsp" || { echo "./testvectors/TDES/req/TOFBMonte1.req failure" ; exit 1 | ||
| 388 | } | ||
| 389 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TOFBMonte2.req" "./testvectors/TDES/rsp/TOFBMonte2.rsp" || { echo "./testvectors/TDES/req/TOFBMonte2.req failure" ; exit 1 | ||
| 390 | } | ||
| 391 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TOFBMonte3.req" "./testvectors/TDES/rsp/TOFBMonte3.rsp" || { echo "./testvectors/TDES/req/TOFBMonte3.req failure" ; exit 1 | ||
| 392 | } | ||
| 393 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TOFBpermop.req" "./testvectors/TDES/rsp/TOFBpermop.rsp" || { echo "./testvectors/TDES/req/TOFBpermop.req failure" ; exit 1 | ||
| 394 | } | ||
| 395 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TOFBsubtab.req" "./testvectors/TDES/rsp/TOFBsubtab.rsp" || { echo "./testvectors/TDES/req/TOFBsubtab.req failure" ; exit 1 | ||
| 396 | } | ||
| 397 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TOFBvarkey.req" "./testvectors/TDES/rsp/TOFBvarkey.rsp" || { echo "./testvectors/TDES/req/TOFBvarkey.req failure" ; exit 1 | ||
| 398 | } | ||
| 399 | ../util/shlib_wrap.sh ../test/fips_desmovs -f "./testvectors/TDES/req/TOFBvartext.req" "./testvectors/TDES/rsp/TOFBvartext.rsp" || { echo "./testvectors/TDES/req/TOFBvartext.req failure" ; exit 1 | ||
| 400 | } | ||
diff --git a/src/lib/libssl/src/fips/hmac/Makefile b/src/lib/libssl/src/fips/hmac/Makefile new file mode 100644 index 0000000000..be230ade9d --- /dev/null +++ b/src/lib/libssl/src/fips/hmac/Makefile | |||
| @@ -0,0 +1,123 @@ | |||
| 1 | # | ||
| 2 | # OpenSSL/fips/hmac/Makefile | ||
| 3 | # | ||
| 4 | |||
| 5 | DIR= hmac | ||
| 6 | TOP= ../.. | ||
| 7 | CC= cc | ||
| 8 | INCLUDES= | ||
| 9 | CFLAG=-g | ||
| 10 | INSTALL_PREFIX= | ||
| 11 | OPENSSLDIR= /usr/local/ssl | ||
| 12 | INSTALLTOP=/usr/local/ssl | ||
| 13 | MAKEDEPPROG= makedepend | ||
| 14 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | ||
| 15 | MAKEFILE= Makefile | ||
| 16 | AR= ar r | ||
| 17 | |||
| 18 | CFLAGS= $(INCLUDES) $(CFLAG) | ||
| 19 | |||
| 20 | GENERAL=Makefile | ||
| 21 | TEST=fips_hmactest.c | ||
| 22 | APPS= | ||
| 23 | |||
| 24 | LIB=$(TOP)/libcrypto.a | ||
| 25 | LIBSRC=fips_hmac.c fips_hmac_selftest.c | ||
| 26 | LIBOBJ=fips_hmac.o fips_hmac_selftest.o | ||
| 27 | |||
| 28 | SRC= $(LIBSRC) | ||
| 29 | |||
| 30 | EXHEADER= | ||
| 31 | HEADER= $(EXHEADER) | ||
| 32 | |||
| 33 | ALL= $(GENERAL) $(SRC) $(HEADER) | ||
| 34 | |||
| 35 | top: | ||
| 36 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) | ||
| 37 | |||
| 38 | all: lib | ||
| 39 | |||
| 40 | lib: $(LIBOBJ) | ||
| 41 | @echo $(LIBOBJ) > lib | ||
| 42 | |||
| 43 | files: | ||
| 44 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | ||
| 45 | |||
| 46 | links: | ||
| 47 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) | ||
| 48 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) | ||
| 49 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) | ||
| 50 | |||
| 51 | install: | ||
| 52 | @headerlist="$(EXHEADER)"; for i in $$headerlist; \ | ||
| 53 | do \ | ||
| 54 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | ||
| 55 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | ||
| 56 | done | ||
| 57 | |||
| 58 | tags: | ||
| 59 | ctags $(SRC) | ||
| 60 | |||
| 61 | tests: | ||
| 62 | |||
| 63 | Q=../testvectors/hmac/req | ||
| 64 | A=../testvectors/hmac/rsp | ||
| 65 | |||
| 66 | fips_test: | ||
| 67 | -rm -rf $(A) | ||
| 68 | mkdir $(A) | ||
| 69 | if [ -f $(Q)/HMAC.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_hmactest < $(Q)/HMAC.req > $(A)/HMAC.rsp; fi | ||
| 70 | |||
| 71 | lint: | ||
| 72 | lint -DLINT $(INCLUDES) $(SRC)>fluff | ||
| 73 | |||
| 74 | depend: | ||
| 75 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST) | ||
| 76 | |||
| 77 | dclean: | ||
| 78 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | ||
| 79 | mv -f Makefile.new $(MAKEFILE) | ||
| 80 | |||
| 81 | clean: | ||
| 82 | rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff | ||
| 83 | # DO NOT DELETE THIS LINE -- make depend depends on it. | ||
| 84 | |||
| 85 | fips_hmac.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 86 | fips_hmac.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 87 | fips_hmac.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 88 | fips_hmac.o: ../../include/openssl/hmac.h ../../include/openssl/obj_mac.h | ||
| 89 | fips_hmac.o: ../../include/openssl/objects.h | ||
| 90 | fips_hmac.o: ../../include/openssl/opensslconf.h | ||
| 91 | fips_hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 92 | fips_hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 93 | fips_hmac.o: ../../include/openssl/symhacks.h fips_hmac.c | ||
| 94 | fips_hmac_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 95 | fips_hmac_selftest.o: ../../include/openssl/crypto.h | ||
| 96 | fips_hmac_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 97 | fips_hmac_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 98 | fips_hmac_selftest.o: ../../include/openssl/hmac.h | ||
| 99 | fips_hmac_selftest.o: ../../include/openssl/lhash.h | ||
| 100 | fips_hmac_selftest.o: ../../include/openssl/obj_mac.h | ||
| 101 | fips_hmac_selftest.o: ../../include/openssl/objects.h | ||
| 102 | fips_hmac_selftest.o: ../../include/openssl/opensslconf.h | ||
| 103 | fips_hmac_selftest.o: ../../include/openssl/opensslv.h | ||
| 104 | fips_hmac_selftest.o: ../../include/openssl/ossl_typ.h | ||
| 105 | fips_hmac_selftest.o: ../../include/openssl/safestack.h | ||
| 106 | fips_hmac_selftest.o: ../../include/openssl/stack.h | ||
| 107 | fips_hmac_selftest.o: ../../include/openssl/symhacks.h fips_hmac_selftest.c | ||
| 108 | fips_hmactest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 109 | fips_hmactest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | ||
| 110 | fips_hmactest.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | ||
| 111 | fips_hmactest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 112 | fips_hmactest.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 113 | fips_hmactest.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 114 | fips_hmactest.o: ../../include/openssl/fips.h ../../include/openssl/hmac.h | ||
| 115 | fips_hmactest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 116 | fips_hmactest.o: ../../include/openssl/objects.h | ||
| 117 | fips_hmactest.o: ../../include/openssl/opensslconf.h | ||
| 118 | fips_hmactest.o: ../../include/openssl/opensslv.h | ||
| 119 | fips_hmactest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | ||
| 120 | fips_hmactest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 121 | fips_hmactest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 122 | fips_hmactest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
| 123 | fips_hmactest.o: ../../include/openssl/x509v3.h ../fips_utl.h fips_hmactest.c | ||
diff --git a/src/lib/libssl/src/fips/hmac/fips_hmac.c b/src/lib/libssl/src/fips/hmac/fips_hmac.c new file mode 100644 index 0000000000..7c49c9882a --- /dev/null +++ b/src/lib/libssl/src/fips/hmac/fips_hmac.c | |||
| @@ -0,0 +1,191 @@ | |||
| 1 | /* crypto/hmac/hmac.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | #include <stdio.h> | ||
| 59 | #include <stdlib.h> | ||
| 60 | #include <string.h> | ||
| 61 | #include <openssl/hmac.h> | ||
| 62 | #include <openssl/fips.h> | ||
| 63 | |||
| 64 | #ifdef OPENSSL_FIPS | ||
| 65 | |||
| 66 | void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, | ||
| 67 | const EVP_MD *md, ENGINE *impl) | ||
| 68 | { | ||
| 69 | int i,j,reset=0; | ||
| 70 | unsigned char pad[HMAC_MAX_MD_CBLOCK]; | ||
| 71 | |||
| 72 | if (md != NULL) | ||
| 73 | { | ||
| 74 | reset=1; | ||
| 75 | ctx->md=md; | ||
| 76 | } | ||
| 77 | else | ||
| 78 | md=ctx->md; | ||
| 79 | |||
| 80 | if (key != NULL) | ||
| 81 | { | ||
| 82 | if (FIPS_mode() && !(md->flags & EVP_MD_FLAG_FIPS) | ||
| 83 | && (!(ctx->md_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) | ||
| 84 | || !(ctx->i_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) | ||
| 85 | || !(ctx->o_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW))) | ||
| 86 | OpenSSLDie(__FILE__,__LINE__, | ||
| 87 | "HMAC: digest not allowed in FIPS mode"); | ||
| 88 | |||
| 89 | reset=1; | ||
| 90 | j=M_EVP_MD_block_size(md); | ||
| 91 | OPENSSL_assert(j <= sizeof ctx->key); | ||
| 92 | if (j < len) | ||
| 93 | { | ||
| 94 | EVP_DigestInit_ex(&ctx->md_ctx,md, impl); | ||
| 95 | EVP_DigestUpdate(&ctx->md_ctx,key,len); | ||
| 96 | EVP_DigestFinal_ex(&(ctx->md_ctx),ctx->key, | ||
| 97 | &ctx->key_length); | ||
| 98 | } | ||
| 99 | else | ||
| 100 | { | ||
| 101 | OPENSSL_assert(len <= sizeof ctx->key); | ||
| 102 | memcpy(ctx->key,key,len); | ||
| 103 | ctx->key_length=len; | ||
| 104 | } | ||
| 105 | if(ctx->key_length != HMAC_MAX_MD_CBLOCK) | ||
| 106 | memset(&ctx->key[ctx->key_length], 0, | ||
| 107 | HMAC_MAX_MD_CBLOCK - ctx->key_length); | ||
| 108 | } | ||
| 109 | |||
| 110 | if (reset) | ||
| 111 | { | ||
| 112 | for (i=0; i<HMAC_MAX_MD_CBLOCK; i++) | ||
| 113 | pad[i]=0x36^ctx->key[i]; | ||
| 114 | EVP_DigestInit_ex(&ctx->i_ctx,md, impl); | ||
| 115 | EVP_DigestUpdate(&ctx->i_ctx,pad,M_EVP_MD_block_size(md)); | ||
| 116 | |||
| 117 | for (i=0; i<HMAC_MAX_MD_CBLOCK; i++) | ||
| 118 | pad[i]=0x5c^ctx->key[i]; | ||
| 119 | EVP_DigestInit_ex(&ctx->o_ctx,md, impl); | ||
| 120 | EVP_DigestUpdate(&ctx->o_ctx,pad,M_EVP_MD_block_size(md)); | ||
| 121 | } | ||
| 122 | EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->i_ctx); | ||
| 123 | } | ||
| 124 | |||
| 125 | void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, | ||
| 126 | const EVP_MD *md) | ||
| 127 | { | ||
| 128 | if(key && md) | ||
| 129 | HMAC_CTX_init(ctx); | ||
| 130 | HMAC_Init_ex(ctx,key,len,md, NULL); | ||
| 131 | } | ||
| 132 | |||
| 133 | void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len) | ||
| 134 | { | ||
| 135 | EVP_DigestUpdate(&ctx->md_ctx,data,len); | ||
| 136 | } | ||
| 137 | |||
| 138 | void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) | ||
| 139 | { | ||
| 140 | int j; | ||
| 141 | unsigned int i; | ||
| 142 | unsigned char buf[EVP_MAX_MD_SIZE]; | ||
| 143 | |||
| 144 | j=M_EVP_MD_block_size(ctx->md); | ||
| 145 | |||
| 146 | EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i); | ||
| 147 | EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx); | ||
| 148 | EVP_DigestUpdate(&ctx->md_ctx,buf,i); | ||
| 149 | EVP_DigestFinal_ex(&ctx->md_ctx,md,len); | ||
| 150 | } | ||
| 151 | |||
| 152 | void HMAC_CTX_init(HMAC_CTX *ctx) | ||
| 153 | { | ||
| 154 | EVP_MD_CTX_init(&ctx->i_ctx); | ||
| 155 | EVP_MD_CTX_init(&ctx->o_ctx); | ||
| 156 | EVP_MD_CTX_init(&ctx->md_ctx); | ||
| 157 | } | ||
| 158 | |||
| 159 | void HMAC_CTX_cleanup(HMAC_CTX *ctx) | ||
| 160 | { | ||
| 161 | EVP_MD_CTX_cleanup(&ctx->i_ctx); | ||
| 162 | EVP_MD_CTX_cleanup(&ctx->o_ctx); | ||
| 163 | EVP_MD_CTX_cleanup(&ctx->md_ctx); | ||
| 164 | memset(ctx,0,sizeof *ctx); | ||
| 165 | } | ||
| 166 | |||
| 167 | unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, | ||
| 168 | const unsigned char *d, size_t n, unsigned char *md, | ||
| 169 | unsigned int *md_len) | ||
| 170 | { | ||
| 171 | HMAC_CTX c; | ||
| 172 | static unsigned char m[EVP_MAX_MD_SIZE]; | ||
| 173 | |||
| 174 | if (md == NULL) md=m; | ||
| 175 | HMAC_CTX_init(&c); | ||
| 176 | HMAC_Init(&c,key,key_len,evp_md); | ||
| 177 | HMAC_Update(&c,d,n); | ||
| 178 | HMAC_Final(&c,md,md_len); | ||
| 179 | HMAC_CTX_cleanup(&c); | ||
| 180 | return(md); | ||
| 181 | } | ||
| 182 | |||
| 183 | void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) | ||
| 184 | { | ||
| 185 | M_EVP_MD_CTX_set_flags(&ctx->i_ctx, flags); | ||
| 186 | M_EVP_MD_CTX_set_flags(&ctx->o_ctx, flags); | ||
| 187 | M_EVP_MD_CTX_set_flags(&ctx->md_ctx, flags); | ||
| 188 | } | ||
| 189 | |||
| 190 | #endif | ||
| 191 | |||
diff --git a/src/lib/libssl/src/fips/hmac/fips_hmac_selftest.c b/src/lib/libssl/src/fips/hmac/fips_hmac_selftest.c new file mode 100644 index 0000000000..a697770732 --- /dev/null +++ b/src/lib/libssl/src/fips/hmac/fips_hmac_selftest.c | |||
| @@ -0,0 +1,135 @@ | |||
| 1 | /* ==================================================================== | ||
| 2 | * Copyright (c) 2005 The OpenSSL Project. All rights reserved. | ||
| 3 | * | ||
| 4 | * Redistribution and use in source and binary forms, with or without | ||
| 5 | * modification, are permitted provided that the following conditions | ||
| 6 | * are met: | ||
| 7 | * | ||
| 8 | * 1. Redistributions of source code must retain the above copyright | ||
| 9 | * notice, this list of conditions and the following disclaimer. | ||
| 10 | * | ||
| 11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 12 | * notice, this list of conditions and the following disclaimer in | ||
| 13 | * the documentation and/or other materials provided with the | ||
| 14 | * distribution. | ||
| 15 | * | ||
| 16 | * 3. All advertising materials mentioning features or use of this | ||
| 17 | * software must display the following acknowledgment: | ||
| 18 | * "This product includes software developed by the OpenSSL Project | ||
| 19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 20 | * | ||
| 21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 22 | * endorse or promote products derived from this software without | ||
| 23 | * prior written permission. For written permission, please contact | ||
| 24 | * openssl-core@openssl.org. | ||
| 25 | * | ||
| 26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 27 | * nor may "OpenSSL" appear in their names without prior written | ||
| 28 | * permission of the OpenSSL Project. | ||
| 29 | * | ||
| 30 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 31 | * acknowledgment: | ||
| 32 | * "This product includes software developed by the OpenSSL Project | ||
| 33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 34 | * | ||
| 35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 47 | * | ||
| 48 | */ | ||
| 49 | |||
| 50 | #include <string.h> | ||
| 51 | #include <openssl/err.h> | ||
| 52 | #include <openssl/fips.h> | ||
| 53 | #include <openssl/hmac.h> | ||
| 54 | |||
| 55 | #ifdef OPENSSL_FIPS | ||
| 56 | typedef struct { | ||
| 57 | const EVP_MD *(*alg)(void); | ||
| 58 | const char *key, *iv; | ||
| 59 | unsigned char kaval[EVP_MAX_MD_SIZE]; | ||
| 60 | } HMAC_KAT; | ||
| 61 | |||
| 62 | static const HMAC_KAT vector[] = { | ||
| 63 | { EVP_sha1, | ||
| 64 | /* from http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf */ | ||
| 65 | "0123456789:;<=>?@ABC", | ||
| 66 | "Sample #2", | ||
| 67 | { 0x09,0x22,0xd3,0x40,0x5f,0xaa,0x3d,0x19, | ||
| 68 | 0x4f,0x82,0xa4,0x58,0x30,0x73,0x7d,0x5c, | ||
| 69 | 0xc6,0xc7,0x5d,0x24 } | ||
| 70 | }, | ||
| 71 | { EVP_sha224, | ||
| 72 | /* just keep extending the above... */ | ||
| 73 | "0123456789:;<=>?@ABC", | ||
| 74 | "Sample #2", | ||
| 75 | { 0xdd,0xef,0x0a,0x40,0xcb,0x7d,0x50,0xfb, | ||
| 76 | 0x6e,0xe6,0xce,0xa1,0x20,0xba,0x26,0xaa, | ||
| 77 | 0x08,0xf3,0x07,0x75,0x87,0xb8,0xad,0x1b, | ||
| 78 | 0x8c,0x8d,0x12,0xc7 } | ||
| 79 | }, | ||
| 80 | { EVP_sha256, | ||
| 81 | "0123456789:;<=>?@ABC", | ||
| 82 | "Sample #2", | ||
| 83 | { 0xb8,0xf2,0x0d,0xb5,0x41,0xea,0x43,0x09, | ||
| 84 | 0xca,0x4e,0xa9,0x38,0x0c,0xd0,0xe8,0x34, | ||
| 85 | 0xf7,0x1f,0xbe,0x91,0x74,0xa2,0x61,0x38, | ||
| 86 | 0x0d,0xc1,0x7e,0xae,0x6a,0x34,0x51,0xd9 } | ||
| 87 | }, | ||
| 88 | { EVP_sha384, | ||
| 89 | "0123456789:;<=>?@ABC", | ||
| 90 | "Sample #2", | ||
| 91 | { 0x08,0xbc,0xb0,0xda,0x49,0x1e,0x87,0xad, | ||
| 92 | 0x9a,0x1d,0x6a,0xce,0x23,0xc5,0x0b,0xf6, | ||
| 93 | 0xb7,0x18,0x06,0xa5,0x77,0xcd,0x49,0x04, | ||
| 94 | 0x89,0xf1,0xe6,0x23,0x44,0x51,0x51,0x9f, | ||
| 95 | 0x85,0x56,0x80,0x79,0x0c,0xbd,0x4d,0x50, | ||
| 96 | 0xa4,0x5f,0x29,0xe3,0x93,0xf0,0xe8,0x7f } | ||
| 97 | }, | ||
| 98 | { EVP_sha512, | ||
| 99 | "0123456789:;<=>?@ABC", | ||
| 100 | "Sample #2", | ||
| 101 | { 0x80,0x9d,0x44,0x05,0x7c,0x5b,0x95,0x41, | ||
| 102 | 0x05,0xbd,0x04,0x13,0x16,0xdb,0x0f,0xac, | ||
| 103 | 0x44,0xd5,0xa4,0xd5,0xd0,0x89,0x2b,0xd0, | ||
| 104 | 0x4e,0x86,0x64,0x12,0xc0,0x90,0x77,0x68, | ||
| 105 | 0xf1,0x87,0xb7,0x7c,0x4f,0xae,0x2c,0x2f, | ||
| 106 | 0x21,0xa5,0xb5,0x65,0x9a,0x4f,0x4b,0xa7, | ||
| 107 | 0x47,0x02,0xa3,0xde,0x9b,0x51,0xf1,0x45, | ||
| 108 | 0xbd,0x4f,0x25,0x27,0x42,0x98,0x99,0x05 } | ||
| 109 | }, | ||
| 110 | }; | ||
| 111 | |||
| 112 | int FIPS_selftest_hmac() | ||
| 113 | { | ||
| 114 | int n; | ||
| 115 | unsigned int outlen; | ||
| 116 | unsigned char out[EVP_MAX_MD_SIZE]; | ||
| 117 | const EVP_MD *md; | ||
| 118 | const HMAC_KAT *t; | ||
| 119 | |||
| 120 | for(n=0,t=vector; n<sizeof(vector)/sizeof(vector[0]); n++,t++) | ||
| 121 | { | ||
| 122 | md = (*t->alg)(); | ||
| 123 | HMAC(md,t->key,strlen(t->key), | ||
| 124 | (const unsigned char *)t->iv,strlen(t->iv), | ||
| 125 | out,&outlen); | ||
| 126 | |||
| 127 | if(memcmp(out,t->kaval,outlen)) | ||
| 128 | { | ||
| 129 | FIPSerr(FIPS_F_FIPS_SELFTEST_HMAC,FIPS_R_SELFTEST_FAILED); | ||
| 130 | return 0; | ||
| 131 | } | ||
| 132 | } | ||
| 133 | return 1; | ||
| 134 | } | ||
| 135 | #endif | ||
diff --git a/src/lib/libssl/src/fips/hmac/fips_hmactest.c b/src/lib/libssl/src/fips/hmac/fips_hmactest.c new file mode 100644 index 0000000000..69ebf68622 --- /dev/null +++ b/src/lib/libssl/src/fips/hmac/fips_hmactest.c | |||
| @@ -0,0 +1,328 @@ | |||
| 1 | /* fips_hmactest.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project 2005. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2005 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <ctype.h> | ||
| 61 | #include <string.h> | ||
| 62 | #include <openssl/bio.h> | ||
| 63 | #include <openssl/evp.h> | ||
| 64 | #include <openssl/hmac.h> | ||
| 65 | #include <openssl/err.h> | ||
| 66 | #include <openssl/bn.h> | ||
| 67 | |||
| 68 | #include <openssl/x509v3.h> | ||
| 69 | |||
| 70 | #ifndef OPENSSL_FIPS | ||
| 71 | |||
| 72 | int main(int argc, char *argv[]) | ||
| 73 | { | ||
| 74 | printf("No FIPS HMAC support\n"); | ||
| 75 | return(0); | ||
| 76 | } | ||
| 77 | |||
| 78 | #else | ||
| 79 | |||
| 80 | #include <openssl/fips.h> | ||
| 81 | #include "fips_utl.h" | ||
| 82 | |||
| 83 | static int hmac_test(const EVP_MD *md, FILE *out, FILE *in); | ||
| 84 | static int print_hmac(const EVP_MD *md, FILE *out, | ||
| 85 | unsigned char *Key, int Klen, | ||
| 86 | unsigned char *Msg, int Msglen, int Tlen); | ||
| 87 | |||
| 88 | int main(int argc, char **argv) | ||
| 89 | { | ||
| 90 | FILE *in = NULL, *out = NULL; | ||
| 91 | |||
| 92 | int ret = 1; | ||
| 93 | |||
| 94 | if(!FIPS_mode_set(1)) | ||
| 95 | { | ||
| 96 | do_print_errors(); | ||
| 97 | goto end; | ||
| 98 | } | ||
| 99 | |||
| 100 | if (argc == 1) | ||
| 101 | in = stdin; | ||
| 102 | else | ||
| 103 | in = fopen(argv[1], "r"); | ||
| 104 | |||
| 105 | if (argc < 2) | ||
| 106 | out = stdout; | ||
| 107 | else | ||
| 108 | out = fopen(argv[2], "w"); | ||
| 109 | |||
| 110 | if (!in) | ||
| 111 | { | ||
| 112 | fprintf(stderr, "FATAL input initialization error\n"); | ||
| 113 | goto end; | ||
| 114 | } | ||
| 115 | |||
| 116 | if (!out) | ||
| 117 | { | ||
| 118 | fprintf(stderr, "FATAL output initialization error\n"); | ||
| 119 | goto end; | ||
| 120 | } | ||
| 121 | |||
| 122 | if (!hmac_test(EVP_sha1(), out, in)) | ||
| 123 | { | ||
| 124 | fprintf(stderr, "FATAL hmac file processing error\n"); | ||
| 125 | goto end; | ||
| 126 | } | ||
| 127 | else | ||
| 128 | ret = 0; | ||
| 129 | |||
| 130 | end: | ||
| 131 | |||
| 132 | if (ret) | ||
| 133 | do_print_errors(); | ||
| 134 | |||
| 135 | if (in && (in != stdin)) | ||
| 136 | fclose(in); | ||
| 137 | if (out && (out != stdout)) | ||
| 138 | fclose(out); | ||
| 139 | |||
| 140 | return ret; | ||
| 141 | |||
| 142 | } | ||
| 143 | |||
| 144 | #define HMAC_TEST_MAXLINELEN 1024 | ||
| 145 | |||
| 146 | int hmac_test(const EVP_MD *md, FILE *out, FILE *in) | ||
| 147 | { | ||
| 148 | char *linebuf, *olinebuf, *p, *q; | ||
| 149 | char *keyword, *value; | ||
| 150 | unsigned char *Key = NULL, *Msg = NULL; | ||
| 151 | int Count, Klen, Tlen; | ||
| 152 | long Keylen, Msglen; | ||
| 153 | int ret = 0; | ||
| 154 | int lnum = 0; | ||
| 155 | |||
| 156 | olinebuf = OPENSSL_malloc(HMAC_TEST_MAXLINELEN); | ||
| 157 | linebuf = OPENSSL_malloc(HMAC_TEST_MAXLINELEN); | ||
| 158 | |||
| 159 | if (!linebuf || !olinebuf) | ||
| 160 | goto error; | ||
| 161 | |||
| 162 | Count = -1; | ||
| 163 | Klen = -1; | ||
| 164 | Tlen = -1; | ||
| 165 | |||
| 166 | while (fgets(olinebuf, HMAC_TEST_MAXLINELEN, in)) | ||
| 167 | { | ||
| 168 | lnum++; | ||
| 169 | strcpy(linebuf, olinebuf); | ||
| 170 | keyword = linebuf; | ||
| 171 | /* Skip leading space */ | ||
| 172 | while (isspace((unsigned char)*keyword)) | ||
| 173 | keyword++; | ||
| 174 | |||
| 175 | /* Look for = sign */ | ||
| 176 | p = strchr(linebuf, '='); | ||
| 177 | |||
| 178 | /* If no = or starts with [ (for [L=20] line) just copy */ | ||
| 179 | if (!p) | ||
| 180 | { | ||
| 181 | if (fputs(olinebuf, out) < 0) | ||
| 182 | goto error; | ||
| 183 | continue; | ||
| 184 | } | ||
| 185 | |||
| 186 | q = p - 1; | ||
| 187 | |||
| 188 | /* Remove trailing space */ | ||
| 189 | while (isspace((unsigned char)*q)) | ||
| 190 | *q-- = 0; | ||
| 191 | |||
| 192 | *p = 0; | ||
| 193 | value = p + 1; | ||
| 194 | |||
| 195 | /* Remove leading space from value */ | ||
| 196 | while (isspace((unsigned char)*value)) | ||
| 197 | value++; | ||
| 198 | |||
| 199 | /* Remove trailing space from value */ | ||
| 200 | p = value + strlen(value) - 1; | ||
| 201 | |||
| 202 | while (*p == '\n' || isspace((unsigned char)*p)) | ||
| 203 | *p-- = 0; | ||
| 204 | |||
| 205 | if (!strcmp(keyword,"[L") && *p==']') | ||
| 206 | { | ||
| 207 | switch (atoi(value)) | ||
| 208 | { | ||
| 209 | case 20: md=EVP_sha1(); break; | ||
| 210 | case 28: md=EVP_sha224(); break; | ||
| 211 | case 32: md=EVP_sha256(); break; | ||
| 212 | case 48: md=EVP_sha384(); break; | ||
| 213 | case 64: md=EVP_sha512(); break; | ||
| 214 | default: goto parse_error; | ||
| 215 | } | ||
| 216 | } | ||
| 217 | else if (!strcmp(keyword, "Count")) | ||
| 218 | { | ||
| 219 | if (Count != -1) | ||
| 220 | goto parse_error; | ||
| 221 | Count = atoi(value); | ||
| 222 | if (Count < 0) | ||
| 223 | goto parse_error; | ||
| 224 | } | ||
| 225 | else if (!strcmp(keyword, "Klen")) | ||
| 226 | { | ||
| 227 | if (Klen != -1) | ||
| 228 | goto parse_error; | ||
| 229 | Klen = atoi(value); | ||
| 230 | if (Klen < 0) | ||
| 231 | goto parse_error; | ||
| 232 | } | ||
| 233 | else if (!strcmp(keyword, "Tlen")) | ||
| 234 | { | ||
| 235 | if (Tlen != -1) | ||
| 236 | goto parse_error; | ||
| 237 | Tlen = atoi(value); | ||
| 238 | if (Tlen < 0) | ||
| 239 | goto parse_error; | ||
| 240 | } | ||
| 241 | else if (!strcmp(keyword, "Msg")) | ||
| 242 | { | ||
| 243 | if (Msg) | ||
| 244 | goto parse_error; | ||
| 245 | Msg = hex2bin_m(value, &Msglen); | ||
| 246 | if (!Msg) | ||
| 247 | goto parse_error; | ||
| 248 | } | ||
| 249 | else if (!strcmp(keyword, "Key")) | ||
| 250 | { | ||
| 251 | if (Key) | ||
| 252 | goto parse_error; | ||
| 253 | Key = hex2bin_m(value, &Keylen); | ||
| 254 | if (!Key) | ||
| 255 | goto parse_error; | ||
| 256 | } | ||
| 257 | else if (!strcmp(keyword, "Mac")) | ||
| 258 | continue; | ||
| 259 | else | ||
| 260 | goto parse_error; | ||
| 261 | |||
| 262 | fputs(olinebuf, out); | ||
| 263 | |||
| 264 | if (Key && Msg && (Tlen > 0) && (Klen > 0)) | ||
| 265 | { | ||
| 266 | if (!print_hmac(md, out, Key, Klen, Msg, Msglen, Tlen)) | ||
| 267 | goto error; | ||
| 268 | OPENSSL_free(Key); | ||
| 269 | Key = NULL; | ||
| 270 | OPENSSL_free(Msg); | ||
| 271 | Msg = NULL; | ||
| 272 | Klen = -1; | ||
| 273 | Tlen = -1; | ||
| 274 | Count = -1; | ||
| 275 | } | ||
| 276 | |||
| 277 | } | ||
| 278 | |||
| 279 | |||
| 280 | ret = 1; | ||
| 281 | |||
| 282 | |||
| 283 | error: | ||
| 284 | |||
| 285 | if (olinebuf) | ||
| 286 | OPENSSL_free(olinebuf); | ||
| 287 | if (linebuf) | ||
| 288 | OPENSSL_free(linebuf); | ||
| 289 | if (Key) | ||
| 290 | OPENSSL_free(Key); | ||
| 291 | if (Msg) | ||
| 292 | OPENSSL_free(Msg); | ||
| 293 | |||
| 294 | return ret; | ||
| 295 | |||
| 296 | parse_error: | ||
| 297 | |||
| 298 | fprintf(stderr, "FATAL parse error processing line %d\n", lnum); | ||
| 299 | |||
| 300 | goto error; | ||
| 301 | |||
| 302 | } | ||
| 303 | |||
| 304 | static int print_hmac(const EVP_MD *emd, FILE *out, | ||
| 305 | unsigned char *Key, int Klen, | ||
| 306 | unsigned char *Msg, int Msglen, int Tlen) | ||
| 307 | { | ||
| 308 | int i, mdlen; | ||
| 309 | unsigned char md[EVP_MAX_MD_SIZE]; | ||
| 310 | if (!HMAC(emd, Key, Klen, Msg, Msglen, md, | ||
| 311 | (unsigned int *)&mdlen)) | ||
| 312 | { | ||
| 313 | fputs("Error calculating HMAC\n", stderr); | ||
| 314 | return 0; | ||
| 315 | } | ||
| 316 | if (Tlen > mdlen) | ||
| 317 | { | ||
| 318 | fputs("Parameter error, Tlen > HMAC length\n", stderr); | ||
| 319 | return 0; | ||
| 320 | } | ||
| 321 | fputs("Mac = ", out); | ||
| 322 | for (i = 0; i < Tlen; i++) | ||
| 323 | fprintf(out, "%02x", md[i]); | ||
| 324 | fputs("\n", out); | ||
| 325 | return 1; | ||
| 326 | } | ||
| 327 | |||
| 328 | #endif | ||
diff --git a/src/lib/libssl/src/fips/install.com b/src/lib/libssl/src/fips/install.com index aa19f0599d..a2d22d387f 100644 --- a/src/lib/libssl/src/fips/install.com +++ b/src/lib/libssl/src/fips/install.com | |||
| @@ -26,14 +26,16 @@ $ IF F$PARSE("WRK_SSLROOT:[000000]") .EQS. "" THEN - | |||
| 26 | $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN - | 26 | $ IF F$PARSE("WRK_SSLINCLUDE:") .EQS. "" THEN - |
| 27 | CREATE/DIR/LOG WRK_SSLINCLUDE: | 27 | CREATE/DIR/LOG WRK_SSLINCLUDE: |
| 28 | $ | 28 | $ |
| 29 | $ FDIRS := ,RAND,SHA1,DES,AES,DSA,RSA | 29 | $ FDIRS := ,RAND,SHA,DES,AES,DSA,RSA,DH,HMAC |
| 30 | $ EXHEADER_ := fips.h | 30 | $ EXHEADER_ := fips.h |
| 31 | $ EXHEADER_SHA1 := | 31 | $ EXHEADER_SHA := fips_sha.h |
| 32 | $ EXHEADER_RAND := fips_rand.h | 32 | $ EXHEADER_RAND := fips_rand.h |
| 33 | $ EXHEADER_DES := | 33 | $ EXHEADER_DES := |
| 34 | $ EXHEADER_AES := | 34 | $ EXHEADER_AES := |
| 35 | $ EXHEADER_DSA := | 35 | $ EXHEADER_DSA := |
| 36 | $ EXHEADER_RSA := | 36 | $ EXHEADER_RSA := |
| 37 | $ EXHEADER_DH := | ||
| 38 | $ EXHEADER_HMAC := | ||
| 37 | $ | 39 | $ |
| 38 | $ I = 0 | 40 | $ I = 0 |
| 39 | $ LOOP_FDIRS: | 41 | $ LOOP_FDIRS: |
diff --git a/src/lib/libssl/src/fips/mkfipsscr.pl b/src/lib/libssl/src/fips/mkfipsscr.pl new file mode 100644 index 0000000000..dc60cdf580 --- /dev/null +++ b/src/lib/libssl/src/fips/mkfipsscr.pl | |||
| @@ -0,0 +1,632 @@ | |||
| 1 | #!/usr/local/bin/perl -w | ||
| 2 | # Quick & dirty utility to generate a script for executing the | ||
| 3 | # FIPS 140-2 CMVP algorithm tests based on the pathnames of | ||
| 4 | # input algorithm test files actually present (the unqualified | ||
| 5 | # file names are consistent but the pathnames are not). | ||
| 6 | # | ||
| 7 | |||
| 8 | # List of all the unqualified file names we expect. | ||
| 9 | my %fips_tests = ( | ||
| 10 | |||
| 11 | # FIPS test definitions | ||
| 12 | |||
| 13 | # DSA tests | ||
| 14 | |||
| 15 | "PQGGen" => "fips_dssvs pqg", | ||
| 16 | "KeyPair" => "fips_dssvs keypair", | ||
| 17 | "SigGen" => "fips_dssvs siggen", | ||
| 18 | "SigVer" => "fips_dssvs sigver", | ||
| 19 | |||
| 20 | # SHA tests | ||
| 21 | |||
| 22 | "SHA1LongMsg" => "fips_shatest", | ||
| 23 | "SHA1Monte" => "fips_shatest", | ||
| 24 | "SHA1ShortMsg" => "fips_shatest", | ||
| 25 | "SHA224LongMsg" => "fips_shatest", | ||
| 26 | "SHA224Monte" => "fips_shatest", | ||
| 27 | "SHA224ShortMsg" => "fips_shatest", | ||
| 28 | "SHA256LongMsg" => "fips_shatest", | ||
| 29 | "SHA256Monte" => "fips_shatest", | ||
| 30 | "SHA256ShortMsg" => "fips_shatest", | ||
| 31 | "SHA384LongMsg" => "fips_shatest", | ||
| 32 | "SHA384Monte" => "fips_shatest", | ||
| 33 | "SHA384ShortMsg" => "fips_shatest", | ||
| 34 | "SHA512LongMsg" => "fips_shatest", | ||
| 35 | "SHA512Monte" => "fips_shatest", | ||
| 36 | "SHA512ShortMsg" => "fips_shatest", | ||
| 37 | |||
| 38 | # HMAC | ||
| 39 | |||
| 40 | "HMAC" => "fips_hmactest", | ||
| 41 | |||
| 42 | # RAND tests | ||
| 43 | |||
| 44 | "ANSI931_AES128MCT" => "fips_rngvs mct", | ||
| 45 | "ANSI931_AES192MCT" => "fips_rngvs mct", | ||
| 46 | "ANSI931_AES256MCT" => "fips_rngvs mct", | ||
| 47 | "ANSI931_AES128VST" => "fips_rngvs vst", | ||
| 48 | "ANSI931_AES192VST" => "fips_rngvs vst", | ||
| 49 | "ANSI931_AES256VST" => "fips_rngvs vst", | ||
| 50 | |||
| 51 | # RSA tests | ||
| 52 | |||
| 53 | "SigGen15" => "fips_rsastest", | ||
| 54 | "SigVer15" => "fips_rsavtest", | ||
| 55 | "SigGenPSS" => "fips_rsastest -saltlen SALT", | ||
| 56 | "SigVerPSS" => "fips_rsavtest -saltlen SALT", | ||
| 57 | "SigGenRSA" => "fips_rsastest -x931", | ||
| 58 | "SigVerRSA" => "fips_rsavtest -x931", | ||
| 59 | "KeyGenRSA" => "fips_rsagtest", | ||
| 60 | |||
| 61 | # AES tests | ||
| 62 | |||
| 63 | "CBCGFSbox128" => "fips_aesavs -f", | ||
| 64 | "CBCGFSbox192" => "fips_aesavs -f", | ||
| 65 | "CBCGFSbox256" => "fips_aesavs -f", | ||
| 66 | "CBCKeySbox128" => "fips_aesavs -f", | ||
| 67 | "CBCKeySbox192" => "fips_aesavs -f", | ||
| 68 | "CBCKeySbox256" => "fips_aesavs -f", | ||
| 69 | "CBCMCT128" => "fips_aesavs -f", | ||
| 70 | "CBCMCT192" => "fips_aesavs -f", | ||
| 71 | "CBCMCT256" => "fips_aesavs -f", | ||
| 72 | "CBCMMT128" => "fips_aesavs -f", | ||
| 73 | "CBCMMT192" => "fips_aesavs -f", | ||
| 74 | "CBCMMT256" => "fips_aesavs -f", | ||
| 75 | "CBCVarKey128" => "fips_aesavs -f", | ||
| 76 | "CBCVarKey192" => "fips_aesavs -f", | ||
| 77 | "CBCVarKey256" => "fips_aesavs -f", | ||
| 78 | "CBCVarTxt128" => "fips_aesavs -f", | ||
| 79 | "CBCVarTxt192" => "fips_aesavs -f", | ||
| 80 | "CBCVarTxt256" => "fips_aesavs -f", | ||
| 81 | "CFB128GFSbox128" => "fips_aesavs -f", | ||
| 82 | "CFB128GFSbox192" => "fips_aesavs -f", | ||
| 83 | "CFB128GFSbox256" => "fips_aesavs -f", | ||
| 84 | "CFB128KeySbox128" => "fips_aesavs -f", | ||
| 85 | "CFB128KeySbox192" => "fips_aesavs -f", | ||
| 86 | "CFB128KeySbox256" => "fips_aesavs -f", | ||
| 87 | "CFB128MCT128" => "fips_aesavs -f", | ||
| 88 | "CFB128MCT192" => "fips_aesavs -f", | ||
| 89 | "CFB128MCT256" => "fips_aesavs -f", | ||
| 90 | "CFB128MMT128" => "fips_aesavs -f", | ||
| 91 | "CFB128MMT192" => "fips_aesavs -f", | ||
| 92 | "CFB128MMT256" => "fips_aesavs -f", | ||
| 93 | "CFB128VarKey128" => "fips_aesavs -f", | ||
| 94 | "CFB128VarKey192" => "fips_aesavs -f", | ||
| 95 | "CFB128VarKey256" => "fips_aesavs -f", | ||
| 96 | "CFB128VarTxt128" => "fips_aesavs -f", | ||
| 97 | "CFB128VarTxt192" => "fips_aesavs -f", | ||
| 98 | "CFB128VarTxt256" => "fips_aesavs -f", | ||
| 99 | "CFB8GFSbox128" => "fips_aesavs -f", | ||
| 100 | "CFB8GFSbox192" => "fips_aesavs -f", | ||
| 101 | "CFB8GFSbox256" => "fips_aesavs -f", | ||
| 102 | "CFB8KeySbox128" => "fips_aesavs -f", | ||
| 103 | "CFB8KeySbox192" => "fips_aesavs -f", | ||
| 104 | "CFB8KeySbox256" => "fips_aesavs -f", | ||
| 105 | "CFB8MCT128" => "fips_aesavs -f", | ||
| 106 | "CFB8MCT192" => "fips_aesavs -f", | ||
| 107 | "CFB8MCT256" => "fips_aesavs -f", | ||
| 108 | "CFB8MMT128" => "fips_aesavs -f", | ||
| 109 | "CFB8MMT192" => "fips_aesavs -f", | ||
| 110 | "CFB8MMT256" => "fips_aesavs -f", | ||
| 111 | "CFB8VarKey128" => "fips_aesavs -f", | ||
| 112 | "CFB8VarKey192" => "fips_aesavs -f", | ||
| 113 | "CFB8VarKey256" => "fips_aesavs -f", | ||
| 114 | "CFB8VarTxt128" => "fips_aesavs -f", | ||
| 115 | "CFB8VarTxt192" => "fips_aesavs -f", | ||
| 116 | "CFB8VarTxt256" => "fips_aesavs -f", | ||
| 117 | #"CFB1GFSbox128" => "fips_aesavs -f", | ||
| 118 | #"CFB1GFSbox192" => "fips_aesavs -f", | ||
| 119 | #"CFB1GFSbox256" => "fips_aesavs -f", | ||
| 120 | #"CFB1KeySbox128" => "fips_aesavs -f", | ||
| 121 | #"CFB1KeySbox192" => "fips_aesavs -f", | ||
| 122 | #"CFB1KeySbox256" => "fips_aesavs -f", | ||
| 123 | #"CFB1MCT128" => "fips_aesavs -f", | ||
| 124 | #"CFB1MCT192" => "fips_aesavs -f", | ||
| 125 | #"CFB1MCT256" => "fips_aesavs -f", | ||
| 126 | #"CFB1MMT128" => "fips_aesavs -f", | ||
| 127 | #"CFB1MMT192" => "fips_aesavs -f", | ||
| 128 | #"CFB1MMT256" => "fips_aesavs -f", | ||
| 129 | #"CFB1VarKey128" => "fips_aesavs -f", | ||
| 130 | #"CFB1VarKey192" => "fips_aesavs -f", | ||
| 131 | #"CFB1VarKey256" => "fips_aesavs -f", | ||
| 132 | #"CFB1VarTxt128" => "fips_aesavs -f", | ||
| 133 | #"CFB1VarTxt192" => "fips_aesavs -f", | ||
| 134 | #"CFB1VarTxt256" => "fips_aesavs -f", | ||
| 135 | "ECBGFSbox128" => "fips_aesavs -f", | ||
| 136 | "ECBGFSbox192" => "fips_aesavs -f", | ||
| 137 | "ECBGFSbox256" => "fips_aesavs -f", | ||
| 138 | "ECBKeySbox128" => "fips_aesavs -f", | ||
| 139 | "ECBKeySbox192" => "fips_aesavs -f", | ||
| 140 | "ECBKeySbox256" => "fips_aesavs -f", | ||
| 141 | "ECBMCT128" => "fips_aesavs -f", | ||
| 142 | "ECBMCT192" => "fips_aesavs -f", | ||
| 143 | "ECBMCT256" => "fips_aesavs -f", | ||
| 144 | "ECBMMT128" => "fips_aesavs -f", | ||
| 145 | "ECBMMT192" => "fips_aesavs -f", | ||
| 146 | "ECBMMT256" => "fips_aesavs -f", | ||
| 147 | "ECBVarKey128" => "fips_aesavs -f", | ||
| 148 | "ECBVarKey192" => "fips_aesavs -f", | ||
| 149 | "ECBVarKey256" => "fips_aesavs -f", | ||
| 150 | "ECBVarTxt128" => "fips_aesavs -f", | ||
| 151 | "ECBVarTxt192" => "fips_aesavs -f", | ||
| 152 | "ECBVarTxt256" => "fips_aesavs -f", | ||
| 153 | "OFBGFSbox128" => "fips_aesavs -f", | ||
| 154 | "OFBGFSbox192" => "fips_aesavs -f", | ||
| 155 | "OFBGFSbox256" => "fips_aesavs -f", | ||
| 156 | "OFBKeySbox128" => "fips_aesavs -f", | ||
| 157 | "OFBKeySbox192" => "fips_aesavs -f", | ||
| 158 | "OFBKeySbox256" => "fips_aesavs -f", | ||
| 159 | "OFBMCT128" => "fips_aesavs -f", | ||
| 160 | "OFBMCT192" => "fips_aesavs -f", | ||
| 161 | "OFBMCT256" => "fips_aesavs -f", | ||
| 162 | "OFBMMT128" => "fips_aesavs -f", | ||
| 163 | "OFBMMT192" => "fips_aesavs -f", | ||
| 164 | "OFBMMT256" => "fips_aesavs -f", | ||
| 165 | "OFBVarKey128" => "fips_aesavs -f", | ||
| 166 | "OFBVarKey192" => "fips_aesavs -f", | ||
| 167 | "OFBVarKey256" => "fips_aesavs -f", | ||
| 168 | "OFBVarTxt128" => "fips_aesavs -f", | ||
| 169 | "OFBVarTxt192" => "fips_aesavs -f", | ||
| 170 | "OFBVarTxt256" => "fips_aesavs -f", | ||
| 171 | |||
| 172 | # Triple DES tests | ||
| 173 | |||
| 174 | "TCBCinvperm" => "fips_desmovs -f", | ||
| 175 | "TCBCMMT1" => "fips_desmovs -f", | ||
| 176 | "TCBCMMT2" => "fips_desmovs -f", | ||
| 177 | "TCBCMMT3" => "fips_desmovs -f", | ||
| 178 | "TCBCMonte1" => "fips_desmovs -f", | ||
| 179 | "TCBCMonte2" => "fips_desmovs -f", | ||
| 180 | "TCBCMonte3" => "fips_desmovs -f", | ||
| 181 | "TCBCpermop" => "fips_desmovs -f", | ||
| 182 | "TCBCsubtab" => "fips_desmovs -f", | ||
| 183 | "TCBCvarkey" => "fips_desmovs -f", | ||
| 184 | "TCBCvartext" => "fips_desmovs -f", | ||
| 185 | "TCFB64invperm" => "fips_desmovs -f", | ||
| 186 | "TCFB64MMT1" => "fips_desmovs -f", | ||
| 187 | "TCFB64MMT2" => "fips_desmovs -f", | ||
| 188 | "TCFB64MMT3" => "fips_desmovs -f", | ||
| 189 | "TCFB64Monte1" => "fips_desmovs -f", | ||
| 190 | "TCFB64Monte2" => "fips_desmovs -f", | ||
| 191 | "TCFB64Monte3" => "fips_desmovs -f", | ||
| 192 | "TCFB64permop" => "fips_desmovs -f", | ||
| 193 | "TCFB64subtab" => "fips_desmovs -f", | ||
| 194 | "TCFB64varkey" => "fips_desmovs -f", | ||
| 195 | "TCFB64vartext" => "fips_desmovs -f", | ||
| 196 | "TCFB8invperm" => "fips_desmovs -f", | ||
| 197 | "TCFB8MMT1" => "fips_desmovs -f", | ||
| 198 | "TCFB8MMT2" => "fips_desmovs -f", | ||
| 199 | "TCFB8MMT3" => "fips_desmovs -f", | ||
| 200 | "TCFB8Monte1" => "fips_desmovs -f", | ||
| 201 | "TCFB8Monte2" => "fips_desmovs -f", | ||
| 202 | "TCFB8Monte3" => "fips_desmovs -f", | ||
| 203 | "TCFB8permop" => "fips_desmovs -f", | ||
| 204 | "TCFB8subtab" => "fips_desmovs -f", | ||
| 205 | "TCFB8varkey" => "fips_desmovs -f", | ||
| 206 | "TCFB8vartext" => "fips_desmovs -f", | ||
| 207 | "TECBinvperm" => "fips_desmovs -f", | ||
| 208 | "TECBMMT1" => "fips_desmovs -f", | ||
| 209 | "TECBMMT2" => "fips_desmovs -f", | ||
| 210 | "TECBMMT3" => "fips_desmovs -f", | ||
| 211 | "TECBMonte1" => "fips_desmovs -f", | ||
| 212 | "TECBMonte2" => "fips_desmovs -f", | ||
| 213 | "TECBMonte3" => "fips_desmovs -f", | ||
| 214 | "TECBpermop" => "fips_desmovs -f", | ||
| 215 | "TECBsubtab" => "fips_desmovs -f", | ||
| 216 | "TECBvarkey" => "fips_desmovs -f", | ||
| 217 | "TECBvartext" => "fips_desmovs -f", | ||
| 218 | "TOFBinvperm" => "fips_desmovs -f", | ||
| 219 | "TOFBMMT1" => "fips_desmovs -f", | ||
| 220 | "TOFBMMT2" => "fips_desmovs -f", | ||
| 221 | "TOFBMMT3" => "fips_desmovs -f", | ||
| 222 | "TOFBMonte1" => "fips_desmovs -f", | ||
| 223 | "TOFBMonte2" => "fips_desmovs -f", | ||
| 224 | "TOFBMonte3" => "fips_desmovs -f", | ||
| 225 | "TOFBpermop" => "fips_desmovs -f", | ||
| 226 | "TOFBsubtab" => "fips_desmovs -f", | ||
| 227 | "TOFBvarkey" => "fips_desmovs -f", | ||
| 228 | "TOFBvartext" => "fips_desmovs -f", | ||
| 229 | "TCBCinvperm" => "fips_desmovs -f", | ||
| 230 | "TCBCMMT1" => "fips_desmovs -f", | ||
| 231 | "TCBCMMT2" => "fips_desmovs -f", | ||
| 232 | "TCBCMMT3" => "fips_desmovs -f", | ||
| 233 | "TCBCMonte1" => "fips_desmovs -f", | ||
| 234 | "TCBCMonte2" => "fips_desmovs -f", | ||
| 235 | "TCBCMonte3" => "fips_desmovs -f", | ||
| 236 | "TCBCpermop" => "fips_desmovs -f", | ||
| 237 | "TCBCsubtab" => "fips_desmovs -f", | ||
| 238 | "TCBCvarkey" => "fips_desmovs -f", | ||
| 239 | "TCBCvartext" => "fips_desmovs -f", | ||
| 240 | "TCFB64invperm" => "fips_desmovs -f", | ||
| 241 | "TCFB64MMT1" => "fips_desmovs -f", | ||
| 242 | "TCFB64MMT2" => "fips_desmovs -f", | ||
| 243 | "TCFB64MMT3" => "fips_desmovs -f", | ||
| 244 | "TCFB64Monte1" => "fips_desmovs -f", | ||
| 245 | "TCFB64Monte2" => "fips_desmovs -f", | ||
| 246 | "TCFB64Monte3" => "fips_desmovs -f", | ||
| 247 | "TCFB64permop" => "fips_desmovs -f", | ||
| 248 | "TCFB64subtab" => "fips_desmovs -f", | ||
| 249 | "TCFB64varkey" => "fips_desmovs -f", | ||
| 250 | "TCFB64vartext" => "fips_desmovs -f", | ||
| 251 | "TCFB8invperm" => "fips_desmovs -f", | ||
| 252 | "TCFB8MMT1" => "fips_desmovs -f", | ||
| 253 | "TCFB8MMT2" => "fips_desmovs -f", | ||
| 254 | "TCFB8MMT3" => "fips_desmovs -f", | ||
| 255 | "TCFB8Monte1" => "fips_desmovs -f", | ||
| 256 | "TCFB8Monte2" => "fips_desmovs -f", | ||
| 257 | "TCFB8Monte3" => "fips_desmovs -f", | ||
| 258 | "TCFB8permop" => "fips_desmovs -f", | ||
| 259 | "TCFB8subtab" => "fips_desmovs -f", | ||
| 260 | "TCFB8varkey" => "fips_desmovs -f", | ||
| 261 | "TCFB8vartext" => "fips_desmovs -f", | ||
| 262 | "TECBinvperm" => "fips_desmovs -f", | ||
| 263 | "TECBMMT1" => "fips_desmovs -f", | ||
| 264 | "TECBMMT2" => "fips_desmovs -f", | ||
| 265 | "TECBMMT3" => "fips_desmovs -f", | ||
| 266 | "TECBMonte1" => "fips_desmovs -f", | ||
| 267 | "TECBMonte2" => "fips_desmovs -f", | ||
| 268 | "TECBMonte3" => "fips_desmovs -f", | ||
| 269 | "TECBpermop" => "fips_desmovs -f", | ||
| 270 | "TECBsubtab" => "fips_desmovs -f", | ||
| 271 | "TECBvarkey" => "fips_desmovs -f", | ||
| 272 | "TECBvartext" => "fips_desmovs -f", | ||
| 273 | "TOFBinvperm" => "fips_desmovs -f", | ||
| 274 | "TOFBMMT1" => "fips_desmovs -f", | ||
| 275 | "TOFBMMT2" => "fips_desmovs -f", | ||
| 276 | "TOFBMMT3" => "fips_desmovs -f", | ||
| 277 | "TOFBMonte1" => "fips_desmovs -f", | ||
| 278 | "TOFBMonte2" => "fips_desmovs -f", | ||
| 279 | "TOFBMonte3" => "fips_desmovs -f", | ||
| 280 | "TOFBpermop" => "fips_desmovs -f", | ||
| 281 | "TOFBsubtab" => "fips_desmovs -f", | ||
| 282 | "TOFBvarkey" => "fips_desmovs -f", | ||
| 283 | "TOFBvartext" => "fips_desmovs -f" | ||
| 284 | |||
| 285 | ); | ||
| 286 | my %salt_names = ( | ||
| 287 | "SigVerPSS (salt 0)" => "SigVerPSS", | ||
| 288 | "SigVerPSS (salt 62)" => "SigVerPSS", | ||
| 289 | "SigGenPSS (salt 0)" => "SigGenPSS", | ||
| 290 | "SigGenPSS (salt 62)" => "SigGenPSS", | ||
| 291 | ); | ||
| 292 | |||
| 293 | |||
| 294 | my $win32 = $^O =~ m/mswin/i; | ||
| 295 | my $onedir = 0; | ||
| 296 | my $filter = ""; | ||
| 297 | my $tvdir; | ||
| 298 | my $tprefix; | ||
| 299 | my $shwrap_prefix; | ||
| 300 | my $debug = 0; | ||
| 301 | my $quiet = 0; | ||
| 302 | my $rspdir = "rsp"; | ||
| 303 | my $rspignore = 0; | ||
| 304 | my @bogus = (); # list of unmatched *.rsp files | ||
| 305 | my $bufout = ''; | ||
| 306 | my %_programs = (); # list of external programs to check | ||
| 307 | |||
| 308 | foreach (@ARGV) | ||
| 309 | { | ||
| 310 | if ($_ eq "--win32") | ||
| 311 | { | ||
| 312 | $win32 = 1; | ||
| 313 | } | ||
| 314 | elsif ($_ eq "--onedir") | ||
| 315 | { | ||
| 316 | $onedir = 1; | ||
| 317 | } | ||
| 318 | elsif ($_ eq "--debug") | ||
| 319 | { | ||
| 320 | $debug = 1; | ||
| 321 | } | ||
| 322 | elsif ($_ eq "--quiet") | ||
| 323 | { | ||
| 324 | $quiet = 1; | ||
| 325 | } | ||
| 326 | elsif (/--dir=(.*)$/) | ||
| 327 | { | ||
| 328 | $tvdir = $1; | ||
| 329 | } | ||
| 330 | elsif (/--rspdir=(.*)$/) | ||
| 331 | { | ||
| 332 | $rspdir = $1; | ||
| 333 | } | ||
| 334 | elsif (/--rspignore$/) | ||
| 335 | { | ||
| 336 | $rspignore = 1; | ||
| 337 | } | ||
| 338 | elsif (/--tprefix=(.*)$/) | ||
| 339 | { | ||
| 340 | $tprefix = $1; | ||
| 341 | } | ||
| 342 | elsif (/--shwrap_prefix=(.*)$/) | ||
| 343 | { | ||
| 344 | $shwrap_prefix = $1; | ||
| 345 | } | ||
| 346 | elsif (/--filter=(.*)$/) | ||
| 347 | { | ||
| 348 | $filter = $1; | ||
| 349 | } | ||
| 350 | elsif (/--outfile=(.*)$/) | ||
| 351 | { | ||
| 352 | $outfile = $1; | ||
| 353 | } | ||
| 354 | else | ||
| 355 | { | ||
| 356 | &Help(); | ||
| 357 | exit(1); | ||
| 358 | } | ||
| 359 | } | ||
| 360 | |||
| 361 | $tvdir = "." unless defined $tvdir; | ||
| 362 | |||
| 363 | if ($win32) | ||
| 364 | { | ||
| 365 | if (!defined $tprefix) | ||
| 366 | { | ||
| 367 | if ($onedir) | ||
| 368 | { | ||
| 369 | $tprefix = ".\\"; | ||
| 370 | } | ||
| 371 | else | ||
| 372 | { | ||
| 373 | $tprefix = "..\\out32dll\\"; | ||
| 374 | } | ||
| 375 | } | ||
| 376 | |||
| 377 | $bufinit .= <<END; | ||
| 378 | \@echo off | ||
| 379 | rem Test vector run script | ||
| 380 | rem Auto generated by mkfipsscr.pl script | ||
| 381 | rem Do not edit | ||
| 382 | |||
| 383 | END | ||
| 384 | |||
| 385 | } | ||
| 386 | else | ||
| 387 | { | ||
| 388 | if ($onedir) | ||
| 389 | { | ||
| 390 | $tprefix = "./" unless defined $tprefix; | ||
| 391 | $shwrap_prefix = "./" unless defined $shwrap_prefix; | ||
| 392 | } | ||
| 393 | else | ||
| 394 | { | ||
| 395 | $tprefix = "../test/" unless defined $tprefix; | ||
| 396 | $shwrap_prefix = "../util/" unless defined $shwrap_prefix; | ||
| 397 | } | ||
| 398 | |||
| 399 | $bufinit .= <<END; | ||
| 400 | #!/bin/sh | ||
| 401 | |||
| 402 | # Test vector run script | ||
| 403 | # Auto generated by mkfipsscr.pl script | ||
| 404 | # Do not edit | ||
| 405 | |||
| 406 | END | ||
| 407 | |||
| 408 | } | ||
| 409 | my %fips_found; | ||
| 410 | foreach (keys %fips_tests) | ||
| 411 | { | ||
| 412 | $fips_found{$_} = 0; | ||
| 413 | } | ||
| 414 | my %saltPSS; | ||
| 415 | for (keys %salt_names) | ||
| 416 | { | ||
| 417 | $salt_found{$_} = 0; | ||
| 418 | } | ||
| 419 | |||
| 420 | recurse_test($win32, $tprefix, $filter, $tvdir); | ||
| 421 | |||
| 422 | while (($key, $value) = each %salt_found) | ||
| 423 | { | ||
| 424 | &countentry($key, $value); | ||
| 425 | delete $fips_found{$salt_names{$key}}; | ||
| 426 | } | ||
| 427 | while (($key, $value) = each %fips_found) | ||
| 428 | { | ||
| 429 | &countentry($key, $value); | ||
| 430 | } | ||
| 431 | |||
| 432 | # If no fatal errors write out the script file | ||
| 433 | $outfile = "fipstests.sh" unless defined $outfile; | ||
| 434 | open(OUT, ">$outfile") || die "Error opening $outfile: $!"; | ||
| 435 | print OUT $bufinit; | ||
| 436 | if (!$rspignore && @bogus) | ||
| 437 | { | ||
| 438 | print STDERR "ERROR: please remove bogus *.rsp files\n"; | ||
| 439 | print OUT <<EOF; | ||
| 440 | echo $outfile generation failed due to presence of bogus *.rsp files | ||
| 441 | EOF | ||
| 442 | } | ||
| 443 | else | ||
| 444 | { | ||
| 445 | print OUT $bufout; | ||
| 446 | } | ||
| 447 | close OUT; | ||
| 448 | |||
| 449 | # Check for external programs | ||
| 450 | for (keys %_programs) | ||
| 451 | { | ||
| 452 | s/ .*$//; | ||
| 453 | -x $_ || print STDERR "WARNING: program $_ not found\n"; | ||
| 454 | } | ||
| 455 | |||
| 456 | #-------------------------------- | ||
| 457 | sub Help { | ||
| 458 | (my $cmd) = ($0 =~ m#([^/]+)$#); | ||
| 459 | print <<EOF; | ||
| 460 | $cmd: generate script for CMVP algorithm tests | ||
| 461 | --debug Enable debug output | ||
| 462 | --dir=<dirname> Optional root for *.req file search | ||
| 463 | --filter=<regexp> | ||
| 464 | --onedir <dirname> Assume all components in current directory | ||
| 465 | --outfile=<filename> Optional name of output script, default fipstests.{sh|bat} | ||
| 466 | --rspdir=<dirname> Name of subdirectories containing *.rsp files, default "resp" | ||
| 467 | --rspignore Ignore any bogus *.rsp files | ||
| 468 | --shwrap_prefix=<prefix> | ||
| 469 | --tprefix=<prefix> | ||
| 470 | --quiet Shhh.... | ||
| 471 | --win32 Generate script for Win32 environment | ||
| 472 | EOF | ||
| 473 | } | ||
| 474 | |||
| 475 | #-------------------------------- | ||
| 476 | sub countentry { | ||
| 477 | my ($key,$value) = @_; | ||
| 478 | if ($value == 0) | ||
| 479 | { | ||
| 480 | print STDERR "WARNING: test file $key not found\n" unless $quiet; | ||
| 481 | } | ||
| 482 | elsif ($value > 1) | ||
| 483 | { | ||
| 484 | print STDERR "WARNING: test file $key found $value times\n" unless $quiet; | ||
| 485 | } | ||
| 486 | else | ||
| 487 | { | ||
| 488 | print STDERR "Found test file $key\n" if $debug; | ||
| 489 | } | ||
| 490 | } | ||
| 491 | |||
| 492 | #-------------------------------- | ||
| 493 | sub recurse_test | ||
| 494 | { | ||
| 495 | my ($win32, $tprefix, $filter, $dir) = @_; | ||
| 496 | my $dirh; | ||
| 497 | opendir($dirh, $dir); | ||
| 498 | while ($_ = readdir($dirh)) | ||
| 499 | { | ||
| 500 | next if ($_ eq "." || $_ eq ".."); | ||
| 501 | $_ = "$dir/$_"; | ||
| 502 | if (-f "$_") | ||
| 503 | { | ||
| 504 | if (/\/([^\/]*)\.rsp$/) | ||
| 505 | { | ||
| 506 | if (exists $fips_tests{$1}) | ||
| 507 | { | ||
| 508 | $debug && print "DEBUG: $1 found, will be overwritten\n"; | ||
| 509 | } | ||
| 510 | else | ||
| 511 | { | ||
| 512 | print STDERR "ERROR: bogus file $_\n"; | ||
| 513 | push @bogus, $_; | ||
| 514 | } | ||
| 515 | } | ||
| 516 | next unless /$filter.*\.req$/i; | ||
| 517 | if (/\/([^\/]*)\.req$/ && exists $fips_tests{$1}) | ||
| 518 | { | ||
| 519 | $fips_found{$1}++; | ||
| 520 | test_line($win32, $_, $tprefix, $1); | ||
| 521 | } | ||
| 522 | elsif (! /SHAmix\.req$/) | ||
| 523 | { | ||
| 524 | print STDERR "WARNING: unrecognized filename $_\n"; | ||
| 525 | } | ||
| 526 | } | ||
| 527 | elsif (-d "$_") | ||
| 528 | { | ||
| 529 | if (/$filter.*req$/i) | ||
| 530 | { | ||
| 531 | test_dir($win32, $_); | ||
| 532 | } | ||
| 533 | recurse_test($win32, $tprefix, $filter, $_); | ||
| 534 | } | ||
| 535 | } | ||
| 536 | closedir($dirh); | ||
| 537 | } | ||
| 538 | |||
| 539 | #-------------------------------- | ||
| 540 | sub test_dir | ||
| 541 | { | ||
| 542 | my ($win32, $req) = @_; | ||
| 543 | my $rsp = $req; | ||
| 544 | $rsp =~ s/req$/$rspdir/; | ||
| 545 | if ($win32) | ||
| 546 | { | ||
| 547 | $rsp =~ tr|/|\\|; | ||
| 548 | $req =~ tr|/|\\|; | ||
| 549 | $bufout .= <<END; | ||
| 550 | |||
| 551 | echo Running tests in $req | ||
| 552 | if exist "$rsp" rd /s /q "$rsp" | ||
| 553 | md "$rsp" | ||
| 554 | END | ||
| 555 | } | ||
| 556 | else | ||
| 557 | { | ||
| 558 | $bufout .= <<END; | ||
| 559 | |||
| 560 | echo Running tests in "$req" | ||
| 561 | rm -rf "$rsp" | ||
| 562 | mkdir "$rsp" | ||
| 563 | |||
| 564 | END | ||
| 565 | } | ||
| 566 | } | ||
| 567 | |||
| 568 | #-------------------------------- | ||
| 569 | sub test_line | ||
| 570 | { | ||
| 571 | my ($win32, $req, $tprefix, $tnam) = @_; | ||
| 572 | my $rsp = $req; | ||
| 573 | my $tcmd = $fips_tests{$tnam}; | ||
| 574 | $rsp =~ s/req\/([^\/]*).req$/$rspdir\/$1.rsp/; | ||
| 575 | if ($tcmd =~ /-f$/) | ||
| 576 | { | ||
| 577 | if ($win32) | ||
| 578 | { | ||
| 579 | $req =~ tr|/|\\|; | ||
| 580 | $rsp =~ tr|/|\\|; | ||
| 581 | $bufout .= "$tprefix$tcmd \"$req\" \"$rsp\"\n"; | ||
| 582 | $_programs{"$tprefix$tcmd.exe"} = 1; | ||
| 583 | } | ||
| 584 | else | ||
| 585 | { | ||
| 586 | $bufout .= <<END; | ||
| 587 | ${shwrap_prefix}shlib_wrap.sh $tprefix$tcmd "$req" "$rsp" || { echo "$req failure" ; exit 1 | ||
| 588 | } | ||
| 589 | END | ||
| 590 | $_programs{"${shwrap_prefix}shlib_wrap.sh"} = 1; | ||
| 591 | $_programs{"$tprefix$tcmd"} = 1; | ||
| 592 | } | ||
| 593 | return; | ||
| 594 | } | ||
| 595 | if ($tcmd =~ /SALT$/) | ||
| 596 | { | ||
| 597 | open (IN, $req) || die "Can't Open File $req"; | ||
| 598 | my $saltlen; | ||
| 599 | while (<IN>) | ||
| 600 | { | ||
| 601 | if (/^\s*#\s*salt\s+len:\s+(\d+)\s*$/i) | ||
| 602 | { | ||
| 603 | my $sl = $1; | ||
| 604 | print STDERR "$req salt length $sl\n" if $debug; | ||
| 605 | $tcmd =~ s/SALT$/$sl/; | ||
| 606 | $salt_found{"$tnam (salt $sl)"}++; | ||
| 607 | last; | ||
| 608 | } | ||
| 609 | } | ||
| 610 | close IN; | ||
| 611 | if ($tcmd =~ /SALT$/) | ||
| 612 | { | ||
| 613 | die "Can't detect salt length for $req"; | ||
| 614 | } | ||
| 615 | } | ||
| 616 | |||
| 617 | if ($win32) | ||
| 618 | { | ||
| 619 | $req =~ tr|/|\\|; | ||
| 620 | $rsp =~ tr|/|\\|; | ||
| 621 | $bufout .= "$tprefix$tcmd < \"$req\" > \"$rsp\"\n"; | ||
| 622 | $_programs{"$tprefix$tcmd.exe"} = 1; | ||
| 623 | } | ||
| 624 | else | ||
| 625 | { | ||
| 626 | $bufout .= <<END; | ||
| 627 | ${shwrap_prefix}shlib_wrap.sh $tprefix$tcmd < "$req" > "$rsp" || { echo "$req failure" ; exit 1; } | ||
| 628 | END | ||
| 629 | $_programs{"$tprefix$tcmd"} = 1; | ||
| 630 | } | ||
| 631 | } | ||
| 632 | |||
diff --git a/src/lib/libssl/src/fips/openssl_fips_fingerprint b/src/lib/libssl/src/fips/openssl_fips_fingerprint index d3dfb7eb61..f59a67d537 100755 --- a/src/lib/libssl/src/fips/openssl_fips_fingerprint +++ b/src/lib/libssl/src/fips/openssl_fips_fingerprint | |||
| @@ -5,6 +5,7 @@ | |||
| 5 | 5 | ||
| 6 | lib=$1 | 6 | lib=$1 |
| 7 | exe=$2 | 7 | exe=$2 |
| 8 | ext=${HMAC_EXT:-sha1} | ||
| 8 | 9 | ||
| 9 | # deal with the case where we're run from within the build and OpenSSL is | 10 | # deal with the case where we're run from within the build and OpenSSL is |
| 10 | # not yet installed. Also, make sure LD_LIBRARY_PATH is properly set in | 11 | # not yet installed. Also, make sure LD_LIBRARY_PATH is properly set in |
| @@ -27,4 +28,4 @@ openssl sha1 -hmac etaonrishdlcupfm $lib | sed "s/(.*\//(/" | diff -w $lib.sha1 | |||
| 27 | [ -x $exe.exe ] && exe=$exe.exe | 28 | [ -x $exe.exe ] && exe=$exe.exe |
| 28 | 29 | ||
| 29 | echo "Making fingerprint for $exe" | 30 | echo "Making fingerprint for $exe" |
| 30 | openssl sha1 -hmac etaonrishdlcupfm -binary $exe > $exe.sha1 || rm $exe.sha1 | 31 | openssl sha1 -hmac etaonrishdlcupfm -binary $exe > $exe.$ext || rm $exe.$ext |
diff --git a/src/lib/libssl/src/fips/rand/Makefile b/src/lib/libssl/src/fips/rand/Makefile index c8922abc77..20303c862b 100644 --- a/src/lib/libssl/src/fips/rand/Makefile +++ b/src/lib/libssl/src/fips/rand/Makefile | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | # | 1 | # |
| 2 | # SSLeay/fips/rand/Makefile | 2 | # OpenSSL/fips/rand/Makefile |
| 3 | # | 3 | # |
| 4 | 4 | ||
| 5 | DIR= rand | 5 | DIR= rand |
| @@ -18,12 +18,12 @@ AR= ar r | |||
| 18 | CFLAGS= $(INCLUDES) $(CFLAG) | 18 | CFLAGS= $(INCLUDES) $(CFLAG) |
| 19 | 19 | ||
| 20 | GENERAL=Makefile | 20 | GENERAL=Makefile |
| 21 | TEST= fips_randtest.c | 21 | TEST= fips_randtest.c fips_rngvs.c |
| 22 | APPS= | 22 | APPS= |
| 23 | 23 | ||
| 24 | LIB=$(TOP)/libcrypto.a | 24 | LIB=$(TOP)/libcrypto.a |
| 25 | LIBSRC=fips_rand.c | 25 | LIBSRC=fips_rand.c fips_rand_selftest.c |
| 26 | LIBOBJ=fips_rand.o | 26 | LIBOBJ=fips_rand.o fips_rand_selftest.o |
| 27 | 27 | ||
| 28 | SRC= $(LIBSRC) | 28 | SRC= $(LIBSRC) |
| 29 | 29 | ||
| @@ -35,15 +35,10 @@ ALL= $(GENERAL) $(SRC) $(HEADER) | |||
| 35 | top: | 35 | top: |
| 36 | (cd $(TOP); $(MAKE) DIRS=fips SDIRS=$(DIR) sub_all) | 36 | (cd $(TOP); $(MAKE) DIRS=fips SDIRS=$(DIR) sub_all) |
| 37 | 37 | ||
| 38 | all: check lib | 38 | all: lib |
| 39 | |||
| 40 | check: | ||
| 41 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
| 42 | 39 | ||
| 43 | lib: $(LIBOBJ) | 40 | lib: $(LIBOBJ) |
| 44 | $(AR) $(LIB) $(LIBOBJ) | 41 | @echo $(LIBOBJ) > lib |
| 45 | $(RANLIB) $(LIB) || echo Never mind. | ||
| 46 | @sleep 2; touch lib | ||
| 47 | 42 | ||
| 48 | files: | 43 | files: |
| 49 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | 44 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
| @@ -65,6 +60,19 @@ tags: | |||
| 65 | 60 | ||
| 66 | tests: | 61 | tests: |
| 67 | 62 | ||
| 63 | Q=../testvectors/rng/req | ||
| 64 | A=../testvectors/rng/rsp | ||
| 65 | |||
| 66 | fips_test: | ||
| 67 | -rm -rf $(A) | ||
| 68 | mkdir $(A) | ||
| 69 | if [ -f $(Q)/ANSI931_AES128MCT.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rngvs mct < $(Q)/ANSI931_AES128MCT.req > $(A)/ANSI931_AES128MCT.rsp; fi | ||
| 70 | if [ -f $(Q)/ANSI931_AES192MCT.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rngvs mct < $(Q)/ANSI931_AES192MCT.req > $(A)/ANSI931_AES192MCT.rsp; fi | ||
| 71 | if [ -f $(Q)/ANSI931_AES256MCT.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rngvs mct < $(Q)/ANSI931_AES256MCT.req > $(A)/ANSI931_AES256MCT.rsp; fi | ||
| 72 | if [ -f $(Q)/ANSI931_AES128VST.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rngvs vst < $(Q)/ANSI931_AES128VST.req > $(A)/ANSI931_AES128VST.rsp; fi | ||
| 73 | if [ -f $(Q)/ANSI931_AES192VST.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rngvs vst < $(Q)/ANSI931_AES192VST.req > $(A)/ANSI931_AES192VST.rsp; fi | ||
| 74 | if [ -f $(Q)/ANSI931_AES256VST.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rngvs vst < $(Q)/ANSI931_AES256VST.req > $(A)/ANSI931_AES256VST.rsp; fi | ||
| 75 | |||
| 68 | lint: | 76 | lint: |
| 69 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 77 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 70 | 78 | ||
| @@ -80,20 +88,39 @@ clean: | |||
| 80 | 88 | ||
| 81 | # DO NOT DELETE THIS LINE -- make depend depends on it. | 89 | # DO NOT DELETE THIS LINE -- make depend depends on it. |
| 82 | 90 | ||
| 83 | fips_rand.o: ../../e_os.h ../../include/openssl/bio.h | 91 | fips_rand.o: ../../e_os.h ../../include/openssl/aes.h |
| 84 | fips_rand.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | 92 | fips_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h |
| 85 | fips_rand.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h | 93 | fips_rand.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 86 | fips_rand.o: ../../include/openssl/err.h ../../include/openssl/fips_rand.h | 94 | fips_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 95 | fips_rand.o: ../../include/openssl/fips.h ../../include/openssl/fips_rand.h | ||
| 87 | fips_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h | 96 | fips_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h |
| 88 | fips_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | 97 | fips_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h |
| 89 | fips_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h | 98 | fips_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h |
| 90 | fips_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 99 | fips_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 91 | fips_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 100 | fips_rand.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 92 | fips_rand.o: fips_rand.c | 101 | fips_rand.o: ../fips_locl.h fips_rand.c |
| 102 | fips_rand_selftest.o: ../../include/openssl/bio.h | ||
| 103 | fips_rand_selftest.o: ../../include/openssl/crypto.h | ||
| 104 | fips_rand_selftest.o: ../../include/openssl/des.h | ||
| 105 | fips_rand_selftest.o: ../../include/openssl/des_old.h | ||
| 106 | fips_rand_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 107 | fips_rand_selftest.o: ../../include/openssl/fips.h | ||
| 108 | fips_rand_selftest.o: ../../include/openssl/fips_rand.h | ||
| 109 | fips_rand_selftest.o: ../../include/openssl/lhash.h | ||
| 110 | fips_rand_selftest.o: ../../include/openssl/opensslconf.h | ||
| 111 | fips_rand_selftest.o: ../../include/openssl/opensslv.h | ||
| 112 | fips_rand_selftest.o: ../../include/openssl/ossl_typ.h | ||
| 113 | fips_rand_selftest.o: ../../include/openssl/rand.h | ||
| 114 | fips_rand_selftest.o: ../../include/openssl/safestack.h | ||
| 115 | fips_rand_selftest.o: ../../include/openssl/stack.h | ||
| 116 | fips_rand_selftest.o: ../../include/openssl/symhacks.h | ||
| 117 | fips_rand_selftest.o: ../../include/openssl/ui.h | ||
| 118 | fips_rand_selftest.o: ../../include/openssl/ui_compat.h fips_rand_selftest.c | ||
| 93 | fips_randtest.o: ../../e_os.h ../../include/openssl/bio.h | 119 | fips_randtest.o: ../../e_os.h ../../include/openssl/bio.h |
| 94 | fips_randtest.o: ../../include/openssl/crypto.h ../../include/openssl/des.h | 120 | fips_randtest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h |
| 95 | fips_randtest.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h | 121 | fips_randtest.o: ../../include/openssl/des.h ../../include/openssl/des_old.h |
| 96 | fips_randtest.o: ../../include/openssl/err.h ../../include/openssl/fips_rand.h | 122 | fips_randtest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 123 | fips_randtest.o: ../../include/openssl/fips_rand.h | ||
| 97 | fips_randtest.o: ../../include/openssl/lhash.h | 124 | fips_randtest.o: ../../include/openssl/lhash.h |
| 98 | fips_randtest.o: ../../include/openssl/opensslconf.h | 125 | fips_randtest.o: ../../include/openssl/opensslconf.h |
| 99 | fips_randtest.o: ../../include/openssl/opensslv.h | 126 | fips_randtest.o: ../../include/openssl/opensslv.h |
| @@ -101,4 +128,22 @@ fips_randtest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | |||
| 101 | fips_randtest.o: ../../include/openssl/safestack.h | 128 | fips_randtest.o: ../../include/openssl/safestack.h |
| 102 | fips_randtest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 129 | fips_randtest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 103 | fips_randtest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | 130 | fips_randtest.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h |
| 104 | fips_randtest.o: fips_randtest.c | 131 | fips_randtest.o: ../fips_utl.h fips_randtest.c |
| 132 | fips_rngvs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 133 | fips_rngvs.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | ||
| 134 | fips_rngvs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | ||
| 135 | fips_rngvs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h | ||
| 136 | fips_rngvs.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h | ||
| 137 | fips_rngvs.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h | ||
| 138 | fips_rngvs.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h | ||
| 139 | fips_rngvs.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 140 | fips_rngvs.o: ../../include/openssl/fips_rand.h ../../include/openssl/lhash.h | ||
| 141 | fips_rngvs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 142 | fips_rngvs.o: ../../include/openssl/opensslconf.h | ||
| 143 | fips_rngvs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h | ||
| 144 | fips_rngvs.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h | ||
| 145 | fips_rngvs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 146 | fips_rngvs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 147 | fips_rngvs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h | ||
| 148 | fips_rngvs.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
| 149 | fips_rngvs.o: ../../include/openssl/x509v3.h ../fips_utl.h fips_rngvs.c | ||
diff --git a/src/lib/libssl/src/fips/rand/fips_rand.c b/src/lib/libssl/src/fips/rand/fips_rand.c index cc2f12deb9..58453e996d 100644 --- a/src/lib/libssl/src/fips/rand/fips_rand.c +++ b/src/lib/libssl/src/fips/rand/fips_rand.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* ==================================================================== | 1 | /* ==================================================================== |
| 2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | 2 | * Copyright (c) 2007 The OpenSSL Project. All rights reserved. |
| 3 | * | 3 | * |
| 4 | * Redistribution and use in source and binary forms, with or without | 4 | * Redistribution and use in source and binary forms, with or without |
| 5 | * modification, are permitted provided that the following conditions | 5 | * modification, are permitted provided that the following conditions |
| @@ -48,7 +48,7 @@ | |||
| 48 | */ | 48 | */ |
| 49 | 49 | ||
| 50 | /* | 50 | /* |
| 51 | * This is a FIPS approved PRNG, ANSI X9.31 A.2.4. | 51 | * This is a FIPS approved AES PRNG based on ANSI X9.31 A.2.4. |
| 52 | */ | 52 | */ |
| 53 | 53 | ||
| 54 | #include "e_os.h" | 54 | #include "e_os.h" |
| @@ -60,8 +60,8 @@ | |||
| 60 | #define _XOPEN_SOURCE_EXTENDED 1 | 60 | #define _XOPEN_SOURCE_EXTENDED 1 |
| 61 | #endif | 61 | #endif |
| 62 | 62 | ||
| 63 | #include <openssl/des.h> | ||
| 64 | #include <openssl/rand.h> | 63 | #include <openssl/rand.h> |
| 64 | #include <openssl/aes.h> | ||
| 65 | #include <openssl/err.h> | 65 | #include <openssl/err.h> |
| 66 | #include <openssl/fips_rand.h> | 66 | #include <openssl/fips_rand.h> |
| 67 | #ifndef OPENSSL_SYS_WIN32 | 67 | #ifndef OPENSSL_SYS_WIN32 |
| @@ -76,280 +76,335 @@ | |||
| 76 | # endif | 76 | # endif |
| 77 | #endif | 77 | #endif |
| 78 | #include <string.h> | 78 | #include <string.h> |
| 79 | #include <openssl/fips.h> | ||
| 80 | #include "fips_locl.h" | ||
| 79 | 81 | ||
| 80 | #ifdef OPENSSL_FIPS | 82 | #ifdef OPENSSL_FIPS |
| 81 | 83 | ||
| 82 | #define SEED_SIZE 8 | 84 | void *OPENSSL_stderr(void); |
| 83 | 85 | ||
| 84 | static unsigned char seed[SEED_SIZE]; | 86 | #define AES_BLOCK_LENGTH 16 |
| 85 | static FIPS_RAND_SIZE_T n_seed; | ||
| 86 | static FIPS_RAND_SIZE_T o_seed; | ||
| 87 | static DES_cblock key1; | ||
| 88 | static DES_cblock key2; | ||
| 89 | static DES_key_schedule ks1,ks2; | ||
| 90 | static int key_set; | ||
| 91 | static int test_mode; | ||
| 92 | static unsigned char test_faketime[8]; | ||
| 93 | 87 | ||
| 94 | #ifndef GETPID_IS_MEANINGLESS | ||
| 95 | static int seed_pid; | ||
| 96 | static int key_pid; | ||
| 97 | #endif | ||
| 98 | |||
| 99 | static void fips_rand_cleanup(void); | ||
| 100 | static void fips_rand_add(const void *buf, FIPS_RAND_SIZE_T num, double add_entropy); | ||
| 101 | static int fips_rand_bytes(unsigned char *buf, FIPS_RAND_SIZE_T num); | ||
| 102 | static int fips_rand_status(void); | ||
| 103 | 88 | ||
| 104 | static RAND_METHOD rand_fips_meth= | 89 | /* AES FIPS PRNG implementation */ |
| 105 | { | ||
| 106 | FIPS_rand_seed, | ||
| 107 | fips_rand_bytes, | ||
| 108 | fips_rand_cleanup, | ||
| 109 | fips_rand_add, | ||
| 110 | fips_rand_bytes, | ||
| 111 | fips_rand_status | ||
| 112 | }; | ||
| 113 | 90 | ||
| 114 | static int second; | 91 | typedef struct |
| 92 | { | ||
| 93 | int seeded; | ||
| 94 | int keyed; | ||
| 95 | int test_mode; | ||
| 96 | int second; | ||
| 97 | int error; | ||
| 98 | unsigned long counter; | ||
| 99 | AES_KEY ks; | ||
| 100 | int vpos; | ||
| 101 | /* Temporary storage for key if it equals seed length */ | ||
| 102 | unsigned char tmp_key[AES_BLOCK_LENGTH]; | ||
| 103 | unsigned char V[AES_BLOCK_LENGTH]; | ||
| 104 | unsigned char DT[AES_BLOCK_LENGTH]; | ||
| 105 | unsigned char last[AES_BLOCK_LENGTH]; | ||
| 106 | } FIPS_PRNG_CTX; | ||
| 107 | |||
| 108 | static FIPS_PRNG_CTX sctx; | ||
| 109 | |||
| 110 | static int fips_prng_fail = 0; | ||
| 111 | |||
| 112 | void FIPS_rng_stick(void) | ||
| 113 | { | ||
| 114 | fips_prng_fail = 1; | ||
| 115 | } | ||
| 115 | 116 | ||
| 116 | RAND_METHOD *FIPS_rand_method(void) | 117 | void fips_rand_prng_reset(FIPS_PRNG_CTX *ctx) |
| 117 | { | 118 | { |
| 118 | return &rand_fips_meth; | 119 | ctx->seeded = 0; |
| 119 | } | 120 | ctx->keyed = 0; |
| 121 | ctx->test_mode = 0; | ||
| 122 | ctx->counter = 0; | ||
| 123 | ctx->second = 0; | ||
| 124 | ctx->error = 0; | ||
| 125 | ctx->vpos = 0; | ||
| 126 | OPENSSL_cleanse(ctx->V, AES_BLOCK_LENGTH); | ||
| 127 | OPENSSL_cleanse(&ctx->ks, sizeof(AES_KEY)); | ||
| 128 | } | ||
| 129 | |||
| 120 | 130 | ||
| 121 | void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8]) | 131 | static int fips_set_prng_key(FIPS_PRNG_CTX *ctx, |
| 122 | { | 132 | const unsigned char *key, FIPS_RAND_SIZE_T keylen) |
| 123 | memcpy(&key1,k1,sizeof key1); | 133 | { |
| 124 | memcpy(&key2,k2,sizeof key2); | 134 | FIPS_selftest_check(); |
| 125 | key_set=1; | 135 | if (keylen != 16 && keylen != 24 && keylen != 32) |
| 126 | #ifndef GETPID_IS_MEANINGLESS | 136 | { |
| 127 | key_pid=getpid(); | 137 | /* error: invalid key size */ |
| 128 | #endif | 138 | return 0; |
| 129 | second=0; | 139 | } |
| 130 | } | 140 | AES_set_encrypt_key(key, keylen << 3, &ctx->ks); |
| 141 | if (keylen == 16) | ||
| 142 | { | ||
| 143 | memcpy(ctx->tmp_key, key, 16); | ||
| 144 | ctx->keyed = 2; | ||
| 145 | } | ||
| 146 | else | ||
| 147 | ctx->keyed = 1; | ||
| 148 | ctx->seeded = 0; | ||
| 149 | ctx->second = 0; | ||
| 150 | return 1; | ||
| 151 | } | ||
| 131 | 152 | ||
| 132 | void FIPS_test_mode(int test,const unsigned char faketime[8]) | 153 | static int fips_set_prng_seed(FIPS_PRNG_CTX *ctx, |
| 133 | { | 154 | const unsigned char *seed, FIPS_RAND_SIZE_T seedlen) |
| 134 | test_mode=test; | 155 | { |
| 135 | if(!test_mode) | 156 | int i; |
| 136 | return; | 157 | if (!ctx->keyed) |
| 137 | memcpy(test_faketime,faketime,sizeof test_faketime); | 158 | return 0; |
| 138 | } | 159 | /* In test mode seed is just supplied data */ |
| 160 | if (ctx->test_mode) | ||
| 161 | { | ||
| 162 | if (seedlen != AES_BLOCK_LENGTH) | ||
| 163 | return 0; | ||
| 164 | memcpy(ctx->V, seed, AES_BLOCK_LENGTH); | ||
| 165 | ctx->seeded = 1; | ||
| 166 | return 1; | ||
| 167 | } | ||
| 168 | /* Outside test mode XOR supplied data with existing seed */ | ||
| 169 | for (i = 0; i < seedlen; i++) | ||
| 170 | { | ||
| 171 | ctx->V[ctx->vpos++] ^= seed[i]; | ||
| 172 | if (ctx->vpos == AES_BLOCK_LENGTH) | ||
| 173 | { | ||
| 174 | ctx->vpos = 0; | ||
| 175 | /* Special case if first seed and key length equals | ||
| 176 | * block size check key and seed do not match. | ||
| 177 | */ | ||
| 178 | if (ctx->keyed == 2) | ||
| 179 | { | ||
| 180 | if (!memcmp(ctx->tmp_key, ctx->V, 16)) | ||
| 181 | { | ||
| 182 | RANDerr(RAND_F_FIPS_SET_PRNG_SEED, | ||
| 183 | RAND_R_PRNG_SEED_MUST_NOT_MATCH_KEY); | ||
| 184 | return 0; | ||
| 185 | } | ||
| 186 | OPENSSL_cleanse(ctx->tmp_key, 16); | ||
| 187 | ctx->keyed = 1; | ||
| 188 | } | ||
| 189 | ctx->seeded = 1; | ||
| 190 | } | ||
| 191 | } | ||
| 192 | return 1; | ||
| 193 | } | ||
| 139 | 194 | ||
| 140 | /* NB: this returns true if _partially_ seeded */ | 195 | int fips_set_test_mode(FIPS_PRNG_CTX *ctx) |
| 141 | int FIPS_rand_seeded() | 196 | { |
| 142 | { return key_set || n_seed; } | 197 | if (ctx->keyed) |
| 198 | { | ||
| 199 | RANDerr(RAND_F_FIPS_SET_TEST_MODE,RAND_R_PRNG_KEYED); | ||
| 200 | return 0; | ||
| 201 | } | ||
| 202 | ctx->test_mode = 1; | ||
| 203 | return 1; | ||
| 204 | } | ||
| 143 | 205 | ||
| 144 | static void fips_gettime(unsigned char buf[8]) | 206 | int FIPS_rand_test_mode(void) |
| 145 | { | 207 | { |
| 146 | #ifdef OPENSSL_SYS_WIN32 | 208 | return fips_set_test_mode(&sctx); |
| 147 | FILETIME ft; | 209 | } |
| 148 | #else | ||
| 149 | struct timeval tv; | ||
| 150 | #endif | ||
| 151 | 210 | ||
| 152 | if(test_mode) | 211 | int FIPS_rand_set_dt(unsigned char *dt) |
| 153 | { | 212 | { |
| 154 | fprintf(stderr,"WARNING!!! PRNG IN TEST MODE!!!\n"); | 213 | if (!sctx.test_mode) |
| 155 | memcpy(buf,test_faketime,sizeof test_faketime); | 214 | { |
| 156 | return; | 215 | RANDerr(RAND_F_FIPS_RAND_SET_DT,RAND_R_NOT_IN_TEST_MODE); |
| 216 | return 0; | ||
| 217 | } | ||
| 218 | memcpy(sctx.DT, dt, AES_BLOCK_LENGTH); | ||
| 219 | return 1; | ||
| 157 | } | 220 | } |
| 221 | |||
| 222 | static void fips_get_dt(FIPS_PRNG_CTX *ctx) | ||
| 223 | { | ||
| 158 | #ifdef OPENSSL_SYS_WIN32 | 224 | #ifdef OPENSSL_SYS_WIN32 |
| 159 | GetSystemTimeAsFileTime(&ft); | 225 | FILETIME ft; |
| 160 | buf[0] = (unsigned char) (ft.dwHighDateTime & 0xff); | ||
| 161 | buf[1] = (unsigned char) ((ft.dwHighDateTime >> 8) & 0xff); | ||
| 162 | buf[2] = (unsigned char) ((ft.dwHighDateTime >> 16) & 0xff); | ||
| 163 | buf[3] = (unsigned char) ((ft.dwHighDateTime >> 24) & 0xff); | ||
| 164 | buf[4] = (unsigned char) (ft.dwLowDateTime & 0xff); | ||
| 165 | buf[5] = (unsigned char) ((ft.dwLowDateTime >> 8) & 0xff); | ||
| 166 | buf[6] = (unsigned char) ((ft.dwLowDateTime >> 16) & 0xff); | ||
| 167 | buf[7] = (unsigned char) ((ft.dwLowDateTime >> 24) & 0xff); | ||
| 168 | #else | 226 | #else |
| 169 | gettimeofday(&tv,NULL); | 227 | struct timeval tv; |
| 170 | buf[0] = (unsigned char) (tv.tv_sec & 0xff); | ||
| 171 | buf[1] = (unsigned char) ((tv.tv_sec >> 8) & 0xff); | ||
| 172 | buf[2] = (unsigned char) ((tv.tv_sec >> 16) & 0xff); | ||
| 173 | buf[3] = (unsigned char) ((tv.tv_sec >> 24) & 0xff); | ||
| 174 | buf[4] = (unsigned char) (tv.tv_usec & 0xff); | ||
| 175 | buf[5] = (unsigned char) ((tv.tv_usec >> 8) & 0xff); | ||
| 176 | buf[6] = (unsigned char) ((tv.tv_usec >> 16) & 0xff); | ||
| 177 | buf[7] = (unsigned char) ((tv.tv_usec >> 24) & 0xff); | ||
| 178 | #endif | 228 | #endif |
| 229 | unsigned char *buf = ctx->DT; | ||
| 179 | 230 | ||
| 180 | #if 0 /* This eminently sensible strategy is not acceptable to NIST. Sigh. */ | ||
| 181 | #ifndef GETPID_IS_MEANINGLESS | 231 | #ifndef GETPID_IS_MEANINGLESS |
| 182 | /* we mix in the PID to ensure that after a fork the children don't give | 232 | unsigned long pid; |
| 183 | * the same results as each other | ||
| 184 | */ | ||
| 185 | pid=getpid(); | ||
| 186 | /* make sure we shift the pid to the MSB */ | ||
| 187 | if((pid&0xffff0000) == 0) | ||
| 188 | pid<<=16; | ||
| 189 | *(long *)&buf[0]^=pid; | ||
| 190 | #endif | 233 | #endif |
| 234 | |||
| 235 | #ifdef OPENSSL_SYS_WIN32 | ||
| 236 | GetSystemTimeAsFileTime(&ft); | ||
| 237 | buf[0] = (unsigned char) (ft.dwHighDateTime & 0xff); | ||
| 238 | buf[1] = (unsigned char) ((ft.dwHighDateTime >> 8) & 0xff); | ||
| 239 | buf[2] = (unsigned char) ((ft.dwHighDateTime >> 16) & 0xff); | ||
| 240 | buf[3] = (unsigned char) ((ft.dwHighDateTime >> 24) & 0xff); | ||
| 241 | buf[4] = (unsigned char) (ft.dwLowDateTime & 0xff); | ||
| 242 | buf[5] = (unsigned char) ((ft.dwLowDateTime >> 8) & 0xff); | ||
| 243 | buf[6] = (unsigned char) ((ft.dwLowDateTime >> 16) & 0xff); | ||
| 244 | buf[7] = (unsigned char) ((ft.dwLowDateTime >> 24) & 0xff); | ||
| 245 | #else | ||
| 246 | gettimeofday(&tv,NULL); | ||
| 247 | buf[0] = (unsigned char) (tv.tv_sec & 0xff); | ||
| 248 | buf[1] = (unsigned char) ((tv.tv_sec >> 8) & 0xff); | ||
| 249 | buf[2] = (unsigned char) ((tv.tv_sec >> 16) & 0xff); | ||
| 250 | buf[3] = (unsigned char) ((tv.tv_sec >> 24) & 0xff); | ||
| 251 | buf[4] = (unsigned char) (tv.tv_usec & 0xff); | ||
| 252 | buf[5] = (unsigned char) ((tv.tv_usec >> 8) & 0xff); | ||
| 253 | buf[6] = (unsigned char) ((tv.tv_usec >> 16) & 0xff); | ||
| 254 | buf[7] = (unsigned char) ((tv.tv_usec >> 24) & 0xff); | ||
| 191 | #endif | 255 | #endif |
| 192 | } | 256 | buf[8] = (unsigned char) (ctx->counter & 0xff); |
| 257 | buf[9] = (unsigned char) ((ctx->counter >> 8) & 0xff); | ||
| 258 | buf[10] = (unsigned char) ((ctx->counter >> 16) & 0xff); | ||
| 259 | buf[11] = (unsigned char) ((ctx->counter >> 24) & 0xff); | ||
| 193 | 260 | ||
| 194 | static void fips_rand_encrypt(unsigned char *out,const unsigned char *in) | 261 | ctx->counter++; |
| 195 | { | ||
| 196 | DES_ecb2_encrypt(in,out,&ks1,&ks2,1); | ||
| 197 | } | ||
| 198 | 262 | ||
| 199 | static void fips_rand_cleanup(void) | 263 | |
| 200 | { | 264 | #ifndef GETPID_IS_MEANINGLESS |
| 201 | OPENSSL_cleanse(seed,sizeof seed); | 265 | pid=(unsigned long)getpid(); |
| 202 | n_seed=0; | 266 | buf[12] = (unsigned char) (pid & 0xff); |
| 267 | buf[13] = (unsigned char) ((pid >> 8) & 0xff); | ||
| 268 | buf[14] = (unsigned char) ((pid >> 16) & 0xff); | ||
| 269 | buf[15] = (unsigned char) ((pid >> 24) & 0xff); | ||
| 270 | #endif | ||
| 203 | } | 271 | } |
| 204 | 272 | ||
| 205 | void FIPS_rand_seed(const void *buf_, FIPS_RAND_SIZE_T num) | 273 | static int fips_rand(FIPS_PRNG_CTX *ctx, |
| 206 | { | 274 | unsigned char *out, FIPS_RAND_SIZE_T outlen) |
| 207 | const char *buf=buf_; | 275 | { |
| 208 | FIPS_RAND_SIZE_T n; | 276 | unsigned char R[AES_BLOCK_LENGTH], I[AES_BLOCK_LENGTH]; |
| 209 | static int init; | 277 | unsigned char tmp[AES_BLOCK_LENGTH]; |
| 278 | int i; | ||
| 279 | if (ctx->error) | ||
| 280 | { | ||
| 281 | RANDerr(RAND_F_FIPS_RAND,RAND_R_PRNG_ERROR); | ||
| 282 | return 0; | ||
| 283 | } | ||
| 284 | if (!ctx->keyed) | ||
| 285 | { | ||
| 286 | RANDerr(RAND_F_FIPS_RAND,RAND_R_NO_KEY_SET); | ||
| 287 | return 0; | ||
| 288 | } | ||
| 289 | if (!ctx->seeded) | ||
| 290 | { | ||
| 291 | RANDerr(RAND_F_FIPS_RAND,RAND_R_PRNG_NOT_SEEDED); | ||
| 292 | return 0; | ||
| 293 | } | ||
| 294 | for (;;) | ||
| 295 | { | ||
| 296 | if (!ctx->test_mode) | ||
| 297 | fips_get_dt(ctx); | ||
| 298 | AES_encrypt(ctx->DT, I, &ctx->ks); | ||
| 299 | for (i = 0; i < AES_BLOCK_LENGTH; i++) | ||
| 300 | tmp[i] = I[i] ^ ctx->V[i]; | ||
| 301 | AES_encrypt(tmp, R, &ctx->ks); | ||
| 302 | for (i = 0; i < AES_BLOCK_LENGTH; i++) | ||
| 303 | tmp[i] = R[i] ^ I[i]; | ||
| 304 | AES_encrypt(tmp, ctx->V, &ctx->ks); | ||
| 305 | /* Continuous PRNG test */ | ||
| 306 | if (ctx->second) | ||
| 307 | { | ||
| 308 | if (fips_prng_fail) | ||
| 309 | memcpy(ctx->last, R, AES_BLOCK_LENGTH); | ||
| 310 | if (!memcmp(R, ctx->last, AES_BLOCK_LENGTH)) | ||
| 311 | { | ||
| 312 | RANDerr(RAND_F_FIPS_RAND,RAND_R_PRNG_STUCK); | ||
| 313 | ctx->error = 1; | ||
| 314 | fips_set_selftest_fail(); | ||
| 315 | return 0; | ||
| 316 | } | ||
| 317 | } | ||
| 318 | memcpy(ctx->last, R, AES_BLOCK_LENGTH); | ||
| 319 | if (!ctx->second) | ||
| 320 | { | ||
| 321 | ctx->second = 1; | ||
| 322 | if (!ctx->test_mode) | ||
| 323 | continue; | ||
| 324 | } | ||
| 325 | |||
| 326 | if (outlen <= AES_BLOCK_LENGTH) | ||
| 327 | { | ||
| 328 | memcpy(out, R, outlen); | ||
| 329 | break; | ||
| 330 | } | ||
| 331 | |||
| 332 | memcpy(out, R, AES_BLOCK_LENGTH); | ||
| 333 | out += AES_BLOCK_LENGTH; | ||
| 334 | outlen -= AES_BLOCK_LENGTH; | ||
| 335 | } | ||
| 336 | return 1; | ||
| 337 | } | ||
| 210 | 338 | ||
| 211 | /* If the key hasn't been set, we can't seed! */ | ||
| 212 | if(!key_set) | ||
| 213 | return; | ||
| 214 | 339 | ||
| 215 | CRYPTO_w_lock(CRYPTO_LOCK_RAND); | 340 | int FIPS_rand_set_key(const unsigned char *key, FIPS_RAND_SIZE_T keylen) |
| 216 | if(!init) | ||
| 217 | { | 341 | { |
| 218 | init=1; | 342 | int ret; |
| 219 | DES_set_key(&key1,&ks1); | 343 | CRYPTO_w_lock(CRYPTO_LOCK_RAND); |
| 220 | DES_set_key(&key2,&ks2); | 344 | ret = fips_set_prng_key(&sctx, key, keylen); |
| 345 | CRYPTO_w_unlock(CRYPTO_LOCK_RAND); | ||
| 346 | return ret; | ||
| 221 | } | 347 | } |
| 222 | 348 | ||
| 223 | /* | 349 | int FIPS_rand_seed(const void *seed, FIPS_RAND_SIZE_T seedlen) |
| 224 | * This algorithm only uses 64 bits of seed, so ensure that we use | ||
| 225 | * the most recent 64 bits. | ||
| 226 | */ | ||
| 227 | for(n=0 ; n < num ; ) | ||
| 228 | { | 350 | { |
| 229 | FIPS_RAND_SIZE_T t=num-n; | 351 | int ret; |
| 230 | 352 | CRYPTO_w_lock(CRYPTO_LOCK_RAND); | |
| 231 | if(o_seed+t > sizeof seed) | 353 | ret = fips_set_prng_seed(&sctx, seed, seedlen); |
| 232 | t=sizeof seed-o_seed; | 354 | CRYPTO_w_unlock(CRYPTO_LOCK_RAND); |
| 233 | memcpy(seed+o_seed,buf+n,t); | 355 | return ret; |
| 234 | n+=t; | ||
| 235 | o_seed+=t; | ||
| 236 | if(o_seed == sizeof seed) | ||
| 237 | o_seed=0; | ||
| 238 | if(n_seed < sizeof seed) | ||
| 239 | n_seed+=t; | ||
| 240 | } | 356 | } |
| 241 | 357 | ||
| 242 | #ifndef GETPID_IS_MEANINGLESS | ||
| 243 | seed_pid=getpid(); | ||
| 244 | #endif | ||
| 245 | |||
| 246 | CRYPTO_w_unlock(CRYPTO_LOCK_RAND); | ||
| 247 | } | ||
| 248 | |||
| 249 | static void fips_rand_add(const void *buf, FIPS_RAND_SIZE_T num, double add_entropy) | ||
| 250 | { | ||
| 251 | FIPS_rand_seed(buf,num); | ||
| 252 | } | ||
| 253 | |||
| 254 | static int fips_rand_bytes(unsigned char *buf,FIPS_RAND_SIZE_T num) | ||
| 255 | { | ||
| 256 | FIPS_RAND_SIZE_T n; | ||
| 257 | unsigned char timeseed[8]; | ||
| 258 | unsigned char intermediate[SEED_SIZE]; | ||
| 259 | unsigned char output[SEED_SIZE]; | ||
| 260 | static unsigned char previous[SEED_SIZE]; | ||
| 261 | #ifndef GETPID_IS_MEANINGLESS | ||
| 262 | int pid; | ||
| 263 | #endif | ||
| 264 | 358 | ||
| 265 | if(n_seed < sizeof seed) | 359 | int FIPS_rand_bytes(unsigned char *out, FIPS_RAND_SIZE_T count) |
| 266 | { | 360 | { |
| 267 | RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED); | 361 | int ret; |
| 268 | return 0; | 362 | CRYPTO_w_lock(CRYPTO_LOCK_RAND); |
| 363 | ret = fips_rand(&sctx, out, count); | ||
| 364 | CRYPTO_w_unlock(CRYPTO_LOCK_RAND); | ||
| 365 | return ret; | ||
| 269 | } | 366 | } |
| 270 | 367 | ||
| 271 | #ifdef FIPS_RAND_MAX_SIZE_T | 368 | int FIPS_rand_status(void) |
| 272 | if (num > FIPS_RAND_MAX_SIZE_T) | ||
| 273 | { | 369 | { |
| 274 | #ifdef RAND_R_PRNG_ASKING_FOR_TOO_MUCH | 370 | int ret; |
| 275 | RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_ASKING_FOR_TOO_MUCH); | 371 | CRYPTO_r_lock(CRYPTO_LOCK_RAND); |
| 276 | return 0; | 372 | ret = sctx.seeded; |
| 277 | #else | 373 | CRYPTO_r_unlock(CRYPTO_LOCK_RAND); |
| 278 | return -1; /* signal "not supported" condition */ | 374 | return ret; |
| 279 | #endif | ||
| 280 | } | 375 | } |
| 281 | #endif | ||
| 282 | 376 | ||
| 283 | #ifndef GETPID_IS_MEANINGLESS | 377 | void FIPS_rand_reset(void) |
| 284 | pid=getpid(); | ||
| 285 | if(pid != seed_pid) | ||
| 286 | { | 378 | { |
| 287 | RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_RESEEDED); | 379 | CRYPTO_w_lock(CRYPTO_LOCK_RAND); |
| 288 | return 0; | 380 | fips_rand_prng_reset(&sctx); |
| 381 | CRYPTO_w_unlock(CRYPTO_LOCK_RAND); | ||
| 289 | } | 382 | } |
| 290 | if(pid != key_pid) | 383 | |
| 384 | static void fips_do_rand_seed(const void *seed, FIPS_RAND_SIZE_T seedlen) | ||
| 291 | { | 385 | { |
| 292 | RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_NOT_REKEYED); | 386 | FIPS_rand_seed(seed, seedlen); |
| 293 | return 0; | ||
| 294 | } | 387 | } |
| 295 | #endif | ||
| 296 | |||
| 297 | CRYPTO_w_lock(CRYPTO_LOCK_RAND); | ||
| 298 | 388 | ||
| 299 | for(n=0 ; n < num ; ) | 389 | static void fips_do_rand_add(const void *seed, FIPS_RAND_SIZE_T seedlen, |
| 390 | double add_entropy) | ||
| 300 | { | 391 | { |
| 301 | unsigned char t[SEED_SIZE]; | 392 | FIPS_rand_seed(seed, seedlen); |
| 302 | FIPS_RAND_SIZE_T l; | ||
| 303 | |||
| 304 | /* ANS X9.31 A.2.4: I = ede*K(DT) | ||
| 305 | timeseed == DT | ||
| 306 | intermediate == I | ||
| 307 | */ | ||
| 308 | fips_gettime(timeseed); | ||
| 309 | fips_rand_encrypt(intermediate,timeseed); | ||
| 310 | |||
| 311 | /* ANS X9.31 A.2.4: R = ede*K(I^V) | ||
| 312 | intermediate == I | ||
| 313 | seed == V | ||
| 314 | output == R | ||
| 315 | */ | ||
| 316 | for(l=0 ; l < sizeof t ; ++l) | ||
| 317 | t[l]=intermediate[l]^seed[l]; | ||
| 318 | fips_rand_encrypt(output,t); | ||
| 319 | |||
| 320 | /* ANS X9.31 A.2.4: V = ede*K(R^I) | ||
| 321 | output == R | ||
| 322 | intermediate == I | ||
| 323 | seed == V | ||
| 324 | */ | ||
| 325 | for(l=0 ; l < sizeof t ; ++l) | ||
| 326 | t[l]=output[l]^intermediate[l]; | ||
| 327 | fips_rand_encrypt(seed,t); | ||
| 328 | |||
| 329 | if(second && !memcmp(output,previous,sizeof previous)) | ||
| 330 | { | ||
| 331 | RANDerr(RAND_F_FIPS_RAND_BYTES,RAND_R_PRNG_STUCK); | ||
| 332 | CRYPTO_w_unlock(CRYPTO_LOCK_RAND); | ||
| 333 | return 0; | ||
| 334 | } | ||
| 335 | memcpy(previous,output,sizeof previous); | ||
| 336 | second=1; | ||
| 337 | |||
| 338 | /* Successive values of R may be concatenated to produce a | ||
| 339 | pseudo random number of the desired length */ | ||
| 340 | l=SEED_SIZE < num-n ? SEED_SIZE : num-n; | ||
| 341 | memcpy(buf+n,output,l); | ||
| 342 | n+=l; | ||
| 343 | } | 393 | } |
| 344 | 394 | ||
| 345 | CRYPTO_w_unlock(CRYPTO_LOCK_RAND); | 395 | static const RAND_METHOD rand_fips_meth= |
| 346 | |||
| 347 | return 1; | ||
| 348 | } | ||
| 349 | |||
| 350 | static int fips_rand_status(void) | ||
| 351 | { | 396 | { |
| 352 | return n_seed == sizeof seed; | 397 | fips_do_rand_seed, |
| 353 | } | 398 | FIPS_rand_bytes, |
| 399 | FIPS_rand_reset, | ||
| 400 | fips_do_rand_add, | ||
| 401 | FIPS_rand_bytes, | ||
| 402 | FIPS_rand_status | ||
| 403 | }; | ||
| 354 | 404 | ||
| 355 | #endif /* OPENSSL_FIPS */ | 405 | const RAND_METHOD *FIPS_rand_method(void) |
| 406 | { | ||
| 407 | return &rand_fips_meth; | ||
| 408 | } | ||
| 409 | |||
| 410 | #endif | ||
diff --git a/src/lib/libssl/src/fips/rand/fips_rand.h b/src/lib/libssl/src/fips/rand/fips_rand.h index 1286b63ab2..a175aaf6c5 100644 --- a/src/lib/libssl/src/fips/rand/fips_rand.h +++ b/src/lib/libssl/src/fips/rand/fips_rand.h | |||
| @@ -58,13 +58,17 @@ | |||
| 58 | extern "C" { | 58 | extern "C" { |
| 59 | #endif | 59 | #endif |
| 60 | 60 | ||
| 61 | void FIPS_set_prng_key(const unsigned char k1[8],const unsigned char k2[8]); | 61 | int FIPS_rand_set_key(const unsigned char *key, FIPS_RAND_SIZE_T keylen); |
| 62 | void FIPS_test_mode(int test,const unsigned char faketime[8]); | 62 | int FIPS_rand_seed(const void *buf, FIPS_RAND_SIZE_T num); |
| 63 | void FIPS_rand_seed(const void *buf, FIPS_RAND_SIZE_T num); | 63 | int FIPS_rand_bytes(unsigned char *out, FIPS_RAND_SIZE_T outlen); |
| 64 | /* NB: this returns true if _partially_ seeded */ | ||
| 65 | int FIPS_rand_seeded(void); | ||
| 66 | 64 | ||
| 67 | RAND_METHOD *FIPS_rand_method(void); | 65 | int FIPS_rand_test_mode(void); |
| 66 | void FIPS_rand_reset(void); | ||
| 67 | int FIPS_rand_set_dt(unsigned char *dt); | ||
| 68 | |||
| 69 | int FIPS_rand_status(void); | ||
| 70 | |||
| 71 | const RAND_METHOD *FIPS_rand_method(void); | ||
| 68 | 72 | ||
| 69 | #ifdef __cplusplus | 73 | #ifdef __cplusplus |
| 70 | } | 74 | } |
diff --git a/src/lib/libssl/src/fips/rand/fips_rand_selftest.c b/src/lib/libssl/src/fips/rand/fips_rand_selftest.c new file mode 100644 index 0000000000..2194a76cd1 --- /dev/null +++ b/src/lib/libssl/src/fips/rand/fips_rand_selftest.c | |||
| @@ -0,0 +1,371 @@ | |||
| 1 | /* ==================================================================== | ||
| 2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
| 3 | * | ||
| 4 | * Redistribution and use in source and binary forms, with or without | ||
| 5 | * modification, are permitted provided that the following conditions | ||
| 6 | * are met: | ||
| 7 | * | ||
| 8 | * 1. Redistributions of source code must retain the above copyright | ||
| 9 | * notice, this list of conditions and the following disclaimer. | ||
| 10 | * | ||
| 11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 12 | * notice, this list of conditions and the following disclaimer in | ||
| 13 | * the documentation and/or other materials provided with the | ||
| 14 | * distribution. | ||
| 15 | * | ||
| 16 | * 3. All advertising materials mentioning features or use of this | ||
| 17 | * software must display the following acknowledgment: | ||
| 18 | * "This product includes software developed by the OpenSSL Project | ||
| 19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 20 | * | ||
| 21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 22 | * endorse or promote products derived from this software without | ||
| 23 | * prior written permission. For written permission, please contact | ||
| 24 | * openssl-core@openssl.org. | ||
| 25 | * | ||
| 26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 27 | * nor may "OpenSSL" appear in their names without prior written | ||
| 28 | * permission of the OpenSSL Project. | ||
| 29 | * | ||
| 30 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 31 | * acknowledgment: | ||
| 32 | * "This product includes software developed by the OpenSSL Project | ||
| 33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 34 | * | ||
| 35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 47 | * | ||
| 48 | */ | ||
| 49 | |||
| 50 | #include <string.h> | ||
| 51 | #include <openssl/err.h> | ||
| 52 | #include <openssl/fips.h> | ||
| 53 | #include <openssl/rand.h> | ||
| 54 | #include <openssl/fips_rand.h> | ||
| 55 | |||
| 56 | #ifdef OPENSSL_FIPS | ||
| 57 | |||
| 58 | |||
| 59 | |||
| 60 | typedef struct | ||
| 61 | { | ||
| 62 | unsigned char DT[16]; | ||
| 63 | unsigned char V[16]; | ||
| 64 | unsigned char R[16]; | ||
| 65 | } AES_PRNG_TV; | ||
| 66 | |||
| 67 | /* The following test vectors are taken directly from the RGNVS spec */ | ||
| 68 | |||
| 69 | static unsigned char aes_128_key[16] = | ||
| 70 | {0xf3,0xb1,0x66,0x6d,0x13,0x60,0x72,0x42, | ||
| 71 | 0xed,0x06,0x1c,0xab,0xb8,0xd4,0x62,0x02}; | ||
| 72 | |||
| 73 | static AES_PRNG_TV aes_128_tv[] = { | ||
| 74 | { | ||
| 75 | /* DT */ | ||
| 76 | {0xe6,0xb3,0xbe,0x78,0x2a,0x23,0xfa,0x62, | ||
| 77 | 0xd7,0x1d,0x4a,0xfb,0xb0,0xe9,0x22,0xf9}, | ||
| 78 | /* V */ | ||
| 79 | {0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 80 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 81 | /* R */ | ||
| 82 | {0x59,0x53,0x1e,0xd1,0x3b,0xb0,0xc0,0x55, | ||
| 83 | 0x84,0x79,0x66,0x85,0xc1,0x2f,0x76,0x41} | ||
| 84 | }, | ||
| 85 | { | ||
| 86 | /* DT */ | ||
| 87 | {0xe6,0xb3,0xbe,0x78,0x2a,0x23,0xfa,0x62, | ||
| 88 | 0xd7,0x1d,0x4a,0xfb,0xb0,0xe9,0x22,0xfa}, | ||
| 89 | /* V */ | ||
| 90 | {0xc0,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 91 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 92 | /* R */ | ||
| 93 | {0x7c,0x22,0x2c,0xf4,0xca,0x8f,0xa2,0x4c, | ||
| 94 | 0x1c,0x9c,0xb6,0x41,0xa9,0xf3,0x22,0x0d} | ||
| 95 | }, | ||
| 96 | { | ||
| 97 | /* DT */ | ||
| 98 | {0xe6,0xb3,0xbe,0x78,0x2a,0x23,0xfa,0x62, | ||
| 99 | 0xd7,0x1d,0x4a,0xfb,0xb0,0xe9,0x22,0xfb}, | ||
| 100 | /* V */ | ||
| 101 | {0xe0,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 102 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 103 | /* R */ | ||
| 104 | {0x8a,0xaa,0x00,0x39,0x66,0x67,0x5b,0xe5, | ||
| 105 | 0x29,0x14,0x28,0x81,0xa9,0x4d,0x4e,0xc7} | ||
| 106 | }, | ||
| 107 | { | ||
| 108 | /* DT */ | ||
| 109 | {0xe6,0xb3,0xbe,0x78,0x2a,0x23,0xfa,0x62, | ||
| 110 | 0xd7,0x1d,0x4a,0xfb,0xb0,0xe9,0x22,0xfc}, | ||
| 111 | /* V */ | ||
| 112 | {0xf0,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 113 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 114 | /* R */ | ||
| 115 | {0x88,0xdd,0xa4,0x56,0x30,0x24,0x23,0xe5, | ||
| 116 | 0xf6,0x9d,0xa5,0x7e,0x7b,0x95,0xc7,0x3a} | ||
| 117 | }, | ||
| 118 | { | ||
| 119 | /* DT */ | ||
| 120 | {0xe6,0xb3,0xbe,0x78,0x2a,0x23,0xfa,0x62, | ||
| 121 | 0xd7,0x1d,0x4a,0xfb,0xb0,0xe9,0x22,0xfd}, | ||
| 122 | /* V */ | ||
| 123 | {0xf8,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 124 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 125 | /* R */ | ||
| 126 | {0x05,0x25,0x92,0x46,0x61,0x79,0xd2,0xcb, | ||
| 127 | 0x78,0xc4,0x0b,0x14,0x0a,0x5a,0x9a,0xc8} | ||
| 128 | }, | ||
| 129 | { | ||
| 130 | /* DT */ | ||
| 131 | {0xe6,0xb3,0xbe,0x78,0x2a,0x23,0xfa,0x62, | ||
| 132 | 0xd7,0x1d,0x4a,0xfb,0xb0,0xe9,0x23,0x77}, | ||
| 133 | /* V */ | ||
| 134 | {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, | ||
| 135 | 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xfe}, | ||
| 136 | /* R */ | ||
| 137 | {0x0d,0xd5,0xa0,0x36,0x7a,0x59,0x26,0xbc, | ||
| 138 | 0x48,0xd9,0x38,0xbf,0xf0,0x85,0x8f,0xea} | ||
| 139 | }, | ||
| 140 | { | ||
| 141 | /* DT */ | ||
| 142 | {0xe6,0xb3,0xbe,0x78,0x2a,0x23,0xfa,0x62, | ||
| 143 | 0xd7,0x1d,0x4a,0xfb,0xb0,0xe9,0x23,0x78}, | ||
| 144 | /* V */ | ||
| 145 | {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, | ||
| 146 | 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff}, | ||
| 147 | /* R */ | ||
| 148 | {0xae,0x53,0x87,0xee,0x8c,0xd9,0x12,0xf5, | ||
| 149 | 0x73,0x53,0xae,0x03,0xf9,0xd5,0x13,0x33} | ||
| 150 | }, | ||
| 151 | }; | ||
| 152 | |||
| 153 | static unsigned char aes_192_key[24] = | ||
| 154 | {0x15,0xd8,0x78,0x0d,0x62,0xd3,0x25,0x6e, | ||
| 155 | 0x44,0x64,0x10,0x13,0x60,0x2b,0xa9,0xbc, | ||
| 156 | 0x4a,0xfb,0xca,0xeb,0x4c,0x8b,0x99,0x3b}; | ||
| 157 | |||
| 158 | static AES_PRNG_TV aes_192_tv[] = { | ||
| 159 | { | ||
| 160 | /* DT */ | ||
| 161 | {0x3f,0xd8,0xff,0xe8,0x80,0x69,0x8b,0xc1, | ||
| 162 | 0xbf,0x99,0x7d,0xa4,0x24,0x78,0xf3,0x4b}, | ||
| 163 | /* V */ | ||
| 164 | {0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 165 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 166 | /* R */ | ||
| 167 | {0x17,0x07,0xd5,0x28,0x19,0x79,0x1e,0xef, | ||
| 168 | 0xa5,0x0c,0xbf,0x25,0xe5,0x56,0xb4,0x93} | ||
| 169 | }, | ||
| 170 | { | ||
| 171 | /* DT */ | ||
| 172 | {0x3f,0xd8,0xff,0xe8,0x80,0x69,0x8b,0xc1, | ||
| 173 | 0xbf,0x99,0x7d,0xa4,0x24,0x78,0xf3,0x4c}, | ||
| 174 | /* V */ | ||
| 175 | {0xc0,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 176 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 177 | /* R */ | ||
| 178 | {0x92,0x8d,0xbe,0x07,0xdd,0xc7,0x58,0xc0, | ||
| 179 | 0x6f,0x35,0x41,0x9b,0x17,0xc9,0xbd,0x9b} | ||
| 180 | }, | ||
| 181 | { | ||
| 182 | /* DT */ | ||
| 183 | {0x3f,0xd8,0xff,0xe8,0x80,0x69,0x8b,0xc1, | ||
| 184 | 0xbf,0x99,0x7d,0xa4,0x24,0x78,0xf3,0x4d}, | ||
| 185 | /* V */ | ||
| 186 | {0xe0,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 187 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 188 | /* R */ | ||
| 189 | {0xd5,0xde,0xf4,0x50,0xf3,0xb7,0x10,0x4e, | ||
| 190 | 0xb8,0xc6,0xf8,0xcf,0xe2,0xb1,0xca,0xa2} | ||
| 191 | }, | ||
| 192 | { | ||
| 193 | /* DT */ | ||
| 194 | {0x3f,0xd8,0xff,0xe8,0x80,0x69,0x8b,0xc1, | ||
| 195 | 0xbf,0x99,0x7d,0xa4,0x24,0x78,0xf3,0x4e}, | ||
| 196 | /* V */ | ||
| 197 | {0xf0,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 198 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 199 | /* R */ | ||
| 200 | {0xce,0x29,0x08,0x43,0xfc,0x34,0x41,0xe7, | ||
| 201 | 0x47,0x8f,0xb3,0x66,0x2b,0x46,0xb1,0xbb} | ||
| 202 | }, | ||
| 203 | { | ||
| 204 | /* DT */ | ||
| 205 | {0x3f,0xd8,0xff,0xe8,0x80,0x69,0x8b,0xc1, | ||
| 206 | 0xbf,0x99,0x7d,0xa4,0x24,0x78,0xf3,0x4f}, | ||
| 207 | /* V */ | ||
| 208 | {0xf8,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 209 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 210 | /* R */ | ||
| 211 | {0xb3,0x26,0x0f,0xf5,0xd6,0xca,0xa8,0xbf, | ||
| 212 | 0x89,0xb8,0x5e,0x2f,0x22,0x56,0x92,0x2f} | ||
| 213 | }, | ||
| 214 | { | ||
| 215 | /* DT */ | ||
| 216 | {0x3f,0xd8,0xff,0xe8,0x80,0x69,0x8b,0xc1, | ||
| 217 | 0xbf,0x99,0x7d,0xa4,0x24,0x78,0xf3,0xc9}, | ||
| 218 | /* V */ | ||
| 219 | {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, | ||
| 220 | 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xfe}, | ||
| 221 | /* R */ | ||
| 222 | {0x05,0xeb,0x18,0x52,0x34,0x43,0x00,0x43, | ||
| 223 | 0x6e,0x5a,0xa5,0xfe,0x7b,0x32,0xc4,0x2d} | ||
| 224 | }, | ||
| 225 | { | ||
| 226 | /* DT */ | ||
| 227 | {0x3f,0xd8,0xff,0xe8,0x80,0x69,0x8b,0xc1, | ||
| 228 | 0xbf,0x99,0x7d,0xa4,0x24,0x78,0xf3,0xca}, | ||
| 229 | /* V */ | ||
| 230 | {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, | ||
| 231 | 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff}, | ||
| 232 | /* R */ | ||
| 233 | {0x15,0x3c,0xe8,0xd1,0x04,0xc7,0xad,0x50, | ||
| 234 | 0x0b,0xf0,0x07,0x16,0xe7,0x56,0x7a,0xea} | ||
| 235 | }, | ||
| 236 | }; | ||
| 237 | |||
| 238 | static unsigned char aes_256_key[32] = | ||
| 239 | {0x6d,0x14,0x06,0x6c,0xb6,0xd8,0x21,0x2d, | ||
| 240 | 0x82,0x8d,0xfa,0xf2,0x7a,0x03,0xb7,0x9f, | ||
| 241 | 0x0c,0xc7,0x3e,0xcd,0x76,0xeb,0xee,0xb5, | ||
| 242 | 0x21,0x05,0x8c,0x4f,0x31,0x7a,0x80,0xbb}; | ||
| 243 | |||
| 244 | static AES_PRNG_TV aes_256_tv[] = { | ||
| 245 | { | ||
| 246 | /* DT */ | ||
| 247 | {0xda,0x3a,0x41,0xec,0x1d,0xa3,0xb0,0xd5, | ||
| 248 | 0xf2,0xa9,0x4e,0x34,0x74,0x8e,0x9e,0x88}, | ||
| 249 | /* V */ | ||
| 250 | {0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 251 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 252 | /* R */ | ||
| 253 | {0x35,0xc7,0xef,0xa7,0x78,0x4d,0x29,0xbc, | ||
| 254 | 0x82,0x79,0x99,0xfb,0xd0,0xb3,0x3b,0x72} | ||
| 255 | }, | ||
| 256 | { | ||
| 257 | /* DT */ | ||
| 258 | {0xda,0x3a,0x41,0xec,0x1d,0xa3,0xb0,0xd5, | ||
| 259 | 0xf2,0xa9,0x4e,0x34,0x74,0x8e,0x9e,0x89}, | ||
| 260 | /* V */ | ||
| 261 | {0xc0,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 262 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 263 | /* R */ | ||
| 264 | {0x6c,0xf4,0x42,0x5d,0xc7,0x04,0x1a,0x41, | ||
| 265 | 0x28,0x2a,0x78,0xa9,0xb0,0x12,0xc4,0x95} | ||
| 266 | }, | ||
| 267 | { | ||
| 268 | /* DT */ | ||
| 269 | {0xda,0x3a,0x41,0xec,0x1d,0xa3,0xb0,0xd5, | ||
| 270 | 0xf2,0xa9,0x4e,0x34,0x74,0x8e,0x9e,0x8a}, | ||
| 271 | /* V */ | ||
| 272 | {0xe0,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 273 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 274 | /* R */ | ||
| 275 | {0x16,0x90,0xa4,0xff,0x7b,0x7e,0xb9,0x30, | ||
| 276 | 0xdb,0x67,0x4b,0xac,0x2d,0xe1,0xd1,0x75} | ||
| 277 | }, | ||
| 278 | { | ||
| 279 | /* DT */ | ||
| 280 | {0xda,0x3a,0x41,0xec,0x1d,0xa3,0xb0,0xd5, | ||
| 281 | 0xf2,0xa9,0x4e,0x34,0x74,0x8e,0x9e,0x8b}, | ||
| 282 | /* V */ | ||
| 283 | {0xf0,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 284 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 285 | /* R */ | ||
| 286 | {0x14,0x6f,0xf5,0x95,0xa1,0x46,0x65,0x30, | ||
| 287 | 0xbc,0x57,0xe2,0x4a,0xf7,0x45,0x62,0x05} | ||
| 288 | }, | ||
| 289 | { | ||
| 290 | /* DT */ | ||
| 291 | {0xda,0x3a,0x41,0xec,0x1d,0xa3,0xb0,0xd5, | ||
| 292 | 0xf2,0xa9,0x4e,0x34,0x74,0x8e,0x9e,0x8c}, | ||
| 293 | /* V */ | ||
| 294 | {0xf8,0x00,0x00,0x00,0x00,0x00,0x00,0x00, | ||
| 295 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, | ||
| 296 | /* R */ | ||
| 297 | {0x96,0xe2,0xb4,0x1e,0x66,0x5e,0x0f,0xa4, | ||
| 298 | 0xc5,0xcd,0xa2,0x07,0xcc,0xb7,0x94,0x40} | ||
| 299 | }, | ||
| 300 | { | ||
| 301 | /* DT */ | ||
| 302 | {0xda,0x3a,0x41,0xec,0x1d,0xa3,0xb0,0xd5, | ||
| 303 | 0xf2,0xa9,0x4e,0x34,0x74,0x8e,0x9f,0x06}, | ||
| 304 | /* V */ | ||
| 305 | {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, | ||
| 306 | 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xfe}, | ||
| 307 | /* R */ | ||
| 308 | {0x61,0xce,0x1d,0x6a,0x48,0x75,0x97,0x28, | ||
| 309 | 0x4b,0x41,0xde,0x18,0x44,0x4f,0x56,0xec} | ||
| 310 | }, | ||
| 311 | { | ||
| 312 | /* DT */ | ||
| 313 | {0xda,0x3a,0x41,0xec,0x1d,0xa3,0xb0,0xd5, | ||
| 314 | 0xf2,0xa9,0x4e,0x34,0x74,0x8e,0x9f,0x07}, | ||
| 315 | /* V */ | ||
| 316 | {0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff, | ||
| 317 | 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff}, | ||
| 318 | /* R */ | ||
| 319 | {0x52,0x89,0x59,0x79,0x2d,0xaa,0x28,0xb3, | ||
| 320 | 0xb0,0x8a,0x3e,0x70,0xfa,0x71,0x59,0x84} | ||
| 321 | }, | ||
| 322 | }; | ||
| 323 | |||
| 324 | |||
| 325 | void FIPS_corrupt_rng() | ||
| 326 | { | ||
| 327 | aes_192_tv[0].V[0]++; | ||
| 328 | } | ||
| 329 | |||
| 330 | #define fips_rand_test(key, tv) \ | ||
| 331 | do_rand_test(key, sizeof key, tv, sizeof(tv)/sizeof(AES_PRNG_TV)) | ||
| 332 | |||
| 333 | static int do_rand_test(unsigned char *key, int keylen, | ||
| 334 | AES_PRNG_TV *tv, int ntv) | ||
| 335 | { | ||
| 336 | unsigned char R[16]; | ||
| 337 | int i; | ||
| 338 | if (!FIPS_rand_set_key(key, keylen)) | ||
| 339 | return 0; | ||
| 340 | for (i = 0; i < ntv; i++) | ||
| 341 | { | ||
| 342 | FIPS_rand_seed(tv[i].V, 16); | ||
| 343 | FIPS_rand_set_dt(tv[i].DT); | ||
| 344 | FIPS_rand_bytes(R, 16); | ||
| 345 | if (memcmp(R, tv[i].R, 16)) | ||
| 346 | return 0; | ||
| 347 | } | ||
| 348 | return 1; | ||
| 349 | } | ||
| 350 | |||
| 351 | |||
| 352 | int FIPS_selftest_rng() | ||
| 353 | { | ||
| 354 | FIPS_rand_reset(); | ||
| 355 | if (!FIPS_rand_test_mode()) | ||
| 356 | { | ||
| 357 | FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED); | ||
| 358 | return 0; | ||
| 359 | } | ||
| 360 | if (!fips_rand_test(aes_128_key,aes_128_tv) | ||
| 361 | || !fips_rand_test(aes_192_key, aes_192_tv) | ||
| 362 | || !fips_rand_test(aes_256_key, aes_256_tv)) | ||
| 363 | { | ||
| 364 | FIPSerr(FIPS_F_FIPS_SELFTEST_RNG,FIPS_R_SELFTEST_FAILED); | ||
| 365 | return 0; | ||
| 366 | } | ||
| 367 | FIPS_rand_reset(); | ||
| 368 | return 1; | ||
| 369 | } | ||
| 370 | |||
| 371 | #endif | ||
diff --git a/src/lib/libssl/src/fips/rand/fips_randtest.c b/src/lib/libssl/src/fips/rand/fips_randtest.c index 6165944e56..5582941c11 100644 --- a/src/lib/libssl/src/fips/rand/fips_randtest.c +++ b/src/lib/libssl/src/fips/rand/fips_randtest.c | |||
| @@ -105,9 +105,12 @@ | |||
| 105 | 105 | ||
| 106 | #include <stdio.h> | 106 | #include <stdio.h> |
| 107 | #include <stdlib.h> | 107 | #include <stdlib.h> |
| 108 | #include <string.h> | ||
| 109 | #include <ctype.h> | ||
| 108 | #include <openssl/rand.h> | 110 | #include <openssl/rand.h> |
| 109 | #include <openssl/fips_rand.h> | 111 | #include <openssl/fips_rand.h> |
| 110 | #include <openssl/err.h> | 112 | #include <openssl/err.h> |
| 113 | #include <openssl/bn.h> | ||
| 111 | 114 | ||
| 112 | #include "e_os.h" | 115 | #include "e_os.h" |
| 113 | 116 | ||
| @@ -120,42 +123,65 @@ int main(int argc, char *argv[]) | |||
| 120 | 123 | ||
| 121 | #else | 124 | #else |
| 122 | 125 | ||
| 123 | /* some FIPS 140-1 random number test */ | 126 | #include "fips_utl.h" |
| 124 | /* some simple tests */ | ||
| 125 | |||
| 126 | static DES_cblock prng_key1={0x21,0x58,0x47,0xb7,0xc2,0x97,0x5a,0x8e}; | ||
| 127 | static DES_cblock prng_key2={0x61,0x23,0x05,0x96,0x18,0x91,0x86,0xac}; | ||
| 128 | static unsigned char prng_seed[8]={0x6b,0xa3,0x4f,0x07,0xe4,0x2a,0xb0,0xc}; | ||
| 129 | 127 | ||
| 130 | typedef struct | 128 | typedef struct |
| 131 | { | 129 | { |
| 132 | DES_cblock keys[2]; | 130 | unsigned char DT[16]; |
| 133 | const unsigned char time[8]; | 131 | unsigned char V[16]; |
| 134 | const unsigned char seed[8]; | 132 | unsigned char R[16]; |
| 135 | const unsigned char block1[8]; | 133 | } AES_PRNG_MCT; |
| 136 | const unsigned char block100[8]; | 134 | |
| 137 | } PRNGtest; | 135 | static unsigned char aes_128_mct_key[16] = |
| 138 | 136 | {0x9f,0x5b,0x51,0x20,0x0b,0xf3,0x34,0xb5, | |
| 139 | /* FIXME: these test vectors are made up! */ | 137 | 0xd8,0x2b,0xe8,0xc3,0x72,0x55,0xc8,0x48}; |
| 140 | static PRNGtest t1= | 138 | |
| 141 | { | 139 | static AES_PRNG_MCT aes_128_mct_tv = { |
| 142 | { { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07 }, | 140 | /* DT */ |
| 143 | { 0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f }, | 141 | {0x63,0x76,0xbb,0xe5,0x29,0x02,0xba,0x3b, |
| 144 | }, | 142 | 0x67,0xc9,0x25,0xfa,0x70,0x1f,0x11,0xac}, |
| 145 | { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, | 143 | /* V */ |
| 146 | { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 }, | 144 | {0x57,0x2c,0x8e,0x76,0x87,0x26,0x47,0x97, |
| 147 | { 0x33,0xc3,0xdf,0xfe,0x60,0x60,0x49,0x9e }, | 145 | 0x7e,0x74,0xfb,0xdd,0xc4,0x95,0x01,0xd1}, |
| 148 | { 0xcd,0x2b,0x41,0xaf,0x80,0x51,0x37,0xd8 } | 146 | /* R */ |
| 149 | }; | 147 | {0x48,0xe9,0xbd,0x0d,0x06,0xee,0x18,0xfb, |
| 150 | static PRNGtest t2= | 148 | 0xe4,0x57,0x90,0xd5,0xc3,0xfc,0x9b,0x73} |
| 151 | { | 149 | }; |
| 152 | { { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff }, | 150 | |
| 153 | { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff } }, | 151 | static unsigned char aes_192_mct_key[24] = |
| 154 | { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff }, | 152 | {0xb7,0x6c,0x34,0xd1,0x09,0x67,0xab,0x73, |
| 155 | { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff }, | 153 | 0x4d,0x5a,0xd5,0x34,0x98,0x16,0x0b,0x91, |
| 156 | { 0x65,0xf1,0xa4,0x07,0x42,0x38,0xd5,0x25 }, | 154 | 0xbc,0x35,0x51,0x16,0x6b,0xae,0x93,0x8a}; |
| 157 | { 0xbb,0x75,0x84,0x20,0x7a,0x44,0xf0,0xa0 } | 155 | |
| 158 | }; | 156 | static AES_PRNG_MCT aes_192_mct_tv = { |
| 157 | /* DT */ | ||
| 158 | {0x84,0xce,0x22,0x7d,0x91,0x5a,0xa3,0xc9, | ||
| 159 | 0x84,0x3c,0x0a,0xb3,0xa9,0x63,0x15,0x52}, | ||
| 160 | /* V */ | ||
| 161 | {0xb6,0xaf,0xe6,0x8f,0x99,0x9e,0x90,0x64, | ||
| 162 | 0xdd,0xc7,0x7a,0xc1,0xbb,0x90,0x3a,0x6d}, | ||
| 163 | /* R */ | ||
| 164 | {0xfc,0x85,0x60,0x9a,0x29,0x6f,0xef,0x21, | ||
| 165 | 0xdd,0x86,0x20,0x32,0x8a,0x29,0x6f,0x47} | ||
| 166 | }; | ||
| 167 | |||
| 168 | static unsigned char aes_256_mct_key[32] = | ||
| 169 | {0x9b,0x05,0xc8,0x68,0xff,0x47,0xf8,0x3a, | ||
| 170 | 0xa6,0x3a,0xa8,0xcb,0x4e,0x71,0xb2,0xe0, | ||
| 171 | 0xb8,0x7e,0xf1,0x37,0xb6,0xb4,0xf6,0x6d, | ||
| 172 | 0x86,0x32,0xfc,0x1f,0x5e,0x1d,0x1e,0x50}; | ||
| 173 | |||
| 174 | static AES_PRNG_MCT aes_256_mct_tv = { | ||
| 175 | /* DT */ | ||
| 176 | {0x31,0x6e,0x35,0x9a,0xb1,0x44,0xf0,0xee, | ||
| 177 | 0x62,0x6d,0x04,0x46,0xe0,0xa3,0x92,0x4c}, | ||
| 178 | /* V */ | ||
| 179 | {0x4f,0xcd,0xc1,0x87,0x82,0x1f,0x4d,0xa1, | ||
| 180 | 0x3e,0x0e,0x56,0x44,0x59,0xe8,0x83,0xca}, | ||
| 181 | /* R */ | ||
| 182 | {0xc8,0x87,0xc2,0x61,0x5b,0xd0,0xb9,0xe1, | ||
| 183 | 0xe7,0xf3,0x8b,0xd7,0x5b,0xd5,0xf1,0x8d} | ||
| 184 | }; | ||
| 159 | 185 | ||
| 160 | static void dump(const unsigned char *b,int n) | 186 | static void dump(const unsigned char *b,int n) |
| 161 | { | 187 | { |
| @@ -174,196 +200,49 @@ static void compare(const unsigned char *result,const unsigned char *expected, | |||
| 174 | if(result[i] != expected[i]) | 200 | if(result[i] != expected[i]) |
| 175 | { | 201 | { |
| 176 | puts("Random test failed, got:"); | 202 | puts("Random test failed, got:"); |
| 177 | dump(result,8); | 203 | dump(result,n); |
| 178 | puts("\n expected:"); | 204 | puts("\n expected:"); |
| 179 | dump(expected,8); | 205 | dump(expected,n); |
| 180 | putchar('\n'); | 206 | putchar('\n'); |
| 181 | EXIT(1); | 207 | EXIT(1); |
| 182 | } | 208 | } |
| 183 | } | 209 | } |
| 184 | 210 | ||
| 185 | static void run_test(const PRNGtest *t) | ||
| 186 | { | ||
| 187 | unsigned char buf[8]; | ||
| 188 | int n; | ||
| 189 | |||
| 190 | FIPS_set_prng_key(t->keys[0],t->keys[1]); | ||
| 191 | FIPS_test_mode(1,t->time); | ||
| 192 | RAND_seed(t->seed,sizeof t->seed); | ||
| 193 | 211 | ||
| 194 | if(RAND_bytes(buf,8) <= 0) | 212 | static void run_test(unsigned char *key, int keylen, AES_PRNG_MCT *tv) |
| 213 | { | ||
| 214 | unsigned char buf[16], dt[16]; | ||
| 215 | int i, j; | ||
| 216 | FIPS_rand_reset(); | ||
| 217 | FIPS_rand_test_mode(); | ||
| 218 | FIPS_rand_set_key(key, keylen); | ||
| 219 | FIPS_rand_seed(tv->V, 16); | ||
| 220 | memcpy(dt, tv->DT, 16); | ||
| 221 | for (i = 0; i < 10000; i++) | ||
| 195 | { | 222 | { |
| 196 | ERR_print_errors_fp(stderr); | 223 | FIPS_rand_set_dt(dt); |
| 197 | EXIT(2); | 224 | FIPS_rand_bytes(buf, 16); |
| 225 | /* Increment DT */ | ||
| 226 | for (j = 15; j >= 0; j--) | ||
| 227 | { | ||
| 228 | dt[j]++; | ||
| 229 | if (dt[j]) | ||
| 230 | break; | ||
| 231 | } | ||
| 198 | } | 232 | } |
| 199 | compare(buf,t->block1,8); | 233 | |
| 200 | for(n=0 ; n < 99 ; ++n) | 234 | compare(buf,tv->R, 16); |
| 201 | if(RAND_bytes(buf,8) <= 0) | ||
| 202 | { | ||
| 203 | ERR_print_errors_fp(stderr); | ||
| 204 | EXIT(2); | ||
| 205 | } | ||
| 206 | compare(buf,t->block100,8); | ||
| 207 | FIPS_test_mode(0,NULL); | ||
| 208 | } | 235 | } |
| 209 | 236 | ||
| 210 | int main() | 237 | int main() |
| 211 | { | 238 | { |
| 212 | unsigned char buf[2500]; | 239 | run_test(aes_128_mct_key, 16, &aes_128_mct_tv); |
| 213 | int i,j,k,s,sign,nsign,err=0; | 240 | printf("FIPS PRNG test 1 done\n"); |
| 214 | unsigned long n1; | 241 | run_test(aes_192_mct_key, 24, &aes_192_mct_tv); |
| 215 | unsigned long n2[16]; | 242 | printf("FIPS PRNG test 2 done\n"); |
| 216 | unsigned long runs[2][34]; | 243 | run_test(aes_256_mct_key, 32, &aes_256_mct_tv); |
| 217 | /*double d; */ | 244 | printf("FIPS PRNG test 3 done\n"); |
| 218 | long d; | 245 | return 0; |
| 219 | |||
| 220 | ERR_load_crypto_strings(); | ||
| 221 | RAND_set_rand_method(FIPS_rand_method()); | ||
| 222 | |||
| 223 | run_test(&t1); | ||
| 224 | run_test(&t2); | ||
| 225 | |||
| 226 | FIPS_set_prng_key(prng_key1,prng_key2); | ||
| 227 | RAND_seed(prng_seed,sizeof prng_seed); | ||
| 228 | |||
| 229 | i = RAND_pseudo_bytes(buf,2500); | ||
| 230 | if (i <= 0) | ||
| 231 | { | ||
| 232 | printf ("init failed, the rand method is not properly installed\n"); | ||
| 233 | err++; | ||
| 234 | goto err; | ||
| 235 | } | ||
| 236 | |||
| 237 | n1=0; | ||
| 238 | for (i=0; i<16; i++) n2[i]=0; | ||
| 239 | for (i=0; i<34; i++) runs[0][i]=runs[1][i]=0; | ||
| 240 | |||
| 241 | /* test 1 and 2 */ | ||
| 242 | sign=0; | ||
| 243 | nsign=0; | ||
| 244 | for (i=0; i<2500; i++) | ||
| 245 | { | ||
| 246 | j=buf[i]; | ||
| 247 | |||
| 248 | n2[j&0x0f]++; | ||
| 249 | n2[(j>>4)&0x0f]++; | ||
| 250 | |||
| 251 | for (k=0; k<8; k++) | ||
| 252 | { | ||
| 253 | s=(j&0x01); | ||
| 254 | if (s == sign) | ||
| 255 | nsign++; | ||
| 256 | else | ||
| 257 | { | ||
| 258 | if (nsign > 34) nsign=34; | ||
| 259 | if (nsign != 0) | ||
| 260 | { | ||
| 261 | runs[sign][nsign-1]++; | ||
| 262 | if (nsign > 6) | ||
| 263 | runs[sign][5]++; | ||
| 264 | } | ||
| 265 | sign=s; | ||
| 266 | nsign=1; | ||
| 267 | } | ||
| 268 | |||
| 269 | if (s) n1++; | ||
| 270 | j>>=1; | ||
| 271 | } | ||
| 272 | } | ||
| 273 | if (nsign > 34) nsign=34; | ||
| 274 | if (nsign != 0) runs[sign][nsign-1]++; | ||
| 275 | |||
| 276 | /* test 1 */ | ||
| 277 | if (!((9654 < n1) && (n1 < 10346))) | ||
| 278 | { | ||
| 279 | printf("test 1 failed, X=%lu\n",n1); | ||
| 280 | err++; | ||
| 281 | } | ||
| 282 | printf("test 1 done\n"); | ||
| 283 | |||
| 284 | /* test 2 */ | ||
| 285 | #ifdef undef | ||
| 286 | d=0; | ||
| 287 | for (i=0; i<16; i++) | ||
| 288 | d+=n2[i]*n2[i]; | ||
| 289 | d=d*16.0/5000.0-5000.0; | ||
| 290 | if (!((1.03 < d) && (d < 57.4))) | ||
| 291 | { | ||
| 292 | printf("test 2 failed, X=%.2f\n",d); | ||
| 293 | err++; | ||
| 294 | } | ||
| 295 | #endif | ||
| 296 | d=0; | ||
| 297 | for (i=0; i<16; i++) | ||
| 298 | d+=n2[i]*n2[i]; | ||
| 299 | d=(d*8)/25-500000; | ||
| 300 | if (!((103 < d) && (d < 5740))) | ||
| 301 | { | ||
| 302 | printf("test 2 failed, X=%ld.%02ld\n",d/100L,d%100L); | ||
| 303 | err++; | ||
| 304 | } | ||
| 305 | printf("test 2 done\n"); | ||
| 306 | |||
| 307 | /* test 3 */ | ||
| 308 | for (i=0; i<2; i++) | ||
| 309 | { | ||
| 310 | if (!((2267 < runs[i][0]) && (runs[i][0] < 2733))) | ||
| 311 | { | ||
| 312 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
| 313 | i,1,runs[i][0]); | ||
| 314 | err++; | ||
| 315 | } | ||
| 316 | if (!((1079 < runs[i][1]) && (runs[i][1] < 1421))) | ||
| 317 | { | ||
| 318 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
| 319 | i,2,runs[i][1]); | ||
| 320 | err++; | ||
| 321 | } | ||
| 322 | if (!(( 502 < runs[i][2]) && (runs[i][2] < 748))) | ||
| 323 | { | ||
| 324 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
| 325 | i,3,runs[i][2]); | ||
| 326 | err++; | ||
| 327 | } | ||
| 328 | if (!(( 223 < runs[i][3]) && (runs[i][3] < 402))) | ||
| 329 | { | ||
| 330 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
| 331 | i,4,runs[i][3]); | ||
| 332 | err++; | ||
| 333 | } | ||
| 334 | if (!(( 90 < runs[i][4]) && (runs[i][4] < 223))) | ||
| 335 | { | ||
| 336 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
| 337 | i,5,runs[i][4]); | ||
| 338 | err++; | ||
| 339 | } | ||
| 340 | if (!(( 90 < runs[i][5]) && (runs[i][5] < 223))) | ||
| 341 | { | ||
| 342 | printf("test 3 failed, bit=%d run=%d num=%lu\n", | ||
| 343 | i,6,runs[i][5]); | ||
| 344 | err++; | ||
| 345 | } | ||
| 346 | } | ||
| 347 | printf("test 3 done\n"); | ||
| 348 | |||
| 349 | /* test 4 */ | ||
| 350 | if (runs[0][33] != 0) | ||
| 351 | { | ||
| 352 | printf("test 4 failed, bit=%d run=%d num=%lu\n", | ||
| 353 | 0,34,runs[0][33]); | ||
| 354 | err++; | ||
| 355 | } | ||
| 356 | if (runs[1][33] != 0) | ||
| 357 | { | ||
| 358 | printf("test 4 failed, bit=%d run=%d num=%lu\n", | ||
| 359 | 1,34,runs[1][33]); | ||
| 360 | err++; | ||
| 361 | } | ||
| 362 | printf("test 4 done\n"); | ||
| 363 | err: | ||
| 364 | err=((err)?1:0); | ||
| 365 | EXIT(err); | ||
| 366 | return(err); | ||
| 367 | } | 246 | } |
| 368 | 247 | ||
| 369 | #endif | 248 | #endif |
diff --git a/src/lib/libssl/src/fips/rand/fips_rngvs.c b/src/lib/libssl/src/fips/rand/fips_rngvs.c new file mode 100644 index 0000000000..cb904eaf0b --- /dev/null +++ b/src/lib/libssl/src/fips/rand/fips_rngvs.c | |||
| @@ -0,0 +1,230 @@ | |||
| 1 | /* | ||
| 2 | * Crude test driver for processing the VST and MCT testvector files | ||
| 3 | * generated by the CMVP RNGVS product. | ||
| 4 | * | ||
| 5 | * Note the input files are assumed to have a _very_ specific format | ||
| 6 | * as described in the NIST document "The Random Number Generator | ||
| 7 | * Validation System (RNGVS)", May 25, 2004. | ||
| 8 | * | ||
| 9 | */ | ||
| 10 | #include <openssl/opensslconf.h> | ||
| 11 | |||
| 12 | #ifndef OPENSSL_FIPS | ||
| 13 | #include <stdio.h> | ||
| 14 | |||
| 15 | int main(int argc, char **argv) | ||
| 16 | { | ||
| 17 | printf("No FIPS RNG support\n"); | ||
| 18 | return 0; | ||
| 19 | } | ||
| 20 | #else | ||
| 21 | |||
| 22 | #include <openssl/bn.h> | ||
| 23 | #include <openssl/dsa.h> | ||
| 24 | #include <openssl/fips.h> | ||
| 25 | #include <openssl/err.h> | ||
| 26 | #include <openssl/rand.h> | ||
| 27 | #include <openssl/fips_rand.h> | ||
| 28 | #include <openssl/x509v3.h> | ||
| 29 | #include <string.h> | ||
| 30 | #include <ctype.h> | ||
| 31 | |||
| 32 | #include "fips_utl.h" | ||
| 33 | |||
| 34 | void vst() | ||
| 35 | { | ||
| 36 | unsigned char *key = NULL; | ||
| 37 | unsigned char *v = NULL; | ||
| 38 | unsigned char *dt = NULL; | ||
| 39 | unsigned char ret[16]; | ||
| 40 | char buf[1024]; | ||
| 41 | char lbuf[1024]; | ||
| 42 | char *keyword, *value; | ||
| 43 | long i, keylen; | ||
| 44 | |||
| 45 | keylen = 0; | ||
| 46 | |||
| 47 | while(fgets(buf,sizeof buf,stdin) != NULL) | ||
| 48 | { | ||
| 49 | fputs(buf,stdout); | ||
| 50 | if(!strncmp(buf,"[AES 128-Key]", 13)) | ||
| 51 | keylen = 16; | ||
| 52 | else if(!strncmp(buf,"[AES 192-Key]", 13)) | ||
| 53 | keylen = 24; | ||
| 54 | else if(!strncmp(buf,"[AES 256-Key]", 13)) | ||
| 55 | keylen = 32; | ||
| 56 | if (!parse_line(&keyword, &value, lbuf, buf)) | ||
| 57 | continue; | ||
| 58 | if(!strcmp(keyword,"Key")) | ||
| 59 | { | ||
| 60 | key=hex2bin_m(value,&i); | ||
| 61 | if (i != keylen) | ||
| 62 | { | ||
| 63 | fprintf(stderr, "Invalid key length, expecting %ld\n", keylen); | ||
| 64 | return; | ||
| 65 | } | ||
| 66 | } | ||
| 67 | else if(!strcmp(keyword,"DT")) | ||
| 68 | { | ||
| 69 | dt=hex2bin_m(value,&i); | ||
| 70 | if (i != 16) | ||
| 71 | { | ||
| 72 | fprintf(stderr, "Invalid DT length\n"); | ||
| 73 | return; | ||
| 74 | } | ||
| 75 | } | ||
| 76 | else if(!strcmp(keyword,"V")) | ||
| 77 | { | ||
| 78 | v=hex2bin_m(value,&i); | ||
| 79 | if (i != 16) | ||
| 80 | { | ||
| 81 | fprintf(stderr, "Invalid V length\n"); | ||
| 82 | return; | ||
| 83 | } | ||
| 84 | |||
| 85 | if (!key || !dt) | ||
| 86 | { | ||
| 87 | fprintf(stderr, "Missing key or DT\n"); | ||
| 88 | return; | ||
| 89 | } | ||
| 90 | |||
| 91 | FIPS_rand_set_key(key, keylen); | ||
| 92 | FIPS_rand_seed(v,16); | ||
| 93 | FIPS_rand_set_dt(dt); | ||
| 94 | if (FIPS_rand_bytes(ret,16) <= 0) | ||
| 95 | { | ||
| 96 | fprintf(stderr, "Error getting PRNG value\n"); | ||
| 97 | return; | ||
| 98 | } | ||
| 99 | |||
| 100 | pv("R",ret,16); | ||
| 101 | OPENSSL_free(key); | ||
| 102 | key = NULL; | ||
| 103 | OPENSSL_free(dt); | ||
| 104 | dt = NULL; | ||
| 105 | OPENSSL_free(v); | ||
| 106 | v = NULL; | ||
| 107 | } | ||
| 108 | } | ||
| 109 | } | ||
| 110 | |||
| 111 | void mct() | ||
| 112 | { | ||
| 113 | unsigned char *key = NULL; | ||
| 114 | unsigned char *v = NULL; | ||
| 115 | unsigned char *dt = NULL; | ||
| 116 | unsigned char ret[16]; | ||
| 117 | char buf[1024]; | ||
| 118 | char lbuf[1024]; | ||
| 119 | char *keyword, *value; | ||
| 120 | long i, keylen; | ||
| 121 | int j; | ||
| 122 | |||
| 123 | keylen = 0; | ||
| 124 | |||
| 125 | while(fgets(buf,sizeof buf,stdin) != NULL) | ||
| 126 | { | ||
| 127 | fputs(buf,stdout); | ||
| 128 | if(!strncmp(buf,"[AES 128-Key]", 13)) | ||
| 129 | keylen = 16; | ||
| 130 | else if(!strncmp(buf,"[AES 192-Key]", 13)) | ||
| 131 | keylen = 24; | ||
| 132 | else if(!strncmp(buf,"[AES 256-Key]", 13)) | ||
| 133 | keylen = 32; | ||
| 134 | if (!parse_line(&keyword, &value, lbuf, buf)) | ||
| 135 | continue; | ||
| 136 | if(!strcmp(keyword,"Key")) | ||
| 137 | { | ||
| 138 | key=hex2bin_m(value,&i); | ||
| 139 | if (i != keylen) | ||
| 140 | { | ||
| 141 | fprintf(stderr, "Invalid key length, expecting %ld\n", keylen); | ||
| 142 | return; | ||
| 143 | } | ||
| 144 | } | ||
| 145 | else if(!strcmp(keyword,"DT")) | ||
| 146 | { | ||
| 147 | dt=hex2bin_m(value,&i); | ||
| 148 | if (i != 16) | ||
| 149 | { | ||
| 150 | fprintf(stderr, "Invalid DT length\n"); | ||
| 151 | return; | ||
| 152 | } | ||
| 153 | } | ||
| 154 | else if(!strcmp(keyword,"V")) | ||
| 155 | { | ||
| 156 | v=hex2bin_m(value,&i); | ||
| 157 | if (i != 16) | ||
| 158 | { | ||
| 159 | fprintf(stderr, "Invalid V length\n"); | ||
| 160 | return; | ||
| 161 | } | ||
| 162 | |||
| 163 | if (!key || !dt) | ||
| 164 | { | ||
| 165 | fprintf(stderr, "Missing key or DT\n"); | ||
| 166 | return; | ||
| 167 | } | ||
| 168 | |||
| 169 | FIPS_rand_set_key(key, keylen); | ||
| 170 | FIPS_rand_seed(v,16); | ||
| 171 | for (i = 0; i < 10000; i++) | ||
| 172 | { | ||
| 173 | FIPS_rand_set_dt(dt); | ||
| 174 | if (FIPS_rand_bytes(ret,16) <= 0) | ||
| 175 | { | ||
| 176 | fprintf(stderr, "Error getting PRNG value\n"); | ||
| 177 | return; | ||
| 178 | } | ||
| 179 | /* Increment DT */ | ||
| 180 | for (j = 15; j >= 0; j--) | ||
| 181 | { | ||
| 182 | dt[j]++; | ||
| 183 | if (dt[j]) | ||
| 184 | break; | ||
| 185 | } | ||
| 186 | } | ||
| 187 | |||
| 188 | pv("R",ret,16); | ||
| 189 | OPENSSL_free(key); | ||
| 190 | key = NULL; | ||
| 191 | OPENSSL_free(dt); | ||
| 192 | dt = NULL; | ||
| 193 | OPENSSL_free(v); | ||
| 194 | v = NULL; | ||
| 195 | } | ||
| 196 | } | ||
| 197 | } | ||
| 198 | |||
| 199 | int main(int argc,char **argv) | ||
| 200 | { | ||
| 201 | if(argc != 2) | ||
| 202 | { | ||
| 203 | fprintf(stderr,"%s [mct|vst]\n",argv[0]); | ||
| 204 | exit(1); | ||
| 205 | } | ||
| 206 | if(!FIPS_mode_set(1)) | ||
| 207 | { | ||
| 208 | do_print_errors(); | ||
| 209 | exit(1); | ||
| 210 | } | ||
| 211 | FIPS_rand_reset(); | ||
| 212 | if (!FIPS_rand_test_mode()) | ||
| 213 | { | ||
| 214 | fprintf(stderr, "Error setting PRNG test mode\n"); | ||
| 215 | do_print_errors(); | ||
| 216 | exit(1); | ||
| 217 | } | ||
| 218 | if(!strcmp(argv[1],"mct")) | ||
| 219 | mct(); | ||
| 220 | else if(!strcmp(argv[1],"vst")) | ||
| 221 | vst(); | ||
| 222 | else | ||
| 223 | { | ||
| 224 | fprintf(stderr,"Don't know how to %s.\n",argv[1]); | ||
| 225 | exit(1); | ||
| 226 | } | ||
| 227 | |||
| 228 | return 0; | ||
| 229 | } | ||
| 230 | #endif | ||
diff --git a/src/lib/libssl/src/fips/rsa/Makefile b/src/lib/libssl/src/fips/rsa/Makefile index bb20f86442..da28c13aa6 100644 --- a/src/lib/libssl/src/fips/rsa/Makefile +++ b/src/lib/libssl/src/fips/rsa/Makefile | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | # | 1 | # |
| 2 | # SSLeay/fips/rsa/Makefile | 2 | # OpenSSL/fips/rsa/Makefile |
| 3 | # | 3 | # |
| 4 | 4 | ||
| 5 | DIR= rsa | 5 | DIR= rsa |
| @@ -18,12 +18,14 @@ AR= ar r | |||
| 18 | CFLAGS= $(INCLUDES) $(CFLAG) | 18 | CFLAGS= $(INCLUDES) $(CFLAG) |
| 19 | 19 | ||
| 20 | GENERAL=Makefile | 20 | GENERAL=Makefile |
| 21 | TEST= | 21 | TEST= fips_rsavtest.c fips_rsastest.c fips_rsagtest.c |
| 22 | APPS= | 22 | APPS= |
| 23 | 23 | ||
| 24 | LIB=$(TOP)/libcrypto.a | 24 | LIB=$(TOP)/libcrypto.a |
| 25 | LIBSRC=fips_rsa_eay.c fips_rsa_gen.c fips_rsa_selftest.c | 25 | LIBSRC=fips_rsa_eay.c fips_rsa_gen.c fips_rsa_selftest.c fips_rsa_x931g.c \ |
| 26 | LIBOBJ=fips_rsa_eay.o fips_rsa_gen.o fips_rsa_selftest.o | 26 | fips_rsa_sign.c fips_rsa_lib.c |
| 27 | LIBOBJ=fips_rsa_eay.o fips_rsa_gen.o fips_rsa_selftest.o fips_rsa_x931g.o \ | ||
| 28 | fips_rsa_sign.o fips_rsa_lib.o | ||
| 27 | 29 | ||
| 28 | SRC= $(LIBSRC) | 30 | SRC= $(LIBSRC) |
| 29 | 31 | ||
| @@ -35,15 +37,10 @@ ALL= $(GENERAL) $(SRC) $(HEADER) | |||
| 35 | top: | 37 | top: |
| 36 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) | 38 | (cd $(TOP); $(MAKE) DIRS=fips FDIRS=$(DIR) sub_all) |
| 37 | 39 | ||
| 38 | all: check lib | 40 | all: lib |
| 39 | 41 | ||
| 40 | lib: $(LIBOBJ) | 42 | lib: $(LIBOBJ) |
| 41 | $(AR) $(LIB) $(LIBOBJ) | 43 | @echo $(LIBOBJ) > lib |
| 42 | $(RANLIB) $(LIB) || echo Never mind. | ||
| 43 | @sleep 2; touch lib | ||
| 44 | |||
| 45 | check: | ||
| 46 | TOP=`pwd`/$(TOP) ../fips_check_sha1 fingerprint.sha1 $(SRC) $(HEADER) | ||
| 47 | 44 | ||
| 48 | files: | 45 | files: |
| 49 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | 46 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO |
| @@ -65,6 +62,24 @@ tags: | |||
| 65 | 62 | ||
| 66 | tests: | 63 | tests: |
| 67 | 64 | ||
| 65 | Q=../testvectors/rsa/req | ||
| 66 | A=../testvectors/rsa/rsp | ||
| 67 | Q62=../testvectors/rsa_salt_62/req | ||
| 68 | A62=../testvectors/rsa_salt_62/rsp | ||
| 69 | |||
| 70 | fips_test: | ||
| 71 | -rm -rf $(A) $(A62) | ||
| 72 | mkdir $(A) $(A62) | ||
| 73 | if [ -f $(Q)/SigGen15.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsastest < $(Q)/SigGen15.req > $(A)/SigGen15.rsp; fi | ||
| 74 | if [ -f $(Q)/SigVer15.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsavtest < $(Q)/SigVer15.req > $(A)/SigVer15.rsp; fi | ||
| 75 | if [ -f $(Q)/SigGenPSS.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsastest -saltlen 0 < $(Q)/SigGenPSS.req > $(A)/SigGenPSS.rsp; fi | ||
| 76 | if [ -f $(Q)/SigVerPSS.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsavtest -saltlen 0 < $(Q)/SigVerPSS.req > $(A)/SigVerPSS.rsp; fi | ||
| 77 | if [ -f $(Q)/SigGenRSA.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsastest -x931 < $(Q)/SigGenRSA.req > $(A)/SigGenRSA.rsp; fi | ||
| 78 | if [ -f $(Q)/SigVerRSA.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsavtest -x931 < $(Q)/SigVerRSA.req > $(A)/SigVerRSA.rsp; fi | ||
| 79 | if [ -f $(Q62)/SigGenPSS.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsastest -saltlen 62 < $(Q62)/SigGenPSS.req >$(A62)/SigGenPSS.rsp; fi | ||
| 80 | if [ -f $(Q62)/SigVerPSS.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsavtest -saltlen 62 <$(Q62)/SigVerPSS.req >$(A62)/SigVerPSS.rsp; fi | ||
| 81 | if [ -f $(Q)/KeyGenRSA.req ]; then $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_rsagtest < $(Q)/KeyGenRSA.req > $(A)/KeyGenRSA.rsp; fi | ||
| 82 | |||
| 68 | lint: | 83 | lint: |
| 69 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 84 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 70 | 85 | ||
| @@ -92,20 +107,109 @@ fips_rsa_eay.o: fips_rsa_eay.c | |||
| 92 | fips_rsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 107 | fips_rsa_gen.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 93 | fips_rsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | 108 | fips_rsa_gen.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h |
| 94 | fips_rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 109 | fips_rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 95 | fips_rsa_gen.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | 110 | fips_rsa_gen.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 111 | fips_rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 112 | fips_rsa_gen.o: ../../include/openssl/objects.h | ||
| 96 | fips_rsa_gen.o: ../../include/openssl/opensslconf.h | 113 | fips_rsa_gen.o: ../../include/openssl/opensslconf.h |
| 97 | fips_rsa_gen.o: ../../include/openssl/opensslv.h | 114 | fips_rsa_gen.o: ../../include/openssl/opensslv.h |
| 98 | fips_rsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h | 115 | fips_rsa_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h |
| 99 | fips_rsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | 116 | fips_rsa_gen.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h |
| 100 | fips_rsa_gen.o: ../../include/openssl/symhacks.h fips_rsa_gen.c | 117 | fips_rsa_gen.o: ../../include/openssl/symhacks.h ../fips_locl.h fips_rsa_gen.c |
| 118 | fips_rsa_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 119 | fips_rsa_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | ||
| 120 | fips_rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 121 | fips_rsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 122 | fips_rsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 123 | fips_rsa_lib.o: ../../include/openssl/objects.h | ||
| 124 | fips_rsa_lib.o: ../../include/openssl/opensslconf.h | ||
| 125 | fips_rsa_lib.o: ../../include/openssl/opensslv.h | ||
| 126 | fips_rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h | ||
| 127 | fips_rsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h | ||
| 128 | fips_rsa_lib.o: ../../include/openssl/symhacks.h fips_rsa_lib.c | ||
| 101 | fips_rsa_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | 129 | fips_rsa_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h |
| 102 | fips_rsa_selftest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | 130 | fips_rsa_selftest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h |
| 103 | fips_rsa_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | 131 | fips_rsa_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h |
| 104 | fips_rsa_selftest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | 132 | fips_rsa_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h |
| 133 | fips_rsa_selftest.o: ../../include/openssl/lhash.h | ||
| 134 | fips_rsa_selftest.o: ../../include/openssl/obj_mac.h | ||
| 135 | fips_rsa_selftest.o: ../../include/openssl/objects.h | ||
| 105 | fips_rsa_selftest.o: ../../include/openssl/opensslconf.h | 136 | fips_rsa_selftest.o: ../../include/openssl/opensslconf.h |
| 106 | fips_rsa_selftest.o: ../../include/openssl/opensslv.h | 137 | fips_rsa_selftest.o: ../../include/openssl/opensslv.h |
| 107 | fips_rsa_selftest.o: ../../include/openssl/ossl_typ.h | 138 | fips_rsa_selftest.o: ../../include/openssl/ossl_typ.h |
| 108 | fips_rsa_selftest.o: ../../include/openssl/rsa.h | 139 | fips_rsa_selftest.o: ../../include/openssl/rsa.h |
| 109 | fips_rsa_selftest.o: ../../include/openssl/safestack.h | 140 | fips_rsa_selftest.o: ../../include/openssl/safestack.h |
| 110 | fips_rsa_selftest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | 141 | fips_rsa_selftest.o: ../../include/openssl/stack.h |
| 111 | fips_rsa_selftest.o: ../../include/openssl/symhacks.h fips_rsa_selftest.c | 142 | fips_rsa_selftest.o: ../../include/openssl/symhacks.h fips_rsa_selftest.c |
| 143 | fips_rsa_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 144 | fips_rsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h | ||
| 145 | fips_rsa_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 146 | fips_rsa_sign.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 147 | fips_rsa_sign.o: ../../include/openssl/obj_mac.h | ||
| 148 | fips_rsa_sign.o: ../../include/openssl/objects.h | ||
| 149 | fips_rsa_sign.o: ../../include/openssl/opensslconf.h | ||
| 150 | fips_rsa_sign.o: ../../include/openssl/opensslv.h | ||
| 151 | fips_rsa_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h | ||
| 152 | fips_rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 153 | fips_rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 154 | fips_rsa_sign.o: fips_rsa_sign.c | ||
| 155 | fips_rsa_x931g.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 156 | fips_rsa_x931g.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h | ||
| 157 | fips_rsa_x931g.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 158 | fips_rsa_x931g.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 159 | fips_rsa_x931g.o: ../../include/openssl/opensslconf.h | ||
| 160 | fips_rsa_x931g.o: ../../include/openssl/opensslv.h | ||
| 161 | fips_rsa_x931g.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h | ||
| 162 | fips_rsa_x931g.o: ../../include/openssl/safestack.h | ||
| 163 | fips_rsa_x931g.o: ../../include/openssl/stack.h | ||
| 164 | fips_rsa_x931g.o: ../../include/openssl/symhacks.h fips_rsa_x931g.c | ||
| 165 | fips_rsagtest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 166 | fips_rsagtest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | ||
| 167 | fips_rsagtest.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | ||
| 168 | fips_rsagtest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 169 | fips_rsagtest.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 170 | fips_rsagtest.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 171 | fips_rsagtest.o: ../../include/openssl/fips.h ../../include/openssl/hmac.h | ||
| 172 | fips_rsagtest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 173 | fips_rsagtest.o: ../../include/openssl/objects.h | ||
| 174 | fips_rsagtest.o: ../../include/openssl/opensslconf.h | ||
| 175 | fips_rsagtest.o: ../../include/openssl/opensslv.h | ||
| 176 | fips_rsagtest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | ||
| 177 | fips_rsagtest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
| 178 | fips_rsagtest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 179 | fips_rsagtest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 180 | fips_rsagtest.o: ../../include/openssl/x509_vfy.h | ||
| 181 | fips_rsagtest.o: ../../include/openssl/x509v3.h ../fips_utl.h fips_rsagtest.c | ||
| 182 | fips_rsastest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 183 | fips_rsastest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | ||
| 184 | fips_rsastest.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | ||
| 185 | fips_rsastest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 186 | fips_rsastest.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 187 | fips_rsastest.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 188 | fips_rsastest.o: ../../include/openssl/fips.h ../../include/openssl/hmac.h | ||
| 189 | fips_rsastest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 190 | fips_rsastest.o: ../../include/openssl/objects.h | ||
| 191 | fips_rsastest.o: ../../include/openssl/opensslconf.h | ||
| 192 | fips_rsastest.o: ../../include/openssl/opensslv.h | ||
| 193 | fips_rsastest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | ||
| 194 | fips_rsastest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
| 195 | fips_rsastest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 196 | fips_rsastest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 197 | fips_rsastest.o: ../../include/openssl/x509_vfy.h | ||
| 198 | fips_rsastest.o: ../../include/openssl/x509v3.h ../fips_utl.h fips_rsastest.c | ||
| 199 | fips_rsavtest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 200 | fips_rsavtest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | ||
| 201 | fips_rsavtest.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | ||
| 202 | fips_rsavtest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 203 | fips_rsavtest.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 204 | fips_rsavtest.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 205 | fips_rsavtest.o: ../../include/openssl/fips.h ../../include/openssl/hmac.h | ||
| 206 | fips_rsavtest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h | ||
| 207 | fips_rsavtest.o: ../../include/openssl/objects.h | ||
| 208 | fips_rsavtest.o: ../../include/openssl/opensslconf.h | ||
| 209 | fips_rsavtest.o: ../../include/openssl/opensslv.h | ||
| 210 | fips_rsavtest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | ||
| 211 | fips_rsavtest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | ||
| 212 | fips_rsavtest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 213 | fips_rsavtest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h | ||
| 214 | fips_rsavtest.o: ../../include/openssl/x509_vfy.h | ||
| 215 | fips_rsavtest.o: ../../include/openssl/x509v3.h ../fips_utl.h fips_rsavtest.c | ||
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_eay.c b/src/lib/libssl/src/fips/rsa/fips_rsa_eay.c index c571e2b1bf..937a14e684 100644 --- a/src/lib/libssl/src/fips/rsa/fips_rsa_eay.c +++ b/src/lib/libssl/src/fips/rsa/fips_rsa_eay.c | |||
| @@ -55,25 +55,78 @@ | |||
| 55 | * copied and put under another distribution licence | 55 | * copied and put under another distribution licence |
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | /* ==================================================================== | ||
| 59 | * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. | ||
| 60 | * | ||
| 61 | * Redistribution and use in source and binary forms, with or without | ||
| 62 | * modification, are permitted provided that the following conditions | ||
| 63 | * are met: | ||
| 64 | * | ||
| 65 | * 1. Redistributions of source code must retain the above copyright | ||
| 66 | * notice, this list of conditions and the following disclaimer. | ||
| 67 | * | ||
| 68 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 69 | * notice, this list of conditions and the following disclaimer in | ||
| 70 | * the documentation and/or other materials provided with the | ||
| 71 | * distribution. | ||
| 72 | * | ||
| 73 | * 3. All advertising materials mentioning features or use of this | ||
| 74 | * software must display the following acknowledgment: | ||
| 75 | * "This product includes software developed by the OpenSSL Project | ||
| 76 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 77 | * | ||
| 78 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 79 | * endorse or promote products derived from this software without | ||
| 80 | * prior written permission. For written permission, please contact | ||
| 81 | * openssl-core@openssl.org. | ||
| 82 | * | ||
| 83 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 84 | * nor may "OpenSSL" appear in their names without prior written | ||
| 85 | * permission of the OpenSSL Project. | ||
| 86 | * | ||
| 87 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 88 | * acknowledgment: | ||
| 89 | * "This product includes software developed by the OpenSSL Project | ||
| 90 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 91 | * | ||
| 92 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 93 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 94 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 95 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 96 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 97 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 98 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 99 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 100 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 101 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 102 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 103 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 104 | * ==================================================================== | ||
| 105 | * | ||
| 106 | * This product includes cryptographic software written by Eric Young | ||
| 107 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 108 | * Hudson (tjh@cryptsoft.com). | ||
| 109 | * | ||
| 110 | */ | ||
| 58 | 111 | ||
| 59 | #include <stdio.h> | 112 | #include <stdio.h> |
| 60 | #include <openssl/err.h> | ||
| 61 | #include <openssl/bn.h> | 113 | #include <openssl/bn.h> |
| 62 | #include <openssl/rsa.h> | 114 | #include <openssl/rsa.h> |
| 63 | #include <openssl/rand.h> | 115 | #include <openssl/rand.h> |
| 116 | #include <openssl/err.h> | ||
| 64 | #include <openssl/fips.h> | 117 | #include <openssl/fips.h> |
| 65 | 118 | ||
| 66 | #if !defined(RSA_NULL) && defined(OPENSSL_FIPS) | 119 | #if !defined(RSA_NULL) && defined(OPENSSL_FIPS) |
| 67 | 120 | ||
| 68 | static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | 121 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, |
| 69 | unsigned char *to, RSA *rsa,int padding); | 122 | unsigned char *to, RSA *rsa,int padding); |
| 70 | static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | 123 | static int RSA_eay_private_encrypt(int flen, const unsigned char *from, |
| 71 | unsigned char *to, RSA *rsa,int padding); | 124 | unsigned char *to, RSA *rsa,int padding); |
| 72 | static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | 125 | static int RSA_eay_public_decrypt(int flen, const unsigned char *from, |
| 73 | unsigned char *to, RSA *rsa,int padding); | 126 | unsigned char *to, RSA *rsa,int padding); |
| 74 | static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | 127 | static int RSA_eay_private_decrypt(int flen, const unsigned char *from, |
| 75 | unsigned char *to, RSA *rsa,int padding); | 128 | unsigned char *to, RSA *rsa,int padding); |
| 76 | static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa); | 129 | static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx); |
| 77 | static int RSA_eay_init(RSA *rsa); | 130 | static int RSA_eay_init(RSA *rsa); |
| 78 | static int RSA_eay_finish(RSA *rsa); | 131 | static int RSA_eay_finish(RSA *rsa); |
| 79 | static RSA_METHOD rsa_pkcs1_eay_meth={ | 132 | static RSA_METHOD rsa_pkcs1_eay_meth={ |
| @@ -86,10 +139,11 @@ static RSA_METHOD rsa_pkcs1_eay_meth={ | |||
| 86 | BN_mod_exp_mont, /* XXX probably we should not use Montgomery if e == 3 */ | 139 | BN_mod_exp_mont, /* XXX probably we should not use Montgomery if e == 3 */ |
| 87 | RSA_eay_init, | 140 | RSA_eay_init, |
| 88 | RSA_eay_finish, | 141 | RSA_eay_finish, |
| 89 | 0, /* flags */ | 142 | RSA_FLAG_FIPS_METHOD, /* flags */ |
| 90 | NULL, | 143 | NULL, |
| 91 | 0, /* rsa_sign */ | 144 | 0, /* rsa_sign */ |
| 92 | 0 /* rsa_verify */ | 145 | 0, /* rsa_verify */ |
| 146 | NULL /* rsa_keygen */ | ||
| 93 | }; | 147 | }; |
| 94 | 148 | ||
| 95 | const RSA_METHOD *RSA_PKCS1_SSLeay(void) | 149 | const RSA_METHOD *RSA_PKCS1_SSLeay(void) |
| @@ -97,26 +151,65 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void) | |||
| 97 | return(&rsa_pkcs1_eay_meth); | 151 | return(&rsa_pkcs1_eay_meth); |
| 98 | } | 152 | } |
| 99 | 153 | ||
| 100 | static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | 154 | /* Usage example; |
| 155 | * MONT_HELPER(rsa, bn_ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); | ||
| 156 | */ | ||
| 157 | #define MONT_HELPER(rsa, ctx, m, pre_cond, err_instr) \ | ||
| 158 | if((pre_cond) && ((rsa)->_method_mod_##m == NULL) && \ | ||
| 159 | !BN_MONT_CTX_set_locked(&((rsa)->_method_mod_##m), \ | ||
| 160 | CRYPTO_LOCK_RSA, \ | ||
| 161 | (rsa)->m, (ctx))) \ | ||
| 162 | err_instr | ||
| 163 | |||
| 164 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, | ||
| 101 | unsigned char *to, RSA *rsa, int padding) | 165 | unsigned char *to, RSA *rsa, int padding) |
| 102 | { | 166 | { |
| 103 | BIGNUM f,ret; | 167 | BIGNUM *f,*ret; |
| 104 | int i,j,k,num=0,r= -1; | 168 | int i,j,k,num=0,r= -1; |
| 105 | unsigned char *buf=NULL; | 169 | unsigned char *buf=NULL; |
| 106 | BN_CTX *ctx=NULL; | 170 | BN_CTX *ctx=NULL; |
| 107 | 171 | ||
| 108 | BN_init(&f); | ||
| 109 | BN_init(&ret); | ||
| 110 | |||
| 111 | if(FIPS_selftest_failed()) | 172 | if(FIPS_selftest_failed()) |
| 112 | { | 173 | { |
| 113 | FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED); | 174 | FIPSerr(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED); |
| 114 | goto err; | 175 | goto err; |
| 115 | } | 176 | } |
| 116 | 177 | ||
| 178 | if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) | ||
| 179 | { | ||
| 180 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); | ||
| 181 | return -1; | ||
| 182 | } | ||
| 183 | |||
| 184 | if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) | ||
| 185 | { | ||
| 186 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE); | ||
| 187 | return -1; | ||
| 188 | } | ||
| 189 | |||
| 190 | if (BN_ucmp(rsa->n, rsa->e) <= 0) | ||
| 191 | { | ||
| 192 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); | ||
| 193 | return -1; | ||
| 194 | } | ||
| 195 | |||
| 196 | /* for large moduli, enforce exponent limit */ | ||
| 197 | if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) | ||
| 198 | { | ||
| 199 | if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) | ||
| 200 | { | ||
| 201 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); | ||
| 202 | return -1; | ||
| 203 | } | ||
| 204 | } | ||
| 205 | |||
| 117 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 206 | if ((ctx=BN_CTX_new()) == NULL) goto err; |
| 207 | BN_CTX_start(ctx); | ||
| 208 | f = BN_CTX_get(ctx); | ||
| 209 | ret = BN_CTX_get(ctx); | ||
| 118 | num=BN_num_bytes(rsa->n); | 210 | num=BN_num_bytes(rsa->n); |
| 119 | if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) | 211 | buf = OPENSSL_malloc(num); |
| 212 | if (!f || !ret || !buf) | ||
| 120 | { | 213 | { |
| 121 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); | 214 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); |
| 122 | goto err; | 215 | goto err; |
| @@ -144,54 +237,34 @@ static int RSA_eay_public_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fro | |||
| 144 | } | 237 | } |
| 145 | if (i <= 0) goto err; | 238 | if (i <= 0) goto err; |
| 146 | 239 | ||
| 147 | if (BN_bin2bn(buf,num,&f) == NULL) goto err; | 240 | if (BN_bin2bn(buf,num,f) == NULL) goto err; |
| 148 | 241 | ||
| 149 | if (BN_ucmp(&f, rsa->n) >= 0) | 242 | if (BN_ucmp(f, rsa->n) >= 0) |
| 150 | { | 243 | { |
| 151 | /* usually the padding functions would catch this */ | 244 | /* usually the padding functions would catch this */ |
| 152 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | 245 | RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); |
| 153 | goto err; | 246 | goto err; |
| 154 | } | 247 | } |
| 155 | 248 | ||
| 156 | if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) | 249 | MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); |
| 157 | { | 250 | |
| 158 | BN_MONT_CTX* bn_mont_ctx; | 251 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, |
| 159 | if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) | ||
| 160 | goto err; | ||
| 161 | if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx)) | ||
| 162 | { | ||
| 163 | BN_MONT_CTX_free(bn_mont_ctx); | ||
| 164 | goto err; | ||
| 165 | } | ||
| 166 | if (rsa->_method_mod_n == NULL) /* other thread may have finished first */ | ||
| 167 | { | ||
| 168 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | ||
| 169 | if (rsa->_method_mod_n == NULL) | ||
| 170 | { | ||
| 171 | rsa->_method_mod_n = bn_mont_ctx; | ||
| 172 | bn_mont_ctx = NULL; | ||
| 173 | } | ||
| 174 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | ||
| 175 | } | ||
| 176 | if (bn_mont_ctx) | ||
| 177 | BN_MONT_CTX_free(bn_mont_ctx); | ||
| 178 | } | ||
| 179 | |||
| 180 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, | ||
| 181 | rsa->_method_mod_n)) goto err; | 252 | rsa->_method_mod_n)) goto err; |
| 182 | 253 | ||
| 183 | /* put in leading 0 bytes if the number is less than the | 254 | /* put in leading 0 bytes if the number is less than the |
| 184 | * length of the modulus */ | 255 | * length of the modulus */ |
| 185 | j=BN_num_bytes(&ret); | 256 | j=BN_num_bytes(ret); |
| 186 | i=BN_bn2bin(&ret,&(to[num-j])); | 257 | i=BN_bn2bin(ret,&(to[num-j])); |
| 187 | for (k=0; k<(num-i); k++) | 258 | for (k=0; k<(num-i); k++) |
| 188 | to[k]=0; | 259 | to[k]=0; |
| 189 | 260 | ||
| 190 | r=num; | 261 | r=num; |
| 191 | err: | 262 | err: |
| 192 | if (ctx != NULL) BN_CTX_free(ctx); | 263 | if (ctx != NULL) |
| 193 | BN_clear_free(&f); | 264 | { |
| 194 | BN_clear_free(&ret); | 265 | BN_CTX_end(ctx); |
| 266 | BN_CTX_free(ctx); | ||
| 267 | } | ||
| 195 | if (buf != NULL) | 268 | if (buf != NULL) |
| 196 | { | 269 | { |
| 197 | OPENSSL_cleanse(buf,num); | 270 | OPENSSL_cleanse(buf,num); |
| @@ -200,76 +273,127 @@ err: | |||
| 200 | return(r); | 273 | return(r); |
| 201 | } | 274 | } |
| 202 | 275 | ||
| 203 | static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx) | 276 | static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) |
| 204 | { | 277 | { |
| 205 | int ret = 1; | 278 | BN_BLINDING *ret; |
| 206 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | 279 | int got_write_lock = 0; |
| 207 | /* Check again inside the lock - the macro's check is racey */ | ||
| 208 | if(rsa->blinding == NULL) | ||
| 209 | ret = RSA_blinding_on(rsa, ctx); | ||
| 210 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | ||
| 211 | return ret; | ||
| 212 | } | ||
| 213 | 280 | ||
| 214 | #define BLINDING_HELPER(rsa, ctx, err_instr) \ | 281 | CRYPTO_r_lock(CRYPTO_LOCK_RSA); |
| 215 | do { \ | ||
| 216 | if((!((rsa)->flags & RSA_FLAG_NO_BLINDING)) && \ | ||
| 217 | ((rsa)->blinding == NULL) && \ | ||
| 218 | !rsa_eay_blinding(rsa, ctx)) \ | ||
| 219 | err_instr \ | ||
| 220 | } while(0) | ||
| 221 | 282 | ||
| 222 | static BN_BLINDING *setup_blinding(RSA *rsa, BN_CTX *ctx) | 283 | if (rsa->blinding == NULL) |
| 223 | { | 284 | { |
| 224 | BIGNUM *A, *Ai; | 285 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); |
| 225 | BN_BLINDING *ret = NULL; | 286 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); |
| 287 | got_write_lock = 1; | ||
| 226 | 288 | ||
| 227 | /* added in OpenSSL 0.9.6j and 0.9.7b */ | 289 | if (rsa->blinding == NULL) |
| 290 | rsa->blinding = RSA_setup_blinding(rsa, ctx); | ||
| 291 | } | ||
| 228 | 292 | ||
| 229 | /* NB: similar code appears in RSA_blinding_on (rsa_lib.c); | 293 | ret = rsa->blinding; |
| 230 | * this should be placed in a new function of its own, but for reasons | 294 | if (ret == NULL) |
| 231 | * of binary compatibility can't */ | 295 | goto err; |
| 232 | 296 | ||
| 233 | BN_CTX_start(ctx); | 297 | if (BN_BLINDING_get_thread_id(ret) == CRYPTO_thread_id()) |
| 234 | A = BN_CTX_get(ctx); | ||
| 235 | if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) | ||
| 236 | { | 298 | { |
| 237 | /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */ | 299 | /* rsa->blinding is ours! */ |
| 238 | RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0); | 300 | |
| 239 | if (!BN_pseudo_rand_range(A,rsa->n)) goto err; | 301 | *local = 1; |
| 240 | } | 302 | } |
| 241 | else | 303 | else |
| 242 | { | 304 | { |
| 243 | if (!BN_rand_range(A,rsa->n)) goto err; | 305 | /* resort to rsa->mt_blinding instead */ |
| 306 | |||
| 307 | *local = 0; /* instructs rsa_blinding_convert(), rsa_blinding_invert() | ||
| 308 | * that the BN_BLINDING is shared, meaning that accesses | ||
| 309 | * require locks, and that the blinding factor must be | ||
| 310 | * stored outside the BN_BLINDING | ||
| 311 | */ | ||
| 312 | |||
| 313 | if (rsa->mt_blinding == NULL) | ||
| 314 | { | ||
| 315 | if (!got_write_lock) | ||
| 316 | { | ||
| 317 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); | ||
| 318 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | ||
| 319 | got_write_lock = 1; | ||
| 320 | } | ||
| 321 | |||
| 322 | if (rsa->mt_blinding == NULL) | ||
| 323 | rsa->mt_blinding = RSA_setup_blinding(rsa, ctx); | ||
| 324 | } | ||
| 325 | ret = rsa->mt_blinding; | ||
| 244 | } | 326 | } |
| 245 | if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; | ||
| 246 | 327 | ||
| 247 | if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) | 328 | err: |
| 248 | goto err; | 329 | if (got_write_lock) |
| 249 | ret = BN_BLINDING_new(A,Ai,rsa->n); | 330 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); |
| 250 | BN_free(Ai); | 331 | else |
| 251 | err: | 332 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); |
| 252 | BN_CTX_end(ctx); | ||
| 253 | return ret; | 333 | return ret; |
| 254 | } | 334 | } |
| 335 | |||
| 336 | static int rsa_blinding_convert(BN_BLINDING *b, int local, BIGNUM *f, | ||
| 337 | BIGNUM *r, BN_CTX *ctx) | ||
| 338 | { | ||
| 339 | if (local) | ||
| 340 | return BN_BLINDING_convert_ex(f, NULL, b, ctx); | ||
| 341 | else | ||
| 342 | { | ||
| 343 | int ret; | ||
| 344 | CRYPTO_r_lock(CRYPTO_LOCK_RSA_BLINDING); | ||
| 345 | ret = BN_BLINDING_convert_ex(f, r, b, ctx); | ||
| 346 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA_BLINDING); | ||
| 347 | return ret; | ||
| 348 | } | ||
| 349 | } | ||
| 350 | |||
| 351 | static int rsa_blinding_invert(BN_BLINDING *b, int local, BIGNUM *f, | ||
| 352 | BIGNUM *r, BN_CTX *ctx) | ||
| 353 | { | ||
| 354 | if (local) | ||
| 355 | return BN_BLINDING_invert_ex(f, NULL, b, ctx); | ||
| 356 | else | ||
| 357 | { | ||
| 358 | int ret; | ||
| 359 | CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING); | ||
| 360 | ret = BN_BLINDING_invert_ex(f, r, b, ctx); | ||
| 361 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING); | ||
| 362 | return ret; | ||
| 363 | } | ||
| 364 | } | ||
| 255 | 365 | ||
| 256 | /* signing */ | 366 | /* signing */ |
| 257 | static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | 367 | static int RSA_eay_private_encrypt(int flen, const unsigned char *from, |
| 258 | unsigned char *to, RSA *rsa, int padding) | 368 | unsigned char *to, RSA *rsa, int padding) |
| 259 | { | 369 | { |
| 260 | BIGNUM f,ret; | 370 | BIGNUM *f, *ret, *br, *res; |
| 261 | int i,j,k,num=0,r= -1; | 371 | int i,j,k,num=0,r= -1; |
| 262 | unsigned char *buf=NULL; | 372 | unsigned char *buf=NULL; |
| 263 | BN_CTX *ctx=NULL; | 373 | BN_CTX *ctx=NULL; |
| 264 | int local_blinding = 0; | 374 | int local_blinding = 0; |
| 265 | BN_BLINDING *blinding = NULL; | 375 | BN_BLINDING *blinding = NULL; |
| 266 | 376 | ||
| 267 | BN_init(&f); | 377 | if(FIPS_selftest_failed()) |
| 268 | BN_init(&ret); | 378 | { |
| 379 | FIPSerr(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT,FIPS_R_FIPS_SELFTEST_FAILED); | ||
| 380 | goto err; | ||
| 381 | } | ||
| 382 | |||
| 383 | if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) | ||
| 384 | { | ||
| 385 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, RSA_R_KEY_SIZE_TOO_SMALL); | ||
| 386 | return -1; | ||
| 387 | } | ||
| 269 | 388 | ||
| 270 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 389 | if ((ctx=BN_CTX_new()) == NULL) goto err; |
| 271 | num=BN_num_bytes(rsa->n); | 390 | BN_CTX_start(ctx); |
| 272 | if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) | 391 | f = BN_CTX_get(ctx); |
| 392 | br = BN_CTX_get(ctx); | ||
| 393 | ret = BN_CTX_get(ctx); | ||
| 394 | num = BN_num_bytes(rsa->n); | ||
| 395 | buf = OPENSSL_malloc(num); | ||
| 396 | if(!f || !ret || !buf) | ||
| 273 | { | 397 | { |
| 274 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); | 398 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); |
| 275 | goto err; | 399 | goto err; |
| @@ -280,6 +404,9 @@ static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fr | |||
| 280 | case RSA_PKCS1_PADDING: | 404 | case RSA_PKCS1_PADDING: |
| 281 | i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); | 405 | i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); |
| 282 | break; | 406 | break; |
| 407 | case RSA_X931_PADDING: | ||
| 408 | i=RSA_padding_add_X931(buf,num,from,flen); | ||
| 409 | break; | ||
| 283 | case RSA_NO_PADDING: | 410 | case RSA_NO_PADDING: |
| 284 | i=RSA_padding_add_none(buf,num,from,flen); | 411 | i=RSA_padding_add_none(buf,num,from,flen); |
| 285 | break; | 412 | break; |
| @@ -290,26 +417,18 @@ static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fr | |||
| 290 | } | 417 | } |
| 291 | if (i <= 0) goto err; | 418 | if (i <= 0) goto err; |
| 292 | 419 | ||
| 293 | if (BN_bin2bn(buf,num,&f) == NULL) goto err; | 420 | if (BN_bin2bn(buf,num,f) == NULL) goto err; |
| 294 | 421 | ||
| 295 | if (BN_ucmp(&f, rsa->n) >= 0) | 422 | if (BN_ucmp(f, rsa->n) >= 0) |
| 296 | { | 423 | { |
| 297 | /* usually the padding functions would catch this */ | 424 | /* usually the padding functions would catch this */ |
| 298 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | 425 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); |
| 299 | goto err; | 426 | goto err; |
| 300 | } | 427 | } |
| 301 | 428 | ||
| 302 | BLINDING_HELPER(rsa, ctx, goto err;); | ||
| 303 | blinding = rsa->blinding; | ||
| 304 | |||
| 305 | /* Now unless blinding is disabled, 'blinding' is non-NULL. | ||
| 306 | * But the BN_BLINDING object may be owned by some other thread | ||
| 307 | * (we don't want to keep it constant and we don't want to use | ||
| 308 | * lots of locking to avoid race conditions, so only a single | ||
| 309 | * thread can use it; other threads have to use local blinding | ||
| 310 | * factors) */ | ||
| 311 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) | 429 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) |
| 312 | { | 430 | { |
| 431 | blinding = rsa_get_blinding(rsa, &local_blinding, ctx); | ||
| 313 | if (blinding == NULL) | 432 | if (blinding == NULL) |
| 314 | { | 433 | { |
| 315 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR); | 434 | RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR); |
| @@ -318,20 +437,8 @@ static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fr | |||
| 318 | } | 437 | } |
| 319 | 438 | ||
| 320 | if (blinding != NULL) | 439 | if (blinding != NULL) |
| 321 | { | 440 | if (!rsa_blinding_convert(blinding, local_blinding, f, br, ctx)) |
| 322 | if (blinding->thread_id != CRYPTO_thread_id()) | 441 | goto err; |
| 323 | { | ||
| 324 | /* we need a local one-time blinding factor */ | ||
| 325 | |||
| 326 | blinding = setup_blinding(rsa, ctx); | ||
| 327 | if (blinding == NULL) | ||
| 328 | goto err; | ||
| 329 | local_blinding = 1; | ||
| 330 | } | ||
| 331 | } | ||
| 332 | |||
| 333 | if (blinding) | ||
| 334 | if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; | ||
| 335 | 442 | ||
| 336 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || | 443 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || |
| 337 | ((rsa->p != NULL) && | 444 | ((rsa->p != NULL) && |
| @@ -339,29 +446,58 @@ static int RSA_eay_private_encrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fr | |||
| 339 | (rsa->dmp1 != NULL) && | 446 | (rsa->dmp1 != NULL) && |
| 340 | (rsa->dmq1 != NULL) && | 447 | (rsa->dmq1 != NULL) && |
| 341 | (rsa->iqmp != NULL)) ) | 448 | (rsa->iqmp != NULL)) ) |
| 342 | { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } | 449 | { |
| 450 | if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err; | ||
| 451 | } | ||
| 343 | else | 452 | else |
| 344 | { | 453 | { |
| 345 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; | 454 | BIGNUM local_d; |
| 455 | BIGNUM *d = NULL; | ||
| 456 | |||
| 457 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 458 | { | ||
| 459 | BN_init(&local_d); | ||
| 460 | d = &local_d; | ||
| 461 | BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); | ||
| 462 | } | ||
| 463 | else | ||
| 464 | d = rsa->d; | ||
| 465 | |||
| 466 | MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | ||
| 467 | |||
| 468 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, | ||
| 469 | rsa->_method_mod_n)) goto err; | ||
| 346 | } | 470 | } |
| 347 | 471 | ||
| 348 | if (blinding) | 472 | if (blinding) |
| 349 | if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; | 473 | if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx)) |
| 474 | goto err; | ||
| 475 | |||
| 476 | if (padding == RSA_X931_PADDING) | ||
| 477 | { | ||
| 478 | BN_sub(f, rsa->n, ret); | ||
| 479 | if (BN_cmp(ret, f)) | ||
| 480 | res = f; | ||
| 481 | else | ||
| 482 | res = ret; | ||
| 483 | } | ||
| 484 | else | ||
| 485 | res = ret; | ||
| 350 | 486 | ||
| 351 | /* put in leading 0 bytes if the number is less than the | 487 | /* put in leading 0 bytes if the number is less than the |
| 352 | * length of the modulus */ | 488 | * length of the modulus */ |
| 353 | j=BN_num_bytes(&ret); | 489 | j=BN_num_bytes(res); |
| 354 | i=BN_bn2bin(&ret,&(to[num-j])); | 490 | i=BN_bn2bin(res,&(to[num-j])); |
| 355 | for (k=0; k<(num-i); k++) | 491 | for (k=0; k<(num-i); k++) |
| 356 | to[k]=0; | 492 | to[k]=0; |
| 357 | 493 | ||
| 358 | r=num; | 494 | r=num; |
| 359 | err: | 495 | err: |
| 360 | if (ctx != NULL) BN_CTX_free(ctx); | 496 | if (ctx != NULL) |
| 361 | BN_clear_free(&ret); | 497 | { |
| 362 | BN_clear_free(&f); | 498 | BN_CTX_end(ctx); |
| 363 | if (local_blinding) | 499 | BN_CTX_free(ctx); |
| 364 | BN_BLINDING_free(blinding); | 500 | } |
| 365 | if (buf != NULL) | 501 | if (buf != NULL) |
| 366 | { | 502 | { |
| 367 | OPENSSL_cleanse(buf,num); | 503 | OPENSSL_cleanse(buf,num); |
| @@ -370,10 +506,10 @@ err: | |||
| 370 | return(r); | 506 | return(r); |
| 371 | } | 507 | } |
| 372 | 508 | ||
| 373 | static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | 509 | static int RSA_eay_private_decrypt(int flen, const unsigned char *from, |
| 374 | unsigned char *to, RSA *rsa, int padding) | 510 | unsigned char *to, RSA *rsa, int padding) |
| 375 | { | 511 | { |
| 376 | BIGNUM f,ret; | 512 | BIGNUM *f, *ret, *br; |
| 377 | int j,num=0,r= -1; | 513 | int j,num=0,r= -1; |
| 378 | unsigned char *p; | 514 | unsigned char *p; |
| 379 | unsigned char *buf=NULL; | 515 | unsigned char *buf=NULL; |
| @@ -381,14 +517,26 @@ static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fr | |||
| 381 | int local_blinding = 0; | 517 | int local_blinding = 0; |
| 382 | BN_BLINDING *blinding = NULL; | 518 | BN_BLINDING *blinding = NULL; |
| 383 | 519 | ||
| 384 | BN_init(&f); | 520 | if(FIPS_selftest_failed()) |
| 385 | BN_init(&ret); | 521 | { |
| 386 | ctx=BN_CTX_new(); | 522 | FIPSerr(FIPS_F_RSA_EAY_PRIVATE_DECRYPT,FIPS_R_FIPS_SELFTEST_FAILED); |
| 387 | if (ctx == NULL) goto err; | 523 | goto err; |
| 524 | } | ||
| 388 | 525 | ||
| 389 | num=BN_num_bytes(rsa->n); | 526 | if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) |
| 527 | { | ||
| 528 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL); | ||
| 529 | return -1; | ||
| 530 | } | ||
| 390 | 531 | ||
| 391 | if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) | 532 | if((ctx = BN_CTX_new()) == NULL) goto err; |
| 533 | BN_CTX_start(ctx); | ||
| 534 | f = BN_CTX_get(ctx); | ||
| 535 | br = BN_CTX_get(ctx); | ||
| 536 | ret = BN_CTX_get(ctx); | ||
| 537 | num = BN_num_bytes(rsa->n); | ||
| 538 | buf = OPENSSL_malloc(num); | ||
| 539 | if(!f || !ret || !buf) | ||
| 392 | { | 540 | { |
| 393 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); | 541 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); |
| 394 | goto err; | 542 | goto err; |
| @@ -403,25 +551,17 @@ static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fr | |||
| 403 | } | 551 | } |
| 404 | 552 | ||
| 405 | /* make data into a big number */ | 553 | /* make data into a big number */ |
| 406 | if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err; | 554 | if (BN_bin2bn(from,(int)flen,f) == NULL) goto err; |
| 407 | 555 | ||
| 408 | if (BN_ucmp(&f, rsa->n) >= 0) | 556 | if (BN_ucmp(f, rsa->n) >= 0) |
| 409 | { | 557 | { |
| 410 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | 558 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); |
| 411 | goto err; | 559 | goto err; |
| 412 | } | 560 | } |
| 413 | 561 | ||
| 414 | BLINDING_HELPER(rsa, ctx, goto err;); | ||
| 415 | blinding = rsa->blinding; | ||
| 416 | |||
| 417 | /* Now unless blinding is disabled, 'blinding' is non-NULL. | ||
| 418 | * But the BN_BLINDING object may be owned by some other thread | ||
| 419 | * (we don't want to keep it constant and we don't want to use | ||
| 420 | * lots of locking to avoid race conditions, so only a single | ||
| 421 | * thread can use it; other threads have to use local blinding | ||
| 422 | * factors) */ | ||
| 423 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) | 562 | if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) |
| 424 | { | 563 | { |
| 564 | blinding = rsa_get_blinding(rsa, &local_blinding, ctx); | ||
| 425 | if (blinding == NULL) | 565 | if (blinding == NULL) |
| 426 | { | 566 | { |
| 427 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR); | 567 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR); |
| @@ -430,20 +570,8 @@ static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fr | |||
| 430 | } | 570 | } |
| 431 | 571 | ||
| 432 | if (blinding != NULL) | 572 | if (blinding != NULL) |
| 433 | { | 573 | if (!rsa_blinding_convert(blinding, local_blinding, f, br, ctx)) |
| 434 | if (blinding->thread_id != CRYPTO_thread_id()) | 574 | goto err; |
| 435 | { | ||
| 436 | /* we need a local one-time blinding factor */ | ||
| 437 | |||
| 438 | blinding = setup_blinding(rsa, ctx); | ||
| 439 | if (blinding == NULL) | ||
| 440 | goto err; | ||
| 441 | local_blinding = 1; | ||
| 442 | } | ||
| 443 | } | ||
| 444 | |||
| 445 | if (blinding) | ||
| 446 | if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; | ||
| 447 | 575 | ||
| 448 | /* do the decrypt */ | 576 | /* do the decrypt */ |
| 449 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || | 577 | if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || |
| @@ -452,18 +580,34 @@ static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fr | |||
| 452 | (rsa->dmp1 != NULL) && | 580 | (rsa->dmp1 != NULL) && |
| 453 | (rsa->dmq1 != NULL) && | 581 | (rsa->dmq1 != NULL) && |
| 454 | (rsa->iqmp != NULL)) ) | 582 | (rsa->iqmp != NULL)) ) |
| 455 | { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } | 583 | { |
| 584 | if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err; | ||
| 585 | } | ||
| 456 | else | 586 | else |
| 457 | { | 587 | { |
| 458 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) | 588 | BIGNUM local_d; |
| 459 | goto err; | 589 | BIGNUM *d = NULL; |
| 590 | |||
| 591 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 592 | { | ||
| 593 | d = &local_d; | ||
| 594 | BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); | ||
| 595 | } | ||
| 596 | else | ||
| 597 | d = rsa->d; | ||
| 598 | |||
| 599 | MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | ||
| 600 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, | ||
| 601 | rsa->_method_mod_n)) | ||
| 602 | goto err; | ||
| 460 | } | 603 | } |
| 461 | 604 | ||
| 462 | if (blinding) | 605 | if (blinding) |
| 463 | if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; | 606 | if (!rsa_blinding_invert(blinding, local_blinding, ret, br, ctx)) |
| 607 | goto err; | ||
| 464 | 608 | ||
| 465 | p=buf; | 609 | p=buf; |
| 466 | j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ | 610 | j=BN_bn2bin(ret,p); /* j is only used with no-padding mode */ |
| 467 | 611 | ||
| 468 | switch (padding) | 612 | switch (padding) |
| 469 | { | 613 | { |
| @@ -489,11 +633,11 @@ static int RSA_eay_private_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fr | |||
| 489 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED); | 633 | RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED); |
| 490 | 634 | ||
| 491 | err: | 635 | err: |
| 492 | if (ctx != NULL) BN_CTX_free(ctx); | 636 | if (ctx != NULL) |
| 493 | BN_clear_free(&f); | 637 | { |
| 494 | BN_clear_free(&ret); | 638 | BN_CTX_end(ctx); |
| 495 | if (local_blinding) | 639 | BN_CTX_free(ctx); |
| 496 | BN_BLINDING_free(blinding); | 640 | } |
| 497 | if (buf != NULL) | 641 | if (buf != NULL) |
| 498 | { | 642 | { |
| 499 | OPENSSL_cleanse(buf,num); | 643 | OPENSSL_cleanse(buf,num); |
| @@ -503,23 +647,56 @@ err: | |||
| 503 | } | 647 | } |
| 504 | 648 | ||
| 505 | /* signature verification */ | 649 | /* signature verification */ |
| 506 | static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *from, | 650 | static int RSA_eay_public_decrypt(int flen, const unsigned char *from, |
| 507 | unsigned char *to, RSA *rsa, int padding) | 651 | unsigned char *to, RSA *rsa, int padding) |
| 508 | { | 652 | { |
| 509 | BIGNUM f,ret; | 653 | BIGNUM *f,*ret; |
| 510 | int i,num=0,r= -1; | 654 | int i,num=0,r= -1; |
| 511 | unsigned char *p; | 655 | unsigned char *p; |
| 512 | unsigned char *buf=NULL; | 656 | unsigned char *buf=NULL; |
| 513 | BN_CTX *ctx=NULL; | 657 | BN_CTX *ctx=NULL; |
| 514 | 658 | ||
| 515 | BN_init(&f); | 659 | if(FIPS_selftest_failed()) |
| 516 | BN_init(&ret); | 660 | { |
| 517 | ctx=BN_CTX_new(); | 661 | FIPSerr(FIPS_F_RSA_EAY_PUBLIC_DECRYPT,FIPS_R_FIPS_SELFTEST_FAILED); |
| 518 | if (ctx == NULL) goto err; | 662 | goto err; |
| 663 | } | ||
| 664 | |||
| 665 | if (FIPS_mode() && (BN_num_bits(rsa->n) < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) | ||
| 666 | { | ||
| 667 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_KEY_SIZE_TOO_SMALL); | ||
| 668 | return -1; | ||
| 669 | } | ||
| 670 | |||
| 671 | if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) | ||
| 672 | { | ||
| 673 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE); | ||
| 674 | return -1; | ||
| 675 | } | ||
| 676 | |||
| 677 | if (BN_ucmp(rsa->n, rsa->e) <= 0) | ||
| 678 | { | ||
| 679 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE); | ||
| 680 | return -1; | ||
| 681 | } | ||
| 519 | 682 | ||
| 683 | /* for large moduli, enforce exponent limit */ | ||
| 684 | if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) | ||
| 685 | { | ||
| 686 | if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) | ||
| 687 | { | ||
| 688 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE); | ||
| 689 | return -1; | ||
| 690 | } | ||
| 691 | } | ||
| 692 | |||
| 693 | if((ctx = BN_CTX_new()) == NULL) goto err; | ||
| 694 | BN_CTX_start(ctx); | ||
| 695 | f = BN_CTX_get(ctx); | ||
| 696 | ret = BN_CTX_get(ctx); | ||
| 520 | num=BN_num_bytes(rsa->n); | 697 | num=BN_num_bytes(rsa->n); |
| 521 | buf=(unsigned char *)OPENSSL_malloc(num); | 698 | buf = OPENSSL_malloc(num); |
| 522 | if (buf == NULL) | 699 | if(!f || !ret || !buf) |
| 523 | { | 700 | { |
| 524 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); | 701 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); |
| 525 | goto err; | 702 | goto err; |
| @@ -533,50 +710,33 @@ static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fro | |||
| 533 | goto err; | 710 | goto err; |
| 534 | } | 711 | } |
| 535 | 712 | ||
| 536 | if (BN_bin2bn(from,flen,&f) == NULL) goto err; | 713 | if (BN_bin2bn(from,flen,f) == NULL) goto err; |
| 537 | 714 | ||
| 538 | if (BN_ucmp(&f, rsa->n) >= 0) | 715 | if (BN_ucmp(f, rsa->n) >= 0) |
| 539 | { | 716 | { |
| 540 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); | 717 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); |
| 541 | goto err; | 718 | goto err; |
| 542 | } | 719 | } |
| 543 | 720 | ||
| 544 | /* do the decrypt */ | 721 | MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); |
| 545 | if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) | 722 | |
| 546 | { | 723 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, |
| 547 | BN_MONT_CTX* bn_mont_ctx; | ||
| 548 | if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) | ||
| 549 | goto err; | ||
| 550 | if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx)) | ||
| 551 | { | ||
| 552 | BN_MONT_CTX_free(bn_mont_ctx); | ||
| 553 | goto err; | ||
| 554 | } | ||
| 555 | if (rsa->_method_mod_n == NULL) /* other thread may have finished first */ | ||
| 556 | { | ||
| 557 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | ||
| 558 | if (rsa->_method_mod_n == NULL) | ||
| 559 | { | ||
| 560 | rsa->_method_mod_n = bn_mont_ctx; | ||
| 561 | bn_mont_ctx = NULL; | ||
| 562 | } | ||
| 563 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | ||
| 564 | } | ||
| 565 | if (bn_mont_ctx) | ||
| 566 | BN_MONT_CTX_free(bn_mont_ctx); | ||
| 567 | } | ||
| 568 | |||
| 569 | if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, | ||
| 570 | rsa->_method_mod_n)) goto err; | 724 | rsa->_method_mod_n)) goto err; |
| 571 | 725 | ||
| 726 | if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12)) | ||
| 727 | BN_sub(ret, rsa->n, ret); | ||
| 728 | |||
| 572 | p=buf; | 729 | p=buf; |
| 573 | i=BN_bn2bin(&ret,p); | 730 | i=BN_bn2bin(ret,p); |
| 574 | 731 | ||
| 575 | switch (padding) | 732 | switch (padding) |
| 576 | { | 733 | { |
| 577 | case RSA_PKCS1_PADDING: | 734 | case RSA_PKCS1_PADDING: |
| 578 | r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); | 735 | r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); |
| 579 | break; | 736 | break; |
| 737 | case RSA_X931_PADDING: | ||
| 738 | r=RSA_padding_check_X931(to,num,buf,i,num); | ||
| 739 | break; | ||
| 580 | case RSA_NO_PADDING: | 740 | case RSA_NO_PADDING: |
| 581 | r=RSA_padding_check_none(to,num,buf,i,num); | 741 | r=RSA_padding_check_none(to,num,buf,i,num); |
| 582 | break; | 742 | break; |
| @@ -588,9 +748,11 @@ static int RSA_eay_public_decrypt(FIPS_RSA_SIZE_T flen, const unsigned char *fro | |||
| 588 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED); | 748 | RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED); |
| 589 | 749 | ||
| 590 | err: | 750 | err: |
| 591 | if (ctx != NULL) BN_CTX_free(ctx); | 751 | if (ctx != NULL) |
| 592 | BN_clear_free(&f); | 752 | { |
| 593 | BN_clear_free(&ret); | 753 | BN_CTX_end(ctx); |
| 754 | BN_CTX_free(ctx); | ||
| 755 | } | ||
| 594 | if (buf != NULL) | 756 | if (buf != NULL) |
| 595 | { | 757 | { |
| 596 | OPENSSL_cleanse(buf,num); | 758 | OPENSSL_cleanse(buf,num); |
| @@ -599,84 +761,109 @@ err: | |||
| 599 | return(r); | 761 | return(r); |
| 600 | } | 762 | } |
| 601 | 763 | ||
| 602 | static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | 764 | static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) |
| 603 | { | 765 | { |
| 604 | BIGNUM r1,m1,vrfy; | 766 | BIGNUM *r1,*m1,*vrfy; |
| 767 | BIGNUM local_dmp1,local_dmq1,local_c,local_r1; | ||
| 768 | BIGNUM *dmp1,*dmq1,*c,*pr1; | ||
| 769 | int bn_flags; | ||
| 605 | int ret=0; | 770 | int ret=0; |
| 606 | BN_CTX *ctx; | ||
| 607 | 771 | ||
| 608 | BN_init(&m1); | 772 | BN_CTX_start(ctx); |
| 609 | BN_init(&r1); | 773 | r1 = BN_CTX_get(ctx); |
| 610 | BN_init(&vrfy); | 774 | m1 = BN_CTX_get(ctx); |
| 611 | if ((ctx=BN_CTX_new()) == NULL) goto err; | 775 | vrfy = BN_CTX_get(ctx); |
| 776 | |||
| 777 | /* Make sure mod_inverse in montgomerey intialization use correct | ||
| 778 | * BN_FLG_CONSTTIME flag. | ||
| 779 | */ | ||
| 780 | bn_flags = rsa->p->flags; | ||
| 781 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 782 | { | ||
| 783 | rsa->p->flags |= BN_FLG_CONSTTIME; | ||
| 784 | } | ||
| 785 | MONT_HELPER(rsa, ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); | ||
| 786 | /* We restore bn_flags back */ | ||
| 787 | rsa->p->flags = bn_flags; | ||
| 612 | 788 | ||
| 613 | if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) | 789 | /* Make sure mod_inverse in montgomerey intialization use correct |
| 790 | * BN_FLG_CONSTTIME flag. | ||
| 791 | */ | ||
| 792 | bn_flags = rsa->q->flags; | ||
| 793 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 614 | { | 794 | { |
| 615 | if (rsa->_method_mod_p == NULL) | 795 | rsa->q->flags |= BN_FLG_CONSTTIME; |
| 616 | { | 796 | } |
| 617 | BN_MONT_CTX* bn_mont_ctx; | 797 | MONT_HELPER(rsa, ctx, q, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); |
| 618 | if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) | 798 | /* We restore bn_flags back */ |
| 619 | goto err; | 799 | rsa->q->flags = bn_flags; |
| 620 | if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->p,ctx)) | ||
| 621 | { | ||
| 622 | BN_MONT_CTX_free(bn_mont_ctx); | ||
| 623 | goto err; | ||
| 624 | } | ||
| 625 | if (rsa->_method_mod_p == NULL) /* other thread may have finished first */ | ||
| 626 | { | ||
| 627 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | ||
| 628 | if (rsa->_method_mod_p == NULL) | ||
| 629 | { | ||
| 630 | rsa->_method_mod_p = bn_mont_ctx; | ||
| 631 | bn_mont_ctx = NULL; | ||
| 632 | } | ||
| 633 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | ||
| 634 | } | ||
| 635 | if (bn_mont_ctx) | ||
| 636 | BN_MONT_CTX_free(bn_mont_ctx); | ||
| 637 | } | ||
| 638 | 800 | ||
| 639 | if (rsa->_method_mod_q == NULL) | 801 | MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); |
| 640 | { | 802 | |
| 641 | BN_MONT_CTX* bn_mont_ctx; | 803 | /* compute I mod q */ |
| 642 | if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL) | 804 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 643 | goto err; | 805 | { |
| 644 | if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->q,ctx)) | 806 | c = &local_c; |
| 645 | { | 807 | BN_with_flags(c, I, BN_FLG_CONSTTIME); |
| 646 | BN_MONT_CTX_free(bn_mont_ctx); | 808 | if (!BN_mod(r1,c,rsa->q,ctx)) goto err; |
| 647 | goto err; | ||
| 648 | } | ||
| 649 | if (rsa->_method_mod_q == NULL) /* other thread may have finished first */ | ||
| 650 | { | ||
| 651 | CRYPTO_w_lock(CRYPTO_LOCK_RSA); | ||
| 652 | if (rsa->_method_mod_q == NULL) | ||
| 653 | { | ||
| 654 | rsa->_method_mod_q = bn_mont_ctx; | ||
| 655 | bn_mont_ctx = NULL; | ||
| 656 | } | ||
| 657 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | ||
| 658 | } | ||
| 659 | if (bn_mont_ctx) | ||
| 660 | BN_MONT_CTX_free(bn_mont_ctx); | ||
| 661 | } | ||
| 662 | } | 809 | } |
| 663 | 810 | else | |
| 664 | if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; | 811 | { |
| 665 | if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx, | 812 | if (!BN_mod(r1,I,rsa->q,ctx)) goto err; |
| 813 | } | ||
| 814 | |||
| 815 | /* compute r1^dmq1 mod q */ | ||
| 816 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 817 | { | ||
| 818 | dmq1 = &local_dmq1; | ||
| 819 | BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME); | ||
| 820 | } | ||
| 821 | else | ||
| 822 | dmq1 = rsa->dmq1; | ||
| 823 | if (!rsa->meth->bn_mod_exp(m1,r1,dmq1,rsa->q,ctx, | ||
| 666 | rsa->_method_mod_q)) goto err; | 824 | rsa->_method_mod_q)) goto err; |
| 667 | 825 | ||
| 668 | if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; | 826 | /* compute I mod p */ |
| 669 | if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx, | 827 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 828 | { | ||
| 829 | c = &local_c; | ||
| 830 | BN_with_flags(c, I, BN_FLG_CONSTTIME); | ||
| 831 | if (!BN_mod(r1,c,rsa->p,ctx)) goto err; | ||
| 832 | } | ||
| 833 | else | ||
| 834 | { | ||
| 835 | if (!BN_mod(r1,I,rsa->p,ctx)) goto err; | ||
| 836 | } | ||
| 837 | |||
| 838 | /* compute r1^dmp1 mod p */ | ||
| 839 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 840 | { | ||
| 841 | dmp1 = &local_dmp1; | ||
| 842 | BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME); | ||
| 843 | } | ||
| 844 | else | ||
| 845 | dmp1 = rsa->dmp1; | ||
| 846 | if (!rsa->meth->bn_mod_exp(r0,r1,dmp1,rsa->p,ctx, | ||
| 670 | rsa->_method_mod_p)) goto err; | 847 | rsa->_method_mod_p)) goto err; |
| 671 | 848 | ||
| 672 | if (!BN_sub(r0,r0,&m1)) goto err; | 849 | if (!BN_sub(r0,r0,m1)) goto err; |
| 673 | /* This will help stop the size of r0 increasing, which does | 850 | /* This will help stop the size of r0 increasing, which does |
| 674 | * affect the multiply if it optimised for a power of 2 size */ | 851 | * affect the multiply if it optimised for a power of 2 size */ |
| 675 | if (r0->neg) | 852 | if (BN_is_negative(r0)) |
| 676 | if (!BN_add(r0,r0,rsa->p)) goto err; | 853 | if (!BN_add(r0,r0,rsa->p)) goto err; |
| 677 | 854 | ||
| 678 | if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; | 855 | if (!BN_mul(r1,r0,rsa->iqmp,ctx)) goto err; |
| 679 | if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; | 856 | |
| 857 | /* Turn BN_FLG_CONSTTIME flag on before division operation */ | ||
| 858 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 859 | { | ||
| 860 | pr1 = &local_r1; | ||
| 861 | BN_with_flags(pr1, r1, BN_FLG_CONSTTIME); | ||
| 862 | } | ||
| 863 | else | ||
| 864 | pr1 = r1; | ||
| 865 | if (!BN_mod(r0,pr1,rsa->p,ctx)) goto err; | ||
| 866 | |||
| 680 | /* If p < q it is occasionally possible for the correction of | 867 | /* If p < q it is occasionally possible for the correction of |
| 681 | * adding 'p' if r0 is negative above to leave the result still | 868 | * adding 'p' if r0 is negative above to leave the result still |
| 682 | * negative. This can break the private key operations: the following | 869 | * negative. This can break the private key operations: the following |
| @@ -684,39 +871,51 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) | |||
| 684 | * This will *never* happen with OpenSSL generated keys because | 871 | * This will *never* happen with OpenSSL generated keys because |
| 685 | * they ensure p > q [steve] | 872 | * they ensure p > q [steve] |
| 686 | */ | 873 | */ |
| 687 | if (r0->neg) | 874 | if (BN_is_negative(r0)) |
| 688 | if (!BN_add(r0,r0,rsa->p)) goto err; | 875 | if (!BN_add(r0,r0,rsa->p)) goto err; |
| 689 | if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; | 876 | if (!BN_mul(r1,r0,rsa->q,ctx)) goto err; |
| 690 | if (!BN_add(r0,&r1,&m1)) goto err; | 877 | if (!BN_add(r0,r1,m1)) goto err; |
| 691 | 878 | ||
| 692 | if (rsa->e && rsa->n) | 879 | if (rsa->e && rsa->n) |
| 693 | { | 880 | { |
| 694 | if (!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err; | 881 | if (!rsa->meth->bn_mod_exp(vrfy,r0,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) goto err; |
| 695 | /* If 'I' was greater than (or equal to) rsa->n, the operation | 882 | /* If 'I' was greater than (or equal to) rsa->n, the operation |
| 696 | * will be equivalent to using 'I mod n'. However, the result of | 883 | * will be equivalent to using 'I mod n'. However, the result of |
| 697 | * the verify will *always* be less than 'n' so we don't check | 884 | * the verify will *always* be less than 'n' so we don't check |
| 698 | * for absolute equality, just congruency. */ | 885 | * for absolute equality, just congruency. */ |
| 699 | if (!BN_sub(&vrfy, &vrfy, I)) goto err; | 886 | if (!BN_sub(vrfy, vrfy, I)) goto err; |
| 700 | if (!BN_mod(&vrfy, &vrfy, rsa->n, ctx)) goto err; | 887 | if (!BN_mod(vrfy, vrfy, rsa->n, ctx)) goto err; |
| 701 | if (vrfy.neg) | 888 | if (BN_is_negative(vrfy)) |
| 702 | if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err; | 889 | if (!BN_add(vrfy, vrfy, rsa->n)) goto err; |
| 703 | if (!BN_is_zero(&vrfy)) | 890 | if (!BN_is_zero(vrfy)) |
| 891 | { | ||
| 704 | /* 'I' and 'vrfy' aren't congruent mod n. Don't leak | 892 | /* 'I' and 'vrfy' aren't congruent mod n. Don't leak |
| 705 | * miscalculated CRT output, just do a raw (slower) | 893 | * miscalculated CRT output, just do a raw (slower) |
| 706 | * mod_exp and return that instead. */ | 894 | * mod_exp and return that instead. */ |
| 707 | if (!rsa->meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err; | 895 | |
| 896 | BIGNUM local_d; | ||
| 897 | BIGNUM *d = NULL; | ||
| 898 | |||
| 899 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | ||
| 900 | { | ||
| 901 | d = &local_d; | ||
| 902 | BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); | ||
| 903 | } | ||
| 904 | else | ||
| 905 | d = rsa->d; | ||
| 906 | if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx, | ||
| 907 | rsa->_method_mod_n)) goto err; | ||
| 908 | } | ||
| 708 | } | 909 | } |
| 709 | ret=1; | 910 | ret=1; |
| 710 | err: | 911 | err: |
| 711 | BN_clear_free(&m1); | 912 | BN_CTX_end(ctx); |
| 712 | BN_clear_free(&r1); | ||
| 713 | BN_clear_free(&vrfy); | ||
| 714 | BN_CTX_free(ctx); | ||
| 715 | return(ret); | 913 | return(ret); |
| 716 | } | 914 | } |
| 717 | 915 | ||
| 718 | static int RSA_eay_init(RSA *rsa) | 916 | static int RSA_eay_init(RSA *rsa) |
| 719 | { | 917 | { |
| 918 | FIPS_selftest_check(); | ||
| 720 | rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE; | 919 | rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE; |
| 721 | return(1); | 920 | return(1); |
| 722 | } | 921 | } |
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_gen.c b/src/lib/libssl/src/fips/rsa/fips_rsa_gen.c index 2c92112477..90aaa2f095 100644 --- a/src/lib/libssl/src/fips/rsa/fips_rsa_gen.c +++ b/src/lib/libssl/src/fips/rsa/fips_rsa_gen.c | |||
| @@ -56,72 +56,126 @@ | |||
| 56 | * [including the GNU Public Licence.] | 56 | * [including the GNU Public Licence.] |
| 57 | */ | 57 | */ |
| 58 | 58 | ||
| 59 | |||
| 60 | /* NB: these functions have been "upgraded", the deprecated versions (which are | ||
| 61 | * compatibility wrappers using these functions) are in rsa_depr.c. | ||
| 62 | * - Geoff | ||
| 63 | */ | ||
| 64 | |||
| 59 | #include <stdio.h> | 65 | #include <stdio.h> |
| 60 | #include <string.h> | ||
| 61 | #include <time.h> | 66 | #include <time.h> |
| 62 | #include <openssl/err.h> | 67 | #include <string.h> |
| 68 | #include <openssl/crypto.h> | ||
| 63 | #include <openssl/bn.h> | 69 | #include <openssl/bn.h> |
| 64 | #include <openssl/rsa.h> | 70 | #include <openssl/rsa.h> |
| 71 | #include <openssl/err.h> | ||
| 72 | #include <openssl/evp.h> | ||
| 65 | #include <openssl/fips.h> | 73 | #include <openssl/fips.h> |
| 74 | #include "fips_locl.h" | ||
| 66 | 75 | ||
| 67 | #ifdef OPENSSL_FIPS | 76 | #ifdef OPENSSL_FIPS |
| 68 | 77 | ||
| 69 | static int fips_check_rsa(RSA *rsa) | 78 | static int fips_rsa_pairwise_fail = 0; |
| 70 | { | 79 | |
| 71 | int n; | 80 | void FIPS_corrupt_rsa_keygen(void) |
| 72 | unsigned char ctext[256]; | ||
| 73 | unsigned char ptext[256]; | ||
| 74 | /* The longest we can have with OAEP padding and a 512 bit key */ | ||
| 75 | static unsigned char original_ptext[] = | ||
| 76 | "\x01\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0" | ||
| 77 | "\x23\x45\x67\x89\xab\xcd"; | ||
| 78 | |||
| 79 | /* this will fail for keys shorter than 512 bits */ | ||
| 80 | n=RSA_public_encrypt(sizeof(original_ptext)-1,original_ptext,ctext,rsa, | ||
| 81 | RSA_PKCS1_OAEP_PADDING); | ||
| 82 | if(n < 0) | ||
| 83 | { | 81 | { |
| 84 | ERR_print_errors_fp(stderr); | 82 | fips_rsa_pairwise_fail = 1; |
| 85 | exit(1); | ||
| 86 | } | 83 | } |
| 87 | if(!memcmp(ctext,original_ptext,n)) | 84 | |
| 88 | { | 85 | int fips_check_rsa(RSA *rsa) |
| 89 | FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); | ||
| 90 | return 0; | ||
| 91 | } | ||
| 92 | n=RSA_private_decrypt(n,ctext,ptext,rsa,RSA_PKCS1_OAEP_PADDING); | ||
| 93 | if(n < 0) | ||
| 94 | { | 86 | { |
| 95 | ERR_print_errors_fp(stderr); | 87 | const unsigned char tbs[] = "RSA Pairwise Check Data"; |
| 96 | exit(1); | 88 | unsigned char *ctbuf = NULL, *ptbuf = NULL; |
| 89 | int len, ret = 0; | ||
| 90 | EVP_PKEY pk; | ||
| 91 | pk.type = EVP_PKEY_RSA; | ||
| 92 | pk.pkey.rsa = rsa; | ||
| 93 | |||
| 94 | /* Perform pairwise consistency signature test */ | ||
| 95 | if (!fips_pkey_signature_test(&pk, tbs, -1, | ||
| 96 | NULL, 0, EVP_sha1(), EVP_MD_CTX_FLAG_PAD_PKCS1, NULL) | ||
| 97 | || !fips_pkey_signature_test(&pk, tbs, -1, | ||
| 98 | NULL, 0, EVP_sha1(), EVP_MD_CTX_FLAG_PAD_X931, NULL) | ||
| 99 | || !fips_pkey_signature_test(&pk, tbs, -1, | ||
| 100 | NULL, 0, EVP_sha1(), EVP_MD_CTX_FLAG_PAD_PSS, NULL)) | ||
| 101 | goto err; | ||
| 102 | /* Now perform pairwise consistency encrypt/decrypt test */ | ||
| 103 | ctbuf = OPENSSL_malloc(RSA_size(rsa)); | ||
| 104 | if (!ctbuf) | ||
| 105 | goto err; | ||
| 106 | |||
| 107 | len = RSA_public_encrypt(sizeof(tbs) - 1, tbs, ctbuf, rsa, RSA_PKCS1_PADDING); | ||
| 108 | if (len <= 0) | ||
| 109 | goto err; | ||
| 110 | /* Check ciphertext doesn't match plaintext */ | ||
| 111 | if ((len == (sizeof(tbs) - 1)) && !memcmp(tbs, ctbuf, len)) | ||
| 112 | goto err; | ||
| 113 | ptbuf = OPENSSL_malloc(RSA_size(rsa)); | ||
| 114 | |||
| 115 | if (!ptbuf) | ||
| 116 | goto err; | ||
| 117 | len = RSA_private_decrypt(len, ctbuf, ptbuf, rsa, RSA_PKCS1_PADDING); | ||
| 118 | if (len != (sizeof(tbs) - 1)) | ||
| 119 | goto err; | ||
| 120 | if (memcmp(ptbuf, tbs, len)) | ||
| 121 | goto err; | ||
| 122 | |||
| 123 | ret = 1; | ||
| 124 | |||
| 125 | if (!ptbuf) | ||
| 126 | goto err; | ||
| 127 | |||
| 128 | err: | ||
| 129 | if (ret == 0) | ||
| 130 | { | ||
| 131 | fips_set_selftest_fail(); | ||
| 132 | FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); | ||
| 133 | } | ||
| 134 | |||
| 135 | if (ctbuf) | ||
| 136 | OPENSSL_free(ctbuf); | ||
| 137 | if (ptbuf) | ||
| 138 | OPENSSL_free(ptbuf); | ||
| 139 | |||
| 140 | return ret; | ||
| 97 | } | 141 | } |
| 98 | if(n != sizeof(original_ptext)-1 || memcmp(ptext,original_ptext,n)) | 142 | |
| 143 | static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); | ||
| 144 | |||
| 145 | /* NB: this wrapper would normally be placed in rsa_lib.c and the static | ||
| 146 | * implementation would probably be in rsa_eay.c. Nonetheless, is kept here so | ||
| 147 | * that we don't introduce a new linker dependency. Eg. any application that | ||
| 148 | * wasn't previously linking object code related to key-generation won't have to | ||
| 149 | * now just because key-generation is part of RSA_METHOD. */ | ||
| 150 | int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) | ||
| 99 | { | 151 | { |
| 100 | FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED); | 152 | if(rsa->meth->rsa_keygen) |
| 101 | return 0; | 153 | return rsa->meth->rsa_keygen(rsa, bits, e_value, cb); |
| 154 | return rsa_builtin_keygen(rsa, bits, e_value, cb); | ||
| 102 | } | 155 | } |
| 103 | 156 | ||
| 104 | return 1; | 157 | static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) |
| 105 | } | ||
| 106 | |||
| 107 | RSA *RSA_generate_key(FIPS_RSA_SIZE_T bits, unsigned long e_value, | ||
| 108 | void (*callback)(int,int,void *), void *cb_arg) | ||
| 109 | { | 158 | { |
| 110 | RSA *rsa=NULL; | ||
| 111 | BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; | 159 | BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; |
| 112 | int bitsp,bitsq,ok= -1,n=0,i; | 160 | BIGNUM local_r0,local_d,local_p; |
| 113 | BN_CTX *ctx=NULL,*ctx2=NULL; | 161 | BIGNUM *pr0,*d,*p; |
| 162 | int bitsp,bitsq,ok= -1,n=0; | ||
| 163 | BN_CTX *ctx=NULL; | ||
| 114 | 164 | ||
| 115 | if(FIPS_selftest_failed()) | 165 | if(FIPS_selftest_failed()) |
| 116 | { | 166 | { |
| 117 | FIPSerr(FIPS_F_RSA_GENERATE_KEY,FIPS_R_FIPS_SELFTEST_FAILED); | 167 | FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_FIPS_SELFTEST_FAILED); |
| 118 | return NULL; | 168 | return 0; |
| 169 | } | ||
| 170 | |||
| 171 | if (FIPS_mode() && (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS)) | ||
| 172 | { | ||
| 173 | FIPSerr(FIPS_F_RSA_BUILTIN_KEYGEN,FIPS_R_KEY_TOO_SHORT); | ||
| 174 | return 0; | ||
| 119 | } | 175 | } |
| 120 | 176 | ||
| 121 | ctx=BN_CTX_new(); | 177 | ctx=BN_CTX_new(); |
| 122 | if (ctx == NULL) goto err; | 178 | if (ctx == NULL) goto err; |
| 123 | ctx2=BN_CTX_new(); | ||
| 124 | if (ctx2 == NULL) goto err; | ||
| 125 | BN_CTX_start(ctx); | 179 | BN_CTX_start(ctx); |
| 126 | r0 = BN_CTX_get(ctx); | 180 | r0 = BN_CTX_get(ctx); |
| 127 | r1 = BN_CTX_get(ctx); | 181 | r1 = BN_CTX_get(ctx); |
| @@ -131,49 +185,58 @@ RSA *RSA_generate_key(FIPS_RSA_SIZE_T bits, unsigned long e_value, | |||
| 131 | 185 | ||
| 132 | bitsp=(bits+1)/2; | 186 | bitsp=(bits+1)/2; |
| 133 | bitsq=bits-bitsp; | 187 | bitsq=bits-bitsp; |
| 134 | rsa=RSA_new(); | ||
| 135 | if (rsa == NULL) goto err; | ||
| 136 | 188 | ||
| 137 | /* set e */ | 189 | /* We need the RSA components non-NULL */ |
| 138 | rsa->e=BN_new(); | 190 | if(!rsa->n && ((rsa->n=BN_new()) == NULL)) goto err; |
| 139 | if (rsa->e == NULL) goto err; | 191 | if(!rsa->d && ((rsa->d=BN_new()) == NULL)) goto err; |
| 192 | if(!rsa->e && ((rsa->e=BN_new()) == NULL)) goto err; | ||
| 193 | if(!rsa->p && ((rsa->p=BN_new()) == NULL)) goto err; | ||
| 194 | if(!rsa->q && ((rsa->q=BN_new()) == NULL)) goto err; | ||
| 195 | if(!rsa->dmp1 && ((rsa->dmp1=BN_new()) == NULL)) goto err; | ||
| 196 | if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err; | ||
| 197 | if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err; | ||
| 140 | 198 | ||
| 141 | #if 1 | 199 | BN_copy(rsa->e, e_value); |
| 142 | /* The problem is when building with 8, 16, or 32 BN_ULONG, | ||
| 143 | * unsigned long can be larger */ | ||
| 144 | for (i=0; i<sizeof(unsigned long)*8; i++) | ||
| 145 | { | ||
| 146 | if (e_value & (1UL<<i)) | ||
| 147 | BN_set_bit(rsa->e,i); | ||
| 148 | } | ||
| 149 | #else | ||
| 150 | if (!BN_set_word(rsa->e,e_value)) goto err; | ||
| 151 | #endif | ||
| 152 | 200 | ||
| 153 | /* generate p and q */ | 201 | /* generate p and q */ |
| 154 | for (;;) | 202 | for (;;) |
| 155 | { | 203 | { |
| 156 | rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg); | 204 | if(!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)) |
| 157 | if (rsa->p == NULL) goto err; | 205 | goto err; |
| 158 | if (!BN_sub(r2,rsa->p,BN_value_one())) goto err; | 206 | if (!BN_sub(r2,rsa->p,BN_value_one())) goto err; |
| 159 | if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; | 207 | if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; |
| 160 | if (BN_is_one(r1)) break; | 208 | if (BN_is_one(r1)) break; |
| 161 | if (callback != NULL) callback(2,n++,cb_arg); | 209 | if(!BN_GENCB_call(cb, 2, n++)) |
| 162 | BN_free(rsa->p); | 210 | goto err; |
| 163 | } | 211 | } |
| 164 | if (callback != NULL) callback(3,0,cb_arg); | 212 | if(!BN_GENCB_call(cb, 3, 0)) |
| 213 | goto err; | ||
| 165 | for (;;) | 214 | for (;;) |
| 166 | { | 215 | { |
| 167 | rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg); | 216 | /* When generating ridiculously small keys, we can get stuck |
| 168 | if (rsa->q == NULL) goto err; | 217 | * continually regenerating the same prime values. Check for |
| 218 | * this and bail if it happens 3 times. */ | ||
| 219 | unsigned int degenerate = 0; | ||
| 220 | do | ||
| 221 | { | ||
| 222 | if(!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) | ||
| 223 | goto err; | ||
| 224 | } while((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3)); | ||
| 225 | if(degenerate == 3) | ||
| 226 | { | ||
| 227 | ok = 0; /* we set our own err */ | ||
| 228 | RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,RSA_R_KEY_SIZE_TOO_SMALL); | ||
| 229 | goto err; | ||
| 230 | } | ||
| 169 | if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; | 231 | if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; |
| 170 | if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; | 232 | if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; |
| 171 | if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0)) | 233 | if (BN_is_one(r1)) |
| 172 | break; | 234 | break; |
| 173 | if (callback != NULL) callback(2,n++,cb_arg); | 235 | if(!BN_GENCB_call(cb, 2, n++)) |
| 174 | BN_free(rsa->q); | 236 | goto err; |
| 175 | } | 237 | } |
| 176 | if (callback != NULL) callback(3,1,cb_arg); | 238 | if(!BN_GENCB_call(cb, 3, 1)) |
| 239 | goto err; | ||
| 177 | if (BN_cmp(rsa->p,rsa->q) < 0) | 240 | if (BN_cmp(rsa->p,rsa->q) < 0) |
| 178 | { | 241 | { |
| 179 | tmp=rsa->p; | 242 | tmp=rsa->p; |
| @@ -182,46 +245,48 @@ RSA *RSA_generate_key(FIPS_RSA_SIZE_T bits, unsigned long e_value, | |||
| 182 | } | 245 | } |
| 183 | 246 | ||
| 184 | /* calculate n */ | 247 | /* calculate n */ |
| 185 | rsa->n=BN_new(); | ||
| 186 | if (rsa->n == NULL) goto err; | ||
| 187 | if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; | 248 | if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; |
| 188 | 249 | ||
| 189 | /* calculate d */ | 250 | /* calculate d */ |
| 190 | if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */ | 251 | if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */ |
| 191 | if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */ | 252 | if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */ |
| 192 | if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */ | 253 | if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */ |
| 193 | 254 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | |
| 194 | /* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */ | ||
| 195 | /* for (;;) | ||
| 196 | { | 255 | { |
| 197 | if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err; | 256 | pr0 = &local_r0; |
| 198 | if (BN_is_one(r3)) break; | 257 | BN_with_flags(pr0, r0, BN_FLG_CONSTTIME); |
| 258 | } | ||
| 259 | else | ||
| 260 | pr0 = r0; | ||
| 261 | if (!BN_mod_inverse(rsa->d,rsa->e,pr0,ctx)) goto err; /* d */ | ||
| 199 | 262 | ||
| 200 | if (1) | 263 | /* set up d for correct BN_FLG_CONSTTIME flag */ |
| 201 | { | 264 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 202 | if (!BN_add_word(rsa->e,2L)) goto err; | 265 | { |
| 203 | continue; | 266 | d = &local_d; |
| 204 | } | 267 | BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); |
| 205 | RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE); | ||
| 206 | goto err; | ||
| 207 | } | 268 | } |
| 208 | */ | 269 | else |
| 209 | rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ | 270 | d = rsa->d; |
| 210 | if (rsa->d == NULL) goto err; | ||
| 211 | 271 | ||
| 212 | /* calculate d mod (p-1) */ | 272 | /* calculate d mod (p-1) */ |
| 213 | rsa->dmp1=BN_new(); | 273 | if (!BN_mod(rsa->dmp1,d,r1,ctx)) goto err; |
| 214 | if (rsa->dmp1 == NULL) goto err; | ||
| 215 | if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err; | ||
| 216 | 274 | ||
| 217 | /* calculate d mod (q-1) */ | 275 | /* calculate d mod (q-1) */ |
| 218 | rsa->dmq1=BN_new(); | 276 | if (!BN_mod(rsa->dmq1,d,r2,ctx)) goto err; |
| 219 | if (rsa->dmq1 == NULL) goto err; | ||
| 220 | if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err; | ||
| 221 | 277 | ||
| 222 | /* calculate inverse of q mod p */ | 278 | /* calculate inverse of q mod p */ |
| 223 | rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); | 279 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 224 | if (rsa->iqmp == NULL) goto err; | 280 | { |
| 281 | p = &local_p; | ||
| 282 | BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME); | ||
| 283 | } | ||
| 284 | else | ||
| 285 | p = rsa->p; | ||
| 286 | if (!BN_mod_inverse(rsa->iqmp,rsa->q,p,ctx)) goto err; | ||
| 287 | |||
| 288 | if (fips_rsa_pairwise_fail) | ||
| 289 | BN_add_word(rsa->n, 1); | ||
| 225 | 290 | ||
| 226 | if(!fips_check_rsa(rsa)) | 291 | if(!fips_check_rsa(rsa)) |
| 227 | goto err; | 292 | goto err; |
| @@ -230,20 +295,16 @@ RSA *RSA_generate_key(FIPS_RSA_SIZE_T bits, unsigned long e_value, | |||
| 230 | err: | 295 | err: |
| 231 | if (ok == -1) | 296 | if (ok == -1) |
| 232 | { | 297 | { |
| 233 | RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN); | 298 | RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,ERR_LIB_BN); |
| 234 | ok=0; | 299 | ok=0; |
| 235 | } | 300 | } |
| 236 | BN_CTX_end(ctx); | 301 | if (ctx != NULL) |
| 237 | BN_CTX_free(ctx); | ||
| 238 | BN_CTX_free(ctx2); | ||
| 239 | |||
| 240 | if (!ok) | ||
| 241 | { | 302 | { |
| 242 | if (rsa != NULL) RSA_free(rsa); | 303 | BN_CTX_end(ctx); |
| 243 | return(NULL); | 304 | BN_CTX_free(ctx); |
| 244 | } | 305 | } |
| 245 | else | 306 | |
| 246 | return(rsa); | 307 | return ok; |
| 247 | } | 308 | } |
| 248 | 309 | ||
| 249 | #endif | 310 | #endif |
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_lib.c b/src/lib/libssl/src/fips/rsa/fips_rsa_lib.c new file mode 100644 index 0000000000..a37ad3e540 --- /dev/null +++ b/src/lib/libssl/src/fips/rsa/fips_rsa_lib.c | |||
| @@ -0,0 +1,101 @@ | |||
| 1 | /* fips_rsa_sign.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project 2007. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2007 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <string.h> | ||
| 60 | #include <openssl/evp.h> | ||
| 61 | #include <openssl/rsa.h> | ||
| 62 | #include <openssl/bn.h> | ||
| 63 | #include <openssl/err.h> | ||
| 64 | |||
| 65 | /* Minimal FIPS versions of FIPS_rsa_new() and FIPS_rsa_free: to | ||
| 66 | * reduce external dependencies. | ||
| 67 | */ | ||
| 68 | |||
| 69 | RSA *FIPS_rsa_new(void) | ||
| 70 | { | ||
| 71 | RSA *ret; | ||
| 72 | ret = OPENSSL_malloc(sizeof(RSA)); | ||
| 73 | if (!ret) | ||
| 74 | return NULL; | ||
| 75 | memset(ret, 0, sizeof(RSA)); | ||
| 76 | ret->meth = RSA_PKCS1_SSLeay(); | ||
| 77 | if (ret->meth->init) | ||
| 78 | ret->meth->init(ret); | ||
| 79 | return ret; | ||
| 80 | } | ||
| 81 | |||
| 82 | void FIPS_rsa_free(RSA *r) | ||
| 83 | { | ||
| 84 | if (!r) | ||
| 85 | return; | ||
| 86 | if (r->meth->finish) | ||
| 87 | r->meth->finish(r); | ||
| 88 | if (r->n != NULL) BN_clear_free(r->n); | ||
| 89 | if (r->e != NULL) BN_clear_free(r->e); | ||
| 90 | if (r->d != NULL) BN_clear_free(r->d); | ||
| 91 | if (r->p != NULL) BN_clear_free(r->p); | ||
| 92 | if (r->q != NULL) BN_clear_free(r->q); | ||
| 93 | if (r->dmp1 != NULL) BN_clear_free(r->dmp1); | ||
| 94 | if (r->dmq1 != NULL) BN_clear_free(r->dmq1); | ||
| 95 | if (r->iqmp != NULL) BN_clear_free(r->iqmp); | ||
| 96 | if (r->blinding != NULL) BN_BLINDING_free(r->blinding); | ||
| 97 | if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding); | ||
| 98 | if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); | ||
| 99 | OPENSSL_free(r); | ||
| 100 | } | ||
| 101 | |||
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c b/src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c index 4e3b9445fc..bead61f572 100644 --- a/src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c +++ b/src/lib/libssl/src/fips/rsa/fips_rsa_selftest.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* ==================================================================== | 1 | /* ==================================================================== |
| 2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | 2 | * Copyright (c) 2003-2007 The OpenSSL Project. All rights reserved. |
| 3 | * | 3 | * |
| 4 | * Redistribution and use in source and binary forms, with or without | 4 | * Redistribution and use in source and binary forms, with or without |
| 5 | * modification, are permitted provided that the following conditions | 5 | * modification, are permitted provided that the following conditions |
| @@ -51,21 +51,11 @@ | |||
| 51 | #include <openssl/err.h> | 51 | #include <openssl/err.h> |
| 52 | #include <openssl/fips.h> | 52 | #include <openssl/fips.h> |
| 53 | #include <openssl/rsa.h> | 53 | #include <openssl/rsa.h> |
| 54 | #include <openssl/sha.h> | 54 | #include <openssl/evp.h> |
| 55 | #include <openssl/bn.h> | ||
| 55 | #include <openssl/opensslconf.h> | 56 | #include <openssl/opensslconf.h> |
| 56 | 57 | ||
| 57 | #ifdef OPENSSL_FIPS | 58 | #ifdef OPENSSL_FIPS |
| 58 | #define SetKey \ | ||
| 59 | key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \ | ||
| 60 | key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \ | ||
| 61 | key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \ | ||
| 62 | key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \ | ||
| 63 | key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \ | ||
| 64 | key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \ | ||
| 65 | key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \ | ||
| 66 | key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \ | ||
| 67 | memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ | ||
| 68 | return (sizeof(ctext_ex) - 1); | ||
| 69 | 59 | ||
| 70 | static unsigned char n[] = | 60 | static unsigned char n[] = |
| 71 | "\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71" | 61 | "\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71" |
| @@ -79,11 +69,11 @@ static unsigned char n[] = | |||
| 79 | "\xCB"; | 69 | "\xCB"; |
| 80 | 70 | ||
| 81 | 71 | ||
| 82 | static int setrsakey(RSA *key, unsigned char *c) | 72 | static int setrsakey(RSA *key) |
| 83 | { | 73 | { |
| 84 | static unsigned char e[] = "\x11"; | 74 | static const unsigned char e[] = "\x11"; |
| 85 | 75 | ||
| 86 | static unsigned char d[] = | 76 | static const unsigned char d[] = |
| 87 | "\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD" | 77 | "\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD" |
| 88 | "\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41" | 78 | "\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41" |
| 89 | "\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69" | 79 | "\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69" |
| @@ -94,50 +84,48 @@ static int setrsakey(RSA *key, unsigned char *c) | |||
| 94 | "\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3" | 84 | "\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3" |
| 95 | "\xC1"; | 85 | "\xC1"; |
| 96 | 86 | ||
| 97 | static unsigned char p[] = | 87 | static const unsigned char p[] = |
| 98 | "\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60" | 88 | "\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60" |
| 99 | "\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6" | 89 | "\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6" |
| 100 | "\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A" | 90 | "\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A" |
| 101 | "\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65" | 91 | "\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65" |
| 102 | "\x99"; | 92 | "\x99"; |
| 103 | 93 | ||
| 104 | static unsigned char q[] = | 94 | static const unsigned char q[] = |
| 105 | "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" | 95 | "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" |
| 106 | "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" | 96 | "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" |
| 107 | "\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" | 97 | "\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" |
| 108 | "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15" | 98 | "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15" |
| 109 | "\x03"; | 99 | "\x03"; |
| 110 | 100 | ||
| 111 | static unsigned char dmp1[] = | 101 | static const unsigned char dmp1[] = |
| 112 | "\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A" | 102 | "\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A" |
| 113 | "\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E" | 103 | "\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E" |
| 114 | "\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E" | 104 | "\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E" |
| 115 | "\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81"; | 105 | "\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81"; |
| 116 | 106 | ||
| 117 | static unsigned char dmq1[] = | 107 | static const unsigned char dmq1[] = |
| 118 | "\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9" | 108 | "\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9" |
| 119 | "\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7" | 109 | "\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7" |
| 120 | "\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D" | 110 | "\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D" |
| 121 | "\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D"; | 111 | "\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D"; |
| 122 | 112 | ||
| 123 | static unsigned char iqmp[] = | 113 | static const unsigned char iqmp[] = |
| 124 | "\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23" | 114 | "\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23" |
| 125 | "\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11" | 115 | "\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11" |
| 126 | "\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E" | 116 | "\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E" |
| 127 | "\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39" | 117 | "\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39" |
| 128 | "\xF7"; | 118 | "\xF7"; |
| 129 | 119 | ||
| 130 | static unsigned char ctext_ex[] = | 120 | key->n = BN_bin2bn(n, sizeof(n)-1, key->n); |
| 131 | "\x42\x4b\xc9\x51\x61\xd4\xca\xa0\x18\x6c\x4d\xca\x61\x8f\x2d\x07" | 121 | key->e = BN_bin2bn(e, sizeof(e)-1, key->e); |
| 132 | "\x8c\x63\xc5\x6b\xa2\x4c\x32\xb1\xda\xb7\xdd\x32\xb6\x51\x68\xc3" | 122 | key->d = BN_bin2bn(d, sizeof(d)-1, key->d); |
| 133 | "\x6e\x98\x46\xd6\xbb\x1a\xd5\x99\x05\x92\x7c\xd7\xbc\x08\x9e\xe4" | 123 | key->p = BN_bin2bn(p, sizeof(p)-1, key->p); |
| 134 | "\xc3\x70\x4d\xe6\x99\x7e\x61\x31\x07\x7a\x19\xdb\x3e\x11\xfa\x3d" | 124 | key->q = BN_bin2bn(q, sizeof(q)-1, key->q); |
| 135 | "\x7c\x61\xd7\x78\x14\x3f\x05\x16\xa0\xc4\xbf\xcd\xee\xca\x67\x4c" | 125 | key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); |
| 136 | "\x80\x4e\xca\x43\x2f\x35\x43\x58\xa7\x50\x7e\x3e\x52\x82\xab\xac" | 126 | key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); |
| 137 | "\xa6\x50\xe8\x39\x9f\xe0\x7f\x58\x1d\x1b\x90\x93\x04\xec\xb3\xf9" | 127 | key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); |
| 138 | "\x24\xd3\x75\x3e\x39\xd1\x14\xc6\x33\xce\xd6\xee\x20\x47\xec\xe4"; | 128 | return 1; |
| 139 | |||
| 140 | SetKey; | ||
| 141 | } | 129 | } |
| 142 | 130 | ||
| 143 | void FIPS_corrupt_rsa() | 131 | void FIPS_corrupt_rsa() |
| @@ -145,107 +133,300 @@ void FIPS_corrupt_rsa() | |||
| 145 | n[0]++; | 133 | n[0]++; |
| 146 | } | 134 | } |
| 147 | 135 | ||
| 136 | /* Known Answer Test (KAT) data for the above RSA private key signing | ||
| 137 | * kat_tbs. | ||
| 138 | */ | ||
| 139 | |||
| 140 | static const unsigned char kat_tbs[] = "OpenSSL FIPS 140-2 Public Key RSA KAT"; | ||
| 141 | |||
| 142 | static const unsigned char kat_RSA_PSS_SHA1[] = { | ||
| 143 | 0x2D, 0xAF, 0x6E, 0xC2, 0x98, 0xFB, 0x8A, 0xA1, 0xB9, 0x46, 0xDA, 0x0F, | ||
| 144 | 0x01, 0x1E, 0x37, 0x93, 0xC2, 0x55, 0x27, 0xE4, 0x1D, 0xD2, 0x90, 0xBB, | ||
| 145 | 0xF4, 0xBF, 0x4A, 0x74, 0x39, 0x51, 0xBB, 0xE8, 0x0C, 0xB7, 0xF8, 0xD3, | ||
| 146 | 0xD1, 0xDF, 0xE7, 0xBE, 0x80, 0x05, 0xC3, 0xB5, 0xC7, 0x83, 0xD5, 0x4C, | ||
| 147 | 0x7F, 0x49, 0xFB, 0x3F, 0x29, 0x9B, 0xE1, 0x12, 0x51, 0x60, 0xD0, 0xA7, | ||
| 148 | 0x0D, 0xA9, 0x28, 0x56, 0x73, 0xD9, 0x07, 0xE3, 0x5E, 0x3F, 0x9B, 0xF5, | ||
| 149 | 0xB6, 0xF3, 0xF2, 0x5E, 0x74, 0xC9, 0x83, 0x81, 0x47, 0xF0, 0xC5, 0x45, | ||
| 150 | 0x0A, 0xE9, 0x8E, 0x38, 0xD7, 0x18, 0xC6, 0x2A, 0x0F, 0xF8, 0xB7, 0x31, | ||
| 151 | 0xD6, 0x55, 0xE4, 0x66, 0x78, 0x81, 0xD4, 0xE6, 0xDB, 0x9F, 0xBA, 0xE8, | ||
| 152 | 0x23, 0xB5, 0x7F, 0xDC, 0x08, 0xEA, 0xD5, 0x26, 0x1E, 0x20, 0x25, 0x84, | ||
| 153 | 0x26, 0xC6, 0x79, 0xC9, 0x9B, 0x3D, 0x7E, 0xA9 | ||
| 154 | }; | ||
| 155 | |||
| 156 | static const unsigned char kat_RSA_PSS_SHA224[] = { | ||
| 157 | 0x39, 0x4A, 0x6A, 0x20, 0xBC, 0xE9, 0x33, 0xED, 0xEF, 0xC5, 0x58, 0xA7, | ||
| 158 | 0xFE, 0x81, 0xC4, 0x36, 0x50, 0x9A, 0x2C, 0x82, 0x98, 0x08, 0x95, 0xFA, | ||
| 159 | 0xB1, 0x9E, 0xD2, 0x55, 0x61, 0x87, 0x21, 0x59, 0x87, 0x7B, 0x1F, 0x57, | ||
| 160 | 0x30, 0x9D, 0x0D, 0x4A, 0x06, 0xEB, 0x52, 0x37, 0x55, 0x54, 0x1C, 0x89, | ||
| 161 | 0x83, 0x75, 0x59, 0x65, 0x64, 0x90, 0x2E, 0x16, 0xCC, 0x86, 0x05, 0xEE, | ||
| 162 | 0xB1, 0xE6, 0x7B, 0xBA, 0x16, 0x75, 0x0D, 0x0C, 0x64, 0x0B, 0xAB, 0x22, | ||
| 163 | 0x15, 0x78, 0x6B, 0x6F, 0xA4, 0xFB, 0x77, 0x40, 0x64, 0x62, 0xD1, 0xB5, | ||
| 164 | 0x37, 0x1E, 0xE0, 0x3D, 0xA8, 0xF9, 0xD2, 0xBD, 0xAA, 0x38, 0x24, 0x49, | ||
| 165 | 0x58, 0xD2, 0x74, 0x85, 0xF4, 0xB5, 0x93, 0x8E, 0xF5, 0x03, 0xEA, 0x2D, | ||
| 166 | 0xC8, 0x52, 0xFA, 0xCF, 0x7E, 0x35, 0xB0, 0x6A, 0xAF, 0x95, 0xC0, 0x00, | ||
| 167 | 0x54, 0x76, 0x3D, 0x0C, 0x9C, 0xB2, 0xEE, 0xC0 | ||
| 168 | }; | ||
| 169 | |||
| 170 | static const unsigned char kat_RSA_PSS_SHA256[] = { | ||
| 171 | 0x6D, 0x3D, 0xBE, 0x8F, 0x60, 0x6D, 0x25, 0x14, 0xF0, 0x31, 0xE3, 0x89, | ||
| 172 | 0x00, 0x97, 0xFA, 0x99, 0x71, 0x28, 0xE5, 0x10, 0x25, 0x9A, 0xF3, 0x8F, | ||
| 173 | 0x7B, 0xC5, 0xA8, 0x4A, 0x74, 0x51, 0x36, 0xE2, 0x8D, 0x7D, 0x73, 0x28, | ||
| 174 | 0xC1, 0x77, 0xC6, 0x27, 0x97, 0x00, 0x8B, 0x00, 0xA3, 0x96, 0x73, 0x4E, | ||
| 175 | 0x7D, 0x2E, 0x2C, 0x34, 0x68, 0x8C, 0x8E, 0xDF, 0x9D, 0x49, 0x47, 0x05, | ||
| 176 | 0xAB, 0xF5, 0x01, 0xD6, 0x81, 0x47, 0x70, 0xF5, 0x1D, 0x6D, 0x26, 0xBA, | ||
| 177 | 0x2F, 0x7A, 0x54, 0x53, 0x4E, 0xED, 0x71, 0xD9, 0x5A, 0xF3, 0xDA, 0xB6, | ||
| 178 | 0x0B, 0x47, 0x34, 0xAF, 0x90, 0xDC, 0xC8, 0xD9, 0x6F, 0x56, 0xCD, 0x9F, | ||
| 179 | 0x21, 0xB7, 0x7E, 0xAD, 0x7C, 0x2F, 0x75, 0x50, 0x47, 0x12, 0xE4, 0x6D, | ||
| 180 | 0x5F, 0xB7, 0x01, 0xDF, 0xC3, 0x11, 0x6C, 0xA9, 0x9E, 0x49, 0xB9, 0xF6, | ||
| 181 | 0x72, 0xF4, 0xF6, 0xEF, 0x88, 0x1E, 0x2D, 0x1C | ||
| 182 | }; | ||
| 183 | |||
| 184 | static const unsigned char kat_RSA_PSS_SHA384[] = { | ||
| 185 | 0x40, 0xFB, 0xA1, 0x21, 0xF4, 0xB2, 0x40, 0x9A, 0xB4, 0x31, 0xA8, 0xF2, | ||
| 186 | 0xEC, 0x1C, 0xC4, 0xC8, 0x7C, 0x22, 0x65, 0x9C, 0x57, 0x45, 0xCD, 0x5E, | ||
| 187 | 0x86, 0x00, 0xF7, 0x25, 0x78, 0xDE, 0xDC, 0x7A, 0x71, 0x44, 0x9A, 0xCD, | ||
| 188 | 0xAA, 0x25, 0xF4, 0xB2, 0xFC, 0xF0, 0x75, 0xD9, 0x2F, 0x78, 0x23, 0x7F, | ||
| 189 | 0x6F, 0x02, 0xEF, 0xC1, 0xAF, 0xA6, 0x28, 0x16, 0x31, 0xDC, 0x42, 0x6C, | ||
| 190 | 0xB2, 0x44, 0xE5, 0x4D, 0x66, 0xA2, 0xE6, 0x71, 0xF3, 0xAC, 0x4F, 0xFB, | ||
| 191 | 0x91, 0xCA, 0xF5, 0x70, 0xEF, 0x6B, 0x9D, 0xA4, 0xEF, 0xD9, 0x3D, 0x2F, | ||
| 192 | 0x3A, 0xBE, 0x89, 0x38, 0x59, 0x01, 0xBA, 0xDA, 0x32, 0xAD, 0x42, 0x89, | ||
| 193 | 0x98, 0x8B, 0x39, 0x44, 0xF0, 0xFC, 0x38, 0xAC, 0x87, 0x1F, 0xCA, 0x6F, | ||
| 194 | 0x48, 0xF6, 0xAE, 0xD7, 0x45, 0xEE, 0xAE, 0x88, 0x0E, 0x60, 0xF4, 0x55, | ||
| 195 | 0x48, 0x44, 0xEE, 0x1F, 0x90, 0x18, 0x4B, 0xF1 | ||
| 196 | }; | ||
| 197 | |||
| 198 | static const unsigned char kat_RSA_PSS_SHA512[] = { | ||
| 199 | 0x07, 0x1E, 0xD8, 0xD5, 0x05, 0xE8, 0xE6, 0xE6, 0x57, 0xAE, 0x63, 0x8C, | ||
| 200 | 0xC6, 0x83, 0xB7, 0xA0, 0x59, 0xBB, 0xF2, 0xC6, 0x8F, 0x12, 0x53, 0x9A, | ||
| 201 | 0x9B, 0x54, 0x9E, 0xB3, 0xC1, 0x1D, 0x23, 0x4D, 0x51, 0xED, 0x9E, 0xDD, | ||
| 202 | 0x4B, 0xF3, 0x46, 0x9B, 0x6B, 0xF6, 0x7C, 0x24, 0x60, 0x79, 0x23, 0x39, | ||
| 203 | 0x01, 0x1C, 0x51, 0xCB, 0xD8, 0xE9, 0x9A, 0x01, 0x67, 0x5F, 0xFE, 0xD7, | ||
| 204 | 0x7C, 0xE3, 0x7F, 0xED, 0xDB, 0x87, 0xBB, 0xF0, 0x3D, 0x78, 0x55, 0x61, | ||
| 205 | 0x57, 0xE3, 0x0F, 0xE3, 0xD2, 0x9D, 0x0C, 0x2A, 0x20, 0xB0, 0x85, 0x13, | ||
| 206 | 0xC5, 0x47, 0x34, 0x0D, 0x32, 0x15, 0xC8, 0xAE, 0x9A, 0x6A, 0x39, 0x63, | ||
| 207 | 0x2D, 0x60, 0xF5, 0x4C, 0xDF, 0x8A, 0x48, 0x4B, 0xBF, 0xF4, 0xA8, 0xFE, | ||
| 208 | 0x76, 0xF2, 0x32, 0x1B, 0x9C, 0x7C, 0xCA, 0xFE, 0x7F, 0x80, 0xC2, 0x88, | ||
| 209 | 0x5C, 0x97, 0x70, 0xB4, 0x26, 0xC9, 0x14, 0x8B | ||
| 210 | }; | ||
| 211 | |||
| 212 | static const unsigned char kat_RSA_SHA1[] = { | ||
| 213 | 0x71, 0xEE, 0x1A, 0xC0, 0xFE, 0x01, 0x93, 0x54, 0x79, 0x5C, 0xF2, 0x4C, | ||
| 214 | 0x4A, 0xFD, 0x1A, 0x05, 0x8F, 0x64, 0xB1, 0x6D, 0x61, 0x33, 0x8D, 0x9B, | ||
| 215 | 0xE7, 0xFD, 0x60, 0xA3, 0x83, 0xB5, 0xA3, 0x51, 0x55, 0x77, 0x90, 0xCF, | ||
| 216 | 0xDC, 0x22, 0x37, 0x8E, 0xD0, 0xE1, 0xAE, 0x09, 0xE3, 0x3D, 0x1E, 0xF8, | ||
| 217 | 0x80, 0xD1, 0x8B, 0xC2, 0xEC, 0x0A, 0xD7, 0x6B, 0x88, 0x8B, 0x8B, 0xA1, | ||
| 218 | 0x20, 0x22, 0xBE, 0x59, 0x5B, 0xE0, 0x23, 0x24, 0xA1, 0x49, 0x30, 0xBA, | ||
| 219 | 0xA9, 0x9E, 0xE8, 0xB1, 0x8A, 0x62, 0x16, 0xBF, 0x4E, 0xCA, 0x2E, 0x4E, | ||
| 220 | 0xBC, 0x29, 0xA8, 0x67, 0x13, 0xB7, 0x9F, 0x1D, 0x04, 0x44, 0xE5, 0x5F, | ||
| 221 | 0x35, 0x07, 0x11, 0xBC, 0xED, 0x19, 0x37, 0x21, 0xCF, 0x23, 0x48, 0x1F, | ||
| 222 | 0x72, 0x05, 0xDE, 0xE6, 0xE8, 0x7F, 0x33, 0x8A, 0x76, 0x4B, 0x2F, 0x95, | ||
| 223 | 0xDF, 0xF1, 0x5F, 0x84, 0x80, 0xD9, 0x46, 0xB4 | ||
| 224 | }; | ||
| 225 | |||
| 226 | static const unsigned char kat_RSA_SHA224[] = { | ||
| 227 | 0x62, 0xAA, 0x79, 0xA9, 0x18, 0x0E, 0x5F, 0x8C, 0xBB, 0xB7, 0x15, 0xF9, | ||
| 228 | 0x25, 0xBB, 0xFA, 0xD4, 0x3A, 0x34, 0xED, 0x9E, 0xA0, 0xA9, 0x18, 0x8D, | ||
| 229 | 0x5B, 0x55, 0x9A, 0x7E, 0x1E, 0x08, 0x08, 0x60, 0xC5, 0x1A, 0xC5, 0x89, | ||
| 230 | 0x08, 0xE2, 0x1B, 0xBD, 0x62, 0x50, 0x17, 0x76, 0x30, 0x2C, 0x9E, 0xCD, | ||
| 231 | 0xA4, 0x02, 0xAD, 0xB1, 0x6D, 0x44, 0x6D, 0xD5, 0xC6, 0x45, 0x41, 0xE5, | ||
| 232 | 0xEE, 0x1F, 0x8D, 0x7E, 0x08, 0x16, 0xA6, 0xE1, 0x5E, 0x0B, 0xA9, 0xCC, | ||
| 233 | 0xDB, 0x59, 0x55, 0x87, 0x09, 0x25, 0x70, 0x86, 0x84, 0x02, 0xC6, 0x3B, | ||
| 234 | 0x0B, 0x44, 0x4C, 0x46, 0x95, 0xF4, 0xF8, 0x5A, 0x91, 0x28, 0x3E, 0xB2, | ||
| 235 | 0x58, 0x2E, 0x06, 0x45, 0x49, 0xE0, 0x92, 0xE2, 0xC0, 0x66, 0xE6, 0x35, | ||
| 236 | 0xD9, 0x79, 0x7F, 0x17, 0x5E, 0x02, 0x73, 0x04, 0x77, 0x82, 0xE6, 0xDC, | ||
| 237 | 0x40, 0x21, 0x89, 0x8B, 0x37, 0x3E, 0x1E, 0x8D | ||
| 238 | }; | ||
| 239 | |||
| 240 | static const unsigned char kat_RSA_SHA256[] = { | ||
| 241 | 0x0D, 0x55, 0xE2, 0xAA, 0x81, 0xDB, 0x8E, 0x82, 0x05, 0x17, 0xA5, 0x23, | ||
| 242 | 0xE7, 0x3B, 0x1D, 0xAF, 0xFB, 0x8C, 0xD0, 0x81, 0x20, 0x7B, 0xAA, 0x23, | ||
| 243 | 0x92, 0x87, 0x8C, 0xD1, 0x53, 0x85, 0x16, 0xDC, 0xBE, 0xAD, 0x6F, 0x35, | ||
| 244 | 0x98, 0x2D, 0x69, 0x84, 0xBF, 0xD9, 0x8A, 0x01, 0x17, 0x58, 0xB2, 0x6E, | ||
| 245 | 0x2C, 0x44, 0x9B, 0x90, 0xF1, 0xFB, 0x51, 0xE8, 0x6A, 0x90, 0x2D, 0x18, | ||
| 246 | 0x0E, 0xC0, 0x90, 0x10, 0x24, 0xA9, 0x1D, 0xB3, 0x58, 0x7A, 0x91, 0x30, | ||
| 247 | 0xBE, 0x22, 0xC7, 0xD3, 0xEC, 0xC3, 0x09, 0x5D, 0xBF, 0xE2, 0x80, 0x3A, | ||
| 248 | 0x7C, 0x85, 0xB4, 0xBC, 0xD1, 0xE9, 0xF0, 0x5C, 0xDE, 0x81, 0xA6, 0x38, | ||
| 249 | 0xB8, 0x42, 0xBB, 0x86, 0xC5, 0x9D, 0xCE, 0x7C, 0x2C, 0xEE, 0xD1, 0xDA, | ||
| 250 | 0x27, 0x48, 0x2B, 0xF5, 0xAB, 0xB9, 0xF7, 0x80, 0xD1, 0x90, 0x27, 0x90, | ||
| 251 | 0xBD, 0x44, 0x97, 0x60, 0xCD, 0x57, 0xC0, 0x7A | ||
| 252 | }; | ||
| 253 | |||
| 254 | static const unsigned char kat_RSA_SHA384[] = { | ||
| 255 | 0x1D, 0xE3, 0x6A, 0xDD, 0x27, 0x4C, 0xC0, 0xA5, 0x27, 0xEF, 0xE6, 0x1F, | ||
| 256 | 0xD2, 0x91, 0x68, 0x59, 0x04, 0xAE, 0xBD, 0x99, 0x63, 0x56, 0x47, 0xC7, | ||
| 257 | 0x6F, 0x22, 0x16, 0x48, 0xD0, 0xF9, 0x18, 0xA9, 0xCA, 0xFA, 0x5D, 0x5C, | ||
| 258 | 0xA7, 0x65, 0x52, 0x8A, 0xC8, 0x44, 0x7E, 0x86, 0x5D, 0xA9, 0xA6, 0x55, | ||
| 259 | 0x65, 0x3E, 0xD9, 0x2D, 0x02, 0x38, 0xA8, 0x79, 0x28, 0x7F, 0xB6, 0xCF, | ||
| 260 | 0x82, 0xDD, 0x7E, 0x55, 0xE1, 0xB1, 0xBC, 0xE2, 0x19, 0x2B, 0x30, 0xC2, | ||
| 261 | 0x1B, 0x2B, 0xB0, 0x82, 0x46, 0xAC, 0x4B, 0xD1, 0xE2, 0x7D, 0xEB, 0x8C, | ||
| 262 | 0xFF, 0x95, 0xE9, 0x6A, 0x1C, 0x3D, 0x4D, 0xBF, 0x8F, 0x8B, 0x9C, 0xCD, | ||
| 263 | 0xEA, 0x85, 0xEE, 0x00, 0xDC, 0x1C, 0xA7, 0xEB, 0xD0, 0x8F, 0x99, 0xF1, | ||
| 264 | 0x16, 0x28, 0x24, 0x64, 0x04, 0x39, 0x2D, 0x58, 0x1E, 0x37, 0xDC, 0x04, | ||
| 265 | 0xBD, 0x31, 0xA2, 0x2F, 0xB3, 0x35, 0x56, 0xBF | ||
| 266 | }; | ||
| 267 | |||
| 268 | static const unsigned char kat_RSA_SHA512[] = { | ||
| 269 | 0x69, 0x52, 0x1B, 0x51, 0x5E, 0x06, 0xCA, 0x9B, 0x16, 0x51, 0x5D, 0xCF, | ||
| 270 | 0x49, 0x25, 0x4A, 0xA1, 0x6A, 0x77, 0x4C, 0x36, 0x40, 0xF8, 0xB2, 0x9A, | ||
| 271 | 0x15, 0xEA, 0x5C, 0xE5, 0xE6, 0x82, 0xE0, 0x86, 0x82, 0x6B, 0x32, 0xF1, | ||
| 272 | 0x04, 0xC1, 0x5A, 0x1A, 0xED, 0x1E, 0x9A, 0xB6, 0x4C, 0x54, 0x9F, 0xD8, | ||
| 273 | 0x8D, 0xCC, 0xAC, 0x8A, 0xBB, 0x9C, 0x82, 0x3F, 0xA6, 0x53, 0x62, 0xB5, | ||
| 274 | 0x80, 0xE2, 0xBC, 0xDD, 0x67, 0x2B, 0xD9, 0x3F, 0xE4, 0x75, 0x92, 0x6B, | ||
| 275 | 0xAF, 0x62, 0x7C, 0x52, 0xF0, 0xEE, 0x33, 0xDF, 0x1B, 0x1D, 0x47, 0xE6, | ||
| 276 | 0x59, 0x56, 0xA5, 0xB9, 0x5C, 0xE6, 0x77, 0x78, 0x16, 0x63, 0x84, 0x05, | ||
| 277 | 0x6F, 0x0E, 0x2B, 0x31, 0x9D, 0xF7, 0x7F, 0xB2, 0x64, 0x71, 0xE0, 0x2D, | ||
| 278 | 0x3E, 0x62, 0xCE, 0xB5, 0x3F, 0x88, 0xDF, 0x2D, 0xAB, 0x98, 0x65, 0x91, | ||
| 279 | 0xDF, 0x70, 0x14, 0xA5, 0x3F, 0x36, 0xAB, 0x84 | ||
| 280 | }; | ||
| 281 | |||
| 282 | static const unsigned char kat_RSA_X931_SHA1[] = { | ||
| 283 | 0x86, 0xB4, 0x18, 0xBA, 0xD1, 0x80, 0xB6, 0x7C, 0x42, 0x45, 0x4D, 0xDF, | ||
| 284 | 0xE9, 0x2D, 0xE1, 0x83, 0x5F, 0xB5, 0x2F, 0xC9, 0xCD, 0xC4, 0xB2, 0x75, | ||
| 285 | 0x80, 0xA4, 0xF1, 0x4A, 0xE7, 0x83, 0x12, 0x1E, 0x1E, 0x14, 0xB8, 0xAC, | ||
| 286 | 0x35, 0xE2, 0xAA, 0x0B, 0x5C, 0xF8, 0x38, 0x4D, 0x04, 0xEE, 0xA9, 0x97, | ||
| 287 | 0x70, 0xFB, 0x5E, 0xE7, 0xB7, 0xE3, 0x62, 0x23, 0x4B, 0x38, 0xBE, 0xD6, | ||
| 288 | 0x53, 0x15, 0xF7, 0xDF, 0x87, 0xB4, 0x0E, 0xCC, 0xB1, 0x1A, 0x11, 0x19, | ||
| 289 | 0xEE, 0x51, 0xCC, 0x92, 0xDD, 0xBC, 0x63, 0x29, 0x63, 0x0C, 0x59, 0xD7, | ||
| 290 | 0x6F, 0x4C, 0x3C, 0x37, 0x5B, 0x37, 0x03, 0x61, 0x7D, 0x24, 0x1C, 0x99, | ||
| 291 | 0x48, 0xAF, 0x82, 0xFE, 0x32, 0x41, 0x9B, 0xB2, 0xDB, 0xEA, 0xED, 0x76, | ||
| 292 | 0x8E, 0x6E, 0xCA, 0x7E, 0x4E, 0x14, 0xBA, 0x30, 0x84, 0x1C, 0xB3, 0x67, | ||
| 293 | 0xA3, 0x29, 0x80, 0x70, 0x54, 0x68, 0x7D, 0x49 | ||
| 294 | }; | ||
| 295 | |||
| 296 | static const unsigned char kat_RSA_X931_SHA256[] = { | ||
| 297 | 0x7E, 0xA2, 0x77, 0xFE, 0xB8, 0x54, 0x8A, 0xC7, 0x7F, 0x64, 0x54, 0x89, | ||
| 298 | 0xE5, 0x52, 0x15, 0x8E, 0x52, 0x96, 0x4E, 0xA6, 0x58, 0x92, 0x1C, 0xDD, | ||
| 299 | 0xEA, 0xA2, 0x2D, 0x5C, 0xD1, 0x62, 0x00, 0x49, 0x05, 0x95, 0x73, 0xCF, | ||
| 300 | 0x16, 0x76, 0x68, 0xF6, 0xC6, 0x5E, 0x80, 0xB8, 0xB8, 0x7B, 0xC8, 0x9B, | ||
| 301 | 0xC6, 0x53, 0x88, 0x26, 0x20, 0x88, 0x73, 0xB6, 0x13, 0xB8, 0xF0, 0x4B, | ||
| 302 | 0x00, 0x85, 0xF3, 0xDD, 0x07, 0x50, 0xEB, 0x20, 0xC4, 0x38, 0x0E, 0x98, | ||
| 303 | 0xAD, 0x4E, 0x49, 0x2C, 0xD7, 0x65, 0xA5, 0x19, 0x0E, 0x59, 0x01, 0xEC, | ||
| 304 | 0x7E, 0x75, 0x89, 0x69, 0x2E, 0x63, 0x76, 0x85, 0x46, 0x8D, 0xA0, 0x8C, | ||
| 305 | 0x33, 0x1D, 0x82, 0x8C, 0x03, 0xEA, 0x69, 0x88, 0x35, 0xA1, 0x42, 0xBD, | ||
| 306 | 0x21, 0xED, 0x8D, 0xBC, 0xBC, 0xDB, 0x30, 0xFF, 0x86, 0xF0, 0x5B, 0xDC, | ||
| 307 | 0xE3, 0xE2, 0xE8, 0x0A, 0x0A, 0x29, 0x94, 0x80 | ||
| 308 | }; | ||
| 309 | |||
| 310 | static const unsigned char kat_RSA_X931_SHA384[] = { | ||
| 311 | 0x5C, 0x7D, 0x96, 0x35, 0xEC, 0x7E, 0x11, 0x38, 0xBB, 0x7B, 0xEC, 0x7B, | ||
| 312 | 0xF2, 0x82, 0x8E, 0x99, 0xBD, 0xEF, 0xD8, 0xAE, 0xD7, 0x39, 0x37, 0xCB, | ||
| 313 | 0xE6, 0x4F, 0x5E, 0x0A, 0x13, 0xE4, 0x2E, 0x40, 0xB9, 0xBE, 0x2E, 0xE3, | ||
| 314 | 0xEF, 0x78, 0x83, 0x18, 0x44, 0x35, 0x9C, 0x8E, 0xD7, 0x4A, 0x63, 0xF6, | ||
| 315 | 0x57, 0xC2, 0xB0, 0x08, 0x51, 0x73, 0xCF, 0xCA, 0x99, 0x66, 0xEE, 0x31, | ||
| 316 | 0xD8, 0x69, 0xE9, 0xAB, 0x13, 0x27, 0x7B, 0x41, 0x1E, 0x6D, 0x8D, 0xF1, | ||
| 317 | 0x3E, 0x9C, 0x35, 0x95, 0x58, 0xDD, 0x2B, 0xD5, 0xA0, 0x60, 0x41, 0x79, | ||
| 318 | 0x24, 0x22, 0xE4, 0xB7, 0xBF, 0x47, 0x53, 0xF6, 0x34, 0xD5, 0x7C, 0xFF, | ||
| 319 | 0x0E, 0x09, 0xEE, 0x2E, 0xE2, 0x37, 0xB9, 0xDE, 0xC5, 0x12, 0x44, 0x35, | ||
| 320 | 0xEF, 0x01, 0xE6, 0x5E, 0x39, 0x31, 0x2D, 0x71, 0xA5, 0xDC, 0xC6, 0x6D, | ||
| 321 | 0xE2, 0xCD, 0x85, 0xDB, 0x73, 0x82, 0x65, 0x28 | ||
| 322 | }; | ||
| 323 | |||
| 324 | static const unsigned char kat_RSA_X931_SHA512[] = { | ||
| 325 | 0xA6, 0x65, 0xA2, 0x77, 0x4F, 0xB3, 0x86, 0xCB, 0x64, 0x3A, 0xC1, 0x63, | ||
| 326 | 0xFC, 0xA1, 0xAA, 0xCB, 0x9B, 0x79, 0xDD, 0x4B, 0xE1, 0xD9, 0xDA, 0xAC, | ||
| 327 | 0xE7, 0x47, 0x09, 0xB2, 0x11, 0x4B, 0x8A, 0xAA, 0x05, 0x9E, 0x77, 0xD7, | ||
| 328 | 0x3A, 0xBD, 0x5E, 0x53, 0x09, 0x4A, 0xE6, 0x0F, 0x5E, 0xF9, 0x14, 0x28, | ||
| 329 | 0xA0, 0x99, 0x74, 0x64, 0x70, 0x4E, 0xF2, 0xE3, 0xFA, 0xC7, 0xF8, 0xC5, | ||
| 330 | 0x6E, 0x2B, 0x79, 0x96, 0x0D, 0x0C, 0xC8, 0x10, 0x34, 0x53, 0xD2, 0xAF, | ||
| 331 | 0x17, 0x0E, 0xE0, 0xBF, 0x79, 0xF6, 0x04, 0x72, 0x10, 0xE0, 0xF6, 0xD0, | ||
| 332 | 0xCE, 0x8A, 0x6F, 0xA1, 0x95, 0x89, 0xBF, 0x58, 0x8F, 0x46, 0x5F, 0x09, | ||
| 333 | 0x9F, 0x09, 0xCA, 0x84, 0x15, 0x85, 0xE0, 0xED, 0x04, 0x2D, 0xFB, 0x7C, | ||
| 334 | 0x36, 0x35, 0x21, 0x31, 0xC3, 0xFD, 0x92, 0x42, 0x11, 0x30, 0x71, 0x1B, | ||
| 335 | 0x60, 0x83, 0x18, 0x88, 0xA3, 0xF5, 0x59, 0xC3 | ||
| 336 | }; | ||
| 337 | |||
| 338 | |||
| 148 | int FIPS_selftest_rsa() | 339 | int FIPS_selftest_rsa() |
| 149 | { | ||
| 150 | int clen; | ||
| 151 | RSA *key; | ||
| 152 | unsigned char expected_ctext[256]; | ||
| 153 | unsigned char ctext[256]; | ||
| 154 | unsigned char ptext[256]; | ||
| 155 | static unsigned char original_ptext[] = | ||
| 156 | "\x01\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0" | ||
| 157 | "\x23\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12" | ||
| 158 | "\x45\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34" | ||
| 159 | "\x67\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56" | ||
| 160 | "\x89\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78" | ||
| 161 | "\xab\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a" | ||
| 162 | "\xcd\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc" | ||
| 163 | "\xef\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc\xde" | ||
| 164 | "\xf0\x12\x34\x56\x78\x9a\xbc\xde\xf0\x12\x34\x56\x78\x9a\xbc\xde"; | ||
| 165 | unsigned char md[SHA_DIGEST_LENGTH]; | ||
| 166 | unsigned char mdkat[SHA_DIGEST_LENGTH] = | ||
| 167 | "\x2d\x57\x1d\x6f\x5c\x37\xf9\xf0\x3b\xb4\x3c\xe8\x2c\x4c\xb3\x04" | ||
| 168 | "\x75\xa2\x0e\xfb"; | ||
| 169 | unsigned char ctextkat[] = | ||
| 170 | "\x3e\xc5\x0a\xbe\x29\xa2\xca\x9a\x35\x14\x17\x26\xa4\x0f\xa3\x03" | ||
| 171 | "\x65\xb5\x37\xf5\x6a\xaa\xb\xf\x2c\x0d\x8\xc0\x73\x8\x3c\x88\x85" | ||
| 172 | "\x36\x68\x16\xfe\x2f\x59\x77\x7e\x2a\x76\x9a\xc7\x27\x19\x9b\x54" | ||
| 173 | "\x14\x87\xf3\xe0\xce\x1e\x68\x10\x40\x14\xac\xbc\xe6\x6f\x26\x1f" | ||
| 174 | "\x55\xd1\x15\x81\x48\x10\xf4\x89\xe5\x67\x52\x42\x87\x04\x74\x4e" | ||
| 175 | "\x96\x14\x7c\x53\xc9\x1e\x84\x11\x7d\x7d\x23\xbd\xff\x6c\xcb\x00" | ||
| 176 | "\x96\x2e\x7d\xfb\x47\xea\x78\xcd\xd8\x04\x3a\x98\x06\x13\x68\x39" | ||
| 177 | "\xa1\xe2\xbc\x9f\x64\xc7\x62\xf0\x74\x4d\x42\xe0\x0b\xcf\x24\x48"; | ||
| 178 | int i; | ||
| 179 | |||
| 180 | /* Perform pairwise consistency test by: ... */ | ||
| 181 | |||
| 182 | key=RSA_new(); | ||
| 183 | clen=setrsakey(key,expected_ctext); | ||
| 184 | /* ...1) apply public key to plaintext, resulting ciphertext must be | ||
| 185 | * different | ||
| 186 | */ | ||
| 187 | i=RSA_public_encrypt(128,original_ptext,ctext,key, | ||
| 188 | RSA_NO_PADDING); | ||
| 189 | if(i != clen || memcmp(ctext,expected_ctext,i)) | ||
| 190 | { | ||
| 191 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | ||
| 192 | return 0; | ||
| 193 | } | ||
| 194 | if(!memcmp(ctext,original_ptext,i)) | ||
| 195 | { | ||
| 196 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | ||
| 197 | return 0; | ||
| 198 | } | ||
| 199 | /* ...2) apply private key to ciphertext and compare result to | ||
| 200 | * original plaintext; results must be equal | ||
| 201 | */ | ||
| 202 | i=RSA_private_decrypt(i,ctext,ptext,key,RSA_NO_PADDING); | ||
| 203 | if(i != 128 || memcmp(ptext,original_ptext,i)) | ||
| 204 | { | 340 | { |
| 205 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | 341 | int ret = 0; |
| 206 | return 0; | 342 | RSA *key = NULL; |
| 207 | } | 343 | EVP_PKEY pk; |
| 344 | key=FIPS_rsa_new(); | ||
| 345 | setrsakey(key); | ||
| 346 | pk.type = EVP_PKEY_RSA; | ||
| 347 | pk.pkey.rsa = key; | ||
| 208 | 348 | ||
| 209 | /* Perform sign and verify Known Answer Test by... */ | 349 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, |
| 350 | kat_RSA_SHA1, sizeof(kat_RSA_SHA1), | ||
| 351 | EVP_sha1(), EVP_MD_CTX_FLAG_PAD_PKCS1, | ||
| 352 | "RSA SHA1 PKCS#1")) | ||
| 353 | goto err; | ||
| 354 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, | ||
| 355 | kat_RSA_SHA224, sizeof(kat_RSA_SHA224), | ||
| 356 | EVP_sha224(), EVP_MD_CTX_FLAG_PAD_PKCS1, | ||
| 357 | "RSA SHA224 PKCS#1")) | ||
| 358 | goto err; | ||
| 359 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, | ||
| 360 | kat_RSA_SHA256, sizeof(kat_RSA_SHA256), | ||
| 361 | EVP_sha256(), EVP_MD_CTX_FLAG_PAD_PKCS1, | ||
| 362 | "RSA SHA256 PKCS#1")) | ||
| 363 | goto err; | ||
| 364 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, | ||
| 365 | kat_RSA_SHA384, sizeof(kat_RSA_SHA384), | ||
| 366 | EVP_sha384(), EVP_MD_CTX_FLAG_PAD_PKCS1, | ||
| 367 | "RSA SHA384 PKCS#1")) | ||
| 368 | goto err; | ||
| 369 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, | ||
| 370 | kat_RSA_SHA512, sizeof(kat_RSA_SHA512), | ||
| 371 | EVP_sha512(), EVP_MD_CTX_FLAG_PAD_PKCS1, | ||
| 372 | "RSA SHA512 PKCS#1")) | ||
| 373 | goto err; | ||
| 210 | 374 | ||
| 211 | /* ...1) using the same RSA key to encrypt the SHA-1 hash of a | 375 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, |
| 212 | * plaintext value larger than the RSA key size | 376 | kat_RSA_PSS_SHA1, sizeof(kat_RSA_PSS_SHA1), |
| 213 | */ | 377 | EVP_sha1(), EVP_MD_CTX_FLAG_PAD_PSS, |
| 214 | if (RSA_size(key) >= sizeof(original_ptext) - 1) | 378 | "RSA SHA1 PSS")) |
| 215 | { | 379 | goto err; |
| 216 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | 380 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, |
| 217 | return 0; | 381 | kat_RSA_PSS_SHA224, sizeof(kat_RSA_PSS_SHA224), |
| 218 | } | 382 | EVP_sha224(), EVP_MD_CTX_FLAG_PAD_PSS, |
| 219 | /* ...2) then generate the SHA-1 digest of plaintext, and compare the | 383 | "RSA SHA224 PSS")) |
| 220 | * digest to the Known Answer (note here we duplicate the SHA-1 KAT) | 384 | goto err; |
| 221 | */ | 385 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, |
| 222 | SHA1(original_ptext,sizeof(original_ptext) - 1,md); | 386 | kat_RSA_PSS_SHA256, sizeof(kat_RSA_PSS_SHA256), |
| 223 | if(memcmp(md,mdkat,SHA_DIGEST_LENGTH)) | 387 | EVP_sha256(), EVP_MD_CTX_FLAG_PAD_PSS, |
| 224 | { | 388 | "RSA SHA256 PSS")) |
| 225 | FIPSerr(FIPS_F_FIPS_SELFTEST_SHA1,FIPS_R_SELFTEST_FAILED); | 389 | goto err; |
| 226 | return 0; | 390 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, |
| 227 | } | 391 | kat_RSA_PSS_SHA384, sizeof(kat_RSA_PSS_SHA384), |
| 228 | /* ...3) then encrypt the digest, and compare the ciphertext | 392 | EVP_sha384(), EVP_MD_CTX_FLAG_PAD_PSS, |
| 229 | * to the Known Answer | 393 | "RSA SHA384 PSS")) |
| 230 | */ | 394 | goto err; |
| 231 | i=RSA_private_encrypt(sizeof(md),md,ctext,key,RSA_PKCS1_PADDING); | 395 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, |
| 232 | if(i != clen || memcmp(ctextkat,ctext,i)) | 396 | kat_RSA_PSS_SHA512, sizeof(kat_RSA_PSS_SHA512), |
| 233 | { | 397 | EVP_sha512(), EVP_MD_CTX_FLAG_PAD_PSS, |
| 234 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | 398 | "RSA SHA512 PSS")) |
| 235 | return 0; | 399 | goto err; |
| 236 | } | ||
| 237 | /* ...4) and finally decrypt the signed digest and compare with | ||
| 238 | * the original Known Answer | ||
| 239 | */ | ||
| 240 | i=RSA_public_decrypt(i,ctext,md,key,RSA_PKCS1_PADDING); | ||
| 241 | if(i != sizeof(md) || memcmp(mdkat,md,i)) | ||
| 242 | { | ||
| 243 | FIPSerr(FIPS_F_FIPS_SELFTEST_RSA,FIPS_R_SELFTEST_FAILED); | ||
| 244 | return 0; | ||
| 245 | } | ||
| 246 | 400 | ||
| 247 | RSA_free(key); | 401 | |
| 248 | return 1; | 402 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, |
| 249 | } | 403 | kat_RSA_X931_SHA1, sizeof(kat_RSA_X931_SHA1), |
| 404 | EVP_sha1(), EVP_MD_CTX_FLAG_PAD_X931, | ||
| 405 | "RSA SHA1 X931")) | ||
| 406 | goto err; | ||
| 407 | /* NB: SHA224 not supported in X9.31 */ | ||
| 408 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, | ||
| 409 | kat_RSA_X931_SHA256, sizeof(kat_RSA_X931_SHA256), | ||
| 410 | EVP_sha256(), EVP_MD_CTX_FLAG_PAD_X931, | ||
| 411 | "RSA SHA256 X931")) | ||
| 412 | goto err; | ||
| 413 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, | ||
| 414 | kat_RSA_X931_SHA384, sizeof(kat_RSA_X931_SHA384), | ||
| 415 | EVP_sha384(), EVP_MD_CTX_FLAG_PAD_X931, | ||
| 416 | "RSA SHA384 X931")) | ||
| 417 | goto err; | ||
| 418 | if (!fips_pkey_signature_test(&pk, kat_tbs, sizeof(kat_tbs) - 1, | ||
| 419 | kat_RSA_X931_SHA512, sizeof(kat_RSA_X931_SHA512), | ||
| 420 | EVP_sha512(), EVP_MD_CTX_FLAG_PAD_X931, | ||
| 421 | "RSA SHA512 X931")) | ||
| 422 | goto err; | ||
| 423 | |||
| 424 | |||
| 425 | ret = 1; | ||
| 426 | |||
| 427 | err: | ||
| 428 | FIPS_rsa_free(key); | ||
| 429 | return ret; | ||
| 430 | } | ||
| 250 | 431 | ||
| 251 | #endif /* def OPENSSL_FIPS */ | 432 | #endif /* def OPENSSL_FIPS */ |
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_sign.c b/src/lib/libssl/src/fips/rsa/fips_rsa_sign.c new file mode 100644 index 0000000000..37364621d1 --- /dev/null +++ b/src/lib/libssl/src/fips/rsa/fips_rsa_sign.c | |||
| @@ -0,0 +1,554 @@ | |||
| 1 | /* fips_rsa_sign.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project 2007. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2007 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <string.h> | ||
| 60 | #include <openssl/evp.h> | ||
| 61 | #include <openssl/rsa.h> | ||
| 62 | #include <openssl/err.h> | ||
| 63 | #include <openssl/sha.h> | ||
| 64 | |||
| 65 | #ifdef OPENSSL_FIPS | ||
| 66 | |||
| 67 | /* FIPS versions of RSA_sign() and RSA_verify(). | ||
| 68 | * These will only have to deal with SHA* signatures and by including | ||
| 69 | * pregenerated encodings all ASN1 dependencies can be avoided | ||
| 70 | */ | ||
| 71 | |||
| 72 | /* Standard encodings including NULL parameter */ | ||
| 73 | |||
| 74 | static const unsigned char sha1_bin[] = { | ||
| 75 | 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, | ||
| 76 | 0x00, 0x04, 0x14 | ||
| 77 | }; | ||
| 78 | |||
| 79 | static const unsigned char sha224_bin[] = { | ||
| 80 | 0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, | ||
| 81 | 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1c | ||
| 82 | }; | ||
| 83 | |||
| 84 | static const unsigned char sha256_bin[] = { | ||
| 85 | 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, | ||
| 86 | 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20 | ||
| 87 | }; | ||
| 88 | |||
| 89 | static const unsigned char sha384_bin[] = { | ||
| 90 | 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, | ||
| 91 | 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30 | ||
| 92 | }; | ||
| 93 | |||
| 94 | static const unsigned char sha512_bin[] = { | ||
| 95 | 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, | ||
| 96 | 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40 | ||
| 97 | }; | ||
| 98 | |||
| 99 | /* Alternate encodings with absent parameters. We don't generate signature | ||
| 100 | * using this format but do tolerate received signatures of this form. | ||
| 101 | */ | ||
| 102 | |||
| 103 | static unsigned char sha1_nn_bin[] = { | ||
| 104 | 0x30, 0x1f, 0x30, 0x07, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x04, | ||
| 105 | 0x14 | ||
| 106 | }; | ||
| 107 | |||
| 108 | static unsigned char sha224_nn_bin[] = { | ||
| 109 | 0x30, 0x2b, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, | ||
| 110 | 0x04, 0x02, 0x04, 0x04, 0x1c | ||
| 111 | }; | ||
| 112 | |||
| 113 | static unsigned char sha256_nn_bin[] = { | ||
| 114 | 0x30, 0x2f, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, | ||
| 115 | 0x04, 0x02, 0x01, 0x04, 0x20 | ||
| 116 | }; | ||
| 117 | |||
| 118 | static unsigned char sha384_nn_bin[] = { | ||
| 119 | 0x30, 0x3f, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, | ||
| 120 | 0x04, 0x02, 0x02, 0x04, 0x30 | ||
| 121 | }; | ||
| 122 | |||
| 123 | static unsigned char sha512_nn_bin[] = { | ||
| 124 | 0x30, 0x4f, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, | ||
| 125 | 0x04, 0x02, 0x03, 0x04, 0x40 | ||
| 126 | }; | ||
| 127 | |||
| 128 | |||
| 129 | static const unsigned char *fips_digestinfo_encoding(int nid, unsigned int *len) | ||
| 130 | { | ||
| 131 | switch (nid) | ||
| 132 | { | ||
| 133 | |||
| 134 | case NID_sha1: | ||
| 135 | *len = sizeof(sha1_bin); | ||
| 136 | return sha1_bin; | ||
| 137 | |||
| 138 | case NID_sha224: | ||
| 139 | *len = sizeof(sha224_bin); | ||
| 140 | return sha224_bin; | ||
| 141 | |||
| 142 | case NID_sha256: | ||
| 143 | *len = sizeof(sha256_bin); | ||
| 144 | return sha256_bin; | ||
| 145 | |||
| 146 | case NID_sha384: | ||
| 147 | *len = sizeof(sha384_bin); | ||
| 148 | return sha384_bin; | ||
| 149 | |||
| 150 | case NID_sha512: | ||
| 151 | *len = sizeof(sha512_bin); | ||
| 152 | return sha512_bin; | ||
| 153 | |||
| 154 | default: | ||
| 155 | return NULL; | ||
| 156 | |||
| 157 | } | ||
| 158 | } | ||
| 159 | |||
| 160 | static const unsigned char *fips_digestinfo_nn_encoding(int nid, unsigned int *len) | ||
| 161 | { | ||
| 162 | switch (nid) | ||
| 163 | { | ||
| 164 | |||
| 165 | case NID_sha1: | ||
| 166 | *len = sizeof(sha1_nn_bin); | ||
| 167 | return sha1_nn_bin; | ||
| 168 | |||
| 169 | case NID_sha224: | ||
| 170 | *len = sizeof(sha224_nn_bin); | ||
| 171 | return sha224_nn_bin; | ||
| 172 | |||
| 173 | case NID_sha256: | ||
| 174 | *len = sizeof(sha256_nn_bin); | ||
| 175 | return sha256_nn_bin; | ||
| 176 | |||
| 177 | case NID_sha384: | ||
| 178 | *len = sizeof(sha384_nn_bin); | ||
| 179 | return sha384_nn_bin; | ||
| 180 | |||
| 181 | case NID_sha512: | ||
| 182 | *len = sizeof(sha512_nn_bin); | ||
| 183 | return sha512_nn_bin; | ||
| 184 | |||
| 185 | default: | ||
| 186 | return NULL; | ||
| 187 | |||
| 188 | } | ||
| 189 | } | ||
| 190 | |||
| 191 | static int fips_rsa_sign(int type, const unsigned char *x, unsigned int y, | ||
| 192 | unsigned char *sigret, unsigned int *siglen, EVP_MD_SVCTX *sv) | ||
| 193 | { | ||
| 194 | int i=0,j,ret=0; | ||
| 195 | unsigned int dlen; | ||
| 196 | const unsigned char *der; | ||
| 197 | unsigned int m_len; | ||
| 198 | int pad_mode = sv->mctx->flags & EVP_MD_CTX_FLAG_PAD_MASK; | ||
| 199 | int rsa_pad_mode = 0; | ||
| 200 | RSA *rsa = sv->key; | ||
| 201 | /* Largest DigestInfo: 19 (max encoding) + max MD */ | ||
| 202 | unsigned char tmpdinfo[19 + EVP_MAX_MD_SIZE]; | ||
| 203 | unsigned char md[EVP_MAX_MD_SIZE + 1]; | ||
| 204 | |||
| 205 | EVP_DigestFinal_ex(sv->mctx, md, &m_len); | ||
| 206 | |||
| 207 | if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) | ||
| 208 | { | ||
| 209 | ret = rsa->meth->rsa_sign(type, md, m_len, | ||
| 210 | sigret, siglen, rsa); | ||
| 211 | goto done; | ||
| 212 | } | ||
| 213 | |||
| 214 | if (pad_mode == EVP_MD_CTX_FLAG_PAD_X931) | ||
| 215 | { | ||
| 216 | int hash_id; | ||
| 217 | memcpy(tmpdinfo, md, m_len); | ||
| 218 | hash_id = RSA_X931_hash_id(M_EVP_MD_CTX_type(sv->mctx)); | ||
| 219 | if (hash_id == -1) | ||
| 220 | { | ||
| 221 | RSAerr(RSA_F_FIPS_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); | ||
| 222 | return 0; | ||
| 223 | } | ||
| 224 | tmpdinfo[m_len] = (unsigned char)hash_id; | ||
| 225 | i = m_len + 1; | ||
| 226 | rsa_pad_mode = RSA_X931_PADDING; | ||
| 227 | } | ||
| 228 | else if (pad_mode == EVP_MD_CTX_FLAG_PAD_PKCS1) | ||
| 229 | { | ||
| 230 | |||
| 231 | der = fips_digestinfo_encoding(type, &dlen); | ||
| 232 | |||
| 233 | if (!der) | ||
| 234 | { | ||
| 235 | RSAerr(RSA_F_FIPS_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); | ||
| 236 | return 0; | ||
| 237 | } | ||
| 238 | memcpy(tmpdinfo, der, dlen); | ||
| 239 | memcpy(tmpdinfo + dlen, md, m_len); | ||
| 240 | |||
| 241 | i = dlen + m_len; | ||
| 242 | rsa_pad_mode = RSA_PKCS1_PADDING; | ||
| 243 | |||
| 244 | } | ||
| 245 | else if (pad_mode == EVP_MD_CTX_FLAG_PAD_PSS) | ||
| 246 | { | ||
| 247 | unsigned char *sbuf; | ||
| 248 | int saltlen; | ||
| 249 | i = RSA_size(rsa); | ||
| 250 | sbuf = OPENSSL_malloc(RSA_size(rsa)); | ||
| 251 | saltlen = M_EVP_MD_CTX_FLAG_PSS_SALT(sv->mctx); | ||
| 252 | if (saltlen == EVP_MD_CTX_FLAG_PSS_MDLEN) | ||
| 253 | saltlen = -1; | ||
| 254 | else if (saltlen == EVP_MD_CTX_FLAG_PSS_MREC) | ||
| 255 | saltlen = -2; | ||
| 256 | if (!sbuf) | ||
| 257 | { | ||
| 258 | RSAerr(RSA_F_FIPS_RSA_SIGN,ERR_R_MALLOC_FAILURE); | ||
| 259 | goto psserr; | ||
| 260 | } | ||
| 261 | if (!RSA_padding_add_PKCS1_PSS(rsa, sbuf, md, | ||
| 262 | M_EVP_MD_CTX_md(sv->mctx), saltlen)) | ||
| 263 | goto psserr; | ||
| 264 | j=rsa->meth->rsa_priv_enc(i,sbuf,sigret,rsa,RSA_NO_PADDING); | ||
| 265 | if (j > 0) | ||
| 266 | { | ||
| 267 | ret=1; | ||
| 268 | *siglen=j; | ||
| 269 | } | ||
| 270 | psserr: | ||
| 271 | OPENSSL_cleanse(md,m_len); | ||
| 272 | OPENSSL_cleanse(sbuf, i); | ||
| 273 | OPENSSL_free(sbuf); | ||
| 274 | return ret; | ||
| 275 | } | ||
| 276 | |||
| 277 | j=RSA_size(rsa); | ||
| 278 | if (i > (j-RSA_PKCS1_PADDING_SIZE)) | ||
| 279 | { | ||
| 280 | RSAerr(RSA_F_FIPS_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); | ||
| 281 | goto done; | ||
| 282 | } | ||
| 283 | /* NB: call underlying method directly to avoid FIPS blocking */ | ||
| 284 | j=rsa->meth->rsa_priv_enc(i,tmpdinfo,sigret,rsa,rsa_pad_mode); | ||
| 285 | if (j > 0) | ||
| 286 | { | ||
| 287 | ret=1; | ||
| 288 | *siglen=j; | ||
| 289 | } | ||
| 290 | |||
| 291 | done: | ||
| 292 | OPENSSL_cleanse(tmpdinfo,i); | ||
| 293 | OPENSSL_cleanse(md,m_len); | ||
| 294 | return ret; | ||
| 295 | } | ||
| 296 | |||
| 297 | static int fips_rsa_verify(int dtype, | ||
| 298 | const unsigned char *x, unsigned int y, | ||
| 299 | unsigned char *sigbuf, unsigned int siglen, EVP_MD_SVCTX *sv) | ||
| 300 | { | ||
| 301 | int i,ret=0; | ||
| 302 | unsigned int dlen, diglen; | ||
| 303 | int pad_mode = sv->mctx->flags & EVP_MD_CTX_FLAG_PAD_MASK; | ||
| 304 | int rsa_pad_mode = 0; | ||
| 305 | unsigned char *s; | ||
| 306 | const unsigned char *der; | ||
| 307 | unsigned char dig[EVP_MAX_MD_SIZE]; | ||
| 308 | RSA *rsa = sv->key; | ||
| 309 | |||
| 310 | if (siglen != (unsigned int)RSA_size(sv->key)) | ||
| 311 | { | ||
| 312 | RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH); | ||
| 313 | return(0); | ||
| 314 | } | ||
| 315 | |||
| 316 | EVP_DigestFinal_ex(sv->mctx, dig, &diglen); | ||
| 317 | |||
| 318 | if((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) | ||
| 319 | { | ||
| 320 | return rsa->meth->rsa_verify(dtype, dig, diglen, | ||
| 321 | sigbuf, siglen, rsa); | ||
| 322 | } | ||
| 323 | |||
| 324 | |||
| 325 | s= OPENSSL_malloc((unsigned int)siglen); | ||
| 326 | if (s == NULL) | ||
| 327 | { | ||
| 328 | RSAerr(RSA_F_FIPS_RSA_VERIFY,ERR_R_MALLOC_FAILURE); | ||
| 329 | goto err; | ||
| 330 | } | ||
| 331 | if (pad_mode == EVP_MD_CTX_FLAG_PAD_X931) | ||
| 332 | rsa_pad_mode = RSA_X931_PADDING; | ||
| 333 | else if (pad_mode == EVP_MD_CTX_FLAG_PAD_PKCS1) | ||
| 334 | rsa_pad_mode = RSA_PKCS1_PADDING; | ||
| 335 | else if (pad_mode == EVP_MD_CTX_FLAG_PAD_PSS) | ||
| 336 | rsa_pad_mode = RSA_NO_PADDING; | ||
| 337 | |||
| 338 | /* NB: call underlying method directly to avoid FIPS blocking */ | ||
| 339 | i=rsa->meth->rsa_pub_dec((int)siglen,sigbuf,s, rsa, rsa_pad_mode); | ||
| 340 | |||
| 341 | if (i <= 0) goto err; | ||
| 342 | |||
| 343 | if (pad_mode == EVP_MD_CTX_FLAG_PAD_X931) | ||
| 344 | { | ||
| 345 | int hash_id; | ||
| 346 | if (i != (int)(diglen + 1)) | ||
| 347 | { | ||
| 348 | RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE); | ||
| 349 | goto err; | ||
| 350 | } | ||
| 351 | hash_id = RSA_X931_hash_id(M_EVP_MD_CTX_type(sv->mctx)); | ||
| 352 | if (hash_id == -1) | ||
| 353 | { | ||
| 354 | RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_UNKNOWN_ALGORITHM_TYPE); | ||
| 355 | goto err; | ||
| 356 | } | ||
| 357 | if (s[diglen] != (unsigned char)hash_id) | ||
| 358 | { | ||
| 359 | RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE); | ||
| 360 | goto err; | ||
| 361 | } | ||
| 362 | if (memcmp(s, dig, diglen)) | ||
| 363 | { | ||
| 364 | RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE); | ||
| 365 | goto err; | ||
| 366 | } | ||
| 367 | ret = 1; | ||
| 368 | } | ||
| 369 | else if (pad_mode == EVP_MD_CTX_FLAG_PAD_PKCS1) | ||
| 370 | { | ||
| 371 | |||
| 372 | der = fips_digestinfo_encoding(dtype, &dlen); | ||
| 373 | |||
| 374 | if (!der) | ||
| 375 | { | ||
| 376 | RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_UNKNOWN_ALGORITHM_TYPE); | ||
| 377 | return(0); | ||
| 378 | } | ||
| 379 | |||
| 380 | /* Compare, DigestInfo length, DigestInfo header and finally | ||
| 381 | * digest value itself | ||
| 382 | */ | ||
| 383 | |||
| 384 | /* If length mismatch try alternate encoding */ | ||
| 385 | if (i != (int)(dlen + diglen)) | ||
| 386 | der = fips_digestinfo_nn_encoding(dtype, &dlen); | ||
| 387 | |||
| 388 | if ((i != (int)(dlen + diglen)) || memcmp(der, s, dlen) | ||
| 389 | || memcmp(s + dlen, dig, diglen)) | ||
| 390 | { | ||
| 391 | RSAerr(RSA_F_FIPS_RSA_VERIFY,RSA_R_BAD_SIGNATURE); | ||
| 392 | goto err; | ||
| 393 | } | ||
| 394 | ret = 1; | ||
| 395 | |||
| 396 | } | ||
| 397 | else if (pad_mode == EVP_MD_CTX_FLAG_PAD_PSS) | ||
| 398 | { | ||
| 399 | int saltlen; | ||
| 400 | saltlen = M_EVP_MD_CTX_FLAG_PSS_SALT(sv->mctx); | ||
| 401 | if (saltlen == EVP_MD_CTX_FLAG_PSS_MDLEN) | ||
| 402 | saltlen = -1; | ||
| 403 | else if (saltlen == EVP_MD_CTX_FLAG_PSS_MREC) | ||
| 404 | saltlen = -2; | ||
| 405 | ret = RSA_verify_PKCS1_PSS(rsa, dig, M_EVP_MD_CTX_md(sv->mctx), | ||
| 406 | s, saltlen); | ||
| 407 | if (ret < 0) | ||
| 408 | ret = 0; | ||
| 409 | } | ||
| 410 | err: | ||
| 411 | if (s != NULL) | ||
| 412 | { | ||
| 413 | OPENSSL_cleanse(s, siglen); | ||
| 414 | OPENSSL_free(s); | ||
| 415 | } | ||
| 416 | return(ret); | ||
| 417 | } | ||
| 418 | |||
| 419 | #define EVP_PKEY_RSA_fips_method \ | ||
| 420 | (evp_sign_method *)fips_rsa_sign, \ | ||
| 421 | (evp_verify_method *)fips_rsa_verify, \ | ||
| 422 | {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} | ||
| 423 | |||
| 424 | static int init(EVP_MD_CTX *ctx) | ||
| 425 | { return SHA1_Init(ctx->md_data); } | ||
| 426 | |||
| 427 | static int update(EVP_MD_CTX *ctx,const void *data,size_t count) | ||
| 428 | { return SHA1_Update(ctx->md_data,data,count); } | ||
| 429 | |||
| 430 | static int final(EVP_MD_CTX *ctx,unsigned char *md) | ||
| 431 | { return SHA1_Final(md,ctx->md_data); } | ||
| 432 | |||
| 433 | static const EVP_MD sha1_md= | ||
| 434 | { | ||
| 435 | NID_sha1, | ||
| 436 | NID_sha1WithRSAEncryption, | ||
| 437 | SHA_DIGEST_LENGTH, | ||
| 438 | EVP_MD_FLAG_FIPS|EVP_MD_FLAG_SVCTX, | ||
| 439 | init, | ||
| 440 | update, | ||
| 441 | final, | ||
| 442 | NULL, | ||
| 443 | NULL, | ||
| 444 | EVP_PKEY_RSA_fips_method, | ||
| 445 | SHA_CBLOCK, | ||
| 446 | sizeof(EVP_MD *)+sizeof(SHA_CTX), | ||
| 447 | }; | ||
| 448 | |||
| 449 | const EVP_MD *EVP_sha1(void) | ||
| 450 | { | ||
| 451 | return(&sha1_md); | ||
| 452 | } | ||
| 453 | |||
| 454 | static int init224(EVP_MD_CTX *ctx) | ||
| 455 | { return SHA224_Init(ctx->md_data); } | ||
| 456 | static int init256(EVP_MD_CTX *ctx) | ||
| 457 | { return SHA256_Init(ctx->md_data); } | ||
| 458 | /* | ||
| 459 | * Even though there're separate SHA224_[Update|Final], we call | ||
| 460 | * SHA256 functions even in SHA224 context. This is what happens | ||
| 461 | * there anyway, so we can spare few CPU cycles:-) | ||
| 462 | */ | ||
| 463 | static int update256(EVP_MD_CTX *ctx,const void *data,size_t count) | ||
| 464 | { return SHA256_Update(ctx->md_data,data,count); } | ||
| 465 | static int final256(EVP_MD_CTX *ctx,unsigned char *md) | ||
| 466 | { return SHA256_Final(md,ctx->md_data); } | ||
| 467 | |||
| 468 | static const EVP_MD sha224_md= | ||
| 469 | { | ||
| 470 | NID_sha224, | ||
| 471 | NID_sha224WithRSAEncryption, | ||
| 472 | SHA224_DIGEST_LENGTH, | ||
| 473 | EVP_MD_FLAG_FIPS|EVP_MD_FLAG_SVCTX, | ||
| 474 | init224, | ||
| 475 | update256, | ||
| 476 | final256, | ||
| 477 | NULL, | ||
| 478 | NULL, | ||
| 479 | EVP_PKEY_RSA_fips_method, | ||
| 480 | SHA256_CBLOCK, | ||
| 481 | sizeof(EVP_MD *)+sizeof(SHA256_CTX), | ||
| 482 | }; | ||
| 483 | |||
| 484 | const EVP_MD *EVP_sha224(void) | ||
| 485 | { return(&sha224_md); } | ||
| 486 | |||
| 487 | static const EVP_MD sha256_md= | ||
| 488 | { | ||
| 489 | NID_sha256, | ||
| 490 | NID_sha256WithRSAEncryption, | ||
| 491 | SHA256_DIGEST_LENGTH, | ||
| 492 | EVP_MD_FLAG_FIPS|EVP_MD_FLAG_SVCTX, | ||
| 493 | init256, | ||
| 494 | update256, | ||
| 495 | final256, | ||
| 496 | NULL, | ||
| 497 | NULL, | ||
| 498 | EVP_PKEY_RSA_fips_method, | ||
| 499 | SHA256_CBLOCK, | ||
| 500 | sizeof(EVP_MD *)+sizeof(SHA256_CTX), | ||
| 501 | }; | ||
| 502 | |||
| 503 | const EVP_MD *EVP_sha256(void) | ||
| 504 | { return(&sha256_md); } | ||
| 505 | |||
| 506 | static int init384(EVP_MD_CTX *ctx) | ||
| 507 | { return SHA384_Init(ctx->md_data); } | ||
| 508 | static int init512(EVP_MD_CTX *ctx) | ||
| 509 | { return SHA512_Init(ctx->md_data); } | ||
| 510 | /* See comment in SHA224/256 section */ | ||
| 511 | static int update512(EVP_MD_CTX *ctx,const void *data,size_t count) | ||
| 512 | { return SHA512_Update(ctx->md_data,data,count); } | ||
| 513 | static int final512(EVP_MD_CTX *ctx,unsigned char *md) | ||
| 514 | { return SHA512_Final(md,ctx->md_data); } | ||
| 515 | |||
| 516 | static const EVP_MD sha384_md= | ||
| 517 | { | ||
| 518 | NID_sha384, | ||
| 519 | NID_sha384WithRSAEncryption, | ||
| 520 | SHA384_DIGEST_LENGTH, | ||
| 521 | EVP_MD_FLAG_FIPS|EVP_MD_FLAG_SVCTX, | ||
| 522 | init384, | ||
| 523 | update512, | ||
| 524 | final512, | ||
| 525 | NULL, | ||
| 526 | NULL, | ||
| 527 | EVP_PKEY_RSA_fips_method, | ||
| 528 | SHA512_CBLOCK, | ||
| 529 | sizeof(EVP_MD *)+sizeof(SHA512_CTX), | ||
| 530 | }; | ||
| 531 | |||
| 532 | const EVP_MD *EVP_sha384(void) | ||
| 533 | { return(&sha384_md); } | ||
| 534 | |||
| 535 | static const EVP_MD sha512_md= | ||
| 536 | { | ||
| 537 | NID_sha512, | ||
| 538 | NID_sha512WithRSAEncryption, | ||
| 539 | SHA512_DIGEST_LENGTH, | ||
| 540 | EVP_MD_FLAG_FIPS|EVP_MD_FLAG_SVCTX, | ||
| 541 | init512, | ||
| 542 | update512, | ||
| 543 | final512, | ||
| 544 | NULL, | ||
| 545 | NULL, | ||
| 546 | EVP_PKEY_RSA_fips_method, | ||
| 547 | SHA512_CBLOCK, | ||
| 548 | sizeof(EVP_MD *)+sizeof(SHA512_CTX), | ||
| 549 | }; | ||
| 550 | |||
| 551 | const EVP_MD *EVP_sha512(void) | ||
| 552 | { return(&sha512_md); } | ||
| 553 | |||
| 554 | #endif | ||
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsa_x931g.c b/src/lib/libssl/src/fips/rsa/fips_rsa_x931g.c new file mode 100644 index 0000000000..d9f9a81235 --- /dev/null +++ b/src/lib/libssl/src/fips/rsa/fips_rsa_x931g.c | |||
| @@ -0,0 +1,280 @@ | |||
| 1 | /* crypto/rsa/rsa_gen.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <string.h> | ||
| 61 | #include <time.h> | ||
| 62 | #include <openssl/err.h> | ||
| 63 | #include <openssl/bn.h> | ||
| 64 | #include <openssl/rsa.h> | ||
| 65 | #include <openssl/fips.h> | ||
| 66 | |||
| 67 | #ifdef OPENSSL_FIPS | ||
| 68 | |||
| 69 | extern int fips_check_rsa(RSA *rsa); | ||
| 70 | |||
| 71 | |||
| 72 | /* X9.31 RSA key derivation and generation */ | ||
| 73 | |||
| 74 | int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2, | ||
| 75 | const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp, | ||
| 76 | const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq, | ||
| 77 | const BIGNUM *e, BN_GENCB *cb) | ||
| 78 | { | ||
| 79 | BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL; | ||
| 80 | BN_CTX *ctx=NULL,*ctx2=NULL; | ||
| 81 | |||
| 82 | if (!rsa) | ||
| 83 | goto err; | ||
| 84 | |||
| 85 | ctx = BN_CTX_new(); | ||
| 86 | BN_CTX_start(ctx); | ||
| 87 | if (!ctx) | ||
| 88 | goto err; | ||
| 89 | |||
| 90 | r0 = BN_CTX_get(ctx); | ||
| 91 | r1 = BN_CTX_get(ctx); | ||
| 92 | r2 = BN_CTX_get(ctx); | ||
| 93 | r3 = BN_CTX_get(ctx); | ||
| 94 | |||
| 95 | if (r3 == NULL) | ||
| 96 | goto err; | ||
| 97 | if (!rsa->e) | ||
| 98 | { | ||
| 99 | rsa->e = BN_dup(e); | ||
| 100 | if (!rsa->e) | ||
| 101 | goto err; | ||
| 102 | } | ||
| 103 | else | ||
| 104 | e = rsa->e; | ||
| 105 | |||
| 106 | /* If not all parameters present only calculate what we can. | ||
| 107 | * This allows test programs to output selective parameters. | ||
| 108 | */ | ||
| 109 | |||
| 110 | if (Xp && !rsa->p) | ||
| 111 | { | ||
| 112 | rsa->p = BN_new(); | ||
| 113 | if (!rsa->p) | ||
| 114 | goto err; | ||
| 115 | |||
| 116 | if (!BN_X931_derive_prime_ex(rsa->p, p1, p2, | ||
| 117 | Xp, Xp1, Xp2, e, ctx, cb)) | ||
| 118 | goto err; | ||
| 119 | } | ||
| 120 | |||
| 121 | if (Xq && !rsa->q) | ||
| 122 | { | ||
| 123 | rsa->q = BN_new(); | ||
| 124 | if (!rsa->q) | ||
| 125 | goto err; | ||
| 126 | if (!BN_X931_derive_prime_ex(rsa->q, q1, q2, | ||
| 127 | Xq, Xq1, Xq2, e, ctx, cb)) | ||
| 128 | goto err; | ||
| 129 | } | ||
| 130 | |||
| 131 | if (!rsa->p || !rsa->q) | ||
| 132 | { | ||
| 133 | BN_CTX_end(ctx); | ||
| 134 | BN_CTX_free(ctx); | ||
| 135 | return 2; | ||
| 136 | } | ||
| 137 | |||
| 138 | /* Since both primes are set we can now calculate all remaining | ||
| 139 | * components. | ||
| 140 | */ | ||
| 141 | |||
| 142 | /* calculate n */ | ||
| 143 | rsa->n=BN_new(); | ||
| 144 | if (rsa->n == NULL) | ||
| 145 | goto err; | ||
| 146 | if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) | ||
| 147 | goto err; | ||
| 148 | |||
| 149 | /* calculate d */ | ||
| 150 | if (!BN_sub(r1,rsa->p,BN_value_one())) | ||
| 151 | goto err; /* p-1 */ | ||
| 152 | if (!BN_sub(r2,rsa->q,BN_value_one())) | ||
| 153 | goto err; /* q-1 */ | ||
| 154 | if (!BN_mul(r0,r1,r2,ctx)) | ||
| 155 | goto err; /* (p-1)(q-1) */ | ||
| 156 | |||
| 157 | if (!BN_gcd(r3, r1, r2, ctx)) | ||
| 158 | goto err; | ||
| 159 | |||
| 160 | if (!BN_div(r0, NULL, r0, r3, ctx)) | ||
| 161 | goto err; /* LCM((p-1)(q-1)) */ | ||
| 162 | |||
| 163 | ctx2 = BN_CTX_new(); | ||
| 164 | if (!ctx2) | ||
| 165 | goto err; | ||
| 166 | |||
| 167 | rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ | ||
| 168 | if (rsa->d == NULL) | ||
| 169 | goto err; | ||
| 170 | |||
| 171 | /* calculate d mod (p-1) */ | ||
| 172 | rsa->dmp1=BN_new(); | ||
| 173 | if (rsa->dmp1 == NULL) | ||
| 174 | goto err; | ||
| 175 | if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) | ||
| 176 | goto err; | ||
| 177 | |||
| 178 | /* calculate d mod (q-1) */ | ||
| 179 | rsa->dmq1=BN_new(); | ||
| 180 | if (rsa->dmq1 == NULL) | ||
| 181 | goto err; | ||
| 182 | if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) | ||
| 183 | goto err; | ||
| 184 | |||
| 185 | /* calculate inverse of q mod p */ | ||
| 186 | rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); | ||
| 187 | |||
| 188 | err: | ||
| 189 | if (ctx) | ||
| 190 | { | ||
| 191 | BN_CTX_end(ctx); | ||
| 192 | BN_CTX_free(ctx); | ||
| 193 | } | ||
| 194 | if (ctx2) | ||
| 195 | BN_CTX_free(ctx2); | ||
| 196 | /* If this is set all calls successful */ | ||
| 197 | if (rsa->iqmp != NULL) | ||
| 198 | return 1; | ||
| 199 | |||
| 200 | return 0; | ||
| 201 | |||
| 202 | } | ||
| 203 | |||
| 204 | int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb) | ||
| 205 | { | ||
| 206 | int ok = 0; | ||
| 207 | BIGNUM *Xp = NULL, *Xq = NULL; | ||
| 208 | BN_CTX *ctx = NULL; | ||
| 209 | |||
| 210 | if (bits < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS) | ||
| 211 | { | ||
| 212 | FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_KEY_TOO_SHORT); | ||
| 213 | return 0; | ||
| 214 | } | ||
| 215 | |||
| 216 | if (bits & 0xff) | ||
| 217 | { | ||
| 218 | FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_INVALID_KEY_LENGTH); | ||
| 219 | return 0; | ||
| 220 | } | ||
| 221 | |||
| 222 | if(FIPS_selftest_failed()) | ||
| 223 | { | ||
| 224 | FIPSerr(FIPS_F_RSA_X931_GENERATE_KEY_EX,FIPS_R_FIPS_SELFTEST_FAILED); | ||
| 225 | return 0; | ||
| 226 | } | ||
| 227 | |||
| 228 | ctx = BN_CTX_new(); | ||
| 229 | if (!ctx) | ||
| 230 | goto error; | ||
| 231 | |||
| 232 | BN_CTX_start(ctx); | ||
| 233 | Xp = BN_CTX_get(ctx); | ||
| 234 | Xq = BN_CTX_get(ctx); | ||
| 235 | if (!BN_X931_generate_Xpq(Xp, Xq, bits, ctx)) | ||
| 236 | goto error; | ||
| 237 | |||
| 238 | rsa->p = BN_new(); | ||
| 239 | rsa->q = BN_new(); | ||
| 240 | if (!rsa->p || !rsa->q) | ||
| 241 | goto error; | ||
| 242 | |||
| 243 | /* Generate two primes from Xp, Xq */ | ||
| 244 | |||
| 245 | if (!BN_X931_generate_prime_ex(rsa->p, NULL, NULL, NULL, NULL, Xp, | ||
| 246 | e, ctx, cb)) | ||
| 247 | goto error; | ||
| 248 | |||
| 249 | if (!BN_X931_generate_prime_ex(rsa->q, NULL, NULL, NULL, NULL, Xq, | ||
| 250 | e, ctx, cb)) | ||
| 251 | goto error; | ||
| 252 | |||
| 253 | /* Since rsa->p and rsa->q are valid this call will just derive | ||
| 254 | * remaining RSA components. | ||
| 255 | */ | ||
| 256 | |||
| 257 | if (!RSA_X931_derive_ex(rsa, NULL, NULL, NULL, NULL, | ||
| 258 | NULL, NULL, NULL, NULL, NULL, NULL, e, cb)) | ||
| 259 | goto error; | ||
| 260 | |||
| 261 | if(!fips_check_rsa(rsa)) | ||
| 262 | goto error; | ||
| 263 | |||
| 264 | ok = 1; | ||
| 265 | |||
| 266 | error: | ||
| 267 | if (ctx) | ||
| 268 | { | ||
| 269 | BN_CTX_end(ctx); | ||
| 270 | BN_CTX_free(ctx); | ||
| 271 | } | ||
| 272 | |||
| 273 | if (ok) | ||
| 274 | return 1; | ||
| 275 | |||
| 276 | return 0; | ||
| 277 | |||
| 278 | } | ||
| 279 | |||
| 280 | #endif | ||
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsagtest.c b/src/lib/libssl/src/fips/rsa/fips_rsagtest.c new file mode 100644 index 0000000000..33a3d7a48c --- /dev/null +++ b/src/lib/libssl/src/fips/rsa/fips_rsagtest.c | |||
| @@ -0,0 +1,390 @@ | |||
| 1 | /* fips_rsagtest.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project 2005. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2005,2007 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <ctype.h> | ||
| 61 | #include <string.h> | ||
| 62 | #include <openssl/bio.h> | ||
| 63 | #include <openssl/evp.h> | ||
| 64 | #include <openssl/hmac.h> | ||
| 65 | #include <openssl/err.h> | ||
| 66 | #include <openssl/rsa.h> | ||
| 67 | #include <openssl/bn.h> | ||
| 68 | #include <openssl/x509v3.h> | ||
| 69 | |||
| 70 | #ifndef OPENSSL_FIPS | ||
| 71 | |||
| 72 | int main(int argc, char *argv[]) | ||
| 73 | { | ||
| 74 | printf("No FIPS RSA support\n"); | ||
| 75 | return(0); | ||
| 76 | } | ||
| 77 | |||
| 78 | #else | ||
| 79 | |||
| 80 | #include "fips_utl.h" | ||
| 81 | |||
| 82 | int rsa_test(FILE *out, FILE *in); | ||
| 83 | static int rsa_printkey1(FILE *out, RSA *rsa, | ||
| 84 | BIGNUM *Xp1, BIGNUM *Xp2, BIGNUM *Xp, | ||
| 85 | BIGNUM *e); | ||
| 86 | static int rsa_printkey2(FILE *out, RSA *rsa, | ||
| 87 | BIGNUM *Xq1, BIGNUM *Xq2, BIGNUM *Xq); | ||
| 88 | |||
| 89 | int main(int argc, char **argv) | ||
| 90 | { | ||
| 91 | FILE *in = NULL, *out = NULL; | ||
| 92 | |||
| 93 | int ret = 1; | ||
| 94 | |||
| 95 | if(!FIPS_mode_set(1)) | ||
| 96 | { | ||
| 97 | do_print_errors(); | ||
| 98 | goto end; | ||
| 99 | } | ||
| 100 | |||
| 101 | if (argc == 1) | ||
| 102 | in = stdin; | ||
| 103 | else | ||
| 104 | in = fopen(argv[1], "r"); | ||
| 105 | |||
| 106 | if (argc < 2) | ||
| 107 | out = stdout; | ||
| 108 | else | ||
| 109 | out = fopen(argv[2], "w"); | ||
| 110 | |||
| 111 | if (!in) | ||
| 112 | { | ||
| 113 | fprintf(stderr, "FATAL input initialization error\n"); | ||
| 114 | goto end; | ||
| 115 | } | ||
| 116 | |||
| 117 | if (!out) | ||
| 118 | { | ||
| 119 | fprintf(stderr, "FATAL output initialization error\n"); | ||
| 120 | goto end; | ||
| 121 | } | ||
| 122 | |||
| 123 | if (!rsa_test(out, in)) | ||
| 124 | { | ||
| 125 | fprintf(stderr, "FATAL RSAGTEST file processing error\n"); | ||
| 126 | goto end; | ||
| 127 | } | ||
| 128 | else | ||
| 129 | ret = 0; | ||
| 130 | |||
| 131 | end: | ||
| 132 | |||
| 133 | if (ret) | ||
| 134 | do_print_errors(); | ||
| 135 | |||
| 136 | if (in && (in != stdin)) | ||
| 137 | fclose(in); | ||
| 138 | if (out && (out != stdout)) | ||
| 139 | fclose(out); | ||
| 140 | |||
| 141 | return ret; | ||
| 142 | |||
| 143 | } | ||
| 144 | |||
| 145 | #define RSA_TEST_MAXLINELEN 10240 | ||
| 146 | |||
| 147 | int rsa_test(FILE *out, FILE *in) | ||
| 148 | { | ||
| 149 | char *linebuf, *olinebuf, *p, *q; | ||
| 150 | char *keyword, *value; | ||
| 151 | RSA *rsa = NULL; | ||
| 152 | BIGNUM *Xp1 = NULL, *Xp2 = NULL, *Xp = NULL; | ||
| 153 | BIGNUM *Xq1 = NULL, *Xq2 = NULL, *Xq = NULL; | ||
| 154 | BIGNUM *e = NULL; | ||
| 155 | int ret = 0; | ||
| 156 | int lnum = 0; | ||
| 157 | |||
| 158 | olinebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN); | ||
| 159 | linebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN); | ||
| 160 | |||
| 161 | if (!linebuf || !olinebuf) | ||
| 162 | goto error; | ||
| 163 | |||
| 164 | while (fgets(olinebuf, RSA_TEST_MAXLINELEN, in)) | ||
| 165 | { | ||
| 166 | lnum++; | ||
| 167 | strcpy(linebuf, olinebuf); | ||
| 168 | keyword = linebuf; | ||
| 169 | /* Skip leading space */ | ||
| 170 | while (isspace((unsigned char)*keyword)) | ||
| 171 | keyword++; | ||
| 172 | |||
| 173 | /* Look for = sign */ | ||
| 174 | p = strchr(linebuf, '='); | ||
| 175 | |||
| 176 | /* If no = or starts with [ (for [foo = bar] line) just copy */ | ||
| 177 | if (!p || *keyword=='[') | ||
| 178 | { | ||
| 179 | if (fputs(olinebuf, out) < 0) | ||
| 180 | goto error; | ||
| 181 | continue; | ||
| 182 | } | ||
| 183 | |||
| 184 | q = p - 1; | ||
| 185 | |||
| 186 | /* Remove trailing space */ | ||
| 187 | while (isspace((unsigned char)*q)) | ||
| 188 | *q-- = 0; | ||
| 189 | |||
| 190 | *p = 0; | ||
| 191 | value = p + 1; | ||
| 192 | |||
| 193 | /* Remove leading space from value */ | ||
| 194 | while (isspace((unsigned char)*value)) | ||
| 195 | value++; | ||
| 196 | |||
| 197 | /* Remove trailing space from value */ | ||
| 198 | p = value + strlen(value) - 1; | ||
| 199 | |||
| 200 | while (*p == '\n' || isspace((unsigned char)*p)) | ||
| 201 | *p-- = 0; | ||
| 202 | |||
| 203 | if (!strcmp(keyword, "xp1")) | ||
| 204 | { | ||
| 205 | if (Xp1 || !do_hex2bn(&Xp1,value)) | ||
| 206 | goto parse_error; | ||
| 207 | } | ||
| 208 | else if (!strcmp(keyword, "xp2")) | ||
| 209 | { | ||
| 210 | if (Xp2 || !do_hex2bn(&Xp2,value)) | ||
| 211 | goto parse_error; | ||
| 212 | } | ||
| 213 | else if (!strcmp(keyword, "Xp")) | ||
| 214 | { | ||
| 215 | if (Xp || !do_hex2bn(&Xp,value)) | ||
| 216 | goto parse_error; | ||
| 217 | } | ||
| 218 | else if (!strcmp(keyword, "xq1")) | ||
| 219 | { | ||
| 220 | if (Xq1 || !do_hex2bn(&Xq1,value)) | ||
| 221 | goto parse_error; | ||
| 222 | } | ||
| 223 | else if (!strcmp(keyword, "xq2")) | ||
| 224 | { | ||
| 225 | if (Xq2 || !do_hex2bn(&Xq2,value)) | ||
| 226 | goto parse_error; | ||
| 227 | } | ||
| 228 | else if (!strcmp(keyword, "Xq")) | ||
| 229 | { | ||
| 230 | if (Xq || !do_hex2bn(&Xq,value)) | ||
| 231 | goto parse_error; | ||
| 232 | } | ||
| 233 | else if (!strcmp(keyword, "e")) | ||
| 234 | { | ||
| 235 | if (e || !do_hex2bn(&e,value)) | ||
| 236 | goto parse_error; | ||
| 237 | } | ||
| 238 | else if (!strcmp(keyword, "p1")) | ||
| 239 | continue; | ||
| 240 | else if (!strcmp(keyword, "p2")) | ||
| 241 | continue; | ||
| 242 | else if (!strcmp(keyword, "p")) | ||
| 243 | continue; | ||
| 244 | else if (!strcmp(keyword, "q1")) | ||
| 245 | continue; | ||
| 246 | else if (!strcmp(keyword, "q2")) | ||
| 247 | continue; | ||
| 248 | else if (!strcmp(keyword, "q")) | ||
| 249 | continue; | ||
| 250 | else if (!strcmp(keyword, "n")) | ||
| 251 | continue; | ||
| 252 | else if (!strcmp(keyword, "d")) | ||
| 253 | continue; | ||
| 254 | else | ||
| 255 | goto parse_error; | ||
| 256 | |||
| 257 | fputs(olinebuf, out); | ||
| 258 | |||
| 259 | if (e && Xp1 && Xp2 && Xp) | ||
| 260 | { | ||
| 261 | rsa = FIPS_rsa_new(); | ||
| 262 | if (!rsa) | ||
| 263 | goto error; | ||
| 264 | if (!rsa_printkey1(out, rsa, Xp1, Xp2, Xp, e)) | ||
| 265 | goto error; | ||
| 266 | BN_free(Xp1); | ||
| 267 | Xp1 = NULL; | ||
| 268 | BN_free(Xp2); | ||
| 269 | Xp2 = NULL; | ||
| 270 | BN_free(Xp); | ||
| 271 | Xp = NULL; | ||
| 272 | BN_free(e); | ||
| 273 | e = NULL; | ||
| 274 | } | ||
| 275 | |||
| 276 | if (rsa && Xq1 && Xq2 && Xq) | ||
| 277 | { | ||
| 278 | if (!rsa_printkey2(out, rsa, Xq1, Xq2, Xq)) | ||
| 279 | goto error; | ||
| 280 | BN_free(Xq1); | ||
| 281 | Xq1 = NULL; | ||
| 282 | BN_free(Xq2); | ||
| 283 | Xq2 = NULL; | ||
| 284 | BN_free(Xq); | ||
| 285 | Xq = NULL; | ||
| 286 | FIPS_rsa_free(rsa); | ||
| 287 | rsa = NULL; | ||
| 288 | } | ||
| 289 | } | ||
| 290 | |||
| 291 | ret = 1; | ||
| 292 | |||
| 293 | error: | ||
| 294 | |||
| 295 | if (olinebuf) | ||
| 296 | OPENSSL_free(olinebuf); | ||
| 297 | if (linebuf) | ||
| 298 | OPENSSL_free(linebuf); | ||
| 299 | |||
| 300 | if (Xp1) | ||
| 301 | BN_free(Xp1); | ||
| 302 | if (Xp2) | ||
| 303 | BN_free(Xp2); | ||
| 304 | if (Xp) | ||
| 305 | BN_free(Xp); | ||
| 306 | if (Xq1) | ||
| 307 | BN_free(Xq1); | ||
| 308 | if (Xq1) | ||
| 309 | BN_free(Xq1); | ||
| 310 | if (Xq2) | ||
| 311 | BN_free(Xq2); | ||
| 312 | if (Xq) | ||
| 313 | BN_free(Xq); | ||
| 314 | if (e) | ||
| 315 | BN_free(e); | ||
| 316 | if (rsa) | ||
| 317 | FIPS_rsa_free(rsa); | ||
| 318 | |||
| 319 | return ret; | ||
| 320 | |||
| 321 | parse_error: | ||
| 322 | |||
| 323 | fprintf(stderr, "FATAL parse error processing line %d\n", lnum); | ||
| 324 | |||
| 325 | goto error; | ||
| 326 | |||
| 327 | } | ||
| 328 | |||
| 329 | static int rsa_printkey1(FILE *out, RSA *rsa, | ||
| 330 | BIGNUM *Xp1, BIGNUM *Xp2, BIGNUM *Xp, | ||
| 331 | BIGNUM *e) | ||
| 332 | { | ||
| 333 | int ret = 0; | ||
| 334 | BIGNUM *p1 = NULL, *p2 = NULL; | ||
| 335 | p1 = BN_new(); | ||
| 336 | p2 = BN_new(); | ||
| 337 | if (!p1 || !p2) | ||
| 338 | goto error; | ||
| 339 | |||
| 340 | if (!RSA_X931_derive_ex(rsa, p1, p2, NULL, NULL, Xp1, Xp2, Xp, | ||
| 341 | NULL, NULL, NULL, e, NULL)) | ||
| 342 | goto error; | ||
| 343 | |||
| 344 | do_bn_print_name(out, "p1", p1); | ||
| 345 | do_bn_print_name(out, "p2", p2); | ||
| 346 | do_bn_print_name(out, "p", rsa->p); | ||
| 347 | |||
| 348 | ret = 1; | ||
| 349 | |||
| 350 | error: | ||
| 351 | if (p1) | ||
| 352 | BN_free(p1); | ||
| 353 | if (p2) | ||
| 354 | BN_free(p2); | ||
| 355 | |||
| 356 | return ret; | ||
| 357 | } | ||
| 358 | |||
| 359 | static int rsa_printkey2(FILE *out, RSA *rsa, | ||
| 360 | BIGNUM *Xq1, BIGNUM *Xq2, BIGNUM *Xq) | ||
| 361 | { | ||
| 362 | int ret = 0; | ||
| 363 | BIGNUM *q1 = NULL, *q2 = NULL; | ||
| 364 | q1 = BN_new(); | ||
| 365 | q2 = BN_new(); | ||
| 366 | if (!q1 || !q2) | ||
| 367 | goto error; | ||
| 368 | |||
| 369 | if (!RSA_X931_derive_ex(rsa, NULL, NULL, q1, q2, NULL, NULL, NULL, | ||
| 370 | Xq1, Xq2, Xq, NULL, NULL)) | ||
| 371 | goto error; | ||
| 372 | |||
| 373 | do_bn_print_name(out, "q1", q1); | ||
| 374 | do_bn_print_name(out, "q2", q2); | ||
| 375 | do_bn_print_name(out, "q", rsa->q); | ||
| 376 | do_bn_print_name(out, "n", rsa->n); | ||
| 377 | do_bn_print_name(out, "d", rsa->d); | ||
| 378 | |||
| 379 | ret = 1; | ||
| 380 | |||
| 381 | error: | ||
| 382 | if (q1) | ||
| 383 | BN_free(q1); | ||
| 384 | if (q2) | ||
| 385 | BN_free(q2); | ||
| 386 | |||
| 387 | return ret; | ||
| 388 | } | ||
| 389 | |||
| 390 | #endif | ||
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsastest.c b/src/lib/libssl/src/fips/rsa/fips_rsastest.c new file mode 100644 index 0000000000..16c174a2f8 --- /dev/null +++ b/src/lib/libssl/src/fips/rsa/fips_rsastest.c | |||
| @@ -0,0 +1,370 @@ | |||
| 1 | /* fips_rsastest.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project 2005. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2005 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <ctype.h> | ||
| 61 | #include <string.h> | ||
| 62 | #include <openssl/bio.h> | ||
| 63 | #include <openssl/evp.h> | ||
| 64 | #include <openssl/hmac.h> | ||
| 65 | #include <openssl/err.h> | ||
| 66 | #include <openssl/rsa.h> | ||
| 67 | #include <openssl/bn.h> | ||
| 68 | #include <openssl/x509v3.h> | ||
| 69 | |||
| 70 | #ifndef OPENSSL_FIPS | ||
| 71 | |||
| 72 | int main(int argc, char *argv[]) | ||
| 73 | { | ||
| 74 | printf("No FIPS RSA support\n"); | ||
| 75 | return(0); | ||
| 76 | } | ||
| 77 | |||
| 78 | #else | ||
| 79 | |||
| 80 | #include "fips_utl.h" | ||
| 81 | |||
| 82 | static int rsa_stest(FILE *out, FILE *in, int Saltlen); | ||
| 83 | static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst, | ||
| 84 | unsigned char *Msg, long Msglen, int Saltlen); | ||
| 85 | |||
| 86 | int main(int argc, char **argv) | ||
| 87 | { | ||
| 88 | FILE *in = NULL, *out = NULL; | ||
| 89 | |||
| 90 | int ret = 1, Saltlen = -1; | ||
| 91 | |||
| 92 | if(!FIPS_mode_set(1)) | ||
| 93 | { | ||
| 94 | do_print_errors(); | ||
| 95 | goto end; | ||
| 96 | } | ||
| 97 | |||
| 98 | if ((argc > 2) && !strcmp("-saltlen", argv[1])) | ||
| 99 | { | ||
| 100 | Saltlen = atoi(argv[2]); | ||
| 101 | if (Saltlen < 0) | ||
| 102 | { | ||
| 103 | fprintf(stderr, "FATAL: Invalid salt length\n"); | ||
| 104 | goto end; | ||
| 105 | } | ||
| 106 | argc -= 2; | ||
| 107 | argv += 2; | ||
| 108 | } | ||
| 109 | else if ((argc > 1) && !strcmp("-x931", argv[1])) | ||
| 110 | { | ||
| 111 | Saltlen = -2; | ||
| 112 | argc--; | ||
| 113 | argv++; | ||
| 114 | } | ||
| 115 | |||
| 116 | if (argc == 1) | ||
| 117 | in = stdin; | ||
| 118 | else | ||
| 119 | in = fopen(argv[1], "r"); | ||
| 120 | |||
| 121 | if (argc < 2) | ||
| 122 | out = stdout; | ||
| 123 | else | ||
| 124 | out = fopen(argv[2], "w"); | ||
| 125 | |||
| 126 | if (!in) | ||
| 127 | { | ||
| 128 | fprintf(stderr, "FATAL input initialization error\n"); | ||
| 129 | goto end; | ||
| 130 | } | ||
| 131 | |||
| 132 | if (!out) | ||
| 133 | { | ||
| 134 | fprintf(stderr, "FATAL output initialization error\n"); | ||
| 135 | goto end; | ||
| 136 | } | ||
| 137 | |||
| 138 | if (!rsa_stest(out, in, Saltlen)) | ||
| 139 | { | ||
| 140 | fprintf(stderr, "FATAL RSASTEST file processing error\n"); | ||
| 141 | goto end; | ||
| 142 | } | ||
| 143 | else | ||
| 144 | ret = 0; | ||
| 145 | |||
| 146 | end: | ||
| 147 | |||
| 148 | if (ret) | ||
| 149 | do_print_errors(); | ||
| 150 | |||
| 151 | if (in && (in != stdin)) | ||
| 152 | fclose(in); | ||
| 153 | if (out && (out != stdout)) | ||
| 154 | fclose(out); | ||
| 155 | |||
| 156 | return ret; | ||
| 157 | |||
| 158 | } | ||
| 159 | |||
| 160 | #define RSA_TEST_MAXLINELEN 10240 | ||
| 161 | |||
| 162 | int rsa_stest(FILE *out, FILE *in, int Saltlen) | ||
| 163 | { | ||
| 164 | char *linebuf, *olinebuf, *p, *q; | ||
| 165 | char *keyword, *value; | ||
| 166 | RSA *rsa = NULL; | ||
| 167 | const EVP_MD *dgst = NULL; | ||
| 168 | unsigned char *Msg = NULL; | ||
| 169 | long Msglen = -1; | ||
| 170 | int keylen = -1, current_keylen = -1; | ||
| 171 | int ret = 0; | ||
| 172 | int lnum = 0; | ||
| 173 | |||
| 174 | olinebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN); | ||
| 175 | linebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN); | ||
| 176 | |||
| 177 | if (!linebuf || !olinebuf) | ||
| 178 | goto error; | ||
| 179 | |||
| 180 | while (fgets(olinebuf, RSA_TEST_MAXLINELEN, in)) | ||
| 181 | { | ||
| 182 | lnum++; | ||
| 183 | strcpy(linebuf, olinebuf); | ||
| 184 | keyword = linebuf; | ||
| 185 | /* Skip leading space */ | ||
| 186 | while (isspace((unsigned char)*keyword)) | ||
| 187 | keyword++; | ||
| 188 | |||
| 189 | /* Look for = sign */ | ||
| 190 | p = strchr(linebuf, '='); | ||
| 191 | |||
| 192 | /* If no = just copy */ | ||
| 193 | if (!p) | ||
| 194 | { | ||
| 195 | if (fputs(olinebuf, out) < 0) | ||
| 196 | goto error; | ||
| 197 | continue; | ||
| 198 | } | ||
| 199 | |||
| 200 | q = p - 1; | ||
| 201 | |||
| 202 | /* Remove trailing space */ | ||
| 203 | while (isspace((unsigned char)*q)) | ||
| 204 | *q-- = 0; | ||
| 205 | |||
| 206 | *p = 0; | ||
| 207 | value = p + 1; | ||
| 208 | |||
| 209 | /* Remove leading space from value */ | ||
| 210 | while (isspace((unsigned char)*value)) | ||
| 211 | value++; | ||
| 212 | |||
| 213 | /* Remove trailing space from value */ | ||
| 214 | p = value + strlen(value) - 1; | ||
| 215 | |||
| 216 | while (*p == '\n' || isspace((unsigned char)*p)) | ||
| 217 | *p-- = 0; | ||
| 218 | |||
| 219 | /* Look for [mod = XXX] for key length */ | ||
| 220 | |||
| 221 | if (!strcmp(keyword, "[mod")) | ||
| 222 | { | ||
| 223 | p = value + strlen(value) - 1; | ||
| 224 | if (*p != ']') | ||
| 225 | goto parse_error; | ||
| 226 | *p = 0; | ||
| 227 | keylen = atoi(value); | ||
| 228 | if (keylen < 0) | ||
| 229 | goto parse_error; | ||
| 230 | } | ||
| 231 | else if (!strcmp(keyword, "SHAAlg")) | ||
| 232 | { | ||
| 233 | if (!strcmp(value, "SHA1")) | ||
| 234 | dgst = EVP_sha1(); | ||
| 235 | else if (!strcmp(value, "SHA224")) | ||
| 236 | dgst = EVP_sha224(); | ||
| 237 | else if (!strcmp(value, "SHA256")) | ||
| 238 | dgst = EVP_sha256(); | ||
| 239 | else if (!strcmp(value, "SHA384")) | ||
| 240 | dgst = EVP_sha384(); | ||
| 241 | else if (!strcmp(value, "SHA512")) | ||
| 242 | dgst = EVP_sha512(); | ||
| 243 | else | ||
| 244 | { | ||
| 245 | fprintf(stderr, | ||
| 246 | "FATAL: unsupported algorithm \"%s\"\n", | ||
| 247 | value); | ||
| 248 | goto parse_error; | ||
| 249 | } | ||
| 250 | } | ||
| 251 | else if (!strcmp(keyword, "Msg")) | ||
| 252 | { | ||
| 253 | if (Msg) | ||
| 254 | goto parse_error; | ||
| 255 | if (strlen(value) & 1) | ||
| 256 | *(--value) = '0'; | ||
| 257 | Msg = hex2bin_m(value, &Msglen); | ||
| 258 | if (!Msg) | ||
| 259 | goto parse_error; | ||
| 260 | } | ||
| 261 | |||
| 262 | fputs(olinebuf, out); | ||
| 263 | |||
| 264 | /* If key length has changed, generate and output public | ||
| 265 | * key components of new RSA private key. | ||
| 266 | */ | ||
| 267 | |||
| 268 | if (keylen != current_keylen) | ||
| 269 | { | ||
| 270 | BIGNUM *bn_e; | ||
| 271 | if (rsa) | ||
| 272 | FIPS_rsa_free(rsa); | ||
| 273 | rsa = FIPS_rsa_new(); | ||
| 274 | if (!rsa) | ||
| 275 | goto error; | ||
| 276 | bn_e = BN_new(); | ||
| 277 | if (!bn_e || !BN_set_word(bn_e, 0x1001)) | ||
| 278 | goto error; | ||
| 279 | if (!RSA_X931_generate_key_ex(rsa, keylen, bn_e, NULL)) | ||
| 280 | goto error; | ||
| 281 | BN_free(bn_e); | ||
| 282 | fputs("n = ", out); | ||
| 283 | do_bn_print(out, rsa->n); | ||
| 284 | fputs("\ne = ", out); | ||
| 285 | do_bn_print(out, rsa->e); | ||
| 286 | fputs("\n", out); | ||
| 287 | current_keylen = keylen; | ||
| 288 | } | ||
| 289 | |||
| 290 | if (Msg && dgst) | ||
| 291 | { | ||
| 292 | if (!rsa_printsig(out, rsa, dgst, Msg, Msglen, | ||
| 293 | Saltlen)) | ||
| 294 | goto error; | ||
| 295 | OPENSSL_free(Msg); | ||
| 296 | Msg = NULL; | ||
| 297 | } | ||
| 298 | |||
| 299 | } | ||
| 300 | |||
| 301 | ret = 1; | ||
| 302 | |||
| 303 | error: | ||
| 304 | |||
| 305 | if (olinebuf) | ||
| 306 | OPENSSL_free(olinebuf); | ||
| 307 | if (linebuf) | ||
| 308 | OPENSSL_free(linebuf); | ||
| 309 | if (rsa) | ||
| 310 | FIPS_rsa_free(rsa); | ||
| 311 | |||
| 312 | return ret; | ||
| 313 | |||
| 314 | parse_error: | ||
| 315 | |||
| 316 | fprintf(stderr, "FATAL parse error processing line %d\n", lnum); | ||
| 317 | |||
| 318 | goto error; | ||
| 319 | |||
| 320 | } | ||
| 321 | |||
| 322 | static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst, | ||
| 323 | unsigned char *Msg, long Msglen, int Saltlen) | ||
| 324 | { | ||
| 325 | int ret = 0; | ||
| 326 | unsigned char *sigbuf = NULL; | ||
| 327 | int i, siglen; | ||
| 328 | /* EVP_PKEY structure */ | ||
| 329 | EVP_PKEY pk; | ||
| 330 | EVP_MD_CTX ctx; | ||
| 331 | pk.type = EVP_PKEY_RSA; | ||
| 332 | pk.pkey.rsa = rsa; | ||
| 333 | |||
| 334 | siglen = RSA_size(rsa); | ||
| 335 | sigbuf = OPENSSL_malloc(siglen); | ||
| 336 | if (!sigbuf) | ||
| 337 | goto error; | ||
| 338 | |||
| 339 | EVP_MD_CTX_init(&ctx); | ||
| 340 | |||
| 341 | if (Saltlen >= 0) | ||
| 342 | { | ||
| 343 | M_EVP_MD_CTX_set_flags(&ctx, | ||
| 344 | EVP_MD_CTX_FLAG_PAD_PSS | (Saltlen << 16)); | ||
| 345 | } | ||
| 346 | else if (Saltlen == -2) | ||
| 347 | M_EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_PAD_X931); | ||
| 348 | if (!EVP_SignInit_ex(&ctx, dgst, NULL)) | ||
| 349 | goto error; | ||
| 350 | if (!EVP_SignUpdate(&ctx, Msg, Msglen)) | ||
| 351 | goto error; | ||
| 352 | if (!EVP_SignFinal(&ctx, sigbuf, (unsigned int *)&siglen, &pk)) | ||
| 353 | goto error; | ||
| 354 | |||
| 355 | EVP_MD_CTX_cleanup(&ctx); | ||
| 356 | |||
| 357 | fputs("S = ", out); | ||
| 358 | |||
| 359 | for (i = 0; i < siglen; i++) | ||
| 360 | fprintf(out, "%02X", sigbuf[i]); | ||
| 361 | |||
| 362 | fputs("\n", out); | ||
| 363 | |||
| 364 | ret = 1; | ||
| 365 | |||
| 366 | error: | ||
| 367 | |||
| 368 | return ret; | ||
| 369 | } | ||
| 370 | #endif | ||
diff --git a/src/lib/libssl/src/fips/rsa/fips_rsavtest.c b/src/lib/libssl/src/fips/rsa/fips_rsavtest.c new file mode 100644 index 0000000000..6340f190a3 --- /dev/null +++ b/src/lib/libssl/src/fips/rsa/fips_rsavtest.c | |||
| @@ -0,0 +1,377 @@ | |||
| 1 | /* fips_rsavtest.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project 2005. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2005 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <ctype.h> | ||
| 61 | #include <string.h> | ||
| 62 | #include <openssl/bio.h> | ||
| 63 | #include <openssl/evp.h> | ||
| 64 | #include <openssl/hmac.h> | ||
| 65 | #include <openssl/err.h> | ||
| 66 | #include <openssl/x509v3.h> | ||
| 67 | #include <openssl/bn.h> | ||
| 68 | #include <openssl/rsa.h> | ||
| 69 | |||
| 70 | #ifndef OPENSSL_FIPS | ||
| 71 | |||
| 72 | int main(int argc, char *argv[]) | ||
| 73 | { | ||
| 74 | printf("No FIPS RSA support\n"); | ||
| 75 | return(0); | ||
| 76 | } | ||
| 77 | |||
| 78 | #else | ||
| 79 | |||
| 80 | #include "fips_utl.h" | ||
| 81 | |||
| 82 | int rsa_test(FILE *out, FILE *in, int saltlen); | ||
| 83 | static int rsa_printver(FILE *out, | ||
| 84 | BIGNUM *n, BIGNUM *e, | ||
| 85 | const EVP_MD *dgst, | ||
| 86 | unsigned char *Msg, long Msglen, | ||
| 87 | unsigned char *S, long Slen, int Saltlen); | ||
| 88 | |||
| 89 | int main(int argc, char **argv) | ||
| 90 | { | ||
| 91 | FILE *in = NULL, *out = NULL; | ||
| 92 | |||
| 93 | int ret = 1; | ||
| 94 | int Saltlen = -1; | ||
| 95 | |||
| 96 | if(!FIPS_mode_set(1)) | ||
| 97 | { | ||
| 98 | do_print_errors(); | ||
| 99 | goto end; | ||
| 100 | } | ||
| 101 | |||
| 102 | if ((argc > 2) && !strcmp("-saltlen", argv[1])) | ||
| 103 | { | ||
| 104 | Saltlen = atoi(argv[2]); | ||
| 105 | if (Saltlen < 0) | ||
| 106 | { | ||
| 107 | fprintf(stderr, "FATAL: Invalid salt length\n"); | ||
| 108 | goto end; | ||
| 109 | } | ||
| 110 | argc -= 2; | ||
| 111 | argv += 2; | ||
| 112 | } | ||
| 113 | else if ((argc > 1) && !strcmp("-x931", argv[1])) | ||
| 114 | { | ||
| 115 | Saltlen = -2; | ||
| 116 | argc--; | ||
| 117 | argv++; | ||
| 118 | } | ||
| 119 | |||
| 120 | if (argc == 1) | ||
| 121 | in = stdin; | ||
| 122 | else | ||
| 123 | in = fopen(argv[1], "r"); | ||
| 124 | |||
| 125 | if (argc < 2) | ||
| 126 | out = stdout; | ||
| 127 | else | ||
| 128 | out = fopen(argv[2], "w"); | ||
| 129 | |||
| 130 | if (!in) | ||
| 131 | { | ||
| 132 | fprintf(stderr, "FATAL input initialization error\n"); | ||
| 133 | goto end; | ||
| 134 | } | ||
| 135 | |||
| 136 | if (!out) | ||
| 137 | { | ||
| 138 | fprintf(stderr, "FATAL output initialization error\n"); | ||
| 139 | goto end; | ||
| 140 | } | ||
| 141 | |||
| 142 | if (!rsa_test(out, in, Saltlen)) | ||
| 143 | { | ||
| 144 | fprintf(stderr, "FATAL RSAVTEST file processing error\n"); | ||
| 145 | goto end; | ||
| 146 | } | ||
| 147 | else | ||
| 148 | ret = 0; | ||
| 149 | |||
| 150 | end: | ||
| 151 | |||
| 152 | if (ret) | ||
| 153 | do_print_errors(); | ||
| 154 | |||
| 155 | if (in && (in != stdin)) | ||
| 156 | fclose(in); | ||
| 157 | if (out && (out != stdout)) | ||
| 158 | fclose(out); | ||
| 159 | |||
| 160 | return ret; | ||
| 161 | |||
| 162 | } | ||
| 163 | |||
| 164 | #define RSA_TEST_MAXLINELEN 10240 | ||
| 165 | |||
| 166 | int rsa_test(FILE *out, FILE *in, int Saltlen) | ||
| 167 | { | ||
| 168 | char *linebuf, *olinebuf, *p, *q; | ||
| 169 | char *keyword, *value; | ||
| 170 | const EVP_MD *dgst = NULL; | ||
| 171 | BIGNUM *n = NULL, *e = NULL; | ||
| 172 | unsigned char *Msg = NULL, *S = NULL; | ||
| 173 | long Msglen, Slen; | ||
| 174 | int ret = 0; | ||
| 175 | int lnum = 0; | ||
| 176 | |||
| 177 | olinebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN); | ||
| 178 | linebuf = OPENSSL_malloc(RSA_TEST_MAXLINELEN); | ||
| 179 | |||
| 180 | if (!linebuf || !olinebuf) | ||
| 181 | goto error; | ||
| 182 | |||
| 183 | while (fgets(olinebuf, RSA_TEST_MAXLINELEN, in)) | ||
| 184 | { | ||
| 185 | lnum++; | ||
| 186 | strcpy(linebuf, olinebuf); | ||
| 187 | keyword = linebuf; | ||
| 188 | /* Skip leading space */ | ||
| 189 | while (isspace((unsigned char)*keyword)) | ||
| 190 | keyword++; | ||
| 191 | |||
| 192 | /* Look for = sign */ | ||
| 193 | p = strchr(linebuf, '='); | ||
| 194 | |||
| 195 | /* If no = or starts with [ (for [foo = bar] line) just copy */ | ||
| 196 | if (!p || *keyword=='[') | ||
| 197 | { | ||
| 198 | if (fputs(olinebuf, out) < 0) | ||
| 199 | goto error; | ||
| 200 | continue; | ||
| 201 | } | ||
| 202 | |||
| 203 | q = p - 1; | ||
| 204 | |||
| 205 | /* Remove trailing space */ | ||
| 206 | while (isspace((unsigned char)*q)) | ||
| 207 | *q-- = 0; | ||
| 208 | |||
| 209 | *p = 0; | ||
| 210 | value = p + 1; | ||
| 211 | |||
| 212 | /* Remove leading space from value */ | ||
| 213 | while (isspace((unsigned char)*value)) | ||
| 214 | value++; | ||
| 215 | |||
| 216 | /* Remove trailing space from value */ | ||
| 217 | p = value + strlen(value) - 1; | ||
| 218 | |||
| 219 | while (*p == '\n' || isspace((unsigned char)*p)) | ||
| 220 | *p-- = 0; | ||
| 221 | |||
| 222 | if (!strcmp(keyword, "n")) | ||
| 223 | { | ||
| 224 | if (!do_hex2bn(&n,value)) | ||
| 225 | goto parse_error; | ||
| 226 | } | ||
| 227 | else if (!strcmp(keyword, "e")) | ||
| 228 | { | ||
| 229 | if (!do_hex2bn(&e,value)) | ||
| 230 | goto parse_error; | ||
| 231 | } | ||
| 232 | else if (!strcmp(keyword, "SHAAlg")) | ||
| 233 | { | ||
| 234 | if (!strcmp(value, "SHA1")) | ||
| 235 | dgst = EVP_sha1(); | ||
| 236 | else if (!strcmp(value, "SHA224")) | ||
| 237 | dgst = EVP_sha224(); | ||
| 238 | else if (!strcmp(value, "SHA256")) | ||
| 239 | dgst = EVP_sha256(); | ||
| 240 | else if (!strcmp(value, "SHA384")) | ||
| 241 | dgst = EVP_sha384(); | ||
| 242 | else if (!strcmp(value, "SHA512")) | ||
| 243 | dgst = EVP_sha512(); | ||
| 244 | else | ||
| 245 | { | ||
| 246 | fprintf(stderr, | ||
| 247 | "FATAL: unsupported algorithm \"%s\"\n", | ||
| 248 | value); | ||
| 249 | goto parse_error; | ||
| 250 | } | ||
| 251 | } | ||
| 252 | else if (!strcmp(keyword, "Msg")) | ||
| 253 | { | ||
| 254 | if (Msg) | ||
| 255 | goto parse_error; | ||
| 256 | if (strlen(value) & 1) | ||
| 257 | *(--value) = '0'; | ||
| 258 | Msg = hex2bin_m(value, &Msglen); | ||
| 259 | if (!Msg) | ||
| 260 | goto parse_error; | ||
| 261 | } | ||
| 262 | else if (!strcmp(keyword, "S")) | ||
| 263 | { | ||
| 264 | if (S) | ||
| 265 | goto parse_error; | ||
| 266 | if (strlen(value) & 1) | ||
| 267 | *(--value) = '0'; | ||
| 268 | S = hex2bin_m(value, &Slen); | ||
| 269 | if (!S) | ||
| 270 | goto parse_error; | ||
| 271 | } | ||
| 272 | else if (!strcmp(keyword, "Result")) | ||
| 273 | continue; | ||
| 274 | else | ||
| 275 | goto parse_error; | ||
| 276 | |||
| 277 | fputs(olinebuf, out); | ||
| 278 | |||
| 279 | if (n && e && Msg && S && dgst) | ||
| 280 | { | ||
| 281 | if (!rsa_printver(out, n, e, dgst, | ||
| 282 | Msg, Msglen, S, Slen, Saltlen)) | ||
| 283 | goto error; | ||
| 284 | OPENSSL_free(Msg); | ||
| 285 | Msg = NULL; | ||
| 286 | OPENSSL_free(S); | ||
| 287 | S = NULL; | ||
| 288 | } | ||
| 289 | |||
| 290 | } | ||
| 291 | |||
| 292 | |||
| 293 | ret = 1; | ||
| 294 | |||
| 295 | |||
| 296 | error: | ||
| 297 | |||
| 298 | if (olinebuf) | ||
| 299 | OPENSSL_free(olinebuf); | ||
| 300 | if (linebuf) | ||
| 301 | OPENSSL_free(linebuf); | ||
| 302 | if (n) | ||
| 303 | BN_free(n); | ||
| 304 | if (e) | ||
| 305 | BN_free(e); | ||
| 306 | |||
| 307 | return ret; | ||
| 308 | |||
| 309 | parse_error: | ||
| 310 | |||
| 311 | fprintf(stderr, "FATAL parse error processing line %d\n", lnum); | ||
| 312 | |||
| 313 | goto error; | ||
| 314 | |||
| 315 | } | ||
| 316 | |||
| 317 | static int rsa_printver(FILE *out, | ||
| 318 | BIGNUM *n, BIGNUM *e, | ||
| 319 | const EVP_MD *dgst, | ||
| 320 | unsigned char *Msg, long Msglen, | ||
| 321 | unsigned char *S, long Slen, int Saltlen) | ||
| 322 | { | ||
| 323 | int ret = 0, r; | ||
| 324 | /* Setup RSA and EVP_PKEY structures */ | ||
| 325 | RSA *rsa_pubkey = NULL; | ||
| 326 | EVP_PKEY pk; | ||
| 327 | EVP_MD_CTX ctx; | ||
| 328 | unsigned char *buf = NULL; | ||
| 329 | rsa_pubkey = FIPS_rsa_new(); | ||
| 330 | if (!rsa_pubkey) | ||
| 331 | goto error; | ||
| 332 | rsa_pubkey->n = BN_dup(n); | ||
| 333 | rsa_pubkey->e = BN_dup(e); | ||
| 334 | if (!rsa_pubkey->n || !rsa_pubkey->e) | ||
| 335 | goto error; | ||
| 336 | pk.type = EVP_PKEY_RSA; | ||
| 337 | pk.pkey.rsa = rsa_pubkey; | ||
| 338 | |||
| 339 | EVP_MD_CTX_init(&ctx); | ||
| 340 | |||
| 341 | if (Saltlen >= 0) | ||
| 342 | { | ||
| 343 | M_EVP_MD_CTX_set_flags(&ctx, | ||
| 344 | EVP_MD_CTX_FLAG_PAD_PSS | (Saltlen << 16)); | ||
| 345 | } | ||
| 346 | else if (Saltlen == -2) | ||
| 347 | M_EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_PAD_X931); | ||
| 348 | if (!EVP_VerifyInit_ex(&ctx, dgst, NULL)) | ||
| 349 | goto error; | ||
| 350 | if (!EVP_VerifyUpdate(&ctx, Msg, Msglen)) | ||
| 351 | goto error; | ||
| 352 | |||
| 353 | r = EVP_VerifyFinal(&ctx, S, Slen, &pk); | ||
| 354 | |||
| 355 | |||
| 356 | EVP_MD_CTX_cleanup(&ctx); | ||
| 357 | |||
| 358 | if (r < 0) | ||
| 359 | goto error; | ||
| 360 | ERR_clear_error(); | ||
| 361 | |||
| 362 | if (r == 0) | ||
| 363 | fputs("Result = F\n", out); | ||
| 364 | else | ||
| 365 | fputs("Result = P\n", out); | ||
| 366 | |||
| 367 | ret = 1; | ||
| 368 | |||
| 369 | error: | ||
| 370 | if (rsa_pubkey) | ||
| 371 | FIPS_rsa_free(rsa_pubkey); | ||
| 372 | if (buf) | ||
| 373 | OPENSSL_free(buf); | ||
| 374 | |||
| 375 | return ret; | ||
| 376 | } | ||
| 377 | #endif | ||
diff --git a/src/lib/libssl/src/fips/sha/Makefile b/src/lib/libssl/src/fips/sha/Makefile new file mode 100644 index 0000000000..a661640bc6 --- /dev/null +++ b/src/lib/libssl/src/fips/sha/Makefile | |||
| @@ -0,0 +1,158 @@ | |||
| 1 | # | ||
| 2 | # OpenSSL/fips/sha/Makefile | ||
| 3 | # | ||
| 4 | |||
| 5 | DIR= sha | ||
| 6 | TOP= ../.. | ||
| 7 | CC= cc | ||
| 8 | INCLUDES= | ||
| 9 | CFLAG=-g | ||
| 10 | INSTALL_PREFIX= | ||
| 11 | OPENSSLDIR= /usr/local/ssl | ||
| 12 | INSTALLTOP=/usr/local/ssl | ||
| 13 | MAKEDEPPROG= makedepend | ||
| 14 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | ||
| 15 | MAKEFILE= Makefile | ||
| 16 | AR= ar r | ||
| 17 | EXE_EXT= | ||
| 18 | |||
| 19 | ASFLAGS= $(INCLUDES) $(ASFLAG) | ||
| 20 | AFLAGS= $(ASFLAGS) | ||
| 21 | |||
| 22 | CFLAGS= $(INCLUDES) $(CFLAG) | ||
| 23 | |||
| 24 | GENERAL=Makefile | ||
| 25 | TEST= fips_shatest.c | ||
| 26 | APPS= | ||
| 27 | EXE= fips_standalone_sha1$(EXE_EXT) | ||
| 28 | |||
| 29 | LIB=$(TOP)/libcrypto.a | ||
| 30 | LIBSRC=fips_sha1_selftest.c | ||
| 31 | LIBOBJ=fips_sha1_selftest.o | ||
| 32 | |||
| 33 | SRC= $(LIBSRC) fips_standalone_sha1.c | ||
| 34 | |||
| 35 | EXHEADER= | ||
| 36 | HEADER= | ||
| 37 | |||
| 38 | ALL= $(GENERAL) $(SRC) $(HEADER) | ||
| 39 | |||
| 40 | top: | ||
| 41 | (cd $(TOP); $(MAKE) DIRS=fips SDIRS=$(DIR) sub_all) | ||
| 42 | |||
| 43 | all: ../fips_standalone_sha1$(EXE_EXT) lib | ||
| 44 | |||
| 45 | lib: $(LIBOBJ) | ||
| 46 | @echo $(LIBOBJ) > lib | ||
| 47 | |||
| 48 | ../fips_standalone_sha1$(EXE_EXT): fips_standalone_sha1.o | ||
| 49 | FIPS_SHA_ASM=""; for i in $(SHA1_ASM_OBJ) sha1dgst.o ; do FIPS_SHA_ASM="$$FIPS_SHA_ASM ../../crypto/sha/$$i" ; done; \ | ||
| 50 | $(CC) -o $@ $(CFLAGS) fips_standalone_sha1.o $$FIPS_SHA_ASM | ||
| 51 | |||
| 52 | files: | ||
| 53 | $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO | ||
| 54 | |||
| 55 | links: | ||
| 56 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/include/openssl $(EXHEADER) | ||
| 57 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/test $(TEST) | ||
| 58 | @$(PERL) $(TOP)/util/mklink.pl $(TOP)/apps $(APPS) | ||
| 59 | |||
| 60 | install: | ||
| 61 | @headerlist="$(EXHEADER)"; for i in $$headerlist; \ | ||
| 62 | do \ | ||
| 63 | (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ | ||
| 64 | chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ | ||
| 65 | done | ||
| 66 | |||
| 67 | tags: | ||
| 68 | ctags $(SRC) | ||
| 69 | |||
| 70 | tests: | ||
| 71 | |||
| 72 | Q=../testvectors/sha/req | ||
| 73 | A=../testvectors/sha/rsp | ||
| 74 | |||
| 75 | VECTORS = SHA1LongMsg \ | ||
| 76 | SHA1Monte \ | ||
| 77 | SHA1ShortMsg \ | ||
| 78 | SHA224LongMsg \ | ||
| 79 | SHA224Monte \ | ||
| 80 | SHA224ShortMsg \ | ||
| 81 | SHA256LongMsg \ | ||
| 82 | SHA256Monte \ | ||
| 83 | SHA256ShortMsg \ | ||
| 84 | SHA384LongMsg \ | ||
| 85 | SHA384Monte \ | ||
| 86 | SHA384ShortMsg \ | ||
| 87 | SHA512LongMsg \ | ||
| 88 | SHA512Monte \ | ||
| 89 | SHA512ShortMsg | ||
| 90 | |||
| 91 | fips_test: | ||
| 92 | -rm -rf $(A) | ||
| 93 | mkdir $(A) | ||
| 94 | for file in $(VECTORS); do \ | ||
| 95 | if [ -f $(Q)/$$file.req ]; then \ | ||
| 96 | $(TOP)/util/shlib_wrap.sh $(TOP)/test/fips_shatest $(Q)/$$file.req $(A)/$$file.rsp; \ | ||
| 97 | fi; \ | ||
| 98 | done | ||
| 99 | |||
| 100 | lint: | ||
| 101 | lint -DLINT $(INCLUDES) $(SRC)>fluff | ||
| 102 | |||
| 103 | depend: | ||
| 104 | $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(SRC) $(TEST) | ||
| 105 | |||
| 106 | dclean: | ||
| 107 | $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new | ||
| 108 | mv -f Makefile.new $(MAKEFILE) | ||
| 109 | |||
| 110 | clean: | ||
| 111 | rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) | ||
| 112 | |||
| 113 | # DO NOT DELETE THIS LINE -- make depend depends on it. | ||
| 114 | |||
| 115 | fips_sha1_selftest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 116 | fips_sha1_selftest.o: ../../include/openssl/crypto.h | ||
| 117 | fips_sha1_selftest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h | ||
| 118 | fips_sha1_selftest.o: ../../include/openssl/evp.h ../../include/openssl/fips.h | ||
| 119 | fips_sha1_selftest.o: ../../include/openssl/lhash.h | ||
| 120 | fips_sha1_selftest.o: ../../include/openssl/obj_mac.h | ||
| 121 | fips_sha1_selftest.o: ../../include/openssl/objects.h | ||
| 122 | fips_sha1_selftest.o: ../../include/openssl/opensslconf.h | ||
| 123 | fips_sha1_selftest.o: ../../include/openssl/opensslv.h | ||
| 124 | fips_sha1_selftest.o: ../../include/openssl/ossl_typ.h | ||
| 125 | fips_sha1_selftest.o: ../../include/openssl/safestack.h | ||
| 126 | fips_sha1_selftest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h | ||
| 127 | fips_sha1_selftest.o: ../../include/openssl/symhacks.h fips_sha1_selftest.c | ||
| 128 | fips_shatest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h | ||
| 129 | fips_shatest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h | ||
| 130 | fips_shatest.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h | ||
| 131 | fips_shatest.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h | ||
| 132 | fips_shatest.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h | ||
| 133 | fips_shatest.o: ../../include/openssl/err.h ../../include/openssl/evp.h | ||
| 134 | fips_shatest.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h | ||
| 135 | fips_shatest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 136 | fips_shatest.o: ../../include/openssl/opensslconf.h | ||
| 137 | fips_shatest.o: ../../include/openssl/opensslv.h | ||
| 138 | fips_shatest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h | ||
| 139 | fips_shatest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 140 | fips_shatest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | ||
| 141 | fips_shatest.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
| 142 | fips_shatest.o: ../../include/openssl/x509v3.h ../fips_utl.h fips_shatest.c | ||
| 143 | fips_standalone_sha1.o: ../../include/openssl/asn1.h | ||
| 144 | fips_standalone_sha1.o: ../../include/openssl/bio.h | ||
| 145 | fips_standalone_sha1.o: ../../include/openssl/crypto.h | ||
| 146 | fips_standalone_sha1.o: ../../include/openssl/e_os2.h | ||
| 147 | fips_standalone_sha1.o: ../../include/openssl/evp.h | ||
| 148 | fips_standalone_sha1.o: ../../include/openssl/fips.h | ||
| 149 | fips_standalone_sha1.o: ../../include/openssl/hmac.h | ||
| 150 | fips_standalone_sha1.o: ../../include/openssl/obj_mac.h | ||
| 151 | fips_standalone_sha1.o: ../../include/openssl/objects.h | ||
| 152 | fips_standalone_sha1.o: ../../include/openssl/opensslconf.h | ||
| 153 | fips_standalone_sha1.o: ../../include/openssl/opensslv.h | ||
| 154 | fips_standalone_sha1.o: ../../include/openssl/ossl_typ.h | ||
| 155 | fips_standalone_sha1.o: ../../include/openssl/safestack.h | ||
| 156 | fips_standalone_sha1.o: ../../include/openssl/sha.h | ||
| 157 | fips_standalone_sha1.o: ../../include/openssl/stack.h | ||
| 158 | fips_standalone_sha1.o: ../../include/openssl/symhacks.h fips_standalone_sha1.c | ||
diff --git a/src/lib/libssl/src/fips/sha/fips_sha1_selftest.c b/src/lib/libssl/src/fips/sha/fips_sha1_selftest.c new file mode 100644 index 0000000000..ba6a29ed94 --- /dev/null +++ b/src/lib/libssl/src/fips/sha/fips_sha1_selftest.c | |||
| @@ -0,0 +1,97 @@ | |||
| 1 | /* ==================================================================== | ||
| 2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
| 3 | * | ||
| 4 | * Redistribution and use in source and binary forms, with or without | ||
| 5 | * modification, are permitted provided that the following conditions | ||
| 6 | * are met: | ||
| 7 | * | ||
| 8 | * 1. Redistributions of source code must retain the above copyright | ||
| 9 | * notice, this list of conditions and the following disclaimer. | ||
| 10 | * | ||
| 11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 12 | * notice, this list of conditions and the following disclaimer in | ||
| 13 | * the documentation and/or other materials provided with the | ||
| 14 | * distribution. | ||
| 15 | * | ||
| 16 | * 3. All advertising materials mentioning features or use of this | ||
| 17 | * software must display the following acknowledgment: | ||
| 18 | * "This product includes software developed by the OpenSSL Project | ||
| 19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 20 | * | ||
| 21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 22 | * endorse or promote products derived from this software without | ||
| 23 | * prior written permission. For written permission, please contact | ||
| 24 | * openssl-core@openssl.org. | ||
| 25 | * | ||
| 26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 27 | * nor may "OpenSSL" appear in their names without prior written | ||
| 28 | * permission of the OpenSSL Project. | ||
| 29 | * | ||
| 30 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 31 | * acknowledgment: | ||
| 32 | * "This product includes software developed by the OpenSSL Project | ||
| 33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 34 | * | ||
| 35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 47 | * | ||
| 48 | */ | ||
| 49 | |||
| 50 | #include <string.h> | ||
| 51 | #include <openssl/err.h> | ||
| 52 | #include <openssl/fips.h> | ||
| 53 | #include <openssl/evp.h> | ||
| 54 | #include <openssl/sha.h> | ||
| 55 | |||
| 56 | #ifdef OPENSSL_FIPS | ||
| 57 | static char test[][60]= | ||
| 58 | { | ||
| 59 | "", | ||
| 60 | "abc", | ||
| 61 | "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" | ||
| 62 | }; | ||
| 63 | |||
| 64 | static const unsigned char ret[][SHA_DIGEST_LENGTH]= | ||
| 65 | { | ||
| 66 | { 0xda,0x39,0xa3,0xee,0x5e,0x6b,0x4b,0x0d,0x32,0x55, | ||
| 67 | 0xbf,0xef,0x95,0x60,0x18,0x90,0xaf,0xd8,0x07,0x09 }, | ||
| 68 | { 0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a,0xba,0x3e, | ||
| 69 | 0x25,0x71,0x78,0x50,0xc2,0x6c,0x9c,0xd0,0xd8,0x9d }, | ||
| 70 | { 0x84,0x98,0x3e,0x44,0x1c,0x3b,0xd2,0x6e,0xba,0xae, | ||
| 71 | 0x4a,0xa1,0xf9,0x51,0x29,0xe5,0xe5,0x46,0x70,0xf1 }, | ||
| 72 | }; | ||
| 73 | |||
| 74 | void FIPS_corrupt_sha1() | ||
| 75 | { | ||
| 76 | test[2][0]++; | ||
| 77 | } | ||
| 78 | |||
| 79 | int FIPS_selftest_sha1() | ||
| 80 | { | ||
| 81 | int n; | ||
| 82 | |||
| 83 | for(n=0 ; n<sizeof(test)/sizeof(test[0]) ; ++n) | ||
| 84 | { | ||
| 85 | unsigned char md[SHA_DIGEST_LENGTH]; | ||
| 86 | |||
| 87 | EVP_Digest(test[n],strlen(test[n]),md, NULL, EVP_sha1(), NULL); | ||
| 88 | if(memcmp(md,ret[n],sizeof md)) | ||
| 89 | { | ||
| 90 | FIPSerr(FIPS_F_FIPS_SELFTEST_SHA1,FIPS_R_SELFTEST_FAILED); | ||
| 91 | return 0; | ||
| 92 | } | ||
| 93 | } | ||
| 94 | return 1; | ||
| 95 | } | ||
| 96 | |||
| 97 | #endif | ||
diff --git a/src/lib/libssl/src/fips/sha/fips_shatest.c b/src/lib/libssl/src/fips/sha/fips_shatest.c new file mode 100644 index 0000000000..ae5ecdd2be --- /dev/null +++ b/src/lib/libssl/src/fips/sha/fips_shatest.c | |||
| @@ -0,0 +1,388 @@ | |||
| 1 | /* fips_shatest.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | ||
| 3 | * project 2005. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 2005 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <ctype.h> | ||
| 61 | #include <string.h> | ||
| 62 | #include <openssl/bio.h> | ||
| 63 | #include <openssl/evp.h> | ||
| 64 | #include <openssl/err.h> | ||
| 65 | #include <openssl/bn.h> | ||
| 66 | #include <openssl/x509v3.h> | ||
| 67 | |||
| 68 | #ifndef OPENSSL_FIPS | ||
| 69 | |||
| 70 | int main(int argc, char *argv[]) | ||
| 71 | { | ||
| 72 | printf("No FIPS SHAXXX support\n"); | ||
| 73 | return(0); | ||
| 74 | } | ||
| 75 | |||
| 76 | #else | ||
| 77 | |||
| 78 | #include "fips_utl.h" | ||
| 79 | |||
| 80 | static int dgst_test(FILE *out, FILE *in); | ||
| 81 | static int print_dgst(const EVP_MD *md, FILE *out, | ||
| 82 | unsigned char *Msg, int Msglen); | ||
| 83 | static int print_monte(const EVP_MD *md, FILE *out, | ||
| 84 | unsigned char *Seed, int SeedLen); | ||
| 85 | |||
| 86 | int main(int argc, char **argv) | ||
| 87 | { | ||
| 88 | FILE *in = NULL, *out = NULL; | ||
| 89 | |||
| 90 | int ret = 1; | ||
| 91 | |||
| 92 | if(!FIPS_mode_set(1)) | ||
| 93 | { | ||
| 94 | do_print_errors(); | ||
| 95 | goto end; | ||
| 96 | } | ||
| 97 | |||
| 98 | if (argc == 1) | ||
| 99 | in = stdin; | ||
| 100 | else | ||
| 101 | in = fopen(argv[1], "r"); | ||
| 102 | |||
| 103 | if (argc < 2) | ||
| 104 | out = stdout; | ||
| 105 | else | ||
| 106 | out = fopen(argv[2], "w"); | ||
| 107 | |||
| 108 | if (!in) | ||
| 109 | { | ||
| 110 | fprintf(stderr, "FATAL input initialization error\n"); | ||
| 111 | goto end; | ||
| 112 | } | ||
| 113 | |||
| 114 | if (!out) | ||
| 115 | { | ||
| 116 | fprintf(stderr, "FATAL output initialization error\n"); | ||
| 117 | goto end; | ||
| 118 | } | ||
| 119 | |||
| 120 | if (!dgst_test(out, in)) | ||
| 121 | { | ||
| 122 | fprintf(stderr, "FATAL digest file processing error\n"); | ||
| 123 | goto end; | ||
| 124 | } | ||
| 125 | else | ||
| 126 | ret = 0; | ||
| 127 | |||
| 128 | end: | ||
| 129 | |||
| 130 | if (ret) | ||
| 131 | do_print_errors(); | ||
| 132 | |||
| 133 | if (in && (in != stdin)) | ||
| 134 | fclose(in); | ||
| 135 | if (out && (out != stdout)) | ||
| 136 | fclose(out); | ||
| 137 | |||
| 138 | return ret; | ||
| 139 | |||
| 140 | } | ||
| 141 | |||
| 142 | #define SHA_TEST_MAX_BITS 102400 | ||
| 143 | #define SHA_TEST_MAXLINELEN (((SHA_TEST_MAX_BITS >> 3) * 2) + 100) | ||
| 144 | |||
| 145 | int dgst_test(FILE *out, FILE *in) | ||
| 146 | { | ||
| 147 | const EVP_MD *md = NULL; | ||
| 148 | char *linebuf, *olinebuf, *p, *q; | ||
| 149 | char *keyword, *value; | ||
| 150 | unsigned char *Msg = NULL, *Seed = NULL; | ||
| 151 | long MsgLen = -1, Len = -1, SeedLen = -1; | ||
| 152 | int ret = 0; | ||
| 153 | int lnum = 0; | ||
| 154 | |||
| 155 | olinebuf = OPENSSL_malloc(SHA_TEST_MAXLINELEN); | ||
| 156 | linebuf = OPENSSL_malloc(SHA_TEST_MAXLINELEN); | ||
| 157 | |||
| 158 | if (!linebuf || !olinebuf) | ||
| 159 | goto error; | ||
| 160 | |||
| 161 | |||
| 162 | while (fgets(olinebuf, SHA_TEST_MAXLINELEN, in)) | ||
| 163 | { | ||
| 164 | lnum++; | ||
| 165 | strcpy(linebuf, olinebuf); | ||
| 166 | keyword = linebuf; | ||
| 167 | /* Skip leading space */ | ||
| 168 | while (isspace((unsigned char)*keyword)) | ||
| 169 | keyword++; | ||
| 170 | |||
| 171 | /* Look for = sign */ | ||
| 172 | p = strchr(linebuf, '='); | ||
| 173 | |||
| 174 | /* If no = or starts with [ (for [L=20] line) just copy */ | ||
| 175 | if (!p) | ||
| 176 | { | ||
| 177 | fputs(olinebuf, out); | ||
| 178 | continue; | ||
| 179 | } | ||
| 180 | |||
| 181 | q = p - 1; | ||
| 182 | |||
| 183 | /* Remove trailing space */ | ||
| 184 | while (isspace((unsigned char)*q)) | ||
| 185 | *q-- = 0; | ||
| 186 | |||
| 187 | *p = 0; | ||
| 188 | value = p + 1; | ||
| 189 | |||
| 190 | /* Remove leading space from value */ | ||
| 191 | while (isspace((unsigned char)*value)) | ||
| 192 | value++; | ||
| 193 | |||
| 194 | /* Remove trailing space from value */ | ||
| 195 | p = value + strlen(value) - 1; | ||
| 196 | while (*p == '\n' || isspace((unsigned char)*p)) | ||
| 197 | *p-- = 0; | ||
| 198 | |||
| 199 | if (!strcmp(keyword,"[L") && *p==']') | ||
| 200 | { | ||
| 201 | switch (atoi(value)) | ||
| 202 | { | ||
| 203 | case 20: md=EVP_sha1(); break; | ||
| 204 | case 28: md=EVP_sha224(); break; | ||
| 205 | case 32: md=EVP_sha256(); break; | ||
| 206 | case 48: md=EVP_sha384(); break; | ||
| 207 | case 64: md=EVP_sha512(); break; | ||
| 208 | default: goto parse_error; | ||
| 209 | } | ||
| 210 | } | ||
| 211 | else if (!strcmp(keyword, "Len")) | ||
| 212 | { | ||
| 213 | if (Len != -1) | ||
| 214 | goto parse_error; | ||
| 215 | Len = atoi(value); | ||
| 216 | if (Len < 0) | ||
| 217 | goto parse_error; | ||
| 218 | /* Only handle multiples of 8 bits */ | ||
| 219 | if (Len & 0x7) | ||
| 220 | goto parse_error; | ||
| 221 | if (Len > SHA_TEST_MAX_BITS) | ||
| 222 | goto parse_error; | ||
| 223 | MsgLen = Len >> 3; | ||
| 224 | } | ||
| 225 | |||
| 226 | else if (!strcmp(keyword, "Msg")) | ||
| 227 | { | ||
| 228 | long tmplen; | ||
| 229 | if (strlen(value) & 1) | ||
| 230 | *(--value) = '0'; | ||
| 231 | if (Msg) | ||
| 232 | goto parse_error; | ||
| 233 | Msg = hex2bin_m(value, &tmplen); | ||
| 234 | if (!Msg) | ||
| 235 | goto parse_error; | ||
| 236 | } | ||
| 237 | else if (!strcmp(keyword, "Seed")) | ||
| 238 | { | ||
| 239 | if (strlen(value) & 1) | ||
| 240 | *(--value) = '0'; | ||
| 241 | if (Seed) | ||
| 242 | goto parse_error; | ||
| 243 | Seed = hex2bin_m(value, &SeedLen); | ||
| 244 | if (!Seed) | ||
| 245 | goto parse_error; | ||
| 246 | } | ||
| 247 | else if (!strcmp(keyword, "MD")) | ||
| 248 | continue; | ||
| 249 | else | ||
| 250 | goto parse_error; | ||
| 251 | |||
| 252 | fputs(olinebuf, out); | ||
| 253 | |||
| 254 | if (md && Msg && (MsgLen >= 0)) | ||
| 255 | { | ||
| 256 | if (!print_dgst(md, out, Msg, MsgLen)) | ||
| 257 | goto error; | ||
| 258 | OPENSSL_free(Msg); | ||
| 259 | Msg = NULL; | ||
| 260 | MsgLen = -1; | ||
| 261 | Len = -1; | ||
| 262 | } | ||
| 263 | else if (md && Seed && (SeedLen > 0)) | ||
| 264 | { | ||
| 265 | if (!print_monte(md, out, Seed, SeedLen)) | ||
| 266 | goto error; | ||
| 267 | OPENSSL_free(Seed); | ||
| 268 | Seed = NULL; | ||
| 269 | SeedLen = -1; | ||
| 270 | } | ||
| 271 | |||
| 272 | |||
| 273 | } | ||
| 274 | |||
| 275 | |||
| 276 | ret = 1; | ||
| 277 | |||
| 278 | |||
| 279 | error: | ||
| 280 | |||
| 281 | if (olinebuf) | ||
| 282 | OPENSSL_free(olinebuf); | ||
| 283 | if (linebuf) | ||
| 284 | OPENSSL_free(linebuf); | ||
| 285 | if (Msg) | ||
| 286 | OPENSSL_free(Msg); | ||
| 287 | if (Seed) | ||
| 288 | OPENSSL_free(Seed); | ||
| 289 | |||
| 290 | return ret; | ||
| 291 | |||
| 292 | parse_error: | ||
| 293 | |||
| 294 | fprintf(stderr, "FATAL parse error processing line %d\n", lnum); | ||
| 295 | |||
| 296 | goto error; | ||
| 297 | |||
| 298 | } | ||
| 299 | |||
| 300 | static int print_dgst(const EVP_MD *emd, FILE *out, | ||
| 301 | unsigned char *Msg, int Msglen) | ||
| 302 | { | ||
| 303 | int i, mdlen; | ||
| 304 | unsigned char md[EVP_MAX_MD_SIZE]; | ||
| 305 | if (!EVP_Digest(Msg, Msglen, md, (unsigned int *)&mdlen, emd, NULL)) | ||
| 306 | { | ||
| 307 | fputs("Error calculating HASH\n", stderr); | ||
| 308 | return 0; | ||
| 309 | } | ||
| 310 | fputs("MD = ", out); | ||
| 311 | for (i = 0; i < mdlen; i++) | ||
| 312 | fprintf(out, "%02x", md[i]); | ||
| 313 | fputs("\n", out); | ||
| 314 | return 1; | ||
| 315 | } | ||
| 316 | |||
| 317 | static int print_monte(const EVP_MD *md, FILE *out, | ||
| 318 | unsigned char *Seed, int SeedLen) | ||
| 319 | { | ||
| 320 | unsigned int i, j, k; | ||
| 321 | int ret = 0; | ||
| 322 | EVP_MD_CTX ctx; | ||
| 323 | unsigned char *m1, *m2, *m3, *p; | ||
| 324 | unsigned int mlen, m1len, m2len, m3len; | ||
| 325 | |||
| 326 | EVP_MD_CTX_init(&ctx); | ||
| 327 | |||
| 328 | if (SeedLen > EVP_MAX_MD_SIZE) | ||
| 329 | mlen = SeedLen; | ||
| 330 | else | ||
| 331 | mlen = EVP_MAX_MD_SIZE; | ||
| 332 | |||
| 333 | m1 = OPENSSL_malloc(mlen); | ||
| 334 | m2 = OPENSSL_malloc(mlen); | ||
| 335 | m3 = OPENSSL_malloc(mlen); | ||
| 336 | |||
| 337 | if (!m1 || !m2 || !m3) | ||
| 338 | goto mc_error; | ||
| 339 | |||
| 340 | m1len = m2len = m3len = SeedLen; | ||
| 341 | memcpy(m1, Seed, SeedLen); | ||
| 342 | memcpy(m2, Seed, SeedLen); | ||
| 343 | memcpy(m3, Seed, SeedLen); | ||
| 344 | |||
| 345 | fputs("\n", out); | ||
| 346 | |||
| 347 | for (j = 0; j < 100; j++) | ||
| 348 | { | ||
| 349 | for (i = 0; i < 1000; i++) | ||
| 350 | { | ||
| 351 | EVP_DigestInit_ex(&ctx, md, NULL); | ||
| 352 | EVP_DigestUpdate(&ctx, m1, m1len); | ||
| 353 | EVP_DigestUpdate(&ctx, m2, m2len); | ||
| 354 | EVP_DigestUpdate(&ctx, m3, m3len); | ||
| 355 | p = m1; | ||
| 356 | m1 = m2; | ||
| 357 | m1len = m2len; | ||
| 358 | m2 = m3; | ||
| 359 | m2len = m3len; | ||
| 360 | m3 = p; | ||
| 361 | EVP_DigestFinal_ex(&ctx, m3, &m3len); | ||
| 362 | } | ||
| 363 | fprintf(out, "COUNT = %d\n", j); | ||
| 364 | fputs("MD = ", out); | ||
| 365 | for (k = 0; k < m3len; k++) | ||
| 366 | fprintf(out, "%02x", m3[k]); | ||
| 367 | fputs("\n\n", out); | ||
| 368 | memcpy(m1, m3, m3len); | ||
| 369 | memcpy(m2, m3, m3len); | ||
| 370 | m1len = m2len = m3len; | ||
| 371 | } | ||
| 372 | |||
| 373 | ret = 1; | ||
| 374 | |||
| 375 | mc_error: | ||
| 376 | if (m1) | ||
| 377 | OPENSSL_free(m1); | ||
| 378 | if (m2) | ||
| 379 | OPENSSL_free(m2); | ||
| 380 | if (m3) | ||
| 381 | OPENSSL_free(m3); | ||
| 382 | |||
| 383 | EVP_MD_CTX_cleanup(&ctx); | ||
| 384 | |||
| 385 | return ret; | ||
| 386 | } | ||
| 387 | |||
| 388 | #endif | ||
diff --git a/src/lib/libssl/src/fips/sha/fips_standalone_sha1.c b/src/lib/libssl/src/fips/sha/fips_standalone_sha1.c new file mode 100644 index 0000000000..058b71a20f --- /dev/null +++ b/src/lib/libssl/src/fips/sha/fips_standalone_sha1.c | |||
| @@ -0,0 +1,173 @@ | |||
| 1 | /* ==================================================================== | ||
| 2 | * Copyright (c) 2003 The OpenSSL Project. All rights reserved. | ||
| 3 | * | ||
| 4 | * Redistribution and use in source and binary forms, with or without | ||
| 5 | * modification, are permitted provided that the following conditions | ||
| 6 | * are met: | ||
| 7 | * | ||
| 8 | * 1. Redistributions of source code must retain the above copyright | ||
| 9 | * notice, this list of conditions and the following disclaimer. | ||
| 10 | * | ||
| 11 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 12 | * notice, this list of conditions and the following disclaimer in | ||
| 13 | * the documentation and/or other materials provided with the | ||
| 14 | * distribution. | ||
| 15 | * | ||
| 16 | * 3. All advertising materials mentioning features or use of this | ||
| 17 | * software must display the following acknowledgment: | ||
| 18 | * "This product includes software developed by the OpenSSL Project | ||
| 19 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | ||
| 20 | * | ||
| 21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 22 | * endorse or promote products derived from this software without | ||
| 23 | * prior written permission. For written permission, please contact | ||
| 24 | * openssl-core@openssl.org. | ||
| 25 | * | ||
| 26 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 27 | * nor may "OpenSSL" appear in their names without prior written | ||
| 28 | * permission of the OpenSSL Project. | ||
| 29 | * | ||
| 30 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 31 | * acknowledgment: | ||
| 32 | * "This product includes software developed by the OpenSSL Project | ||
| 33 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | ||
| 34 | * | ||
| 35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 47 | * | ||
| 48 | */ | ||
| 49 | |||
| 50 | #include <stdio.h> | ||
| 51 | #include <stdlib.h> | ||
| 52 | #include <string.h> | ||
| 53 | #include <openssl/opensslconf.h> | ||
| 54 | #include <openssl/sha.h> | ||
| 55 | #include <openssl/hmac.h> | ||
| 56 | |||
| 57 | #ifndef FIPSCANISTER_O | ||
| 58 | int FIPS_selftest_failed() { return 0; } | ||
| 59 | void FIPS_selftest_check() {} | ||
| 60 | void OPENSSL_cleanse(void *p,size_t len) {} | ||
| 61 | #endif | ||
| 62 | |||
| 63 | #ifdef OPENSSL_FIPS | ||
| 64 | |||
| 65 | static void hmac_init(SHA_CTX *md_ctx,SHA_CTX *o_ctx, | ||
| 66 | const char *key) | ||
| 67 | { | ||
| 68 | int len=strlen(key); | ||
| 69 | int i; | ||
| 70 | unsigned char keymd[HMAC_MAX_MD_CBLOCK]; | ||
| 71 | unsigned char pad[HMAC_MAX_MD_CBLOCK]; | ||
| 72 | |||
| 73 | if (len > SHA_CBLOCK) | ||
| 74 | { | ||
| 75 | SHA1_Init(md_ctx); | ||
| 76 | SHA1_Update(md_ctx,key,len); | ||
| 77 | SHA1_Final(keymd,md_ctx); | ||
| 78 | len=20; | ||
| 79 | } | ||
| 80 | else | ||
| 81 | memcpy(keymd,key,len); | ||
| 82 | memset(&keymd[len],'\0',HMAC_MAX_MD_CBLOCK-len); | ||
| 83 | |||
| 84 | for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++) | ||
| 85 | pad[i]=0x36^keymd[i]; | ||
| 86 | SHA1_Init(md_ctx); | ||
| 87 | SHA1_Update(md_ctx,pad,SHA_CBLOCK); | ||
| 88 | |||
| 89 | for(i=0 ; i < HMAC_MAX_MD_CBLOCK ; i++) | ||
| 90 | pad[i]=0x5c^keymd[i]; | ||
| 91 | SHA1_Init(o_ctx); | ||
| 92 | SHA1_Update(o_ctx,pad,SHA_CBLOCK); | ||
| 93 | } | ||
| 94 | |||
| 95 | static void hmac_final(unsigned char *md,SHA_CTX *md_ctx,SHA_CTX *o_ctx) | ||
| 96 | { | ||
| 97 | unsigned char buf[20]; | ||
| 98 | |||
| 99 | SHA1_Final(buf,md_ctx); | ||
| 100 | SHA1_Update(o_ctx,buf,sizeof buf); | ||
| 101 | SHA1_Final(md,o_ctx); | ||
| 102 | } | ||
| 103 | |||
| 104 | #endif | ||
| 105 | |||
| 106 | int main(int argc,char **argv) | ||
| 107 | { | ||
| 108 | #ifdef OPENSSL_FIPS | ||
| 109 | static char key[]="etaonrishdlcupfm"; | ||
| 110 | int n,binary=0; | ||
| 111 | |||
| 112 | if(argc < 2) | ||
| 113 | { | ||
| 114 | fprintf(stderr,"%s [<file>]+\n",argv[0]); | ||
| 115 | exit(1); | ||
| 116 | } | ||
| 117 | |||
| 118 | n=1; | ||
| 119 | if (!strcmp(argv[n],"-binary")) | ||
| 120 | { | ||
| 121 | n++; | ||
| 122 | binary=1; /* emit binary fingerprint... */ | ||
| 123 | } | ||
| 124 | |||
| 125 | for(; n < argc ; ++n) | ||
| 126 | { | ||
| 127 | FILE *f=fopen(argv[n],"rb"); | ||
| 128 | SHA_CTX md_ctx,o_ctx; | ||
| 129 | unsigned char md[20]; | ||
| 130 | int i; | ||
| 131 | |||
| 132 | if(!f) | ||
| 133 | { | ||
| 134 | perror(argv[n]); | ||
| 135 | exit(2); | ||
| 136 | } | ||
| 137 | |||
| 138 | hmac_init(&md_ctx,&o_ctx,key); | ||
| 139 | for( ; ; ) | ||
| 140 | { | ||
| 141 | char buf[1024]; | ||
| 142 | int l=fread(buf,1,sizeof buf,f); | ||
| 143 | |||
| 144 | if(l == 0) | ||
| 145 | { | ||
| 146 | if(ferror(f)) | ||
| 147 | { | ||
| 148 | perror(argv[n]); | ||
| 149 | exit(3); | ||
| 150 | } | ||
| 151 | else | ||
| 152 | break; | ||
| 153 | } | ||
| 154 | SHA1_Update(&md_ctx,buf,l); | ||
| 155 | } | ||
| 156 | hmac_final(md,&md_ctx,&o_ctx); | ||
| 157 | |||
| 158 | if (binary) | ||
| 159 | { | ||
| 160 | fwrite(md,20,1,stdout); | ||
| 161 | break; /* ... for single(!) file */ | ||
| 162 | } | ||
| 163 | |||
| 164 | printf("HMAC-SHA1(%s)= ",argv[n]); | ||
| 165 | for(i=0 ; i < 20 ; ++i) | ||
| 166 | printf("%02x",md[i]); | ||
| 167 | printf("\n"); | ||
| 168 | } | ||
| 169 | #endif | ||
| 170 | return 0; | ||
| 171 | } | ||
| 172 | |||
| 173 | |||
diff --git a/src/lib/libssl/src/makevms.com b/src/lib/libssl/src/makevms.com index 4f70308082..e0b856d1bb 100644 --- a/src/lib/libssl/src/makevms.com +++ b/src/lib/libssl/src/makevms.com | |||
| @@ -429,11 +429,11 @@ $! | |||
| 429 | $ SDIRS := ,- | 429 | $ SDIRS := ,- |
| 430 | OBJECTS,- | 430 | OBJECTS,- |
| 431 | MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- | 431 | MD2,MD4,MD5,SHA,MDC2,HMAC,RIPEMD,- |
| 432 | DES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,- | 432 | DES,AES,RC2,RC4,RC5,IDEA,BF,CAST,CAMELLIA,SEED,- |
| 433 | BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,AES,- | 433 | BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,- |
| 434 | BUFFER,BIO,STACK,LHASH,RAND,ERR,- | 434 | BUFFER,BIO,STACK,LHASH,RAND,ERR,- |
| 435 | EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,- | 435 | EVP,ASN1,PEM,X509,X509V3,CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,- |
| 436 | STORE,CMS,PQUEUE | 436 | STORE,CMS,PQUEUE,JPAKE |
| 437 | $ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,symhacks.h,- | 437 | $ EXHEADER_ := crypto.h,tmdiff.h,opensslv.h,opensslconf.h,ebcdic.h,symhacks.h,- |
| 438 | ossl_typ.h | 438 | ossl_typ.h |
| 439 | $ EXHEADER_OBJECTS := objects.h,obj_mac.h | 439 | $ EXHEADER_OBJECTS := objects.h,obj_mac.h |
| @@ -445,6 +445,7 @@ $ EXHEADER_MDC2 := mdc2.h | |||
| 445 | $ EXHEADER_HMAC := hmac.h | 445 | $ EXHEADER_HMAC := hmac.h |
| 446 | $ EXHEADER_RIPEMD := ripemd.h | 446 | $ EXHEADER_RIPEMD := ripemd.h |
| 447 | $ EXHEADER_DES := des.h,des_old.h | 447 | $ EXHEADER_DES := des.h,des_old.h |
| 448 | $ EXHEADER_AES := aes.h | ||
| 448 | $ EXHEADER_RC2 := rc2.h | 449 | $ EXHEADER_RC2 := rc2.h |
| 449 | $ EXHEADER_RC4 := rc4.h | 450 | $ EXHEADER_RC4 := rc4.h |
| 450 | $ EXHEADER_RC5 := rc5.h | 451 | $ EXHEADER_RC5 := rc5.h |
| @@ -462,7 +463,6 @@ $ EXHEADER_DH := dh.h | |||
| 462 | $ EXHEADER_ECDH := ecdh.h | 463 | $ EXHEADER_ECDH := ecdh.h |
| 463 | $ EXHEADER_DSO := dso.h | 464 | $ EXHEADER_DSO := dso.h |
| 464 | $ EXHEADER_ENGINE := engine.h | 465 | $ EXHEADER_ENGINE := engine.h |
| 465 | $ EXHEADER_AES := aes.h | ||
| 466 | $ EXHEADER_BUFFER := buffer.h | 466 | $ EXHEADER_BUFFER := buffer.h |
| 467 | $ EXHEADER_BIO := bio.h | 467 | $ EXHEADER_BIO := bio.h |
| 468 | $ EXHEADER_STACK := stack.h,safestack.h | 468 | $ EXHEADER_STACK := stack.h,safestack.h |
| @@ -486,6 +486,7 @@ $!EXHEADER_STORE := store.h,str_compat.h | |||
| 486 | $ EXHEADER_STORE := store.h | 486 | $ EXHEADER_STORE := store.h |
| 487 | $ EXHEADER_CMS := cms.h | 487 | $ EXHEADER_CMS := cms.h |
| 488 | $ EXHEADER_PQUEUE := pqueue.h,pq_compat.h | 488 | $ EXHEADER_PQUEUE := pqueue.h,pq_compat.h |
| 489 | $ EXHEADER_JPAKE := jpake.h | ||
| 489 | $ | 490 | $ |
| 490 | $ I = 0 | 491 | $ I = 0 |
| 491 | $ LOOP_SDIRS: | 492 | $ LOOP_SDIRS: |
diff --git a/src/lib/libssl/src/ms/do_fips.bat b/src/lib/libssl/src/ms/do_fips.bat new file mode 100644 index 0000000000..8d27eb05bd --- /dev/null +++ b/src/lib/libssl/src/ms/do_fips.bat | |||
| @@ -0,0 +1,204 @@ | |||
| 1 | @echo off | ||
| 2 | |||
| 3 | SET ASM=%1 | ||
| 4 | |||
| 5 | if NOT X%PROCESSOR_ARCHITECTURE% == X goto defined | ||
| 6 | |||
| 7 | echo Processor Architecture Undefined: defaulting to X86 | ||
| 8 | |||
| 9 | goto X86 | ||
| 10 | |||
| 11 | :defined | ||
| 12 | |||
| 13 | if %PROCESSOR_ARCHITECTURE% == x86 goto X86 | ||
| 14 | |||
| 15 | if %PROCESSOR_ARCHITECTURE% == IA64 goto IA64 | ||
| 16 | |||
| 17 | if %PROCESSOR_ARCHITECTURE% == AMD64 goto AMD64 | ||
| 18 | |||
| 19 | echo Processor Architecture Unrecognized: defaulting to X86 | ||
| 20 | |||
| 21 | :X86 | ||
| 22 | echo Auto Configuring for X86 | ||
| 23 | |||
| 24 | SET TARGET=VC-WIN32 | ||
| 25 | |||
| 26 | if x%ASM% == xno-asm goto compile | ||
| 27 | echo Generating x86 for NASM assember | ||
| 28 | SET ASM=nasm | ||
| 29 | SET ASMOPTS=-DOPENSSL_IA32_SSE2 | ||
| 30 | |||
| 31 | echo Bignum | ||
| 32 | cd crypto\bn\asm | ||
| 33 | perl bn-586.pl win32n %ASMOPTS% > bn_win32.asm | ||
| 34 | if ERRORLEVEL 1 goto error | ||
| 35 | perl co-586.pl win32n %ASMOPTS% > co_win32.asm | ||
| 36 | if ERRORLEVEL 1 goto error | ||
| 37 | perl mo-586.pl win32n %ASMOPTS% > mt_win32.asm | ||
| 38 | if ERRORLEVEL 1 goto error | ||
| 39 | cd ..\..\.. | ||
| 40 | |||
| 41 | echo AES | ||
| 42 | cd crypto\aes\asm | ||
| 43 | perl aes-586.pl win32n %ASMOPTS% > a_win32.asm | ||
| 44 | if ERRORLEVEL 1 goto error | ||
| 45 | cd ..\..\.. | ||
| 46 | |||
| 47 | echo DES | ||
| 48 | cd crypto\des\asm | ||
| 49 | perl des-586.pl win32n %ASMOPTS% > d_win32.asm | ||
| 50 | if ERRORLEVEL 1 goto error | ||
| 51 | cd ..\..\.. | ||
| 52 | |||
| 53 | echo "crypt(3)" | ||
| 54 | |||
| 55 | cd crypto\des\asm | ||
| 56 | perl crypt586.pl win32n %ASMOPTS% > y_win32.asm | ||
| 57 | if ERRORLEVEL 1 goto error | ||
| 58 | cd ..\..\.. | ||
| 59 | |||
| 60 | echo Blowfish | ||
| 61 | |||
| 62 | cd crypto\bf\asm | ||
| 63 | perl bf-586.pl win32n %ASMOPTS% > b_win32.asm | ||
| 64 | if ERRORLEVEL 1 goto error | ||
| 65 | cd ..\..\.. | ||
| 66 | |||
| 67 | echo CAST5 | ||
| 68 | cd crypto\cast\asm | ||
| 69 | perl cast-586.pl win32n %ASMOPTS% > c_win32.asm | ||
| 70 | if ERRORLEVEL 1 goto error | ||
| 71 | cd ..\..\.. | ||
| 72 | |||
| 73 | echo RC4 | ||
| 74 | cd crypto\rc4\asm | ||
| 75 | perl rc4-586.pl win32n %ASMOPTS% > r4_win32.asm | ||
| 76 | if ERRORLEVEL 1 goto error | ||
| 77 | cd ..\..\.. | ||
| 78 | |||
| 79 | echo MD5 | ||
| 80 | cd crypto\md5\asm | ||
| 81 | perl md5-586.pl win32n %ASMOPTS% > m5_win32.asm | ||
| 82 | if ERRORLEVEL 1 goto error | ||
| 83 | cd ..\..\.. | ||
| 84 | |||
| 85 | echo SHA1 | ||
| 86 | cd crypto\sha\asm | ||
| 87 | perl sha1-586.pl win32n %ASMOPTS% > s1_win32.asm | ||
| 88 | if ERRORLEVEL 1 goto error | ||
| 89 | perl sha512-sse2.pl win32n %ASMOPTS% > sha512-sse2.asm | ||
| 90 | if ERRORLEVEL 1 goto error | ||
| 91 | cd ..\..\.. | ||
| 92 | |||
| 93 | echo RIPEMD160 | ||
| 94 | cd crypto\ripemd\asm | ||
| 95 | perl rmd-586.pl win32n %ASMOPTS% > rm_win32.asm | ||
| 96 | if ERRORLEVEL 1 goto error | ||
| 97 | cd ..\..\.. | ||
| 98 | |||
| 99 | echo RC5\32 | ||
| 100 | cd crypto\rc5\asm | ||
| 101 | perl rc5-586.pl win32n %ASMOPTS% > r5_win32.asm | ||
| 102 | if ERRORLEVEL 1 goto error | ||
| 103 | cd ..\..\.. | ||
| 104 | |||
| 105 | echo CPU-ID | ||
| 106 | cd crypto | ||
| 107 | perl x86cpuid.pl win32n %ASMOPTS% > cpu_win32.asm | ||
| 108 | if ERRORLEVEL 1 goto error | ||
| 109 | cd .. | ||
| 110 | |||
| 111 | goto compile | ||
| 112 | |||
| 113 | :IA64 | ||
| 114 | |||
| 115 | echo Auto Configuring for IA64 | ||
| 116 | SET TARGET=VC-WIN64I | ||
| 117 | perl ms\uplink.pl win64i > ms\uptable.asm | ||
| 118 | if ERRORLEVEL 1 goto error | ||
| 119 | ias -o ms\uptable.obj ms\uptable.asm | ||
| 120 | if ERRORLEVEL 1 goto error | ||
| 121 | |||
| 122 | goto compile | ||
| 123 | |||
| 124 | :AMD64 | ||
| 125 | |||
| 126 | echo Auto Configuring for AMD64 | ||
| 127 | SET TARGET=VC-WIN64A | ||
| 128 | perl ms\uplink.pl win64a > ms\uptable.asm | ||
| 129 | if ERRORLEVEL 1 goto error | ||
| 130 | ml64 -c -Foms\uptable.obj ms\uptable.asm | ||
| 131 | if ERRORLEVEL 1 goto error | ||
| 132 | |||
| 133 | if x%ASM% == xno-asm goto compile | ||
| 134 | echo Generating x86_64 for ML64 assember | ||
| 135 | SET ASM=ml64 | ||
| 136 | |||
| 137 | echo Bignum | ||
| 138 | cd crypto\bn\asm | ||
| 139 | perl x86_64-mont.pl x86_64-mont.asm | ||
| 140 | if ERRORLEVEL 1 goto error | ||
| 141 | cd ..\..\.. | ||
| 142 | |||
| 143 | echo AES | ||
| 144 | cd crypto\aes\asm | ||
| 145 | perl aes-x86_64.pl aes-x86_64.asm | ||
| 146 | if ERRORLEVEL 1 goto error | ||
| 147 | cd ..\..\.. | ||
| 148 | |||
| 149 | echo SHA | ||
| 150 | cd crypto\sha\asm | ||
| 151 | perl sha1-x86_64.pl sha1-x86_64.asm | ||
| 152 | if ERRORLEVEL 1 goto error | ||
| 153 | perl sha512-x86_64.pl sha256-x86_64.asm | ||
| 154 | if ERRORLEVEL 1 goto error | ||
| 155 | perl sha512-x86_64.pl sha512-x86_64.asm | ||
| 156 | if ERRORLEVEL 1 goto error | ||
| 157 | cd ..\..\.. | ||
| 158 | |||
| 159 | echo CPU-ID | ||
| 160 | cd crypto | ||
| 161 | perl x86_64cpuid.pl cpuid-x86_64.asm | ||
| 162 | if ERRORLEVEL 1 goto error | ||
| 163 | cd .. | ||
| 164 | |||
| 165 | :compile | ||
| 166 | |||
| 167 | perl Configure %TARGET% fipscanisterbuild | ||
| 168 | pause | ||
| 169 | |||
| 170 | echo on | ||
| 171 | |||
| 172 | perl util\mkfiles.pl >MINFO | ||
| 173 | @if ERRORLEVEL 1 goto error | ||
| 174 | perl util\mk1mf.pl dll %ASM% %TARGET% >ms\ntdll.mak | ||
| 175 | @if ERRORLEVEL 1 goto error | ||
| 176 | |||
| 177 | perl util\mkdef.pl 32 libeay > ms\libeay32.def | ||
| 178 | @if ERRORLEVEL 1 goto error | ||
| 179 | perl util\mkdef.pl 32 ssleay > ms\ssleay32.def | ||
| 180 | @if ERRORLEVEL 1 goto error | ||
| 181 | |||
| 182 | nmake -f ms\ntdll.mak clean | ||
| 183 | nmake -f ms\ntdll.mak | ||
| 184 | @if ERRORLEVEL 1 goto error | ||
| 185 | |||
| 186 | @echo. | ||
| 187 | @echo. | ||
| 188 | @echo. | ||
| 189 | @echo *************************** | ||
| 190 | @echo ****FIPS BUILD SUCCESS***** | ||
| 191 | @echo *************************** | ||
| 192 | |||
| 193 | @goto end | ||
| 194 | |||
| 195 | :error | ||
| 196 | |||
| 197 | @echo. | ||
| 198 | @echo. | ||
| 199 | @echo. | ||
| 200 | @echo *************************** | ||
| 201 | @echo ****FIPS BUILD FAILURE***** | ||
| 202 | @echo *************************** | ||
| 203 | |||
| 204 | :end | ||
diff --git a/src/lib/libssl/src/ms/do_masm.bat b/src/lib/libssl/src/ms/do_masm.bat index 6ea1c98716..8c22256b32 100644 --- a/src/lib/libssl/src/ms/do_masm.bat +++ b/src/lib/libssl/src/ms/do_masm.bat | |||
| @@ -7,6 +7,7 @@ echo Bignum | |||
| 7 | cd crypto\bn\asm | 7 | cd crypto\bn\asm |
| 8 | perl bn-586.pl win32 %ASMOPTS% > bn_win32.asm | 8 | perl bn-586.pl win32 %ASMOPTS% > bn_win32.asm |
| 9 | perl co-586.pl win32 %ASMOPTS% > co_win32.asm | 9 | perl co-586.pl win32 %ASMOPTS% > co_win32.asm |
| 10 | perl mo-586.pl win32 %ASMOPTS% > mt_win32.asm | ||
| 10 | cd ..\..\.. | 11 | cd ..\..\.. |
| 11 | 12 | ||
| 12 | echo AES | 13 | echo AES |
diff --git a/src/lib/libssl/src/ms/do_nasm.bat b/src/lib/libssl/src/ms/do_nasm.bat index 7a2fa45663..7656c498df 100644 --- a/src/lib/libssl/src/ms/do_nasm.bat +++ b/src/lib/libssl/src/ms/do_nasm.bat | |||
| @@ -8,6 +8,7 @@ echo Bignum | |||
| 8 | cd crypto\bn\asm | 8 | cd crypto\bn\asm |
| 9 | perl bn-586.pl win32n %ASMOPTS% > bn_win32.asm | 9 | perl bn-586.pl win32n %ASMOPTS% > bn_win32.asm |
| 10 | perl co-586.pl win32n %ASMOPTS% > co_win32.asm | 10 | perl co-586.pl win32n %ASMOPTS% > co_win32.asm |
| 11 | perl mo-586.pl win32n %ASMOPTS% > mt_win32.asm | ||
| 11 | cd ..\..\.. | 12 | cd ..\..\.. |
| 12 | 13 | ||
| 13 | echo AES | 14 | echo AES |
diff --git a/src/lib/libssl/src/ms/segrenam.pl b/src/lib/libssl/src/ms/segrenam.pl new file mode 100644 index 0000000000..2ab22a0459 --- /dev/null +++ b/src/lib/libssl/src/ms/segrenam.pl | |||
| @@ -0,0 +1,65 @@ | |||
| 1 | #!/usr/bin/env perl | ||
| 2 | |||
| 3 | my $quiet = 1; | ||
| 4 | |||
| 5 | unpack("L",pack("N",1))!=1 || die "only little-endian hosts are supported"; | ||
| 6 | |||
| 7 | # first argument can specify custom suffix... | ||
| 8 | $suffix=(@ARGV[0]=~/^\$/) ? shift(@ARGV) : "\$m"; | ||
| 9 | ################################################################# | ||
| 10 | # rename segments in COFF modules according to %map table below # | ||
| 11 | %map=( ".text" => "fipstx$suffix", # | ||
| 12 | ".text\$"=> "fipstx$suffix", # | ||
| 13 | ".rdata"=> "fipsrd$suffix", # | ||
| 14 | ".data" => "fipsda$suffix" ); # | ||
| 15 | ################################################################# | ||
| 16 | |||
| 17 | # collect file list | ||
| 18 | foreach (@ARGV) { | ||
| 19 | if (/\*/) { push(@files,glob($_)); } | ||
| 20 | else { push(@files,$_); } | ||
| 21 | } | ||
| 22 | |||
| 23 | use Fcntl; | ||
| 24 | use Fcntl ":seek"; | ||
| 25 | |||
| 26 | foreach (@files) { | ||
| 27 | $file=$_; | ||
| 28 | print "processing $file\n" unless $quiet; | ||
| 29 | |||
| 30 | sysopen(FD,$file,O_RDWR|O_BINARY) || die "sysopen($file): $!"; | ||
| 31 | |||
| 32 | # read IMAGE_DOS_HEADER | ||
| 33 | sysread(FD,$mz,64)==64 || die "$file is too short"; | ||
| 34 | @dos_header=unpack("a2C58I",$mz); | ||
| 35 | if (@dos_header[0] eq "MZ") { | ||
| 36 | $e_lfanew=pop(@dos_header); | ||
| 37 | sysseek(FD,$e_lfanew,SEEK_SET) || die "$file is too short"; | ||
| 38 | sysread(FD,$Magic,4)==4 || die "$file is too short"; | ||
| 39 | unpack("I",$Magic)==0x4550 || die "$file is not COFF image"; | ||
| 40 | } elsif ($file =~ /\.obj$/i) { | ||
| 41 | # .obj files have no IMAGE_DOS_HEADER | ||
| 42 | sysseek(FD,0,SEEK_SET) || die "unable to rewind $file"; | ||
| 43 | } else { next; } | ||
| 44 | |||
| 45 | # read IMAGE_FILE_HEADER | ||
| 46 | sysread(FD,$coff,20)==20 || die "$file is too short"; | ||
| 47 | ($Machine,$NumberOfSections,$TimeDateStamp, | ||
| 48 | $PointerToSymbolTable,$NumberOfSysmbols, | ||
| 49 | $SizeOfOptionalHeader,$Characteristics)=unpack("SSIIISS",$coff); | ||
| 50 | |||
| 51 | # skip over IMAGE_OPTIONAL_HEADER | ||
| 52 | sysseek(FD,$SizeOfOptionalHeader,SEEK_CUR) || die "$file is too short"; | ||
| 53 | |||
| 54 | # traverse IMAGE_SECTION_HEADER table | ||
| 55 | for($i=0;$i<$NumberOfSections;$i++) { | ||
| 56 | sysread(FD,$SectionHeader,40)==40 || die "$file is too short"; | ||
| 57 | ($Name,@opaque)=unpack("Z8C*",$SectionHeader); | ||
| 58 | if ($map{$Name}) { | ||
| 59 | sysseek(FD,-40,SEEK_CUR) || die "unable to rewind $file"; | ||
| 60 | syswrite(FD,pack("a8C*",$map{$Name},@opaque))==40 || die "syswrite failed: $!"; | ||
| 61 | printf " %-8s -> %.8s\n",$Name,$map{$Name} unless $quiet; | ||
| 62 | } | ||
| 63 | } | ||
| 64 | close(FD); | ||
| 65 | } | ||
diff --git a/src/lib/libssl/src/ms/test.bat b/src/lib/libssl/src/ms/test.bat index 5085670b99..f729261782 100644 --- a/src/lib/libssl/src/ms/test.bat +++ b/src/lib/libssl/src/ms/test.bat | |||
| @@ -1,195 +1,190 @@ | |||
| 1 | @echo off | 1 | @echo off |
| 2 | 2 | ||
| 3 | set test=..\ms | 3 | set test=..\ms |
| 4 | set opath=%PATH% | 4 | set opath=%PATH% |
| 5 | PATH=..\ms;%PATH% | 5 | PATH=..\ms;%PATH% |
| 6 | set OPENSSL_CONF=..\apps\openssl.cnf | 6 | set OPENSSL_CONF=..\apps\openssl.cnf |
| 7 | 7 | ||
| 8 | rem run this from inside the bin directory | 8 | rem run this from inside the bin directory |
| 9 | 9 | ||
| 10 | echo rsa_test | 10 | echo rsa_test |
| 11 | rsa_test | 11 | rsa_test |
| 12 | if errorlevel 1 goto done | 12 | if errorlevel 1 goto done |
| 13 | 13 | ||
| 14 | echo destest | 14 | echo destest |
| 15 | destest | 15 | destest |
| 16 | if errorlevel 1 goto done | 16 | if errorlevel 1 goto done |
| 17 | 17 | ||
| 18 | echo ideatest | 18 | echo ideatest |
| 19 | ideatest | 19 | ideatest |
| 20 | if errorlevel 1 goto done | 20 | if errorlevel 1 goto done |
| 21 | 21 | ||
| 22 | echo bftest | 22 | echo bftest |
| 23 | bftest | 23 | bftest |
| 24 | if errorlevel 1 goto done | 24 | if errorlevel 1 goto done |
| 25 | 25 | ||
| 26 | echo shatest | 26 | echo shatest |
| 27 | shatest | 27 | shatest |
| 28 | if errorlevel 1 goto done | 28 | if errorlevel 1 goto done |
| 29 | 29 | ||
| 30 | echo sha1test | 30 | echo sha1test |
| 31 | sha1test | 31 | sha1test |
| 32 | if errorlevel 1 goto done | 32 | if errorlevel 1 goto done |
| 33 | 33 | ||
| 34 | echo md5test | 34 | echo md5test |
| 35 | md5test | 35 | md5test |
| 36 | if errorlevel 1 goto done | 36 | if errorlevel 1 goto done |
| 37 | 37 | ||
| 38 | echo md2test | 38 | echo md2test |
| 39 | md2test | 39 | md2test |
| 40 | if errorlevel 1 goto done | 40 | if errorlevel 1 goto done |
| 41 | 41 | ||
| 42 | echo rc2test | 42 | echo rc2test |
| 43 | rc2test | 43 | rc2test |
| 44 | if errorlevel 1 goto done | 44 | if errorlevel 1 goto done |
| 45 | 45 | ||
| 46 | echo rc4test | 46 | echo rc4test |
| 47 | rc4test | 47 | rc4test |
| 48 | if errorlevel 1 goto done | 48 | if errorlevel 1 goto done |
| 49 | 49 | ||
| 50 | echo randtest | 50 | echo randtest |
| 51 | randtest | 51 | randtest |
| 52 | if errorlevel 1 goto done | 52 | if errorlevel 1 goto done |
| 53 | 53 | ||
| 54 | echo dhtest | 54 | echo dhtest |
| 55 | dhtest | 55 | dhtest |
| 56 | if errorlevel 1 goto done | 56 | if errorlevel 1 goto done |
| 57 | 57 | ||
| 58 | echo exptest | 58 | echo exptest |
| 59 | exptest | 59 | exptest |
| 60 | if errorlevel 1 goto done | 60 | if errorlevel 1 goto done |
| 61 | 61 | ||
| 62 | echo dsatest | 62 | echo dsatest |
| 63 | dsatest | 63 | dsatest |
| 64 | if errorlevel 1 goto done | 64 | if errorlevel 1 goto done |
| 65 | 65 | ||
| 66 | echo ectest | 66 | echo ectest |
| 67 | ectest | 67 | ectest |
| 68 | if errorlevel 1 goto done | 68 | if errorlevel 1 goto done |
| 69 | 69 | ||
| 70 | echo testenc | 70 | echo testenc |
| 71 | call %test%\testenc openssl | 71 | call %test%\testenc openssl |
| 72 | if errorlevel 1 goto done | 72 | if errorlevel 1 goto done |
| 73 | 73 | ||
| 74 | echo testpem | 74 | echo testpem |
| 75 | call %test%\testpem openssl | 75 | call %test%\testpem openssl |
| 76 | if errorlevel 1 goto done | 76 | if errorlevel 1 goto done |
| 77 | 77 | ||
| 78 | echo verify | 78 | echo testss |
| 79 | copy ..\certs\*.pem cert.tmp >nul | 79 | call %test%\testss openssl |
| 80 | openssl verify -CAfile cert.tmp ..\certs\*.pem | 80 | if errorlevel 1 goto done |
| 81 | 81 | ||
| 82 | echo testss | 82 | set SSL_TEST=ssltest -key keyU.ss -cert certU.ss -c_key keyU.ss -c_cert certU.ss -CAfile certCA.ss |
| 83 | call %test%\testss openssl | 83 | |
| 84 | if errorlevel 1 goto done | 84 | echo test sslv2 |
| 85 | 85 | ssltest -ssl2 | |
| 86 | set SSL_TEST=ssltest -key keyU.ss -cert certU.ss -c_key keyU.ss -c_cert certU.ss -CAfile certCA.ss | 86 | if errorlevel 1 goto done |
| 87 | 87 | ||
| 88 | echo test sslv2 | 88 | echo test sslv2 with server authentication |
| 89 | ssltest -ssl2 | 89 | %SSL_TEST% -ssl2 -server_auth |
| 90 | if errorlevel 1 goto done | 90 | if errorlevel 1 goto done |
| 91 | 91 | ||
| 92 | echo test sslv2 with server authentication | 92 | echo test sslv2 with client authentication |
| 93 | %SSL_TEST% -ssl2 -server_auth | 93 | %SSL_TEST% -ssl2 -client_auth |
| 94 | if errorlevel 1 goto done | 94 | if errorlevel 1 goto done |
| 95 | 95 | ||
| 96 | echo test sslv2 with client authentication | 96 | echo test sslv2 with both client and server authentication |
| 97 | %SSL_TEST% -ssl2 -client_auth | 97 | %SSL_TEST% -ssl2 -server_auth -client_auth |
| 98 | if errorlevel 1 goto done | 98 | if errorlevel 1 goto done |
| 99 | 99 | ||
| 100 | echo test sslv2 with both client and server authentication | 100 | echo test sslv3 |
| 101 | %SSL_TEST% -ssl2 -server_auth -client_auth | 101 | ssltest -ssl3 |
| 102 | if errorlevel 1 goto done | 102 | if errorlevel 1 goto done |
| 103 | 103 | ||
| 104 | echo test sslv3 | 104 | echo test sslv3 with server authentication |
| 105 | ssltest -ssl3 | 105 | %SSL_TEST% -ssl3 -server_auth |
| 106 | if errorlevel 1 goto done | 106 | if errorlevel 1 goto done |
| 107 | 107 | ||
| 108 | echo test sslv3 with server authentication | 108 | echo test sslv3 with client authentication |
| 109 | %SSL_TEST% -ssl3 -server_auth | 109 | %SSL_TEST% -ssl3 -client_auth |
| 110 | if errorlevel 1 goto done | 110 | if errorlevel 1 goto done |
| 111 | 111 | ||
| 112 | echo test sslv3 with client authentication | 112 | echo test sslv3 with both client and server authentication |
| 113 | %SSL_TEST% -ssl3 -client_auth | 113 | %SSL_TEST% -ssl3 -server_auth -client_auth |
| 114 | if errorlevel 1 goto done | 114 | if errorlevel 1 goto done |
| 115 | 115 | ||
| 116 | echo test sslv3 with both client and server authentication | 116 | echo test sslv2/sslv3 |
| 117 | %SSL_TEST% -ssl3 -server_auth -client_auth | 117 | ssltest |
| 118 | if errorlevel 1 goto done | 118 | if errorlevel 1 goto done |
| 119 | 119 | ||
| 120 | echo test sslv2/sslv3 | 120 | echo test sslv2/sslv3 with server authentication |
| 121 | ssltest | 121 | %SSL_TEST% -server_auth |
| 122 | if errorlevel 1 goto done | 122 | if errorlevel 1 goto done |
| 123 | 123 | ||
| 124 | echo test sslv2/sslv3 with server authentication | 124 | echo test sslv2/sslv3 with client authentication |
| 125 | %SSL_TEST% -server_auth | 125 | %SSL_TEST% -client_auth |
| 126 | if errorlevel 1 goto done | 126 | if errorlevel 1 goto done |
| 127 | 127 | ||
| 128 | echo test sslv2/sslv3 with client authentication | 128 | echo test sslv2/sslv3 with both client and server authentication |
| 129 | %SSL_TEST% -client_auth | 129 | %SSL_TEST% -server_auth -client_auth |
| 130 | if errorlevel 1 goto done | 130 | if errorlevel 1 goto done |
| 131 | 131 | ||
| 132 | echo test sslv2/sslv3 with both client and server authentication | 132 | echo test sslv2 via BIO pair |
| 133 | %SSL_TEST% -server_auth -client_auth | 133 | ssltest -bio_pair -ssl2 |
| 134 | if errorlevel 1 goto done | 134 | if errorlevel 1 goto done |
| 135 | 135 | ||
| 136 | echo test sslv2 via BIO pair | 136 | echo test sslv2/sslv3 with 1024 bit DHE via BIO pair |
| 137 | ssltest -bio_pair -ssl2 | 137 | ssltest -bio_pair -dhe1024dsa -v |
| 138 | if errorlevel 1 goto done | 138 | if errorlevel 1 goto done |
| 139 | 139 | ||
| 140 | echo test sslv2/sslv3 with 1024 bit DHE via BIO pair | 140 | echo test sslv2 with server authentication via BIO pair |
| 141 | ssltest -bio_pair -dhe1024dsa -v | 141 | %SSL_TEST% -bio_pair -ssl2 -server_auth |
| 142 | if errorlevel 1 goto done | 142 | if errorlevel 1 goto done |
| 143 | 143 | ||
| 144 | echo test sslv2 with server authentication via BIO pair | 144 | echo test sslv2 with client authentication via BIO pair |
| 145 | %SSL_TEST% -bio_pair -ssl2 -server_auth | 145 | %SSL_TEST% -bio_pair -ssl2 -client_auth |
| 146 | if errorlevel 1 goto done | 146 | if errorlevel 1 goto done |
| 147 | 147 | ||
| 148 | echo test sslv2 with client authentication via BIO pair | 148 | echo test sslv2 with both client and server authentication via BIO pair |
| 149 | %SSL_TEST% -bio_pair -ssl2 -client_auth | 149 | %SSL_TEST% -bio_pair -ssl2 -server_auth -client_auth |
| 150 | if errorlevel 1 goto done | 150 | if errorlevel 1 goto done |
| 151 | 151 | ||
| 152 | echo test sslv2 with both client and server authentication via BIO pair | 152 | echo test sslv3 via BIO pair |
| 153 | %SSL_TEST% -bio_pair -ssl2 -server_auth -client_auth | 153 | ssltest -bio_pair -ssl3 |
| 154 | if errorlevel 1 goto done | 154 | if errorlevel 1 goto done |
| 155 | 155 | ||
| 156 | echo test sslv3 via BIO pair | 156 | echo test sslv3 with server authentication via BIO pair |
| 157 | ssltest -bio_pair -ssl3 | 157 | %SSL_TEST% -bio_pair -ssl3 -server_auth |
| 158 | if errorlevel 1 goto done | 158 | if errorlevel 1 goto done |
| 159 | 159 | ||
| 160 | echo test sslv3 with server authentication via BIO pair | 160 | echo test sslv3 with client authentication via BIO pair |
| 161 | %SSL_TEST% -bio_pair -ssl3 -server_auth | 161 | %SSL_TEST% -bio_pair -ssl3 -client_auth |
| 162 | if errorlevel 1 goto done | 162 | if errorlevel 1 goto done |
| 163 | 163 | ||
| 164 | echo test sslv3 with client authentication via BIO pair | 164 | echo test sslv3 with both client and server authentication via BIO pair |
| 165 | %SSL_TEST% -bio_pair -ssl3 -client_auth | 165 | %SSL_TEST% -bio_pair -ssl3 -server_auth -client_auth |
| 166 | if errorlevel 1 goto done | 166 | if errorlevel 1 goto done |
| 167 | 167 | ||
| 168 | echo test sslv3 with both client and server authentication via BIO pair | 168 | echo test sslv2/sslv3 via BIO pair |
| 169 | %SSL_TEST% -bio_pair -ssl3 -server_auth -client_auth | 169 | ssltest -bio_pair |
| 170 | if errorlevel 1 goto done | 170 | if errorlevel 1 goto done |
| 171 | 171 | ||
| 172 | echo test sslv2/sslv3 via BIO pair | 172 | echo test sslv2/sslv3 with server authentication |
| 173 | ssltest -bio_pair | 173 | %SSL_TEST% -bio_pair -server_auth |
| 174 | if errorlevel 1 goto done | 174 | if errorlevel 1 goto done |
| 175 | 175 | ||
| 176 | echo test sslv2/sslv3 with server authentication | 176 | echo test sslv2/sslv3 with client authentication via BIO pair |
| 177 | %SSL_TEST% -bio_pair -server_auth | 177 | %SSL_TEST% -bio_pair -client_auth |
| 178 | if errorlevel 1 goto done | 178 | if errorlevel 1 goto done |
| 179 | 179 | ||
| 180 | echo test sslv2/sslv3 with client authentication via BIO pair | 180 | echo test sslv2/sslv3 with both client and server authentication via BIO pair |
| 181 | %SSL_TEST% -bio_pair -client_auth | 181 | %SSL_TEST% -bio_pair -server_auth -client_auth |
| 182 | if errorlevel 1 goto done | 182 | if errorlevel 1 goto done |
| 183 | 183 | ||
| 184 | echo test sslv2/sslv3 with both client and server authentication via BIO pair | 184 | |
| 185 | %SSL_TEST% -bio_pair -server_auth -client_auth | 185 | echo passed all tests |
| 186 | if errorlevel 1 goto done | 186 | goto end |
| 187 | 187 | :done | |
| 188 | del cert.tmp | 188 | echo problems..... |
| 189 | 189 | :end | |
| 190 | echo passed all tests | 190 | PATH=%opath% |
| 191 | goto end | ||
| 192 | :done | ||
| 193 | echo problems..... | ||
| 194 | :end | ||
| 195 | PATH=%opath% | ||
diff --git a/src/lib/libssl/src/openssl.spec b/src/lib/libssl/src/openssl.spec index 4acba76aa2..6008c3c9c8 100644 --- a/src/lib/libssl/src/openssl.spec +++ b/src/lib/libssl/src/openssl.spec | |||
| @@ -1,7 +1,7 @@ | |||
| 1 | %define libmaj 0 | 1 | %define libmaj 0 |
| 2 | %define libmin 9 | 2 | %define libmin 9 |
| 3 | %define librel 8 | 3 | %define librel 8 |
| 4 | %define librev h | 4 | %define librev j |
| 5 | Release: 1 | 5 | Release: 1 |
| 6 | 6 | ||
| 7 | %define openssldir /var/ssl | 7 | %define openssldir /var/ssl |
diff --git a/src/lib/libssl/src/ssl/Makefile b/src/lib/libssl/src/ssl/Makefile index 2754632849..46c06597fa 100644 --- a/src/lib/libssl/src/ssl/Makefile +++ b/src/lib/libssl/src/ssl/Makefile | |||
| @@ -53,7 +53,7 @@ ALL= $(GENERAL) $(SRC) $(HEADER) | |||
| 53 | top: | 53 | top: |
| 54 | (cd ..; $(MAKE) DIRS=$(DIR) all) | 54 | (cd ..; $(MAKE) DIRS=$(DIR) all) |
| 55 | 55 | ||
| 56 | all: shared | 56 | all: lib |
| 57 | 57 | ||
| 58 | lib: $(LIBOBJ) | 58 | lib: $(LIBOBJ) |
| 59 | $(AR) $(LIB) $(LIBOBJ) | 59 | $(AR) $(LIB) $(LIBOBJ) |
| @@ -111,7 +111,8 @@ bio_ssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h | |||
| 111 | bio_ssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 111 | bio_ssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 112 | bio_ssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 112 | bio_ssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 113 | bio_ssl.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 113 | bio_ssl.o: ../include/openssl/ecdsa.h ../include/openssl/err.h |
| 114 | bio_ssl.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 114 | bio_ssl.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 115 | bio_ssl.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 115 | bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 116 | bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 116 | bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 117 | bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 117 | bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 118 | bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| @@ -130,6 +131,7 @@ d1_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 130 | d1_both.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 131 | d1_both.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 131 | d1_both.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 132 | d1_both.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 132 | d1_both.o: ../include/openssl/err.h ../include/openssl/evp.h | 133 | d1_both.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 134 | d1_both.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 133 | d1_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 135 | d1_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 134 | d1_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 136 | d1_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 135 | d1_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 137 | d1_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -150,7 +152,8 @@ d1_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h | |||
| 150 | d1_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 152 | d1_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 151 | d1_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 153 | d1_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 152 | d1_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 154 | d1_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h |
| 153 | d1_clnt.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 155 | d1_clnt.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 156 | d1_clnt.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 154 | d1_clnt.o: ../include/openssl/lhash.h ../include/openssl/md5.h | 157 | d1_clnt.o: ../include/openssl/lhash.h ../include/openssl/md5.h |
| 155 | d1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 158 | d1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 156 | d1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 159 | d1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -171,20 +174,21 @@ d1_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 171 | d1_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 174 | d1_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 172 | d1_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 175 | d1_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 173 | d1_enc.o: ../include/openssl/err.h ../include/openssl/evp.h | 176 | d1_enc.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 174 | d1_enc.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | 177 | d1_enc.o: ../include/openssl/fips.h ../include/openssl/hmac.h |
| 175 | d1_enc.o: ../include/openssl/lhash.h ../include/openssl/md5.h | 178 | d1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 176 | d1_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 179 | d1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h |
| 177 | d1_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 180 | d1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 178 | d1_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 181 | d1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 179 | d1_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 182 | d1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 180 | d1_enc.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h | 183 | d1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h |
| 181 | d1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h | 184 | d1_enc.o: ../include/openssl/pqueue.h ../include/openssl/rand.h |
| 182 | d1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 185 | d1_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h |
| 183 | d1_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h | 186 | d1_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h |
| 184 | d1_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h | 187 | d1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h |
| 185 | d1_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 188 | d1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h |
| 186 | d1_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h | 189 | d1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h |
| 187 | d1_enc.o: ../include/openssl/x509_vfy.h d1_enc.c ssl_locl.h | 190 | d1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_enc.c |
| 191 | d1_enc.o: ssl_locl.h | ||
| 188 | d1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 192 | d1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 189 | d1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 193 | d1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 190 | d1_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h | 194 | d1_lib.o: ../include/openssl/comp.h ../include/openssl/crypto.h |
| @@ -192,6 +196,7 @@ d1_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 192 | d1_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 196 | d1_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 193 | d1_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 197 | d1_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 194 | d1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h | 198 | d1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 199 | d1_lib.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 195 | d1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 200 | d1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 196 | d1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 201 | d1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 197 | d1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 202 | d1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -212,6 +217,7 @@ d1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 212 | d1_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 217 | d1_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 213 | d1_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 218 | d1_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 214 | d1_meth.o: ../include/openssl/err.h ../include/openssl/evp.h | 219 | d1_meth.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 220 | d1_meth.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 215 | d1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 221 | d1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 216 | d1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 222 | d1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 217 | d1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 223 | d1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -232,6 +238,7 @@ d1_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 232 | d1_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 238 | d1_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 233 | d1_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 239 | d1_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 234 | d1_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h | 240 | d1_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 241 | d1_pkt.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 235 | d1_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 242 | d1_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 236 | d1_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 243 | d1_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 237 | d1_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 244 | d1_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -252,7 +259,8 @@ d1_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h | |||
| 252 | d1_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 259 | d1_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 253 | d1_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 260 | d1_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 254 | d1_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 261 | d1_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h |
| 255 | d1_srvr.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 262 | d1_srvr.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 263 | d1_srvr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 256 | d1_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h | 264 | d1_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h |
| 257 | d1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 265 | d1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 258 | d1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 266 | d1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -272,6 +280,7 @@ kssl.o: ../include/openssl/comp.h ../include/openssl/crypto.h | |||
| 272 | kssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 280 | kssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 273 | kssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 281 | kssl.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 274 | kssl.o: ../include/openssl/ecdsa.h ../include/openssl/evp.h | 282 | kssl.o: ../include/openssl/ecdsa.h ../include/openssl/evp.h |
| 283 | kssl.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 275 | kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h | 284 | kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h |
| 276 | kssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 285 | kssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 277 | kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 286 | kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| @@ -291,6 +300,7 @@ s23_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 291 | s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 300 | s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 292 | s23_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 301 | s23_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 293 | s23_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h | 302 | s23_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 303 | s23_clnt.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 294 | s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 304 | s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 295 | s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 305 | s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 296 | s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 306 | s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -311,6 +321,7 @@ s23_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 311 | s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 321 | s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 312 | s23_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 322 | s23_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 313 | s23_lib.o: ../include/openssl/err.h ../include/openssl/evp.h | 323 | s23_lib.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 324 | s23_lib.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 314 | s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 325 | s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 315 | s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 326 | s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 316 | s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 327 | s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -331,6 +342,7 @@ s23_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 331 | s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 342 | s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 332 | s23_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 343 | s23_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 333 | s23_meth.o: ../include/openssl/err.h ../include/openssl/evp.h | 344 | s23_meth.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 345 | s23_meth.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 334 | s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 346 | s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 335 | s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 347 | s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 336 | s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 348 | s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -351,6 +363,7 @@ s23_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 351 | s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 363 | s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 352 | s23_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 364 | s23_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 353 | s23_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h | 365 | s23_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 366 | s23_pkt.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 354 | s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 367 | s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 355 | s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 368 | s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 356 | s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 369 | s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -371,6 +384,7 @@ s23_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 371 | s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 384 | s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 372 | s23_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 385 | s23_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 373 | s23_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h | 386 | s23_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 387 | s23_srvr.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 374 | s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 388 | s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 375 | s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 389 | s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 376 | s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 390 | s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -391,6 +405,7 @@ s2_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 391 | s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 405 | s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 392 | s2_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 406 | s2_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 393 | s2_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h | 407 | s2_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 408 | s2_clnt.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 394 | s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 409 | s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 395 | s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 410 | s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 396 | s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 411 | s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -411,6 +426,7 @@ s2_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 411 | s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 426 | s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 412 | s2_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 427 | s2_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 413 | s2_enc.o: ../include/openssl/err.h ../include/openssl/evp.h | 428 | s2_enc.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 429 | s2_enc.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 414 | s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 430 | s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 415 | s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 431 | s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 416 | s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 432 | s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -431,6 +447,7 @@ s2_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 431 | s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 447 | s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 432 | s2_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 448 | s2_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 433 | s2_lib.o: ../include/openssl/err.h ../include/openssl/evp.h | 449 | s2_lib.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 450 | s2_lib.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 434 | s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 451 | s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 435 | s2_lib.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h | 452 | s2_lib.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h |
| 436 | s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 453 | s2_lib.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| @@ -451,6 +468,7 @@ s2_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 451 | s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 468 | s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 452 | s2_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 469 | s2_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 453 | s2_meth.o: ../include/openssl/err.h ../include/openssl/evp.h | 470 | s2_meth.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 471 | s2_meth.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 454 | s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 472 | s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 455 | s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 473 | s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 456 | s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 474 | s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -471,6 +489,7 @@ s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 471 | s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 489 | s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 472 | s2_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 490 | s2_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 473 | s2_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h | 491 | s2_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 492 | s2_pkt.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 474 | s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 493 | s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 475 | s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 494 | s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 476 | s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 495 | s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -491,6 +510,7 @@ s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 491 | s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 510 | s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 492 | s2_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 511 | s2_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 493 | s2_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h | 512 | s2_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 513 | s2_srvr.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 494 | s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 514 | s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 495 | s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 515 | s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 496 | s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 516 | s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -511,6 +531,7 @@ s3_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 511 | s3_both.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 531 | s3_both.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 512 | s3_both.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 532 | s3_both.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 513 | s3_both.o: ../include/openssl/err.h ../include/openssl/evp.h | 533 | s3_both.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 534 | s3_both.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 514 | s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 535 | s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 515 | s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 536 | s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 516 | s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 537 | s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -530,21 +551,23 @@ s3_clnt.o: ../include/openssl/comp.h ../include/openssl/crypto.h | |||
| 530 | s3_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h | 551 | s3_clnt.o: ../include/openssl/dh.h ../include/openssl/dsa.h |
| 531 | s3_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 552 | s3_clnt.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 532 | s3_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 553 | s3_clnt.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 533 | s3_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 554 | s3_clnt.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 534 | s3_clnt.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 555 | s3_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 535 | s3_clnt.o: ../include/openssl/lhash.h ../include/openssl/md5.h | 556 | s3_clnt.o: ../include/openssl/fips.h ../include/openssl/hmac.h |
| 536 | s3_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 557 | s3_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 537 | s3_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 558 | s3_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h |
| 538 | s3_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 559 | s3_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 539 | s3_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 560 | s3_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 540 | s3_clnt.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h | 561 | s3_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 541 | s3_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h | 562 | s3_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h |
| 542 | s3_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 563 | s3_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h |
| 543 | s3_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h | 564 | s3_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h |
| 544 | s3_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h | 565 | s3_clnt.o: ../include/openssl/sha.h ../include/openssl/ssl.h |
| 545 | s3_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 566 | s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h |
| 546 | s3_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h | 567 | s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h |
| 547 | s3_clnt.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_clnt.c ssl_locl.h | 568 | s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h |
| 569 | s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h | ||
| 570 | s3_clnt.o: s3_clnt.c ssl_locl.h | ||
| 548 | s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 571 | s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 549 | s3_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 572 | s3_enc.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 550 | s3_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h | 573 | s3_enc.o: ../include/openssl/comp.h ../include/openssl/crypto.h |
| @@ -552,6 +575,7 @@ s3_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 552 | s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 575 | s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 553 | s3_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 576 | s3_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 554 | s3_enc.o: ../include/openssl/err.h ../include/openssl/evp.h | 577 | s3_enc.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 578 | s3_enc.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 555 | s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 579 | s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 556 | s3_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h | 580 | s3_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h |
| 557 | s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 581 | s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| @@ -572,7 +596,8 @@ s3_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h | |||
| 572 | s3_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 596 | s3_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 573 | s3_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 597 | s3_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 574 | s3_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 598 | s3_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h |
| 575 | s3_lib.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 599 | s3_lib.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 600 | s3_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 576 | s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h | 601 | s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h |
| 577 | s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 602 | s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 578 | s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 603 | s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -593,6 +618,7 @@ s3_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 593 | s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 618 | s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 594 | s3_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 619 | s3_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 595 | s3_meth.o: ../include/openssl/err.h ../include/openssl/evp.h | 620 | s3_meth.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 621 | s3_meth.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 596 | s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 622 | s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 597 | s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 623 | s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 598 | s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 624 | s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -613,6 +639,7 @@ s3_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 613 | s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 639 | s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 614 | s3_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 640 | s3_pkt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 615 | s3_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h | 641 | s3_pkt.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 642 | s3_pkt.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 616 | s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 643 | s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 617 | s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 644 | s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 618 | s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 645 | s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -633,21 +660,22 @@ s3_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h | |||
| 633 | s3_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 660 | s3_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 634 | s3_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 661 | s3_srvr.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 635 | s3_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 662 | s3_srvr.o: ../include/openssl/ecdsa.h ../include/openssl/err.h |
| 636 | s3_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h | 663 | s3_srvr.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 637 | s3_srvr.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h | 664 | s3_srvr.o: ../include/openssl/hmac.h ../include/openssl/krb5_asn.h |
| 638 | s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h | 665 | s3_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 639 | s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 666 | s3_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h |
| 640 | s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 667 | s3_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 641 | s3_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 668 | s3_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 642 | s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 669 | s3_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 643 | s3_srvr.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h | 670 | s3_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h |
| 644 | s3_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h | 671 | s3_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h |
| 645 | s3_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 672 | s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h |
| 646 | s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h | 673 | s3_srvr.o: ../include/openssl/sha.h ../include/openssl/ssl.h |
| 647 | s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h | 674 | s3_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h |
| 648 | s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 675 | s3_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h |
| 649 | s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h | 676 | s3_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h |
| 650 | s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h | 677 | s3_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h |
| 678 | s3_srvr.o: s3_srvr.c ssl_locl.h | ||
| 651 | ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 679 | ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 652 | ssl_algs.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 680 | ssl_algs.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 653 | ssl_algs.o: ../include/openssl/comp.h ../include/openssl/crypto.h | 681 | ssl_algs.o: ../include/openssl/comp.h ../include/openssl/crypto.h |
| @@ -655,6 +683,7 @@ ssl_algs.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 655 | ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 683 | ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 656 | ssl_algs.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 684 | ssl_algs.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 657 | ssl_algs.o: ../include/openssl/err.h ../include/openssl/evp.h | 685 | ssl_algs.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 686 | ssl_algs.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 658 | ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 687 | ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 659 | ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 688 | ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 660 | ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 689 | ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -675,7 +704,8 @@ ssl_asn1.o: ../include/openssl/crypto.h ../include/openssl/dsa.h | |||
| 675 | ssl_asn1.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 704 | ssl_asn1.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 676 | ssl_asn1.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 705 | ssl_asn1.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 677 | ssl_asn1.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 706 | ssl_asn1.o: ../include/openssl/ecdsa.h ../include/openssl/err.h |
| 678 | ssl_asn1.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 707 | ssl_asn1.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 708 | ssl_asn1.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 679 | ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 709 | ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 680 | ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 710 | ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 681 | ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 711 | ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| @@ -696,7 +726,8 @@ ssl_cert.o: ../include/openssl/dh.h ../include/openssl/dsa.h | |||
| 696 | ssl_cert.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 726 | ssl_cert.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 697 | ssl_cert.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 727 | ssl_cert.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 698 | ssl_cert.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 728 | ssl_cert.o: ../include/openssl/ecdsa.h ../include/openssl/err.h |
| 699 | ssl_cert.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 729 | ssl_cert.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 730 | ssl_cert.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 700 | ssl_cert.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 731 | ssl_cert.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 701 | ssl_cert.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 732 | ssl_cert.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 702 | ssl_cert.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 733 | ssl_cert.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| @@ -717,6 +748,7 @@ ssl_ciph.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 717 | ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 748 | ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 718 | ssl_ciph.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 749 | ssl_ciph.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 719 | ssl_ciph.o: ../include/openssl/err.h ../include/openssl/evp.h | 750 | ssl_ciph.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 751 | ssl_ciph.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 720 | ssl_ciph.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 752 | ssl_ciph.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 721 | ssl_ciph.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 753 | ssl_ciph.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 722 | ssl_ciph.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 754 | ssl_ciph.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -736,7 +768,8 @@ ssl_err.o: ../include/openssl/comp.h ../include/openssl/crypto.h | |||
| 736 | ssl_err.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 768 | ssl_err.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 737 | ssl_err.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 769 | ssl_err.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 738 | ssl_err.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 770 | ssl_err.o: ../include/openssl/ecdsa.h ../include/openssl/err.h |
| 739 | ssl_err.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 771 | ssl_err.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 772 | ssl_err.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 740 | ssl_err.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 773 | ssl_err.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 741 | ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 774 | ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 742 | ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 775 | ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| @@ -754,7 +787,8 @@ ssl_err2.o: ../include/openssl/comp.h ../include/openssl/crypto.h | |||
| 754 | ssl_err2.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 787 | ssl_err2.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 755 | ssl_err2.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 788 | ssl_err2.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 756 | ssl_err2.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 789 | ssl_err2.o: ../include/openssl/ecdsa.h ../include/openssl/err.h |
| 757 | ssl_err2.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 790 | ssl_err2.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 791 | ssl_err2.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 758 | ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 792 | ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 759 | ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 793 | ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 760 | ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 794 | ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| @@ -773,21 +807,23 @@ ssl_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h | |||
| 773 | ssl_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | 807 | ssl_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h |
| 774 | ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 808 | ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 775 | ssl_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 809 | ssl_lib.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 776 | ssl_lib.o: ../include/openssl/err.h ../include/openssl/evp.h | 810 | ssl_lib.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 777 | ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 811 | ssl_lib.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 778 | ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 812 | ssl_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h |
| 779 | ssl_lib.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 813 | ssl_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 780 | ssl_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 814 | ssl_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 781 | ssl_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 815 | ssl_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 782 | ssl_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h | 816 | ssl_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 783 | ssl_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h | 817 | ssl_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 784 | ssl_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 818 | ssl_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h |
| 785 | ssl_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h | 819 | ssl_lib.o: ../include/openssl/rand.h ../include/openssl/rsa.h |
| 786 | ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h | 820 | ssl_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 787 | ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h | 821 | ssl_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h |
| 788 | ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h | 822 | ssl_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h |
| 789 | ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | 823 | ssl_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 790 | ssl_lib.o: ../include/openssl/x509v3.h kssl_lcl.h ssl_lib.c ssl_locl.h | 824 | ssl_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h |
| 825 | ssl_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h kssl_lcl.h | ||
| 826 | ssl_lib.o: ssl_lib.c ssl_locl.h | ||
| 791 | ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 827 | ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 792 | ssl_rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 828 | ssl_rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 793 | ssl_rsa.o: ../include/openssl/comp.h ../include/openssl/crypto.h | 829 | ssl_rsa.o: ../include/openssl/comp.h ../include/openssl/crypto.h |
| @@ -795,6 +831,7 @@ ssl_rsa.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 795 | ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 831 | ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 796 | ssl_rsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 832 | ssl_rsa.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 797 | ssl_rsa.o: ../include/openssl/err.h ../include/openssl/evp.h | 833 | ssl_rsa.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 834 | ssl_rsa.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 798 | ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 835 | ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 799 | ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 836 | ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 800 | ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 837 | ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -814,20 +851,22 @@ ssl_sess.o: ../include/openssl/comp.h ../include/openssl/crypto.h | |||
| 814 | ssl_sess.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | 851 | ssl_sess.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h |
| 815 | ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 852 | ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 816 | ssl_sess.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 853 | ssl_sess.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 817 | ssl_sess.o: ../include/openssl/err.h ../include/openssl/evp.h | 854 | ssl_sess.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 818 | ssl_sess.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 855 | ssl_sess.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 819 | ssl_sess.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 856 | ssl_sess.o: ../include/openssl/hmac.h ../include/openssl/kssl.h |
| 820 | ssl_sess.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 857 | ssl_sess.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 821 | ssl_sess.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 858 | ssl_sess.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 822 | ssl_sess.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 859 | ssl_sess.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 823 | ssl_sess.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h | 860 | ssl_sess.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 824 | ssl_sess.o: ../include/openssl/rand.h ../include/openssl/rsa.h | 861 | ssl_sess.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h |
| 825 | ssl_sess.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 862 | ssl_sess.o: ../include/openssl/pqueue.h ../include/openssl/rand.h |
| 826 | ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h | 863 | ssl_sess.o: ../include/openssl/rsa.h ../include/openssl/safestack.h |
| 827 | ssl_sess.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h | 864 | ssl_sess.o: ../include/openssl/sha.h ../include/openssl/ssl.h |
| 828 | ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 865 | ssl_sess.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h |
| 829 | ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/x509.h | 866 | ssl_sess.o: ../include/openssl/ssl3.h ../include/openssl/stack.h |
| 830 | ssl_sess.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_sess.c | 867 | ssl_sess.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h |
| 868 | ssl_sess.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h | ||
| 869 | ssl_sess.o: ssl_sess.c | ||
| 831 | ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 870 | ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 832 | ssl_stat.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 871 | ssl_stat.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 833 | ssl_stat.o: ../include/openssl/comp.h ../include/openssl/crypto.h | 872 | ssl_stat.o: ../include/openssl/comp.h ../include/openssl/crypto.h |
| @@ -835,6 +874,7 @@ ssl_stat.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 835 | ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 874 | ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 836 | ssl_stat.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 875 | ssl_stat.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 837 | ssl_stat.o: ../include/openssl/err.h ../include/openssl/evp.h | 876 | ssl_stat.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 877 | ssl_stat.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 838 | ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 878 | ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 839 | ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 879 | ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 840 | ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 880 | ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -855,6 +895,7 @@ ssl_txt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 855 | ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 895 | ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 856 | ssl_txt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 896 | ssl_txt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 857 | ssl_txt.o: ../include/openssl/err.h ../include/openssl/evp.h | 897 | ssl_txt.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 898 | ssl_txt.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 858 | ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 899 | ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 859 | ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 900 | ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 860 | ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 901 | ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -875,6 +916,7 @@ t1_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 875 | t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 916 | t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 876 | t1_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 917 | t1_clnt.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 877 | t1_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h | 918 | t1_clnt.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 919 | t1_clnt.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 878 | t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 920 | t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 879 | t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 921 | t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 880 | t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 922 | t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -895,20 +937,20 @@ t1_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 895 | t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 937 | t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 896 | t1_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 938 | t1_enc.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 897 | t1_enc.o: ../include/openssl/err.h ../include/openssl/evp.h | 939 | t1_enc.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 898 | t1_enc.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | 940 | t1_enc.o: ../include/openssl/fips.h ../include/openssl/hmac.h |
| 899 | t1_enc.o: ../include/openssl/lhash.h ../include/openssl/md5.h | 941 | t1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 900 | t1_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 942 | t1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h |
| 901 | t1_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 943 | t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 902 | t1_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h | 944 | t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 903 | t1_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h | 945 | t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h |
| 904 | t1_enc.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h | 946 | t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h |
| 905 | t1_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | 947 | t1_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h |
| 906 | t1_enc.o: ../include/openssl/sha.h ../include/openssl/ssl.h | 948 | t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 907 | t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h | 949 | t1_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h |
| 908 | t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h | 950 | t1_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h |
| 909 | t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h | 951 | t1_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h |
| 910 | t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h | 952 | t1_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h |
| 911 | t1_enc.o: t1_enc.c | 953 | t1_enc.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_enc.c |
| 912 | t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 954 | t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 913 | t1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 955 | t1_lib.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 914 | t1_lib.o: ../include/openssl/comp.h ../include/openssl/conf.h | 956 | t1_lib.o: ../include/openssl/comp.h ../include/openssl/conf.h |
| @@ -916,21 +958,21 @@ t1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h | |||
| 916 | t1_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h | 958 | t1_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h |
| 917 | t1_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 959 | t1_lib.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 918 | t1_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 960 | t1_lib.o: ../include/openssl/ecdsa.h ../include/openssl/err.h |
| 919 | t1_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h | 961 | t1_lib.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 920 | t1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 962 | t1_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h |
| 921 | t1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 963 | t1_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 922 | t1_lib.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h | 964 | t1_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h |
| 923 | t1_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 965 | t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 924 | t1_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h | 966 | t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h |
| 925 | t1_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pq_compat.h | 967 | t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h |
| 926 | t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h | 968 | t1_lib.o: ../include/openssl/pq_compat.h ../include/openssl/pqueue.h |
| 927 | t1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 969 | t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h |
| 928 | t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h | 970 | t1_lib.o: ../include/openssl/sha.h ../include/openssl/ssl.h |
| 929 | t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h | 971 | t1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h |
| 930 | t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 972 | t1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h |
| 931 | t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h | 973 | t1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h |
| 932 | t1_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssl_locl.h | 974 | t1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h |
| 933 | t1_lib.o: t1_lib.c | 975 | t1_lib.o: ../include/openssl/x509v3.h ssl_locl.h t1_lib.c |
| 934 | t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 976 | t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 935 | t1_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 977 | t1_meth.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 936 | t1_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h | 978 | t1_meth.o: ../include/openssl/comp.h ../include/openssl/crypto.h |
| @@ -938,6 +980,7 @@ t1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 938 | t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 980 | t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 939 | t1_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 981 | t1_meth.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 940 | t1_meth.o: ../include/openssl/err.h ../include/openssl/evp.h | 982 | t1_meth.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 983 | t1_meth.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 941 | t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 984 | t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 942 | t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 985 | t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 943 | t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 986 | t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| @@ -958,6 +1001,7 @@ t1_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 958 | t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 1001 | t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 959 | t1_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 1002 | t1_srvr.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 960 | t1_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h | 1003 | t1_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 1004 | t1_srvr.o: ../include/openssl/fips.h ../include/openssl/hmac.h | ||
| 961 | t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h | 1005 | t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h |
| 962 | t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 1006 | t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 963 | t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 1007 | t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c index c45a8e0a04..bc918170e1 100644 --- a/src/lib/libssl/src/ssl/s23_clnt.c +++ b/src/lib/libssl/src/ssl/s23_clnt.c | |||
| @@ -257,6 +257,14 @@ static int ssl23_client_hello(SSL *s) | |||
| 257 | version_major = TLS1_VERSION_MAJOR; | 257 | version_major = TLS1_VERSION_MAJOR; |
| 258 | version_minor = TLS1_VERSION_MINOR; | 258 | version_minor = TLS1_VERSION_MINOR; |
| 259 | } | 259 | } |
| 260 | #ifdef OPENSSL_FIPS | ||
| 261 | else if(FIPS_mode()) | ||
| 262 | { | ||
| 263 | SSLerr(SSL_F_SSL23_CLIENT_HELLO, | ||
| 264 | SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); | ||
| 265 | return -1; | ||
| 266 | } | ||
| 267 | #endif | ||
| 260 | else if (version == SSL3_VERSION) | 268 | else if (version == SSL3_VERSION) |
| 261 | { | 269 | { |
| 262 | version_major = SSL3_VERSION_MAJOR; | 270 | version_major = SSL3_VERSION_MAJOR; |
| @@ -536,6 +544,14 @@ static int ssl23_get_server_hello(SSL *s) | |||
| 536 | if ((p[2] == SSL3_VERSION_MINOR) && | 544 | if ((p[2] == SSL3_VERSION_MINOR) && |
| 537 | !(s->options & SSL_OP_NO_SSLv3)) | 545 | !(s->options & SSL_OP_NO_SSLv3)) |
| 538 | { | 546 | { |
| 547 | #ifdef OPENSSL_FIPS | ||
| 548 | if(FIPS_mode()) | ||
| 549 | { | ||
| 550 | SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, | ||
| 551 | SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); | ||
| 552 | goto err; | ||
| 553 | } | ||
| 554 | #endif | ||
| 539 | s->version=SSL3_VERSION; | 555 | s->version=SSL3_VERSION; |
| 540 | s->method=SSLv3_client_method(); | 556 | s->method=SSLv3_client_method(); |
| 541 | } | 557 | } |
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c index 6637bb9549..ba06e7ae2e 100644 --- a/src/lib/libssl/src/ssl/s23_srvr.c +++ b/src/lib/libssl/src/ssl/s23_srvr.c | |||
| @@ -386,6 +386,15 @@ int ssl23_get_client_hello(SSL *s) | |||
| 386 | } | 386 | } |
| 387 | } | 387 | } |
| 388 | 388 | ||
| 389 | #ifdef OPENSSL_FIPS | ||
| 390 | if (FIPS_mode() && (s->version < TLS1_VERSION)) | ||
| 391 | { | ||
| 392 | SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, | ||
| 393 | SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); | ||
| 394 | goto err; | ||
| 395 | } | ||
| 396 | #endif | ||
| 397 | |||
| 389 | if (s->state == SSL23_ST_SR_CLNT_HELLO_B) | 398 | if (s->state == SSL23_ST_SR_CLNT_HELLO_B) |
| 390 | { | 399 | { |
| 391 | /* we have SSLv3/TLSv1 in an SSLv2 header | 400 | /* we have SSLv3/TLSv1 in an SSLv2 header |
diff --git a/src/lib/libssl/src/ssl/s2_clnt.c b/src/lib/libssl/src/ssl/s2_clnt.c index e2a90a3ca2..782129cd5d 100644 --- a/src/lib/libssl/src/ssl/s2_clnt.c +++ b/src/lib/libssl/src/ssl/s2_clnt.c | |||
| @@ -1044,7 +1044,7 @@ int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data) | |||
| 1044 | 1044 | ||
| 1045 | i=ssl_verify_cert_chain(s,sk); | 1045 | i=ssl_verify_cert_chain(s,sk); |
| 1046 | 1046 | ||
| 1047 | if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)) | 1047 | if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) |
| 1048 | { | 1048 | { |
| 1049 | SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED); | 1049 | SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED); |
| 1050 | goto err; | 1050 | goto err; |
diff --git a/src/lib/libssl/src/ssl/s2_srvr.c b/src/lib/libssl/src/ssl/s2_srvr.c index 0daf2b129d..50d55e6bf1 100644 --- a/src/lib/libssl/src/ssl/s2_srvr.c +++ b/src/lib/libssl/src/ssl/s2_srvr.c | |||
| @@ -1054,7 +1054,7 @@ static int request_certificate(SSL *s) | |||
| 1054 | 1054 | ||
| 1055 | i=ssl_verify_cert_chain(s,sk); | 1055 | i=ssl_verify_cert_chain(s,sk); |
| 1056 | 1056 | ||
| 1057 | if (i) /* we like the packet, now check the chksum */ | 1057 | if (i > 0) /* we like the packet, now check the chksum */ |
| 1058 | { | 1058 | { |
| 1059 | EVP_MD_CTX ctx; | 1059 | EVP_MD_CTX ctx; |
| 1060 | EVP_PKEY *pkey=NULL; | 1060 | EVP_PKEY *pkey=NULL; |
| @@ -1083,7 +1083,7 @@ static int request_certificate(SSL *s) | |||
| 1083 | EVP_PKEY_free(pkey); | 1083 | EVP_PKEY_free(pkey); |
| 1084 | EVP_MD_CTX_cleanup(&ctx); | 1084 | EVP_MD_CTX_cleanup(&ctx); |
| 1085 | 1085 | ||
| 1086 | if (i) | 1086 | if (i > 0) |
| 1087 | { | 1087 | { |
| 1088 | if (s->session->peer != NULL) | 1088 | if (s->session->peer != NULL) |
| 1089 | X509_free(s->session->peer); | 1089 | X509_free(s->session->peer); |
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c index f6864cdc50..5fd3520caf 100644 --- a/src/lib/libssl/src/ssl/s3_clnt.c +++ b/src/lib/libssl/src/ssl/s3_clnt.c | |||
| @@ -130,10 +130,17 @@ | |||
| 130 | #include <openssl/objects.h> | 130 | #include <openssl/objects.h> |
| 131 | #include <openssl/evp.h> | 131 | #include <openssl/evp.h> |
| 132 | #include <openssl/md5.h> | 132 | #include <openssl/md5.h> |
| 133 | #ifdef OPENSSL_FIPS | ||
| 134 | #include <openssl/fips.h> | ||
| 135 | #endif | ||
| 136 | |||
| 133 | #ifndef OPENSSL_NO_DH | 137 | #ifndef OPENSSL_NO_DH |
| 134 | #include <openssl/dh.h> | 138 | #include <openssl/dh.h> |
| 135 | #endif | 139 | #endif |
| 136 | #include <openssl/bn.h> | 140 | #include <openssl/bn.h> |
| 141 | #ifndef OPENSSL_NO_ENGINE | ||
| 142 | #include <openssl/engine.h> | ||
| 143 | #endif | ||
| 137 | 144 | ||
| 138 | static SSL_METHOD *ssl3_get_client_method(int ver); | 145 | static SSL_METHOD *ssl3_get_client_method(int ver); |
| 139 | static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b); | 146 | static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b); |
| @@ -965,7 +972,7 @@ int ssl3_get_server_certificate(SSL *s) | |||
| 965 | } | 972 | } |
| 966 | 973 | ||
| 967 | i=ssl_verify_cert_chain(s,sk); | 974 | i=ssl_verify_cert_chain(s,sk); |
| 968 | if ((s->verify_mode != SSL_VERIFY_NONE) && (!i) | 975 | if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0) |
| 969 | #ifndef OPENSSL_NO_KRB5 | 976 | #ifndef OPENSSL_NO_KRB5 |
| 970 | && (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK)) | 977 | && (s->s3->tmp.new_cipher->algorithms & (SSL_MKEY_MASK|SSL_AUTH_MASK)) |
| 971 | != (SSL_aKRB5|SSL_kKRB5) | 978 | != (SSL_aKRB5|SSL_kKRB5) |
| @@ -999,7 +1006,7 @@ int ssl3_get_server_certificate(SSL *s) | |||
| 999 | == (SSL_aKRB5|SSL_kKRB5))? 0: 1; | 1006 | == (SSL_aKRB5|SSL_kKRB5))? 0: 1; |
| 1000 | 1007 | ||
| 1001 | #ifdef KSSL_DEBUG | 1008 | #ifdef KSSL_DEBUG |
| 1002 | printf("pkey,x = %p, %p\n", pkey,x); | 1009 | printf("pkey,x = %p, %p\n", (void *)pkey,(void *)x); |
| 1003 | printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey)); | 1010 | printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey)); |
| 1004 | printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name, | 1011 | printf("cipher, alg, nc = %s, %lx, %d\n", s->s3->tmp.new_cipher->name, |
| 1005 | s->s3->tmp.new_cipher->algorithms, need_cert); | 1012 | s->s3->tmp.new_cipher->algorithms, need_cert); |
| @@ -1415,6 +1422,8 @@ int ssl3_get_key_exchange(SSL *s) | |||
| 1415 | q=md_buf; | 1422 | q=md_buf; |
| 1416 | for (num=2; num > 0; num--) | 1423 | for (num=2; num > 0; num--) |
| 1417 | { | 1424 | { |
| 1425 | EVP_MD_CTX_set_flags(&md_ctx, | ||
| 1426 | EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 1418 | EVP_DigestInit_ex(&md_ctx,(num == 2) | 1427 | EVP_DigestInit_ex(&md_ctx,(num == 2) |
| 1419 | ?s->ctx->md5:s->ctx->sha1, NULL); | 1428 | ?s->ctx->md5:s->ctx->sha1, NULL); |
| 1420 | EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); | 1429 | EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); |
| @@ -1450,7 +1459,7 @@ int ssl3_get_key_exchange(SSL *s) | |||
| 1450 | EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); | 1459 | EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); |
| 1451 | EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); | 1460 | EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); |
| 1452 | EVP_VerifyUpdate(&md_ctx,param,param_len); | 1461 | EVP_VerifyUpdate(&md_ctx,param,param_len); |
| 1453 | if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey)) | 1462 | if (EVP_VerifyFinal(&md_ctx,p,(int)n,pkey) <= 0) |
| 1454 | { | 1463 | { |
| 1455 | /* bad signature */ | 1464 | /* bad signature */ |
| 1456 | al=SSL_AD_DECRYPT_ERROR; | 1465 | al=SSL_AD_DECRYPT_ERROR; |
| @@ -1468,7 +1477,7 @@ int ssl3_get_key_exchange(SSL *s) | |||
| 1468 | EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); | 1477 | EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); |
| 1469 | EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); | 1478 | EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); |
| 1470 | EVP_VerifyUpdate(&md_ctx,param,param_len); | 1479 | EVP_VerifyUpdate(&md_ctx,param,param_len); |
| 1471 | if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey)) | 1480 | if (EVP_VerifyFinal(&md_ctx,p,(int)n,pkey) <= 0) |
| 1472 | { | 1481 | { |
| 1473 | /* bad signature */ | 1482 | /* bad signature */ |
| 1474 | al=SSL_AD_DECRYPT_ERROR; | 1483 | al=SSL_AD_DECRYPT_ERROR; |
| @@ -1768,7 +1777,7 @@ int ssl3_get_cert_status(SSL *s) | |||
| 1768 | goto f_err; | 1777 | goto f_err; |
| 1769 | } | 1778 | } |
| 1770 | n2l3(p, resplen); | 1779 | n2l3(p, resplen); |
| 1771 | if (resplen + 4 != n) | 1780 | if (resplen + 4 != (unsigned long)n) |
| 1772 | { | 1781 | { |
| 1773 | al = SSL_AD_DECODE_ERROR; | 1782 | al = SSL_AD_DECODE_ERROR; |
| 1774 | SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_LENGTH_MISMATCH); | 1783 | SSLerr(SSL_F_SSL3_GET_CERT_STATUS,SSL_R_LENGTH_MISMATCH); |
| @@ -2061,12 +2070,12 @@ int ssl3_send_client_key_exchange(SSL *s) | |||
| 2061 | { | 2070 | { |
| 2062 | DH *dh_srvr,*dh_clnt; | 2071 | DH *dh_srvr,*dh_clnt; |
| 2063 | 2072 | ||
| 2064 | if (s->session->sess_cert == NULL) | 2073 | if (s->session->sess_cert == NULL) |
| 2065 | { | 2074 | { |
| 2066 | ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); | 2075 | ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); |
| 2067 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); | 2076 | SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNEXPECTED_MESSAGE); |
| 2068 | goto err; | 2077 | goto err; |
| 2069 | } | 2078 | } |
| 2070 | 2079 | ||
| 2071 | if (s->session->sess_cert->peer_dh_tmp != NULL) | 2080 | if (s->session->sess_cert->peer_dh_tmp != NULL) |
| 2072 | dh_srvr=s->session->sess_cert->peer_dh_tmp; | 2081 | dh_srvr=s->session->sess_cert->peer_dh_tmp; |
| @@ -2448,8 +2457,7 @@ int ssl3_send_client_certificate(SSL *s) | |||
| 2448 | * ssl->rwstate=SSL_X509_LOOKUP; return(-1); | 2457 | * ssl->rwstate=SSL_X509_LOOKUP; return(-1); |
| 2449 | * We then get retied later */ | 2458 | * We then get retied later */ |
| 2450 | i=0; | 2459 | i=0; |
| 2451 | if (s->ctx->client_cert_cb != NULL) | 2460 | i = ssl_do_client_cert_cb(s, &x509, &pkey); |
| 2452 | i=s->ctx->client_cert_cb(s,&(x509),&(pkey)); | ||
| 2453 | if (i < 0) | 2461 | if (i < 0) |
| 2454 | { | 2462 | { |
| 2455 | s->rwstate=SSL_X509_LOOKUP; | 2463 | s->rwstate=SSL_X509_LOOKUP; |
| @@ -2716,3 +2724,21 @@ static int ssl3_check_finished(SSL *s) | |||
| 2716 | return 1; | 2724 | return 1; |
| 2717 | } | 2725 | } |
| 2718 | #endif | 2726 | #endif |
| 2727 | |||
| 2728 | int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey) | ||
| 2729 | { | ||
| 2730 | int i = 0; | ||
| 2731 | #ifndef OPENSSL_NO_ENGINE | ||
| 2732 | if (s->ctx->client_cert_engine) | ||
| 2733 | { | ||
| 2734 | i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s, | ||
| 2735 | SSL_get_client_CA_list(s), | ||
| 2736 | px509, ppkey, NULL, NULL, NULL); | ||
| 2737 | if (i != 0) | ||
| 2738 | return i; | ||
| 2739 | } | ||
| 2740 | #endif | ||
| 2741 | if (s->ctx->client_cert_cb) | ||
| 2742 | i = s->ctx->client_cert_cb(s,px509,ppkey); | ||
| 2743 | return i; | ||
| 2744 | } | ||
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c index 2859351b00..06e54666b2 100644 --- a/src/lib/libssl/src/ssl/s3_enc.c +++ b/src/lib/libssl/src/ssl/s3_enc.c | |||
| @@ -146,6 +146,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) | |||
| 146 | #endif | 146 | #endif |
| 147 | k=0; | 147 | k=0; |
| 148 | EVP_MD_CTX_init(&m5); | 148 | EVP_MD_CTX_init(&m5); |
| 149 | EVP_MD_CTX_set_flags(&m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 149 | EVP_MD_CTX_init(&s1); | 150 | EVP_MD_CTX_init(&s1); |
| 150 | for (i=0; (int)i<num; i+=MD5_DIGEST_LENGTH) | 151 | for (i=0; (int)i<num; i+=MD5_DIGEST_LENGTH) |
| 151 | { | 152 | { |
| @@ -518,6 +519,8 @@ int ssl3_enc(SSL *s, int send) | |||
| 518 | 519 | ||
| 519 | void ssl3_init_finished_mac(SSL *s) | 520 | void ssl3_init_finished_mac(SSL *s) |
| 520 | { | 521 | { |
| 522 | EVP_MD_CTX_set_flags(&(s->s3->finish_dgst1), | ||
| 523 | EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 521 | EVP_DigestInit_ex(&(s->s3->finish_dgst1),s->ctx->md5, NULL); | 524 | EVP_DigestInit_ex(&(s->s3->finish_dgst1),s->ctx->md5, NULL); |
| 522 | EVP_DigestInit_ex(&(s->s3->finish_dgst2),s->ctx->sha1, NULL); | 525 | EVP_DigestInit_ex(&(s->s3->finish_dgst2),s->ctx->sha1, NULL); |
| 523 | } | 526 | } |
| @@ -554,6 +557,7 @@ static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx, | |||
| 554 | EVP_MD_CTX ctx; | 557 | EVP_MD_CTX ctx; |
| 555 | 558 | ||
| 556 | EVP_MD_CTX_init(&ctx); | 559 | EVP_MD_CTX_init(&ctx); |
| 560 | EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 557 | EVP_MD_CTX_copy_ex(&ctx,in_ctx); | 561 | EVP_MD_CTX_copy_ex(&ctx,in_ctx); |
| 558 | 562 | ||
| 559 | n=EVP_MD_CTX_size(&ctx); | 563 | n=EVP_MD_CTX_size(&ctx); |
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c index bdbcd44f27..8916a0b1b3 100644 --- a/src/lib/libssl/src/ssl/s3_lib.c +++ b/src/lib/libssl/src/ssl/s3_lib.c | |||
| @@ -158,7 +158,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 158 | SSL3_TXT_RSA_NULL_SHA, | 158 | SSL3_TXT_RSA_NULL_SHA, |
| 159 | SSL3_CK_RSA_NULL_SHA, | 159 | SSL3_CK_RSA_NULL_SHA, |
| 160 | SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3, | 160 | SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3, |
| 161 | SSL_NOT_EXP|SSL_STRONG_NONE, | 161 | SSL_NOT_EXP|SSL_STRONG_NONE|SSL_FIPS, |
| 162 | 0, | 162 | 0, |
| 163 | 0, | 163 | 0, |
| 164 | 0, | 164 | 0, |
| @@ -264,7 +264,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 264 | SSL3_TXT_RSA_DES_192_CBC3_SHA, | 264 | SSL3_TXT_RSA_DES_192_CBC3_SHA, |
| 265 | SSL3_CK_RSA_DES_192_CBC3_SHA, | 265 | SSL3_CK_RSA_DES_192_CBC3_SHA, |
| 266 | SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3, | 266 | SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3, |
| 267 | SSL_NOT_EXP|SSL_HIGH, | 267 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 268 | 0, | 268 | 0, |
| 269 | 168, | 269 | 168, |
| 270 | 168, | 270 | 168, |
| @@ -304,7 +304,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 304 | SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, | 304 | SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, |
| 305 | SSL3_CK_DH_DSS_DES_192_CBC3_SHA, | 305 | SSL3_CK_DH_DSS_DES_192_CBC3_SHA, |
| 306 | SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3, | 306 | SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3, |
| 307 | SSL_NOT_EXP|SSL_HIGH, | 307 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 308 | 0, | 308 | 0, |
| 309 | 168, | 309 | 168, |
| 310 | 168, | 310 | 168, |
| @@ -343,7 +343,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 343 | SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, | 343 | SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, |
| 344 | SSL3_CK_DH_RSA_DES_192_CBC3_SHA, | 344 | SSL3_CK_DH_RSA_DES_192_CBC3_SHA, |
| 345 | SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3, | 345 | SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3, |
| 346 | SSL_NOT_EXP|SSL_HIGH, | 346 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 347 | 0, | 347 | 0, |
| 348 | 168, | 348 | 168, |
| 349 | 168, | 349 | 168, |
| @@ -384,7 +384,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 384 | SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, | 384 | SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, |
| 385 | SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, | 385 | SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, |
| 386 | SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3, | 386 | SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3, |
| 387 | SSL_NOT_EXP|SSL_HIGH, | 387 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 388 | 0, | 388 | 0, |
| 389 | 168, | 389 | 168, |
| 390 | 168, | 390 | 168, |
| @@ -423,7 +423,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 423 | SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, | 423 | SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, |
| 424 | SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, | 424 | SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, |
| 425 | SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3, | 425 | SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3, |
| 426 | SSL_NOT_EXP|SSL_HIGH, | 426 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 427 | 0, | 427 | 0, |
| 428 | 168, | 428 | 168, |
| 429 | 168, | 429 | 168, |
| @@ -488,7 +488,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 488 | SSL3_TXT_ADH_DES_192_CBC_SHA, | 488 | SSL3_TXT_ADH_DES_192_CBC_SHA, |
| 489 | SSL3_CK_ADH_DES_192_CBC_SHA, | 489 | SSL3_CK_ADH_DES_192_CBC_SHA, |
| 490 | SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3, | 490 | SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3, |
| 491 | SSL_NOT_EXP|SSL_HIGH, | 491 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 492 | 0, | 492 | 0, |
| 493 | 168, | 493 | 168, |
| 494 | 168, | 494 | 168, |
| @@ -563,7 +563,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 563 | SSL3_TXT_KRB5_DES_192_CBC3_SHA, | 563 | SSL3_TXT_KRB5_DES_192_CBC3_SHA, |
| 564 | SSL3_CK_KRB5_DES_192_CBC3_SHA, | 564 | SSL3_CK_KRB5_DES_192_CBC3_SHA, |
| 565 | SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, | 565 | SSL_kKRB5|SSL_aKRB5| SSL_3DES|SSL_SHA1 |SSL_SSLV3, |
| 566 | SSL_NOT_EXP|SSL_HIGH, | 566 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 567 | 0, | 567 | 0, |
| 568 | 168, | 568 | 168, |
| 569 | 168, | 569 | 168, |
| @@ -747,7 +747,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 747 | TLS1_TXT_RSA_WITH_AES_128_SHA, | 747 | TLS1_TXT_RSA_WITH_AES_128_SHA, |
| 748 | TLS1_CK_RSA_WITH_AES_128_SHA, | 748 | TLS1_CK_RSA_WITH_AES_128_SHA, |
| 749 | SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1, | 749 | SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1, |
| 750 | SSL_NOT_EXP|SSL_HIGH, | 750 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 751 | 0, | 751 | 0, |
| 752 | 128, | 752 | 128, |
| 753 | 128, | 753 | 128, |
| @@ -760,7 +760,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 760 | TLS1_TXT_DH_DSS_WITH_AES_128_SHA, | 760 | TLS1_TXT_DH_DSS_WITH_AES_128_SHA, |
| 761 | TLS1_CK_DH_DSS_WITH_AES_128_SHA, | 761 | TLS1_CK_DH_DSS_WITH_AES_128_SHA, |
| 762 | SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, | 762 | SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, |
| 763 | SSL_NOT_EXP|SSL_HIGH, | 763 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 764 | 0, | 764 | 0, |
| 765 | 128, | 765 | 128, |
| 766 | 128, | 766 | 128, |
| @@ -773,7 +773,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 773 | TLS1_TXT_DH_RSA_WITH_AES_128_SHA, | 773 | TLS1_TXT_DH_RSA_WITH_AES_128_SHA, |
| 774 | TLS1_CK_DH_RSA_WITH_AES_128_SHA, | 774 | TLS1_CK_DH_RSA_WITH_AES_128_SHA, |
| 775 | SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, | 775 | SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, |
| 776 | SSL_NOT_EXP|SSL_HIGH, | 776 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 777 | 0, | 777 | 0, |
| 778 | 128, | 778 | 128, |
| 779 | 128, | 779 | 128, |
| @@ -786,7 +786,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 786 | TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, | 786 | TLS1_TXT_DHE_DSS_WITH_AES_128_SHA, |
| 787 | TLS1_CK_DHE_DSS_WITH_AES_128_SHA, | 787 | TLS1_CK_DHE_DSS_WITH_AES_128_SHA, |
| 788 | SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1, | 788 | SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1, |
| 789 | SSL_NOT_EXP|SSL_HIGH, | 789 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 790 | 0, | 790 | 0, |
| 791 | 128, | 791 | 128, |
| 792 | 128, | 792 | 128, |
| @@ -799,7 +799,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 799 | TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, | 799 | TLS1_TXT_DHE_RSA_WITH_AES_128_SHA, |
| 800 | TLS1_CK_DHE_RSA_WITH_AES_128_SHA, | 800 | TLS1_CK_DHE_RSA_WITH_AES_128_SHA, |
| 801 | SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1, | 801 | SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1, |
| 802 | SSL_NOT_EXP|SSL_HIGH, | 802 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 803 | 0, | 803 | 0, |
| 804 | 128, | 804 | 128, |
| 805 | 128, | 805 | 128, |
| @@ -812,7 +812,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 812 | TLS1_TXT_ADH_WITH_AES_128_SHA, | 812 | TLS1_TXT_ADH_WITH_AES_128_SHA, |
| 813 | TLS1_CK_ADH_WITH_AES_128_SHA, | 813 | TLS1_CK_ADH_WITH_AES_128_SHA, |
| 814 | SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1, | 814 | SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1, |
| 815 | SSL_NOT_EXP|SSL_HIGH, | 815 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 816 | 0, | 816 | 0, |
| 817 | 128, | 817 | 128, |
| 818 | 128, | 818 | 128, |
| @@ -826,7 +826,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 826 | TLS1_TXT_RSA_WITH_AES_256_SHA, | 826 | TLS1_TXT_RSA_WITH_AES_256_SHA, |
| 827 | TLS1_CK_RSA_WITH_AES_256_SHA, | 827 | TLS1_CK_RSA_WITH_AES_256_SHA, |
| 828 | SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1, | 828 | SSL_kRSA|SSL_aRSA|SSL_AES|SSL_SHA |SSL_TLSV1, |
| 829 | SSL_NOT_EXP|SSL_HIGH, | 829 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 830 | 0, | 830 | 0, |
| 831 | 256, | 831 | 256, |
| 832 | 256, | 832 | 256, |
| @@ -839,7 +839,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 839 | TLS1_TXT_DH_DSS_WITH_AES_256_SHA, | 839 | TLS1_TXT_DH_DSS_WITH_AES_256_SHA, |
| 840 | TLS1_CK_DH_DSS_WITH_AES_256_SHA, | 840 | TLS1_CK_DH_DSS_WITH_AES_256_SHA, |
| 841 | SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, | 841 | SSL_kDHd|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, |
| 842 | SSL_NOT_EXP|SSL_HIGH, | 842 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 843 | 0, | 843 | 0, |
| 844 | 256, | 844 | 256, |
| 845 | 256, | 845 | 256, |
| @@ -852,7 +852,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 852 | TLS1_TXT_DH_RSA_WITH_AES_256_SHA, | 852 | TLS1_TXT_DH_RSA_WITH_AES_256_SHA, |
| 853 | TLS1_CK_DH_RSA_WITH_AES_256_SHA, | 853 | TLS1_CK_DH_RSA_WITH_AES_256_SHA, |
| 854 | SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, | 854 | SSL_kDHr|SSL_aDH|SSL_AES|SSL_SHA|SSL_TLSV1, |
| 855 | SSL_NOT_EXP|SSL_HIGH, | 855 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 856 | 0, | 856 | 0, |
| 857 | 256, | 857 | 256, |
| 858 | 256, | 858 | 256, |
| @@ -865,7 +865,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 865 | TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, | 865 | TLS1_TXT_DHE_DSS_WITH_AES_256_SHA, |
| 866 | TLS1_CK_DHE_DSS_WITH_AES_256_SHA, | 866 | TLS1_CK_DHE_DSS_WITH_AES_256_SHA, |
| 867 | SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1, | 867 | SSL_kEDH|SSL_aDSS|SSL_AES|SSL_SHA|SSL_TLSV1, |
| 868 | SSL_NOT_EXP|SSL_HIGH, | 868 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 869 | 0, | 869 | 0, |
| 870 | 256, | 870 | 256, |
| 871 | 256, | 871 | 256, |
| @@ -878,7 +878,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 878 | TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, | 878 | TLS1_TXT_DHE_RSA_WITH_AES_256_SHA, |
| 879 | TLS1_CK_DHE_RSA_WITH_AES_256_SHA, | 879 | TLS1_CK_DHE_RSA_WITH_AES_256_SHA, |
| 880 | SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1, | 880 | SSL_kEDH|SSL_aRSA|SSL_AES|SSL_SHA|SSL_TLSV1, |
| 881 | SSL_NOT_EXP|SSL_HIGH, | 881 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 882 | 0, | 882 | 0, |
| 883 | 256, | 883 | 256, |
| 884 | 256, | 884 | 256, |
| @@ -891,7 +891,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ | |||
| 891 | TLS1_TXT_ADH_WITH_AES_256_SHA, | 891 | TLS1_TXT_ADH_WITH_AES_256_SHA, |
| 892 | TLS1_CK_ADH_WITH_AES_256_SHA, | 892 | TLS1_CK_ADH_WITH_AES_256_SHA, |
| 893 | SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1, | 893 | SSL_kEDH|SSL_aNULL|SSL_AES|SSL_SHA|SSL_TLSV1, |
| 894 | SSL_NOT_EXP|SSL_HIGH, | 894 | SSL_NOT_EXP|SSL_HIGH|SSL_FIPS, |
| 895 | 0, | 895 | 0, |
| 896 | 256, | 896 | 256, |
| 897 | 256, | 897 | 256, |
diff --git a/src/lib/libssl/src/ssl/s3_pkt.c b/src/lib/libssl/src/ssl/s3_pkt.c index 44c7c143fe..9476dcddf6 100644 --- a/src/lib/libssl/src/ssl/s3_pkt.c +++ b/src/lib/libssl/src/ssl/s3_pkt.c | |||
| @@ -753,8 +753,15 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, | |||
| 753 | s->rwstate=SSL_NOTHING; | 753 | s->rwstate=SSL_NOTHING; |
| 754 | return(s->s3->wpend_ret); | 754 | return(s->s3->wpend_ret); |
| 755 | } | 755 | } |
| 756 | else if (i <= 0) | 756 | else if (i <= 0) { |
| 757 | if (s->version == DTLS1_VERSION || | ||
| 758 | s->version == DTLS1_BAD_VER) { | ||
| 759 | /* For DTLS, just drop it. That's kind of the whole | ||
| 760 | point in using a datagram service */ | ||
| 761 | s->s3->wbuf.left = 0; | ||
| 762 | } | ||
| 757 | return(i); | 763 | return(i); |
| 764 | } | ||
| 758 | s->s3->wbuf.offset+=i; | 765 | s->s3->wbuf.offset+=i; |
| 759 | s->s3->wbuf.left-=i; | 766 | s->s3->wbuf.left-=i; |
| 760 | } | 767 | } |
| @@ -1225,6 +1232,13 @@ int ssl3_do_change_cipher_spec(SSL *s) | |||
| 1225 | 1232 | ||
| 1226 | if (s->s3->tmp.key_block == NULL) | 1233 | if (s->s3->tmp.key_block == NULL) |
| 1227 | { | 1234 | { |
| 1235 | if (s->session == NULL) | ||
| 1236 | { | ||
| 1237 | /* might happen if dtls1_read_bytes() calls this */ | ||
| 1238 | SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY); | ||
| 1239 | return (0); | ||
| 1240 | } | ||
| 1241 | |||
| 1228 | s->session->cipher=s->s3->tmp.new_cipher; | 1242 | s->session->cipher=s->s3->tmp.new_cipher; |
| 1229 | if (!s->method->ssl3_enc->setup_key_block(s)) return(0); | 1243 | if (!s->method->ssl3_enc->setup_key_block(s)) return(0); |
| 1230 | } | 1244 | } |
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c index 903522ab59..80b45eb86f 100644 --- a/src/lib/libssl/src/ssl/s3_srvr.c +++ b/src/lib/libssl/src/ssl/s3_srvr.c | |||
| @@ -902,22 +902,28 @@ int ssl3_get_client_hello(SSL *s) | |||
| 902 | break; | 902 | break; |
| 903 | } | 903 | } |
| 904 | } | 904 | } |
| 905 | if (j == 0) | 905 | if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1)) |
| 906 | { | 906 | { |
| 907 | if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1)) | 907 | /* Special case as client bug workaround: the previously used cipher may |
| 908 | { | 908 | * not be in the current list, the client instead might be trying to |
| 909 | /* Very bad for multi-threading.... */ | 909 | * continue using a cipher that before wasn't chosen due to server |
| 910 | s->session->cipher=sk_SSL_CIPHER_value(ciphers, 0); | 910 | * preferences. We'll have to reject the connection if the cipher is not |
| 911 | } | 911 | * enabled, though. */ |
| 912 | else | 912 | c = sk_SSL_CIPHER_value(ciphers, 0); |
| 913 | if (sk_SSL_CIPHER_find(SSL_get_ciphers(s), c) >= 0) | ||
| 913 | { | 914 | { |
| 914 | /* we need to have the cipher in the cipher | 915 | s->session->cipher = c; |
| 915 | * list if we are asked to reuse it */ | 916 | j = 1; |
| 916 | al=SSL_AD_ILLEGAL_PARAMETER; | ||
| 917 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING); | ||
| 918 | goto f_err; | ||
| 919 | } | 917 | } |
| 920 | } | 918 | } |
| 919 | if (j == 0) | ||
| 920 | { | ||
| 921 | /* we need to have the cipher in the cipher | ||
| 922 | * list if we are asked to reuse it */ | ||
| 923 | al=SSL_AD_ILLEGAL_PARAMETER; | ||
| 924 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING); | ||
| 925 | goto f_err; | ||
| 926 | } | ||
| 921 | } | 927 | } |
| 922 | 928 | ||
| 923 | /* compression */ | 929 | /* compression */ |
| @@ -1172,13 +1178,13 @@ int ssl3_send_server_hello(SSL *s) | |||
| 1172 | *(d++)=SSL3_MT_SERVER_HELLO; | 1178 | *(d++)=SSL3_MT_SERVER_HELLO; |
| 1173 | l2n3(l,d); | 1179 | l2n3(l,d); |
| 1174 | 1180 | ||
| 1175 | s->state=SSL3_ST_CW_CLNT_HELLO_B; | 1181 | s->state=SSL3_ST_SW_SRVR_HELLO_B; |
| 1176 | /* number of bytes to write */ | 1182 | /* number of bytes to write */ |
| 1177 | s->init_num=p-buf; | 1183 | s->init_num=p-buf; |
| 1178 | s->init_off=0; | 1184 | s->init_off=0; |
| 1179 | } | 1185 | } |
| 1180 | 1186 | ||
| 1181 | /* SSL3_ST_CW_CLNT_HELLO_B */ | 1187 | /* SSL3_ST_SW_SRVR_HELLO_B */ |
| 1182 | return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); | 1188 | return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); |
| 1183 | } | 1189 | } |
| 1184 | 1190 | ||
| @@ -1202,7 +1208,7 @@ int ssl3_send_server_done(SSL *s) | |||
| 1202 | s->init_off=0; | 1208 | s->init_off=0; |
| 1203 | } | 1209 | } |
| 1204 | 1210 | ||
| 1205 | /* SSL3_ST_CW_CLNT_HELLO_B */ | 1211 | /* SSL3_ST_SW_SRVR_DONE_B */ |
| 1206 | return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); | 1212 | return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); |
| 1207 | } | 1213 | } |
| 1208 | 1214 | ||
| @@ -1540,6 +1546,8 @@ int ssl3_send_server_key_exchange(SSL *s) | |||
| 1540 | j=0; | 1546 | j=0; |
| 1541 | for (num=2; num > 0; num--) | 1547 | for (num=2; num > 0; num--) |
| 1542 | { | 1548 | { |
| 1549 | EVP_MD_CTX_set_flags(&md_ctx, | ||
| 1550 | EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 1543 | EVP_DigestInit_ex(&md_ctx,(num == 2) | 1551 | EVP_DigestInit_ex(&md_ctx,(num == 2) |
| 1544 | ?s->ctx->md5:s->ctx->sha1, NULL); | 1552 | ?s->ctx->md5:s->ctx->sha1, NULL); |
| 1545 | EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); | 1553 | EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); |
| @@ -2558,7 +2566,7 @@ int ssl3_get_client_certificate(SSL *s) | |||
| 2558 | else | 2566 | else |
| 2559 | { | 2567 | { |
| 2560 | i=ssl_verify_cert_chain(s,sk); | 2568 | i=ssl_verify_cert_chain(s,sk); |
| 2561 | if (!i) | 2569 | if (i <= 0) |
| 2562 | { | 2570 | { |
| 2563 | al=ssl_verify_alarm_type(s->verify_result); | 2571 | al=ssl_verify_alarm_type(s->verify_result); |
| 2564 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED); | 2572 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED); |
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h index 6df921f3c1..ff8a128d3c 100644 --- a/src/lib/libssl/src/ssl/ssl.h +++ b/src/lib/libssl/src/ssl/ssl.h | |||
| @@ -252,6 +252,7 @@ extern "C" { | |||
| 252 | #define SSL_TXT_LOW "LOW" | 252 | #define SSL_TXT_LOW "LOW" |
| 253 | #define SSL_TXT_MEDIUM "MEDIUM" | 253 | #define SSL_TXT_MEDIUM "MEDIUM" |
| 254 | #define SSL_TXT_HIGH "HIGH" | 254 | #define SSL_TXT_HIGH "HIGH" |
| 255 | #define SSL_TXT_FIPS "FIPS" | ||
| 255 | #define SSL_TXT_kFZA "kFZA" | 256 | #define SSL_TXT_kFZA "kFZA" |
| 256 | #define SSL_TXT_aFZA "aFZA" | 257 | #define SSL_TXT_aFZA "aFZA" |
| 257 | #define SSL_TXT_eFZA "eFZA" | 258 | #define SSL_TXT_eFZA "eFZA" |
| @@ -361,9 +362,6 @@ typedef struct ssl_cipher_st | |||
| 361 | 362 | ||
| 362 | DECLARE_STACK_OF(SSL_CIPHER) | 363 | DECLARE_STACK_OF(SSL_CIPHER) |
| 363 | 364 | ||
| 364 | typedef struct ssl_st SSL; | ||
| 365 | typedef struct ssl_ctx_st SSL_CTX; | ||
| 366 | |||
| 367 | /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ | 365 | /* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ |
| 368 | typedef struct ssl_method_st | 366 | typedef struct ssl_method_st |
| 369 | { | 367 | { |
| @@ -760,6 +758,12 @@ struct ssl_ctx_st | |||
| 760 | 758 | ||
| 761 | int quiet_shutdown; | 759 | int quiet_shutdown; |
| 762 | 760 | ||
| 761 | #ifndef OPENSSL_ENGINE | ||
| 762 | /* Engine to pass requests for client certs to | ||
| 763 | */ | ||
| 764 | ENGINE *client_cert_engine; | ||
| 765 | #endif | ||
| 766 | |||
| 763 | #ifndef OPENSSL_NO_TLSEXT | 767 | #ifndef OPENSSL_NO_TLSEXT |
| 764 | /* TLS extensions servername callback */ | 768 | /* TLS extensions servername callback */ |
| 765 | int (*tlsext_servername_callback)(SSL*, int *, void *); | 769 | int (*tlsext_servername_callback)(SSL*, int *, void *); |
| @@ -829,6 +833,9 @@ void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,int type, | |||
| 829 | void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val); | 833 | void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int type,int val); |
| 830 | void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); | 834 | void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)); |
| 831 | int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey); | 835 | int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey); |
| 836 | #ifndef OPENSSL_NO_ENGINE | ||
| 837 | int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e); | ||
| 838 | #endif | ||
| 832 | void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)); | 839 | void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)); |
| 833 | void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)); | 840 | void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len)); |
| 834 | 841 | ||
| @@ -1702,6 +1709,7 @@ void ERR_load_SSL_strings(void); | |||
| 1702 | #define SSL_F_SSL3_CONNECT 132 | 1709 | #define SSL_F_SSL3_CONNECT 132 |
| 1703 | #define SSL_F_SSL3_CTRL 213 | 1710 | #define SSL_F_SSL3_CTRL 213 |
| 1704 | #define SSL_F_SSL3_CTX_CTRL 133 | 1711 | #define SSL_F_SSL3_CTX_CTRL 133 |
| 1712 | #define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC 279 | ||
| 1705 | #define SSL_F_SSL3_ENC 134 | 1713 | #define SSL_F_SSL3_ENC 134 |
| 1706 | #define SSL_F_SSL3_GENERATE_KEY_BLOCK 238 | 1714 | #define SSL_F_SSL3_GENERATE_KEY_BLOCK 238 |
| 1707 | #define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 | 1715 | #define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 |
| @@ -1755,6 +1763,7 @@ void ERR_load_SSL_strings(void); | |||
| 1755 | #define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 | 1763 | #define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 |
| 1756 | #define SSL_F_SSL_CTX_NEW 169 | 1764 | #define SSL_F_SSL_CTX_NEW 169 |
| 1757 | #define SSL_F_SSL_CTX_SET_CIPHER_LIST 269 | 1765 | #define SSL_F_SSL_CTX_SET_CIPHER_LIST 269 |
| 1766 | #define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE 278 | ||
| 1758 | #define SSL_F_SSL_CTX_SET_PURPOSE 226 | 1767 | #define SSL_F_SSL_CTX_SET_PURPOSE 226 |
| 1759 | #define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219 | 1768 | #define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219 |
| 1760 | #define SSL_F_SSL_CTX_SET_SSL_VERSION 170 | 1769 | #define SSL_F_SSL_CTX_SET_SSL_VERSION 170 |
| @@ -1935,6 +1944,7 @@ void ERR_load_SSL_strings(void); | |||
| 1935 | #define SSL_R_NO_CIPHERS_SPECIFIED 183 | 1944 | #define SSL_R_NO_CIPHERS_SPECIFIED 183 |
| 1936 | #define SSL_R_NO_CIPHER_LIST 184 | 1945 | #define SSL_R_NO_CIPHER_LIST 184 |
| 1937 | #define SSL_R_NO_CIPHER_MATCH 185 | 1946 | #define SSL_R_NO_CIPHER_MATCH 185 |
| 1947 | #define SSL_R_NO_CLIENT_CERT_METHOD 317 | ||
| 1938 | #define SSL_R_NO_CLIENT_CERT_RECEIVED 186 | 1948 | #define SSL_R_NO_CLIENT_CERT_RECEIVED 186 |
| 1939 | #define SSL_R_NO_COMPRESSION_SPECIFIED 187 | 1949 | #define SSL_R_NO_COMPRESSION_SPECIFIED 187 |
| 1940 | #define SSL_R_NO_METHOD_SPECIFIED 188 | 1950 | #define SSL_R_NO_METHOD_SPECIFIED 188 |
diff --git a/src/lib/libssl/src/ssl/ssl_asn1.c b/src/lib/libssl/src/ssl/ssl_asn1.c index 6e14f4d834..0f9a3489dd 100644 --- a/src/lib/libssl/src/ssl/ssl_asn1.c +++ b/src/lib/libssl/src/ssl/ssl_asn1.c | |||
| @@ -353,7 +353,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, | |||
| 353 | memcpy(ret->session_id,os.data,os.length); | 353 | memcpy(ret->session_id,os.data,os.length); |
| 354 | 354 | ||
| 355 | M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING); | 355 | M_ASN1_D2I_get_x(ASN1_OCTET_STRING,osp,d2i_ASN1_OCTET_STRING); |
| 356 | if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH) | 356 | if (os.length > SSL_MAX_MASTER_KEY_LENGTH) |
| 357 | ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; | 357 | ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; |
| 358 | else | 358 | else |
| 359 | ret->master_key_length=os.length; | 359 | ret->master_key_length=os.length; |
diff --git a/src/lib/libssl/src/ssl/ssl_ciph.c b/src/lib/libssl/src/ssl/ssl_ciph.c index 725f7f3c1f..0c2aa249b4 100644 --- a/src/lib/libssl/src/ssl/ssl_ciph.c +++ b/src/lib/libssl/src/ssl/ssl_ciph.c | |||
| @@ -115,7 +115,10 @@ | |||
| 115 | */ | 115 | */ |
| 116 | #include <stdio.h> | 116 | #include <stdio.h> |
| 117 | #include <openssl/objects.h> | 117 | #include <openssl/objects.h> |
| 118 | #ifndef OPENSSL_NO_COMP | ||
| 118 | #include <openssl/comp.h> | 119 | #include <openssl/comp.h> |
| 120 | #endif | ||
| 121 | |||
| 119 | #include "ssl_locl.h" | 122 | #include "ssl_locl.h" |
| 120 | 123 | ||
| 121 | #define SSL_ENC_DES_IDX 0 | 124 | #define SSL_ENC_DES_IDX 0 |
| @@ -222,6 +225,7 @@ static const SSL_CIPHER cipher_aliases[]={ | |||
| 222 | {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK}, | 225 | {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK}, |
| 223 | {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK}, | 226 | {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK}, |
| 224 | {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK}, | 227 | {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK}, |
| 228 | {0,SSL_TXT_FIPS, 0, 0, SSL_FIPS, 0,0,0,0,SSL_FIPS|SSL_STRONG_NONE}, | ||
| 225 | }; | 229 | }; |
| 226 | 230 | ||
| 227 | void ssl_load_ciphers(void) | 231 | void ssl_load_ciphers(void) |
| @@ -515,7 +519,12 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, | |||
| 515 | c = ssl_method->get_cipher(i); | 519 | c = ssl_method->get_cipher(i); |
| 516 | #define IS_MASKED(c) ((c)->algorithms & (((c)->alg_bits == 256) ? m256 : mask)) | 520 | #define IS_MASKED(c) ((c)->algorithms & (((c)->alg_bits == 256) ? m256 : mask)) |
| 517 | /* drop those that use any of that is not available */ | 521 | /* drop those that use any of that is not available */ |
| 522 | #ifdef OPENSSL_FIPS | ||
| 523 | if ((c != NULL) && c->valid && !IS_MASKED(c) | ||
| 524 | && (!FIPS_mode() || (c->algo_strength & SSL_FIPS))) | ||
| 525 | #else | ||
| 518 | if ((c != NULL) && c->valid && !IS_MASKED(c)) | 526 | if ((c != NULL) && c->valid && !IS_MASKED(c)) |
| 527 | #endif | ||
| 519 | { | 528 | { |
| 520 | co_list[co_list_num].cipher = c; | 529 | co_list[co_list_num].cipher = c; |
| 521 | co_list[co_list_num].next = NULL; | 530 | co_list[co_list_num].next = NULL; |
| @@ -1054,7 +1063,11 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, | |||
| 1054 | */ | 1063 | */ |
| 1055 | for (curr = head; curr != NULL; curr = curr->next) | 1064 | for (curr = head; curr != NULL; curr = curr->next) |
| 1056 | { | 1065 | { |
| 1066 | #ifdef OPENSSL_FIPS | ||
| 1067 | if (curr->active && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS)) | ||
| 1068 | #else | ||
| 1057 | if (curr->active) | 1069 | if (curr->active) |
| 1070 | #endif | ||
| 1058 | { | 1071 | { |
| 1059 | sk_SSL_CIPHER_push(cipherstack, curr->cipher); | 1072 | sk_SSL_CIPHER_push(cipherstack, curr->cipher); |
| 1060 | #ifdef CIPHER_DEBUG | 1073 | #ifdef CIPHER_DEBUG |
diff --git a/src/lib/libssl/src/ssl/ssl_err.c b/src/lib/libssl/src/ssl/ssl_err.c index 50779c1632..24a994fe01 100644 --- a/src/lib/libssl/src/ssl/ssl_err.c +++ b/src/lib/libssl/src/ssl/ssl_err.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* ssl/ssl_err.c */ | 1 | /* ssl/ssl_err.c */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without | 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions | 6 | * modification, are permitted provided that the following conditions |
| @@ -138,6 +138,7 @@ static ERR_STRING_DATA SSL_str_functs[]= | |||
| 138 | {ERR_FUNC(SSL_F_SSL3_CONNECT), "SSL3_CONNECT"}, | 138 | {ERR_FUNC(SSL_F_SSL3_CONNECT), "SSL3_CONNECT"}, |
| 139 | {ERR_FUNC(SSL_F_SSL3_CTRL), "SSL3_CTRL"}, | 139 | {ERR_FUNC(SSL_F_SSL3_CTRL), "SSL3_CTRL"}, |
| 140 | {ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "SSL3_CTX_CTRL"}, | 140 | {ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "SSL3_CTX_CTRL"}, |
| 141 | {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC), "SSL3_DO_CHANGE_CIPHER_SPEC"}, | ||
| 141 | {ERR_FUNC(SSL_F_SSL3_ENC), "SSL3_ENC"}, | 142 | {ERR_FUNC(SSL_F_SSL3_ENC), "SSL3_ENC"}, |
| 142 | {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"}, | 143 | {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"}, |
| 143 | {ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST), "SSL3_GET_CERTIFICATE_REQUEST"}, | 144 | {ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST), "SSL3_GET_CERTIFICATE_REQUEST"}, |
| @@ -191,6 +192,7 @@ static ERR_STRING_DATA SSL_str_functs[]= | |||
| 191 | {ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"}, | 192 | {ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"}, |
| 192 | {ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"}, | 193 | {ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"}, |
| 193 | {ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"}, | 194 | {ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"}, |
| 195 | {ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE), "SSL_CTX_set_client_cert_engine"}, | ||
| 194 | {ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"}, | 196 | {ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"}, |
| 195 | {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT), "SSL_CTX_set_session_id_context"}, | 197 | {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT), "SSL_CTX_set_session_id_context"}, |
| 196 | {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"}, | 198 | {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"}, |
| @@ -374,6 +376,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= | |||
| 374 | {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED) ,"no ciphers specified"}, | 376 | {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED) ,"no ciphers specified"}, |
| 375 | {ERR_REASON(SSL_R_NO_CIPHER_LIST) ,"no cipher list"}, | 377 | {ERR_REASON(SSL_R_NO_CIPHER_LIST) ,"no cipher list"}, |
| 376 | {ERR_REASON(SSL_R_NO_CIPHER_MATCH) ,"no cipher match"}, | 378 | {ERR_REASON(SSL_R_NO_CIPHER_MATCH) ,"no cipher match"}, |
| 379 | {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD) ,"no client cert method"}, | ||
| 377 | {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED),"no client cert received"}, | 380 | {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED),"no client cert received"}, |
| 378 | {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED),"no compression specified"}, | 381 | {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED),"no compression specified"}, |
| 379 | {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) ,"no method specified"}, | 382 | {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED) ,"no method specified"}, |
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c index 065411aea8..68eee77e6f 100644 --- a/src/lib/libssl/src/ssl/ssl_lib.c +++ b/src/lib/libssl/src/ssl/ssl_lib.c | |||
| @@ -130,6 +130,9 @@ | |||
| 130 | #ifndef OPENSSL_NO_DH | 130 | #ifndef OPENSSL_NO_DH |
| 131 | #include <openssl/dh.h> | 131 | #include <openssl/dh.h> |
| 132 | #endif | 132 | #endif |
| 133 | #ifndef OPENSSL_NO_ENGINE | ||
| 134 | #include <openssl/engine.h> | ||
| 135 | #endif | ||
| 133 | 136 | ||
| 134 | const char *SSL_version_str=OPENSSL_VERSION_TEXT; | 137 | const char *SSL_version_str=OPENSSL_VERSION_TEXT; |
| 135 | 138 | ||
| @@ -1393,6 +1396,14 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) | |||
| 1393 | return(NULL); | 1396 | return(NULL); |
| 1394 | } | 1397 | } |
| 1395 | 1398 | ||
| 1399 | #ifdef OPENSSL_FIPS | ||
| 1400 | if (FIPS_mode() && (meth->version < TLS1_VERSION)) | ||
| 1401 | { | ||
| 1402 | SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE); | ||
| 1403 | return NULL; | ||
| 1404 | } | ||
| 1405 | #endif | ||
| 1406 | |||
| 1396 | if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) | 1407 | if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) |
| 1397 | { | 1408 | { |
| 1398 | SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); | 1409 | SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); |
| @@ -1513,6 +1524,27 @@ SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) | |||
| 1513 | 1524 | ||
| 1514 | #endif | 1525 | #endif |
| 1515 | 1526 | ||
| 1527 | #ifndef OPENSSL_NO_ENGINE | ||
| 1528 | ret->client_cert_engine = NULL; | ||
| 1529 | #ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO | ||
| 1530 | #define eng_strx(x) #x | ||
| 1531 | #define eng_str(x) eng_strx(x) | ||
| 1532 | /* Use specific client engine automatically... ignore errors */ | ||
| 1533 | { | ||
| 1534 | ENGINE *eng; | ||
| 1535 | eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO)); | ||
| 1536 | if (!eng) | ||
| 1537 | { | ||
| 1538 | ERR_clear_error(); | ||
| 1539 | ENGINE_load_builtin_engines(); | ||
| 1540 | eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO)); | ||
| 1541 | } | ||
| 1542 | if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng)) | ||
| 1543 | ERR_clear_error(); | ||
| 1544 | } | ||
| 1545 | #endif | ||
| 1546 | #endif | ||
| 1547 | |||
| 1516 | return(ret); | 1548 | return(ret); |
| 1517 | err: | 1549 | err: |
| 1518 | SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE); | 1550 | SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE); |
| @@ -1583,6 +1615,10 @@ void SSL_CTX_free(SSL_CTX *a) | |||
| 1583 | #else | 1615 | #else |
| 1584 | a->comp_methods = NULL; | 1616 | a->comp_methods = NULL; |
| 1585 | #endif | 1617 | #endif |
| 1618 | #ifndef OPENSSL_NO_ENGINE | ||
| 1619 | if (a->client_cert_engine) | ||
| 1620 | ENGINE_finish(a->client_cert_engine); | ||
| 1621 | #endif | ||
| 1586 | OPENSSL_free(a); | 1622 | OPENSSL_free(a); |
| 1587 | } | 1623 | } |
| 1588 | 1624 | ||
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index de94c0d0c7..ed4ddbbae6 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h | |||
| @@ -124,7 +124,9 @@ | |||
| 124 | #include "e_os.h" | 124 | #include "e_os.h" |
| 125 | 125 | ||
| 126 | #include <openssl/buffer.h> | 126 | #include <openssl/buffer.h> |
| 127 | #ifndef OPENSSL_NO_COMP | ||
| 127 | #include <openssl/comp.h> | 128 | #include <openssl/comp.h> |
| 129 | #endif | ||
| 128 | #include <openssl/bio.h> | 130 | #include <openssl/bio.h> |
| 129 | #include <openssl/stack.h> | 131 | #include <openssl/stack.h> |
| 130 | #ifndef OPENSSL_NO_RSA | 132 | #ifndef OPENSSL_NO_RSA |
| @@ -330,8 +332,9 @@ | |||
| 330 | #define SSL_LOW 0x00000020L | 332 | #define SSL_LOW 0x00000020L |
| 331 | #define SSL_MEDIUM 0x00000040L | 333 | #define SSL_MEDIUM 0x00000040L |
| 332 | #define SSL_HIGH 0x00000080L | 334 | #define SSL_HIGH 0x00000080L |
| 335 | #define SSL_FIPS 0x00000100L | ||
| 333 | 336 | ||
| 334 | /* we have used 000000ff - 24 bits left to go */ | 337 | /* we have used 000001ff - 23 bits left to go */ |
| 335 | 338 | ||
| 336 | /* | 339 | /* |
| 337 | * Macros to check the export status and cipher strength for export ciphers. | 340 | * Macros to check the export status and cipher strength for export ciphers. |
| @@ -499,6 +502,7 @@ typedef struct ssl3_enc_method | |||
| 499 | int (*alert_value)(int); | 502 | int (*alert_value)(int); |
| 500 | } SSL3_ENC_METHOD; | 503 | } SSL3_ENC_METHOD; |
| 501 | 504 | ||
| 505 | #ifndef OPENSSL_NO_COMP | ||
| 502 | /* Used for holding the relevant compression methods loaded into SSL_CTX */ | 506 | /* Used for holding the relevant compression methods loaded into SSL_CTX */ |
| 503 | typedef struct ssl3_comp_st | 507 | typedef struct ssl3_comp_st |
| 504 | { | 508 | { |
| @@ -506,6 +510,7 @@ typedef struct ssl3_comp_st | |||
| 506 | char *name; /* Text name used for the compression type */ | 510 | char *name; /* Text name used for the compression type */ |
| 507 | COMP_METHOD *method; /* The method :-) */ | 511 | COMP_METHOD *method; /* The method :-) */ |
| 508 | } SSL3_COMP; | 512 | } SSL3_COMP; |
| 513 | #endif | ||
| 509 | 514 | ||
| 510 | extern SSL3_ENC_METHOD ssl3_undef_enc_method; | 515 | extern SSL3_ENC_METHOD ssl3_undef_enc_method; |
| 511 | OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[]; | 516 | OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[]; |
| @@ -874,6 +879,7 @@ int ssl3_get_new_session_ticket(SSL *s); | |||
| 874 | int ssl3_get_cert_status(SSL *s); | 879 | int ssl3_get_cert_status(SSL *s); |
| 875 | int ssl3_get_server_done(SSL *s); | 880 | int ssl3_get_server_done(SSL *s); |
| 876 | int ssl3_send_client_verify(SSL *s); | 881 | int ssl3_send_client_verify(SSL *s); |
| 882 | int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey); | ||
| 877 | int ssl3_send_client_certificate(SSL *s); | 883 | int ssl3_send_client_certificate(SSL *s); |
| 878 | int ssl3_send_client_key_exchange(SSL *s); | 884 | int ssl3_send_client_key_exchange(SSL *s); |
| 879 | int ssl3_get_key_exchange(SSL *s); | 885 | int ssl3_get_key_exchange(SSL *s); |
diff --git a/src/lib/libssl/src/ssl/ssl_sess.c b/src/lib/libssl/src/ssl/ssl_sess.c index ee88be2b88..8391d62212 100644 --- a/src/lib/libssl/src/ssl/ssl_sess.c +++ b/src/lib/libssl/src/ssl/ssl_sess.c | |||
| @@ -59,6 +59,9 @@ | |||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <openssl/lhash.h> | 60 | #include <openssl/lhash.h> |
| 61 | #include <openssl/rand.h> | 61 | #include <openssl/rand.h> |
| 62 | #ifndef OPENSSL_NO_ENGINE | ||
| 63 | #include <openssl/engine.h> | ||
| 64 | #endif | ||
| 62 | #include "ssl_locl.h" | 65 | #include "ssl_locl.h" |
| 63 | 66 | ||
| 64 | static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); | 67 | static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); |
| @@ -870,6 +873,25 @@ int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL * ssl, X509 ** x509 , EVP_PK | |||
| 870 | return ctx->client_cert_cb; | 873 | return ctx->client_cert_cb; |
| 871 | } | 874 | } |
| 872 | 875 | ||
| 876 | #ifndef OPENSSL_NO_ENGINE | ||
| 877 | int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e) | ||
| 878 | { | ||
| 879 | if (!ENGINE_init(e)) | ||
| 880 | { | ||
| 881 | SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB); | ||
| 882 | return 0; | ||
| 883 | } | ||
| 884 | if(!ENGINE_get_ssl_client_cert_function(e)) | ||
| 885 | { | ||
| 886 | SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, SSL_R_NO_CLIENT_CERT_METHOD); | ||
| 887 | ENGINE_finish(e); | ||
| 888 | return 0; | ||
| 889 | } | ||
| 890 | ctx->client_cert_engine = e; | ||
| 891 | return 1; | ||
| 892 | } | ||
| 893 | #endif | ||
| 894 | |||
| 873 | void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, | 895 | void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, |
| 874 | int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)) | 896 | int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len)) |
| 875 | { | 897 | { |
diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c index 517657c024..b09c542087 100644 --- a/src/lib/libssl/src/ssl/ssltest.c +++ b/src/lib/libssl/src/ssl/ssltest.c | |||
| @@ -229,6 +229,9 @@ static void sv_usage(void) | |||
| 229 | { | 229 | { |
| 230 | fprintf(stderr,"usage: ssltest [args ...]\n"); | 230 | fprintf(stderr,"usage: ssltest [args ...]\n"); |
| 231 | fprintf(stderr,"\n"); | 231 | fprintf(stderr,"\n"); |
| 232 | #ifdef OPENSSL_FIPS | ||
| 233 | fprintf(stderr,"-F - run test in FIPS mode\n"); | ||
| 234 | #endif | ||
| 232 | fprintf(stderr," -server_auth - check server certificate\n"); | 235 | fprintf(stderr," -server_auth - check server certificate\n"); |
| 233 | fprintf(stderr," -client_auth - do client authentication\n"); | 236 | fprintf(stderr," -client_auth - do client authentication\n"); |
| 234 | fprintf(stderr," -proxy - allow proxy certificates\n"); | 237 | fprintf(stderr," -proxy - allow proxy certificates\n"); |
| @@ -410,7 +413,7 @@ int main(int argc, char *argv[]) | |||
| 410 | long bytes=256L; | 413 | long bytes=256L; |
| 411 | #ifndef OPENSSL_NO_DH | 414 | #ifndef OPENSSL_NO_DH |
| 412 | DH *dh; | 415 | DH *dh; |
| 413 | int dhe1024 = 0, dhe1024dsa = 0; | 416 | int dhe1024 = 1, dhe1024dsa = 0; |
| 414 | #endif | 417 | #endif |
| 415 | #ifndef OPENSSL_NO_ECDH | 418 | #ifndef OPENSSL_NO_ECDH |
| 416 | EC_KEY *ecdh = NULL; | 419 | EC_KEY *ecdh = NULL; |
| @@ -425,6 +428,9 @@ int main(int argc, char *argv[]) | |||
| 425 | #endif | 428 | #endif |
| 426 | STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; | 429 | STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; |
| 427 | int test_cipherlist = 0; | 430 | int test_cipherlist = 0; |
| 431 | #ifdef OPENSSL_FIPS | ||
| 432 | int fips_mode=0; | ||
| 433 | #endif | ||
| 428 | 434 | ||
| 429 | verbose = 0; | 435 | verbose = 0; |
| 430 | debug = 0; | 436 | debug = 0; |
| @@ -456,7 +462,16 @@ int main(int argc, char *argv[]) | |||
| 456 | 462 | ||
| 457 | while (argc >= 1) | 463 | while (argc >= 1) |
| 458 | { | 464 | { |
| 459 | if (strcmp(*argv,"-server_auth") == 0) | 465 | if(!strcmp(*argv,"-F")) |
| 466 | { | ||
| 467 | #ifdef OPENSSL_FIPS | ||
| 468 | fips_mode=1; | ||
| 469 | #else | ||
| 470 | fprintf(stderr,"not compiled with FIPS support, so exitting without running.\n"); | ||
| 471 | EXIT(0); | ||
| 472 | #endif | ||
| 473 | } | ||
| 474 | else if (strcmp(*argv,"-server_auth") == 0) | ||
| 460 | server_auth=1; | 475 | server_auth=1; |
| 461 | else if (strcmp(*argv,"-client_auth") == 0) | 476 | else if (strcmp(*argv,"-client_auth") == 0) |
| 462 | client_auth=1; | 477 | client_auth=1; |
| @@ -638,6 +653,20 @@ bad: | |||
| 638 | EXIT(1); | 653 | EXIT(1); |
| 639 | } | 654 | } |
| 640 | 655 | ||
| 656 | #ifdef OPENSSL_FIPS | ||
| 657 | if(fips_mode) | ||
| 658 | { | ||
| 659 | if(!FIPS_mode_set(1)) | ||
| 660 | { | ||
| 661 | ERR_load_crypto_strings(); | ||
| 662 | ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE)); | ||
| 663 | EXIT(1); | ||
| 664 | } | ||
| 665 | else | ||
| 666 | fprintf(stderr,"*** IN FIPS MODE ***\n"); | ||
| 667 | } | ||
| 668 | #endif | ||
| 669 | |||
| 641 | if (print_time) | 670 | if (print_time) |
| 642 | { | 671 | { |
| 643 | if (!bio_pair) | 672 | if (!bio_pair) |
| @@ -2059,20 +2088,12 @@ static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg) | |||
| 2059 | } | 2088 | } |
| 2060 | 2089 | ||
| 2061 | #ifndef OPENSSL_NO_X509_VERIFY | 2090 | #ifndef OPENSSL_NO_X509_VERIFY |
| 2062 | # ifdef OPENSSL_FIPS | ||
| 2063 | if(s->version == TLS1_VERSION) | ||
| 2064 | FIPS_allow_md5(1); | ||
| 2065 | # endif | ||
| 2066 | ok = X509_verify_cert(ctx); | 2091 | ok = X509_verify_cert(ctx); |
| 2067 | # ifdef OPENSSL_FIPS | ||
| 2068 | if(s->version == TLS1_VERSION) | ||
| 2069 | FIPS_allow_md5(0); | ||
| 2070 | # endif | ||
| 2071 | #endif | 2092 | #endif |
| 2072 | 2093 | ||
| 2073 | if (cb_arg->proxy_auth) | 2094 | if (cb_arg->proxy_auth) |
| 2074 | { | 2095 | { |
| 2075 | if (ok) | 2096 | if (ok > 0) |
| 2076 | { | 2097 | { |
| 2077 | const char *cond_end = NULL; | 2098 | const char *cond_end = NULL; |
| 2078 | 2099 | ||
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c index ed5a4a7255..7cb3e29a41 100644 --- a/src/lib/libssl/src/ssl/t1_enc.c +++ b/src/lib/libssl/src/ssl/t1_enc.c | |||
| @@ -111,10 +111,15 @@ | |||
| 111 | 111 | ||
| 112 | #include <stdio.h> | 112 | #include <stdio.h> |
| 113 | #include "ssl_locl.h" | 113 | #include "ssl_locl.h" |
| 114 | #ifndef OPENSSL_NO_COMP | ||
| 114 | #include <openssl/comp.h> | 115 | #include <openssl/comp.h> |
| 116 | #endif | ||
| 115 | #include <openssl/evp.h> | 117 | #include <openssl/evp.h> |
| 116 | #include <openssl/hmac.h> | 118 | #include <openssl/hmac.h> |
| 117 | #include <openssl/md5.h> | 119 | #include <openssl/md5.h> |
| 120 | #ifdef KSSL_DEBUG | ||
| 121 | #include <openssl/des.h> | ||
| 122 | #endif | ||
| 118 | 123 | ||
| 119 | static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, | 124 | static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, |
| 120 | int sec_len, unsigned char *seed, int seed_len, | 125 | int sec_len, unsigned char *seed, int seed_len, |
| @@ -131,6 +136,8 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, | |||
| 131 | 136 | ||
| 132 | HMAC_CTX_init(&ctx); | 137 | HMAC_CTX_init(&ctx); |
| 133 | HMAC_CTX_init(&ctx_tmp); | 138 | HMAC_CTX_init(&ctx_tmp); |
| 139 | HMAC_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 140 | HMAC_CTX_set_flags(&ctx_tmp, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); | ||
| 134 | HMAC_Init_ex(&ctx,sec,sec_len,md, NULL); | 141 | HMAC_Init_ex(&ctx,sec,sec_len,md, NULL); |
| 135 | HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL); | 142 | HMAC_Init_ex(&ctx_tmp,sec,sec_len,md, NULL); |
| 136 | HMAC_Update(&ctx,seed,seed_len); | 143 | HMAC_Update(&ctx,seed,seed_len); |
| @@ -249,15 +256,15 @@ int tls1_change_cipher_state(SSL *s, int which) | |||
| 249 | #ifdef KSSL_DEBUG | 256 | #ifdef KSSL_DEBUG |
| 250 | printf("tls1_change_cipher_state(which= %d) w/\n", which); | 257 | printf("tls1_change_cipher_state(which= %d) w/\n", which); |
| 251 | printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms, | 258 | printf("\talg= %ld, comp= %p\n", s->s3->tmp.new_cipher->algorithms, |
| 252 | comp); | 259 | (void *)comp); |
| 253 | printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c); | 260 | printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", (void *)c); |
| 254 | printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n", | 261 | printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n", |
| 255 | c->nid,c->block_size,c->key_len,c->iv_len); | 262 | c->nid,c->block_size,c->key_len,c->iv_len); |
| 256 | printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length); | 263 | printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length); |
| 257 | { | 264 | { |
| 258 | int i; | 265 | int ki; |
| 259 | for (i=0; i<s->s3->tmp.key_block_length; i++) | 266 | for (ki=0; ki<s->s3->tmp.key_block_length; ki++) |
| 260 | printf("%02x", key_block[i]); printf("\n"); | 267 | printf("%02x", key_block[ki]); printf("\n"); |
| 261 | } | 268 | } |
| 262 | #endif /* KSSL_DEBUG */ | 269 | #endif /* KSSL_DEBUG */ |
| 263 | 270 | ||
| @@ -413,11 +420,13 @@ printf("which = %04X\nmac key=",which); | |||
| 413 | s->session->key_arg_length=0; | 420 | s->session->key_arg_length=0; |
| 414 | #ifdef KSSL_DEBUG | 421 | #ifdef KSSL_DEBUG |
| 415 | { | 422 | { |
| 416 | int i; | 423 | int ki; |
| 417 | printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n"); | 424 | printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n"); |
| 418 | printf("\tkey= "); for (i=0; i<c->key_len; i++) printf("%02x", key[i]); | 425 | printf("\tkey= "); |
| 426 | for (ki=0; ki<c->key_len; ki++) printf("%02x", key[ki]); | ||
| 419 | printf("\n"); | 427 | printf("\n"); |
| 420 | printf("\t iv= "); for (i=0; i<c->iv_len; i++) printf("%02x", iv[i]); | 428 | printf("\t iv= "); |
| 429 | for (ki=0; ki<c->iv_len; ki++) printf("%02x", iv[ki]); | ||
| 421 | printf("\n"); | 430 | printf("\n"); |
| 422 | } | 431 | } |
| 423 | #endif /* KSSL_DEBUG */ | 432 | #endif /* KSSL_DEBUG */ |
| @@ -590,10 +599,11 @@ int tls1_enc(SSL *s, int send) | |||
| 590 | { | 599 | { |
| 591 | unsigned long ui; | 600 | unsigned long ui; |
| 592 | printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n", | 601 | printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n", |
| 593 | ds,rec->data,rec->input,l); | 602 | (void *)ds,rec->data,rec->input,l); |
| 594 | printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n", | 603 | printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%ld %ld], %d iv_len\n", |
| 595 | ds->buf_len, ds->cipher->key_len, | 604 | ds->buf_len, ds->cipher->key_len, |
| 596 | DES_KEY_SZ, DES_SCHEDULE_SZ, | 605 | (unsigned long)DES_KEY_SZ, |
| 606 | (unsigned long)DES_SCHEDULE_SZ, | ||
| 597 | ds->cipher->iv_len); | 607 | ds->cipher->iv_len); |
| 598 | printf("\t\tIV: "); | 608 | printf("\t\tIV: "); |
| 599 | for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]); | 609 | for (i=0; i<ds->cipher->iv_len; i++) printf("%02X", ds->iv[i]); |
| @@ -618,10 +628,10 @@ int tls1_enc(SSL *s, int send) | |||
| 618 | 628 | ||
| 619 | #ifdef KSSL_DEBUG | 629 | #ifdef KSSL_DEBUG |
| 620 | { | 630 | { |
| 621 | unsigned long i; | 631 | unsigned long ki; |
| 622 | printf("\trec->data="); | 632 | printf("\trec->data="); |
| 623 | for (i=0; i<l; i++) | 633 | for (ki=0; ki<l; i++) |
| 624 | printf(" %02x", rec->data[i]); printf("\n"); | 634 | printf(" %02x", rec->data[ki]); printf("\n"); |
| 625 | } | 635 | } |
| 626 | #endif /* KSSL_DEBUG */ | 636 | #endif /* KSSL_DEBUG */ |
| 627 | 637 | ||
| @@ -805,7 +815,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, | |||
| 805 | unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH]; | 815 | unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH]; |
| 806 | 816 | ||
| 807 | #ifdef KSSL_DEBUG | 817 | #ifdef KSSL_DEBUG |
| 808 | printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len); | 818 | printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", (void *)s,out, p,len); |
| 809 | #endif /* KSSL_DEBUG */ | 819 | #endif /* KSSL_DEBUG */ |
| 810 | 820 | ||
| 811 | /* Setup the stuff to munge */ | 821 | /* Setup the stuff to munge */ |
| @@ -852,8 +862,10 @@ int tls1_alert_code(int code) | |||
| 852 | case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR); | 862 | case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR); |
| 853 | case SSL_AD_USER_CANCELLED: return(TLS1_AD_USER_CANCELLED); | 863 | case SSL_AD_USER_CANCELLED: return(TLS1_AD_USER_CANCELLED); |
| 854 | case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION); | 864 | case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION); |
| 865 | #ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE | ||
| 855 | case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return | 866 | case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return |
| 856 | (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE); | 867 | (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE); |
| 868 | #endif | ||
| 857 | default: return(-1); | 869 | default: return(-1); |
| 858 | } | 870 | } |
| 859 | } | 871 | } |
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c index 35f04afa4a..9ce726996d 100644 --- a/src/lib/libssl/src/ssl/t1_lib.c +++ b/src/lib/libssl/src/ssl/t1_lib.c | |||
| @@ -734,6 +734,13 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, | |||
| 734 | /* Point after session ID in client hello */ | 734 | /* Point after session ID in client hello */ |
| 735 | const unsigned char *p = session_id + len; | 735 | const unsigned char *p = session_id + len; |
| 736 | unsigned short i; | 736 | unsigned short i; |
| 737 | |||
| 738 | /* If tickets disabled behave as if no ticket present | ||
| 739 | * to permit stateful resumption. | ||
| 740 | */ | ||
| 741 | if (SSL_get_options(s) & SSL_OP_NO_TICKET) | ||
| 742 | return 1; | ||
| 743 | |||
| 737 | if ((s->version <= SSL3_VERSION) || !limit) | 744 | if ((s->version <= SSL3_VERSION) || !limit) |
| 738 | return 1; | 745 | return 1; |
| 739 | if (p >= limit) | 746 | if (p >= limit) |
| @@ -761,12 +768,7 @@ int tls1_process_ticket(SSL *s, unsigned char *session_id, int len, | |||
| 761 | return 1; | 768 | return 1; |
| 762 | if (type == TLSEXT_TYPE_session_ticket) | 769 | if (type == TLSEXT_TYPE_session_ticket) |
| 763 | { | 770 | { |
| 764 | /* If tickets disabled indicate cache miss which will | 771 | /* If zero length note client will accept a ticket |
| 765 | * trigger a full handshake | ||
| 766 | */ | ||
| 767 | if (SSL_get_options(s) & SSL_OP_NO_TICKET) | ||
| 768 | return 0; | ||
| 769 | /* If zero length not client will accept a ticket | ||
| 770 | * and indicate cache miss to trigger full handshake | 772 | * and indicate cache miss to trigger full handshake |
| 771 | */ | 773 | */ |
| 772 | if (size == 0) | 774 | if (size == 0) |
diff --git a/src/lib/libssl/src/test/CAss.cnf b/src/lib/libssl/src/test/CAss.cnf index 20f8f05e3d..546e660626 100644 --- a/src/lib/libssl/src/test/CAss.cnf +++ b/src/lib/libssl/src/test/CAss.cnf | |||
| @@ -7,7 +7,7 @@ RANDFILE = ./.rnd | |||
| 7 | 7 | ||
| 8 | #################################################################### | 8 | #################################################################### |
| 9 | [ req ] | 9 | [ req ] |
| 10 | default_bits = 512 | 10 | default_bits = 1024 |
| 11 | default_keyfile = keySS.pem | 11 | default_keyfile = keySS.pem |
| 12 | distinguished_name = req_distinguished_name | 12 | distinguished_name = req_distinguished_name |
| 13 | encrypt_rsa_key = no | 13 | encrypt_rsa_key = no |
diff --git a/src/lib/libssl/src/test/Makefile b/src/lib/libssl/src/test/Makefile index 62f9b86052..73d64440b1 100644 --- a/src/lib/libssl/src/test/Makefile +++ b/src/lib/libssl/src/test/Makefile | |||
| @@ -5,7 +5,7 @@ | |||
| 5 | DIR= test | 5 | DIR= test |
| 6 | TOP= .. | 6 | TOP= .. |
| 7 | CC= cc | 7 | CC= cc |
| 8 | INCLUDES= -I$(TOP) -I../include $(KRB5_INCLUDES) | 8 | INCLUDES= -I$(TOP) -I../include $(KRB5_INCLUDES) -I$(TOP)/fips |
| 9 | CFLAG= -g | 9 | CFLAG= -g |
| 10 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) | 10 | MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG) |
| 11 | PERL= perl | 11 | PERL= perl |
| @@ -27,6 +27,7 @@ DLIBCRYPTO= ../libcrypto.a | |||
| 27 | DLIBSSL= ../libssl.a | 27 | DLIBSSL= ../libssl.a |
| 28 | LIBCRYPTO= -L.. -lcrypto | 28 | LIBCRYPTO= -L.. -lcrypto |
| 29 | LIBSSL= -L.. -lssl | 29 | LIBSSL= -L.. -lssl |
| 30 | LIBFIPS= -L.. -lfips | ||
| 30 | 31 | ||
| 31 | BNTEST= bntest | 32 | BNTEST= bntest |
| 32 | ECTEST= ectest | 33 | ECTEST= ectest |
| @@ -59,6 +60,18 @@ RSATEST= rsa_test | |||
| 59 | ENGINETEST= enginetest | 60 | ENGINETEST= enginetest |
| 60 | EVPTEST= evp_test | 61 | EVPTEST= evp_test |
| 61 | IGETEST= igetest | 62 | IGETEST= igetest |
| 63 | FIPS_SHATEST= fips_shatest | ||
| 64 | FIPS_DESTEST= fips_desmovs | ||
| 65 | FIPS_RANDTEST= fips_randtest | ||
| 66 | FIPS_AESTEST= fips_aesavs | ||
| 67 | FIPS_HMACTEST= fips_hmactest | ||
| 68 | FIPS_RSAVTEST= fips_rsavtest | ||
| 69 | FIPS_RSASTEST= fips_rsastest | ||
| 70 | FIPS_RSAGTEST= fips_rsagtest | ||
| 71 | FIPS_DSATEST= fips_dsatest | ||
| 72 | FIPS_DSSVS= fips_dssvs | ||
| 73 | FIPS_RNGVS= fips_rngvs | ||
| 74 | FIPS_TEST_SUITE=fips_test_suite | ||
| 62 | 75 | ||
| 63 | TESTS= alltests | 76 | TESTS= alltests |
| 64 | 77 | ||
| @@ -69,7 +82,13 @@ EXE= $(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT) $(ECDSATEST)$(EXE_EXT) $(ECDHTEST) | |||
| 69 | $(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \ | 82 | $(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \ |
| 70 | $(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \ | 83 | $(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \ |
| 71 | $(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \ | 84 | $(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \ |
| 72 | $(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) | 85 | $(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) \ |
| 86 | $(FIPS_SHATEST)$(EXE_EXT) $(FIPS_DESTEST)$(EXE_EXT) \ | ||
| 87 | $(FIPS_RANDTEST)$(EXE_EXT) $(FIPS_AESTEST)$(EXE_EXT) \ | ||
| 88 | $(FIPS_HMACTEST)$(EXE_EXT) $(FIPS_RSAVTEST)$(EXE_EXT) \ | ||
| 89 | $(FIPS_RSASTEST)$(EXE_EXT) $(FIPS_RSAGTEST)$(EXE_EXT) \ | ||
| 90 | $(FIPS_DSSVS)$(EXE_EXT) $(FIPS_DSATEST)$(EXE_EXT) \ | ||
| 91 | $(FIPS_RNGVS)$(EXE_EXT) $(FIPS_TEST_SUITE)$(EXE_EXT) jpaketest$(EXE_EXT) | ||
| 73 | 92 | ||
| 74 | # $(METHTEST)$(EXE_EXT) | 93 | # $(METHTEST)$(EXE_EXT) |
| 75 | 94 | ||
| @@ -81,7 +100,13 @@ OBJ= $(BNTEST).o $(ECTEST).o $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \ | |||
| 81 | $(MDC2TEST).o $(RMDTEST).o \ | 100 | $(MDC2TEST).o $(RMDTEST).o \ |
| 82 | $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \ | 101 | $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \ |
| 83 | $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \ | 102 | $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o $(RSATEST).o \ |
| 84 | $(EVPTEST).o $(IGETEST).o | 103 | $(EVPTEST).o $(IGETEST).o \ |
| 104 | $(FIPS_SHATEST).o $(FIPS_DESTEST).o $(FIPS_RANDTEST).o \ | ||
| 105 | $(FIPS_AESTEST).o $(FIPS_HMACTEST).o $(FIPS_RSAVTEST).o \ | ||
| 106 | $(FIPS_RSASTEST).o $(FIPS_RSAGTEST).o \ | ||
| 107 | $(FIPS_DSSVS).o $(FIPS_DSATEST).o $(FIPS_RNGVS).o $(FIPS_TEST_SUITE).o \ | ||
| 108 | jpaketest.o | ||
| 109 | |||
| 85 | SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \ | 110 | SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \ |
| 86 | $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \ | 111 | $(MD2TEST).c $(MD4TEST).c $(MD5TEST).c \ |
| 87 | $(HMACTEST).c \ | 112 | $(HMACTEST).c \ |
| @@ -89,7 +114,12 @@ SRC= $(BNTEST).c $(ECTEST).c $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \ | |||
| 89 | $(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \ | 114 | $(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \ |
| 90 | $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \ | 115 | $(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \ |
| 91 | $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \ | 116 | $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c $(RSATEST).c \ |
| 92 | $(EVPTEST).c $(IGETEST).c | 117 | $(EVPTEST).c $(IGETEST).c \ |
| 118 | $(FIPS_SHATEST).c $(FIPS_DESTEST).c $(FIPS_RANDTEST).c \ | ||
| 119 | $(FIPS_AESTEST).c $(FIPS_HMACTEST).c $(FIPS_RSAVTEST).c \ | ||
| 120 | $(FIPS_RSASTEST).c $(FIPS_RSAGTEST).c \ | ||
| 121 | $(FIPS_DSSVS).c $(FIPS_DSATEST).c $(FIPS_RNGVS).c $(FIPS_TEST_SUITE).c \ | ||
| 122 | jpaketest.c | ||
| 93 | 123 | ||
| 94 | EXHEADER= | 124 | EXHEADER= |
| 95 | HEADER= $(EXHEADER) | 125 | HEADER= $(EXHEADER) |
| @@ -131,7 +161,7 @@ alltests: \ | |||
| 131 | test_rand test_bn test_ec test_ecdsa test_ecdh \ | 161 | test_rand test_bn test_ec test_ecdsa test_ecdh \ |
| 132 | test_enc test_x509 test_rsa test_crl test_sid \ | 162 | test_enc test_x509 test_rsa test_crl test_sid \ |
| 133 | test_gen test_req test_pkcs7 test_verify test_dh test_dsa \ | 163 | test_gen test_req test_pkcs7 test_verify test_dh test_dsa \ |
| 134 | test_ss test_ca test_engine test_evp test_ssl test_ige | 164 | test_ss test_ca test_engine test_evp test_ssl test_ige test_jpake |
| 135 | 165 | ||
| 136 | test_evp: | 166 | test_evp: |
| 137 | ../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt | 167 | ../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt |
| @@ -147,6 +177,9 @@ test_sha: | |||
| 147 | ../util/shlib_wrap.sh ./$(SHA1TEST) | 177 | ../util/shlib_wrap.sh ./$(SHA1TEST) |
| 148 | ../util/shlib_wrap.sh ./$(SHA256TEST) | 178 | ../util/shlib_wrap.sh ./$(SHA256TEST) |
| 149 | ../util/shlib_wrap.sh ./$(SHA512TEST) | 179 | ../util/shlib_wrap.sh ./$(SHA512TEST) |
| 180 | if [ -n "$(FIPSCANLIB)" ]; then \ | ||
| 181 | ../util/shlib_wrap.sh ./$(FIPS_SHATEST) < SHAmix.r | diff -w SHAmix.x - ; \ | ||
| 182 | fi | ||
| 150 | 183 | ||
| 151 | test_mdc2: | 184 | test_mdc2: |
| 152 | ../util/shlib_wrap.sh ./$(MDC2TEST) | 185 | ../util/shlib_wrap.sh ./$(MDC2TEST) |
| @@ -183,9 +216,12 @@ test_rc5: | |||
| 183 | 216 | ||
| 184 | test_rand: | 217 | test_rand: |
| 185 | ../util/shlib_wrap.sh ./$(RANDTEST) | 218 | ../util/shlib_wrap.sh ./$(RANDTEST) |
| 219 | if [ -n "$(FIPSCANLIB)" ]; then \ | ||
| 220 | ../util/shlib_wrap.sh ./$(FIPS_RANDTEST); \ | ||
| 221 | fi | ||
| 186 | 222 | ||
| 187 | test_enc: | 223 | test_enc: |
| 188 | @sh ./testenc | 224 | sh ./testenc |
| 189 | 225 | ||
| 190 | test_x509: | 226 | test_x509: |
| 191 | echo test normal x509v1 certificate | 227 | echo test normal x509v1 certificate |
| @@ -247,6 +283,9 @@ test_dsa: | |||
| 247 | @echo "Generate a set of DSA parameters" | 283 | @echo "Generate a set of DSA parameters" |
| 248 | ../util/shlib_wrap.sh ./$(DSATEST) | 284 | ../util/shlib_wrap.sh ./$(DSATEST) |
| 249 | ../util/shlib_wrap.sh ./$(DSATEST) -app2_1 | 285 | ../util/shlib_wrap.sh ./$(DSATEST) -app2_1 |
| 286 | if [ -n "$(FIPSCANLIB)" ]; then \ | ||
| 287 | ../util/shlib_wrap.sh ./$(FIPS_DSATEST); \ | ||
| 288 | fi | ||
| 250 | 289 | ||
| 251 | test_gen: | 290 | test_gen: |
| 252 | @echo "Generate and verify a certificate request" | 291 | @echo "Generate and verify a certificate request" |
| @@ -266,6 +305,9 @@ test_engine: | |||
| 266 | test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \ | 305 | test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \ |
| 267 | intP1.ss intP2.ss | 306 | intP1.ss intP2.ss |
| 268 | @echo "test SSL protocol" | 307 | @echo "test SSL protocol" |
| 308 | @if [ -n "$(FIPSCANLIB)" ]; then \ | ||
| 309 | sh ./testfipsssl keyU.ss certU.ss certCA.ss; \ | ||
| 310 | fi | ||
| 269 | ../util/shlib_wrap.sh ./$(SSLTEST) -test_cipherlist | 311 | ../util/shlib_wrap.sh ./$(SSLTEST) -test_cipherlist |
| 270 | @sh ./testssl keyU.ss certU.ss certCA.ss | 312 | @sh ./testssl keyU.ss certU.ss certCA.ss |
| 271 | @sh ./testsslproxy keyP1.ss certP1.ss intP1.ss | 313 | @sh ./testsslproxy keyP1.ss certP1.ss intP1.ss |
| @@ -287,6 +329,10 @@ test_ige: $(IGETEST)$(EXE_EXT) | |||
| 287 | @echo "Test IGE mode" | 329 | @echo "Test IGE mode" |
| 288 | ../util/shlib_wrap.sh ./$(IGETEST) | 330 | ../util/shlib_wrap.sh ./$(IGETEST) |
| 289 | 331 | ||
| 332 | test_jpake: jpaketest$(EXE_EXT) | ||
| 333 | @echo "Test JPAKE" | ||
| 334 | ../util/shlib_wrap.sh ./jpaketest | ||
| 335 | |||
| 290 | lint: | 336 | lint: |
| 291 | lint -DLINT $(INCLUDES) $(SRC)>fluff | 337 | lint -DLINT $(INCLUDES) $(SRC)>fluff |
| 292 | 338 | ||
| @@ -302,7 +348,7 @@ dclean: | |||
| 302 | mv -f Makefile.new $(MAKEFILE) | 348 | mv -f Makefile.new $(MAKEFILE) |
| 303 | 349 | ||
| 304 | clean: | 350 | clean: |
| 305 | rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log | 351 | rm -f .rnd tmp.bntest tmp.bctest *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest |
| 306 | 352 | ||
| 307 | $(DLIBSSL): | 353 | $(DLIBSSL): |
| 308 | (cd ..; $(MAKE) DIRS=ssl all) | 354 | (cd ..; $(MAKE) DIRS=ssl all) |
| @@ -314,6 +360,7 @@ BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ | |||
| 314 | shlib_target="$(SHLIB_TARGET)"; \ | 360 | shlib_target="$(SHLIB_TARGET)"; \ |
| 315 | fi; \ | 361 | fi; \ |
| 316 | LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \ | 362 | LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \ |
| 363 | [ "$(FIPSCANLIB)" = "libfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \ | ||
| 317 | $(MAKE) -f $(TOP)/Makefile.shared -e \ | 364 | $(MAKE) -f $(TOP)/Makefile.shared -e \ |
| 318 | APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ | 365 | APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ |
| 319 | LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ | 366 | LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ |
| @@ -349,6 +396,69 @@ $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) | |||
| 349 | $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) | 396 | $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) |
| 350 | @target=$(SHA512TEST); $(BUILD_CMD) | 397 | @target=$(SHA512TEST); $(BUILD_CMD) |
| 351 | 398 | ||
| 399 | FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ | ||
| 400 | shlib_target="$(SHLIB_TARGET)"; \ | ||
| 401 | fi; \ | ||
| 402 | if [ "$(FIPSCANLIB)" = "libfips" ]; then \ | ||
| 403 | LIBRARIES="-L$(TOP) -lfips"; \ | ||
| 404 | elif [ -n "$(FIPSCANLIB)" ]; then \ | ||
| 405 | FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \ | ||
| 406 | LIBRARIES="$${FIPSLIBDIR:-$(TOP)/fips/}fipscanister.o"; \ | ||
| 407 | fi; \ | ||
| 408 | $(MAKE) -f $(TOP)/Makefile.shared -e \ | ||
| 409 | CC=$${CC} APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ | ||
| 410 | LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ | ||
| 411 | link_app.$${shlib_target} | ||
| 412 | |||
| 413 | FIPS_CRYPTO_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ | ||
| 414 | shlib_target="$(SHLIB_TARGET)"; \ | ||
| 415 | fi; \ | ||
| 416 | LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \ | ||
| 417 | if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \ | ||
| 418 | FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \ | ||
| 419 | fi; \ | ||
| 420 | [ "$(FIPSCANLIB)" = "libfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \ | ||
| 421 | $(MAKE) -f $(TOP)/Makefile.shared -e \ | ||
| 422 | CC=$${CC} APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \ | ||
| 423 | LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \ | ||
| 424 | link_app.$${shlib_target} | ||
| 425 | |||
| 426 | $(FIPS_SHATEST)$(EXE_EXT): $(FIPS_SHATEST).o $(DLIBCRYPTO) | ||
| 427 | @target=$(FIPS_SHATEST); $(FIPS_BUILD_CMD) | ||
| 428 | |||
| 429 | $(FIPS_AESTEST)$(EXE_EXT): $(FIPS_AESTEST).o $(DLIBCRYPTO) | ||
| 430 | @target=$(FIPS_AESTEST); $(FIPS_BUILD_CMD) | ||
| 431 | |||
| 432 | $(FIPS_DESTEST)$(EXE_EXT): $(FIPS_DESTEST).o $(DLIBCRYPTO) | ||
| 433 | @target=$(FIPS_DESTEST); $(FIPS_BUILD_CMD) | ||
| 434 | |||
| 435 | $(FIPS_HMACTEST)$(EXE_EXT): $(FIPS_HMACTEST).o $(DLIBCRYPTO) | ||
| 436 | @target=$(FIPS_HMACTEST); $(FIPS_BUILD_CMD) | ||
| 437 | |||
| 438 | $(FIPS_RANDTEST)$(EXE_EXT): $(FIPS_RANDTEST).o $(DLIBCRYPTO) | ||
| 439 | @target=$(FIPS_RANDTEST); $(FIPS_BUILD_CMD) | ||
| 440 | |||
| 441 | $(FIPS_RSAVTEST)$(EXE_EXT): $(FIPS_RSAVTEST).o $(DLIBCRYPTO) | ||
| 442 | @target=$(FIPS_RSAVTEST); $(FIPS_BUILD_CMD) | ||
| 443 | |||
| 444 | $(FIPS_RSASTEST)$(EXE_EXT): $(FIPS_RSASTEST).o $(DLIBCRYPTO) | ||
| 445 | @target=$(FIPS_RSASTEST); $(FIPS_BUILD_CMD) | ||
| 446 | |||
| 447 | $(FIPS_RSAGTEST)$(EXE_EXT): $(FIPS_RSAGTEST).o $(DLIBCRYPTO) | ||
| 448 | @target=$(FIPS_RSAGTEST); $(FIPS_BUILD_CMD) | ||
| 449 | |||
| 450 | $(FIPS_DSATEST)$(EXE_EXT): $(FIPS_DSATEST).o $(DLIBCRYPTO) | ||
| 451 | @target=$(FIPS_DSATEST); $(FIPS_BUILD_CMD) | ||
| 452 | |||
| 453 | $(FIPS_DSSVS)$(EXE_EXT): $(FIPS_DSSVS).o $(DLIBCRYPTO) | ||
| 454 | @target=$(FIPS_DSSVS); $(FIPS_BUILD_CMD) | ||
| 455 | |||
| 456 | $(FIPS_RNGVS)$(EXE_EXT): $(FIPS_RNGVS).o $(DLIBCRYPTO) | ||
| 457 | @target=$(FIPS_RNGVS); $(FIPS_BUILD_CMD) | ||
| 458 | |||
| 459 | $(FIPS_TEST_SUITE)$(EXE_EXT): $(FIPS_TEST_SUITE).o $(DLIBCRYPTO) | ||
| 460 | @target=$(FIPS_TEST_SUITE); $(FIPS_BUILD_CMD) | ||
| 461 | |||
| 352 | $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) | 462 | $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) |
| 353 | @target=$(RMDTEST); $(BUILD_CMD) | 463 | @target=$(RMDTEST); $(BUILD_CMD) |
| 354 | 464 | ||
| @@ -395,7 +505,7 @@ $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) | |||
| 395 | @target=$(METHTEST); $(BUILD_CMD) | 505 | @target=$(METHTEST); $(BUILD_CMD) |
| 396 | 506 | ||
| 397 | $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) | 507 | $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) |
| 398 | @target=$(SSLTEST); $(BUILD_CMD) | 508 | @target=$(SSLTEST); $(FIPS_CRYPTO_BUILD_CMD) |
| 399 | 509 | ||
| 400 | $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) | 510 | $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) |
| 401 | @target=$(ENGINETEST); $(BUILD_CMD) | 511 | @target=$(ENGINETEST); $(BUILD_CMD) |
| @@ -412,6 +522,9 @@ $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) | |||
| 412 | $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) | 522 | $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) |
| 413 | @target=$(IGETEST); $(BUILD_CMD) | 523 | @target=$(IGETEST); $(BUILD_CMD) |
| 414 | 524 | ||
| 525 | jpaketest$(EXE_EXT): jpaketest.o $(DLIBCRYPTO) | ||
| 526 | @target=jpaketest; $(BUILD_CMD) | ||
| 527 | |||
| 415 | #$(AESTEST).o: $(AESTEST).c | 528 | #$(AESTEST).o: $(AESTEST).c |
| 416 | # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c | 529 | # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c |
| 417 | 530 | ||
| @@ -435,14 +548,15 @@ bntest.o: ../include/openssl/crypto.h ../include/openssl/dh.h | |||
| 435 | bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h | 548 | bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h |
| 436 | bntest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | 549 | bntest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 437 | bntest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | 550 | bntest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h |
| 438 | bntest.o: ../include/openssl/evp.h ../include/openssl/lhash.h | 551 | bntest.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 439 | bntest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 552 | bntest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 440 | bntest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 553 | bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 441 | bntest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h | 554 | bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 442 | bntest.o: ../include/openssl/rand.h ../include/openssl/rsa.h | 555 | bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h |
| 443 | bntest.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 556 | bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h |
| 444 | bntest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 557 | bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 445 | bntest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bntest.c | 558 | bntest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h |
| 559 | bntest.o: ../include/openssl/x509_vfy.h bntest.c | ||
| 446 | casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h | 560 | casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h |
| 447 | casttest.o: ../include/openssl/opensslconf.h casttest.c | 561 | casttest.o: ../include/openssl/opensslconf.h casttest.c |
| 448 | destest.o: ../include/openssl/des.h ../include/openssl/des_old.h | 562 | destest.o: ../include/openssl/des.h ../include/openssl/des_old.h |
| @@ -476,41 +590,59 @@ ecdhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h | |||
| 476 | ecdhtest.o: ../include/openssl/sha.h ../include/openssl/stack.h | 590 | ecdhtest.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 477 | ecdhtest.o: ../include/openssl/symhacks.h ecdhtest.c | 591 | ecdhtest.o: ../include/openssl/symhacks.h ecdhtest.c |
| 478 | ecdsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h | 592 | ecdsatest.o: ../include/openssl/asn1.h ../include/openssl/bio.h |
| 479 | ecdsatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h | 593 | ecdsatest.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 480 | ecdsatest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 594 | ecdsatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 595 | ecdsatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | ||
| 481 | ecdsatest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | 596 | ecdsatest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 482 | ecdsatest.o: ../include/openssl/err.h ../include/openssl/evp.h | 597 | ecdsatest.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 483 | ecdsatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 598 | ecdsatest.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 484 | ecdsatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 599 | ecdsatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 485 | ecdsatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 600 | ecdsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 601 | ecdsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h | ||
| 486 | ecdsatest.o: ../include/openssl/rand.h ../include/openssl/safestack.h | 602 | ecdsatest.o: ../include/openssl/rand.h ../include/openssl/safestack.h |
| 487 | ecdsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | 603 | ecdsatest.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 488 | ecdsatest.o: ecdsatest.c | 604 | ecdsatest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h |
| 605 | ecdsatest.o: ../include/openssl/x509_vfy.h ecdsatest.c | ||
| 489 | ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 606 | ectest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 490 | ectest.o: ../include/openssl/bn.h ../include/openssl/crypto.h | 607 | ectest.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 491 | ectest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 608 | ectest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 492 | ectest.o: ../include/openssl/engine.h ../include/openssl/err.h | 609 | ectest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h |
| 493 | ectest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 610 | ectest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h |
| 494 | ectest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 611 | ectest.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 495 | ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 612 | ectest.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 613 | ectest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | ||
| 614 | ectest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 615 | ectest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h | ||
| 496 | ectest.o: ../include/openssl/rand.h ../include/openssl/safestack.h | 616 | ectest.o: ../include/openssl/rand.h ../include/openssl/safestack.h |
| 497 | ectest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h ectest.c | 617 | ectest.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 498 | enginetest.o: ../include/openssl/bio.h ../include/openssl/buffer.h | 618 | ectest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h |
| 499 | enginetest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 619 | ectest.o: ../include/openssl/x509_vfy.h ectest.c |
| 620 | enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h | ||
| 621 | enginetest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h | ||
| 622 | enginetest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | ||
| 623 | enginetest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | ||
| 500 | enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h | 624 | enginetest.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 501 | enginetest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h | 625 | enginetest.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 626 | enginetest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | ||
| 627 | enginetest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | ||
| 502 | enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 628 | enginetest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 503 | enginetest.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 629 | enginetest.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h |
| 504 | enginetest.o: ../include/openssl/symhacks.h enginetest.c | 630 | enginetest.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 631 | enginetest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h | ||
| 632 | enginetest.o: ../include/openssl/x509_vfy.h enginetest.c | ||
| 505 | evp_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 633 | evp_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 506 | evp_test.o: ../include/openssl/conf.h ../include/openssl/crypto.h | 634 | evp_test.o: ../include/openssl/buffer.h ../include/openssl/conf.h |
| 507 | evp_test.o: ../include/openssl/e_os2.h ../include/openssl/engine.h | 635 | evp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 636 | evp_test.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | ||
| 637 | evp_test.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | ||
| 508 | evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h | 638 | evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h |
| 509 | evp_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 639 | evp_test.o: ../include/openssl/fips.h ../include/openssl/lhash.h |
| 510 | evp_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 640 | evp_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 511 | evp_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 641 | evp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 512 | evp_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 642 | evp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h |
| 513 | evp_test.o: ../include/openssl/symhacks.h evp_test.c | 643 | evp_test.o: ../include/openssl/safestack.h ../include/openssl/sha.h |
| 644 | evp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | ||
| 645 | evp_test.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h evp_test.c | ||
| 514 | exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h | 646 | exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h |
| 515 | exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 647 | exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 516 | exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h | 648 | exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h |
| @@ -518,40 +650,220 @@ exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | |||
| 518 | exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h | 650 | exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h |
| 519 | exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 651 | exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 520 | exptest.o: ../include/openssl/symhacks.h exptest.c | 652 | exptest.o: ../include/openssl/symhacks.h exptest.c |
| 653 | fips_aesavs.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/aes.h | ||
| 654 | fips_aesavs.o: ../include/openssl/asn1.h ../include/openssl/bio.h | ||
| 655 | fips_aesavs.o: ../include/openssl/bn.h ../include/openssl/crypto.h | ||
| 656 | fips_aesavs.o: ../include/openssl/e_os2.h ../include/openssl/err.h | ||
| 657 | fips_aesavs.o: ../include/openssl/evp.h ../include/openssl/fips.h | ||
| 658 | fips_aesavs.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | ||
| 659 | fips_aesavs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | ||
| 660 | fips_aesavs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | ||
| 661 | fips_aesavs.o: ../include/openssl/safestack.h ../include/openssl/stack.h | ||
| 662 | fips_aesavs.o: ../include/openssl/symhacks.h fips_aesavs.c | ||
| 663 | fips_desmovs.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/asn1.h | ||
| 664 | fips_desmovs.o: ../include/openssl/bio.h ../include/openssl/bn.h | ||
| 665 | fips_desmovs.o: ../include/openssl/crypto.h ../include/openssl/des.h | ||
| 666 | fips_desmovs.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h | ||
| 667 | fips_desmovs.o: ../include/openssl/err.h ../include/openssl/evp.h | ||
| 668 | fips_desmovs.o: ../include/openssl/fips.h ../include/openssl/lhash.h | ||
| 669 | fips_desmovs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | ||
| 670 | fips_desmovs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 671 | fips_desmovs.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h | ||
| 672 | fips_desmovs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | ||
| 673 | fips_desmovs.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h | ||
| 674 | fips_desmovs.o: fips_desmovs.c | ||
| 675 | fips_dsatest.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/asn1.h | ||
| 676 | fips_dsatest.o: ../include/openssl/bio.h ../include/openssl/bn.h | ||
| 677 | fips_dsatest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h | ||
| 678 | fips_dsatest.o: ../include/openssl/des.h ../include/openssl/des_old.h | ||
| 679 | fips_dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h | ||
| 680 | fips_dsatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | ||
| 681 | fips_dsatest.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h | ||
| 682 | fips_dsatest.o: ../include/openssl/err.h ../include/openssl/evp.h | ||
| 683 | fips_dsatest.o: ../include/openssl/fips.h ../include/openssl/fips_rand.h | ||
| 684 | fips_dsatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | ||
| 685 | fips_dsatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | ||
| 686 | fips_dsatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | ||
| 687 | fips_dsatest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h | ||
| 688 | fips_dsatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h | ||
| 689 | fips_dsatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | ||
| 690 | fips_dsatest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h | ||
| 691 | fips_dsatest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | ||
| 692 | fips_dsatest.o: fips_dsatest.c | ||
| 693 | fips_dssvs.o: ../fips/fips_utl.h ../include/openssl/asn1.h | ||
| 694 | fips_dssvs.o: ../include/openssl/bio.h ../include/openssl/bn.h | ||
| 695 | fips_dssvs.o: ../include/openssl/crypto.h ../include/openssl/dsa.h | ||
| 696 | fips_dssvs.o: ../include/openssl/e_os2.h ../include/openssl/err.h | ||
| 697 | fips_dssvs.o: ../include/openssl/evp.h ../include/openssl/fips.h | ||
| 698 | fips_dssvs.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | ||
| 699 | fips_dssvs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | ||
| 700 | fips_dssvs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | ||
| 701 | fips_dssvs.o: ../include/openssl/safestack.h ../include/openssl/stack.h | ||
| 702 | fips_dssvs.o: ../include/openssl/symhacks.h fips_dssvs.c | ||
| 703 | fips_hmactest.o: ../fips/fips_utl.h ../include/openssl/asn1.h | ||
| 704 | fips_hmactest.o: ../include/openssl/bio.h ../include/openssl/bn.h | ||
| 705 | fips_hmactest.o: ../include/openssl/buffer.h ../include/openssl/conf.h | ||
| 706 | fips_hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | ||
| 707 | fips_hmactest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | ||
| 708 | fips_hmactest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | ||
| 709 | fips_hmactest.o: ../include/openssl/evp.h ../include/openssl/fips.h | ||
| 710 | fips_hmactest.o: ../include/openssl/hmac.h ../include/openssl/lhash.h | ||
| 711 | fips_hmactest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | ||
| 712 | fips_hmactest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 713 | fips_hmactest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h | ||
| 714 | fips_hmactest.o: ../include/openssl/safestack.h ../include/openssl/sha.h | ||
| 715 | fips_hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | ||
| 716 | fips_hmactest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | ||
| 717 | fips_hmactest.o: ../include/openssl/x509v3.h fips_hmactest.c | ||
| 718 | fips_randtest.o: ../e_os.h ../fips/fips_utl.h ../include/openssl/bio.h | ||
| 719 | fips_randtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h | ||
| 720 | fips_randtest.o: ../include/openssl/des.h ../include/openssl/des_old.h | ||
| 721 | fips_randtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h | ||
| 722 | fips_randtest.o: ../include/openssl/fips_rand.h ../include/openssl/lhash.h | ||
| 723 | fips_randtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 724 | fips_randtest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h | ||
| 725 | fips_randtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h | ||
| 726 | fips_randtest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h | ||
| 727 | fips_randtest.o: ../include/openssl/ui_compat.h fips_randtest.c | ||
| 728 | fips_rngvs.o: ../fips/fips_utl.h ../include/openssl/asn1.h | ||
| 729 | fips_rngvs.o: ../include/openssl/bio.h ../include/openssl/bn.h | ||
| 730 | fips_rngvs.o: ../include/openssl/buffer.h ../include/openssl/conf.h | ||
| 731 | fips_rngvs.o: ../include/openssl/crypto.h ../include/openssl/des.h | ||
| 732 | fips_rngvs.o: ../include/openssl/des_old.h ../include/openssl/dsa.h | ||
| 733 | fips_rngvs.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | ||
| 734 | fips_rngvs.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | ||
| 735 | fips_rngvs.o: ../include/openssl/err.h ../include/openssl/evp.h | ||
| 736 | fips_rngvs.o: ../include/openssl/fips.h ../include/openssl/fips_rand.h | ||
| 737 | fips_rngvs.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | ||
| 738 | fips_rngvs.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | ||
| 739 | fips_rngvs.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | ||
| 740 | fips_rngvs.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h | ||
| 741 | fips_rngvs.o: ../include/openssl/safestack.h ../include/openssl/sha.h | ||
| 742 | fips_rngvs.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | ||
| 743 | fips_rngvs.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h | ||
| 744 | fips_rngvs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h | ||
| 745 | fips_rngvs.o: ../include/openssl/x509v3.h fips_rngvs.c | ||
| 746 | fips_rsagtest.o: ../fips/fips_utl.h ../include/openssl/asn1.h | ||
| 747 | fips_rsagtest.o: ../include/openssl/bio.h ../include/openssl/bn.h | ||
| 748 | fips_rsagtest.o: ../include/openssl/buffer.h ../include/openssl/conf.h | ||
| 749 | fips_rsagtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | ||
| 750 | fips_rsagtest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | ||
| 751 | fips_rsagtest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | ||
| 752 | fips_rsagtest.o: ../include/openssl/evp.h ../include/openssl/fips.h | ||
| 753 | fips_rsagtest.o: ../include/openssl/hmac.h ../include/openssl/lhash.h | ||
| 754 | fips_rsagtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | ||
| 755 | fips_rsagtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 756 | fips_rsagtest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h | ||
| 757 | fips_rsagtest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | ||
| 758 | fips_rsagtest.o: ../include/openssl/sha.h ../include/openssl/stack.h | ||
| 759 | fips_rsagtest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h | ||
| 760 | fips_rsagtest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h | ||
| 761 | fips_rsagtest.o: fips_rsagtest.c | ||
| 762 | fips_rsastest.o: ../fips/fips_utl.h ../include/openssl/asn1.h | ||
| 763 | fips_rsastest.o: ../include/openssl/bio.h ../include/openssl/bn.h | ||
| 764 | fips_rsastest.o: ../include/openssl/buffer.h ../include/openssl/conf.h | ||
| 765 | fips_rsastest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | ||
| 766 | fips_rsastest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | ||
| 767 | fips_rsastest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | ||
| 768 | fips_rsastest.o: ../include/openssl/evp.h ../include/openssl/fips.h | ||
| 769 | fips_rsastest.o: ../include/openssl/hmac.h ../include/openssl/lhash.h | ||
| 770 | fips_rsastest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | ||
| 771 | fips_rsastest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 772 | fips_rsastest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h | ||
| 773 | fips_rsastest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | ||
| 774 | fips_rsastest.o: ../include/openssl/sha.h ../include/openssl/stack.h | ||
| 775 | fips_rsastest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h | ||
| 776 | fips_rsastest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h | ||
| 777 | fips_rsastest.o: fips_rsastest.c | ||
| 778 | fips_rsavtest.o: ../fips/fips_utl.h ../include/openssl/asn1.h | ||
| 779 | fips_rsavtest.o: ../include/openssl/bio.h ../include/openssl/bn.h | ||
| 780 | fips_rsavtest.o: ../include/openssl/buffer.h ../include/openssl/conf.h | ||
| 781 | fips_rsavtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | ||
| 782 | fips_rsavtest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | ||
| 783 | fips_rsavtest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | ||
| 784 | fips_rsavtest.o: ../include/openssl/evp.h ../include/openssl/fips.h | ||
| 785 | fips_rsavtest.o: ../include/openssl/hmac.h ../include/openssl/lhash.h | ||
| 786 | fips_rsavtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | ||
| 787 | fips_rsavtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | ||
| 788 | fips_rsavtest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h | ||
| 789 | fips_rsavtest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h | ||
| 790 | fips_rsavtest.o: ../include/openssl/sha.h ../include/openssl/stack.h | ||
| 791 | fips_rsavtest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h | ||
| 792 | fips_rsavtest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h | ||
| 793 | fips_rsavtest.o: fips_rsavtest.c | ||
| 794 | fips_shatest.o: ../fips/fips_utl.h ../include/openssl/asn1.h | ||
| 795 | fips_shatest.o: ../include/openssl/bio.h ../include/openssl/bn.h | ||
| 796 | fips_shatest.o: ../include/openssl/buffer.h ../include/openssl/conf.h | ||
| 797 | fips_shatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | ||
| 798 | fips_shatest.o: ../include/openssl/ec.h ../include/openssl/ecdh.h | ||
| 799 | fips_shatest.o: ../include/openssl/ecdsa.h ../include/openssl/err.h | ||
| 800 | fips_shatest.o: ../include/openssl/evp.h ../include/openssl/fips.h | ||
| 801 | fips_shatest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | ||
| 802 | fips_shatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | ||
| 803 | fips_shatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | ||
| 804 | fips_shatest.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h | ||
| 805 | fips_shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h | ||
| 806 | fips_shatest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h | ||
| 807 | fips_shatest.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h | ||
| 808 | fips_shatest.o: fips_shatest.c | ||
| 809 | fips_test_suite.o: ../fips/fips_utl.h ../include/openssl/aes.h | ||
| 810 | fips_test_suite.o: ../include/openssl/asn1.h ../include/openssl/bio.h | ||
| 811 | fips_test_suite.o: ../include/openssl/bn.h ../include/openssl/crypto.h | ||
| 812 | fips_test_suite.o: ../include/openssl/des.h ../include/openssl/des_old.h | ||
| 813 | fips_test_suite.o: ../include/openssl/dh.h ../include/openssl/dsa.h | ||
| 814 | fips_test_suite.o: ../include/openssl/e_os2.h ../include/openssl/err.h | ||
| 815 | fips_test_suite.o: ../include/openssl/evp.h ../include/openssl/fips.h | ||
| 816 | fips_test_suite.o: ../include/openssl/hmac.h ../include/openssl/lhash.h | ||
| 817 | fips_test_suite.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | ||
| 818 | fips_test_suite.o: ../include/openssl/opensslconf.h | ||
| 819 | fips_test_suite.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | ||
| 820 | fips_test_suite.o: ../include/openssl/rand.h ../include/openssl/rsa.h | ||
| 821 | fips_test_suite.o: ../include/openssl/safestack.h ../include/openssl/sha.h | ||
| 822 | fips_test_suite.o: ../include/openssl/stack.h ../include/openssl/symhacks.h | ||
| 823 | fips_test_suite.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h | ||
| 824 | fips_test_suite.o: fips_test_suite.c | ||
| 521 | hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 825 | hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 522 | hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 826 | hmactest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 523 | hmactest.o: ../include/openssl/evp.h ../include/openssl/hmac.h | 827 | hmactest.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 524 | hmactest.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h | 828 | hmactest.o: ../include/openssl/hmac.h ../include/openssl/md5.h |
| 525 | hmactest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 829 | hmactest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 526 | hmactest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 830 | hmactest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 527 | hmactest.o: ../include/openssl/safestack.h ../include/openssl/stack.h | 831 | hmactest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h |
| 528 | hmactest.o: ../include/openssl/symhacks.h hmactest.c | 832 | hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h hmactest.c |
| 529 | ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h | 833 | ideatest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/idea.h |
| 530 | ideatest.o: ../include/openssl/opensslconf.h ideatest.c | 834 | ideatest.o: ../include/openssl/opensslconf.h ideatest.c |
| 531 | igetest.o: ../include/openssl/aes.h ../include/openssl/e_os2.h | 835 | igetest.o: ../include/openssl/aes.h ../include/openssl/e_os2.h |
| 532 | igetest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h | 836 | igetest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h |
| 533 | igetest.o: ../include/openssl/rand.h igetest.c | 837 | igetest.o: ../include/openssl/rand.h igetest.c |
| 838 | jpaketest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h | ||
| 839 | jpaketest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h | ||
| 840 | jpaketest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | ||
| 841 | jpaketest.o: ../include/openssl/safestack.h ../include/openssl/stack.h | ||
| 842 | jpaketest.o: ../include/openssl/symhacks.h jpaketest.c | ||
| 534 | md2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 843 | md2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 535 | md2test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 844 | md2test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 536 | md2test.o: ../include/openssl/evp.h ../include/openssl/md2.h | 845 | md2test.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 537 | md2test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 846 | md2test.o: ../include/openssl/md2.h ../include/openssl/obj_mac.h |
| 538 | md2test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 847 | md2test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 539 | md2test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h | 848 | md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 540 | md2test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md2test.c | 849 | md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 850 | md2test.o: ../include/openssl/symhacks.h md2test.c | ||
| 541 | md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 851 | md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 542 | md4test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 852 | md4test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 543 | md4test.o: ../include/openssl/evp.h ../include/openssl/md4.h | 853 | md4test.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 544 | md4test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 854 | md4test.o: ../include/openssl/md4.h ../include/openssl/obj_mac.h |
| 545 | md4test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 855 | md4test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 546 | md4test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h | 856 | md4test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 547 | md4test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md4test.c | 857 | md4test.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 858 | md4test.o: ../include/openssl/symhacks.h md4test.c | ||
| 548 | md5test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 859 | md5test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 549 | md5test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 860 | md5test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 550 | md5test.o: ../include/openssl/evp.h ../include/openssl/md5.h | 861 | md5test.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 551 | md5test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h | 862 | md5test.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h |
| 552 | md5test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h | 863 | md5test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 553 | md5test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h | 864 | md5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| 554 | md5test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h md5test.c | 865 | md5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 866 | md5test.o: ../include/openssl/symhacks.h md5test.c | ||
| 555 | mdc2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h | 867 | mdc2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h |
| 556 | mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h | 868 | mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h |
| 557 | mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 869 | mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
| @@ -572,11 +884,12 @@ rc5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h | |||
| 572 | rc5test.o: ../include/openssl/symhacks.h rc5test.c | 884 | rc5test.o: ../include/openssl/symhacks.h rc5test.c |
| 573 | rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 885 | rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 574 | rmdtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 886 | rmdtest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 575 | rmdtest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h | 887 | rmdtest.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 576 | rmdtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 888 | rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 577 | rmdtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 889 | rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 578 | rmdtest.o: ../include/openssl/ripemd.h ../include/openssl/safestack.h | 890 | rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/ripemd.h |
| 579 | rmdtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h rmdtest.c | 891 | rmdtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h |
| 892 | rmdtest.o: ../include/openssl/symhacks.h rmdtest.c | ||
| 580 | rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 893 | rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 581 | rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h | 894 | rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h |
| 582 | rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h | 895 | rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h |
| @@ -587,18 +900,20 @@ rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h | |||
| 587 | rsa_test.o: ../include/openssl/symhacks.h rsa_test.c | 900 | rsa_test.o: ../include/openssl/symhacks.h rsa_test.c |
| 588 | sha1test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 901 | sha1test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 589 | sha1test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 902 | sha1test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 590 | sha1test.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h | 903 | sha1test.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 591 | sha1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 904 | sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 592 | sha1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 905 | sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 593 | sha1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 906 | sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h |
| 594 | sha1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h sha1test.c | 907 | sha1test.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 908 | sha1test.o: ../include/openssl/symhacks.h sha1test.c | ||
| 595 | shatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 909 | shatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 596 | shatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h | 910 | shatest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h |
| 597 | shatest.o: ../include/openssl/evp.h ../include/openssl/obj_mac.h | 911 | shatest.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 598 | shatest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 912 | shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h |
| 599 | shatest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 913 | shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h |
| 600 | shatest.o: ../include/openssl/safestack.h ../include/openssl/sha.h | 914 | shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h |
| 601 | shatest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h shatest.c | 915 | shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h |
| 916 | shatest.o: ../include/openssl/symhacks.h shatest.c | ||
| 602 | ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h | 917 | ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h |
| 603 | ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h | 918 | ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h |
| 604 | ssltest.o: ../include/openssl/comp.h ../include/openssl/conf.h | 919 | ssltest.o: ../include/openssl/comp.h ../include/openssl/conf.h |
| @@ -607,7 +922,8 @@ ssltest.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h | |||
| 607 | ssltest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h | 922 | ssltest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h |
| 608 | ssltest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h | 923 | ssltest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h |
| 609 | ssltest.o: ../include/openssl/engine.h ../include/openssl/err.h | 924 | ssltest.o: ../include/openssl/engine.h ../include/openssl/err.h |
| 610 | ssltest.o: ../include/openssl/evp.h ../include/openssl/kssl.h | 925 | ssltest.o: ../include/openssl/evp.h ../include/openssl/fips.h |
| 926 | ssltest.o: ../include/openssl/hmac.h ../include/openssl/kssl.h | ||
| 611 | ssltest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h | 927 | ssltest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h |
| 612 | ssltest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h | 928 | ssltest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h |
| 613 | ssltest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h | 929 | ssltest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h |
diff --git a/src/lib/libssl/src/test/SHAmix.r b/src/lib/libssl/src/test/SHAmix.r new file mode 100644 index 0000000000..453fce20ce --- /dev/null +++ b/src/lib/libssl/src/test/SHAmix.r | |||
| @@ -0,0 +1,99 @@ | |||
| 1 | [L = 64] | ||
| 2 | |||
| 3 | Len = 16 | ||
| 4 | Msg = 98a1 | ||
| 5 | |||
| 6 | Len = 104 | ||
| 7 | Msg = 35a37a46df4ccbadd815942249 | ||
| 8 | |||
| 9 | Len = 352 | ||
| 10 | Msg = a93aed0fa5e163a82c9a934aebaab8180edf7de0b32f0fe99f9c75ec305b24609334cefa372c7c758262dc8f | ||
| 11 | |||
| 12 | Len = 1016 | ||
| 13 | Msg = 433e88eb2f8aba562d15c18126fbdffb81d5d6c9397fa052321f5f78cd629708ba099b540da5451e949eeab8687a8d6ac35c531411cb37144ab5ff6a7eb46f1ab28fbcd2ea0444cd87c57bf7d3c02952dba3d3987da07622c16e7c086d90e88ad3d9d4afee301d2bad915d868f54197b70b23c9fa385c443404fbc9abf7e6a | ||
| 14 | |||
| 15 | Len = 13696 | ||
| 16 | Msg = 2c46a76a9dfbae1f5e59f085e9c3d4b600c24b2d404d062cf948e75a3d4ab5b137a31397be9eb34b2a03c78367e0b85448891b511ddee1f787cccd498b172cb7e656c044a03ffde8e42478330fbe9c34072a9e99ce31b41757cc820d98e7d564e06694b96b66f4be34c5eadd0ae4e61fe6abbe4d7ccee855104fedee8b451a7fcedb793d469b0094c0ed07c97fda00dd8c1662b44e3ee6775a5ef6368cb662d257be561a5967893433a4b63f97295036a37272176d081545df00852bc5c4162324161296cd51f76433f2df867a5840f2d0c8d5be00b4dc89443d82175bf69c3bdceb97facae2b2ed68e06ae74fef36d8bd1f75f130cba509341dd54079d45de22845cc8e77a022977c7540aa3e779cb1127f39f825d4d78e55a967ef45e7c1dfb02d9999fd15af2914ba47177177d94576f1091a0657d9e04fe81e6be7b631fc1baae66584c9c26ddbb568750d77555c927bcda1fbdc15c7cbe3e3fe88ca13ff12c59b383343c12976708c0e3dff78be0e286dd32eecf20b71a09fee50a9d0b13c85a15b320b162690f399282798aa3291fdd2f9c40ed873e829388466ddd1da42f2de16aaa9272ccf44790cf3c95382c304e25ae8cb2fc9d9869808f3ee7d42cb143bb0c3a55e03db6d1202ca1bdb744e448640c0aa60d3ebbda5c21e623bb080f4a073a48822725d764e51d415aad1d7c5a7f17433d15ac7d849f910c375ee0899f6a576dada42fd651343383f286009902bb62deeeb2514de6af7f09892c20d0b238f6021f03b62444b1e1f21beeb89acfcd7136416fe7bd8f202e76afaf5345311798be7cb25351add2bb044d2380221009c4d1cbbaba4cdc8631dc0144f2778a6aa1eb3d3c81df0b1b2142fce111af8214d049e40f536c5d462b9224a978e82cc6c420e70ecc3cdaffb726a183c793845315f730fa4dac9fe46e4180397107a6a051f7f0a58ceb9bf4df37e1a81c8e9569187228e8037df2e59c52ba815566768bedc8e09d5e7bdc9f2bff23aaaaf133bb5a3332750f6124ce185e29fda0851addfa2c3d52bb6dfb530fd4ee27dd5bfdce5dc2f41debe6740274bc651aecd4023b098a7d622e2296b50d51b79c4e3f521695a9d43f038e8f273405e26584d3db179e7c1758114a3d39970df674580bbf2884405974f0b9c4b0d8b3287a2314f3f81b6991812f354d655f62513c9551b378cc2efa4c3e08b313c56cada52217fb6112eb8299b28445aca8f72e7170a1cd8bbfee4d2145fbe8d49c6af8831c4d4fc7177a50ee55a7b484261504af946c6bd5e1d6b89092f3c487c0568fa07c356fae9b8e831b8320289039746a435b122cfbc4a0d316bf90d481d3b7d979cc50d98c1190af8dc58e0035557dd5e94f437f41fab513202643a77748f76c6b77302bf40c392cd18731da082c99bdedeb70e15cd68bff59619cabcc92adcf122753c55afde0817352bc247d1170b8ddba1ad1b0faadfe0efbfc5fe6334377fa372c3435691f53dfc2ad5e08966b2d3525b1eec2d993a5cd4ff34278bd40dd80313a0727d05e0a932156152f3e11a190d8d69726f5c57d20f811e1e8932e86409ffdac96c6251c2a2976b8757adcac5d2de94931d1cbea866ec8bcba5774f8a7fde792f6acfd0f01356fd66fdf54a416af6a9397e00f848a2e9831627cbcbb52b5a868ec174e69b4cfa1ed72cdf23f39d7eaf4bdb318c188b1f0fe75655e34ad71907cdb77a1a2b162cd7c22d93dc45321eafb17cd60282e83736267b3e1fb249c307d49509f50839942f0f493afd9ef37db053a918e3ec83d801bbdead07554a018b8ba348fe9b7dd92ea7c5fc0e65a644ba19aa1fb6c022ab768ec7cb249ba17b9dda2860bd4aaaa3dc70ec009804141ad5ebc61203658e57a0887ec0fded18d844a96e79ba7e879c4253056f23e205a80ab1471953438f85848f4ab31ab175c089e0bbb97ea0dd6a67385770356741966053735e2cc2ecdd2c8c75cc045181dd7267584b901674b553082b2c58fb8f8be0b99306194a6f069f684535423304d40a268d55784a14260fa9c9cb1306b82f91cbee3c9f43dea9e50903135cc1c6505605a100bfa28564a2057974eef0852b7b72ce264815026d0759f691db618ef760edde73ec888e181403834f7221bb27a69479ec9b28a3fb0c3f68d4467d25712fc48ad78763f9ea6e8a2e85260225ca1b1a38b720e589fafca29f07257c5467cb74ee53189b8c81b784c43e93f98abde1ed53af60b27b13df6ce45001c6e1813de3521028981086f7d88ba13f6fb1a800f312fbe2f842eebe847fd760c394668cfbfd353ec14ca0366eccd7b4cd63318116bdc42e20a632a0d2b8c5cddb37bfc0a239ebe3800a787d2ece077a7968036b3d9b31cd906f888e3ed742cd769033e2c24c5a9e3c10b6d300db5a17dd88 | ||
| 17 | |||
| 18 | Len = 100816 | ||
| 19 | Msg = f8ed40e878dc68ceec52cc8e2868722310fb117ca3a52e1839eb85d308b8aa00ed0bf0b76aec8a70eba4f0d14d2d85c5a0e876ce2c8ee59cb36947def6c40a587aa07b368ca8e8a08367018e45b984de0d7f1aa46b977cc18c0cd9b7bb897cbb2814aa0ce8f8c9843e03c86c19f2ba95dd2ac4a466a93aae4b3b05055ff148517ecf43e286c57744a3e10a14d0c26e139a503e7927aa688c78609170ebe3b54104390e5f6cf538093a67922e7210e77fcb584ec9b6844e829be246a266460cb442bad52ca47255fb8cfe276108c36e02f9acbd3d191d34b93d29ec40d80496d1c1bb5ef036221641200e905598c54bc4abb3527c5a5f6258e59d4bf54a0498c108a2725428efc2047e0096b32dfdc6ec69d5d72f81301f881ca62a66c22e5dab9fd9d90084c0a36b2f3a0123cc5327a3bc7a12fd947ab57169ac533e4b6a2cb80fc65b9b527cff9fba26994c7fafb5102a0acd8f9d246a3a54178c23eaa04c0fdfd3c0cd980d1fc7a72b25d74df9b95c3dedce8ca316870c654f9ebea9b806da9767cf40605a4b0c7fb06f6b3f197bae7d8cde9daf38530e25bc51b68f9aa23ec0e95199b14bca96c91f3db15bf8432f714dc46ac87218691bc66cb3a42f6865e1c30f8394c8e68c0ddf5851ab7c5906a1994a9af6ac1c44d0d6b95ff15d9f77825ccea40fb9e516d45888f2378e045d95d936d541cea9c8ca52fe5f7d0d919b2b1c59a42d06105ea4f2943c05178e59d67351c5b2c0051c93a4045e512884fa656b772cf398af89081546d920fd3d24ebd16310506a786ab33293027394c1bcb7b1efe46b550ac28529646e8d2a5ae65c59345e24b44cd7b06673f3ed3b9008aa568a739c26682fa596b7a655842cc6b2758b583487c78d14a76bdac7033806c5c210828ef313f8efc4072681f5fded748c31a58ac933b4665c445f07d603e0905e49b84aa55146eb1c1c99196413832a05efee2e64d6732fefc629b79b37bb9390fcbed7226b412204bda523b8b8af5c4a8bdb263ef9f3f6c7b9e1de3a1dc257c1f33b3d54a9101be5b4f2a9db319993c2cd137c41e35c434ce52e859afd1a635af4d8852252dc5e28c729b2b4c96a56d57f3f3854ded59fe612b9b3a51fee3fc1c83db673b0cc7433bff2472bc74a2eeb6706605e308690fd072a7042ca6474603711d8310909e47063f46f287260a26c4f11fe492298a0f98d28c45948a4899e08fcf443a6ba36457dd8329314d53ac0fd0819fcfc3357426c5bb8d3dfd706e205a81091cf08f31cd3459854f3d07e503991ba5f067e3c406c6c5396d8257496f4ba3703cb1ba25c2fe4aa54577af782cd57e85a88a2d75c54039e8b7bb559219edd6e81e41acb6d575d6f798afb2cbf7f00abd5c9c7b0fceec79f9a0fb040ebcbb7bff3602df7b71357efacd37aa57019350bb81213508a006160acde3dae5c42f03141887eaca22d7b33d6791febfb619d11ebabb13e6c5378e9a72e852ddccd31cc53a43275966b7042ddc51485ca20e1c456dcc7020cafb5407548b044d332229911fc74d7fb97de25abff7efb431da82de2ed7e25d0dcc06ffc74e57ca93a6a9f64d76a5c39776fe2266f88d6d0229b527525fd2e22a1407e26f94c5bc6adb1e7327f3c8bb8d4c983385c579dd8f5623df8cd6da569c7de73d9210e6b9253a177653a13ece075940fc81016d8c35fa4f6542df5120c174158ff32533476f4e059e35117081a24798fbdd1eb10f82809836f8dbefe755611347f75423dd8571695960c6f66cca71f0a01e8fecbe1183bee3335eff10b4ff8104132040e2145ec3164b2448f60c730887b9d7894e5f7df3f876cb17136c99cf32db1c02fba860937378dbd093c4c5112133781f06c8ca07c527c2c085e8ba5e52b399f2909e217aef6e3035ecafe2caeb1004069dea023af7eab873deb5ebcef2313c9827821bb9f89fd3d1570a569673d3ede86a4fb13dff242eb98450a8917fd8865c56e0a9f11d72394b79808b0429f3a83cf2465161596887fa2d557b367a1de9c7753666b0cca9c30cba9f0a749c03c55cdc7a6d45852c76ce2010de3e7f75d95228efdc79949b238d90b25f983868b7f07f585f7b00e45d9e132f3c09ee84f794d899759be3dabd46a256f4cf8da71270617cc2425b24cef25d1d2f3945afa6f81abfccc858cd02e05619649b1a5347650934105c02622d538447223d136a8a0455cf3c6f61f696b32266197b5cd1d936fd3ad4288520fb4a2f59bf95e659f33210446ef18debeb679dd99de0c3c74a6eb3dd783861f5db4e94a151c42ce27519d0bbbf1f3b1163563ec06c8bfd881d94a3b896fc07352fc97ada73685588a2242da1b718f81bb1077bc70fbd58b8b52163489ae403838b533851bec30ed0ecd97d72d1af534f3703db59f1f563bdc39d690a0e90e545506463a37e84974fd7b256bbb912cb4077d3e3f5bdd4bd2bab713b696c830b1f2185734c4d2dbd49d5372fe8b813ce73f5e01c36bddbb376ef4541033f2b0355613eeda8951ebf7377e08f967902eb7e23c0fa798c6ae52401721053f1095cacb1e9496500e83c412236fc21566090b3a3eee55aa402c0b774802fd81c9e8579761cfcfdfb1aa23786b2dc35dacd5ca8d8d283369f53e4a5db18060c2c6b0c303052aeeffe169fcaf7ecc63090a9ade245045ab9c8aebf738772297caaef5f857322a597846c7370083d409df27612e47b0cb240daa3cfa51c57108612ac0dddb0f59791289ccbdb3a2cb1fa9ac31a23dd5440682fb373bf0c1f41c4fe2185ad7c53eb69552807410053b0c2d40132250e637b8c425e6a35d93333b5b7d0557927b6179c848ec455fd1ab38348c0e96c60b2da49bd15118df64b6ce4fa48fbc555a4b2874141718e731a40b85382ae6e86ead31cea77f83bf5c063bf1febf71688a832d615e09d6f14badedeaeb6ffbfe343fc7274e78cd46a2aaec0a349c5f133291ee57cdcb65c5474e46294de6bb50886bce6c6f44dcb95f2a4761ed2e6c9e7bfed51e0964afab4e0f7e0b07960f2590baae66b1ec9a63ba0fb6c0d27e81508c51487dbbdc9beb8879fd58c188dfc774b3d0ddbd77ee8bdcdfa0ed8a9387728e12b13e8b3c10cc1c132bd822c2147c5ddf9a993aedbf78ec256db1be76644ca8ca7727208bf89732657152d34e948d73c47561d156f773136684d4162d02260300020123d13a95f4f835907c344942ddeccafe2abb7dc4792c4f1e39c24748c63cba933b16be0b8853e058c47a1ae2c4dfff39ec2339b345fe3557d03c1df91a0607a711636c4416ffdb73532aeeb74f237ed8bf971388a0659e4682a46b8327e751034cbf2c87c7828da9d24baf07a742ada34d1ef38ab1e8f2b4f801192c146600709533e61bc2665dc1e9e6441bf3c4f6643bc0c102a10f9a69da5b0e3d0a0c7cb694c682493032b5853f02953b5c2fc0e1348565389762fc2dcfbb34fd305f2d9df080e859396ffcbb7da78aae0a0d72e3de76c774bc6a81c87f2872b6afe97ced5269009304a4992c4add0bbe24e57632e19ad0fe37ae910193aab0aeae32cf6d618ab33eba59f6a04fad00b1d2403396e6fa661d31b695a1b349d62f56c08fe6c6eae7a482177adf341e51d03ea511d7959c721bd20bf371860ecd7fce1d25212891850b85648db0a039e6638d9c78bc958add3e41341536b5007be63fd1f7e3308876bcebcb97dc3b05a7b2eaadd00f8fcc8dcfa7b961bbe727c9aed1626ff786d6a0ffdbd1002cae8a7d047b6181962a686c152b2341c7c58c9f1dab5af424d183ed1c7d003165a1d04ea3683ff31a0f68615af6f91c21f736e67df641ed31b998445afadf9052bbe004d5dad08f62e5d353e42fc35a92242d8414d99dc4e7e81c8c027af686baa5c185e3f99abb3855b22cfdff0a62e2f47a632b7df8e00e0317af5c24ce7c64077bbb15ec27e062070cd3eb8e549ed9112469090ad9a96eb59294b021eed81987178cb2dcff67a9a2e930f6032c753e203380f8a7c987cea393234699de03a1d09ce204f0a8b6d5cf522b6887174fdbccb08f3e7c4fe2f778254465b32766c48812a45151ac37ae354dac87419f9476baa27e24b2f322b2da4ddf579750684a5881bae2269351fb7de59b9d5a4badd8951135f2713dafc57215dc626ee170fae7f20bff98e36b864e1fe0f0f9a300c903069bf0e0b6f2f8e78423cf6063e89dde6c81efcf26ef15510563c84730f611ac879a6628e55115e1a29de6945d37fbe4f803fcf2e344712d9e0d6f6c79f8773a9f199b705235e20a7830ee3357c5dca29d7a6c29a3d2628bf2c42c8f076cc4525301d8e1860729070dc53164d9fa08bf63cc889eed01b0130a7146d860bbc09ead3865a3082db0836a45f5506c3e46e452e298764939226cedfd06700e4e33c6b4a78add601140249596831e97f960b973a4e4dc3fe2813fa34eb47f998ce57270368fb81719a09298a223f7e3931ce5cdfab3f658649533354e982c87dc9e49eacebb5bb4af9a767b4f1c03d774431168cd4fec1b2726f1aae3f9a062a825f3295557eebf3af4784487b869fb049de44d03fee71194fc200af72103b157431935b5ab9bc122773ffd313d52d7acf1078386090fc011de695e71567cfd51c06317d4ff8841ceeb74ad35f4e5f4d20921123cb88bb2079674ad39e133cdfd6478d69c9bddc7a818be5d7b254bd9e0abdb030f52846fdfeae8ff370a51a9c5f6017af3c6c3db17c5c614ea18ab0e3ca0dd5de621217dffa36e5c5318fe191040a50cc3ca620683bc34da6c142e1c50afce28a86b8b66d189adcd755561a647080d93f3ede1cf54c3afb7e863fc8a82a2576d3f79e9b2bb634e598507a3d7d017e0176b7868bff3a3dfb4474b3ce03c401f33929364e727fbf8096b77eb351435c7a113b3215cc6246dd86f1517a7e550cf828900248f7c1754e40fed62477b296a37d3e53231360d012c4908b466e49b0e620c0a5031228009f259b030956ebd70e49357c3c3ac2842b6bd6e3ca5a3e985dc03f7105681fec03b320a7ca753b782ad3b52fd9c8e3bd980b48dd6ec8901dbf756108e85015821c880416e0693e0479cb31c0743450f6d9214afabc4feadb9bcee9def460a58d3a02d9e3039970068b8e3fd0a403a6ca7f2c71ae2b46ab3c731b1e65e2104c47fcb1f69e7c8c6df8c09b33f2e1cd4192faab316a44536dcac608832019f5765cc5240eabe3c87445c980c299a5e7ae0acc2c2ed19fdc8f011515bcb00476b03633c7669db1b44f97f6cd402778e9687c740dbe5686789b79d0b13f784a2a866eb91ab2d66f064c49e8df513ec348fd7272ee548ba08e1f9f99696ffb53677550d59c67f88404f6e610455a422d9cd987493ca5c366a397dccface2bba8e3e99719dafa768956cbf6fd8defc4104b8925878716a0514f70cbf3fa2c2bc2f66fabe654eed3076257e71117665703eb88c79e4c2b94e8e856e7a6ef90ee2a358409db78b98056ce1750eb80725d70e35507fdfa5933a61496ba48fbd5555717b33b59d4ef211fe096aefd478859ffc97a41372023ef114adcae5a8d5e03c21369baf1e7f417cb40326bc6db1cdf0904651dda3c1039a2f1755e7c329f7c03bf33f324206ce6e1638711c8c9a45f153aa1f847cca2a5d3af1d24fe7a1e1094819e8e712cbe10ead1012b7371b35cbcc2bd5b10505fb63bea20ac81d25e83ed0105e7595b6c28400f4d336791ce4a584323d0b455bbed44392c5f86c9d5287593f6986d4b0b8f9974a7a4157859ba801251d3b44b2bad84f29cb87dcf1680d6d10d1bfd59f0c95fb7bd07fdb3ea2fccd6e3ee80af438956ccfe31e750972f893ea5dcaa26d077fb3f09d990c2f41c8707368bba007803621ecd76540cdb8705435d74f4300eee04710a936f241c034709e625b0dd5dae1f6e86d034426819c365a05f5be420cdf4042bbff965a666a5756f67259448ebf742b6ea189fa17a4c3bfaf651d19a8a525f09d9cff637c8fac02eaa58d3ee3f7221da1e61833c0b183cd9f47686f09597e8115b435454acef80c079eafaa22b18927d07bf8b7c5ebfdec9c42a52b7824d45decef41e6184dc2db1505ca6f94172fafc10731706e79b9856dfede353d2eadeceaf72a302e3492d7dc81e3777e4e9e1f3d33cc4402833ffedb241a75a09e9495d671f80ad3acf06823bb04a92b815edd0ca7d01dcb3318c1ae5c62d3e99c0ec37908b45b51dd65f6b45b34ede2d6f553f60a45e20fafcb34ae4dbd375f52a5db9c62650deeee78e955087c2bea75ede7c304347b171fe0c1a2a033894be6e04605271307f307b2a9cf6ae24b8c87ce033a3fa4cf2bacdfcf54fcccb1f580476c7d00c631a8529a9eea2a713610341e0e25609dc8927e51c58a0a9197a54963b5cb95877354f4b8316df02ed2bea367704a12274d96bcbe0d0d728923a368bb8ab98d5db5401894c822632308ddfd309071fb4b477d8eac0ea5dbbc3e3606d8510d9051dfb5e4b7cdcf2c57c1b76902d864c3109c901da53019ed33cea84b407490486ad9f980a8a63df3d2e3921064afea137f35179130db3351f5bc3f5e7d590a5ab08b5415efbd345f9d57b71ade7dca939efa5a12d677b9af0af14468176a43712bde10cb15787c18bf066eaef8abcdea77d3a0c61d6c74ae7b54fe90940d0233e4b874c9a141dcc740d7fff43b9fbbc012a933d890232cf74fccb7ff7eac1148e203c7381b7f1d1429b1b1152ec25cbf7562596eb402a9328e43b5dc5cae36592da5523f0b9907a6817ecd395a7c778daae85bb11372b20641a04250b77b3a0ece885d07faf9622650259b874536d6d2b92181c834dc111b6fcba483167be40ecc922fb87006f63b9e8e632879563f37a8f712db9fa68c1a20ab239c0116fe022fad1279f3288b8e74a16d447e467b6381515814dd3aecab5c2a09c400b44e9100c04c720dc7e8c6d9460002da6c52004c16999975fef8752c2f9c229cbd9e6446b226cc454bd68cd665668a17328bb30f301e92ef5c7a2197a326df5c99b422096de8af231d1d8872e6e505bcfff026d4862f28d4bb3856a66ced22c9b0587451d8da4230a38561b5b1c69b523a4701a2001382aa82fcbd60733a14696a540227db44aef346d6c0a7ae5173604d59eb828614cafc1b8cfecda054dcc7306f73925e6d1af56ed74c51c6cdb66e9fee8d7a0078254fedb0c0f5dc85a4686870709b499eafbc8451aebadf848b0598ce8f955688bd2d6032abe10d1391d67c20a049841f95d2ee0c8deae2bc1baca0c098d8718cba1ddcd968981c47cd98d247aca4f838f3bf16d092eab8be8deb1f8d504d37cc44a8c96c9f22f2698036d4ad3bb48b31f109626565c147d20a4a7dfd61fb918f81548fb4f78875c1d138e819f6822651b93a3c92ad77793fba5222d870ea671f9cac967919d18f96e92778548415b2e170d90b201215354fc48a77e62823a2c2bb354782ad052732f08beb278f751529416f37d83ea26248517ae2ef2ead28c1077908995a2d25db0deaa957bcab39715283287fd626ea7388abccba2d90e364a7ff4284c84f70da68ce1aafb5be0401cb9d45e085aab41892a49e10cbd5baf2c34f5e0ca076f2772abea6f622b66020d546f8c2f134a87f96edbeb9b08394b585f2c2f98aa792f97b43b5f3aa9c34189804a9ecc2cfaeefbd0f967d85a25bf3136fd8132dec38aa82e4af6ff677682f3b62be27a180aeb22f918c24f23bf6f5954e0722324cccd06829fc32ae4fe3aee6e5a03b3651900e13fb0a759e544d033418b6ed40d037b4549a0404792c8fddc317b7f028493c4c91d6773932f8486417544f3d007e5f9e6fc02fadff175303f77f6b0e1f709bb3d3a93b38552ccf62688a39da1a602dd5e122e6f4e9171769ada5255cc5cf938dfefcbe3ab0faca434c42dc8c357e89a3d1488fa3df35c3580b124ba3bf6d0d203d586707eb692150ed05a01bf9de5c4e67bb948088784016394d47abb853f2b6b643a066ad81bcd1735aed4e108a8c1fcd025b548de874eb60de7f3c568728959147d1219e4b830e06ca2bee1f8a035e28a54ee6958d4821a84e5d1e41139905f7ec60fe67ce5f4eccdcc2c3d1e4a753a32dd3004970a4ff3824471822fe2b5010b9b6c6b01336dbf0181a95cba2624663215468519871cc39e8a7f4a151c8bd03363b402020f2fb98069b2cb8cc1b7e930938e7540d95d1d223e47865135793f9eb573660ff79f7ed2fae503e68ba44596ee745fbd8fa562c5c666d174cc01b1961736e18b8b517161ab9c8058026e0ddd6c94aed0086a26e1b959a5e05eb9d8c1ff5b2ef518ca23b4f265db61b499a48cc46bed28d23ffc1e8d9c9e345c06079ad47c88dd4e8e286575bd7f9420ab9c2d5c6685488b8b34d4c9ac04e1427ae0994cf789b48b01d1db9c2fe75fc5187727bb11119f82d0739ce4048467a08cd635bf78cc1b6cc9c28fdc199d351064a81456f81c9e56a43aef7332973804b06b18a26caa62523a7d0acc272ba49124b17bb68800d5756afd34ddb2b7e2dd8a118aac3fcf39d9f853c4d2c4fd3ed5bd25a6604d68d57db93d15aa1160f8a97e6c24238e84f272780966867f9c644ca2775cdac4af0ece036cfa6ebb1cd9d701dd7daec5763c9a4de0385db383a5647918e79c6a6de1f4ee1f6b722c561704c8d7efa4710d78dfce8ad2df0d3d82cbb59cef0bcb001f70bdc6e17af1a720b117fe02bb1dd527b18e6bce70e9447cd0cc85cbcf431fe7c006f5e4ef878a974a93b25f492847c9ae020583c9d412f4124246164d8f080b615e2eee267a7aeb5fa0974de52cefef23cdda7b305a33a91e9b50471ceb72dae337c485d636e28d6ee31f5705983808b1567d4d4ae820ec445c56e6a404cad6b408691475397c0dd6cfad232106ba96e5104052700a653e21f9ac6d79578a9f52548f426a1e81dd45bae30acdd4d22a2dafd633564d6b2f45e7d35413503c955cb0a9784b42ae8c2a5933a6729f3922f969a158540dcd201ecb6e32f88b5b4921914a2e8f424c8b031f115ea5d23a21e6f22439ffd7e5d11b08df729f65613b4f6ad3edbc9a066a5e712ecbddfa6fa764cdf170c0485f82d924a99b7e7ad8dc44c1f93e49b6469a9af3de5691944413f1417b753bcb84d5b7a34f362c383cbc802b0c88bd23a7ac471b9287571c42081b1134bfc8ce104a550942ab1f2a074cb00a90558d6e841ff15cfde6951f03e450a1bfc90dec6c513fcb2692ddccc31d22e5274d41036656183c72fce208e44920776f196193137ac67d6d65ce9cfaae774f23a86e6ee8ff3a4e9422a4667d971906e5496a4e80278774899c882708611bad282f6c1d666bc5e7c40082b43a6e98d494a18e9b3cf7f154fdbf90d786e59e83b72ad0ab893c49aca50ed37ea5202e650fda54f5c46ca2a35c476f4b009c5e6733232275abd1341199b63d22386c484cb95c43ea90e609c407bc79ddd00609cc2eb0d82848db239b249f164b7ea384d0239fe1e64d04955b9297472cafa2ff272c5c78100aaa86cdd8120556f25652a3c12da5853338e3be8f505d93ea03cd1cae7e78e95befdc0e26b760d11e05403c348e0523fe036381408033c009a8e1f117af5100a6eb91f08307df465c20bc1dd029875ef7e49338689f602d98f2dc690a57a6f2864e57098f8bd723574944ad3688b292db6d01387a16493912722ac8f91fd12b748899bdaeabdf0479df788eda440d7bf30d1c25d78d757f00b74bb556506637fc1ab87162f05d464e63a6272db3fe56e9357275035d6b6bee32bd92c4a1dc94778551e94ee1d8854f767bfac3811bd0287672aaa01ea18c25650f05a68cbacd9158e479b508e72df778589e1e03dc543b60bb3b10399e5c50de9e728e69774fb3f5fea757ddefccd0f9da75afe4b67f9c54aaaaf646e858fb001a6deed0a8a769ecef0689c988de566b6015fb8c40aeb5f2df7ea4bee60e8e69d15c4a4aa5411dbe63fbdd6418cf025d87f37362f15e22aba83abe1a3de9857c71c2234023b969eacc0bc526363b7f30b092ca114f2a6cefb34394d146866ac86a33fc497a8cb8e2a5bac398579ff7958878421fb08fff4f8f3deb8c9641b8de392647df3017a5467f9d7b23036935ec6e188dd6dbfb544b8a9e04a4b3c7fa1e4d1d9879daf69986b8083e6eb023a4b5eff80fef17f8f65433c882a21565a919448e6091d1b61013fdaf9fc3e45bbe827c9b4ab10b05600a1961e81d31c7404f8e0d32bfcac2937eaed811db167dfdc29286b0d51bad2bcdb9dea76eaf495a31a7fe717c1c98be374a36271cdd06ed06c02ef4c3c06cb42f73b3332ed488416010e6bf2f4dc4dade6e2e61f19e9306bf941868f59fa0939005743dd647f0a04b576a7e71d4c383c479453501e18ec56d7cb79fe31ff534afbd8609ed701ef163f9de31bc58114399fa0f22b62c66c380e8a10c34b7e731df2a8d39dcf36fbf3a66d67b973e3a94bf6ee0bd96f5c76baa76492032fdd2f59ecaee403d486f543f2cd7ae7b0dabe1b5566e681cd40d384a94349e9668650a6f2d2daf86c59a7b02ba466cd03ce1d50c3f0ca4c02dc4b3d1c0e7b9a77df9eae0bfcffa32117d7e05adc7195f4278c93497401629897a58d08ad7141ea52e0163f14992d7a284e7b875ce4640b4dd48ceedad1ea17d8ab1e760773044845e0899602f1bdfff4d42ab80c0765d1a8bde2ba0a830c050923956d06c80b182264ad19ae4f7c39e43195f7d421bdcda00e3eb5ec5ef2ec91d69df691ba7fe250352acf01fa92af5e2c634b9c7c97889e9147e869acc153d88cdc18908f882f371ba9c1e13c26e9cb8e3cbd4c5e1988080ca65a67b3a4c3460cfadbec904d853fddd2f5375b6070941fca53cc106b5748480213cfbdc1c34320a0478b05f76fd0454c75eca069cb1fa7b21704dab67dc40d041c8a1040db378e76655636ad725219c049e6536982d6ee9f11dd032280e622547c7ff44a938a1f233c356a98182d22d5770fbc871e20bb37483dd5d6ea1551993b95b30774a49b50d411ebe0e8c92834094e23ec2664d822c40e96fb42b8607b62b6949e05edcaa436d0ffac6a8ff384068acfc0220c0b098d368fb8113918a4f8c9de37cece74c8695cef2427e54a6e77ad092a9b7f1d94ac9f0836deff41b905b5dafc58ad6063759b0372a634f69a639e19521825d66a282f489c3172a3659264d0132af3571e637782bb6fe5c0afd24547612166fd3409d0991392fa054ea5bd07a4cd0921a13ad7b62a0b5e6d56cd8adb7f3eaa5c99576941c38aff311c49a8c9d8c755869302a2e5e40109c8365a551cd3f859b9421be189d3a0e9ed78830d5cd6a2414e9cc4c25814d94d98f8848e5386d6dbddd65d22b96c5d20020a5dd409c7e5344065871e57e01c91a443501dc8bf619890fe231319b5480c3879dee618d319962596539e2970513fb5c0c8eac3a71ff99962779cf1d7e916566d0e29d121c5cec5d7302a18ed00be9316f3de8c669a64c2a960a588f9c8a42690f6867cda7146e8ce27aa6a7fb27606eed9df6a235a42d17ce71627446e206e879de56025a66556263f06684dedcfd6f083d6a707e5fc8f8212d716e062f0f7fd0c2fc62bea93d68581265a803c31cac3f8ac8939c5f8c464ebd19df42c7e8998494af614c8383294f3f3883f2404ac10404759e182a038c97aea04a85530ec005e203807c5bc30fa9f5339b32fb0427e64915e29a25bb25ac60b92256470e7de5298d42c6b88995f8d2fb704e49d55b66b71e237af90fcbfd71d9093e1a543da2e9911ac4102346dc4704859cb33ac5f5dce2b3331a9dc9fb506461a5436c89bf90d39afcf93cbca4cfc35da6ddb112243928246ae0d1ba269b0fce0468d3ecabbdb925c9ea3241e2dbdc6b151fb4aa724a42f98b0248171fa01fa103f116d0e7deb65dc359b09126f9a420300fd209508ec7a50be56d5b470e387d0c52a1d104625f9571ce1404d1b7af3fb00475b95f752ab96610be112d33ded48624015781e7198f4dcdf917839471fbedb43c34efabe09941fab6b342cf672a29dbb1eed0db788dbfcfcc63bcfe80f7718571f691818dd6f839e3cc282f85f03fe0400171cdf1235049fa53de7450b4c40ed398d5a486f52124c1c63de2afc950e81839f52d17e2a7d32f82788465a65da6cd763c6360763561ed2bf47749080549b6e2db87514e1ee1c85a0bbd346eb6e3cc29267cbedcad67a287fc5be65ec59ba8b6854b31c83dfc5155187d4150685c5c2c342ed68b01ac9e44b60f0c100a347a0f93074dd37d8956fe2f43110dda66e9f9e6185c23dab74cfca21f3ede4bca87687549ea02662f45dfa0ad27f9959a120cacb7c419810e1b1a50fad31c12c47d5bbc61bad77044aa541d29faa6126c60ef088b82eead17a52843307d4bf798b853d90d14c5347ff10615381d85e964331b7a123d15a77a6790d93e920052ddb4db4baaac5e2b27b66ff955e53b8308151c81da4711189ccf0eb393c5bbccfa1f6c94a8d5f4bcd266fc6a12061967ce836ca042257368f567dc42de6ce0be84449234a6163b72069f25b7ead4b2003e1a7665e87ccf211abe94175d1c11bff2c0b6bc110194d34aab96934ef59804cd26e4434ba166d9833fb091be37b139cc10748b881c93690528a96ccccd2dbe024510b8da37dceab567dc52706461c486a0463369cbb99bcca2e8a4d2e005c45401964722a4b3ed37c351c9f21685e8992c9634349379f41796deebffc2928058c8ef6ea37c6e4970dedb78d1c2a00ea9e1ff1e7708470a6c60e6a2b1e966aa872776afdb238e97f716b3df8dfd42bf0f7ceb52bf9eb33731bdba5987b8f48b4599d67b383e77413107857e951ae0625059e5616ccb41131df9a480efd5beab3a9c99615921caedc53dbad675c00ba1030577db1d22731677914fa958b44792cc9c19e2ac71ebe61a05ee67ae7116e39e1c0d103f18bbc9d531164360d901da8234d29fb0b37cd2a60c7aa2adb2a4b297ea2fb14122ad95bd4592ef86c88fdae1e37dc8e44ad03c0fcdfa3801e93796771c5a2ec1e4ab12a64b3ffe48e7442c6224661ed5cc987aada6e778399941f7b20f16f94fb346b916be87f005c9c13789741602039d38270643cce3c347565eef5ee09139330301951c15756be47994de6f1802dc5131b9b011051b1d87d744756831a71cc8528487f032fee9dbffccc751e6a1ee6d07bb218b3a7ec6bf5740ead7a47b6907d7aa95b79aecedf4a637ead8fc6fb8654c93d13ee79f5d6258dcc61993aebc65e4fc14eea7d006e31f6e9f60e3bca8ce52ec559876fd20255e507daa99b185671ce1ac11d448c30bcdf97b9617195e0ccd2d15246308dd6cda74a8071114327fe203b1adbaa780f3243105c5111636a51dce966f5652e39d4f91abbbb4576234d6cacc3ec57cef2dd4dda49a6c33d12bb7595fd5ab5bb15b40301f34ddfb831a5dbf62218f496c003227fe6282e2ac054c45e7f3fc93e51b3ee8690f08612395095a0a12729d663eded879d9ffb325c62f2cb546a48bed51ae232fa6ce28a2494c132a6e09d98c2e3d478d5d2d15dce2e2665e4a3db448931068b99899c2bd8ba87349b0cf9e3c52cffdcf58a59b4fe0089b298b42ad7553f831bd60f5cfa3e09102fe773e4c05412973a678f3b3ed420433cd664dc7f218e816a17c5c9013ecb84abf2dd073557dbc41b92a91e0339d57b8b077a9a44d56427fec5748c47c1460b2e2412094db6d0ad06dea0aa0c1368592594bf0b2f590a9d6149e44dd4adc4cb42e5d9940d59397b83b33b88604c210694e3fbd84795c80c1b09ddb3b1ec8bef6e9dfc4d7f295e551a79436007ca48aa605ef5a89571e59cb26f2766e564e39d3bb441deaa0c8664549881d90a77256c0f6c77241fd6ab74b0e2890f78ff16fd2f9271ef96ebfbd0b878ba9c703900752b7447f4efaa60bd9dc9cd5673a36b39d49f54274caf03c0cf82b95141fa20ed3ce02ebf0dd74d9eff8eb9e2dd3a2976b244b12fd33ee75c1f1c459f86a1cefbc817f42d7f43ba406098165cbeab99df4fe751ae3382efce32af252e461652c7598161e74fd8eeca474fab6b1ede039935f2fd4d7562623b90a422a78941f47a76863d95857c33653d1b42b806bbafcfeccb7bb4a0c58acebf6104b2570afc3ca88e4fdf2719cf39c964a1ea7d2ae4a7fadc938abc95adac495093f6b959b1347501606b3f960b6d739291aa8c13eb49e98b0f78d2b91400b6d8961cb6165c8b684738e4d4db2f2ac30ddaa03a5e0cde4142b625e81907f08c60d7cb5729456806c89ff0efd08397423e44738ff38f8e88684f3a099dcda455521caca37ab4f4d9ed5d37975d4fdd778b97cc93babc804864a35e3a2db04598152e67a2f1f157681c3962d46ada23ea5d9a524f9cdbdd08a07a3a85b1f6fbde11d5a35c7743b83bbefd19aedf6d92241d16aeca7f33cc51839b75f111e8edaeaed808daf2f43fdb3c6f032ea45052ac31d4870c4d0d76aa75d0b88635ce449054013f234c4a16cffc58c95ba1cb8a0a0399861eecb1039bdedfab4d05f0270c6b16f03f6b8e629f687f133ebf2662c7f930530746679aac2791f54d6a95bfab5be0c33739074ed4e7ae88dde4a8036a7d6095cf41776366b6ae3f8f4a0734f48c275e129cfffff5e0abd042f99a957bf6f0f47fc7288750f4fe30198f8cad7067b36cd87ebca08abd3f9475e7443f83cca91a1ebfc42ef3494871f51f6d52a5524b9391c687571be5327c7c94ee2a096653acb410917fd51e56a92be4f24c1db6b97b465ca84c31c04c2f61eae07e952eb6554aa4d8a380d9ee81c1c462c360fcc3cdff2867a953b655562cd06162af8b99bbe662e0c27ce4d9a1c1a907def48a3231c2110c930a2f1498e32dbbfee0e5c5869332f3024fa5dfb0327a27c663cacd4e9902de34dd93529e90eb347bafa5035f56fc578e8386c7571d1f0ba335225ecd8be026b4544ad70f3af11501a53119ee39a8558ca0ed5b3d897ffb9cf0fcab55a0942d3bf7bc6b94ea27a6b748f2cfda431f35252c44610b7e843ed91ebf7e8fe10638f04f52d6d5a7752ec62350efcb7c473f80b1f2a26805151e8346d39d23551e92fbe372df7979c3f756bbb43f6bed09bbc6b65fe6fd241ae1c2f1a0d0b805c582853b85502968f9478e9a84895f9d4ef01ec4f3f571e57cd0bda68ee1f6f7e14fb6e0f4ef8c7dff6796472a935294fc27b16216966d5021339ded059687355b42b55926854bbfbd9f974a0c26eadbfca8a6183093996cf252894e6db910c71ca3ab2e82d90d371c36b92c9409cf7937bb266ea9b29c41d774aa522e103cb30bbabfe872b57beb027623742806aa7694a859ede9bc1fd7b9e32880b064b0030fce1a0e5cdf3ce558a5feaa32e323dbfab6661c5878c9377ee52a615b7c17bf1228e328aa20f92d070c71561969e1af532e76835fb0436810c3d87b982217edfb1143bfc3405ac9f6f3a50145608dfa8658b0ab642a347255c55b59cd1c5897b2cf625a0f0706c30ca1c1321e90cec57b7c3d1bd1af455e3732db80643383c41eaa6781f63da6233360ee720cc04d171ae2445b0c071e339d547f7ac32f407d29ec7abce0a9e1ef5276544877bab2f84bd2eef47ffa66f96e7170cd54d836c9badbc59435146031502c1a3cc744a470f693636d9050c5b894d2d6047df60eb0bac16d905d46cbf017ca69d66427cb88036eca4ea9d0e579f6bfd8a4a850703a0fe49d39c107c9358e98689fb62bd0475aab4b2031446b437c7f9e373caf0270a28d7b15c71f02079dde401e26175bb6e392106a9072021f0e5c5145a1db6f595b032faed8551f6e2ce318db1ab513db876a3eb42d225014949c19543e9c5dfd2290e28c5d72c87223f0195ffbcba1c02c7d0087721efd2af6881dee7dba7565e07abc35bc3fa41c6a4d6a313222ac6dbb117c69c62db2691c68869ac5fc5e987b0ae4335f815c73ea4235da2582dde81d6fdae5911617daef847be17f2bc09edd88830eac03977f89179fe03eb2dc3b38df43803ca2d38455232549110f4580ec3cc04c0d8cfe493013d2cde47c506ef6a8dfc42d998f70378fac5ce4709345926dc477e9e339d8c87ff6287ea6e2873e14d538cdc3f2a47e0e37a2601652f5b665b616a7d1ef3537a3327a76f93990f7694e6484e7a52a10e9eea2edc92b99406abfb2b11ec86667c7af4a333dfe900bf071d1bbcf4f0ad768fae4f450c53817c507d26e926e753e3395201d3ad89061f16706d841994abad283f0db74cada25beb5fe46f48669a62e0b849cb77097e1b4578b45062af4a071b04f0cfddf87519cf2bfa10ebb4b860239ff187e6dad73806ae968e6ac0f738baa88edb3ae4883a9e59be7a6b222c5f54818f95578daff9fc7a7aba8c4a41a699923e85ddf24a32bb71c808516f64d506058a70539276d57984d75161cba7d53a4a864c51a249a6b8fcad5738dd0055ba8468b56579ba5f102642df65c598490f3a0c9b1064f4eb1962c4c38bfb7d55d496a0b0f7b3f90b42f733d112c89176aaf937eea4bada845f3ca4e9b56b3a5a06b4c90fa4c1914ea47020c2f32531e270007ed389246906ecf2c4465f7cc5d6a347583dd73341ad97199021819be81100d867d628323ef7552db945e4c0be604cf6c4a8197958bcbd6c1879387d3286dff979632c54baba2a35ea84efd7726b662b94fae61464d069e0103692599fb86fdc3a06e01c6ae3deb3de6fdb21806c716e5f82b784e4ad3f0e2de629a18e3a2309003dfde9dde8e5101b83312f76e811277afc286b56879f4eb80468e58c60bc088284d05d725ddfe3185b7c51b472a7ff7db3930839142d4a452ddab628e07d43375801d7c6a711a55b452748d770b84ede35920c1ac74b595baef963d21df9418533fcf959593ccf5afccc753e86c4ae231eafe77a158c2472143faf169db29bf2b53c3288d8b3c9added65778095f85e2cb471ab58362041f0a27d874c42bbb06385a0403ca193cba67cf70029cdb7e73c7e2267b856fa0b8dd4c706b45e7174659b0ee2891df911724324f7ca5daf07c912b9b2abff762e62a1817688757492975db7185c4695f3a90895634b8d07453b36dd95197abc31d5d153dfb0d0ec92639540e99d6590f9b394f14c93a5e829fbb33616e810f59c502be44a13b700fd3009545e34c211abf9afe1bb8ced793c6f516d40010649f83a78ddbe9b71d8596582997d0aa54192e1200db61dade30500d72a184ca7dfcbfb80e5442f489d316cc8b75005564835d4b11c482e2c4d0d160f14a8b13ae0a0fb0ba5e3b782770aaca357df0e1c4d1c3b28b776a8b3e0da1abfd4f7190673fca1e1c5a31c688d6e8ddb21300e4178d07c4e854a718ac3f672b0120d6a54c16957c9ec8c444208e47737bc4eeb0bf2d801eb2fcb72f91fe988aa75f38e6cf26e858dc2a718580ff5d281d13e8fc3e3bc30c75c0193481c39c375a5b06b962d9491f3f1fb80f1cb27067f0709e0b0730573a9b5f5bdbee1708ad84b4ceb1a9a61e4c41e90655764057bfa07b8c81cc83a315be1aed6a49715479c0fd0f53f625fe6c7f36fadd001149ab978532e4d0de3d1a38934c74265b161899843704fad16ffc6189f42a5cadec98603e0f98c6889bd4a559079e074cb40678fad4690a20d988735280a1ee8ea71275069132101b35c18ecc9d3c6eceb4cfe9b165e4b6acc17d4f113ef8283c0fb6506f5635401e916d4f7e7bc3cf49aed166587a0c72cdbe673f467d81bc2e9cd08cd8dd16d90b353481df31e89b45e8b | ||
| 20 | |||
| 21 | [L = 48] | ||
| 22 | |||
| 23 | Len = 16 | ||
| 24 | Msg = 3a35 | ||
| 25 | |||
| 26 | Len = 104 | ||
| 27 | Msg = 7db15b3ee240b45d4610950996 | ||
| 28 | |||
| 29 | Len = 352 | ||
| 30 | Msg = d2a1efc725c46cd6a19760f49edf0bae823c1b4992ae2260085746cf65833bd008e56e64002383f51f960239 | ||
| 31 | |||
| 32 | Len = 1016 | ||
| 33 | Msg = d11ad1253592c094746da7b5c88d329bc3ce1929913b8be07e82d3f6b7a536a855f31ad197376eba6f2f4534413fc4e4e7673fdff8739f774a710754b568b7c61a473059a41c98aa4e86617aa66d2601d0f0d584cd9f132afeebdc0ce3da6a8b290059e6e4aa080c195c42ae7f7e1e99865223439929b0a3a0d79b46ca6419 | ||
| 34 | |||
| 35 | Len = 13696 | ||
| 36 | Msg = 2f7a9929dffaa4a4dcfeea1fc37b18e3cf935abbaa17cf9d834b3a8d61e9fabfb7683cfc387d6f46ece3f8bf845827c7ebe86a651d6dc1e83c5772cee1a9fee4b04453af2f68430bd87835126cfd1b3f8beea4d3822fb27864570e255cb65b414197480b6bc20a39c5450adf2474da93d72f6ecf8063899722d3755b7a19f71e93e782d89593ab19ddd3ddf053c54e0bf832311fbf132e8b9e540f38e4d9bcc3cdbf69de54e40ef348a9170ba2f65def167f568ce846889c0161448342fe907718a465e451bc1b0f2e4f21f9b911f186589f43dea305811473837c063b915d849c20deb43323bab4b64e61823f1df119e71962dd975700391b411f8778980a3080ba3c14a321d32c082d416ddd2345f0eb751a516d44ee55222395cfa11e7fc4edfbe7cd49bf4ebd4d7428843a2ad5538b3cd201ccd431aeafb146a65d28a4870a6948a7cc0413b0adac7e8dff3a898aeff5f4b65d10b28ceb749bd354c061c3008ec569d5f90a4d4f5caa51d35b49dc4028e738c8ff5939fef3fa202fed9ebef6f2c7dd0ba41cdb5c0c16985f96fd93a65d134fb4a90ffc0fb6cc5396b843c2151bb7c9170f2fa4fb44292a4af28df5481de0c3c917ba1c46467a35302738158493fbf6a0422cee558d4bce3d78e14b4fefb65bb05043e2cc2a6a8ea64565ff6ce2fd2c4f43fc02926ee44ee02fe1dce25cfde0115c9396c9ea06269f17b2caf58e2332cc1c8528d9705c70da1f76f22aeb1d1b93449180640fb5c4c4a708bc4621d7d2bed5b1a752191cfdd45086d34f247ed1df0f24e7c620de32bdfc4d1f882380d2cd7467c926f48abc75cbfac8788f88cd9dc5361517a5eb36311e6b39e21a85fba2038fd47d860f776697bb19cdb5a4d6746fae507e274399c91648537d905015e58910117e5914f44ebcb00e771d38b30c1473e1232d4e222cebceb4810c48e83e0fd4c852f4fffcd643c0ef9e4fae2d0ebc6f102f3f749b02a5e3a61517d53b539cc24120df3957a633d50369d46c0c226f8924cae51dcaf54d716f61385fd8cf38c2c311a32bcd6594d6930133dc18ef36a9671ba8b179abe95f588ef74e8558ebbc974dc73c26bb6eaae78ef464181e18b71f4b0f986ecc8495a9c4dc0b0b96be9806fbd3d32952ca3b4737a06ed6561e9c9581a33a720123fbaa2a70fc3233b83e56444f5aa0cfaf70fb24be6118404f3e11e6ea004cf2d079a3e93a8ac1d4e297cf4fc43851dd26314a7ed6a5a784b386daa26e50c64692f7db28c21d82234289bb45bad5042236667e6d70a24bc9525c3adcb793a6a5725d9b10911e3bc8e3fd604db7998346e7f7dd1815c0cbb735a977bd4b32b5b976932bc92ef3b56bcadc089045ec95f241cdb0a84c67f1f76353da6cb493bb27a881d37a2106b8b3010cf935eb3601ce4dce3e449eff8331e444ab117a20809a1010db4cf3be0c488f777b6532df908112e3d11592f04a0cc16232d62340cbb8b5268a662b8278d37c03d848a04f0ab498f5af43b0a20e310197b7e1395a65299fac29f051bcc5fcd09a5605bfee370ee8ea21f5807d9748acca815a44d81796d68b0014eed3bb6a94233fc51725de3809ac6f538beaacf8cbe3d96aca21a7a763a957f8892f22c6d086d9af2e5ac9d90321e186584f17e964c90739559ddd034df076c4aa38c2b78aab6dec8ef6be9adf33bfb66f159ec4826653ee6cb483539c47a4a1d95663e6cc7a42a3bf628623a4c9500a59a50a312aa104b198ce5f3e58952bb79ff1ccfa9ddba2fd4705e91b5acaddab9d6522d7666264ac5f533b6d8ac4512d8371c69c06b6d322b046ae2a0a20aec1c3bfb05f3d91b9044cabdd873abb5f2b0e3e19740df31e39828f9ff9bbb20b73541a7a70b8174ce4e43e0d356e629cdbc6c08d29bd7acb6a4347823075683ce9d7de4ab3ddda6572b175951f30a15263355fe9641b3322df7dd52077402a884cd472e6d0b6c34cd63ab63cec8760c7ebe384f7cc31066bbdb7a3417425e039c4d340166e4bba4839076ac9457c87459c57957d0a06dced2f7a18acd22b7295785dafa435a2a8a2c3a1fa05d115fe129d19fc44c5a29bf15b4d9c2b375bc8e591f92756cfc573a39b8fccb8395cad7617b11f14a60e2dbf69b897844cbbcb70363010f6e1bc0590ea594aa924597dbb32a868b55551789f82437180b85661809089d34a168d44b4d788dba23b13542715843eee797366d9ce7793e72331735bc78cd61b13421a568ba3e66926921c04e9d00888ba7ddeb474db63813756ea4a02c1823083e36ebd2d32d5c88cdebb98d511304cc276c7799cf84a1699ccac9569b13f530c762732e6bd0f8415001b2c02d11dff36660b717054b16df49ba38425e3764a56052ffddecdfc686aff22079897376cc15591e11579fe4feeccb55f | ||
| 37 | |||
| 38 | Len = 100816 | ||
| 39 | Msg = 5f464d3301c5e0871d6b41b002dcd09abc80a805de3482d97f3fd7b9838745da1c0534168f76b93c3c53bbabd904541ffe5179cae619dea77446140b7400f47d242141c7f2e9894d88f44c9e066861498e7394f206f594a419790d697f6a11187f84bc6fb288186109343eb11172bec076d041a4c7306d7978c009fc2d2d62563614ed3555ba2d21c8fcd70e8389352dbe4ec808af3231ce990452eb05b1b0dc4fbb1b4265e69235cc3561dae4148c386cd770474863a84a822b2e5f905fc255d55f90bd6a760d441dc52240ba7d8c888a5283891a2c99963d1fe680549d6267cdea92cfead167f6c49663668f2bfdc61fa647f5abf3ce5ad2c6c175dbd456ba41436aa06f5f68f5c88e6b74ea86a79934bd05b486210d3d470a0967ad6d67f7385260578088d7e63197849354f651aad07e04ed301f1fe7a6d2047d50ce5dc6bbffbb1da6b47d740898f4eb54e3c5a1fbd18ec93254cc01f705fce04e6100ced132c519674b2345547804a372b5c925bd9ee9701527db33408d37b72f8d18b882d3c4744eb58f011d21fce336d426de1fcd5e09610216248b51fe2b79b96c2bd6ca0155e05a8a516b7a24d529a9a475284735bd9c4c437ddf399864b64fc5d0d6ffc4e5a7a3dbdd476bc39ed29a0a92e1f2b6b3506c2be5452d4f896db6eb4f895b554b2af64c4cb8dc2369b91022dc50b7291404cc9605c31569c32756a64ff8c4fbb0f1bca346c7b58a5c6774b2fc7f7fd50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c8399763003b58ee9140c2d62e914c1e1fa742661a9166d42267edc40905b35a25d5c3cb3fb457376b7422896df7bb19c23e8f764416731d2e20cf2c1beb8663c07edd8f105e078e2fed05c5e5897c430017fa2160f565a75a4c5c64a15dd7d644bf355d169ae2696ae5ed1a39e8f81055cdf315e5b0c6f9235515fc4dbf30281ef17b83a6ed604f89293904bf78c7183fcb0ab236cb1f8935e59c51559217efabc000b165d819b717118a03facb61a13a99b194f8b6c7ddfe5850127d79078397a56564c7ed6716a129409680434061b2a4782c9006587de927c1ae09d6778a5f1c39fc419fe10493eb0d4ad492fbd05485eee7913c59df82fe7182af2cf06a6e8edf06676200077bd1408f5c1cec537cb8566470cb44895826d04ec20f0aba4297c501add65c75d5767ad2ab63aa81b7b66f01b32590f1d55b7e50e6df1ee077a19c8c895f5ef62d452cc336e9aee171fa997ddcedd7af86e6cc37722fb5838a46c5e58e7f700edfb7c6bf832171d9581f660752867118e9535a6118635709d6f1c1cb21b938068958e956149d9bffc67f355cb88205d4894ba97c3e3c8be9fa2d20abe79f3f93a6a2f4f56fd075bb49a4b7dc83630e58c32a29d757fdbcaa607352f65483cf2cb4208a3bf94ca7a25e2a4e05279be31c33696c10fa4971d1b64ee938dd299f483e5c098845749a3b706a787529bf2ca56693d0a7a98243e6482a43e1f5d3086ca1b00368d8ead5ed2d0fb79b1e2f537ab9340809ca3a9b5eb2900390432293008ab7086c2811d33de0648be5597ef002c7c462b5e0f4e0b1720a98b2299ad7aa55eb78f0c77c2ab4371385f280107ae40ebf814a8223dc74f31483c63d9e4ed09fc7e5a51bac34d69d97163116a66c84ea9fe4263269b71fd228555ae3cf5109c4d6ced7b9049a2b8069bd2f71834d6c07fffbd7561939188bc07dcea08086bc7182a5270427c3199bf5fb5c4549861fd32a38ec81c4ab058c777dc01864787f0275f911a17838272cd65135f66baf06d8d93bc439eeb55d50b7c5adafed8eb8140b4b05f59871dacf954f4b096c30b7857774fcd319c096750bf605db8e31fe02cd1b9294eaf8bb009d4609f2cdb3a8657f650501b8553765de8f572fb91ac77b35db35f402453e5c58f60146f2906ff56b9c6b3a5d0bb6afb9e2201110919ac9c01a7e9750dfdb2f72afbf7a8d6f64b1c68b9de17a2c9abf289eef24074eee9b1649caf3693118165503a30200993d271aa31b8b92606a10a52612dd1fab495b82f9a98cade18b9d8a723a71ceb63fd1d27372bd281f9b40aa1839b0cc2f2177a09aa8e7b159ac118d7c145e7a4f032e788d21facde2b4dbc1d5d2238f530d9bf9bd2798f611d03ed8919f0c85bc2da99750b7a8d6322d2e66ff6ab9ebaf7424e8c1c3f4fe92be61f65359106395f5ef995e925be3868ad513f561f873acdbaf18590c903d64bd275121c11ea655124d091740887868544c5348664399d3da96e2e35fff34f062fb939d656bc072096e510b40b2f75ff010af68d64fd0acc778e2e13c9667de266b1816c4ac449521b02bbb217002c604be72e73051aa9048d192e3210a68769dd2693e5d44951711aed3a751240d42f8925844131daa36c51d7d59bbaf99623fddf1649db954705fd6f3405e63894f5258c9ffecf83208c2c90cc55b1a8d2972ea6b3a049ee54942b50526b7930953986e428b2c75e47ed870bba68dbfa624dd94112f3059da0a80c583baeb570fe8314f5c66501b34116c81148dd22396fcd6479da49f7e952c8084f97d6803ff85c3787222064ca368f596a1ebb6dab20a03916b3ab071c927d87fc10ecc4e7ab4a5761e3eadaea4de1a0dee30aa39a9e4dbee047201d7d8a4df1284cf668ae3ed7dc4cb2cc4b5cae9307353fd2ae4c105c5d9f3bb021535fc3ae9bf3ff54ddda8b2e1037cd9d69822df436dc1c750a9f557d1a3a63fbe73c64261dae0c70bba6edb57519f5b957f138d1aa5fefe01b73c1851aea42938147bac2762527a492cb85da43014c876e223b05597354d7c9b328df67f354d168a84ce86dff57d8a870db034196dbeff83ebef80bbe52425a8810f2c9fea29ee688a201cce4a5f447be789a3881a9da3b6c491288e8f1091719032608b332e0410f4576597e17e0b5dde305f069be2e80d565bb979a3915488f88e3ebb90e81c264bcaddd72b8843af4a4ae31f723d50fa0995b027c334c351128913bb93e67b1b08f101f6b8dc8202b44fbc3d3dfb530f66e5a8f35e69725c86998c05ac87c561a4706e90fa095adab4a566da4fab82bff6b20076e5bdf62dbd6614245b6a6f8cb6bf60106f8d12b9c3e26f8127dc547e2181531ce980a3273f452892110cfe1ea834a30f99d66e026a9d22dc76fc3cec8fda2d7fea701deb84dd45c97dcde57a017693e90983a156f11c4d168d89c06d8a32dbfa590adadd16850854f24bba315b0bbf372f03711a20163afa0c137383b9120b26c59f5e9e7cd2ccaf0ef4e0d70d5a81748ad441ee5fe178e14317cab184fe178fb0cc0d82105d2f423467fdcda0f9871b9d84882609248356f3053a99866dad9f9b0f8c4a897a8cb8f30365a7ae5f3ca6e772d863d445e6d57c6a478e35d719d0e4e84f3a30b1816ddb55bcd79df21ea0e95da72a19cc1fe74fc576120bc108be3ed4cae3bea889fb4ddd67efe858a994237378eb623dab070d954ac780c1e6d2095383c98ba622cbdb18fb53260979fb2672c21a4600f4bf06583a112d303096d4e30e7e1060d869f386eba3cf7aec3052ca17593dcc9969fa9cd88179c262770211cf53f53f175037a5cd445d239cee48f7ed0aa1d715a22ac18a8aeecf191d415e4afd92b76c091803f4c757a9e89f696ab7b11ad6d5f24774e4a004dcb0e3f33705dd8150431f051016af37647b9e44b10bef114276d4b1055b634461c655a82a847639a038ec9f58876e84e9a2955b696e072d8054c3f81173473604d5fcc0a75b4a340dba0c375beb87b8b01a0f2de232bbb8371c3a9d27a0ce521c4c43dd3bdeebf92f42f87d88978d5b4e3e563cba0e5f59dd29c31096885b113ea5c57e66a3be015b703bc26d3fd1d51a7c14f85f65747ac909d7e30c8e800be27eebf4a62e42e538ae30b6883907cebb7fc5e150bc9da3a138f394e817df9a9e44420078f30d0d3d6981ca581791a097a5e3982c983d5cec239096c7d8cc55c87242026d769ef1d04eb96e5b5001e3358af88d417cc61f107659791a35d8b5f7a5767ae24d5b2ba7aa12230076db1f1b9b6f213dceea62949d98bc5db38743b23a59ea75dbe4231a285678f5f07facc053c2048022fcb01f15e8c100d64a877ecd56d196a6ac60ae35e0e09a517224ba409ba7b70d8f9fe65bc427b212a4e9b3cb17b0d332267cea4f3bea7c1e550f7ffe567b20e3057aa0ebb560d00d28e2f7aff718a9f2d4d044f0d20709bb9ad567c98cff7c4810e8c542370cf90a491bc1088f69998d59f344b74db6c1bdb61f284e99b517a11452ca0bb37c7bae77fca6514b341066086e600f098a32a92935380a173c9182a2513584c54ff67e580dfe16b508acf1729a3d649ff1eae286bffd688fe658612d6c8e69e6e7f7de4ba85ec54747cdc42b1f23546b7e490e31280f066e52fac117fd3b0792e4de62d5843ee98c7201529455c85b169fdb90cb05e3403cf2f737148bd20a53c73880880a14ffff37d62130e682e50bc7210ea6c1f0c27656cc1785a0d9ce93ff94dbc5b2877519d9bac4a339e98ec594a7cc76f4ddf994fee8070dd4b8e0fe0e51b93105fcf566f83d914dd862b4ce78de7e9e16f142234bd969ff8005dddc641dcd3c7cfbdd6113cd3ba34a9503a0f433899e90e158abde2ed4ed4b3711c991577c5aafeaa982bce80835f8e6d7c7975571fafb1499991646bc499ec32930367d4b1de76ff656442cab987bdecdbcc2b2bc35ce01816594bfa4b6e33080caa41dbdf8ebf2205649f98a2d3bf331fb16b9ecd1824eacbbc9f81297b115b4d36aa7496e05f7d40d4edd1886c1bac10cf3f97840a03277e6369e7a7e90d932050ab8720fce076de5c355fb17959bd75cfaeff325b0737f8f5b1160de0b0184ba04afcc30bca77a6a37e29662302d01858c0bc1d32b883011b7df5a387805296cd91bbc835a3e76152d017ee929d4cbf137eb78db89d71617dd76cb00707aacb8088ac77a1f52ed710331193edb29933a7efd8cc153e6adfc2c6637e88cd86b06036b8177847b4d086b0ff9b5dc91f3cbd1c08217023d7449253c25331594f0f16a3c5f2e122e0145c4ec94f096b45a1fd0b2dd3f1d51e58978471782a336eae49d7bc4e050d1c6a391658f71a1f752c0ec6302bc2dba9e3766359359ce34955a2db86740c90d09cc50e92dbb76e17a39955fa7108bddeaddaf860d1aff14acec8b609ac1d336270a940604209df91cf45be72edee04277d694a6f968ae6d8e065702f3d607f3baf8db4ab7637fa4c78bb0b7fe69937eb1dcb616fca564a5a521e12df71fefbc321187159bd6a47b066a3440ba634de9153a94546b63aa33aed9da2018e1f30628df37f5360ca4f2660a46ffd73e58183e8abffdea25f7bdf798a2b7cddeaa481bcc6e682a67e99143066963d96d4a928a478951dd6ec59b1be8cb23aa688e1867738aecdd9afade39c92c0b2572bdde84eb912ed990ac618834c412231216fdb84f1e01b3f8414fc6dd0f646fd0fa62bb0157b3535e1497c9272df1cc5dcd4e6ab9a8456222655c56ac73fe0d2aa8b599035daddf0986a45b1a59510abe19a11b6dba065c8bcf8a85d20a3681c2414dab7c036cc1358b1dba98d6ae62c5948c36b5b3e307a6f860c0c822ac724a5c917ed5f98ece548a7a741d366868e6c676394c3659f7f6786594196dde332543376f9ba0724b091d30f431f91d919417e5bf7ba1e9a21cb80f6c204c3a58d59d960a5788b5cba5abd7c7518f4c5170115125de97009a6c3fc4d5773e4f57fdd433eb7422c7c4dccee57a1679633ced3b5f08df763d4577983c5ca8b49bc4e08fa76f8bff36daf0fed068db47f0c87e0e45d518dffe37c129cc6e2f5f9e0430185723098e715284a42f302a6b8368a4f2dc16f534d1e5db9d0b86659fc4ba6f16c982774115d02a57684c7e5489b1f491584b0f0546e4194a6041f5e5be3bfff3852a4fc772d83491023a61a37228ef6260edc0d1cb972cba610d5ad1d92d554700771d8236ef55e983765ed8eb21e7de7c8bb51aee9368758454fee4a3f32179c1e54af1d069e0b9728cd0554351907e018146511e4d6f0450b57c8ebd21c71450116296bdfc779945da60b9192c5bb9a67b1f04d94992df4cbb3e30732dc8af2177fef17e0b7d01740b8a64db16bc29c1e589b6bdfc967edeb2ce8a649ba892bc856a929f0b837a838ca7f917a52436ea3d20e72afacc5b9d58a7fd0fefd96787c65ffa7f910d6d0ada63d64d5c4679960e7f06aeb8c70dfef954f8e39efdb629b72979be208d616071289cfaa0756a4bb5eea5c7baf8fe7a31501e7e2d67d708d461c0c93e85f03afd70bd9e16437171e01a34f475e4b5a58d13ce4e2fba72bbba93403f3f8981e0bbd6a8a6223327bf096c44b36e0ccbf7592a98c1fa67f198b628787ec80aaef848b4fea158c715799e6f458327f399e6420f0e7821f2dc4663bbea065c7bdfe830b6102e2e7193381b9dc7f2381ba808c43b8fdf3addab4b5fa81564716f7d46e0349d9b27b559710d723c7ef2f79eb55c3a9d75b99ae6fde6877b278b583f8ae3cae776b914b0cae0772397fd19b6a27676c7ca02cd07f4b4d49bbe1ec87f2ac7e39e5f7712319c31271dbbbaf4b826af8a9f4acab696c62719f7a6a032c4bcf90922a3c630647b7c1c7b78b10afbd863f07486561a0bc8d9b1ff5fc41998a7e3c604e24af1c1df2da1dd5d83eefa2e4012f7fb5959ef9339574367deff73723484b5a969c8c23dc251a3b887f34b9ea09c9a1838e8aaabb254445d7556dda257dfd5579737fe1dd6c67f3851ca68b011e7cb7b6958d588f143828f0bb24fceca31b47b77d1ce05e75ab05b55d6c9f9107f0c738f2cf8a1629f7e9b2694324e082503937ff8ca7c5098f770289af7d038dcedcf0ed77c8b82e2a9003a6f3db69e14131e144f6be7cf0bb5353ea96aebd78befbc6ceae9bdde97823cdbc5ca8ef8a993a9d9383aee9f2d6a18fc64ab92990672ea2dc9b89ed248aacf7f1a513da43fe5953335afe76d78867a066f226ae9c727c6c60671c50a50732698ef7a492d51998eb6da5368a667baf6d12b77eb36686ee0ca239dc6f3598be0bda79e47f0891fe4d8989df8c685480de11c148a2b44c8a6bea3a50b09be557c51f545a09a30e9362cf3080e6a6bee3dbad370ce24f6c5a6f8091007ca195057fa3af8f99703a601086c2a1ffe55fde4c2c4153dbff8d6601ab68743c0d50d021b0b3099535ba6c40f866ca3ff0df7c19d709a3f58b57b40ab5e43556a8c0c1938c875267bb39c0db6b45840e8ee7c22bf6b48798bd744f70e42fca343a8bdfbd7f55f275ca5d62c7288756d4861fba68d16d842c5b893c1d8171bb3c8b593387d3426f292ace5cee7753c9f9a12e6bb9af5a24192e4184f7d3d191d862d3c3dace7853eaa235b6369fd164e5a7bddd06daa3eec7fe4130e82478d36f88a0999cba1f251ffb3a7689ea2baf016073193898716a9f933448d7ba8e0968c669bdb7dd5e6e32fd84a6ce9e8632b393f9263532ec2107b4c0d2abdf3abb2de2d63511805eb58a70bc4ded040d76640af60ce7f03b9a682b8dd84ed8a47225a48e0b94ea47828f1c8974cd64e5027d8b13d43519875d2bbe4461a7f0f5b5b8d63a472765405ea9c994225806395e64dff88506f7f7f3b6368d769e6e550d4e3e81efb13771cf403e855f75312f1383ce4c2744d0b4e3735a0f1e1b99eb014fa60c0d1ca9035fbc4403330c2fefa8411fb7c3d6ede5b5c8f4736106bbe01923d483a84f031e9685a3b6a70646a2a5059ce35fa496b3f21fca6047471a5bdd33908cc9328de9fb032347c249bf7093390b750696124621dfa67fd9c7fe85d6e5a4d277ad8f8d169f8b5e8dbee280f8443518bd94abc5ca704e781e6cb1868ba2d6fbbaa850326fbfa5a20e4df6fb5f8ee2728e86a758763a8af21e1f7a8584d3f0b09a0b19fe8fcd37bc4fdf45084d7fd92b80544f29aba52496e2c9a0aa4adeb89820be321cfd2f0a53585a15d04c7fe4ec9be6eb5df419e20b71506c1f642df75c53a9e3b2414fe6102fa8af7be3f6c95de824c31fd6fe8ef9d49e26095a2674a33cb574e9e493939bdeaf5b309b4c51256ef71e95dbbcee0a11991693b533f916e1c82ce86d65d89b6d596017fae944ec364546e78abbcbe4322b83e2fcbb4c5d4ccb54d8642c7eb9e28c08598a356a5c46f8813e6b63ec2f3e3bb721b726361f85a734e0514f4e9c4732991ed3998b1ba8f618c2071d1b943eb0f8766fdb7f0492421429bd380deca3325c8d5c7b6ed16429539ae54f1eba39748f09aa44efb67d863cda304e8653ff7499cfad44dc27807779ef8e63be4b376ec403f3c84eda4e5af31c30f9807762e0980b4e5d9dc406cad4e888bfc3ec4186de8ccfcf631b0ba5831747a1c200d45ea06ac82c7952fd09aaae5dcdf5475da427cbc8c1f71ebe5132f2fcae15975ed6fa14a11b38766e1c446894f31c0496b0e5e96507d28e6e4549d6d78841e40630ef306491a1da60eaea3fb69bffcbf192610e2e07bc1124690fea61980e8ed654c5e796f67d26db5de35b4a2c67427833e360ac2a7d4fe7a5ce572144443ed62ac460c1b19402e85c79e3d80e1c143279b20a66d8dcf2bfe1cc44a0f5aa9b0d9b36c46c2cae148dd0f2ffe9a8e6e7274d1832e57aa39fb40553da6414094e838d613a20ce9307d49f97d904648d6460985b01af769800cff9a940f70729fe40e98feb64ff0a81c5b2b096b1a9d832e440c49e4e3684bd17a5169fe138d2544d9806fec027dd2a67f1856178e090f9bb2f9b314a202e7e95f2e41fa80dccf7b1810e9cbcaed2acc2445d60e26f7d63ee4b28e4299e60ea4fc659e7d6f0de91748bf1ede1fdb2acde9482bb76bf6716847eb2dd7517e0a94f0bbf20f248d2c79fa0f518b67a44d5c4c73a9bbc3816ba85ae8344b5f377649da75cf1857d6e4338a76446c48e52cc7bc7ce283d4252f8fac5e1427299edc33f84798316f77bad4a87849e91a1a23c0b7a86898046e278eaaa15ff33730a6d3f885dfe2d1dc0acda2a9e49a71cfecb7dcaa9e70eaa8fe15d4567a280e8960ba49d5289535907e9f277f96e8e652c21d89e81696dd821db5b7e1e53e160584477aa9e4c0e12160c9956df36cce6f4e724dd543827366010ed3d843cdf4319c1bf968a70e9b1b6bcd8af96c9eb0620c569716b7bc42e13251a6adf8201faa129844b5e1d699cafa1b66a674e732c7662b0410e5bca2704c5ebed7850d0ebb825cfb0627a183cc9643b709aedeac2c06700358400c389f99666ae97ccd37f265da7addeb07df9ccad6fa777d0da2fc47b6235179136bbbb409596841e921eb278142a19e6203c7f235bf8461ccadb4b47dd290d36ac27126c808b866f9531261f1e0f5c458a6bab6f064b4efc432e1c7379f9af19ac34c5c22e76e6e7651e48f9ce44eff542f018397889d896cc9001a63e8e455fbe4a9ee9a740edad894fe1af2bb21a1dd0318e28ba982c12ed69c08835ce17336ad1638af3cfe0ea892ab8e83d3f25e6bd98d5e4d36292992e2122c265a26cbb3931dd4c1b0d0ac5ee19974d0dd45777908bb416cbce52531820effcd7f28e1fb2d3d4d826e1b2673e834485a25af9f9d174f566abc3b36732ceefdd91a7c3885e1d10d51c321ff704d0883905b7539309ba5e7b7a2bfefd0494e90e9da7541ec37858ec05ea9a9ec5672b113cd5ad6ebfc5b8fe40ed7c3f17d8a73703dc89086b4d75c5eaf06b840bb2f5b4519a4fb17bfdca9605f17253f203efffc92da96fde023007d22cdad05d18aecb4bf08085c5ca5eecd21f2b611e7e8a0ef981fe7aa2014f5ac6862fab44011dfd33be8a1226943aa7ae5fee9221b0400d9ac2ce5241b09a68cde6b13c47d50bf310ecb37f25c32770a299020d8500d8a4b5d7621e4379dbd6ef34a9aceefd4055ea6144f54bbfedefb5b5b0fbd1d81c7a51a802072ec3d84f34585f22c1df84caca07849b1ef054cbef9b40848e9fd238761df5358cf55a79a53a1bc749e49ffab7c5bd9a28bf24ad5833facf43bcc3852c1e85cfe47929fc49c325c20d74588eb9833519f192243cf96625057899b70a7c93f8fdbfb60d8129d9c43c95f8782ed8293641ffd21d21d91a0b4db69d766f6d6497e9a414ceb04b65425d6ad6c8811da00639dce8d8030038f2d08330c75b0879aab81bfb3330b950e54c13780d308fceed2a103a1a8b77a923b66aba737654ba7995acd306aa7b80f632184412e2369c353c2132ae614553e626f0a3436959104ba6e0040dc597dfbc3602a49e401bf2249699375b2c722083489f54fcdc1f616a133ef6112a1754818158ff78f245b9046100b0e89407f74145fe336976af971c054f12d98002c68b3aa2bd699fbcd71bc4dc071e430bbf694595a951e01098aaa499be2f70611f248a694539ef8936b2e8b7a3c5de8662436fed1f7bc24a4e5c17a663d9a23b4692993301b08cb3bc10f518eca51081c717ec8dfbb0c2669f7987fe6aa0bd98231d8e8b58951b42537f12884a857e02d62de4fda6b88b6b754b1b27394c6a819e0f92f6b2b2473fe245678e252ed31477cc7ec6895bc361b718fcab3aa550fc9faeccfe77cdb5b151ab1db2e569b5bc923ee26f0b6113504d295112d47218140e44652a10af10a088f95c7cf2fccd040fc93980939122411ec643e26e7d69ced3178402e320fe156e774b75b5afc2f3d6b6ab828bb4993b1436faa5728cec34d66f520f59e82716ed6d1324944c3c91d04d5ffc5a921f4716c39de24768484d0096f7d8dbce35aeec22db11f899e5e7e3d57e7668f35d6c0db3542255d9262137d39ae6cf9bcde254dfccc54a6062fcf8982f781d9ffab2df4f49ec04a72eb9646d63bf9e1799bc0bec0ec7f0675ed9f8dc9b8be15d9f2175dfa1c8bc99071c70ad7bedb10a4143fa91c89f54777f84c9eae9361cf7f4c2b7ab873ee5785a5241db0af86f3c6d7f091623d6dc576d07550a42023633a09c8dfa21d7e70cce64c13f37663f75c47921c246f3f2d1d16a8283ce7697da4cb7e016971a2a1d0c59d6202bc18b7cee3828de597efdab53b33a9fb41aa7b49f1c964512901773bb396ac80e90ba1a94c408b2860065ae9aec64a41d76cf8842d299d0babf14d5840d647d075c34175e26a786f30091a24f1ce8db30137520dce1cfffb6318a0d0fdcac883eac603bf365efa2c806eb4f194cae8c16780342165222192f6ee2e103ae2a31dc08a84dfc89c64d2e9ada7ca1839dfff62ddfb7982c79684cfc821a098bc6bf09f87317209b16d14d45c6f38fc99f7bf9bb73460977bb323665d480c87c687cec052a5f08a2c6744c8e177a8a269b4a47a925b9123cd2c014313edae988f8aeaeb633ee5ba6be7f53fe36da3aa37ab2077f5fd75a82a55a0fe62af213b85e9e7694f78cc2b0e63a8c1b89db484722fc62c688678a511c474f0eff8eef1382946d26de00e5c626ec1d7079445c1b7c6f7f05073249b11fd1fb30257724a14cd7bbf451146bf366de2e826fdf1d25705587c4460040ab963e3bd504755b6aa5b18786b68efd3c8e59e8dbd172346fe7f4a18bac98164669d73984044f3c777368f965763742ab86a3720208c64801c796f6e3a1c4748b81e41ac58dcf6ecfa0453b18fad7e3473604f57f7da302e1fa81ad538d4a0280c4ad092007bb9a7a12907227a936871886c699db97d00a1966fdef64d9f3672f1b792c1edadc6781b391c91bea1bd7275f30859dbd1707b1f554e49ceb874ca06e92ab466efa7eeb6990667a27507a7ba789e24d593ea2af8eccb3862cce58daa63eaf212bdd86c01ed471cfc79b191c481ad773d20e821d18af85a7049034e5a9c660357a4c2808b9a6139f32c55c13282b8d98904f4f027d438189dc9487c96172e50dc1100ccc224e7374cf96ea6731032c43fbc9b367a4d1d0b31aa3fa8eb589672e69f1d9144114bbd508d56c2049ecdbfd7b43545375a099ad2885353d8c550d22dbb738e6fe3f104b444c89475a2cc24d7887daced8fa05006c02dfded01c00707e2ad04c41199c5decc1eae34b0c0abb5a5beee1b5253c3350e1a077682767a0b9124a4df2e8879366fd37fc04d4dbcf89883892f46a65ce3aec22123cbe6b3af6364df1f9f5f9751bc8179b6dcc5c126dd65feb7d11a85994e90ab6342834c79c5f82413e88198c73e932c66e3cb60b6e0c0cf438622e5dc5a1036c38afe9cf13559044a9e90f5fd72a3188ef6b1043f5f4e6b40ea51f6235dcb33b3099b2d8c2e02103235f0476ad51bce6d8a2934068549633e521a3ee4c62c22b042fb86c13c8da849233205a5e277aea1129678c31f5c379a71fe08b72fad9449cb923126dd465d1e0ae8a925374149b8248b3afb69f168f3ae701c00f6ea08fe07f1b5338ce6af2f3156ba6f300310114479f2f6119367c88c12c158b84be13b9c8c7b5dd7c90edb5b3ea1fa5927a25ad6d5596992dcd4877f58a134e05dcd80dde4fc2c2a680cc0ccf3084d3f4970e3603fa6bc5a180fcf1ca4241c0b8a1e7c607dc025016e297e2b0645de4ec2fc49851b9374f3ef99edd897c284a67b647ca8c96fcef935d541e9faf334043ea50b99fb8819ecce039227b624e52d8c20003b5a43808e4990da8e4398c4fc172b983351fd11a13dcd2aae5193d42d46e1b57c92e3e01d23fc968c729f3782d6c07dd5a17af2bda96735c12cc7d8023629fb0125e974425f7914690a7ed26508343ae58c8a439ebb6232049a194768d4594f5d65aca37a5686c2a86dd04bef35d74e0755937ac0ce3ebded1c00c8adabf030e5e4a5f44193b62fcf2f1bfa9dca2a25afaf2f1ec06c5d17ef3526d26d17af3e2f257ded24b177ba41c0ba64fd4fbd5042fbd5961a105e0e9f77f3db13c1b6c5bd9a9d04801a5c00a4c544218a21016c65bdff774a44b1d05256e0693e14d76605d67bd10048d3816caf31a6d10886c88c783538bd93e92bbc4484f3388b61adac4b92b911c76ebb1dd11b7b4e40be032bccff610068746f41e34a1fbfbfe5faf57c8a4331008e2c1cfd69f57e74379ac80eb6769f4ce4196795b835201ce4ec85ebcaf5eaaec242fe6695cbce1d53fde5b002e006bba8c8a1ee57da061ceed0d21bdd57ab0cab9e46bf3764d9a6c3ab19736d43b33f32eb955f9174ee4a54666e7f19cefeb49aac7a59b7370d9ae730b7bb4e08413222f0a66bfdac252fb61bcfa838f262312febfde8add8f6843f1d64ea3da42d4ef986498604d65737a44f5a099338520cdbdb65ce73b110dd4bcf8592a4adc3e0170b13404f99f0ec8f9fb225c1275a921f09369db165e9109dd5be472b9bc1901bfd882d264d9ed8d88b4c8f3b35f88b69e3e4b8ef5debb895be536a3af492d968dc1caf31879d672f70ad9869ea98335cf9e4a2760f955fd3e8099e4b2eb4269e354548f9de9921e50e49f3f5cbd63468b9db0cfdf17250c8f13535d4c0a1f21c87967cd798fe93b9b2960447401ef90db22c3adfba0f55f5585ad37040e8d6745184dd536d5a26edec365bd6edff1bcc616cdea3bfc8b9d98c0ef9a626054e361194cd05b2287612399f6d3d3be2f71555f14ad2893af6f60ab61adef663c3c2464ade671dd5ebc71935aad290573588fe6e11f48cd2b7db62e4b9932890d1b96e1b83eff70f026d199db75fb1e83197c937b672613c66ea131f485b4318e27c079b4018d4205484993bf50ce70275b244f2caf47cb47eb2a9ca59afbc78809a912eb56a4bb65cae4694f682c6329c690003a1c355f779b5857a60091b1c3685995a366cb43d753a704d3e59c5f5003c78feed877351e27334b3fdefe5907edd9eb25588a42248b9c4a93efa7cc63bad1e5900b95b70436c35eb85cc8251c4030fab9556920141cca24d6acd3122b92b7e868dc174bf071117958a4797fc90866aca685f1456fab397ae647ab9970348082bd74865bab7f248568db98ced7ed84e8360fa91afde3f23509e6b4caf948349ad9fb6a4efe0a0468302cae7a0f999195af1c19058669fc3b88b2780b9075dc180298498caeb7ba0cf8bd42eb36b1959d5ad3ca6fd1e85f76abd27ec5fb637ee38173ad7d86304d5708b6dc8817e099e77f5d43c1a70624cdb96e4e6103bb25e59eb51d894d1dc533a74005bb79cca35b66e10c61d06b5227fcb071457025d605a0862218ca252b871f8343ec231dbee15688aeb914c0f16ebabe6edb0a489b2bd10d4392c6f1863bb6a62181de7cef61997ab02f3bad0a893cc0cd8a99cd7b3f7773085f0929de36b5d124e3729140c375de9a2d0cd9a360cadf17b9e45b7f2adbdff9e75b743b62642ed67aa703b8ef33dcf51a50edc7dbab42d3d2b49badd2457a9f92847aa6a60ae2beae457a5fce1a9e485ecf907be22913893cd1350f20fc6c81c94be426eaf01864e813a03e4674491b61516bc95d8a77c15f03d0adfc4adc27f27a5ac4165ff6518eda1a5c408708f78a9e26b834179804a312148d4f75f21a77d78387139da40c0a6293c2a59d0162437d68504f189ed970c5abb9ffc6d8e1be2b0877c7f24b1dc273b1765bfc5ce6f4b8d99a96d5b1c92ee53a39f685b304313d909c1ba8130d20d51c824cec420b0315229df295f75b453a6c131afaae0c36d7c4fff70623638a4f7ded5eb7db58d95deb6249a29b171d8ce651556dee8037bf4ca74453a4a76aab7cc07ba44e55de57dbef8542c3851ea353fb8e259ee89bbecf9ce8d8bd6227afc0028afac48a7acd9b4e8cbe982eb1475917ad6be4cdca9cf6e7cddd971b2924f2bb730264801685d387485e41993c3fa0af9987e8b52c21688fd9a9595ad8d1b9f41e0457be18492aa09f69e64e2954d1ca3cc1d32b2915cd9cf6862ca79c80beb47347c4cceadf48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab44aefdda94681407008ea48d03ff21e9bbb4ae7a9aa37c855fe3537c44106e8079f18c24d2584474bd4a99367660ce6f7e6d7c294961e174366e7babc569d5f80572a21a4bd7086629363e0c9ee2599c8b8863c96613ae6c32cc67ccafc66e1cce79654567ad08e62e9abc99e44d6a79ca4d8de15b7f8a763a4741676af0e1f3bd4e002c8fa1ebfbb3bd3a65ae68a80c230422f98f6e1e9837252e045eafd585ba389958297d59aea1e8e1f665fcbc5f7ff449996aa712dc0faf582cf3caf3dbae80594f9f07fc06de63d9d672d14d7ac4662b4a54f40d4aab2de766910be2fc7f6f679b5708790b5376498d3baf0463dca2f093b51bb7e9f3e7033ba0384af0174becc3bb477bc5e86959a12a5e8924adf0bffdf5e5b9c1cf24d232881ad5c05c5c0f50318ea83d8683339ca6a583c52198c00f7c1abbda282e7fd3b179297338ecf9c923a3a87a130dfc06164e9b4c1fe11d51b382643de44b30a6831dee119241d1b6f84f2484784fdf65e41f78c38e15fb4b00e45df1edc40e3467cdcda351a4c0a0185ac4649e91024377e1c331587a8586cc0a4dfe29e14004c3536d305f5dee0eeb8c2f216c1b8d27375b239f6458e08980badd6d82e9ee9e007578c0a3b48288d9ad0ec3c934a99a8c5741149af937dc82bdb545df26428b87fc935c05f1a4964a8408539f267e23de9bc498e2a4b0083cdb7c8e27de6252bfaf680a6d5b7ec1a6dac6d7d537334a95f1553324a0739414dbdb50445a767b0f589fd4c33b35905577ef5a53b0f097191f9cee4836a908748779941de2a78fe1bde0c2efd9f48cbf232ce101d9df93d3ed40d036ae7aedc3a5ff619abd1c159ca8d2dbda7de13b4ca62576c7f925c52925eae2d7500dc969fe14c0a335ff95a7df1d276a6f242765c781208d59edb5848d412b11638b27ce5a61b8209075976c2a6aae88f6e6d8704fe9e83b425dec4defeeb3cd311b8c5a818d51f917a8a4525361791d5c4fd5d70704d4b9fa9df1ea119882f400e682753a41931712c043c120a98f0fe786a600b47befefc9d64cc5bbe8a16c191490874e258760c9e4fd215bebf848e0b4d35521f53ec5f9308644b785171fc4cc3ff886e034bd833d59dbcacebdae8f00e43c151bcb24d1d226d1cc19ecf349361530a81ba3168af3df5536fbe52b3b93621f57959df298e5b4d3c14928d2ef7b9c977c7dda54242d17f8661978a62d94d565b00abc199790b9b25fbfd4a3ffc35c95ccafe35d9a138a2c24d17f06ae2cc376e822317f16fcbcd56e23f84ec135dc935e58c61b34cfbf5a36cb00350483b6bac786030e5c5045a6b61c9aba7dfaa4f7fb21897539863ee865ae061a77c0359915de3aacb3b5dc8cfe53c4d17b393c2b6bb23652f36390407922969d510cc97b99d1df4361530aef10707d7a021b2d9576b2d49ca88b3cc83ad1baa6d88ef8c81c08f8baaf515637b21ace9d5cc8fd9fe4ca6c3aa129caea7060791d566f4de8662b90f9e5d849cdadf9bd23cf6737b07ca105142663c30de27adcea11d64d433fe1ace84b0f6917c8b655f2a421602f07e0a7127e61ae9859c5e9f652ec82416fd2566f291f417ecdf99bf3231d02864e2e5a1cf34c13f59de9aa2760d8734bbda79576c62f566b8269990e9384a41c1634271acb4c7a8b768f276685c3a8c7f20872e56b683244b1af562c3e7dcf592a9915f44f886cc2ac5f679c07d5aa1fd69cf3a460f25c722073da336a310aa551062d92c7297002060072af2f3500b9310c239bedf45c5e985c2e0d60c7dd68522376dc7b560fb34d1b5089450c32ffcbff07b35a96bb6fe01259a06868d00af697f8bbb238d03d49570a109181c9576c1ea9d2ee02000cc23e63d6c93c6cf3050bbb15b6f73b09c25da62e5abd4c2bdb1110e1f25db39f04885595cd6a388c4726c8d4cdbad87d80d42fcaeae843e2e17f44c9aed25c8f6f9736c7ba1bbd3b839126de40a930024a65aacb872936e446114e706a868444cb140e53d976816983f3dd1d57eeca01eab8211b7aa8ae99d26e35c06ea4b226e0a6e52172a40e7f0df5f67759ae2ee026749ba10b8e33694c3e01a001526f9d75f6c419cdccece3ea3f78d69014e509c741214581034bbc7e2bbaf76db8421154abb2233117a1ffe2786b21424576e295c9baef262e80fa2edb69aff800b3ea436eb827e8adb73abc48d740b86c69d557b16e874038598b25f616afeb4f4a900be7dd0d38b5b6fb4259c51a3aaf4748d7a445f518485ed72b25c7df8ed0906b74bd29bd6a5724ac3a503c990f3697a5db484821f68718470810862728a80ce34599a41fc5bd8bb46dd845a4812ae1532c457ef4211d0e41835e5a6f030247614822571c930c727ba397e723d6b3aeba9244f054e331c82e65b74c9f6504c74b4301499a1a6f6269a3352aff57f88442d4eda42a82ebcf7776c5629f97d6160bffdd8282a40ce2e6375b161e4c22ee53bce7a45f4774aa827e2da657e1a1bc07445f0bbd770b7a5a25b1b469fd58715510dbf8d97af4e1b9459a20b08a8d3fa9d92feb32db95b22d36de0bc8b1c397b09970a6826392fd8392b2d790dcc1295888f42ac81ad213c7328b2324b28be7cc1f4fb8414a7785472f1dd3e11d66017b1756d1697be92490e15f056346d7e9126a1f35fd76cb016fe2841c8996a3507c4fffe7fc45026df10b03b86fb6cf26e8418926a030b5fa62748fbb728fa19dc2f8947468c1477750771e442e4a9d25b76d359211c05df788ade5b7824f8770b5dac0819737dec916ee59b28a49666ee8b7ca81386eec8049542f18a3207e51bdbc291470eeefecac385c096a | ||
| 40 | |||
| 41 | [L = 32] | ||
| 42 | |||
| 43 | Len = 16 | ||
| 44 | Msg = 43cd | ||
| 45 | |||
| 46 | Len = 104 | ||
| 47 | Msg = 5f75a437ce0698a7d8151c3fe0 | ||
| 48 | |||
| 49 | Len = 352 | ||
| 50 | Msg = f88bac738d1e3e10f75e46e3fe026d7e423fdcf3d7e4028b33a291bb4aabca53f780fbf99e0346d610d4a38f | ||
| 51 | |||
| 52 | Len = 488 | ||
| 53 | Msg = 832e5b78a73a1012ee62e00621db7f4d248893007c6e5d6e0e689c6b291baeebc72df9cf10b289fe20e7fab80a2399271d0ac63766049da875eed56264 | ||
| 54 | |||
| 55 | Len = 13976 | ||
| 56 | Msg = deab57cdeb41974037a9bef5e292894038264eb4d8993d4d1501e6ef9c68fb0f571f57b0925640925deae9a6317e3bc4d6cdd5a0833e52fb48baca16a9ba9b6c8ca469a0555763b54f04c87d4e41aa549258f30eefe5a52d2ba06657a8773b0842e094857b6d8911d6a0636280025e56356fade362b4bf4c875cc19be0c6644b447be0454dbf390eb966c03e10e9de3487b90d0825d327c12495e3c89ad09c9d591e55c91376fb14c2fde9f7461fb25450df1a65806b65f3caf4d5c81ebc6e664871fcf915b9578bb70ee6776acc62205888dce2baa4024941209e81b4b35f0eda1bdcbd9ab1d6db6140bda4c41776fe675d5c681da5852d50c246dda4ddf9fdd7c5fdfeec85ff6c883c78689c2977584406a1ddef977606c182d6c33561c39c071668a2515e5aa6f4aa1faa392aed95b82ab32b79a15e3b5a07551ab068455131b72493126470f26c30b852e4415e1d8b719b3803ecc336e4facbcc5d1908851f4f39b776bec8b6b9794d47e5965458858560eed5a0305e260240c0849d93a19787b0f8c795eb5ba32be573845256ae6d0b0a3336e42a1beac8bdde6d1b6e0b6207903d4b105f4af2ef89bd099ded870daea2f170e03bd5f6f4490e60bc222d4876e16d4c58aeea6e6c400dbb9e9f4b2b142f0fc9bdeaf4132ded38a4a8366e107cac7210945fa2df4b124be37ef76290e5b9758aa3bfe0091bb0448206323584c2f833e0edfbdc0c33075fc9647a3404ca490bfab94302a0679a1a42fe9fec6af0cd98038b09ffbecd2832b579b2294f6ae5b96328fdc0a0b9b3a32cba04fa8bae3389c3951173bdc17caaefe526aa386f98670b177683d0b804c5875fe9c7afa233ee66349c9fd1b60bb0becf5e1d887e67fd3baf34b4f90d94699d18d6bb9d77d4af358f31edc254de2d6c5fe3ec07425c633b18c1b9e3606b78b40b543e1fd31fb578cf58c45744fc073fbf3c7d7d607e815379a5fc565892d81560eab8fb5f1ae6771b998c592e6d288014f13ab283d53fcbfa66e31a9d107308402191fac2cf2b799c7dae91b93a7676898b8a6e516a86eac58ed8f6d8ed2fd4d38031e4a4466dc8798b90c48e6adb6b4391d47872443cfaffa542b4b132f6c3408f0081af8692aadb4c9bbd55053ea56d8b82998f6b4b41d331891acfe6af1bb0d6679989978368ea463743b514866d2d01fb9950e8990867bc14f1db1142254adeccf3da812949cd03cd1d569e9d0bab7ca7405cc21096e3cd4d007cbb9629372e98584b4c6b97ad0bc314e1ab6ac71184ee555c01973570ed9b115bed956f9e4e349083013098b1e483f0fe44d5e9849f38a2f7ae152b36a266ea1faf263ea8c706632ba8629602187379546fc6b82e57ededd6d074c15c771754710731e07c207899eb47e8d7c72ffd768c36257d373375ffa06f9b3f0af11417f9ff9f9b44e1f1f96ae8aaa429af88b14da1da81c7bb38a0fe9372ed6a9ac6fb5e9e56b82593d94c5192904450227bf040b7ce0904789f979845e112a1f995c849ec3f7e49bd975a474e8201630f40fc0d80e76019f110ae158cd0f8da96ea4561f24237d8e795ebf52368218bff3e9d5b040ecd2caef4ab1e7127e53bfa2b3b4fb74829f9993ac703192aedef79dd9ad24c2c976638b4575afbce22ecacc273ba43379ed55ceeb51838b0adb80585bd1b5f2707ee16b67a7232adf7163415b24b9ff9dc94b7197fdc89e2a90d2b9eccde45e965edd064dc0d1eadabe11b8ec3aad2742b5d3323ebf913a92817749090c20758f98aef2544d4c8b48874e8936d7ee492d5585675c214deeb74fd67c4d170ac5e0aeefa607c6e37abd4f8238e776fde3921afab75cbd8f392d3e88da057903ce2e140797f4a85737bd89455e6aa27c7535687b78cd0ea59848e006c8de9c9c0cbc7a9f5e977be850adc710503ce4ba7c7bd0b042297f518abec6c8ef451c33e030251f506cbc3744228b6bb4dab86877d9e6019a0ea9f39ed37557b3b5527c171da5f013e0d3c480a038cff2c087d6e5d41b17e6c8f90c334b5e2b9ccbe9d4efd99fba1f907d00a49b71b5a08aedb644fed24bcf04e71be67b03cd20d53ccef8f854f5e9f7f28c1e98a8a53496646713bebe15a93f1ea336e6e8a4e68de5dab0fe880bf983eec75d1c5027357f6669e098411e0bc3ea2293138f5b34425f78b6508b94d4c0cc32ee9afaa409a26e5f2a1fddcd6d5ff42a89755a58b08f243957a2e208e24b055f51992ab447bc06876eba169c545fa71b88a0fc15d1e0be9d334a1dd0c86f44bd149b42c07608a9a30d0b7e13574f8d862f2ac72b2ed38904d7cab194fdb9e4dcb615f5610b24e202a36866baccac01fadb575df11dd43e00a3b92fcdd8c7702ea49d951e7dad2a56c075730b4af1ceda2bcb2310256f28312579fad40ff471336ea6a44143edfcffc297258d48bd2ea47efab8f0dc00f1e6dba1a55009ed627b7 | ||
| 57 | |||
| 58 | Len = 48824 | ||
| 59 | Msg = 5223e2fece634a95e1e7c83ad4a11a0478f4a41572bd66c2d7902cf4f94404cd80b1f58fbcb8eeba3984fd759410c12f8ee922865f363f684df5a8787c87ceb3086fb8535157f7f39653dbf5c66ae7219253838ec77cf1c6db518225c5ba0a8212e5911236474b8820ddcb8111b87320adb82ff553986324aa2a21c37ce4a083c89ce9931290d4c1fea933e31d014d7507a28e83aa917ccae10bed1a490e77fe501b299f8e3b78e659407ce1934d5d68c7980800746f26ffa9794ef1d23f793bd2eab7fe524e213e58280f441ba48b40162305335b3a480c2afeac11c27f8d817792fd7805d4b61224eb52d35c0fbf471bcaede505fbc9398b216f43bfd69b1a669a61d44fd21faae410af58ff95e1c3ff1528de1aba93cef56bff4d714d8c4cc88a4ddcda52444ec1208d99ab3fd9fde98c1ee6437d8d138f62c5f782eb4660c5eb28564b5b0d46e3a2546009148f3d02b837c5284e9f508290270b97b9b29e84445a0b4df662d9711e6b73c11cebcb7120dc427034b1ccf57d8e4f5bbdb84d2e1d4bc3862a2b51931d3c9a7a5fd6ee5f4c7327c338abd011af638d730141b6eafe63469eff50f473262e9fdce636eff4c5663acb6075a4fdb00c8b8a8d3322e1700a5b3e7db90b36c1a94991b8f51657121b442db6f890e208f312466778d73bfaa8cc0ead4edd0776155f3eddf9abb1bbfc0c94421adce83d7ee94f99f61e1f25a55fb596f8b40ccedbaa8e5e2cf629496f5ca60bc4cf36d917da4e2b973eb57869dddc409dd66d5061f22642743fe843defa0b19dfb2f56425abeb234181267b5c0d2ab4268c538510feb191bbcd1631b0af6c7451cd4c641025cd8bde2d9ab6e6b948f97c1ee6f35098d553e8e9da9b4d437125046864633f109d6a558b38b270a7dd1785d44d248a863a91e3db5c0a1d7ec133decb65e81c3402c98ee329f660a092172bf6b1a02491895394ebc506882805a6c93e767c0e58a5af717d950a206c0f0055cb39ed88816a9fe3613d15f608e486ac08bfa67d462d24e6a0a37716d3fbdaeb9c0e951c1e847fb884ebc1cfe707dc6e7269eed1c44331d5957bc4ac9dfeaed4b157204a3080fafb9df8917b8d15aff9c49cdc739b8fdc26a546794991c183fa523d14797e051894f48b0d62c2b70834467ff9c993b82fc1152c1f5479ec6144c7e8fb10d1bce26bd1cdbeec4e95ee073f3bcc3c7367328e30543d371b27509a577f5c79f14d5f687ce62b82f856695af9f7dd350543ec763de75b593f1859e44c2ac01ba65f98743cfddd8a89a38115badcb51a0ff5655f830c0122af6a830aec13ae5eb89a93755b3a5a6eca233f21cb12db545a24a5334becb8fa32c3d7f5805faeaaeea85a551fc62c94807faa6474c0d74cae79b5d8ddae07498fcc5b8b4f394867112ef5fad1c9da66765ecbc7fc0f3269d29c9c38817c77778f2c19b5a3c705fde9d76a4eb86aed4a7369a832ad267312903462397f7b8fecfa8b195cc2316cd53e48c3371ed2ecaa3e484b8ecd2e22b1aee910c51ed5d71198936266f5a00655d82c089f49295feda0a2bcc1a54ec8adf565acc3a8b2d74c30eafbbd843c59e67f293f6d8296cf7b611f01b57dafec6e2d4d411a633918068c38ef47b72ceff1fae772891141c3bc496824509d78165c1e4cd4b4989321a8722643eed69950dc120fa8da3e53c3181f252d7c4cd2cedf8f086f788ee77a98ab5b019828aa02108f49ea4a51f457f7adfd2220d3e59d5f4a29194e8f5eac40ff80312ff6888ff6393c3fc0914b08c1b9990d247ad80a441558db1ee1203e07353dd99a885a7ff5d791af2548815dde0ca1f56f89d39ef6b93dbcd0cd54b854173903c12649587433f0425fbcbddfb66ebce3eb4800dfddfe7fc44d9b23a3916b1db68c187da4dd13ff0157352814b1a792de7fff855761abc6fb7b93b48525fa90fbe3a51dea974069f3f5fdea86387eccee13f58a8eeb8abc6a43fd30e9788c3bd9ae1751b30a82d420225b2abdb1bc121b9073380be16107188d20be54f2e9c658d5b443869ea0e991c496104086290b6edcc1b656adf94f0d42458750fbd8d88040c518ebbb644f4dc4f7c6971d8d60eee0272df7b51a3d5248b4b264fb22195ad891fb6ac994ae5c0bc6714ae0b0b9a484edc576638b78ee89b568195a8f33ed8362128c30f9b0c7804b3ce1355abc96b15aa55c1e16a9e9ec90d1f580e7cb412a7e85d8585bfb950acd4de5865214ce4db7f6314d81784c588c1482d5f28c5fb62e7dd7aa8237ce9396ccde3a616754414cdf7b5a958c1eb7f25a48c2781b4e0dba220f8c350d7b02ece252b94f5e2e766189c4ac1a8e67f00acacead402316196a9b0a673e24a33f18b7cb6be4a066d33e1c93abd8252feb1c8d9cff134ac0c0861150a463264e316172d0b8e7d6043f2bbf71bf97fa7f9070ca3a21b93853ec55ab67a96db884c2113bea0822a70ea46f9ae5501eb55ec74eaa3179fa96d7842092d9e023844ed96f3c9fc35bbc8ee953d677c636fdd578fd5507719e0c55702fed2eaf4f32b35ec29a7a515bbc8bf61f9baf89a77aeb8bc6f247706c41d398cae5ec80b76abc3a5380001aea500eb31b10160139d5a8e8f1a976dd2dde5ce439a29dba24d370536a14bb87cf201e088e5e3397b3b61477c6a41e22a98af53cc34bc8c55f15d7924e7e32fed4d3c3ddc2ac8eb1dfc438218c08c6a6a8eea888b208f6092dd9f9df49e7ede8bf11051afd23b0b983a81bcc8d00f7d1f2b27cb04c03aeee59c7df23a17775ae5984eda788eb2015680ac5610fb1380b4e7d7a9cda6178dca98690449f5551b66ad2826cab2b662f56903fc95b4611bc86f7a834a34ddc3be7bf142c8baa096abaa3cd51ad0c0b6d15e590eab9e50a4c60c91061f1ed6373d91974c1ad9d263110a0d43fd8b596396cafc0ae70b7ac24a59bba090a6994ec483db7ed4c572f723670a11c724e8ffa2497d8fccae37eaa1d14ac1537eaf80efbd2e597b2ffac97f2bc3cd2c4017f170544dfbb0d9109478fddf06ec0981542bc8107a725be25070d2cab4716f4edfad75fddd582ebd363c49e8efaed9a76ee51f22304eebc232a4f67f865b04f610a628fdb317116666785fe8ca30619a07c83cc449855202d687f162b12d93b63af6e7ddfb7223d4ab998a5f450523c1d521ab76f4aa113cc2967e04a38dae07c51c2d0f44fdc8605c3c53ccee91a2c73dade5dae021cbc87d5cd6e5fbefb65335827311fe1e91921ecd66b2055a6102d7a976308a80c44e6d47a67718c84f2112d65486a558f1f269b91d9f47e3e11d09c0c748625bad2718e3674898abdb19d3644bcdc9317c09a3ac02f514b2a57e6a706362e5f6e8fb16cc83daea0eec85fdc8c367d84c9230730291440a4b109f7034d510a3f70a22dd4fa69e8b65e5fdf87045d560eec71f4e59531c7711d4f8917a96e22ad07346d2f92a13fb4569fa6a075da6e1acad1eac1cb2ef19ab452264de2357c927c6dfae6598cbc821eaf3b8da754ce91a96c702c95b2c308bf3a550cbf4d22d417745b5f17d36608feb826b862747c59d26a0e8eb96547a1852f9fbd095f1c5d20721804941d462f3ee2f0876ee2825c8df24c4f00f0844e50588ac688127013df8eba3c971362dd255420649245e880212cb3d732fb82f866dda090040f28e09cf1c86eea5dc4fbfc373eb69745b4afd841ca8e172d4a8510e7698345fd4cab9ec2ca0453a274720bb2d2e5468bf0d0f85919dd762fe3df969e6c071285e25c2e2a49659b8a78289aee655965bfa3cbca9b292a19a855ec40293185354ff4da9451ccf98abfda07f1137e79bc89d688963081dec641a99656b040637402890f185edb28e7e6a2f65848a6af158f90eea440aa6246a2e6c31f5d220b9846aae2027afe5a7caad6dc16b56463367cd9e73bf22a1d6172145de4565ee369c55e3b99ccbef70fb080a3748340fbe8f6b95ba46e8b76de5a3c4bedc37c55ae24ad02267da26769a3a732badac2e0f3a5393028dd54d78701647582cd04c8310e9f1ff1b433125229547130e1737a1f33604f0d670ea7221097c3eb9c7fa4b8293d7b429af76191ea8e481dc1da31344537a09b33404d782eda1d6f5775500c1d8efc615778baf0905d9fcba1806ef986c40b1c6a72335104376b58266c36f5939a8b95123e8635c0c95e80aaeb97379b1179d6332dc07539b595ec32eebd3a336a1128f3cf2e2924db6d8504a516b62f26d012b7f75cab765c8374a3824da5a405746023b51894649ab422d636513ee809fa181d5b6fbc63351e37a1b14efc8f739e86ca78ae3e280f1c9e4824b2976ec4dd308ede6171a7474c7f530128089bbd75e10f9e57ee17408b4384f99f886a5f63a2320a9b90eb9bf692e1fc449171eae3bb1bb17a6ed937ea57af3c82db84e073b5306683e1d63705b9742a085fb802cf5a1639818417fc2223f476c2566351f4b3b17a822e11255f3c3412dd39190e200727bcd3f9799519ef792ec7c2b0b9d0e2dccf013d436dee63483c2ce83c15c00a76c4d894a60cb90366ecf9e61221ee8bdaec66d715159876d8305b35c81f96ab2cd8f81f4769e9a6e439c08c329036f5d2591ac42f2747bc0e77d4e566358a3271819b6003b290211b9b847ab70e906aed9f86cc38aae27e1098fdc3bd5d84e66c45292183f198bc329cad794aa4e430534511b7d9a75104061b409676a16c1146af0a286e2de8bf51c4a35193581a902bd3224cb9257c961989042538092af92644a63d6d6f6872a29aceca39341ad29dd22354812c4b7c7068b039ac9ca7e6358e662a28be001d4aa697ace540cc3ed3c97b98d8c5a6fd3543ae9a7962c9229b14b0b646229807747064be3e83191cf24092dd67f675638d9f6510486379f47f5eeda870a3187946819ec9ed05e7b325bfd0eed5c9a0f4a2063d63c1a8a0a309f586c94d4a68bbe860ae9599ce204c92cf9d92cb460ff99cff9e5a8b3824786360e1e1861e71158395faeaebe7aa2f61f76190f174aab9a313f0bf4f1befbbb22768b8c22719cf3fa9ec908b576fa4bbc084b1ee5b5a7eddc89b58b45ae7b421d38215aa6e49304323eb4e202655f3c8b16ebd6b03058e75a907ee63fcf6aad5eb96c1e5faea81b88b5eee525c4663af52877c0f759432913b9d48030903e7f9f70e851cd4e20bc56aaf36cb02293d992b38b583b8f0b25a08c3303d8af5b1b37f5127f7021b13934645ef3020e5caadc5e7326ed4ff56f797e26cb986b6512b0cc76f1d8e7be44aaa88e12cbc644f14a7feb979d2ab66907063c51e052d0f8b25d827377fecc5111be0d365e08d17f559e3134cb9db294f1cac03150f4232f853ec15ecde55fd1023b58e83934869796400088e9177e85a2227ee45addd049c1d6b03e5b29dd570496fdb2fde7d8cc74fbb5fe76266ebd90a3b4d57e6e6cb9f0bbdb7ca03ae955915768011c714c909a27ee20135927af55d4feaf2c345d029a54af942da6f85f2103345d059f66864e6b0578111e2ddd5a1cd8bbf4ae35b60747b93f53ec8ec64c10cf4149909b102a2b88712ff3e5ba3611cf96585a6b36fffb64b8c37a114d6b16a53879136eb0b5e003a5a068e3e8422a4fc8d7c77227cce64ebafcde2437166b62ccf486660a7a2ef37012ebacca26ecd5bdf363feeb06aee39050974c25d6a564594c67f56fcf7ed48b07fab4e25ccffe002bbe460325abafe37f23dd9c145b4667f146a1635e462330f02470b35c5a2519f1350c02b263201ec9026cfc57d3659373910e878f2b6c1c5be774df8e01e775d476956c257bd0ccdec17ee939c46e5653d5813eda752ba7bbb245a99a5db1ae55d19692074c2e5820df97c502a4bd1b12929e1be8e9ce6d802347c3e9c4202de6046436c05ab55b2fcb2c227adade6c2046d98102cfd0d859a91f8104eb9f6f155da2acf93df2405bf2c083eafd3ec41d60b810e0bdef6298b21193642a9c0c646bc6771a5c61a25604d96bdb727abd5a7ebe4ddb2a56a6ddece26d8007b26043ad44279c3c8ffb7e6ffb3cd4e10ea2780f509a8a9bc31f99a7e66201195f1543a0a020f754d9a665a29a896faf673df6811379579891374c71b2234fc61e95d4d46f15d44bdb4d7c3b3be3f46410ca46827b8cca976d8866e8ca33c4945d5c87b705588b78015b529843af0b75a7e1e871fd276c1e947d896b92e6181ab7e3ccc7077bb57fe85a6958667d3d7a790f6cde1cebb494c2912478a0eca2bfaad62492e9f1caaa0cc520da08c0d2d910cd44255f4c2ca0646dc89e789a1cf9a28e2f99315d33accb1639cbaf0c94181b85fef648bb4cc7f66dc65b8e90bf5f3b763e58520098febfe7e47bddc2d9cdd5e40dbf4ddb8d51f51bde2e57432266d248d13ed09e62f66794d188f9861c50ec41f0eee30f76f4ece250956733ee97036098db41991a4a3eb7816196c8e447db3a2913bcd992174a7bde1f42d57c764b47f5bc09533760c1ba74943a0dca291f2746bc1fcc573f9a22c72a5eca347b1679683fbc8f32b08d381baf67b7266b14b3ba46a04a3ee45881ac452f64df1bf17f70f4cf9fa4dfed9ae70184679184784a0451d2f5c19c02031e0e4957b4df68b4a069a6f6f6458f6d773924a1841ba664a55c2c3187dd33416cd410e56e4bf8d3671cf737bf67df2a4cc4dcc786872b9e2dc4009fea0e48a749353ac053d80e36357d24d468dd595bc823017c015d7450fe38149370c5decf13b00b6b0e0a2567ac08b45f7b0c8a7c89d227219d051d17a706ccbea49a42035cb327381568eae23b5e2a3b7e8beef6f260d24ab224827ca8ee9d640dd23eee94ed02c9e26abb3053cbfaeadbb1f365a24d8769d92240da842e0b361524020b5c9c22a2fd8602dc9600aaf02b35344309f6bb018a94d4cbc9639ab7430657c4046f0b25df517e31626abeedd58c2e19aa0ae1a43ed2bacad91dc04a2fdf9cc33cc420f4f04379e95988ab36731d5d5402d89fb47e826f4243bb206124364d63564a0872f8d2826eebd9046c7c6f2e7c951e49d4b22a7eec89da1fbed890d63ef15f26422185143c89da3ee269f83e1de11a7467822146042be92295a585e3a09e720ec522e1cbdcb41acf5ac45ee892677ba3ff670d71339a76ed98237be252ae21268e756f05ba0b094a1803f9da84a8a05d0ec9456cf565e1b548cae95eafa0fb01f091935e6eff2413bcb15f605f15270408216fb5b41ed83dfa1454c522375e35bdefe54275f109d0ab450636ac4d8e4d9e27f2d81a15b8cc5e98549254a1c9162918db3e399118f5864774a9d6a2347e1315753071eb1204c8bf5f52b1a0da37e484ebbe545fdfe6b031215678c3b83a19a24d7b661f626beb01eb82b384f02f42bcad4f40addd48db8a92b90d2297e6143702056123286617f86fbef4fea940f648867d790b8f803abc5f4e0e3f4226954c296afd96e287e21b7243d05e743161810da578096521805edd81f68a45500f6a3a1885cb1f45cbd399dde024df65072eb973c827fca13eeaa3f140842016f509aa9ab4603d2457c92cc9aef24950697a0044e3d7c483b8d8391886cd50dff8c2f16de3d6caa7f864c1b3874750781b2b78b545a94b4da0b0036433c6561f5cfea50eae9f5645302eef18238473606e9b9931880d0f6368fa9970d1ffbe59c4454bf97f4a5e8091801b53ee4a209e0642d83605836f69742071aaebd9d813b10f4ccac03851ee9f20cd1351f8e68554c9bc5f58ad19d474ca128edbf561d195e52ddf3c19bee3bb597ac2f92143bafc98bc09fbda6d18dd4ff2a93cd2ba17f54f75c32d3f141468c2baef4e53b6a340286dc2599bf7bb002aa86688e26f5b51a6aaf32e48ffd539d4f3f4bbf0cde2d20138151c82384f9ff29a634ab4e0103d93340bb9a7b0caa108bc7fdc88d7de14abb17e9efdad2b0f304f0bfcbabaeb1b9db75959dbf54930e67aed3a9c8309aa90506b6b9ed4f1d06c4ced19746e206e1e9b8879663bf56bf6c5c920ac5e09e6579b780cb63e1875ef0a731b726864b7ae5705a2d6d343a4a213a05928b7337a59f900fd04472382610e2a8d25383c9ab5804d609e79a88d70eaef3ea22d3aa9100fa2a6e98e97684ade9fe90d6bfc59dc9dec3d3d8db8990bc2123ba92e64253235e9b4d682e8aa04e23fb9bb6248a77c065e93249de829bb2fc5ea9e396461090222816bb29bca37bf86698fb995f62c50110cf418bbe2078a56c5f1ec9fdf3d0b09a719ac253b5bcd00932ae058b86611aff51c8ca8448978615854b69b0216a6eb8050ce199fd9a13aa0fd652570a1b187f61e6831b3a960521c3705da8c5e6c64c7b196ed4a49c2912d77b670b177c6458a7a49ecc1ffd8c57c0978d2a05cd1f1c7ac9514dd14b7b0933a52cefd40b6452ca0903df1f55828025c7e18109a6e0f2ab25724cad2d6f57cb5d894a6a508134731e9b9c61254f64990941f4faf97394b634b91860cc6ec346aa666600d323c849ea4c4a0ef55acbc56495ca004f3fca42ff0ffb11b0e1164c95ab89bf1db3d4f575ff334d4e0d7d50e0c54c422eac5ef78c5a3be95f2e18872540fccfb597211ec79d9d47b6cf41e385b9c2e92122167fe584210f63bf919c620d | ||
| 60 | |||
| 61 | [L = 28] | ||
| 62 | |||
| 63 | Len = 16 | ||
| 64 | Msg = 3dd2 | ||
| 65 | |||
| 66 | Len = 104 | ||
| 67 | Msg = 3d232201038fe7d846ac1bd4c6 | ||
| 68 | |||
| 69 | Len = 352 | ||
| 70 | Msg = 44c98cfc71f82215dadf494d68d1d6b92bb4eb81fa0fbf945a659d9aa2c2302b5c93fd3eedba31e479e29d36 | ||
| 71 | |||
| 72 | Len = 504 | ||
| 73 | Msg = 02a5c7b1b749d6d49bed302d9439f23ab83020bd4d573906f4190e74216ad33aceab775f71cd31092bba5cfa42f0845bd16fc1b8bed6434dedc92f80b395aa | ||
| 74 | |||
| 75 | Len = 13976 | ||
| 76 | Msg = bd70deb2cafa75918308d703a6783fe9dc5e3d21de9bfeb6dbb1cd531ed5dafeec463a02abde302d4ae6ab3cdc2f0f94865e38339c88bde507ff71bbea6b30b9851cd8cf599e950b8c8e620c90adccba0033f934ca66ea0a936afdad575bb6235099beff1a632c9114a8045a0919fdc21083880eb05c0d8c489c7810aecef4a41766f67c37557e28a9db9a0d909c2b167ff7eba79693afd3ee3aeace38eb73a5a02a882cf89b123812cf2a0f6d5edd1d14362ce9c43257474def5cce3adbba8cb48e7af9a45e702a182dbf47e8869b3f99e953ba81628e502c60d4f8ffc551c31b3ad6ca85c52164839d5e9d493deee4d4b76604174bdb5655385d34ced2c1b09dd5a486e1f9ac501bc611f9d7aa5c748f496faecc14c6c18e1dfc6aee2991bd0207ea1701219955a751df43dbf66f57904675a0e9e6d7f9a0b8bb82a8f44951117ab2642d6671daf1e5d1639d48aff6a05781c2b5e8976653b0a164445872d393d30355acf0bb49bf2bed4265c9a3b786249afc7a438d706eadb6f90a7f93ad51bde6d2c8e6ff09dacb3dc67ba0d3030c54c8367e1e4280bb5903274191344610de61c3c770c6820a6cc9d826f7c743f88f13580ba23cfc00598fd733b5dd069bde7f10f2b8961c16b69761b0f308dd137f844a67f6054e065863f226141755b96645a291e3fa3fc853b2475fbe1d3b25ca22f4da4425dc95fc855e63d6699b311ebd5fec1c7753e6e81f747c808ec3f618f63eaeb1221075edff0532225c40ccadee304a8997c03920e7ce4e60e4df4d120611296786516dd4d9cdda2077ac52bce0fdf552e1ee89a0133f1f87a6f6f35f5c53958ed806465919a0a5fa42488bf29caf33a0dd469e13abae351d5c6fb1a800ee384da199c823c965d9d5457a3ef8292c4d9b142e3f1fb502da498eb44d95f8c85bcd6871bbdbf004bfdc09ab35758f5e8b6a0d0f366c3b255333c52c8fcd4ecb4536b5f6e72897649f3415443612d72c3436505249a344feeb04883f41f90ade40af119014b3c56fc108f1ab0a77087d9226665d416cd975e9e4605529c032e8926002a70924820c6c7e264a794b2a3beb63d69ae56e017294fad4d611cbd0d3847212a38f22d623eabe3b884a36464d8814286fff52c4dd366f6c2abfc2eb865e0dc9ec6e55ca9d81f1b8cc47e2629bb162e54655bf2a9e156ab0bafb4b8ce96858aeea6e6665607a3f268036f4890dad759486b15e3c9e791429ec8f11bae4ea7c490656fdb0551dcf0b0be017c08bc674bd97d9d701c3ac955e2941ba7d5f2ba122a6f0c1b164b1caf2d50df111fd4287e9e195d181f6f514d7dadbefdd4274edc234025b727680576046842a834b6ad89eccaff5c5209bb91d652357e3750d8bb0165572fb71d09fdfc60f6b1e5d868c67c0edead427e7aeb734e29b96e03ea174b6b1af523feacaf6bd745ceb1bdecec9251958b7f521182daddf62ff6c4f58977adeba81c616ff2e937ca4f16eb9c44e63f9e974709122083ae45524ff87d7a0cca33a90f09b660db0efeb393c61967de2564315827ef1cf42b71c0f822f471713c9d885a3c3281d7c95dbc96f1c6dde0af70ea11232b00a2d215ec8de8fcf84b6193b6ac9d46de660361aabed3371fa44a6f32107f3854262eac355f9ef98701f580b4649175cefc29950e7a0eec958f629999c4b0a98fd4bdaf5c0bd97c963b551f2220bd41ec00b8726836e949e818a49aa1ac5bf12c64fb9991111ce8be3e0cb9605f753dae1a4c84389416f17fb66cecba45d591b22d64e5a4edcde067a088d9ff7f5dbb9dbf324510000c55d50f480a640fb22da9b4862dd81080d61af9560b601edb5e3346263f5f193df97079a27e3f9876078b80ebdcdb17ca4c50aef0c8329c72a7f77584cd963e105eea9c28a2ad4e95c1d018e27d0e720ea59147f59ad796b80b6293da8a55ed47e8abdd37221db0a5eefff31688e2adc294654ab0fddf9c1ffafd4783f01eb539492cb35a77315d0ad19395f47b18298a7b353dcf5bab0b2f193ff73d99310478d2e5c4ff1c68a2493c138818edef73caec9977bd4eda6249c8933953e06d796b288f78b18c343ef561082fd03bf92b084afaaee741de3004abaf746350048294bc52450e31147173f2da13d6ffc5adc718e149f9df3702f414dd3ee88296ae8a0106b071b589e8696401da7993d58a9bf8e5bf417165498c96b4ff5fd2b45bbf88f551688425122a3737ca54b2992fdb4d60957a93097222c3cf4c45dabe18b9d6a69e6f27567d5adec489e4b6812c29a8fa52f1de642b7b0e749c16f54473ed5ca2fdf2199e885fed308fa62a3e0deb7e0b8e439e25b3e9f95d755fdcb7ebee9d73069dd57dd1cdc5145205882023b54f2c9dec6cced9e3f6d24e8cdbb8ef121b8f3eded574d81908e867af5ac82bfb8ed60848b4bfdc1d998bae3a9ca80c1c49601d11a40409c62b1536f01ca67 | ||
| 77 | |||
| 78 | Len = 48824 | ||
| 79 | Msg = 5fd54472a44e4476d254c0940071ad42dc723354f76ba61f63fbb9df80d1ee56136f51b6982e66c1da83602fc08093506a9e2cf27cb92085ba5c627dd63f59f8850e91a1d86cb1d4ca38ad03160f3c584b128d9b21e935570e086d3815307ab8df396cfa0c100bf6cbfc0fd7a8258fa1a656bc178e02cfdc868540d8e5ad39dd46794a8bdc205e710555ee7421ca7475a4f3232e6a0cd55d4b5d4525f0bd7eb1e455931aeea6918b9fceb2a32706d31a6d7028a85e102f228417e2e7db68317ae155af70eda98c8dc1ecc32a62e294d92855354c1114c5735a3c81e551b63a81650107557f3237bf953989d17c65a0fafd2bb1e32c237f98f55389e8f8b0810e97e201914c487a68403c6d621a98ddc515780435564245d87ce462b8785def699f7f06ebfdf33dd1ed7dd5a3e781348298c7950a387bff7d1878731d7ac66ad9a6607f2c3a3b6843c2852a5e882a8d78ae9dce2a79d595cdf09626dfa6f1dba7d40ed21caa29e304e7dbd559a89bd1f07d84165dc259ef112dc6e2c5a3e82b1c50106983f6c4965c85073c5deddbe6323003d56abb0df590f69010981ab3407e43eeaa29c6156995c492c931fff1b686eda3741a0bfb9094747d1620b2580415d431ffd6c02245f6cb03e39f87e82834dcea59355b2ba663ce145d2514e15e2b2c60cf518ff510c6c3e2f16d2dc523832762ed8352a320462ddd4d6fe755350672038163d996b44ed3b85d64989291bdf39398cb996de785b9614ec5d4bd73efcfa37fd4470b17d6240b8e4c715759286b04c3d7d791e2689927c9f18320ff2e6bc7306c805e23a5de66eced5f1a630cb43dd46db515f837f6b824b99b86c10b6df7fcf22d97be05284edf0e0be597b3f9c63556db031339f79ac9e6c5f8a1cefdbb4b30f5bcd23c2a4dcf791cbfdd6460284c5af0621ab7c5571e40a87c87be459c85ec81d746930dea24f43bb11d6611ea83409d3bf4f987778d8eed1d5b246a2112ef78ef0252f9ae464810c13f02359441d289958b4766807d9a3be0054897d35b01830deec1151f9e3d42f92b80f4aeedd65c78c6e98afc562a3bcf6d72f238c6e94a38f2288ac7929a7a61c92875c1f115c0ed8d261a727f0794f17ceaa3dabc717478f6ce7f2e8b295f000241e154b4575bfac8483f6b62f9ef4e18f7d341a65faad5e2fc1ddaf2b09adebc155ff09e63d5aa5f95206e66c7f4ef2ae3aaf3ea7c93589efa8c552df8d203e0ea181c1703d7023b56e603f33b4adb9bf44f7af290d8081210f327a6c9b0785709346087fd090c42d2b8b2711b9a1a5173eb5e246320ee27867ad6c3eadc4407bada44561a12cf5d53bf0448308bb536a8a525eabc1410c3a34becee25fd6fda453251ec229b53751f2280e142c6b331daa659ab655b78cfb08bf18e40bb02b7f1650eb2dd4ba1707f0aafa219f21c29521581ce249e2e34f5656b0a04c00485079b040e13cbc038bb9f17f47cb8f908591b26bdc28538d8baffe4cc39b17d2ecffbb9698bc2b8b31b08424034c051b535e0cfdf07b7a0a54781e33ba739759991aeb72c0ed992cbe76eb8ec0ab12c182e8b049cbadd6e82e314f1bf15fef5ae95dc86bd64b8556766f8ff62c33492198e454e5ca59ea856d8e095c04da8045522abac865506096ee1cfa1082af08ca09b3533878ea3580b6c0c57a615e0ab768246b3eda96bb6caa01a2648068e21959f843d853e948588e8c0bfda364ef1f9fbd3235c27916562eb0214891eb55ae0e059f4bf7d1838b5942656c27899dec6d67b823a981d1e1e0aaff5323b0e3d69a7dddf9b12d7787ab763a3c7a2697ac65b655aefc4bae7e6444850ad2540d5193b378682c77a4dbf9aa22e517e68cedfd1ba32e3730ecaa2e3f6ae61a4f427d6e69071dd62a9bf6c860980c9d23ce1fa82a1937e6dc1ce3a2de096b680d23d89ee102912ac0bd769c1c02095678dbb00b4430428797cfb966b2f901480811e1b9cde358b6d499c9e93f0961f050465d7b0c70d4961e75a9fe40a24e36eaad27238231dae6d0a17f446c16bce7348e669be563649eba9f23be29adb8b10f462780a066ae573f74e51215a26097b02469c25180890e06acc53ab063c742e08d51359b0a39749b84b9f6be44f3ae3da8e5a2f340a8607d4eed08877d007928d332d6f49502bb5f416c46d866fc87477c58a22d3c5932a8d6298c1151daa032c84ad92f8f90b8053b5aa6f690d1bf682f314471cbf200f3d30959e07adc6488dd17b0be5279e727f3237b8b4b19b31a220dfe63882937f8d5ead677608c42a57217f2239614c521d94559290e3b0ed8055d5474e96564224f6ca6389b40a71337da11e1c307dead8e4eb43252cc2f1c49addb18781cf20acffd3db693b02e5c8ecc949b51b99005529e0149a13390615f5df6e0bcd68e1ca82b0173d25134dbf76dfe92daa085d3f6b1e4d18217df41b70c4c40101884c2886495f2ef8a473bf23cb47ab6533c93cb38c36c6dcf6837f1272fc91a6962b6e1386fb643e1f1d71fc75ab58d5800bf4081217cdce0c7ae9e3d25de543fc4444314f32067eeb147c08c55c5c8158ed11729837547f28a300eccc312260215f50e98c4e3d4170208a50a4a4def1243538f906df8476b0c46d3449be73866d463d422595300e160840daf8c906ae4aac13a64457853b0ea6d8c32f4efe3b48c0b1450250086d459648b0ab14fd3f341a4a803be77e56a811e7a26827eb0a1a9454f90bc6ece665904adaa3cdeb2c4847858fd1d79750e8cd45d8da9163784b8bd06629410502debfed5eca3cf8fef0fa6bdcef6efaaf35a1986d6fd68e0f436dca9442077a4818ebda4606a94a3c93fda46e7ef5ccfef656896a0d3d93566b02ed8c3f6174417cdcb99a415b0c6e9816d94e64b438c295b4bfd69e0d9ad52911de5509971b7370593160629b641d690eb2828bf363857983e3b9098fcd15e66448f786f196685d2ceaa251b17ad06dacd614d9fa78ce0a8b9c1c360b529d0bc1d17ba0b70ea8ac1b8d67f6e5770f0cbaee0b38109d26b09493060dc851f5fef121e83e30aab9c3efc2b8397e8362aefea1708f7ffa14d3656f7f7610f3a629bce14648a593250c6f309c02c6c552bb42984ac58db920dbc7d98f59295f37f3e9b99da55ef074ed65801b390366669b4c7aa1c483ffd23082793f9e5cbe30c34250f63fa3ea2cd097593dc67e8d27b7e4f07e73a9f7b33a5ef6962df1381a038d4f58fdbca9d71ccf640b917f631b75d4a2e8ba46c64a6223f99cee30f47c1a935dccc7f054fc39d3498c824e10cc3ee337e781a3971f0e98295aca611bde701c2359858914248f6bafc88232bbc27bd85883b00990bba7862fd7a7cbd4c86df049071fcd10d686613ec877758d83927cacc530bed9a596b5b21c6fb748c379d676de7e05719a867c9f934b5dad99ed97dcb4e70a9b6542ed5b2f086d9f56fc9752e788785ef8f7837a31e433438cf2f18f58be37fe8412f6d21a5c35000a5efb862926700079413f76ab2c3e79e20b516eba9d8c29897097bee55157936607cabaac41337ea4cc783c0809c875259f8020e16d5045fcc39ac796d11a82f25fcc9579bf0a010200f5745065175fdc15474ed514cc796672c59637c3c8f236cfc9c0978a3db1194680c58c27746090d76ca09f7c48ee4ee7e1d3cf0ea70dbbbd88e30e8814b57404dfd7c33727a0c84cb7bd468b0bcb3c89b526679c00fb0892d2a5e7a3d73698a3db53fd7d78460cdcf24ed22b5f39b8c00b3506541ae4a5b76fae29c1cd5b0f8c3ce142e0af7ae4efe3fa4c438a604bf4a9abb41e3fef1b9227a7dccc3f4d6026ca289b4b1366d9ed546abbbbd5677c8d582e79e2b544f18dc23809ab753313d84dd10fa3ed2f723f0b46277b8877d4f3e0665e88c50caf0f0708b746b736b00c8c83a7d18500384bd035996aebb7da8f09fd6af9b76fde7fbfc0ee854d7ec02950e76abd23ffb27a6ddf1772465016c79b98a61bd3940547b207b6507e32cb9761a5604f0f546834a8edac7ae06910045de218d761a4accea886188f947b57bd876491709028e2e24b075d6b022b51af1880ca16a8c65b7c69e51b2ad580ee058acc0606f0a3a9ea1cd4342bf4be602e941dc4bef1239bb9bccbc8098a6a17d63186c6fa75ec44b6e4fd38a3fe49c5eb995f0cb884e2f3ed6be02515fa605b98453ad935682c3bac6a2971bb68f4094cefeeaceda92dec803ccd3d346f8b40b48f8f489e118a17367801e85c79e9b3bb5d73ac44a8290cdbf83a154f2f125090d42e1a1cb72f5ebbd42da46c7a4d4b9fad9612a4c800de6467ceb74f831e1395dfbf5799a3429ba34754add4b34b5960a5fee8f752dae78450322a1ab3d7102b77e907fc1eec5355991e0c7d6c0866660e5436248edeb1a37c0e769a0764cfbb6354332d6e55103b9235c84eedaff918af3f0213c435c32ab409a4b5c7eed8ab6ca9e313dba459bcfa3ee92e7d669be0526856ac3c06a57fbecbba553a9cb4655a901d98af02b74098e478076655d325bd7639d73d7ae00c62fdc361a997ea4ff5b0eba33096b12f35cc7cc0eea62950b912b47c11b9fb386a47c4c15c0602d304b2541da889cff299a1fd415e7e25c70ee4cd83feea7e6a9c50c75d9b128458513d61ec5d0299ef8c090472fe0850f384938ed44d36f10cc2c1d31daee3f946a2fa18f9982a988fd6ac973b1569313ce3c8ff5746c4dd85a241f1e9dca0e904c091832ca028533a3e34c184edcc510bf22a27f530bdca3d057928a96f72dafc73a9aa6dbf2552598e468735cc5736c67a620e9455483e9cb2108045ad80569582ea93a53b491e528c8df336fb326ad74317bc1dfb8ec30a73af01a5dff3e437b7fe48ba5dbb3e8f01ae0c6fc28675a415f23a796bb6e0ef0efeb4b14cf20d4ad88ad1966da43a76b454dac8687bdd97b89b8f8eede91eb34ca4a0523ea65736ae39341fb32b9b716f25662a37382c16f3b9c346c84f03bef54acd6efb364c6401b07b3f7679e8e7f8c9b77b75e6e98b90f4df88460f1978d19744eecccb743a999aaedd00b5a94018e9d5a56bac9d5d55f6e93bad52e84aa7340cbbf98d56213d9dd3e1970867e3972dc98e61b3cff40b64ec49463ff79a41c82dbbcaa37a82b761f432849aa83a3d3c9a209e2207b87ae9ed9959ffced165fcb0d8873668c3cd8f18ba0f92f7acd2bf50416c22ce11692bf6132eb9f558dc789cf9776da94e48cf48607f19d9a11d5df4db11dbaa67a1d20e9f0c96f5956ee3f906e371c489efc88b0c1e56d881e7bf8dd5d6742622eb873e253dbe54f2e2e6d0e6136941de8c23e9a632727bb5f88c23170316c7aa0df28d8d07589dd6022828834f7ea9b4e5876a1704944aa3186dbf89e0e81767cfba03bfb38c55a9945209c4dfd88272c49d1745dce5ceb40f0a6713b5139dc2fb87a8a4888406d2610b7b910a9e5782ef0df719028d8e50a40a269dc9bee12157038522d06537bb31fc87d21af9ad4b2e7e127bbdb313e0a116010f65126cedadd4a122d15a71cbcccc346f55100e354b997154567fe3caccd50251d137c58fc3a2048dd5883b6af9248b51040c01a80c051b8a151a8878edf0304b5554746d6116b749221a1d0082ac925e6e140f0c3b6a180742ac8a50ce0e93e6399102f151d7c14000369ff52d0b537fdd51bec99e7271b1255c6fbc36d83408c417f6825a8e2a58b9054ab2c3ead69d97ea9947fec32d720653c123ecf51a9a3f0ed88743e3fb7b94aea59d0bf0219ee50825ef220554312cb907edb90e4d85f29e316ad57d3b90d859391fcfc63e6c0fd3ec27d4e1efd6e0b5ca8165cbd6af25ed8792d805f27fce308ca1d51335ed5d727558dafe05486a6f9149b8d3bc022026656714222830be582889e6800c0b170e48ebfd069e711210e4ac7acf07652a6f5051507de68aeffc9540cab5cdac84ceee46059ec23820c04b127266c0bf8df0d2b856be3377ab42592f495980baeddbeed3ba707a85dba64fe36941eefa8fd37204ec8c18df3852febd2b142b1c9a5cd0f9e424cd408ceb7788270899fd793db99ddb8f9ca8df550c513790d8bad37a1d1f4a62c4527bb64c677462c9b093582decea70c7bbe873095536728e7ce05d5cafb5d166a1f03055e918f787fb244c5857e3d7a1009bd37f30f165564a082c1510ed19bb1633811a76da70dac67641c2478c6b335f409ef54a2d0f370c9510d0aabae3cb998bd023778375cbf9cf5ef125afd584c11efbf40bb51839aacd3016e5e4d79f134245f952dbad617c78cb6f5712bd9c0c7e1303db5029640cf9b56e29329c3e6a9e0a2371aac1a437b9b1c4477ec9842aa80eaa22c5eac11b60c661de6ddbb088e844293ab8589c13d938765bbaa44301e4137148dd0257bd4c8c766c5d3bfe53671e9417cd1b52f622870ffd90f4e17b7a4ae1b5601a2edb032e353bca652fb565beea6fb0b2cdcadac71794c662677fb1dc81d116d94f5eced526b37c004b95284cb6aa2ac415754a1f14882595dcf4d3f1d905c6e8c12cf5a9d23d3ab55bdaf9f17d2f03f933e1bab89040753648c426b072b73aee8c2fc0d1c03fce2c656e20d4c96803fb2ef471b912267eecb4d6f342d3513894b94d77767823fe0c7438e51f21bcf16f0e98b94b23a10760271281cf843989824f7061bf834f93fd8d2090f70e939700dcb4d8964a19da39a9601a7e0ed9f55f567fc7d5682d55a9ba0e68861756bb549f2f17c10ff6bd2042a80477f89743d3d762f1dfaf230bb502eab6f4c46b26135ff3bef5faa179bdfbd288e3cadd3d88d8012706e19b7fcc6e9cc2699d3ba0e624e715599480d6b7dbc6eeea0d12a9236444b17285fc7794040dd40c2b2ef175f7f3641664fc9bb7ea6d7eb3489d504f8013d64a23aebcb5ce233405f5ade067dffff253f27e926431ad806703e8fab23656e0b7431916d8d4c72a7d831e3664e5f30839c76c8167b76f3b2dc75a6ef48df515e06ea54ca51de2fd9c5eeabb1610b7eef06a2f3167859cf82e1a5b76be8ed8beee2bba28c3b15af6890d7a37226834ec9f63306a0da11aff918753d8b83fe7220803c070db98195d6d18357233f5504a6e3bd6f30115d3987f93aa5d89aa0b8b577d1fed94da057a6f088233efc0f44f86798896eae9ad0b20c8c9cdd9d72a3f02213f6797800894b864cb44fed009440fa5b0197023929f9bad16f052cc2d87327788a68b9209f46fb4776b092d75713048b5453ccd699d19cafa8e9a93fdab0f0863711916efe3bd81ee71b8e0221e12e9ffe2f6ee1a4dc1a8de6e593480f3c05b3691e916a4a7ca51971eb2f0f693dd10f6b8468f8cf7bcce285938b5a0a76ef86acfa2990f88bdafdc39a065db17b845028ed2b7a9e331c44217de20440e406868f1eca818d0be20248c2948b8f4cb118b2e456e585949139270f57c54715f3297bf714aa7c5f72ed8ddf6a074703ffbf95e45bc81a02c42822c22d2b718f2de5e03d687a4b18d605ef5ae75f9d43c8cb4e77aaa0c0101d978120f29574b22f52783c667f7daab3e1f9cfacf2e68e94a24918e3fe2c4f061deeb64891b5217fe5908e7f389897751839982b7fb736fbfb1232684e93123611b7fc8fbeb74f8815b5ae13240051920f3b6ed34483ff673c467ed7f0a8fbf619796e485affbed0697415d2d0598ba34d5b9e44ffd12a5edc323883a2e28efe9baf860324f2d2016748503eac1888213926b0e0f0335a4b51820a2bd3b42d982ec6ce307b453b6385aed7a735a1e98479394147c40f01c532926e10e1b26a5b395bc150ec4b4daf5b1436bd0baa225583ffc9d9e9d8a354f60fded37b41c7c051daea04e689ab2d4e24d7d07c75c50ccfd6a527e024d1632246c6f40f06b86ffec0b29cf894b665d53d459226b93422d37a8da23587fe884dc3c0f2fb55dea296a9a5b9a0d101f186d9fa6288c912202547cdf958569d2cbf235740eed38d10b0025dbb6de31058e98780d22149c19d4bcaf06dd7353fd91cd1f47e47f45622e1472542be2f63f463d253617eafd4f2ad609f9020884905dd5c22fba53ccc619104b6c0203a7f6c8c26fc80ff6fceb8c0c51600c2e46b4b872e6d597511524545a76cb42278b519d911e6c1320e01682c551e204ccdf91290c52e0836167a5685cbb1af338eb794c10fac92950f3f7956acf28f1ca984e380bcff9876b0c71dc7ce4011d1d0f955da9ca885c6e7bb74c6194dadb0fb9146dd725c8a9574aaf3824b727c9be3fce59c35850b162c17d3013689fca858a0a51d81cf4f30d6a8705bbfe35ff03c34cc7c56aca32140d72c8e8121fc71353596b777b266d75b322c9a97fd2c5d4e2362f19c99de66da7bd9c495c03d9a15b28431a0c051e786fa80f5503a72519e6b419263d72d553d688349c0cf30918eba0622b953a0efce4415c29515c26ba15f00e548ef108afe3f8194aeb965e5e4be94f10df6c45ea5c133a8c3398d09fb80f950b83c1866a1637d2bcc195e05cc32a9233b244cc2b1d4930e66f032cb1163c37b3e58b576ab76de759569797fa9b8bb4fad66aaaa56f09c7a0ce4641d6799d7bb47cf684990ec1e08871458c211a353ccf1285e7429c7b8520180918f7 | ||
| 80 | |||
| 81 | [L = 20] | ||
| 82 | |||
| 83 | Len = 16 | ||
| 84 | Msg = 8a61 | ||
| 85 | |||
| 86 | Len = 104 | ||
| 87 | Msg = 37487aa02b03bdbc6bc62e7e26 | ||
| 88 | |||
| 89 | Len = 352 | ||
| 90 | Msg = 6ecd002568bae3bf1873993041bfa292eb94e9ad092d8eb3585be82e8a20cb36a47a06e7a57d301268a4a533 | ||
| 91 | |||
| 92 | Len = 504 | ||
| 93 | Msg = f6dc1d2f6b8e126d99939664693d8709513f97d730074ec2794e536d94ede79c81f2b2ecbff3c2c26ca2d181ada2c60050997f3bb087ce48d956c18dedb227 | ||
| 94 | |||
| 95 | Len = 13976 | ||
| 96 | Msg = 07a6372c863c7d7c6764e4f05addbbe161762735dfd2d23bf268e2d603cd28de9c369ac379390473e1d3fa7e37af1178cca54fa0f782dfbe68070952b93462ea46c640d43ffe71f5fba42df98f4c48ada0d8aca8753e0731508bc15dff283178ae5c10a6ff132eca5dde63a78d3ac94685152897828eb25a55fdf140fd33fd4e7b03f283e201a1baae8986d25603fb0b2566aab345fb48031d648144dddc2e3556c0ceb1104f348d96ae7dc0152e45c625d21b46e70c31f250c858aec4ab2cf5e79d8c79b0854e0abf5330b9f044113d306161968f4ad6f0973160c9dc296056d5a11523ea2b56fbce8387070fccc639ec1c65ec663b9dc49aa880dc4ddd3020c9d44ff7e8cab6266e436af19b4ecb82010a0f8f9469ef380034a02e3f50051a6a3f233dcfe9d553459dc1bebc538ae0183448c9405c351271dea808d908480e61e9793cca111b4cfb9874b799626a1bd9a0f6e0929ad51b97ad81b2438f5fc255db3a3dfec9f0d8393c6b245b03d3faeb58021db3ad391b17a91174a66db4feef1b4c889699bcbea7928f4d29be2d47f76455c8cb1dc7da9cda41962a28ad8cd7b39965b809e7c7eca1c6792c1ce1c8a4cad6290170e91fcc49fa5ff64ab433b4aa081c8da2d9bbb072f9f18ca455469b946c877e3006b34ffd2219335b30ba2e0980f43cebfb629d0b11fe70dff28883ca012c6ae4855fcefea20a08e189eaeed7eb36ed6db3835976f4e60053205805727c5eec15d0e9f155637a9e66268b9c1c302bcaae6ae88cbb8cf1668a487cc996c4662c4a4e195f094cb31c717165e0e13718f8388957dfe0bf69c70cd0bd763dc38c530b67b9c12244fcab8bd13f602de848a2937699f9ef77944e5f22e3b470601789e1838fbea9359c733aaee2c7082b02ee459b7684ef9bbc200da4b62d368351f5520a65ffa506dc9b097117bb7ae88d04d85fb525e91327689ec0fe86971480c0e864012b1e9f044c7d80a4e48c07320dd4292086e4c71d4c98dd826a9bfced112bfa2beb1ce85cad204451ec45703931bf637d4fe89fe8f485620b7f4b21e011a232ade7a8c92be77925e878ae0bea9723749528fe83cf89ecb9616dae6ca0e8d5754ec6c92abb21108c2f33cdc18c6887c430b72c5b193356494cddccc577bd4c2cd53188f352846edff0c2ac7869cb74bb16a77c0f0f194a7a9477ae15abb890bd0bcfeb0c39381a87f1d05319c7e971c10e9ef687f96450b400e25b4285032892b849fd5db8649cedfb03c88defea063ee144a1ab1f3bf05f59c7db364dc39c11a446c3ce16307d78d50315ba29f5bb9a57438564c8c7b3e367cd37d74b2375a4966f47489dc5448f4979428abd32193d3840aa983d3020a9f29d760fc7493ab2576c90b1934b799c1d0d55e4f2caa78f4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf3726519b519fd48b51741aa86720836494b7a589c778927047a25d73508adaa401e9a6c0767a675e31c5556cbe35fadc9671359b45e985c3c8af84113989b299ae4474b85e4b5d4b0578ab1e8a2915a8df97c4f52a639fe32272cb91bbfb721505dec46d51383cb8973425a714245c2e37d0577fbe0d66381d9239db1f08a380cf609dc699698e0fada2caeda44d58d766c4f8214b10642b80b8d7d8add7cc41d47108ab7d07dab71069a2d982cc900b331caec317942122158bac6eac9175c2dcba0c04443aa9188832b553f5ca8c336880824d6bc02486a2b4c086665d276aafe3b1b93729829adca50c44466fd5b5cb977aa78fbcf5c0f0da1b09216468a11493ffb39efdeda5d669ae92bee2f2fb250aa1b9cbb11c36c7a6c6dd26cdc3cfd572ffd8c1dd72a13c27a327a34c6b6b3d80fc6c67c72152eec0c8ecbdc1bd5cb829b811e7f29af6d786f4e93dd4c96fdda295a6aa258d7b2fcf291c2d68e0b1866032475964ec0c6f2fa8c2d6a3936ecb187350def4e818507bf157c0e9b33406be7660605af14cccc9c799b4e051d0d0899e53495bb8931a6e2984bc6dbe4e02ec8b4642fc2f1cb5fd5a5520b48cfcb49e1f9533838753554dd98b6a1b8a67409279df477330e5f37367e06247ca5c3ffefd00e693dcc0c9c30754121c9ee88a574915b9e77c104fd2f921c2c096573951407ba9b440423d76bdc6fc978237a6e302cede7f99038ec31500884775556941f1edc30e3a417b0e02cb6fb5bfbe5cdfacf4006411287bedc565fb06f1be987416407dc852254934df4ab59edce476f3506e65be6ce6ddf91038642291fb8e92ba5b1f0b105670905a2c14796110bac6f52455b430a47b8eff61 | ||
| 97 | |||
| 98 | Len = 48824 | ||
| 99 | Msg = cd8490c93613bdf1f284b94b330f6d6f45a39c651d2a160b340e2eb696fc6d1c35e88872845190d141c669de92a97daa5433b1d7b0b899fdef2ce74b8fe72a7296a5b5be26d1dc86520367c730c7400c2fa06f91ab4c48a7bf4ae35a5b9acd5296c4fdf7451b0ad9cc439b4e34f11e5d7ef2bdda376f8dd34d6f092b219dc085dd4c4a6308b8808f588eedbbc7af7f64e83182fc7ca7cf4741a341060a7969d31445834c982fa8739ded4555108acbea1666a83da17f77cc42ee73323eb53203e3b790f81c08e94c44678b6538096ab7b09916e6cf7ceb2af85987f8e4d982dff1ab59b0bdccaae1f405a73366b5c5935dd0b43e2d2894290ceb66a0246dc02de728c5bba30255fb56ce8107c3144246c5156a8fe40ada9126adf67227fa56b66c37be63f532516211ca012977b04a97916f201f1baa2629eda520b51508ab4229df2ceedce406dece0110e0a911464f69e7be38fb91deba0addcdb3161d2799c628f5a57fa1dc37357c947681bd9c36f4832c20ac466c0c245de3b250c33282ea1a02d007f03b34ed427631283eb614db4d521f555136e7e42b4cfbee8134c63dbe3bb79b5a8b9f9f5b9f5ac61cfab1c54d197f1e3ba613f251eed616df952d691b88a16466343ef2d0f63882ddd2d55b8a6786308b2257f5d7b38af166bd7f1339d2d8899c9eda8fa86215850ba547450c267eb3c9147d96c38161a69d1584e521ffa23384313a1debcd37f72ddad02adb3cadce7ee34b7c1f42a15d0d030487daf9488aa7562845a11ee7ffccdb38b300935caa31f78a4ff3dd93403cf0c6a16ca611b58c736aafd33d6dc56f0f47878211d26f6ab801b9453a7f74b44593dae0f047ddbbf2c902891111729edec44f69a05944b18e7a601f41ad24fd6833da3dbe3029bd390de7c9841b2ee2b079b2bd2737518fe1bbec88da64769dc36e4a8bf716c219b2fe059d7dd220c1ed2c59878db5bf8b198e0689edee921ebc0cd2d3853fcf57c363050ce58071c5fda6ebcfbc1bb62e9eb956286291a108bdd4191c4ff47900d6068e1ea26b487649af119b9bb15dfed804836f2196cbe12d8fc86e3d7ce89b52ad49dc9ddbce5b370f73f512bedd853039366612453733740586d1372143b09f21dd4dbe1a2bfc308db8e4098c5e4b0c1e16141ee50e85fafefc4e2529b3c7252af37aee6f86e19df28871686107d7d57dcc812bc077602642d2ecefdd5f694b8f336913210793e4068da2178600b1f41cffb5221c9b4b6298afb47e85701d7b1a44241679d8996f916c81ff437261cfc358b9ec42a2ce16ca3bacb8690d6c1d91cfb3e0bf1e7ba45bd01606df856fd03c7e946f7ab371a89e1fde86d05fdd97bd7b1c583b04c2ed2b5f6815a460645e4e1b4e950bf6bd81dd0352d1048df85266f1696534aff5b1cbc17f15d82cc8e0c0d4f0453f9439094f8e0f7f4bc045b654d9a2f1f44a9c57019f63ecc41021c05b5380675cb56ea8bb691d79ee204d2c4edacde3c1fb3f4996a11d84b035f965e74009e2ab80e2c7ea3c84a834d4971a1e9cf423e4ea67ee526eb3c3e4c2d7372c4290a0741e1fcca5ae4cf36705abe98ac81e98a5419baefcaf3093a7e0449ef1021f88ffb7ad21b2677e41cdda12025b06542c4b2564f15e0b99db43b7c7020028bd829372122cd910227cb07c53cb58fd9dc620c0491f3e2bf883fe6ee8cb1f5b73767977d857e4513e8b5612f6ae4b56014e6a3ad2a065b65472212e2f611743484cfaef860999d1dc5608c58412fab888ad72bb87dd9b55b692f31e252daf8944ec5c02a5a9c23903c50dbd845f2fcc3bc9806af13ca7b025cabe675195b1d56f3fe7d7bca12530bcc0af217efcb03a218bdb6f9726536ea902c8303b02e3ced22be59753588b5f0e2f3419fa5345a942dbcdf3010465384a225ba26cdd0f1d74999c69f336bb6d01fae5cf81cbb8c1a7a29c1eb83ca6b51113bde56b8cfb6a5d72557622a37f039d090a689accd02b57c691174338de8e05bb3620c079705c969c58e56b079dc9eb44eb0fcebe548f5a31f4072a5ed56a2f03107bf40a359b2601eddf53cade66f294cfeaa40a0d94b9c90d15f61852f295d3911f8ea914d015885c8c64540a83badf0021a416c3e37b78236a2ecd1fce4114033416bdd3a36c18ec13250ee9c74c0fc4dd564b3d24a825802d5ae402a53bacace115ae3bbb329be79d1e5e42dbaf0a6446431145fe49b86a8703c7c41f8985d54f12e314c16ff89351d8addf66ebba2783f2d1a11965182aa0b0dd2de53586c5a695c6265c2b173958da648611090557bdebf11a1e042f089fe98e049f4796c60d26be38356fe020d9ace9008410d53a1bb7db78b52ee44bac364213f5c59f1eac4e3314f3423b92fdd7a6156608111ac6ddf58385ec1f3df12061208db98816ac948d803fad10d5ece2018c60faa13de5e5a9033745c824932e53f4122a39f635813545c1b74732cd55642f19ed6deca1585ebf7242c849bde981572a2199066e9c912b2068c8f1c8b936c43ae95c6e22bd7b80dfea05f495d751107da5928e806d0af905c87b5a0795df146af6580d8f9c6a0e2645686d43822ce9b4be0bd5937c097917e048b5af71c7e7521d490f107e9231ee5bd9fbf0727ba87774ed24cd52f471ffb71849ebd55605996515bdcfe95bb1df3541e7c42da4166dd01ec3597634aa6455d15fe14af435e8d7a55ff1682d55a2da867ae63d11fb3fd987fa5d7032ecefc35d3fb9570940e779e13da18070e6df5292f97f2a281f9598101102c955fe4808a2319c85fdef3d55b19e05bb8c2d3da64bafb67a53491513a24f6f0804aa162c8a7db25b38089373fecc45a0eaef65dd9be3b4b7f9436a5423fdcdb5a9b60138fc6a2261225390d9ae0d8ab7f0f7ffff69dca06881d33a637d634358abebb333df41151f239add91abaafc89070cb2159ce3a31655c22e4696c9fa7a7211d1251d4bb21ea4a321a3dbebc29d97f526251e40e548dcd7ed07587719a266f006179dcd22e50b3705152817057b097b043ad63b8d867edc20aea9b4c959ef4ff70f47128cfcc21e31f17978ecacc366f459ac1cc459a3976e4173ca322675f84f18036119ec2f204c3fb554a0b72f7e9d8c882ab147b3d280ca9dff7b9160b1b437b901f03cbc05fe05c6f44824b48aa8da52ae7dda1653fd500f9ccd221843cf76513b3b74d094f14d93a00d7cb954bc4cf2f04f9a35e38edcb1e84f62057647dcb3571f1dd296ca1e049f1746a8a282e85138500e7649db756b2d2ad88f11c471c89dc6be2cd43481013b8d0ae83da2b855cea7be424f8b2325b1850d1fdef03e765458df4513d57c72ba9751e1edc3c4e7f97e3202bb46eec7be89871ba3704aa6c6fc08851e551a3f655fa1fb798d12f003faf31c56b6df399a5dd0ed29ef9e4139dbc254bc5d6051840a859eabaaad56324588fae881fd638d2b70fb3813402df61d941ab495588e5fc3823249bf9a03cf877902394f512de118edaf98843a5445e9073fcfa409df3db0221f1c77e2dd21e74f9e10c9e180dc4ed17010eb949c6d67a22bd5337b2c68f9eccdec778ece728e91353696b742c8f5a3a569f054efb8c1ed478ee9b75e26c768a5816aa6bd08a4c72e745fdb5deb34ecb86b3a84346c1c70f9c16fc45bc0421f0da2f630912d5079f390cc53b78e343310de722b53d2a3b4aa386caa0d7e91986e19c3363426ba30eb5284293af81d00158a3f5233327b40c3b989725ba7dd5b31ac7abf8d3e0b737e843065cd7316dc2f374a00bed4cf9caa0d6e232c854df1bc24c3d484bc6bcb14ec770d5745474dc6ac3b3ddbffc551c9fcc2c56a5e0ae17948457c01e701bf1554022bc2b7d9dd42b2b91172fd85e6874d2d61fc7b3bb3cee2a9bfec09f6d7e98279c6f511f4140b116c856c1438e34bca59fdca2409f025b896a52d68719bf93e82e7d89bbf798991fda0af8d06d17f39eba4bca09c1fe594b537ad4c9b94ab52c895539d639425f9146b24b016368a638e5bba391bc8763cae7c52ff9c496884f1d84e5e08ed451358ecb3c4919dd410e82cac35ae744078287c05c89b42999ea6b8b127d40d53a5722d45139e8bc507a11e7add7fa9ab12cc40afeec008a4668e3e6440f27bb5780936c0e3668ac51262390c79b3f21fd041cf36ba3522f3a552714ff188bfd554c60d0e7d11213cf7d3864a5175d4047c2f3284741f18ec22995a5b82bf62190151bc1529c6d9927f9b0c1dacebd9c2dc406f7f64a973f9a70cff6e3abeebeb46514bbf2ead382f7262d46bd43d88c1b91a9011d1f8ba81fa536a7162aee2b2ec6fc0f2d6efc87b98d2e41e0f946969da659c21053775ece415a34d42b6cfd5bc52259867b411dfb991461ca618052309ca9c96468c2da12dfab0e822ff3bbe7ba281982a239ac19c47024fe1f0e3550cf0975add1f680a9dac9b2c4ab0aed4f409ddda6765eb8a0a9d1e9d07458c69ac8195541219b18efcd06c0001f2ae7fee2d404666a18ca3cb3aa4f0623e86c5b1229f6c2ca28d951111294b91edc52730b6b2c46e000672a7c89b2f38045bd3e37dbb8a75e18687a514dcf740c87a34834d3c3cc8aadf6166ec0c42d2be92f90a3af49633ff23cd80848ceb57ac550eaf9ae496bdc6a2d7cf50fe107895b4a1ed014f78af24eccd6a07420f1dc0df1e7c44b4ba937dd43cab9c798371b148325578d61931766af02b45054bdc2d9fcab2f4b49092f6fff7c27886820739d6140a4a905f0020249e8ae8dd87da1a1e7b1851eb01045aaa72dc8a2bf68055e7aed41d85336648a3405195d2ab61b0e29a770461f32fd05e14c17d72c5252f026a7b9abe7ea9176d3c46f6ed9fb716758d97b41e4f5d81a24538f763d83eecafafc668422612b40cfc32b3354b24755fbe400a2bfed494fe6d0ba0051713b776e67e2f1915e94708e6dc74b398f2f526933aad8fe7dc32faf40022606aebb6e0756b994c3176fae7640ee06d6c67bd54764c4752f1bf831f43e0227cba101174c5554ce26400f333dd8e9f6db1cdf670ce407d7d06c3aef4c0724b62edc8f1ba3e04f0e394d15a73b9255abb4d6ac70303dcf9160d32dc02d4804219ed5c7e3b48402e58ab2f58305f9bb95d2a8759947de96328ed5234cfe7d0b2a9a014df7e4cd0ae48906315f139b8635d2e6bd4aba32e62b8906cdfe5622c411bf0373d0cb07d17bb2bb5b83eae4401c243605fd1df759fd0ddc704ccab5a9776c40fbf6bde0f11b9646c699f26063a9550ac228c9884c277bcadcc0a2c225dc203e28e253c4e464b23d2529d09c7b7dd3c984667372472b615645f294c4e3b0797f9d1c234015b78502d98bfc04f1fa2f16cf3e7221d5794d035e4b172a4d84e679cb1c82df2fb49d3c6668eb1661bed56705096c2371a19d668832808eedd9e5b1256c18fe7ccc494e5e29145d453c553ec86fb7f3a634d0d45661875f2f1005ba5e734c1a976f37cd23450e4606e32d027bc9ec2edd9395e14b2082179bd7b4f9b8caa2d00a2de71d48553f7d4153cb56a1b08f11925e4b11c9281744ae9171f3d6faa3ab3f88c5c34fd23e4f6efeceafdcbc07686ef56efa62c0ad62f1cdcb4d3b5bc508c1f05263bc347158fa5495828f34eb7fcde98fefaa82bafeefed3f4a58968d751c051b52e0047f066de5be533bc3b1e439ab1c8602f6c67503803c8fa113737cb8279f358dbacdf45432b7a654d0e1122cca93420e956661d7275181c75b0d9c20e84c7007dfc49f27bc00007cf4ffa631c892981fd70141d532fcd51de5c23fe0b7a186d0dc296362f235d61698740cc315891cc9342da17843bcde274c17e462263d0e8b4832dd9075a7bbb443d4b26b41e534ad5551ed5ada102175e695363fb48d6b99ac978a3aa6f405d87f983384ce35740e930491d75675337c5dc081e3d301228e61bde5cc169968e5b4350cca2b085f9f75cc4b88497a78cd0a0073d90246c7dc102c7cbf3516498e8a41aa85d8cc5bc285ff66e8338e85ca83fb6889e2bccff52059bb9e92e92c155a349952680ffd0a3c346061a53fdf074417fc90c4d1af7c2acc3ee4b080752cbc9455ba5931b7e910f1e4af0efce905d2cc9c685923ead387fa532c0e8ad92719c76c281cd010e1acce500ae1443838b8afb48af032069dd07aa4df0d56bcb70a64592633699c8658102f1fbca441325e27f1732a7a973d8cb3a0684d72943ef6f1892f2d7ccf39bb6dfe5801ab98653bdbcfbb787bf125253be2624f6cf44177d588bd7b780d9e3f4e3a4e50b8a253fa21abce6a94b9073289c76773b46140f5a6e46b9de9ec066c176f5d1a69f380e1901216617363362d13ebb26ad74fb008ec08841550ff14ca800a1ecf2e007ebaad9f4e0d9664448d60ac0d8544243129fb81c1723b9b4bc2ee971dff736d9fcde0afbfbf5c50a4cc06a4c363998326c17bdc9e2508651dedd9a2a52bd87f8693cfcff60753acf9716c526e8635f12377e36564ae55d0fdb3c7997ec4dbdaa5b4d18c7b660acd95060831795da7d299a5a8d8cf9e92537dbd3ef7f56aebe38fa97c41da6bf0572a0270be7e5a7dcc0be3529339464c811052b65a938e874ea6da469c7d8992ce0aff1c75e82d1621ecb967213c65f2de582cb41de3804c507ddfc708ef3f6096ba4491e431160f98de806d0f334e03cfb7a3bece601099bd971253f3aa0df845da8b478603d5d88533d0cab9c89f2dd9a1404cf8939ffdda652a94093865a85fce2bc3d7babcff7b9f3306bd76b9af80c78ad518f89ee73b7a710da604e72f4927be8d65d06be2e0732fa786a83e27597cfbed9bf98df445499e0746b9f2cb9659ac0a9cef433148521f33b1d78d13c8441c0d1e20fd93ac450a3787a2292bcbd68cd1f961d34937be9a21abaf26f361bf53aa0c095e53c51f3e04d567eabe6e40d96a17c2bcc9230b18f7e079bc549a314b4ae21d30a3341aa205bc75c7f1d21b0a49549c300faeda243d0ce18da5e66c5b663cd705005dd9fea0a9564174abb797d64c58fdab1fae44576d514b75eaa31c9278b15bf9b6df7c6c2873d7a56fb91ab77b83761a09f9e1ddae535622fb87f7462256a60dd39dd3ceb6690b0272920b635ea639daf24f95462c523e5bbd8d8407c61163ab38877d5edfa04c2a78d4d240523ba97c7d01c71783f8748e85164b4dd08c25506a4ed18300b42b7bc6e417f512ae456ceec2ffc83190991a06d4a58ede215babcd3688e1d61f1975016244e80c88ae2aec05c7eeb1c50caca72b3b415b6b870bf5e10bd1ac3ba6b4acb1d1afac554444d94c97e171005fa4ea9c651bb4e527ff58d0c2f90fb453a92d6546a26e9e98395b09e8471bdcf2a145aacb649708cf048a7856ce8cf390c107ff2c66efbf2a76c5b041860ea576103cd8c6b25e50eca9ff6a2fa88083fe9ac0d1fb639c516b9bcdf23c34c6145a705498ff9b9747f15e1c08c63da6efeda4eca02c3f00dfec06c82220c9de840040118dde76be788daf84e6a2f44c81fe6defcc474f99c51c4648d297cbc48f081e0809dbda505d020cbe865e430e0491644ec8c52bd3ab8ce8c4862990f49fe2588caf804ce9500ef42d5a50c057c257168e283e4a4aedbe4ccfaf3eeffb212f9e23d15434d60bf4f455f512e2b655aff3225d1b217c261110cec0400f54dd303d6231d028c2eb649bccc91d30a6391c88bff9d447c3cf35a3467be5957e0ea4d4dc237c9f2c68ce48f658f820a3d72d559b60f233ce538c92cb148808e34fedf2d648c21e7f2ea29a77270c393bda42d869351d6c085d965dc12cbfd0311b8bf604f4391d378781eea3b5f1e0da9d0d8f8de88e56fe47d362cd46f591d3ec0f7cccb85a21f21ddcd4107821ce0ca9ddf99dfdfd9b0c9cd45053e5b1b4385bd8f5b227ada31b5c23e9420014474e8b4494fde7c38edfe70994d97b8cbdfac588df49a49c472fcce78cccc051f31cbbc1e0422878d8d490f3aee28adf1587c38fb7e7d1be54abeaa83cf54b633803a5e669ff4295df8735231ce39631616bd05e0e31117c722c2fd6787003b0bc7fe422a089c89329544e085d71102c1813769450a9f66f160d1702cdb17bd2c6fdf0f722762d193ce83623eeffab17b01b10a31db6e2feb6eb3abdbb2e36320e1a56e44e48d26090afa7f65003a98cbfef590ac3ec89b3eb230557cf6aa566e841806aa2767b21bb26fe001f11ae039e0c9a4bf1bf3d271960f16158eb5bd9ebf0080abd8369d512cab2d1aaae2b14d0ff6ee705a38fb0c801a98b0624cc138fc24834fdf430f33e1760db913da3290f34415c9e3df3e97da1780545ab68ac5a24db89f24d62f4a399728e4144a8c89f47ac2d29e30c49b0bcf790a5e3d3fcd1943c6a28f37251d9dd827a69579e6c17b629c927473b5a07b0a29d9562708d6c8ce576109ad1a3473ffb2047eb069beeec24c114bef392c929038c92abd0e6a19b610e27881361824d57008b7373d0ab76379570ded76c9b8284fe2c247791073c29b2fc6fca05019220ab92856892d3c0dcc6da0b597fe559c162d060d71513ebca050d9638164b9ae271fba5575ade787ec5aee8fc253d1b234b1df561db3e36ac64b9b0100dd6b407043537b2b141f | ||
diff --git a/src/lib/libssl/src/test/SHAmix.x b/src/lib/libssl/src/test/SHAmix.x new file mode 100644 index 0000000000..83bcb14126 --- /dev/null +++ b/src/lib/libssl/src/test/SHAmix.x | |||
| @@ -0,0 +1,129 @@ | |||
| 1 | [L = 64] | ||
| 2 | |||
| 3 | Len = 16 | ||
| 4 | Msg = 98a1 | ||
| 5 | MD = 74d78642f70ca830bec75fc60a585917e388cfa4cd1d23daab1c4d9ff1010cac3e67275df64db5a6a7c7d0fda24f1fc3eb272678a7c8becff6743ee812129078 | ||
| 6 | |||
| 7 | Len = 104 | ||
| 8 | Msg = 35a37a46df4ccbadd815942249 | ||
| 9 | MD = 6f5589ea195e745654885d50de687d7fe682affc8da1fb09e681540525f04ecb93022361a27759b9e272c883564223c5e4ecafeb0daaf1abce6caa4bd4153379 | ||
| 10 | |||
| 11 | Len = 352 | ||
| 12 | Msg = a93aed0fa5e163a82c9a934aebaab8180edf7de0b32f0fe99f9c75ec305b24609334cefa372c7c758262dc8f | ||
| 13 | MD = 66a16799d606c569d2fcd70d7d8321ec90ef61711481aaf7d747744ebfd08ec2e7aead49429af7b4ceec6d8e147ed018e034efbe07982699e818db5fc4b1d71a | ||
| 14 | |||
| 15 | Len = 1016 | ||
| 16 | Msg = 433e88eb2f8aba562d15c18126fbdffb81d5d6c9397fa052321f5f78cd629708ba099b540da5451e949eeab8687a8d6ac35c531411cb37144ab5ff6a7eb46f1ab28fbcd2ea0444cd87c57bf7d3c02952dba3d3987da07622c16e7c086d90e88ad3d9d4afee301d2bad915d868f54197b70b23c9fa385c443404fbc9abf7e6a | ||
| 17 | MD = 790bc4844e9aeef8938df0ccda17890556a4151817111a526a88919cfb172f0b03c216080c1b60210eb1942097f17b6d0691bf5b018b6d959198d6a694b922c9 | ||
| 18 | |||
| 19 | Len = 13696 | ||
| 20 | Msg = 2c46a76a9dfbae1f5e59f085e9c3d4b600c24b2d404d062cf948e75a3d4ab5b137a31397be9eb34b2a03c78367e0b85448891b511ddee1f787cccd498b172cb7e656c044a03ffde8e42478330fbe9c34072a9e99ce31b41757cc820d98e7d564e06694b96b66f4be34c5eadd0ae4e61fe6abbe4d7ccee855104fedee8b451a7fcedb793d469b0094c0ed07c97fda00dd8c1662b44e3ee6775a5ef6368cb662d257be561a5967893433a4b63f97295036a37272176d081545df00852bc5c4162324161296cd51f76433f2df867a5840f2d0c8d5be00b4dc89443d82175bf69c3bdceb97facae2b2ed68e06ae74fef36d8bd1f75f130cba509341dd54079d45de22845cc8e77a022977c7540aa3e779cb1127f39f825d4d78e55a967ef45e7c1dfb02d9999fd15af2914ba47177177d94576f1091a0657d9e04fe81e6be7b631fc1baae66584c9c26ddbb568750d77555c927bcda1fbdc15c7cbe3e3fe88ca13ff12c59b383343c12976708c0e3dff78be0e286dd32eecf20b71a09fee50a9d0b13c85a15b320b162690f399282798aa3291fdd2f9c40ed873e829388466ddd1da42f2de16aaa9272ccf44790cf3c95382c304e25ae8cb2fc9d9869808f3ee7d42cb143bb0c3a55e03db6d1202ca1bdb744e448640c0aa60d3ebbda5c21e623bb080f4a073a48822725d764e51d415aad1d7c5a7f17433d15ac7d849f910c375ee0899f6a576dada42fd651343383f286009902bb62deeeb2514de6af7f09892c20d0b238f6021f03b62444b1e1f21beeb89acfcd7136416fe7bd8f202e76afaf5345311798be7cb25351add2bb044d2380221009c4d1cbbaba4cdc8631dc0144f2778a6aa1eb3d3c81df0b1b2142fce111af8214d049e40f536c5d462b9224a978e82cc6c420e70ecc3cdaffb726a183c793845315f730fa4dac9fe46e4180397107a6a051f7f0a58ceb9bf4df37e1a81c8e9569187228e8037df2e59c52ba815566768bedc8e09d5e7bdc9f2bff23aaaaf133bb5a3332750f6124ce185e29fda0851addfa2c3d52bb6dfb530fd4ee27dd5bfdce5dc2f41debe6740274bc651aecd4023b098a7d622e2296b50d51b79c4e3f521695a9d43f038e8f273405e26584d3db179e7c1758114a3d39970df674580bbf2884405974f0b9c4b0d8b3287a2314f3f81b6991812f354d655f62513c9551b378cc2efa4c3e08b313c56cada52217fb6112eb8299b28445aca8f72e7170a1cd8bbfee4d2145fbe8d49c6af8831c4d4fc7177a50ee55a7b484261504af946c6bd5e1d6b89092f3c487c0568fa07c356fae9b8e831b8320289039746a435b122cfbc4a0d316bf90d481d3b7d979cc50d98c1190af8dc58e0035557dd5e94f437f41fab513202643a77748f76c6b77302bf40c392cd18731da082c99bdedeb70e15cd68bff59619cabcc92adcf122753c55afde0817352bc247d1170b8ddba1ad1b0faadfe0efbfc5fe6334377fa372c3435691f53dfc2ad5e08966b2d3525b1eec2d993a5cd4ff34278bd40dd80313a0727d05e0a932156152f3e11a190d8d69726f5c57d20f811e1e8932e86409ffdac96c6251c2a2976b8757adcac5d2de94931d1cbea866ec8bcba5774f8a7fde792f6acfd0f01356fd66fdf54a416af6a9397e00f848a2e9831627cbcbb52b5a868ec174e69b4cfa1ed72cdf23f39d7eaf4bdb318c188b1f0fe75655e34ad71907cdb77a1a2b162cd7c22d93dc45321eafb17cd60282e83736267b3e1fb249c307d49509f50839942f0f493afd9ef37db053a918e3ec83d801bbdead07554a018b8ba348fe9b7dd92ea7c5fc0e65a644ba19aa1fb6c022ab768ec7cb249ba17b9dda2860bd4aaaa3dc70ec009804141ad5ebc61203658e57a0887ec0fded18d844a96e79ba7e879c4253056f23e205a80ab1471953438f85848f4ab31ab175c089e0bbb97ea0dd6a67385770356741966053735e2cc2ecdd2c8c75cc045181dd7267584b901674b553082b2c58fb8f8be0b99306194a6f069f684535423304d40a268d55784a14260fa9c9cb1306b82f91cbee3c9f43dea9e50903135cc1c6505605a100bfa28564a2057974eef0852b7b72ce264815026d0759f691db618ef760edde73ec888e181403834f7221bb27a69479ec9b28a3fb0c3f68d4467d25712fc48ad78763f9ea6e8a2e85260225ca1b1a38b720e589fafca29f07257c5467cb74ee53189b8c81b784c43e93f98abde1ed53af60b27b13df6ce45001c6e1813de3521028981086f7d88ba13f6fb1a800f312fbe2f842eebe847fd760c394668cfbfd353ec14ca0366eccd7b4cd63318116bdc42e20a632a0d2b8c5cddb37bfc0a239ebe3800a787d2ece077a7968036b3d9b31cd906f888e3ed742cd769033e2c24c5a9e3c10b6d300db5a17dd88 | ||
| 21 | MD = a86e07bcd19080d4a83e1384bd8189f60a7dd7a6998406ade0bf03f805375bd823c7656dd51cd9d63e542f8ade41f16d73794d60d0906424133778156ee54b95 | ||
| 22 | |||
| 23 | Len = 100816 | ||
| 24 | Msg = f8ed40e878dc68ceec52cc8e2868722310fb117ca3a52e1839eb85d308b8aa00ed0bf0b76aec8a70eba4f0d14d2d85c5a0e876ce2c8ee59cb36947def6c40a587aa07b368ca8e8a08367018e45b984de0d7f1aa46b977cc18c0cd9b7bb897cbb2814aa0ce8f8c9843e03c86c19f2ba95dd2ac4a466a93aae4b3b05055ff148517ecf43e286c57744a3e10a14d0c26e139a503e7927aa688c78609170ebe3b54104390e5f6cf538093a67922e7210e77fcb584ec9b6844e829be246a266460cb442bad52ca47255fb8cfe276108c36e02f9acbd3d191d34b93d29ec40d80496d1c1bb5ef036221641200e905598c54bc4abb3527c5a5f6258e59d4bf54a0498c108a2725428efc2047e0096b32dfdc6ec69d5d72f81301f881ca62a66c22e5dab9fd9d90084c0a36b2f3a0123cc5327a3bc7a12fd947ab57169ac533e4b6a2cb80fc65b9b527cff9fba26994c7fafb5102a0acd8f9d246a3a54178c23eaa04c0fdfd3c0cd980d1fc7a72b25d74df9b95c3dedce8ca316870c654f9ebea9b806da9767cf40605a4b0c7fb06f6b3f197bae7d8cde9daf38530e25bc51b68f9aa23ec0e95199b14bca96c91f3db15bf8432f714dc46ac87218691bc66cb3a42f6865e1c30f8394c8e68c0ddf5851ab7c5906a1994a9af6ac1c44d0d6b95ff15d9f77825ccea40fb9e516d45888f2378e045d95d936d541cea9c8ca52fe5f7d0d919b2b1c59a42d06105ea4f2943c05178e59d67351c5b2c0051c93a4045e512884fa656b772cf398af89081546d920fd3d24ebd16310506a786ab33293027394c1bcb7b1efe46b550ac28529646e8d2a5ae65c59345e24b44cd7b06673f3ed3b9008aa568a739c26682fa596b7a655842cc6b2758b583487c78d14a76bdac7033806c5c210828ef313f8efc4072681f5fded748c31a58ac933b4665c445f07d603e0905e49b84aa55146eb1c1c99196413832a05efee2e64d6732fefc629b79b37bb9390fcbed7226b412204bda523b8b8af5c4a8bdb263ef9f3f6c7b9e1de3a1dc257c1f33b3d54a9101be5b4f2a9db319993c2cd137c41e35c434ce52e859afd1a635af4d8852252dc5e28c729b2b4c96a56d57f3f3854ded59fe612b9b3a51fee3fc1c83db673b0cc7433bff2472bc74a2eeb6706605e308690fd072a7042ca6474603711d8310909e47063f46f287260a26c4f11fe492298a0f98d28c45948a4899e08fcf443a6ba36457dd8329314d53ac0fd0819fcfc3357426c5bb8d3dfd706e205a81091cf08f31cd3459854f3d07e503991ba5f067e3c406c6c5396d8257496f4ba3703cb1ba25c2fe4aa54577af782cd57e85a88a2d75c54039e8b7bb559219edd6e81e41acb6d575d6f798afb2cbf7f00abd5c9c7b0fceec79f9a0fb040ebcbb7bff3602df7b71357efacd37aa57019350bb81213508a006160acde3dae5c42f03141887eaca22d7b33d6791febfb619d11ebabb13e6c5378e9a72e852ddccd31cc53a43275966b7042ddc51485ca20e1c456dcc7020cafb5407548b044d332229911fc74d7fb97de25abff7efb431da82de2ed7e25d0dcc06ffc74e57ca93a6a9f64d76a5c39776fe2266f88d6d0229b527525fd2e22a1407e26f94c5bc6adb1e7327f3c8bb8d4c983385c579dd8f5623df8cd6da569c7de73d9210e6b9253a177653a13ece075940fc81016d8c35fa4f6542df5120c174158ff32533476f4e059e35117081a24798fbdd1eb10f82809836f8dbefe755611347f75423dd8571695960c6f66cca71f0a01e8fecbe1183bee3335eff10b4ff8104132040e2145ec3164b2448f60c730887b9d7894e5f7df3f876cb17136c99cf32db1c02fba860937378dbd093c4c5112133781f06c8ca07c527c2c085e8ba5e52b399f2909e217aef6e3035ecafe2caeb1004069dea023af7eab873deb5ebcef2313c9827821bb9f89fd3d1570a569673d3ede86a4fb13dff242eb98450a8917fd8865c56e0a9f11d72394b79808b0429f3a83cf2465161596887fa2d557b367a1de9c7753666b0cca9c30cba9f0a749c03c55cdc7a6d45852c76ce2010de3e7f75d95228efdc79949b238d90b25f983868b7f07f585f7b00e45d9e132f3c09ee84f794d899759be3dabd46a256f4cf8da71270617cc2425b24cef25d1d2f3945afa6f81abfccc858cd02e05619649b1a5347650934105c02622d538447223d136a8a0455cf3c6f61f696b32266197b5cd1d936fd3ad4288520fb4a2f59bf95e659f33210446ef18debeb679dd99de0c3c74a6eb3dd783861f5db4e94a151c42ce27519d0bbbf1f3b1163563ec06c8bfd881d94a3b896fc07352fc97ada73685588a2242da1b718f81bb1077bc70fbd58b8b52163489ae403838b533851bec30ed0ecd97d72d1af534f3703db59f1f563bdc39d690a0e90e545506463a37e84974fd7b256bbb912cb4077d3e3f5bdd4bd2bab713b696c830b1f2185734c4d2dbd49d5372fe8b813ce73f5e01c36bddbb376ef4541033f2b0355613eeda8951ebf7377e08f967902eb7e23c0fa798c6ae52401721053f1095cacb1e9496500e83c412236fc21566090b3a3eee55aa402c0b774802fd81c9e8579761cfcfdfb1aa23786b2dc35dacd5ca8d8d283369f53e4a5db18060c2c6b0c303052aeeffe169fcaf7ecc63090a9ade245045ab9c8aebf738772297caaef5f857322a597846c7370083d409df27612e47b0cb240daa3cfa51c57108612ac0dddb0f59791289ccbdb3a2cb1fa9ac31a23dd5440682fb373bf0c1f41c4fe2185ad7c53eb69552807410053b0c2d40132250e637b8c425e6a35d93333b5b7d0557927b6179c848ec455fd1ab38348c0e96c60b2da49bd15118df64b6ce4fa48fbc555a4b2874141718e731a40b85382ae6e86ead31cea77f83bf5c063bf1febf71688a832d615e09d6f14badedeaeb6ffbfe343fc7274e78cd46a2aaec0a349c5f133291ee57cdcb65c5474e46294de6bb50886bce6c6f44dcb95f2a4761ed2e6c9e7bfed51e0964afab4e0f7e0b07960f2590baae66b1ec9a63ba0fb6c0d27e81508c51487dbbdc9beb8879fd58c188dfc774b3d0ddbd77ee8bdcdfa0ed8a9387728e12b13e8b3c10cc1c132bd822c2147c5ddf9a993aedbf78ec256db1be76644ca8ca7727208bf89732657152d34e948d73c47561d156f773136684d4162d02260300020123d13a95f4f835907c344942ddeccafe2abb7dc4792c4f1e39c24748c63cba933b16be0b8853e058c47a1ae2c4dfff39ec2339b345fe3557d03c1df91a0607a711636c4416ffdb73532aeeb74f237ed8bf971388a0659e4682a46b8327e751034cbf2c87c7828da9d24baf07a742ada34d1ef38ab1e8f2b4f801192c146600709533e61bc2665dc1e9e6441bf3c4f6643bc0c102a10f9a69da5b0e3d0a0c7cb694c682493032b5853f02953b5c2fc0e1348565389762fc2dcfbb34fd305f2d9df080e859396ffcbb7da78aae0a0d72e3de76c774bc6a81c87f2872b6afe97ced5269009304a4992c4add0bbe24e57632e19ad0fe37ae910193aab0aeae32cf6d618ab33eba59f6a04fad00b1d2403396e6fa661d31b695a1b349d62f56c08fe6c6eae7a482177adf341e51d03ea511d7959c721bd20bf371860ecd7fce1d25212891850b85648db0a039e6638d9c78bc958add3e41341536b5007be63fd1f7e3308876bcebcb97dc3b05a7b2eaadd00f8fcc8dcfa7b961bbe727c9aed1626ff786d6a0ffdbd1002cae8a7d047b6181962a686c152b2341c7c58c9f1dab5af424d183ed1c7d003165a1d04ea3683ff31a0f68615af6f91c21f736e67df641ed31b998445afadf9052bbe004d5dad08f62e5d353e42fc35a92242d8414d99dc4e7e81c8c027af686baa5c185e3f99abb3855b22cfdff0a62e2f47a632b7df8e00e0317af5c24ce7c64077bbb15ec27e062070cd3eb8e549ed9112469090ad9a96eb59294b021eed81987178cb2dcff67a9a2e930f6032c753e203380f8a7c987cea393234699de03a1d09ce204f0a8b6d5cf522b6887174fdbccb08f3e7c4fe2f778254465b32766c48812a45151ac37ae354dac87419f9476baa27e24b2f322b2da4ddf579750684a5881bae2269351fb7de59b9d5a4badd8951135f2713dafc57215dc626ee170fae7f20bff98e36b864e1fe0f0f9a300c903069bf0e0b6f2f8e78423cf6063e89dde6c81efcf26ef15510563c84730f611ac879a6628e55115e1a29de6945d37fbe4f803fcf2e344712d9e0d6f6c79f8773a9f199b705235e20a7830ee3357c5dca29d7a6c29a3d2628bf2c42c8f076cc4525301d8e1860729070dc53164d9fa08bf63cc889eed01b0130a7146d860bbc09ead3865a3082db0836a45f5506c3e46e452e298764939226cedfd06700e4e33c6b4a78add601140249596831e97f960b973a4e4dc3fe2813fa34eb47f998ce57270368fb81719a09298a223f7e3931ce5cdfab3f658649533354e982c87dc9e49eacebb5bb4af9a767b4f1c03d774431168cd4fec1b2726f1aae3f9a062a825f3295557eebf3af4784487b869fb049de44d03fee71194fc200af72103b157431935b5ab9bc122773ffd313d52d7acf1078386090fc011de695e71567cfd51c06317d4ff8841ceeb74ad35f4e5f4d20921123cb88bb2079674ad39e133cdfd6478d69c9bddc7a818be5d7b254bd9e0abdb030f52846fdfeae8ff370a51a9c5f6017af3c6c3db17c5c614ea18ab0e3ca0dd5de621217dffa36e5c5318fe191040a50cc3ca620683bc34da6c142e1c50afce28a86b8b66d189adcd755561a647080d93f3ede1cf54c3afb7e863fc8a82a2576d3f79e9b2bb634e598507a3d7d017e0176b7868bff3a3dfb4474b3ce03c401f33929364e727fbf8096b77eb351435c7a113b3215cc6246dd86f1517a7e550cf828900248f7c1754e40fed62477b296a37d3e53231360d012c4908b466e49b0e620c0a5031228009f259b030956ebd70e49357c3c3ac2842b6bd6e3ca5a3e985dc03f7105681fec03b320a7ca753b782ad3b52fd9c8e3bd980b48dd6ec8901dbf756108e85015821c880416e0693e0479cb31c0743450f6d9214afabc4feadb9bcee9def460a58d3a02d9e3039970068b8e3fd0a403a6ca7f2c71ae2b46ab3c731b1e65e2104c47fcb1f69e7c8c6df8c09b33f2e1cd4192faab316a44536dcac608832019f5765cc5240eabe3c87445c980c299a5e7ae0acc2c2ed19fdc8f011515bcb00476b03633c7669db1b44f97f6cd402778e9687c740dbe5686789b79d0b13f784a2a866eb91ab2d66f064c49e8df513ec348fd7272ee548ba08e1f9f99696ffb53677550d59c67f88404f6e610455a422d9cd987493ca5c366a397dccface2bba8e3e99719dafa768956cbf6fd8defc4104b8925878716a0514f70cbf3fa2c2bc2f66fabe654eed3076257e71117665703eb88c79e4c2b94e8e856e7a6ef90ee2a358409db78b98056ce1750eb80725d70e35507fdfa5933a61496ba48fbd5555717b33b59d4ef211fe096aefd478859ffc97a41372023ef114adcae5a8d5e03c21369baf1e7f417cb40326bc6db1cdf0904651dda3c1039a2f1755e7c329f7c03bf33f324206ce6e1638711c8c9a45f153aa1f847cca2a5d3af1d24fe7a1e1094819e8e712cbe10ead1012b7371b35cbcc2bd5b10505fb63bea20ac81d25e83ed0105e7595b6c28400f4d336791ce4a584323d0b455bbed44392c5f86c9d5287593f6986d4b0b8f9974a7a4157859ba801251d3b44b2bad84f29cb87dcf1680d6d10d1bfd59f0c95fb7bd07fdb3ea2fccd6e3ee80af438956ccfe31e750972f893ea5dcaa26d077fb3f09d990c2f41c8707368bba007803621ecd76540cdb8705435d74f4300eee04710a936f241c034709e625b0dd5dae1f6e86d034426819c365a05f5be420cdf4042bbff965a666a5756f67259448ebf742b6ea189fa17a4c3bfaf651d19a8a525f09d9cff637c8fac02eaa58d3ee3f7221da1e61833c0b183cd9f47686f09597e8115b435454acef80c079eafaa22b18927d07bf8b7c5ebfdec9c42a52b7824d45decef41e6184dc2db1505ca6f94172fafc10731706e79b9856dfede353d2eadeceaf72a302e3492d7dc81e3777e4e9e1f3d33cc4402833ffedb241a75a09e9495d671f80ad3acf06823bb04a92b815edd0ca7d01dcb3318c1ae5c62d3e99c0ec37908b45b51dd65f6b45b34ede2d6f553f60a45e20fafcb34ae4dbd375f52a5db9c62650deeee78e955087c2bea75ede7c304347b171fe0c1a2a033894be6e04605271307f307b2a9cf6ae24b8c87ce033a3fa4cf2bacdfcf54fcccb1f580476c7d00c631a8529a9eea2a713610341e0e25609dc8927e51c58a0a9197a54963b5cb95877354f4b8316df02ed2bea367704a12274d96bcbe0d0d728923a368bb8ab98d5db5401894c822632308ddfd309071fb4b477d8eac0ea5dbbc3e3606d8510d9051dfb5e4b7cdcf2c57c1b76902d864c3109c901da53019ed33cea84b407490486ad9f980a8a63df3d2e3921064afea137f35179130db3351f5bc3f5e7d590a5ab08b5415efbd345f9d57b71ade7dca939efa5a12d677b9af0af14468176a43712bde10cb15787c18bf066eaef8abcdea77d3a0c61d6c74ae7b54fe90940d0233e4b874c9a141dcc740d7fff43b9fbbc012a933d890232cf74fccb7ff7eac1148e203c7381b7f1d1429b1b1152ec25cbf7562596eb402a9328e43b5dc5cae36592da5523f0b9907a6817ecd395a7c778daae85bb11372b20641a04250b77b3a0ece885d07faf9622650259b874536d6d2b92181c834dc111b6fcba483167be40ecc922fb87006f63b9e8e632879563f37a8f712db9fa68c1a20ab239c0116fe022fad1279f3288b8e74a16d447e467b6381515814dd3aecab5c2a09c400b44e9100c04c720dc7e8c6d9460002da6c52004c16999975fef8752c2f9c229cbd9e6446b226cc454bd68cd665668a17328bb30f301e92ef5c7a2197a326df5c99b422096de8af231d1d8872e6e505bcfff026d4862f28d4bb3856a66ced22c9b0587451d8da4230a38561b5b1c69b523a4701a2001382aa82fcbd60733a14696a540227db44aef346d6c0a7ae5173604d59eb828614cafc1b8cfecda054dcc7306f73925e6d1af56ed74c51c6cdb66e9fee8d7a0078254fedb0c0f5dc85a4686870709b499eafbc8451aebadf848b0598ce8f955688bd2d6032abe10d1391d67c20a049841f95d2ee0c8deae2bc1baca0c098d8718cba1ddcd968981c47cd98d247aca4f838f3bf16d092eab8be8deb1f8d504d37cc44a8c96c9f22f2698036d4ad3bb48b31f109626565c147d20a4a7dfd61fb918f81548fb4f78875c1d138e819f6822651b93a3c92ad77793fba5222d870ea671f9cac967919d18f96e92778548415b2e170d90b201215354fc48a77e62823a2c2bb354782ad052732f08beb278f751529416f37d83ea26248517ae2ef2ead28c1077908995a2d25db0deaa957bcab39715283287fd626ea7388abccba2d90e364a7ff4284c84f70da68ce1aafb5be0401cb9d45e085aab41892a49e10cbd5baf2c34f5e0ca076f2772abea6f622b66020d546f8c2f134a87f96edbeb9b08394b585f2c2f98aa792f97b43b5f3aa9c34189804a9ecc2cfaeefbd0f967d85a25bf3136fd8132dec38aa82e4af6ff677682f3b62be27a180aeb22f918c24f23bf6f5954e0722324cccd06829fc32ae4fe3aee6e5a03b3651900e13fb0a759e544d033418b6ed40d037b4549a0404792c8fddc317b7f028493c4c91d6773932f8486417544f3d007e5f9e6fc02fadff175303f77f6b0e1f709bb3d3a93b38552ccf62688a39da1a602dd5e122e6f4e9171769ada5255cc5cf938dfefcbe3ab0faca434c42dc8c357e89a3d1488fa3df35c3580b124ba3bf6d0d203d586707eb692150ed05a01bf9de5c4e67bb948088784016394d47abb853f2b6b643a066ad81bcd1735aed4e108a8c1fcd025b548de874eb60de7f3c568728959147d1219e4b830e06ca2bee1f8a035e28a54ee6958d4821a84e5d1e41139905f7ec60fe67ce5f4eccdcc2c3d1e4a753a32dd3004970a4ff3824471822fe2b5010b9b6c6b01336dbf0181a95cba2624663215468519871cc39e8a7f4a151c8bd03363b402020f2fb98069b2cb8cc1b7e930938e7540d95d1d223e47865135793f9eb573660ff79f7ed2fae503e68ba44596ee745fbd8fa562c5c666d174cc01b1961736e18b8b517161ab9c8058026e0ddd6c94aed0086a26e1b959a5e05eb9d8c1ff5b2ef518ca23b4f265db61b499a48cc46bed28d23ffc1e8d9c9e345c06079ad47c88dd4e8e286575bd7f9420ab9c2d5c6685488b8b34d4c9ac04e1427ae0994cf789b48b01d1db9c2fe75fc5187727bb11119f82d0739ce4048467a08cd635bf78cc1b6cc9c28fdc199d351064a81456f81c9e56a43aef7332973804b06b18a26caa62523a7d0acc272ba49124b17bb68800d5756afd34ddb2b7e2dd8a118aac3fcf39d9f853c4d2c4fd3ed5bd25a6604d68d57db93d15aa1160f8a97e6c24238e84f272780966867f9c644ca2775cdac4af0ece036cfa6ebb1cd9d701dd7daec5763c9a4de0385db383a5647918e79c6a6de1f4ee1f6b722c561704c8d7efa4710d78dfce8ad2df0d3d82cbb59cef0bcb001f70bdc6e17af1a720b117fe02bb1dd527b18e6bce70e9447cd0cc85cbcf431fe7c006f5e4ef878a974a93b25f492847c9ae020583c9d412f4124246164d8f080b615e2eee267a7aeb5fa0974de52cefef23cdda7b305a33a91e9b50471ceb72dae337c485d636e28d6ee31f5705983808b1567d4d4ae820ec445c56e6a404cad6b408691475397c0dd6cfad232106ba96e5104052700a653e21f9ac6d79578a9f52548f426a1e81dd45bae30acdd4d22a2dafd633564d6b2f45e7d35413503c955cb0a9784b42ae8c2a5933a6729f3922f969a158540dcd201ecb6e32f88b5b4921914a2e8f424c8b031f115ea5d23a21e6f22439ffd7e5d11b08df729f65613b4f6ad3edbc9a066a5e712ecbddfa6fa764cdf170c0485f82d924a99b7e7ad8dc44c1f93e49b6469a9af3de5691944413f1417b753bcb84d5b7a34f362c383cbc802b0c88bd23a7ac471b9287571c42081b1134bfc8ce104a550942ab1f2a074cb00a90558d6e841ff15cfde6951f03e450a1bfc90dec6c513fcb2692ddccc31d22e5274d41036656183c72fce208e44920776f196193137ac67d6d65ce9cfaae774f23a86e6ee8ff3a4e9422a4667d971906e5496a4e80278774899c882708611bad282f6c1d666bc5e7c40082b43a6e98d494a18e9b3cf7f154fdbf90d786e59e83b72ad0ab893c49aca50ed37ea5202e650fda54f5c46ca2a35c476f4b009c5e6733232275abd1341199b63d22386c484cb95c43ea90e609c407bc79ddd00609cc2eb0d82848db239b249f164b7ea384d0239fe1e64d04955b9297472cafa2ff272c5c78100aaa86cdd8120556f25652a3c12da5853338e3be8f505d93ea03cd1cae7e78e95befdc0e26b760d11e05403c348e0523fe036381408033c009a8e1f117af5100a6eb91f08307df465c20bc1dd029875ef7e49338689f602d98f2dc690a57a6f2864e57098f8bd723574944ad3688b292db6d01387a16493912722ac8f91fd12b748899bdaeabdf0479df788eda440d7bf30d1c25d78d757f00b74bb556506637fc1ab87162f05d464e63a6272db3fe56e9357275035d6b6bee32bd92c4a1dc94778551e94ee1d8854f767bfac3811bd0287672aaa01ea18c25650f05a68cbacd9158e479b508e72df778589e1e03dc543b60bb3b10399e5c50de9e728e69774fb3f5fea757ddefccd0f9da75afe4b67f9c54aaaaf646e858fb001a6deed0a8a769ecef0689c988de566b6015fb8c40aeb5f2df7ea4bee60e8e69d15c4a4aa5411dbe63fbdd6418cf025d87f37362f15e22aba83abe1a3de9857c71c2234023b969eacc0bc526363b7f30b092ca114f2a6cefb34394d146866ac86a33fc497a8cb8e2a5bac398579ff7958878421fb08fff4f8f3deb8c9641b8de392647df3017a5467f9d7b23036935ec6e188dd6dbfb544b8a9e04a4b3c7fa1e4d1d9879daf69986b8083e6eb023a4b5eff80fef17f8f65433c882a21565a919448e6091d1b61013fdaf9fc3e45bbe827c9b4ab10b05600a1961e81d31c7404f8e0d32bfcac2937eaed811db167dfdc29286b0d51bad2bcdb9dea76eaf495a31a7fe717c1c98be374a36271cdd06ed06c02ef4c3c06cb42f73b3332ed488416010e6bf2f4dc4dade6e2e61f19e9306bf941868f59fa0939005743dd647f0a04b576a7e71d4c383c479453501e18ec56d7cb79fe31ff534afbd8609ed701ef163f9de31bc58114399fa0f22b62c66c380e8a10c34b7e731df2a8d39dcf36fbf3a66d67b973e3a94bf6ee0bd96f5c76baa76492032fdd2f59ecaee403d486f543f2cd7ae7b0dabe1b5566e681cd40d384a94349e9668650a6f2d2daf86c59a7b02ba466cd03ce1d50c3f0ca4c02dc4b3d1c0e7b9a77df9eae0bfcffa32117d7e05adc7195f4278c93497401629897a58d08ad7141ea52e0163f14992d7a284e7b875ce4640b4dd48ceedad1ea17d8ab1e760773044845e0899602f1bdfff4d42ab80c0765d1a8bde2ba0a830c050923956d06c80b182264ad19ae4f7c39e43195f7d421bdcda00e3eb5ec5ef2ec91d69df691ba7fe250352acf01fa92af5e2c634b9c7c97889e9147e869acc153d88cdc18908f882f371ba9c1e13c26e9cb8e3cbd4c5e1988080ca65a67b3a4c3460cfadbec904d853fddd2f5375b6070941fca53cc106b5748480213cfbdc1c34320a0478b05f76fd0454c75eca069cb1fa7b21704dab67dc40d041c8a1040db378e76655636ad725219c049e6536982d6ee9f11dd032280e622547c7ff44a938a1f233c356a98182d22d5770fbc871e20bb37483dd5d6ea1551993b95b30774a49b50d411ebe0e8c92834094e23ec2664d822c40e96fb42b8607b62b6949e05edcaa436d0ffac6a8ff384068acfc0220c0b098d368fb8113918a4f8c9de37cece74c8695cef2427e54a6e77ad092a9b7f1d94ac9f0836deff41b905b5dafc58ad6063759b0372a634f69a639e19521825d66a282f489c3172a3659264d0132af3571e637782bb6fe5c0afd24547612166fd3409d0991392fa054ea5bd07a4cd0921a13ad7b62a0b5e6d56cd8adb7f3eaa5c99576941c38aff311c49a8c9d8c755869302a2e5e40109c8365a551cd3f859b9421be189d3a0e9ed78830d5cd6a2414e9cc4c25814d94d98f8848e5386d6dbddd65d22b96c5d20020a5dd409c7e5344065871e57e01c91a443501dc8bf619890fe231319b5480c3879dee618d319962596539e2970513fb5c0c8eac3a71ff99962779cf1d7e916566d0e29d121c5cec5d7302a18ed00be9316f3de8c669a64c2a960a588f9c8a42690f6867cda7146e8ce27aa6a7fb27606eed9df6a235a42d17ce71627446e206e879de56025a66556263f06684dedcfd6f083d6a707e5fc8f8212d716e062f0f7fd0c2fc62bea93d68581265a803c31cac3f8ac8939c5f8c464ebd19df42c7e8998494af614c8383294f3f3883f2404ac10404759e182a038c97aea04a85530ec005e203807c5bc30fa9f5339b32fb0427e64915e29a25bb25ac60b92256470e7de5298d42c6b88995f8d2fb704e49d55b66b71e237af90fcbfd71d9093e1a543da2e9911ac4102346dc4704859cb33ac5f5dce2b3331a9dc9fb506461a5436c89bf90d39afcf93cbca4cfc35da6ddb112243928246ae0d1ba269b0fce0468d3ecabbdb925c9ea3241e2dbdc6b151fb4aa724a42f98b0248171fa01fa103f116d0e7deb65dc359b09126f9a420300fd209508ec7a50be56d5b470e387d0c52a1d104625f9571ce1404d1b7af3fb00475b95f752ab96610be112d33ded48624015781e7198f4dcdf917839471fbedb43c34efabe09941fab6b342cf672a29dbb1eed0db788dbfcfcc63bcfe80f7718571f691818dd6f839e3cc282f85f03fe0400171cdf1235049fa53de7450b4c40ed398d5a486f52124c1c63de2afc950e81839f52d17e2a7d32f82788465a65da6cd763c6360763561ed2bf47749080549b6e2db87514e1ee1c85a0bbd346eb6e3cc29267cbedcad67a287fc5be65ec59ba8b6854b31c83dfc5155187d4150685c5c2c342ed68b01ac9e44b60f0c100a347a0f93074dd37d8956fe2f43110dda66e9f9e6185c23dab74cfca21f3ede4bca87687549ea02662f45dfa0ad27f9959a120cacb7c419810e1b1a50fad31c12c47d5bbc61bad77044aa541d29faa6126c60ef088b82eead17a52843307d4bf798b853d90d14c5347ff10615381d85e964331b7a123d15a77a6790d93e920052ddb4db4baaac5e2b27b66ff955e53b8308151c81da4711189ccf0eb393c5bbccfa1f6c94a8d5f4bcd266fc6a12061967ce836ca042257368f567dc42de6ce0be84449234a6163b72069f25b7ead4b2003e1a7665e87ccf211abe94175d1c11bff2c0b6bc110194d34aab96934ef59804cd26e4434ba166d9833fb091be37b139cc10748b881c93690528a96ccccd2dbe024510b8da37dceab567dc52706461c486a0463369cbb99bcca2e8a4d2e005c45401964722a4b3ed37c351c9f21685e8992c9634349379f41796deebffc2928058c8ef6ea37c6e4970dedb78d1c2a00ea9e1ff1e7708470a6c60e6a2b1e966aa872776afdb238e97f716b3df8dfd42bf0f7ceb52bf9eb33731bdba5987b8f48b4599d67b383e77413107857e951ae0625059e5616ccb41131df9a480efd5beab3a9c99615921caedc53dbad675c00ba1030577db1d22731677914fa958b44792cc9c19e2ac71ebe61a05ee67ae7116e39e1c0d103f18bbc9d531164360d901da8234d29fb0b37cd2a60c7aa2adb2a4b297ea2fb14122ad95bd4592ef86c88fdae1e37dc8e44ad03c0fcdfa3801e93796771c5a2ec1e4ab12a64b3ffe48e7442c6224661ed5cc987aada6e778399941f7b20f16f94fb346b916be87f005c9c13789741602039d38270643cce3c347565eef5ee09139330301951c15756be47994de6f1802dc5131b9b011051b1d87d744756831a71cc8528487f032fee9dbffccc751e6a1ee6d07bb218b3a7ec6bf5740ead7a47b6907d7aa95b79aecedf4a637ead8fc6fb8654c93d13ee79f5d6258dcc61993aebc65e4fc14eea7d006e31f6e9f60e3bca8ce52ec559876fd20255e507daa99b185671ce1ac11d448c30bcdf97b9617195e0ccd2d15246308dd6cda74a8071114327fe203b1adbaa780f3243105c5111636a51dce966f5652e39d4f91abbbb4576234d6cacc3ec57cef2dd4dda49a6c33d12bb7595fd5ab5bb15b40301f34ddfb831a5dbf62218f496c003227fe6282e2ac054c45e7f3fc93e51b3ee8690f08612395095a0a12729d663eded879d9ffb325c62f2cb546a48bed51ae232fa6ce28a2494c132a6e09d98c2e3d478d5d2d15dce2e2665e4a3db448931068b99899c2bd8ba87349b0cf9e3c52cffdcf58a59b4fe0089b298b42ad7553f831bd60f5cfa3e09102fe773e4c05412973a678f3b3ed420433cd664dc7f218e816a17c5c9013ecb84abf2dd073557dbc41b92a91e0339d57b8b077a9a44d56427fec5748c47c1460b2e2412094db6d0ad06dea0aa0c1368592594bf0b2f590a9d6149e44dd4adc4cb42e5d9940d59397b83b33b88604c210694e3fbd84795c80c1b09ddb3b1ec8bef6e9dfc4d7f295e551a79436007ca48aa605ef5a89571e59cb26f2766e564e39d3bb441deaa0c8664549881d90a77256c0f6c77241fd6ab74b0e2890f78ff16fd2f9271ef96ebfbd0b878ba9c703900752b7447f4efaa60bd9dc9cd5673a36b39d49f54274caf03c0cf82b95141fa20ed3ce02ebf0dd74d9eff8eb9e2dd3a2976b244b12fd33ee75c1f1c459f86a1cefbc817f42d7f43ba406098165cbeab99df4fe751ae3382efce32af252e461652c7598161e74fd8eeca474fab6b1ede039935f2fd4d7562623b90a422a78941f47a76863d95857c33653d1b42b806bbafcfeccb7bb4a0c58acebf6104b2570afc3ca88e4fdf2719cf39c964a1ea7d2ae4a7fadc938abc95adac495093f6b959b1347501606b3f960b6d739291aa8c13eb49e98b0f78d2b91400b6d8961cb6165c8b684738e4d4db2f2ac30ddaa03a5e0cde4142b625e81907f08c60d7cb5729456806c89ff0efd08397423e44738ff38f8e88684f3a099dcda455521caca37ab4f4d9ed5d37975d4fdd778b97cc93babc804864a35e3a2db04598152e67a2f1f157681c3962d46ada23ea5d9a524f9cdbdd08a07a3a85b1f6fbde11d5a35c7743b83bbefd19aedf6d92241d16aeca7f33cc51839b75f111e8edaeaed808daf2f43fdb3c6f032ea45052ac31d4870c4d0d76aa75d0b88635ce449054013f234c4a16cffc58c95ba1cb8a0a0399861eecb1039bdedfab4d05f0270c6b16f03f6b8e629f687f133ebf2662c7f930530746679aac2791f54d6a95bfab5be0c33739074ed4e7ae88dde4a8036a7d6095cf41776366b6ae3f8f4a0734f48c275e129cfffff5e0abd042f99a957bf6f0f47fc7288750f4fe30198f8cad7067b36cd87ebca08abd3f9475e7443f83cca91a1ebfc42ef3494871f51f6d52a5524b9391c687571be5327c7c94ee2a096653acb410917fd51e56a92be4f24c1db6b97b465ca84c31c04c2f61eae07e952eb6554aa4d8a380d9ee81c1c462c360fcc3cdff2867a953b655562cd06162af8b99bbe662e0c27ce4d9a1c1a907def48a3231c2110c930a2f1498e32dbbfee0e5c5869332f3024fa5dfb0327a27c663cacd4e9902de34dd93529e90eb347bafa5035f56fc578e8386c7571d1f0ba335225ecd8be026b4544ad70f3af11501a53119ee39a8558ca0ed5b3d897ffb9cf0fcab55a0942d3bf7bc6b94ea27a6b748f2cfda431f35252c44610b7e843ed91ebf7e8fe10638f04f52d6d5a7752ec62350efcb7c473f80b1f2a26805151e8346d39d23551e92fbe372df7979c3f756bbb43f6bed09bbc6b65fe6fd241ae1c2f1a0d0b805c582853b85502968f9478e9a84895f9d4ef01ec4f3f571e57cd0bda68ee1f6f7e14fb6e0f4ef8c7dff6796472a935294fc27b16216966d5021339ded059687355b42b55926854bbfbd9f974a0c26eadbfca8a6183093996cf252894e6db910c71ca3ab2e82d90d371c36b92c9409cf7937bb266ea9b29c41d774aa522e103cb30bbabfe872b57beb027623742806aa7694a859ede9bc1fd7b9e32880b064b0030fce1a0e5cdf3ce558a5feaa32e323dbfab6661c5878c9377ee52a615b7c17bf1228e328aa20f92d070c71561969e1af532e76835fb0436810c3d87b982217edfb1143bfc3405ac9f6f3a50145608dfa8658b0ab642a347255c55b59cd1c5897b2cf625a0f0706c30ca1c1321e90cec57b7c3d1bd1af455e3732db80643383c41eaa6781f63da6233360ee720cc04d171ae2445b0c071e339d547f7ac32f407d29ec7abce0a9e1ef5276544877bab2f84bd2eef47ffa66f96e7170cd54d836c9badbc59435146031502c1a3cc744a470f693636d9050c5b894d2d6047df60eb0bac16d905d46cbf017ca69d66427cb88036eca4ea9d0e579f6bfd8a4a850703a0fe49d39c107c9358e98689fb62bd0475aab4b2031446b437c7f9e373caf0270a28d7b15c71f02079dde401e26175bb6e392106a9072021f0e5c5145a1db6f595b032faed8551f6e2ce318db1ab513db876a3eb42d225014949c19543e9c5dfd2290e28c5d72c87223f0195ffbcba1c02c7d0087721efd2af6881dee7dba7565e07abc35bc3fa41c6a4d6a313222ac6dbb117c69c62db2691c68869ac5fc5e987b0ae4335f815c73ea4235da2582dde81d6fdae5911617daef847be17f2bc09edd88830eac03977f89179fe03eb2dc3b38df43803ca2d38455232549110f4580ec3cc04c0d8cfe493013d2cde47c506ef6a8dfc42d998f70378fac5ce4709345926dc477e9e339d8c87ff6287ea6e2873e14d538cdc3f2a47e0e37a2601652f5b665b616a7d1ef3537a3327a76f93990f7694e6484e7a52a10e9eea2edc92b99406abfb2b11ec86667c7af4a333dfe900bf071d1bbcf4f0ad768fae4f450c53817c507d26e926e753e3395201d3ad89061f16706d841994abad283f0db74cada25beb5fe46f48669a62e0b849cb77097e1b4578b45062af4a071b04f0cfddf87519cf2bfa10ebb4b860239ff187e6dad73806ae968e6ac0f738baa88edb3ae4883a9e59be7a6b222c5f54818f95578daff9fc7a7aba8c4a41a699923e85ddf24a32bb71c808516f64d506058a70539276d57984d75161cba7d53a4a864c51a249a6b8fcad5738dd0055ba8468b56579ba5f102642df65c598490f3a0c9b1064f4eb1962c4c38bfb7d55d496a0b0f7b3f90b42f733d112c89176aaf937eea4bada845f3ca4e9b56b3a5a06b4c90fa4c1914ea47020c2f32531e270007ed389246906ecf2c4465f7cc5d6a347583dd73341ad97199021819be81100d867d628323ef7552db945e4c0be604cf6c4a8197958bcbd6c1879387d3286dff979632c54baba2a35ea84efd7726b662b94fae61464d069e0103692599fb86fdc3a06e01c6ae3deb3de6fdb21806c716e5f82b784e4ad3f0e2de629a18e3a2309003dfde9dde8e5101b83312f76e811277afc286b56879f4eb80468e58c60bc088284d05d725ddfe3185b7c51b472a7ff7db3930839142d4a452ddab628e07d43375801d7c6a711a55b452748d770b84ede35920c1ac74b595baef963d21df9418533fcf959593ccf5afccc753e86c4ae231eafe77a158c2472143faf169db29bf2b53c3288d8b3c9added65778095f85e2cb471ab58362041f0a27d874c42bbb06385a0403ca193cba67cf70029cdb7e73c7e2267b856fa0b8dd4c706b45e7174659b0ee2891df911724324f7ca5daf07c912b9b2abff762e62a1817688757492975db7185c4695f3a90895634b8d07453b36dd95197abc31d5d153dfb0d0ec92639540e99d6590f9b394f14c93a5e829fbb33616e810f59c502be44a13b700fd3009545e34c211abf9afe1bb8ced793c6f516d40010649f83a78ddbe9b71d8596582997d0aa54192e1200db61dade30500d72a184ca7dfcbfb80e5442f489d316cc8b75005564835d4b11c482e2c4d0d160f14a8b13ae0a0fb0ba5e3b782770aaca357df0e1c4d1c3b28b776a8b3e0da1abfd4f7190673fca1e1c5a31c688d6e8ddb21300e4178d07c4e854a718ac3f672b0120d6a54c16957c9ec8c444208e47737bc4eeb0bf2d801eb2fcb72f91fe988aa75f38e6cf26e858dc2a718580ff5d281d13e8fc3e3bc30c75c0193481c39c375a5b06b962d9491f3f1fb80f1cb27067f0709e0b0730573a9b5f5bdbee1708ad84b4ceb1a9a61e4c41e90655764057bfa07b8c81cc83a315be1aed6a49715479c0fd0f53f625fe6c7f36fadd001149ab978532e4d0de3d1a38934c74265b161899843704fad16ffc6189f42a5cadec98603e0f98c6889bd4a559079e074cb40678fad4690a20d988735280a1ee8ea71275069132101b35c18ecc9d3c6eceb4cfe9b165e4b6acc17d4f113ef8283c0fb6506f5635401e916d4f7e7bc3cf49aed166587a0c72cdbe673f467d81bc2e9cd08cd8dd16d90b353481df31e89b45e8b | ||
| 25 | MD = be3cfa6c965b2ee4e6fb0236665b0b95f66c8da8b338375b7393672283b0e50b96112d7cb76fffaa6db8ea4a7687fc6234dc1ee52e764d69ba8ac40c0f51beba | ||
| 26 | |||
| 27 | [L = 48] | ||
| 28 | |||
| 29 | Len = 16 | ||
| 30 | Msg = 3a35 | ||
| 31 | MD = 87bea682792f6bb4977fe1b92e0cc7017413dd263732c3604f0ebd63c2817ce5ddc5d78c0137f614a06e72ab1cab2f4c | ||
| 32 | |||
| 33 | Len = 104 | ||
| 34 | Msg = 7db15b3ee240b45d4610950996 | ||
| 35 | MD = 7311a6356ab38a690c0b3a1581c3e7b6de418996c05e79849891b061c51d53dffc0fff2b8ad1c1eff165aee5ef6e18ff | ||
| 36 | |||
| 37 | Len = 352 | ||
| 38 | Msg = d2a1efc725c46cd6a19760f49edf0bae823c1b4992ae2260085746cf65833bd008e56e64002383f51f960239 | ||
| 39 | MD = adb1778360ec659e90609e74b6af219a01a024f216b68aa944841429ed5b03b139444b8b848f73fd5f350ef02d46b6ce | ||
| 40 | |||
| 41 | Len = 1016 | ||
| 42 | Msg = d11ad1253592c094746da7b5c88d329bc3ce1929913b8be07e82d3f6b7a536a855f31ad197376eba6f2f4534413fc4e4e7673fdff8739f774a710754b568b7c61a473059a41c98aa4e86617aa66d2601d0f0d584cd9f132afeebdc0ce3da6a8b290059e6e4aa080c195c42ae7f7e1e99865223439929b0a3a0d79b46ca6419 | ||
| 43 | MD = 0cbec7be7299f48f043c3d1aacf833b4258c32190a21a8ac2471666b4a51b63cc77fff6e081aaf5ef21b1b7523d65763 | ||
| 44 | |||
| 45 | Len = 13696 | ||
| 46 | Msg = 2f7a9929dffaa4a4dcfeea1fc37b18e3cf935abbaa17cf9d834b3a8d61e9fabfb7683cfc387d6f46ece3f8bf845827c7ebe86a651d6dc1e83c5772cee1a9fee4b04453af2f68430bd87835126cfd1b3f8beea4d3822fb27864570e255cb65b414197480b6bc20a39c5450adf2474da93d72f6ecf8063899722d3755b7a19f71e93e782d89593ab19ddd3ddf053c54e0bf832311fbf132e8b9e540f38e4d9bcc3cdbf69de54e40ef348a9170ba2f65def167f568ce846889c0161448342fe907718a465e451bc1b0f2e4f21f9b911f186589f43dea305811473837c063b915d849c20deb43323bab4b64e61823f1df119e71962dd975700391b411f8778980a3080ba3c14a321d32c082d416ddd2345f0eb751a516d44ee55222395cfa11e7fc4edfbe7cd49bf4ebd4d7428843a2ad5538b3cd201ccd431aeafb146a65d28a4870a6948a7cc0413b0adac7e8dff3a898aeff5f4b65d10b28ceb749bd354c061c3008ec569d5f90a4d4f5caa51d35b49dc4028e738c8ff5939fef3fa202fed9ebef6f2c7dd0ba41cdb5c0c16985f96fd93a65d134fb4a90ffc0fb6cc5396b843c2151bb7c9170f2fa4fb44292a4af28df5481de0c3c917ba1c46467a35302738158493fbf6a0422cee558d4bce3d78e14b4fefb65bb05043e2cc2a6a8ea64565ff6ce2fd2c4f43fc02926ee44ee02fe1dce25cfde0115c9396c9ea06269f17b2caf58e2332cc1c8528d9705c70da1f76f22aeb1d1b93449180640fb5c4c4a708bc4621d7d2bed5b1a752191cfdd45086d34f247ed1df0f24e7c620de32bdfc4d1f882380d2cd7467c926f48abc75cbfac8788f88cd9dc5361517a5eb36311e6b39e21a85fba2038fd47d860f776697bb19cdb5a4d6746fae507e274399c91648537d905015e58910117e5914f44ebcb00e771d38b30c1473e1232d4e222cebceb4810c48e83e0fd4c852f4fffcd643c0ef9e4fae2d0ebc6f102f3f749b02a5e3a61517d53b539cc24120df3957a633d50369d46c0c226f8924cae51dcaf54d716f61385fd8cf38c2c311a32bcd6594d6930133dc18ef36a9671ba8b179abe95f588ef74e8558ebbc974dc73c26bb6eaae78ef464181e18b71f4b0f986ecc8495a9c4dc0b0b96be9806fbd3d32952ca3b4737a06ed6561e9c9581a33a720123fbaa2a70fc3233b83e56444f5aa0cfaf70fb24be6118404f3e11e6ea004cf2d079a3e93a8ac1d4e297cf4fc43851dd26314a7ed6a5a784b386daa26e50c64692f7db28c21d82234289bb45bad5042236667e6d70a24bc9525c3adcb793a6a5725d9b10911e3bc8e3fd604db7998346e7f7dd1815c0cbb735a977bd4b32b5b976932bc92ef3b56bcadc089045ec95f241cdb0a84c67f1f76353da6cb493bb27a881d37a2106b8b3010cf935eb3601ce4dce3e449eff8331e444ab117a20809a1010db4cf3be0c488f777b6532df908112e3d11592f04a0cc16232d62340cbb8b5268a662b8278d37c03d848a04f0ab498f5af43b0a20e310197b7e1395a65299fac29f051bcc5fcd09a5605bfee370ee8ea21f5807d9748acca815a44d81796d68b0014eed3bb6a94233fc51725de3809ac6f538beaacf8cbe3d96aca21a7a763a957f8892f22c6d086d9af2e5ac9d90321e186584f17e964c90739559ddd034df076c4aa38c2b78aab6dec8ef6be9adf33bfb66f159ec4826653ee6cb483539c47a4a1d95663e6cc7a42a3bf628623a4c9500a59a50a312aa104b198ce5f3e58952bb79ff1ccfa9ddba2fd4705e91b5acaddab9d6522d7666264ac5f533b6d8ac4512d8371c69c06b6d322b046ae2a0a20aec1c3bfb05f3d91b9044cabdd873abb5f2b0e3e19740df31e39828f9ff9bbb20b73541a7a70b8174ce4e43e0d356e629cdbc6c08d29bd7acb6a4347823075683ce9d7de4ab3ddda6572b175951f30a15263355fe9641b3322df7dd52077402a884cd472e6d0b6c34cd63ab63cec8760c7ebe384f7cc31066bbdb7a3417425e039c4d340166e4bba4839076ac9457c87459c57957d0a06dced2f7a18acd22b7295785dafa435a2a8a2c3a1fa05d115fe129d19fc44c5a29bf15b4d9c2b375bc8e591f92756cfc573a39b8fccb8395cad7617b11f14a60e2dbf69b897844cbbcb70363010f6e1bc0590ea594aa924597dbb32a868b55551789f82437180b85661809089d34a168d44b4d788dba23b13542715843eee797366d9ce7793e72331735bc78cd61b13421a568ba3e66926921c04e9d00888ba7ddeb474db63813756ea4a02c1823083e36ebd2d32d5c88cdebb98d511304cc276c7799cf84a1699ccac9569b13f530c762732e6bd0f8415001b2c02d11dff36660b717054b16df49ba38425e3764a56052ffddecdfc686aff22079897376cc15591e11579fe4feeccb55f | ||
| 47 | MD = 70e1259106fc7a7c6be11d95fb673bfaf0074e342fdaefb458faf4619e7f0edbd68d509b9ca7243d2e5e039d42ee3b47 | ||
| 48 | |||
| 49 | Len = 100816 | ||
| 50 | Msg = 5f464d3301c5e0871d6b41b002dcd09abc80a805de3482d97f3fd7b9838745da1c0534168f76b93c3c53bbabd904541ffe5179cae619dea77446140b7400f47d242141c7f2e9894d88f44c9e066861498e7394f206f594a419790d697f6a11187f84bc6fb288186109343eb11172bec076d041a4c7306d7978c009fc2d2d62563614ed3555ba2d21c8fcd70e8389352dbe4ec808af3231ce990452eb05b1b0dc4fbb1b4265e69235cc3561dae4148c386cd770474863a84a822b2e5f905fc255d55f90bd6a760d441dc52240ba7d8c888a5283891a2c99963d1fe680549d6267cdea92cfead167f6c49663668f2bfdc61fa647f5abf3ce5ad2c6c175dbd456ba41436aa06f5f68f5c88e6b74ea86a79934bd05b486210d3d470a0967ad6d67f7385260578088d7e63197849354f651aad07e04ed301f1fe7a6d2047d50ce5dc6bbffbb1da6b47d740898f4eb54e3c5a1fbd18ec93254cc01f705fce04e6100ced132c519674b2345547804a372b5c925bd9ee9701527db33408d37b72f8d18b882d3c4744eb58f011d21fce336d426de1fcd5e09610216248b51fe2b79b96c2bd6ca0155e05a8a516b7a24d529a9a475284735bd9c4c437ddf399864b64fc5d0d6ffc4e5a7a3dbdd476bc39ed29a0a92e1f2b6b3506c2be5452d4f896db6eb4f895b554b2af64c4cb8dc2369b91022dc50b7291404cc9605c31569c32756a64ff8c4fbb0f1bca346c7b58a5c6774b2fc7f7fd50741d34c8564d92f396b97be782923ff3c855ea9757bde419f632c8399763003b58ee9140c2d62e914c1e1fa742661a9166d42267edc40905b35a25d5c3cb3fb457376b7422896df7bb19c23e8f764416731d2e20cf2c1beb8663c07edd8f105e078e2fed05c5e5897c430017fa2160f565a75a4c5c64a15dd7d644bf355d169ae2696ae5ed1a39e8f81055cdf315e5b0c6f9235515fc4dbf30281ef17b83a6ed604f89293904bf78c7183fcb0ab236cb1f8935e59c51559217efabc000b165d819b717118a03facb61a13a99b194f8b6c7ddfe5850127d79078397a56564c7ed6716a129409680434061b2a4782c9006587de927c1ae09d6778a5f1c39fc419fe10493eb0d4ad492fbd05485eee7913c59df82fe7182af2cf06a6e8edf06676200077bd1408f5c1cec537cb8566470cb44895826d04ec20f0aba4297c501add65c75d5767ad2ab63aa81b7b66f01b32590f1d55b7e50e6df1ee077a19c8c895f5ef62d452cc336e9aee171fa997ddcedd7af86e6cc37722fb5838a46c5e58e7f700edfb7c6bf832171d9581f660752867118e9535a6118635709d6f1c1cb21b938068958e956149d9bffc67f355cb88205d4894ba97c3e3c8be9fa2d20abe79f3f93a6a2f4f56fd075bb49a4b7dc83630e58c32a29d757fdbcaa607352f65483cf2cb4208a3bf94ca7a25e2a4e05279be31c33696c10fa4971d1b64ee938dd299f483e5c098845749a3b706a787529bf2ca56693d0a7a98243e6482a43e1f5d3086ca1b00368d8ead5ed2d0fb79b1e2f537ab9340809ca3a9b5eb2900390432293008ab7086c2811d33de0648be5597ef002c7c462b5e0f4e0b1720a98b2299ad7aa55eb78f0c77c2ab4371385f280107ae40ebf814a8223dc74f31483c63d9e4ed09fc7e5a51bac34d69d97163116a66c84ea9fe4263269b71fd228555ae3cf5109c4d6ced7b9049a2b8069bd2f71834d6c07fffbd7561939188bc07dcea08086bc7182a5270427c3199bf5fb5c4549861fd32a38ec81c4ab058c777dc01864787f0275f911a17838272cd65135f66baf06d8d93bc439eeb55d50b7c5adafed8eb8140b4b05f59871dacf954f4b096c30b7857774fcd319c096750bf605db8e31fe02cd1b9294eaf8bb009d4609f2cdb3a8657f650501b8553765de8f572fb91ac77b35db35f402453e5c58f60146f2906ff56b9c6b3a5d0bb6afb9e2201110919ac9c01a7e9750dfdb2f72afbf7a8d6f64b1c68b9de17a2c9abf289eef24074eee9b1649caf3693118165503a30200993d271aa31b8b92606a10a52612dd1fab495b82f9a98cade18b9d8a723a71ceb63fd1d27372bd281f9b40aa1839b0cc2f2177a09aa8e7b159ac118d7c145e7a4f032e788d21facde2b4dbc1d5d2238f530d9bf9bd2798f611d03ed8919f0c85bc2da99750b7a8d6322d2e66ff6ab9ebaf7424e8c1c3f4fe92be61f65359106395f5ef995e925be3868ad513f561f873acdbaf18590c903d64bd275121c11ea655124d091740887868544c5348664399d3da96e2e35fff34f062fb939d656bc072096e510b40b2f75ff010af68d64fd0acc778e2e13c9667de266b1816c4ac449521b02bbb217002c604be72e73051aa9048d192e3210a68769dd2693e5d44951711aed3a751240d42f8925844131daa36c51d7d59bbaf99623fddf1649db954705fd6f3405e63894f5258c9ffecf83208c2c90cc55b1a8d2972ea6b3a049ee54942b50526b7930953986e428b2c75e47ed870bba68dbfa624dd94112f3059da0a80c583baeb570fe8314f5c66501b34116c81148dd22396fcd6479da49f7e952c8084f97d6803ff85c3787222064ca368f596a1ebb6dab20a03916b3ab071c927d87fc10ecc4e7ab4a5761e3eadaea4de1a0dee30aa39a9e4dbee047201d7d8a4df1284cf668ae3ed7dc4cb2cc4b5cae9307353fd2ae4c105c5d9f3bb021535fc3ae9bf3ff54ddda8b2e1037cd9d69822df436dc1c750a9f557d1a3a63fbe73c64261dae0c70bba6edb57519f5b957f138d1aa5fefe01b73c1851aea42938147bac2762527a492cb85da43014c876e223b05597354d7c9b328df67f354d168a84ce86dff57d8a870db034196dbeff83ebef80bbe52425a8810f2c9fea29ee688a201cce4a5f447be789a3881a9da3b6c491288e8f1091719032608b332e0410f4576597e17e0b5dde305f069be2e80d565bb979a3915488f88e3ebb90e81c264bcaddd72b8843af4a4ae31f723d50fa0995b027c334c351128913bb93e67b1b08f101f6b8dc8202b44fbc3d3dfb530f66e5a8f35e69725c86998c05ac87c561a4706e90fa095adab4a566da4fab82bff6b20076e5bdf62dbd6614245b6a6f8cb6bf60106f8d12b9c3e26f8127dc547e2181531ce980a3273f452892110cfe1ea834a30f99d66e026a9d22dc76fc3cec8fda2d7fea701deb84dd45c97dcde57a017693e90983a156f11c4d168d89c06d8a32dbfa590adadd16850854f24bba315b0bbf372f03711a20163afa0c137383b9120b26c59f5e9e7cd2ccaf0ef4e0d70d5a81748ad441ee5fe178e14317cab184fe178fb0cc0d82105d2f423467fdcda0f9871b9d84882609248356f3053a99866dad9f9b0f8c4a897a8cb8f30365a7ae5f3ca6e772d863d445e6d57c6a478e35d719d0e4e84f3a30b1816ddb55bcd79df21ea0e95da72a19cc1fe74fc576120bc108be3ed4cae3bea889fb4ddd67efe858a994237378eb623dab070d954ac780c1e6d2095383c98ba622cbdb18fb53260979fb2672c21a4600f4bf06583a112d303096d4e30e7e1060d869f386eba3cf7aec3052ca17593dcc9969fa9cd88179c262770211cf53f53f175037a5cd445d239cee48f7ed0aa1d715a22ac18a8aeecf191d415e4afd92b76c091803f4c757a9e89f696ab7b11ad6d5f24774e4a004dcb0e3f33705dd8150431f051016af37647b9e44b10bef114276d4b1055b634461c655a82a847639a038ec9f58876e84e9a2955b696e072d8054c3f81173473604d5fcc0a75b4a340dba0c375beb87b8b01a0f2de232bbb8371c3a9d27a0ce521c4c43dd3bdeebf92f42f87d88978d5b4e3e563cba0e5f59dd29c31096885b113ea5c57e66a3be015b703bc26d3fd1d51a7c14f85f65747ac909d7e30c8e800be27eebf4a62e42e538ae30b6883907cebb7fc5e150bc9da3a138f394e817df9a9e44420078f30d0d3d6981ca581791a097a5e3982c983d5cec239096c7d8cc55c87242026d769ef1d04eb96e5b5001e3358af88d417cc61f107659791a35d8b5f7a5767ae24d5b2ba7aa12230076db1f1b9b6f213dceea62949d98bc5db38743b23a59ea75dbe4231a285678f5f07facc053c2048022fcb01f15e8c100d64a877ecd56d196a6ac60ae35e0e09a517224ba409ba7b70d8f9fe65bc427b212a4e9b3cb17b0d332267cea4f3bea7c1e550f7ffe567b20e3057aa0ebb560d00d28e2f7aff718a9f2d4d044f0d20709bb9ad567c98cff7c4810e8c542370cf90a491bc1088f69998d59f344b74db6c1bdb61f284e99b517a11452ca0bb37c7bae77fca6514b341066086e600f098a32a92935380a173c9182a2513584c54ff67e580dfe16b508acf1729a3d649ff1eae286bffd688fe658612d6c8e69e6e7f7de4ba85ec54747cdc42b1f23546b7e490e31280f066e52fac117fd3b0792e4de62d5843ee98c7201529455c85b169fdb90cb05e3403cf2f737148bd20a53c73880880a14ffff37d62130e682e50bc7210ea6c1f0c27656cc1785a0d9ce93ff94dbc5b2877519d9bac4a339e98ec594a7cc76f4ddf994fee8070dd4b8e0fe0e51b93105fcf566f83d914dd862b4ce78de7e9e16f142234bd969ff8005dddc641dcd3c7cfbdd6113cd3ba34a9503a0f433899e90e158abde2ed4ed4b3711c991577c5aafeaa982bce80835f8e6d7c7975571fafb1499991646bc499ec32930367d4b1de76ff656442cab987bdecdbcc2b2bc35ce01816594bfa4b6e33080caa41dbdf8ebf2205649f98a2d3bf331fb16b9ecd1824eacbbc9f81297b115b4d36aa7496e05f7d40d4edd1886c1bac10cf3f97840a03277e6369e7a7e90d932050ab8720fce076de5c355fb17959bd75cfaeff325b0737f8f5b1160de0b0184ba04afcc30bca77a6a37e29662302d01858c0bc1d32b883011b7df5a387805296cd91bbc835a3e76152d017ee929d4cbf137eb78db89d71617dd76cb00707aacb8088ac77a1f52ed710331193edb29933a7efd8cc153e6adfc2c6637e88cd86b06036b8177847b4d086b0ff9b5dc91f3cbd1c08217023d7449253c25331594f0f16a3c5f2e122e0145c4ec94f096b45a1fd0b2dd3f1d51e58978471782a336eae49d7bc4e050d1c6a391658f71a1f752c0ec6302bc2dba9e3766359359ce34955a2db86740c90d09cc50e92dbb76e17a39955fa7108bddeaddaf860d1aff14acec8b609ac1d336270a940604209df91cf45be72edee04277d694a6f968ae6d8e065702f3d607f3baf8db4ab7637fa4c78bb0b7fe69937eb1dcb616fca564a5a521e12df71fefbc321187159bd6a47b066a3440ba634de9153a94546b63aa33aed9da2018e1f30628df37f5360ca4f2660a46ffd73e58183e8abffdea25f7bdf798a2b7cddeaa481bcc6e682a67e99143066963d96d4a928a478951dd6ec59b1be8cb23aa688e1867738aecdd9afade39c92c0b2572bdde84eb912ed990ac618834c412231216fdb84f1e01b3f8414fc6dd0f646fd0fa62bb0157b3535e1497c9272df1cc5dcd4e6ab9a8456222655c56ac73fe0d2aa8b599035daddf0986a45b1a59510abe19a11b6dba065c8bcf8a85d20a3681c2414dab7c036cc1358b1dba98d6ae62c5948c36b5b3e307a6f860c0c822ac724a5c917ed5f98ece548a7a741d366868e6c676394c3659f7f6786594196dde332543376f9ba0724b091d30f431f91d919417e5bf7ba1e9a21cb80f6c204c3a58d59d960a5788b5cba5abd7c7518f4c5170115125de97009a6c3fc4d5773e4f57fdd433eb7422c7c4dccee57a1679633ced3b5f08df763d4577983c5ca8b49bc4e08fa76f8bff36daf0fed068db47f0c87e0e45d518dffe37c129cc6e2f5f9e0430185723098e715284a42f302a6b8368a4f2dc16f534d1e5db9d0b86659fc4ba6f16c982774115d02a57684c7e5489b1f491584b0f0546e4194a6041f5e5be3bfff3852a4fc772d83491023a61a37228ef6260edc0d1cb972cba610d5ad1d92d554700771d8236ef55e983765ed8eb21e7de7c8bb51aee9368758454fee4a3f32179c1e54af1d069e0b9728cd0554351907e018146511e4d6f0450b57c8ebd21c71450116296bdfc779945da60b9192c5bb9a67b1f04d94992df4cbb3e30732dc8af2177fef17e0b7d01740b8a64db16bc29c1e589b6bdfc967edeb2ce8a649ba892bc856a929f0b837a838ca7f917a52436ea3d20e72afacc5b9d58a7fd0fefd96787c65ffa7f910d6d0ada63d64d5c4679960e7f06aeb8c70dfef954f8e39efdb629b72979be208d616071289cfaa0756a4bb5eea5c7baf8fe7a31501e7e2d67d708d461c0c93e85f03afd70bd9e16437171e01a34f475e4b5a58d13ce4e2fba72bbba93403f3f8981e0bbd6a8a6223327bf096c44b36e0ccbf7592a98c1fa67f198b628787ec80aaef848b4fea158c715799e6f458327f399e6420f0e7821f2dc4663bbea065c7bdfe830b6102e2e7193381b9dc7f2381ba808c43b8fdf3addab4b5fa81564716f7d46e0349d9b27b559710d723c7ef2f79eb55c3a9d75b99ae6fde6877b278b583f8ae3cae776b914b0cae0772397fd19b6a27676c7ca02cd07f4b4d49bbe1ec87f2ac7e39e5f7712319c31271dbbbaf4b826af8a9f4acab696c62719f7a6a032c4bcf90922a3c630647b7c1c7b78b10afbd863f07486561a0bc8d9b1ff5fc41998a7e3c604e24af1c1df2da1dd5d83eefa2e4012f7fb5959ef9339574367deff73723484b5a969c8c23dc251a3b887f34b9ea09c9a1838e8aaabb254445d7556dda257dfd5579737fe1dd6c67f3851ca68b011e7cb7b6958d588f143828f0bb24fceca31b47b77d1ce05e75ab05b55d6c9f9107f0c738f2cf8a1629f7e9b2694324e082503937ff8ca7c5098f770289af7d038dcedcf0ed77c8b82e2a9003a6f3db69e14131e144f6be7cf0bb5353ea96aebd78befbc6ceae9bdde97823cdbc5ca8ef8a993a9d9383aee9f2d6a18fc64ab92990672ea2dc9b89ed248aacf7f1a513da43fe5953335afe76d78867a066f226ae9c727c6c60671c50a50732698ef7a492d51998eb6da5368a667baf6d12b77eb36686ee0ca239dc6f3598be0bda79e47f0891fe4d8989df8c685480de11c148a2b44c8a6bea3a50b09be557c51f545a09a30e9362cf3080e6a6bee3dbad370ce24f6c5a6f8091007ca195057fa3af8f99703a601086c2a1ffe55fde4c2c4153dbff8d6601ab68743c0d50d021b0b3099535ba6c40f866ca3ff0df7c19d709a3f58b57b40ab5e43556a8c0c1938c875267bb39c0db6b45840e8ee7c22bf6b48798bd744f70e42fca343a8bdfbd7f55f275ca5d62c7288756d4861fba68d16d842c5b893c1d8171bb3c8b593387d3426f292ace5cee7753c9f9a12e6bb9af5a24192e4184f7d3d191d862d3c3dace7853eaa235b6369fd164e5a7bddd06daa3eec7fe4130e82478d36f88a0999cba1f251ffb3a7689ea2baf016073193898716a9f933448d7ba8e0968c669bdb7dd5e6e32fd84a6ce9e8632b393f9263532ec2107b4c0d2abdf3abb2de2d63511805eb58a70bc4ded040d76640af60ce7f03b9a682b8dd84ed8a47225a48e0b94ea47828f1c8974cd64e5027d8b13d43519875d2bbe4461a7f0f5b5b8d63a472765405ea9c994225806395e64dff88506f7f7f3b6368d769e6e550d4e3e81efb13771cf403e855f75312f1383ce4c2744d0b4e3735a0f1e1b99eb014fa60c0d1ca9035fbc4403330c2fefa8411fb7c3d6ede5b5c8f4736106bbe01923d483a84f031e9685a3b6a70646a2a5059ce35fa496b3f21fca6047471a5bdd33908cc9328de9fb032347c249bf7093390b750696124621dfa67fd9c7fe85d6e5a4d277ad8f8d169f8b5e8dbee280f8443518bd94abc5ca704e781e6cb1868ba2d6fbbaa850326fbfa5a20e4df6fb5f8ee2728e86a758763a8af21e1f7a8584d3f0b09a0b19fe8fcd37bc4fdf45084d7fd92b80544f29aba52496e2c9a0aa4adeb89820be321cfd2f0a53585a15d04c7fe4ec9be6eb5df419e20b71506c1f642df75c53a9e3b2414fe6102fa8af7be3f6c95de824c31fd6fe8ef9d49e26095a2674a33cb574e9e493939bdeaf5b309b4c51256ef71e95dbbcee0a11991693b533f916e1c82ce86d65d89b6d596017fae944ec364546e78abbcbe4322b83e2fcbb4c5d4ccb54d8642c7eb9e28c08598a356a5c46f8813e6b63ec2f3e3bb721b726361f85a734e0514f4e9c4732991ed3998b1ba8f618c2071d1b943eb0f8766fdb7f0492421429bd380deca3325c8d5c7b6ed16429539ae54f1eba39748f09aa44efb67d863cda304e8653ff7499cfad44dc27807779ef8e63be4b376ec403f3c84eda4e5af31c30f9807762e0980b4e5d9dc406cad4e888bfc3ec4186de8ccfcf631b0ba5831747a1c200d45ea06ac82c7952fd09aaae5dcdf5475da427cbc8c1f71ebe5132f2fcae15975ed6fa14a11b38766e1c446894f31c0496b0e5e96507d28e6e4549d6d78841e40630ef306491a1da60eaea3fb69bffcbf192610e2e07bc1124690fea61980e8ed654c5e796f67d26db5de35b4a2c67427833e360ac2a7d4fe7a5ce572144443ed62ac460c1b19402e85c79e3d80e1c143279b20a66d8dcf2bfe1cc44a0f5aa9b0d9b36c46c2cae148dd0f2ffe9a8e6e7274d1832e57aa39fb40553da6414094e838d613a20ce9307d49f97d904648d6460985b01af769800cff9a940f70729fe40e98feb64ff0a81c5b2b096b1a9d832e440c49e4e3684bd17a5169fe138d2544d9806fec027dd2a67f1856178e090f9bb2f9b314a202e7e95f2e41fa80dccf7b1810e9cbcaed2acc2445d60e26f7d63ee4b28e4299e60ea4fc659e7d6f0de91748bf1ede1fdb2acde9482bb76bf6716847eb2dd7517e0a94f0bbf20f248d2c79fa0f518b67a44d5c4c73a9bbc3816ba85ae8344b5f377649da75cf1857d6e4338a76446c48e52cc7bc7ce283d4252f8fac5e1427299edc33f84798316f77bad4a87849e91a1a23c0b7a86898046e278eaaa15ff33730a6d3f885dfe2d1dc0acda2a9e49a71cfecb7dcaa9e70eaa8fe15d4567a280e8960ba49d5289535907e9f277f96e8e652c21d89e81696dd821db5b7e1e53e160584477aa9e4c0e12160c9956df36cce6f4e724dd543827366010ed3d843cdf4319c1bf968a70e9b1b6bcd8af96c9eb0620c569716b7bc42e13251a6adf8201faa129844b5e1d699cafa1b66a674e732c7662b0410e5bca2704c5ebed7850d0ebb825cfb0627a183cc9643b709aedeac2c06700358400c389f99666ae97ccd37f265da7addeb07df9ccad6fa777d0da2fc47b6235179136bbbb409596841e921eb278142a19e6203c7f235bf8461ccadb4b47dd290d36ac27126c808b866f9531261f1e0f5c458a6bab6f064b4efc432e1c7379f9af19ac34c5c22e76e6e7651e48f9ce44eff542f018397889d896cc9001a63e8e455fbe4a9ee9a740edad894fe1af2bb21a1dd0318e28ba982c12ed69c08835ce17336ad1638af3cfe0ea892ab8e83d3f25e6bd98d5e4d36292992e2122c265a26cbb3931dd4c1b0d0ac5ee19974d0dd45777908bb416cbce52531820effcd7f28e1fb2d3d4d826e1b2673e834485a25af9f9d174f566abc3b36732ceefdd91a7c3885e1d10d51c321ff704d0883905b7539309ba5e7b7a2bfefd0494e90e9da7541ec37858ec05ea9a9ec5672b113cd5ad6ebfc5b8fe40ed7c3f17d8a73703dc89086b4d75c5eaf06b840bb2f5b4519a4fb17bfdca9605f17253f203efffc92da96fde023007d22cdad05d18aecb4bf08085c5ca5eecd21f2b611e7e8a0ef981fe7aa2014f5ac6862fab44011dfd33be8a1226943aa7ae5fee9221b0400d9ac2ce5241b09a68cde6b13c47d50bf310ecb37f25c32770a299020d8500d8a4b5d7621e4379dbd6ef34a9aceefd4055ea6144f54bbfedefb5b5b0fbd1d81c7a51a802072ec3d84f34585f22c1df84caca07849b1ef054cbef9b40848e9fd238761df5358cf55a79a53a1bc749e49ffab7c5bd9a28bf24ad5833facf43bcc3852c1e85cfe47929fc49c325c20d74588eb9833519f192243cf96625057899b70a7c93f8fdbfb60d8129d9c43c95f8782ed8293641ffd21d21d91a0b4db69d766f6d6497e9a414ceb04b65425d6ad6c8811da00639dce8d8030038f2d08330c75b0879aab81bfb3330b950e54c13780d308fceed2a103a1a8b77a923b66aba737654ba7995acd306aa7b80f632184412e2369c353c2132ae614553e626f0a3436959104ba6e0040dc597dfbc3602a49e401bf2249699375b2c722083489f54fcdc1f616a133ef6112a1754818158ff78f245b9046100b0e89407f74145fe336976af971c054f12d98002c68b3aa2bd699fbcd71bc4dc071e430bbf694595a951e01098aaa499be2f70611f248a694539ef8936b2e8b7a3c5de8662436fed1f7bc24a4e5c17a663d9a23b4692993301b08cb3bc10f518eca51081c717ec8dfbb0c2669f7987fe6aa0bd98231d8e8b58951b42537f12884a857e02d62de4fda6b88b6b754b1b27394c6a819e0f92f6b2b2473fe245678e252ed31477cc7ec6895bc361b718fcab3aa550fc9faeccfe77cdb5b151ab1db2e569b5bc923ee26f0b6113504d295112d47218140e44652a10af10a088f95c7cf2fccd040fc93980939122411ec643e26e7d69ced3178402e320fe156e774b75b5afc2f3d6b6ab828bb4993b1436faa5728cec34d66f520f59e82716ed6d1324944c3c91d04d5ffc5a921f4716c39de24768484d0096f7d8dbce35aeec22db11f899e5e7e3d57e7668f35d6c0db3542255d9262137d39ae6cf9bcde254dfccc54a6062fcf8982f781d9ffab2df4f49ec04a72eb9646d63bf9e1799bc0bec0ec7f0675ed9f8dc9b8be15d9f2175dfa1c8bc99071c70ad7bedb10a4143fa91c89f54777f84c9eae9361cf7f4c2b7ab873ee5785a5241db0af86f3c6d7f091623d6dc576d07550a42023633a09c8dfa21d7e70cce64c13f37663f75c47921c246f3f2d1d16a8283ce7697da4cb7e016971a2a1d0c59d6202bc18b7cee3828de597efdab53b33a9fb41aa7b49f1c964512901773bb396ac80e90ba1a94c408b2860065ae9aec64a41d76cf8842d299d0babf14d5840d647d075c34175e26a786f30091a24f1ce8db30137520dce1cfffb6318a0d0fdcac883eac603bf365efa2c806eb4f194cae8c16780342165222192f6ee2e103ae2a31dc08a84dfc89c64d2e9ada7ca1839dfff62ddfb7982c79684cfc821a098bc6bf09f87317209b16d14d45c6f38fc99f7bf9bb73460977bb323665d480c87c687cec052a5f08a2c6744c8e177a8a269b4a47a925b9123cd2c014313edae988f8aeaeb633ee5ba6be7f53fe36da3aa37ab2077f5fd75a82a55a0fe62af213b85e9e7694f78cc2b0e63a8c1b89db484722fc62c688678a511c474f0eff8eef1382946d26de00e5c626ec1d7079445c1b7c6f7f05073249b11fd1fb30257724a14cd7bbf451146bf366de2e826fdf1d25705587c4460040ab963e3bd504755b6aa5b18786b68efd3c8e59e8dbd172346fe7f4a18bac98164669d73984044f3c777368f965763742ab86a3720208c64801c796f6e3a1c4748b81e41ac58dcf6ecfa0453b18fad7e3473604f57f7da302e1fa81ad538d4a0280c4ad092007bb9a7a12907227a936871886c699db97d00a1966fdef64d9f3672f1b792c1edadc6781b391c91bea1bd7275f30859dbd1707b1f554e49ceb874ca06e92ab466efa7eeb6990667a27507a7ba789e24d593ea2af8eccb3862cce58daa63eaf212bdd86c01ed471cfc79b191c481ad773d20e821d18af85a7049034e5a9c660357a4c2808b9a6139f32c55c13282b8d98904f4f027d438189dc9487c96172e50dc1100ccc224e7374cf96ea6731032c43fbc9b367a4d1d0b31aa3fa8eb589672e69f1d9144114bbd508d56c2049ecdbfd7b43545375a099ad2885353d8c550d22dbb738e6fe3f104b444c89475a2cc24d7887daced8fa05006c02dfded01c00707e2ad04c41199c5decc1eae34b0c0abb5a5beee1b5253c3350e1a077682767a0b9124a4df2e8879366fd37fc04d4dbcf89883892f46a65ce3aec22123cbe6b3af6364df1f9f5f9751bc8179b6dcc5c126dd65feb7d11a85994e90ab6342834c79c5f82413e88198c73e932c66e3cb60b6e0c0cf438622e5dc5a1036c38afe9cf13559044a9e90f5fd72a3188ef6b1043f5f4e6b40ea51f6235dcb33b3099b2d8c2e02103235f0476ad51bce6d8a2934068549633e521a3ee4c62c22b042fb86c13c8da849233205a5e277aea1129678c31f5c379a71fe08b72fad9449cb923126dd465d1e0ae8a925374149b8248b3afb69f168f3ae701c00f6ea08fe07f1b5338ce6af2f3156ba6f300310114479f2f6119367c88c12c158b84be13b9c8c7b5dd7c90edb5b3ea1fa5927a25ad6d5596992dcd4877f58a134e05dcd80dde4fc2c2a680cc0ccf3084d3f4970e3603fa6bc5a180fcf1ca4241c0b8a1e7c607dc025016e297e2b0645de4ec2fc49851b9374f3ef99edd897c284a67b647ca8c96fcef935d541e9faf334043ea50b99fb8819ecce039227b624e52d8c20003b5a43808e4990da8e4398c4fc172b983351fd11a13dcd2aae5193d42d46e1b57c92e3e01d23fc968c729f3782d6c07dd5a17af2bda96735c12cc7d8023629fb0125e974425f7914690a7ed26508343ae58c8a439ebb6232049a194768d4594f5d65aca37a5686c2a86dd04bef35d74e0755937ac0ce3ebded1c00c8adabf030e5e4a5f44193b62fcf2f1bfa9dca2a25afaf2f1ec06c5d17ef3526d26d17af3e2f257ded24b177ba41c0ba64fd4fbd5042fbd5961a105e0e9f77f3db13c1b6c5bd9a9d04801a5c00a4c544218a21016c65bdff774a44b1d05256e0693e14d76605d67bd10048d3816caf31a6d10886c88c783538bd93e92bbc4484f3388b61adac4b92b911c76ebb1dd11b7b4e40be032bccff610068746f41e34a1fbfbfe5faf57c8a4331008e2c1cfd69f57e74379ac80eb6769f4ce4196795b835201ce4ec85ebcaf5eaaec242fe6695cbce1d53fde5b002e006bba8c8a1ee57da061ceed0d21bdd57ab0cab9e46bf3764d9a6c3ab19736d43b33f32eb955f9174ee4a54666e7f19cefeb49aac7a59b7370d9ae730b7bb4e08413222f0a66bfdac252fb61bcfa838f262312febfde8add8f6843f1d64ea3da42d4ef986498604d65737a44f5a099338520cdbdb65ce73b110dd4bcf8592a4adc3e0170b13404f99f0ec8f9fb225c1275a921f09369db165e9109dd5be472b9bc1901bfd882d264d9ed8d88b4c8f3b35f88b69e3e4b8ef5debb895be536a3af492d968dc1caf31879d672f70ad9869ea98335cf9e4a2760f955fd3e8099e4b2eb4269e354548f9de9921e50e49f3f5cbd63468b9db0cfdf17250c8f13535d4c0a1f21c87967cd798fe93b9b2960447401ef90db22c3adfba0f55f5585ad37040e8d6745184dd536d5a26edec365bd6edff1bcc616cdea3bfc8b9d98c0ef9a626054e361194cd05b2287612399f6d3d3be2f71555f14ad2893af6f60ab61adef663c3c2464ade671dd5ebc71935aad290573588fe6e11f48cd2b7db62e4b9932890d1b96e1b83eff70f026d199db75fb1e83197c937b672613c66ea131f485b4318e27c079b4018d4205484993bf50ce70275b244f2caf47cb47eb2a9ca59afbc78809a912eb56a4bb65cae4694f682c6329c690003a1c355f779b5857a60091b1c3685995a366cb43d753a704d3e59c5f5003c78feed877351e27334b3fdefe5907edd9eb25588a42248b9c4a93efa7cc63bad1e5900b95b70436c35eb85cc8251c4030fab9556920141cca24d6acd3122b92b7e868dc174bf071117958a4797fc90866aca685f1456fab397ae647ab9970348082bd74865bab7f248568db98ced7ed84e8360fa91afde3f23509e6b4caf948349ad9fb6a4efe0a0468302cae7a0f999195af1c19058669fc3b88b2780b9075dc180298498caeb7ba0cf8bd42eb36b1959d5ad3ca6fd1e85f76abd27ec5fb637ee38173ad7d86304d5708b6dc8817e099e77f5d43c1a70624cdb96e4e6103bb25e59eb51d894d1dc533a74005bb79cca35b66e10c61d06b5227fcb071457025d605a0862218ca252b871f8343ec231dbee15688aeb914c0f16ebabe6edb0a489b2bd10d4392c6f1863bb6a62181de7cef61997ab02f3bad0a893cc0cd8a99cd7b3f7773085f0929de36b5d124e3729140c375de9a2d0cd9a360cadf17b9e45b7f2adbdff9e75b743b62642ed67aa703b8ef33dcf51a50edc7dbab42d3d2b49badd2457a9f92847aa6a60ae2beae457a5fce1a9e485ecf907be22913893cd1350f20fc6c81c94be426eaf01864e813a03e4674491b61516bc95d8a77c15f03d0adfc4adc27f27a5ac4165ff6518eda1a5c408708f78a9e26b834179804a312148d4f75f21a77d78387139da40c0a6293c2a59d0162437d68504f189ed970c5abb9ffc6d8e1be2b0877c7f24b1dc273b1765bfc5ce6f4b8d99a96d5b1c92ee53a39f685b304313d909c1ba8130d20d51c824cec420b0315229df295f75b453a6c131afaae0c36d7c4fff70623638a4f7ded5eb7db58d95deb6249a29b171d8ce651556dee8037bf4ca74453a4a76aab7cc07ba44e55de57dbef8542c3851ea353fb8e259ee89bbecf9ce8d8bd6227afc0028afac48a7acd9b4e8cbe982eb1475917ad6be4cdca9cf6e7cddd971b2924f2bb730264801685d387485e41993c3fa0af9987e8b52c21688fd9a9595ad8d1b9f41e0457be18492aa09f69e64e2954d1ca3cc1d32b2915cd9cf6862ca79c80beb47347c4cceadf48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab44aefdda94681407008ea48d03ff21e9bbb4ae7a9aa37c855fe3537c44106e8079f18c24d2584474bd4a99367660ce6f7e6d7c294961e174366e7babc569d5f80572a21a4bd7086629363e0c9ee2599c8b8863c96613ae6c32cc67ccafc66e1cce79654567ad08e62e9abc99e44d6a79ca4d8de15b7f8a763a4741676af0e1f3bd4e002c8fa1ebfbb3bd3a65ae68a80c230422f98f6e1e9837252e045eafd585ba389958297d59aea1e8e1f665fcbc5f7ff449996aa712dc0faf582cf3caf3dbae80594f9f07fc06de63d9d672d14d7ac4662b4a54f40d4aab2de766910be2fc7f6f679b5708790b5376498d3baf0463dca2f093b51bb7e9f3e7033ba0384af0174becc3bb477bc5e86959a12a5e8924adf0bffdf5e5b9c1cf24d232881ad5c05c5c0f50318ea83d8683339ca6a583c52198c00f7c1abbda282e7fd3b179297338ecf9c923a3a87a130dfc06164e9b4c1fe11d51b382643de44b30a6831dee119241d1b6f84f2484784fdf65e41f78c38e15fb4b00e45df1edc40e3467cdcda351a4c0a0185ac4649e91024377e1c331587a8586cc0a4dfe29e14004c3536d305f5dee0eeb8c2f216c1b8d27375b239f6458e08980badd6d82e9ee9e007578c0a3b48288d9ad0ec3c934a99a8c5741149af937dc82bdb545df26428b87fc935c05f1a4964a8408539f267e23de9bc498e2a4b0083cdb7c8e27de6252bfaf680a6d5b7ec1a6dac6d7d537334a95f1553324a0739414dbdb50445a767b0f589fd4c33b35905577ef5a53b0f097191f9cee4836a908748779941de2a78fe1bde0c2efd9f48cbf232ce101d9df93d3ed40d036ae7aedc3a5ff619abd1c159ca8d2dbda7de13b4ca62576c7f925c52925eae2d7500dc969fe14c0a335ff95a7df1d276a6f242765c781208d59edb5848d412b11638b27ce5a61b8209075976c2a6aae88f6e6d8704fe9e83b425dec4defeeb3cd311b8c5a818d51f917a8a4525361791d5c4fd5d70704d4b9fa9df1ea119882f400e682753a41931712c043c120a98f0fe786a600b47befefc9d64cc5bbe8a16c191490874e258760c9e4fd215bebf848e0b4d35521f53ec5f9308644b785171fc4cc3ff886e034bd833d59dbcacebdae8f00e43c151bcb24d1d226d1cc19ecf349361530a81ba3168af3df5536fbe52b3b93621f57959df298e5b4d3c14928d2ef7b9c977c7dda54242d17f8661978a62d94d565b00abc199790b9b25fbfd4a3ffc35c95ccafe35d9a138a2c24d17f06ae2cc376e822317f16fcbcd56e23f84ec135dc935e58c61b34cfbf5a36cb00350483b6bac786030e5c5045a6b61c9aba7dfaa4f7fb21897539863ee865ae061a77c0359915de3aacb3b5dc8cfe53c4d17b393c2b6bb23652f36390407922969d510cc97b99d1df4361530aef10707d7a021b2d9576b2d49ca88b3cc83ad1baa6d88ef8c81c08f8baaf515637b21ace9d5cc8fd9fe4ca6c3aa129caea7060791d566f4de8662b90f9e5d849cdadf9bd23cf6737b07ca105142663c30de27adcea11d64d433fe1ace84b0f6917c8b655f2a421602f07e0a7127e61ae9859c5e9f652ec82416fd2566f291f417ecdf99bf3231d02864e2e5a1cf34c13f59de9aa2760d8734bbda79576c62f566b8269990e9384a41c1634271acb4c7a8b768f276685c3a8c7f20872e56b683244b1af562c3e7dcf592a9915f44f886cc2ac5f679c07d5aa1fd69cf3a460f25c722073da336a310aa551062d92c7297002060072af2f3500b9310c239bedf45c5e985c2e0d60c7dd68522376dc7b560fb34d1b5089450c32ffcbff07b35a96bb6fe01259a06868d00af697f8bbb238d03d49570a109181c9576c1ea9d2ee02000cc23e63d6c93c6cf3050bbb15b6f73b09c25da62e5abd4c2bdb1110e1f25db39f04885595cd6a388c4726c8d4cdbad87d80d42fcaeae843e2e17f44c9aed25c8f6f9736c7ba1bbd3b839126de40a930024a65aacb872936e446114e706a868444cb140e53d976816983f3dd1d57eeca01eab8211b7aa8ae99d26e35c06ea4b226e0a6e52172a40e7f0df5f67759ae2ee026749ba10b8e33694c3e01a001526f9d75f6c419cdccece3ea3f78d69014e509c741214581034bbc7e2bbaf76db8421154abb2233117a1ffe2786b21424576e295c9baef262e80fa2edb69aff800b3ea436eb827e8adb73abc48d740b86c69d557b16e874038598b25f616afeb4f4a900be7dd0d38b5b6fb4259c51a3aaf4748d7a445f518485ed72b25c7df8ed0906b74bd29bd6a5724ac3a503c990f3697a5db484821f68718470810862728a80ce34599a41fc5bd8bb46dd845a4812ae1532c457ef4211d0e41835e5a6f030247614822571c930c727ba397e723d6b3aeba9244f054e331c82e65b74c9f6504c74b4301499a1a6f6269a3352aff57f88442d4eda42a82ebcf7776c5629f97d6160bffdd8282a40ce2e6375b161e4c22ee53bce7a45f4774aa827e2da657e1a1bc07445f0bbd770b7a5a25b1b469fd58715510dbf8d97af4e1b9459a20b08a8d3fa9d92feb32db95b22d36de0bc8b1c397b09970a6826392fd8392b2d790dcc1295888f42ac81ad213c7328b2324b28be7cc1f4fb8414a7785472f1dd3e11d66017b1756d1697be92490e15f056346d7e9126a1f35fd76cb016fe2841c8996a3507c4fffe7fc45026df10b03b86fb6cf26e8418926a030b5fa62748fbb728fa19dc2f8947468c1477750771e442e4a9d25b76d359211c05df788ade5b7824f8770b5dac0819737dec916ee59b28a49666ee8b7ca81386eec8049542f18a3207e51bdbc291470eeefecac385c096a | ||
| 51 | MD = b70acba01bd715f542859a4224d035eb177fe7b34d5447e099acd1716ba6d00f515bd02021b5b3015d736b04687544de | ||
| 52 | |||
| 53 | [L = 32] | ||
| 54 | |||
| 55 | Len = 16 | ||
| 56 | Msg = 43cd | ||
| 57 | MD = 7c5f9ed821a021ef1850dd4e0b179a656fbe27b104463720f467db32bbfab5a4 | ||
| 58 | |||
| 59 | Len = 104 | ||
| 60 | Msg = 5f75a437ce0698a7d8151c3fe0 | ||
| 61 | MD = 774782a9c3023dcef8b2cb83f7994324e3cca35323419b3914a9b6bc3ace5ce1 | ||
| 62 | |||
| 63 | Len = 352 | ||
| 64 | Msg = f88bac738d1e3e10f75e46e3fe026d7e423fdcf3d7e4028b33a291bb4aabca53f780fbf99e0346d610d4a38f | ||
| 65 | MD = f114f1a390bfc30f34652751f3a38e8bdc9597625e363689459b80082eb34009 | ||
| 66 | |||
| 67 | Len = 488 | ||
| 68 | Msg = 832e5b78a73a1012ee62e00621db7f4d248893007c6e5d6e0e689c6b291baeebc72df9cf10b289fe20e7fab80a2399271d0ac63766049da875eed56264 | ||
| 69 | MD = 7d00fe393c308eadb8c0a4f771d409e17c9a796e63b45fc8e84c0cb2bdb62532 | ||
| 70 | |||
| 71 | Len = 13976 | ||
| 72 | Msg = deab57cdeb41974037a9bef5e292894038264eb4d8993d4d1501e6ef9c68fb0f571f57b0925640925deae9a6317e3bc4d6cdd5a0833e52fb48baca16a9ba9b6c8ca469a0555763b54f04c87d4e41aa549258f30eefe5a52d2ba06657a8773b0842e094857b6d8911d6a0636280025e56356fade362b4bf4c875cc19be0c6644b447be0454dbf390eb966c03e10e9de3487b90d0825d327c12495e3c89ad09c9d591e55c91376fb14c2fde9f7461fb25450df1a65806b65f3caf4d5c81ebc6e664871fcf915b9578bb70ee6776acc62205888dce2baa4024941209e81b4b35f0eda1bdcbd9ab1d6db6140bda4c41776fe675d5c681da5852d50c246dda4ddf9fdd7c5fdfeec85ff6c883c78689c2977584406a1ddef977606c182d6c33561c39c071668a2515e5aa6f4aa1faa392aed95b82ab32b79a15e3b5a07551ab068455131b72493126470f26c30b852e4415e1d8b719b3803ecc336e4facbcc5d1908851f4f39b776bec8b6b9794d47e5965458858560eed5a0305e260240c0849d93a19787b0f8c795eb5ba32be573845256ae6d0b0a3336e42a1beac8bdde6d1b6e0b6207903d4b105f4af2ef89bd099ded870daea2f170e03bd5f6f4490e60bc222d4876e16d4c58aeea6e6c400dbb9e9f4b2b142f0fc9bdeaf4132ded38a4a8366e107cac7210945fa2df4b124be37ef76290e5b9758aa3bfe0091bb0448206323584c2f833e0edfbdc0c33075fc9647a3404ca490bfab94302a0679a1a42fe9fec6af0cd98038b09ffbecd2832b579b2294f6ae5b96328fdc0a0b9b3a32cba04fa8bae3389c3951173bdc17caaefe526aa386f98670b177683d0b804c5875fe9c7afa233ee66349c9fd1b60bb0becf5e1d887e67fd3baf34b4f90d94699d18d6bb9d77d4af358f31edc254de2d6c5fe3ec07425c633b18c1b9e3606b78b40b543e1fd31fb578cf58c45744fc073fbf3c7d7d607e815379a5fc565892d81560eab8fb5f1ae6771b998c592e6d288014f13ab283d53fcbfa66e31a9d107308402191fac2cf2b799c7dae91b93a7676898b8a6e516a86eac58ed8f6d8ed2fd4d38031e4a4466dc8798b90c48e6adb6b4391d47872443cfaffa542b4b132f6c3408f0081af8692aadb4c9bbd55053ea56d8b82998f6b4b41d331891acfe6af1bb0d6679989978368ea463743b514866d2d01fb9950e8990867bc14f1db1142254adeccf3da812949cd03cd1d569e9d0bab7ca7405cc21096e3cd4d007cbb9629372e98584b4c6b97ad0bc314e1ab6ac71184ee555c01973570ed9b115bed956f9e4e349083013098b1e483f0fe44d5e9849f38a2f7ae152b36a266ea1faf263ea8c706632ba8629602187379546fc6b82e57ededd6d074c15c771754710731e07c207899eb47e8d7c72ffd768c36257d373375ffa06f9b3f0af11417f9ff9f9b44e1f1f96ae8aaa429af88b14da1da81c7bb38a0fe9372ed6a9ac6fb5e9e56b82593d94c5192904450227bf040b7ce0904789f979845e112a1f995c849ec3f7e49bd975a474e8201630f40fc0d80e76019f110ae158cd0f8da96ea4561f24237d8e795ebf52368218bff3e9d5b040ecd2caef4ab1e7127e53bfa2b3b4fb74829f9993ac703192aedef79dd9ad24c2c976638b4575afbce22ecacc273ba43379ed55ceeb51838b0adb80585bd1b5f2707ee16b67a7232adf7163415b24b9ff9dc94b7197fdc89e2a90d2b9eccde45e965edd064dc0d1eadabe11b8ec3aad2742b5d3323ebf913a92817749090c20758f98aef2544d4c8b48874e8936d7ee492d5585675c214deeb74fd67c4d170ac5e0aeefa607c6e37abd4f8238e776fde3921afab75cbd8f392d3e88da057903ce2e140797f4a85737bd89455e6aa27c7535687b78cd0ea59848e006c8de9c9c0cbc7a9f5e977be850adc710503ce4ba7c7bd0b042297f518abec6c8ef451c33e030251f506cbc3744228b6bb4dab86877d9e6019a0ea9f39ed37557b3b5527c171da5f013e0d3c480a038cff2c087d6e5d41b17e6c8f90c334b5e2b9ccbe9d4efd99fba1f907d00a49b71b5a08aedb644fed24bcf04e71be67b03cd20d53ccef8f854f5e9f7f28c1e98a8a53496646713bebe15a93f1ea336e6e8a4e68de5dab0fe880bf983eec75d1c5027357f6669e098411e0bc3ea2293138f5b34425f78b6508b94d4c0cc32ee9afaa409a26e5f2a1fddcd6d5ff42a89755a58b08f243957a2e208e24b055f51992ab447bc06876eba169c545fa71b88a0fc15d1e0be9d334a1dd0c86f44bd149b42c07608a9a30d0b7e13574f8d862f2ac72b2ed38904d7cab194fdb9e4dcb615f5610b24e202a36866baccac01fadb575df11dd43e00a3b92fcdd8c7702ea49d951e7dad2a56c075730b4af1ceda2bcb2310256f28312579fad40ff471336ea6a44143edfcffc297258d48bd2ea47efab8f0dc00f1e6dba1a55009ed627b7 | ||
| 73 | MD = 6e5905b22cb95e48b73c5a885f5463f554d81257bd26301c4393d57fff1c8323 | ||
| 74 | |||
| 75 | Len = 48824 | ||
| 76 | Msg = 5223e2fece634a95e1e7c83ad4a11a0478f4a41572bd66c2d7902cf4f94404cd80b1f58fbcb8eeba3984fd759410c12f8ee922865f363f684df5a8787c87ceb3086fb8535157f7f39653dbf5c66ae7219253838ec77cf1c6db518225c5ba0a8212e5911236474b8820ddcb8111b87320adb82ff553986324aa2a21c37ce4a083c89ce9931290d4c1fea933e31d014d7507a28e83aa917ccae10bed1a490e77fe501b299f8e3b78e659407ce1934d5d68c7980800746f26ffa9794ef1d23f793bd2eab7fe524e213e58280f441ba48b40162305335b3a480c2afeac11c27f8d817792fd7805d4b61224eb52d35c0fbf471bcaede505fbc9398b216f43bfd69b1a669a61d44fd21faae410af58ff95e1c3ff1528de1aba93cef56bff4d714d8c4cc88a4ddcda52444ec1208d99ab3fd9fde98c1ee6437d8d138f62c5f782eb4660c5eb28564b5b0d46e3a2546009148f3d02b837c5284e9f508290270b97b9b29e84445a0b4df662d9711e6b73c11cebcb7120dc427034b1ccf57d8e4f5bbdb84d2e1d4bc3862a2b51931d3c9a7a5fd6ee5f4c7327c338abd011af638d730141b6eafe63469eff50f473262e9fdce636eff4c5663acb6075a4fdb00c8b8a8d3322e1700a5b3e7db90b36c1a94991b8f51657121b442db6f890e208f312466778d73bfaa8cc0ead4edd0776155f3eddf9abb1bbfc0c94421adce83d7ee94f99f61e1f25a55fb596f8b40ccedbaa8e5e2cf629496f5ca60bc4cf36d917da4e2b973eb57869dddc409dd66d5061f22642743fe843defa0b19dfb2f56425abeb234181267b5c0d2ab4268c538510feb191bbcd1631b0af6c7451cd4c641025cd8bde2d9ab6e6b948f97c1ee6f35098d553e8e9da9b4d437125046864633f109d6a558b38b270a7dd1785d44d248a863a91e3db5c0a1d7ec133decb65e81c3402c98ee329f660a092172bf6b1a02491895394ebc506882805a6c93e767c0e58a5af717d950a206c0f0055cb39ed88816a9fe3613d15f608e486ac08bfa67d462d24e6a0a37716d3fbdaeb9c0e951c1e847fb884ebc1cfe707dc6e7269eed1c44331d5957bc4ac9dfeaed4b157204a3080fafb9df8917b8d15aff9c49cdc739b8fdc26a546794991c183fa523d14797e051894f48b0d62c2b70834467ff9c993b82fc1152c1f5479ec6144c7e8fb10d1bce26bd1cdbeec4e95ee073f3bcc3c7367328e30543d371b27509a577f5c79f14d5f687ce62b82f856695af9f7dd350543ec763de75b593f1859e44c2ac01ba65f98743cfddd8a89a38115badcb51a0ff5655f830c0122af6a830aec13ae5eb89a93755b3a5a6eca233f21cb12db545a24a5334becb8fa32c3d7f5805faeaaeea85a551fc62c94807faa6474c0d74cae79b5d8ddae07498fcc5b8b4f394867112ef5fad1c9da66765ecbc7fc0f3269d29c9c38817c77778f2c19b5a3c705fde9d76a4eb86aed4a7369a832ad267312903462397f7b8fecfa8b195cc2316cd53e48c3371ed2ecaa3e484b8ecd2e22b1aee910c51ed5d71198936266f5a00655d82c089f49295feda0a2bcc1a54ec8adf565acc3a8b2d74c30eafbbd843c59e67f293f6d8296cf7b611f01b57dafec6e2d4d411a633918068c38ef47b72ceff1fae772891141c3bc496824509d78165c1e4cd4b4989321a8722643eed69950dc120fa8da3e53c3181f252d7c4cd2cedf8f086f788ee77a98ab5b019828aa02108f49ea4a51f457f7adfd2220d3e59d5f4a29194e8f5eac40ff80312ff6888ff6393c3fc0914b08c1b9990d247ad80a441558db1ee1203e07353dd99a885a7ff5d791af2548815dde0ca1f56f89d39ef6b93dbcd0cd54b854173903c12649587433f0425fbcbddfb66ebce3eb4800dfddfe7fc44d9b23a3916b1db68c187da4dd13ff0157352814b1a792de7fff855761abc6fb7b93b48525fa90fbe3a51dea974069f3f5fdea86387eccee13f58a8eeb8abc6a43fd30e9788c3bd9ae1751b30a82d420225b2abdb1bc121b9073380be16107188d20be54f2e9c658d5b443869ea0e991c496104086290b6edcc1b656adf94f0d42458750fbd8d88040c518ebbb644f4dc4f7c6971d8d60eee0272df7b51a3d5248b4b264fb22195ad891fb6ac994ae5c0bc6714ae0b0b9a484edc576638b78ee89b568195a8f33ed8362128c30f9b0c7804b3ce1355abc96b15aa55c1e16a9e9ec90d1f580e7cb412a7e85d8585bfb950acd4de5865214ce4db7f6314d81784c588c1482d5f28c5fb62e7dd7aa8237ce9396ccde3a616754414cdf7b5a958c1eb7f25a48c2781b4e0dba220f8c350d7b02ece252b94f5e2e766189c4ac1a8e67f00acacead402316196a9b0a673e24a33f18b7cb6be4a066d33e1c93abd8252feb1c8d9cff134ac0c0861150a463264e316172d0b8e7d6043f2bbf71bf97fa7f9070ca3a21b93853ec55ab67a96db884c2113bea0822a70ea46f9ae5501eb55ec74eaa3179fa96d7842092d9e023844ed96f3c9fc35bbc8ee953d677c636fdd578fd5507719e0c55702fed2eaf4f32b35ec29a7a515bbc8bf61f9baf89a77aeb8bc6f247706c41d398cae5ec80b76abc3a5380001aea500eb31b10160139d5a8e8f1a976dd2dde5ce439a29dba24d370536a14bb87cf201e088e5e3397b3b61477c6a41e22a98af53cc34bc8c55f15d7924e7e32fed4d3c3ddc2ac8eb1dfc438218c08c6a6a8eea888b208f6092dd9f9df49e7ede8bf11051afd23b0b983a81bcc8d00f7d1f2b27cb04c03aeee59c7df23a17775ae5984eda788eb2015680ac5610fb1380b4e7d7a9cda6178dca98690449f5551b66ad2826cab2b662f56903fc95b4611bc86f7a834a34ddc3be7bf142c8baa096abaa3cd51ad0c0b6d15e590eab9e50a4c60c91061f1ed6373d91974c1ad9d263110a0d43fd8b596396cafc0ae70b7ac24a59bba090a6994ec483db7ed4c572f723670a11c724e8ffa2497d8fccae37eaa1d14ac1537eaf80efbd2e597b2ffac97f2bc3cd2c4017f170544dfbb0d9109478fddf06ec0981542bc8107a725be25070d2cab4716f4edfad75fddd582ebd363c49e8efaed9a76ee51f22304eebc232a4f67f865b04f610a628fdb317116666785fe8ca30619a07c83cc449855202d687f162b12d93b63af6e7ddfb7223d4ab998a5f450523c1d521ab76f4aa113cc2967e04a38dae07c51c2d0f44fdc8605c3c53ccee91a2c73dade5dae021cbc87d5cd6e5fbefb65335827311fe1e91921ecd66b2055a6102d7a976308a80c44e6d47a67718c84f2112d65486a558f1f269b91d9f47e3e11d09c0c748625bad2718e3674898abdb19d3644bcdc9317c09a3ac02f514b2a57e6a706362e5f6e8fb16cc83daea0eec85fdc8c367d84c9230730291440a4b109f7034d510a3f70a22dd4fa69e8b65e5fdf87045d560eec71f4e59531c7711d4f8917a96e22ad07346d2f92a13fb4569fa6a075da6e1acad1eac1cb2ef19ab452264de2357c927c6dfae6598cbc821eaf3b8da754ce91a96c702c95b2c308bf3a550cbf4d22d417745b5f17d36608feb826b862747c59d26a0e8eb96547a1852f9fbd095f1c5d20721804941d462f3ee2f0876ee2825c8df24c4f00f0844e50588ac688127013df8eba3c971362dd255420649245e880212cb3d732fb82f866dda090040f28e09cf1c86eea5dc4fbfc373eb69745b4afd841ca8e172d4a8510e7698345fd4cab9ec2ca0453a274720bb2d2e5468bf0d0f85919dd762fe3df969e6c071285e25c2e2a49659b8a78289aee655965bfa3cbca9b292a19a855ec40293185354ff4da9451ccf98abfda07f1137e79bc89d688963081dec641a99656b040637402890f185edb28e7e6a2f65848a6af158f90eea440aa6246a2e6c31f5d220b9846aae2027afe5a7caad6dc16b56463367cd9e73bf22a1d6172145de4565ee369c55e3b99ccbef70fb080a3748340fbe8f6b95ba46e8b76de5a3c4bedc37c55ae24ad02267da26769a3a732badac2e0f3a5393028dd54d78701647582cd04c8310e9f1ff1b433125229547130e1737a1f33604f0d670ea7221097c3eb9c7fa4b8293d7b429af76191ea8e481dc1da31344537a09b33404d782eda1d6f5775500c1d8efc615778baf0905d9fcba1806ef986c40b1c6a72335104376b58266c36f5939a8b95123e8635c0c95e80aaeb97379b1179d6332dc07539b595ec32eebd3a336a1128f3cf2e2924db6d8504a516b62f26d012b7f75cab765c8374a3824da5a405746023b51894649ab422d636513ee809fa181d5b6fbc63351e37a1b14efc8f739e86ca78ae3e280f1c9e4824b2976ec4dd308ede6171a7474c7f530128089bbd75e10f9e57ee17408b4384f99f886a5f63a2320a9b90eb9bf692e1fc449171eae3bb1bb17a6ed937ea57af3c82db84e073b5306683e1d63705b9742a085fb802cf5a1639818417fc2223f476c2566351f4b3b17a822e11255f3c3412dd39190e200727bcd3f9799519ef792ec7c2b0b9d0e2dccf013d436dee63483c2ce83c15c00a76c4d894a60cb90366ecf9e61221ee8bdaec66d715159876d8305b35c81f96ab2cd8f81f4769e9a6e439c08c329036f5d2591ac42f2747bc0e77d4e566358a3271819b6003b290211b9b847ab70e906aed9f86cc38aae27e1098fdc3bd5d84e66c45292183f198bc329cad794aa4e430534511b7d9a75104061b409676a16c1146af0a286e2de8bf51c4a35193581a902bd3224cb9257c961989042538092af92644a63d6d6f6872a29aceca39341ad29dd22354812c4b7c7068b039ac9ca7e6358e662a28be001d4aa697ace540cc3ed3c97b98d8c5a6fd3543ae9a7962c9229b14b0b646229807747064be3e83191cf24092dd67f675638d9f6510486379f47f5eeda870a3187946819ec9ed05e7b325bfd0eed5c9a0f4a2063d63c1a8a0a309f586c94d4a68bbe860ae9599ce204c92cf9d92cb460ff99cff9e5a8b3824786360e1e1861e71158395faeaebe7aa2f61f76190f174aab9a313f0bf4f1befbbb22768b8c22719cf3fa9ec908b576fa4bbc084b1ee5b5a7eddc89b58b45ae7b421d38215aa6e49304323eb4e202655f3c8b16ebd6b03058e75a907ee63fcf6aad5eb96c1e5faea81b88b5eee525c4663af52877c0f759432913b9d48030903e7f9f70e851cd4e20bc56aaf36cb02293d992b38b583b8f0b25a08c3303d8af5b1b37f5127f7021b13934645ef3020e5caadc5e7326ed4ff56f797e26cb986b6512b0cc76f1d8e7be44aaa88e12cbc644f14a7feb979d2ab66907063c51e052d0f8b25d827377fecc5111be0d365e08d17f559e3134cb9db294f1cac03150f4232f853ec15ecde55fd1023b58e83934869796400088e9177e85a2227ee45addd049c1d6b03e5b29dd570496fdb2fde7d8cc74fbb5fe76266ebd90a3b4d57e6e6cb9f0bbdb7ca03ae955915768011c714c909a27ee20135927af55d4feaf2c345d029a54af942da6f85f2103345d059f66864e6b0578111e2ddd5a1cd8bbf4ae35b60747b93f53ec8ec64c10cf4149909b102a2b88712ff3e5ba3611cf96585a6b36fffb64b8c37a114d6b16a53879136eb0b5e003a5a068e3e8422a4fc8d7c77227cce64ebafcde2437166b62ccf486660a7a2ef37012ebacca26ecd5bdf363feeb06aee39050974c25d6a564594c67f56fcf7ed48b07fab4e25ccffe002bbe460325abafe37f23dd9c145b4667f146a1635e462330f02470b35c5a2519f1350c02b263201ec9026cfc57d3659373910e878f2b6c1c5be774df8e01e775d476956c257bd0ccdec17ee939c46e5653d5813eda752ba7bbb245a99a5db1ae55d19692074c2e5820df97c502a4bd1b12929e1be8e9ce6d802347c3e9c4202de6046436c05ab55b2fcb2c227adade6c2046d98102cfd0d859a91f8104eb9f6f155da2acf93df2405bf2c083eafd3ec41d60b810e0bdef6298b21193642a9c0c646bc6771a5c61a25604d96bdb727abd5a7ebe4ddb2a56a6ddece26d8007b26043ad44279c3c8ffb7e6ffb3cd4e10ea2780f509a8a9bc31f99a7e66201195f1543a0a020f754d9a665a29a896faf673df6811379579891374c71b2234fc61e95d4d46f15d44bdb4d7c3b3be3f46410ca46827b8cca976d8866e8ca33c4945d5c87b705588b78015b529843af0b75a7e1e871fd276c1e947d896b92e6181ab7e3ccc7077bb57fe85a6958667d3d7a790f6cde1cebb494c2912478a0eca2bfaad62492e9f1caaa0cc520da08c0d2d910cd44255f4c2ca0646dc89e789a1cf9a28e2f99315d33accb1639cbaf0c94181b85fef648bb4cc7f66dc65b8e90bf5f3b763e58520098febfe7e47bddc2d9cdd5e40dbf4ddb8d51f51bde2e57432266d248d13ed09e62f66794d188f9861c50ec41f0eee30f76f4ece250956733ee97036098db41991a4a3eb7816196c8e447db3a2913bcd992174a7bde1f42d57c764b47f5bc09533760c1ba74943a0dca291f2746bc1fcc573f9a22c72a5eca347b1679683fbc8f32b08d381baf67b7266b14b3ba46a04a3ee45881ac452f64df1bf17f70f4cf9fa4dfed9ae70184679184784a0451d2f5c19c02031e0e4957b4df68b4a069a6f6f6458f6d773924a1841ba664a55c2c3187dd33416cd410e56e4bf8d3671cf737bf67df2a4cc4dcc786872b9e2dc4009fea0e48a749353ac053d80e36357d24d468dd595bc823017c015d7450fe38149370c5decf13b00b6b0e0a2567ac08b45f7b0c8a7c89d227219d051d17a706ccbea49a42035cb327381568eae23b5e2a3b7e8beef6f260d24ab224827ca8ee9d640dd23eee94ed02c9e26abb3053cbfaeadbb1f365a24d8769d92240da842e0b361524020b5c9c22a2fd8602dc9600aaf02b35344309f6bb018a94d4cbc9639ab7430657c4046f0b25df517e31626abeedd58c2e19aa0ae1a43ed2bacad91dc04a2fdf9cc33cc420f4f04379e95988ab36731d5d5402d89fb47e826f4243bb206124364d63564a0872f8d2826eebd9046c7c6f2e7c951e49d4b22a7eec89da1fbed890d63ef15f26422185143c89da3ee269f83e1de11a7467822146042be92295a585e3a09e720ec522e1cbdcb41acf5ac45ee892677ba3ff670d71339a76ed98237be252ae21268e756f05ba0b094a1803f9da84a8a05d0ec9456cf565e1b548cae95eafa0fb01f091935e6eff2413bcb15f605f15270408216fb5b41ed83dfa1454c522375e35bdefe54275f109d0ab450636ac4d8e4d9e27f2d81a15b8cc5e98549254a1c9162918db3e399118f5864774a9d6a2347e1315753071eb1204c8bf5f52b1a0da37e484ebbe545fdfe6b031215678c3b83a19a24d7b661f626beb01eb82b384f02f42bcad4f40addd48db8a92b90d2297e6143702056123286617f86fbef4fea940f648867d790b8f803abc5f4e0e3f4226954c296afd96e287e21b7243d05e743161810da578096521805edd81f68a45500f6a3a1885cb1f45cbd399dde024df65072eb973c827fca13eeaa3f140842016f509aa9ab4603d2457c92cc9aef24950697a0044e3d7c483b8d8391886cd50dff8c2f16de3d6caa7f864c1b3874750781b2b78b545a94b4da0b0036433c6561f5cfea50eae9f5645302eef18238473606e9b9931880d0f6368fa9970d1ffbe59c4454bf97f4a5e8091801b53ee4a209e0642d83605836f69742071aaebd9d813b10f4ccac03851ee9f20cd1351f8e68554c9bc5f58ad19d474ca128edbf561d195e52ddf3c19bee3bb597ac2f92143bafc98bc09fbda6d18dd4ff2a93cd2ba17f54f75c32d3f141468c2baef4e53b6a340286dc2599bf7bb002aa86688e26f5b51a6aaf32e48ffd539d4f3f4bbf0cde2d20138151c82384f9ff29a634ab4e0103d93340bb9a7b0caa108bc7fdc88d7de14abb17e9efdad2b0f304f0bfcbabaeb1b9db75959dbf54930e67aed3a9c8309aa90506b6b9ed4f1d06c4ced19746e206e1e9b8879663bf56bf6c5c920ac5e09e6579b780cb63e1875ef0a731b726864b7ae5705a2d6d343a4a213a05928b7337a59f900fd04472382610e2a8d25383c9ab5804d609e79a88d70eaef3ea22d3aa9100fa2a6e98e97684ade9fe90d6bfc59dc9dec3d3d8db8990bc2123ba92e64253235e9b4d682e8aa04e23fb9bb6248a77c065e93249de829bb2fc5ea9e396461090222816bb29bca37bf86698fb995f62c50110cf418bbe2078a56c5f1ec9fdf3d0b09a719ac253b5bcd00932ae058b86611aff51c8ca8448978615854b69b0216a6eb8050ce199fd9a13aa0fd652570a1b187f61e6831b3a960521c3705da8c5e6c64c7b196ed4a49c2912d77b670b177c6458a7a49ecc1ffd8c57c0978d2a05cd1f1c7ac9514dd14b7b0933a52cefd40b6452ca0903df1f55828025c7e18109a6e0f2ab25724cad2d6f57cb5d894a6a508134731e9b9c61254f64990941f4faf97394b634b91860cc6ec346aa666600d323c849ea4c4a0ef55acbc56495ca004f3fca42ff0ffb11b0e1164c95ab89bf1db3d4f575ff334d4e0d7d50e0c54c422eac5ef78c5a3be95f2e18872540fccfb597211ec79d9d47b6cf41e385b9c2e92122167fe584210f63bf919c620d | ||
| 77 | MD = d7c901f0d92a868dced7e2659e90121108611dd7781325fc57e5c336c2279510 | ||
| 78 | |||
| 79 | [L = 28] | ||
| 80 | |||
| 81 | Len = 16 | ||
| 82 | Msg = 3dd2 | ||
| 83 | MD = b7399529fe614af98f9ecd73e45790406883cb22e3bdcdf28fadd033 | ||
| 84 | |||
| 85 | Len = 104 | ||
| 86 | Msg = 3d232201038fe7d846ac1bd4c6 | ||
| 87 | MD = d0aee5482c509540a4ea4b902bf42fc8df3af6de42fb14e903d1b2e4 | ||
| 88 | |||
| 89 | Len = 352 | ||
| 90 | Msg = 44c98cfc71f82215dadf494d68d1d6b92bb4eb81fa0fbf945a659d9aa2c2302b5c93fd3eedba31e479e29d36 | ||
| 91 | MD = 56c22e6066cd4c4d6415c5a225257e7f888b317ba4e98eadb72b4be0 | ||
| 92 | |||
| 93 | Len = 504 | ||
| 94 | Msg = 02a5c7b1b749d6d49bed302d9439f23ab83020bd4d573906f4190e74216ad33aceab775f71cd31092bba5cfa42f0845bd16fc1b8bed6434dedc92f80b395aa | ||
| 95 | MD = 33a84e66cf1ce6970c35807db25e05ca05809e53d4e34cda9bfc0045 | ||
| 96 | |||
| 97 | Len = 13976 | ||
| 98 | Msg = bd70deb2cafa75918308d703a6783fe9dc5e3d21de9bfeb6dbb1cd531ed5dafeec463a02abde302d4ae6ab3cdc2f0f94865e38339c88bde507ff71bbea6b30b9851cd8cf599e950b8c8e620c90adccba0033f934ca66ea0a936afdad575bb6235099beff1a632c9114a8045a0919fdc21083880eb05c0d8c489c7810aecef4a41766f67c37557e28a9db9a0d909c2b167ff7eba79693afd3ee3aeace38eb73a5a02a882cf89b123812cf2a0f6d5edd1d14362ce9c43257474def5cce3adbba8cb48e7af9a45e702a182dbf47e8869b3f99e953ba81628e502c60d4f8ffc551c31b3ad6ca85c52164839d5e9d493deee4d4b76604174bdb5655385d34ced2c1b09dd5a486e1f9ac501bc611f9d7aa5c748f496faecc14c6c18e1dfc6aee2991bd0207ea1701219955a751df43dbf66f57904675a0e9e6d7f9a0b8bb82a8f44951117ab2642d6671daf1e5d1639d48aff6a05781c2b5e8976653b0a164445872d393d30355acf0bb49bf2bed4265c9a3b786249afc7a438d706eadb6f90a7f93ad51bde6d2c8e6ff09dacb3dc67ba0d3030c54c8367e1e4280bb5903274191344610de61c3c770c6820a6cc9d826f7c743f88f13580ba23cfc00598fd733b5dd069bde7f10f2b8961c16b69761b0f308dd137f844a67f6054e065863f226141755b96645a291e3fa3fc853b2475fbe1d3b25ca22f4da4425dc95fc855e63d6699b311ebd5fec1c7753e6e81f747c808ec3f618f63eaeb1221075edff0532225c40ccadee304a8997c03920e7ce4e60e4df4d120611296786516dd4d9cdda2077ac52bce0fdf552e1ee89a0133f1f87a6f6f35f5c53958ed806465919a0a5fa42488bf29caf33a0dd469e13abae351d5c6fb1a800ee384da199c823c965d9d5457a3ef8292c4d9b142e3f1fb502da498eb44d95f8c85bcd6871bbdbf004bfdc09ab35758f5e8b6a0d0f366c3b255333c52c8fcd4ecb4536b5f6e72897649f3415443612d72c3436505249a344feeb04883f41f90ade40af119014b3c56fc108f1ab0a77087d9226665d416cd975e9e4605529c032e8926002a70924820c6c7e264a794b2a3beb63d69ae56e017294fad4d611cbd0d3847212a38f22d623eabe3b884a36464d8814286fff52c4dd366f6c2abfc2eb865e0dc9ec6e55ca9d81f1b8cc47e2629bb162e54655bf2a9e156ab0bafb4b8ce96858aeea6e6665607a3f268036f4890dad759486b15e3c9e791429ec8f11bae4ea7c490656fdb0551dcf0b0be017c08bc674bd97d9d701c3ac955e2941ba7d5f2ba122a6f0c1b164b1caf2d50df111fd4287e9e195d181f6f514d7dadbefdd4274edc234025b727680576046842a834b6ad89eccaff5c5209bb91d652357e3750d8bb0165572fb71d09fdfc60f6b1e5d868c67c0edead427e7aeb734e29b96e03ea174b6b1af523feacaf6bd745ceb1bdecec9251958b7f521182daddf62ff6c4f58977adeba81c616ff2e937ca4f16eb9c44e63f9e974709122083ae45524ff87d7a0cca33a90f09b660db0efeb393c61967de2564315827ef1cf42b71c0f822f471713c9d885a3c3281d7c95dbc96f1c6dde0af70ea11232b00a2d215ec8de8fcf84b6193b6ac9d46de660361aabed3371fa44a6f32107f3854262eac355f9ef98701f580b4649175cefc29950e7a0eec958f629999c4b0a98fd4bdaf5c0bd97c963b551f2220bd41ec00b8726836e949e818a49aa1ac5bf12c64fb9991111ce8be3e0cb9605f753dae1a4c84389416f17fb66cecba45d591b22d64e5a4edcde067a088d9ff7f5dbb9dbf324510000c55d50f480a640fb22da9b4862dd81080d61af9560b601edb5e3346263f5f193df97079a27e3f9876078b80ebdcdb17ca4c50aef0c8329c72a7f77584cd963e105eea9c28a2ad4e95c1d018e27d0e720ea59147f59ad796b80b6293da8a55ed47e8abdd37221db0a5eefff31688e2adc294654ab0fddf9c1ffafd4783f01eb539492cb35a77315d0ad19395f47b18298a7b353dcf5bab0b2f193ff73d99310478d2e5c4ff1c68a2493c138818edef73caec9977bd4eda6249c8933953e06d796b288f78b18c343ef561082fd03bf92b084afaaee741de3004abaf746350048294bc52450e31147173f2da13d6ffc5adc718e149f9df3702f414dd3ee88296ae8a0106b071b589e8696401da7993d58a9bf8e5bf417165498c96b4ff5fd2b45bbf88f551688425122a3737ca54b2992fdb4d60957a93097222c3cf4c45dabe18b9d6a69e6f27567d5adec489e4b6812c29a8fa52f1de642b7b0e749c16f54473ed5ca2fdf2199e885fed308fa62a3e0deb7e0b8e439e25b3e9f95d755fdcb7ebee9d73069dd57dd1cdc5145205882023b54f2c9dec6cced9e3f6d24e8cdbb8ef121b8f3eded574d81908e867af5ac82bfb8ed60848b4bfdc1d998bae3a9ca80c1c49601d11a40409c62b1536f01ca67 | ||
| 99 | MD = 60700d4ef068822d0fe6df450b4aa8e206b2790d6dcf973229a59889 | ||
| 100 | |||
| 101 | Len = 48824 | ||
| 102 | Msg = 5fd54472a44e4476d254c0940071ad42dc723354f76ba61f63fbb9df80d1ee56136f51b6982e66c1da83602fc08093506a9e2cf27cb92085ba5c627dd63f59f8850e91a1d86cb1d4ca38ad03160f3c584b128d9b21e935570e086d3815307ab8df396cfa0c100bf6cbfc0fd7a8258fa1a656bc178e02cfdc868540d8e5ad39dd46794a8bdc205e710555ee7421ca7475a4f3232e6a0cd55d4b5d4525f0bd7eb1e455931aeea6918b9fceb2a32706d31a6d7028a85e102f228417e2e7db68317ae155af70eda98c8dc1ecc32a62e294d92855354c1114c5735a3c81e551b63a81650107557f3237bf953989d17c65a0fafd2bb1e32c237f98f55389e8f8b0810e97e201914c487a68403c6d621a98ddc515780435564245d87ce462b8785def699f7f06ebfdf33dd1ed7dd5a3e781348298c7950a387bff7d1878731d7ac66ad9a6607f2c3a3b6843c2852a5e882a8d78ae9dce2a79d595cdf09626dfa6f1dba7d40ed21caa29e304e7dbd559a89bd1f07d84165dc259ef112dc6e2c5a3e82b1c50106983f6c4965c85073c5deddbe6323003d56abb0df590f69010981ab3407e43eeaa29c6156995c492c931fff1b686eda3741a0bfb9094747d1620b2580415d431ffd6c02245f6cb03e39f87e82834dcea59355b2ba663ce145d2514e15e2b2c60cf518ff510c6c3e2f16d2dc523832762ed8352a320462ddd4d6fe755350672038163d996b44ed3b85d64989291bdf39398cb996de785b9614ec5d4bd73efcfa37fd4470b17d6240b8e4c715759286b04c3d7d791e2689927c9f18320ff2e6bc7306c805e23a5de66eced5f1a630cb43dd46db515f837f6b824b99b86c10b6df7fcf22d97be05284edf0e0be597b3f9c63556db031339f79ac9e6c5f8a1cefdbb4b30f5bcd23c2a4dcf791cbfdd6460284c5af0621ab7c5571e40a87c87be459c85ec81d746930dea24f43bb11d6611ea83409d3bf4f987778d8eed1d5b246a2112ef78ef0252f9ae464810c13f02359441d289958b4766807d9a3be0054897d35b01830deec1151f9e3d42f92b80f4aeedd65c78c6e98afc562a3bcf6d72f238c6e94a38f2288ac7929a7a61c92875c1f115c0ed8d261a727f0794f17ceaa3dabc717478f6ce7f2e8b295f000241e154b4575bfac8483f6b62f9ef4e18f7d341a65faad5e2fc1ddaf2b09adebc155ff09e63d5aa5f95206e66c7f4ef2ae3aaf3ea7c93589efa8c552df8d203e0ea181c1703d7023b56e603f33b4adb9bf44f7af290d8081210f327a6c9b0785709346087fd090c42d2b8b2711b9a1a5173eb5e246320ee27867ad6c3eadc4407bada44561a12cf5d53bf0448308bb536a8a525eabc1410c3a34becee25fd6fda453251ec229b53751f2280e142c6b331daa659ab655b78cfb08bf18e40bb02b7f1650eb2dd4ba1707f0aafa219f21c29521581ce249e2e34f5656b0a04c00485079b040e13cbc038bb9f17f47cb8f908591b26bdc28538d8baffe4cc39b17d2ecffbb9698bc2b8b31b08424034c051b535e0cfdf07b7a0a54781e33ba739759991aeb72c0ed992cbe76eb8ec0ab12c182e8b049cbadd6e82e314f1bf15fef5ae95dc86bd64b8556766f8ff62c33492198e454e5ca59ea856d8e095c04da8045522abac865506096ee1cfa1082af08ca09b3533878ea3580b6c0c57a615e0ab768246b3eda96bb6caa01a2648068e21959f843d853e948588e8c0bfda364ef1f9fbd3235c27916562eb0214891eb55ae0e059f4bf7d1838b5942656c27899dec6d67b823a981d1e1e0aaff5323b0e3d69a7dddf9b12d7787ab763a3c7a2697ac65b655aefc4bae7e6444850ad2540d5193b378682c77a4dbf9aa22e517e68cedfd1ba32e3730ecaa2e3f6ae61a4f427d6e69071dd62a9bf6c860980c9d23ce1fa82a1937e6dc1ce3a2de096b680d23d89ee102912ac0bd769c1c02095678dbb00b4430428797cfb966b2f901480811e1b9cde358b6d499c9e93f0961f050465d7b0c70d4961e75a9fe40a24e36eaad27238231dae6d0a17f446c16bce7348e669be563649eba9f23be29adb8b10f462780a066ae573f74e51215a26097b02469c25180890e06acc53ab063c742e08d51359b0a39749b84b9f6be44f3ae3da8e5a2f340a8607d4eed08877d007928d332d6f49502bb5f416c46d866fc87477c58a22d3c5932a8d6298c1151daa032c84ad92f8f90b8053b5aa6f690d1bf682f314471cbf200f3d30959e07adc6488dd17b0be5279e727f3237b8b4b19b31a220dfe63882937f8d5ead677608c42a57217f2239614c521d94559290e3b0ed8055d5474e96564224f6ca6389b40a71337da11e1c307dead8e4eb43252cc2f1c49addb18781cf20acffd3db693b02e5c8ecc949b51b99005529e0149a13390615f5df6e0bcd68e1ca82b0173d25134dbf76dfe92daa085d3f6b1e4d18217df41b70c4c40101884c2886495f2ef8a473bf23cb47ab6533c93cb38c36c6dcf6837f1272fc91a6962b6e1386fb643e1f1d71fc75ab58d5800bf4081217cdce0c7ae9e3d25de543fc4444314f32067eeb147c08c55c5c8158ed11729837547f28a300eccc312260215f50e98c4e3d4170208a50a4a4def1243538f906df8476b0c46d3449be73866d463d422595300e160840daf8c906ae4aac13a64457853b0ea6d8c32f4efe3b48c0b1450250086d459648b0ab14fd3f341a4a803be77e56a811e7a26827eb0a1a9454f90bc6ece665904adaa3cdeb2c4847858fd1d79750e8cd45d8da9163784b8bd06629410502debfed5eca3cf8fef0fa6bdcef6efaaf35a1986d6fd68e0f436dca9442077a4818ebda4606a94a3c93fda46e7ef5ccfef656896a0d3d93566b02ed8c3f6174417cdcb99a415b0c6e9816d94e64b438c295b4bfd69e0d9ad52911de5509971b7370593160629b641d690eb2828bf363857983e3b9098fcd15e66448f786f196685d2ceaa251b17ad06dacd614d9fa78ce0a8b9c1c360b529d0bc1d17ba0b70ea8ac1b8d67f6e5770f0cbaee0b38109d26b09493060dc851f5fef121e83e30aab9c3efc2b8397e8362aefea1708f7ffa14d3656f7f7610f3a629bce14648a593250c6f309c02c6c552bb42984ac58db920dbc7d98f59295f37f3e9b99da55ef074ed65801b390366669b4c7aa1c483ffd23082793f9e5cbe30c34250f63fa3ea2cd097593dc67e8d27b7e4f07e73a9f7b33a5ef6962df1381a038d4f58fdbca9d71ccf640b917f631b75d4a2e8ba46c64a6223f99cee30f47c1a935dccc7f054fc39d3498c824e10cc3ee337e781a3971f0e98295aca611bde701c2359858914248f6bafc88232bbc27bd85883b00990bba7862fd7a7cbd4c86df049071fcd10d686613ec877758d83927cacc530bed9a596b5b21c6fb748c379d676de7e05719a867c9f934b5dad99ed97dcb4e70a9b6542ed5b2f086d9f56fc9752e788785ef8f7837a31e433438cf2f18f58be37fe8412f6d21a5c35000a5efb862926700079413f76ab2c3e79e20b516eba9d8c29897097bee55157936607cabaac41337ea4cc783c0809c875259f8020e16d5045fcc39ac796d11a82f25fcc9579bf0a010200f5745065175fdc15474ed514cc796672c59637c3c8f236cfc9c0978a3db1194680c58c27746090d76ca09f7c48ee4ee7e1d3cf0ea70dbbbd88e30e8814b57404dfd7c33727a0c84cb7bd468b0bcb3c89b526679c00fb0892d2a5e7a3d73698a3db53fd7d78460cdcf24ed22b5f39b8c00b3506541ae4a5b76fae29c1cd5b0f8c3ce142e0af7ae4efe3fa4c438a604bf4a9abb41e3fef1b9227a7dccc3f4d6026ca289b4b1366d9ed546abbbbd5677c8d582e79e2b544f18dc23809ab753313d84dd10fa3ed2f723f0b46277b8877d4f3e0665e88c50caf0f0708b746b736b00c8c83a7d18500384bd035996aebb7da8f09fd6af9b76fde7fbfc0ee854d7ec02950e76abd23ffb27a6ddf1772465016c79b98a61bd3940547b207b6507e32cb9761a5604f0f546834a8edac7ae06910045de218d761a4accea886188f947b57bd876491709028e2e24b075d6b022b51af1880ca16a8c65b7c69e51b2ad580ee058acc0606f0a3a9ea1cd4342bf4be602e941dc4bef1239bb9bccbc8098a6a17d63186c6fa75ec44b6e4fd38a3fe49c5eb995f0cb884e2f3ed6be02515fa605b98453ad935682c3bac6a2971bb68f4094cefeeaceda92dec803ccd3d346f8b40b48f8f489e118a17367801e85c79e9b3bb5d73ac44a8290cdbf83a154f2f125090d42e1a1cb72f5ebbd42da46c7a4d4b9fad9612a4c800de6467ceb74f831e1395dfbf5799a3429ba34754add4b34b5960a5fee8f752dae78450322a1ab3d7102b77e907fc1eec5355991e0c7d6c0866660e5436248edeb1a37c0e769a0764cfbb6354332d6e55103b9235c84eedaff918af3f0213c435c32ab409a4b5c7eed8ab6ca9e313dba459bcfa3ee92e7d669be0526856ac3c06a57fbecbba553a9cb4655a901d98af02b74098e478076655d325bd7639d73d7ae00c62fdc361a997ea4ff5b0eba33096b12f35cc7cc0eea62950b912b47c11b9fb386a47c4c15c0602d304b2541da889cff299a1fd415e7e25c70ee4cd83feea7e6a9c50c75d9b128458513d61ec5d0299ef8c090472fe0850f384938ed44d36f10cc2c1d31daee3f946a2fa18f9982a988fd6ac973b1569313ce3c8ff5746c4dd85a241f1e9dca0e904c091832ca028533a3e34c184edcc510bf22a27f530bdca3d057928a96f72dafc73a9aa6dbf2552598e468735cc5736c67a620e9455483e9cb2108045ad80569582ea93a53b491e528c8df336fb326ad74317bc1dfb8ec30a73af01a5dff3e437b7fe48ba5dbb3e8f01ae0c6fc28675a415f23a796bb6e0ef0efeb4b14cf20d4ad88ad1966da43a76b454dac8687bdd97b89b8f8eede91eb34ca4a0523ea65736ae39341fb32b9b716f25662a37382c16f3b9c346c84f03bef54acd6efb364c6401b07b3f7679e8e7f8c9b77b75e6e98b90f4df88460f1978d19744eecccb743a999aaedd00b5a94018e9d5a56bac9d5d55f6e93bad52e84aa7340cbbf98d56213d9dd3e1970867e3972dc98e61b3cff40b64ec49463ff79a41c82dbbcaa37a82b761f432849aa83a3d3c9a209e2207b87ae9ed9959ffced165fcb0d8873668c3cd8f18ba0f92f7acd2bf50416c22ce11692bf6132eb9f558dc789cf9776da94e48cf48607f19d9a11d5df4db11dbaa67a1d20e9f0c96f5956ee3f906e371c489efc88b0c1e56d881e7bf8dd5d6742622eb873e253dbe54f2e2e6d0e6136941de8c23e9a632727bb5f88c23170316c7aa0df28d8d07589dd6022828834f7ea9b4e5876a1704944aa3186dbf89e0e81767cfba03bfb38c55a9945209c4dfd88272c49d1745dce5ceb40f0a6713b5139dc2fb87a8a4888406d2610b7b910a9e5782ef0df719028d8e50a40a269dc9bee12157038522d06537bb31fc87d21af9ad4b2e7e127bbdb313e0a116010f65126cedadd4a122d15a71cbcccc346f55100e354b997154567fe3caccd50251d137c58fc3a2048dd5883b6af9248b51040c01a80c051b8a151a8878edf0304b5554746d6116b749221a1d0082ac925e6e140f0c3b6a180742ac8a50ce0e93e6399102f151d7c14000369ff52d0b537fdd51bec99e7271b1255c6fbc36d83408c417f6825a8e2a58b9054ab2c3ead69d97ea9947fec32d720653c123ecf51a9a3f0ed88743e3fb7b94aea59d0bf0219ee50825ef220554312cb907edb90e4d85f29e316ad57d3b90d859391fcfc63e6c0fd3ec27d4e1efd6e0b5ca8165cbd6af25ed8792d805f27fce308ca1d51335ed5d727558dafe05486a6f9149b8d3bc022026656714222830be582889e6800c0b170e48ebfd069e711210e4ac7acf07652a6f5051507de68aeffc9540cab5cdac84ceee46059ec23820c04b127266c0bf8df0d2b856be3377ab42592f495980baeddbeed3ba707a85dba64fe36941eefa8fd37204ec8c18df3852febd2b142b1c9a5cd0f9e424cd408ceb7788270899fd793db99ddb8f9ca8df550c513790d8bad37a1d1f4a62c4527bb64c677462c9b093582decea70c7bbe873095536728e7ce05d5cafb5d166a1f03055e918f787fb244c5857e3d7a1009bd37f30f165564a082c1510ed19bb1633811a76da70dac67641c2478c6b335f409ef54a2d0f370c9510d0aabae3cb998bd023778375cbf9cf5ef125afd584c11efbf40bb51839aacd3016e5e4d79f134245f952dbad617c78cb6f5712bd9c0c7e1303db5029640cf9b56e29329c3e6a9e0a2371aac1a437b9b1c4477ec9842aa80eaa22c5eac11b60c661de6ddbb088e844293ab8589c13d938765bbaa44301e4137148dd0257bd4c8c766c5d3bfe53671e9417cd1b52f622870ffd90f4e17b7a4ae1b5601a2edb032e353bca652fb565beea6fb0b2cdcadac71794c662677fb1dc81d116d94f5eced526b37c004b95284cb6aa2ac415754a1f14882595dcf4d3f1d905c6e8c12cf5a9d23d3ab55bdaf9f17d2f03f933e1bab89040753648c426b072b73aee8c2fc0d1c03fce2c656e20d4c96803fb2ef471b912267eecb4d6f342d3513894b94d77767823fe0c7438e51f21bcf16f0e98b94b23a10760271281cf843989824f7061bf834f93fd8d2090f70e939700dcb4d8964a19da39a9601a7e0ed9f55f567fc7d5682d55a9ba0e68861756bb549f2f17c10ff6bd2042a80477f89743d3d762f1dfaf230bb502eab6f4c46b26135ff3bef5faa179bdfbd288e3cadd3d88d8012706e19b7fcc6e9cc2699d3ba0e624e715599480d6b7dbc6eeea0d12a9236444b17285fc7794040dd40c2b2ef175f7f3641664fc9bb7ea6d7eb3489d504f8013d64a23aebcb5ce233405f5ade067dffff253f27e926431ad806703e8fab23656e0b7431916d8d4c72a7d831e3664e5f30839c76c8167b76f3b2dc75a6ef48df515e06ea54ca51de2fd9c5eeabb1610b7eef06a2f3167859cf82e1a5b76be8ed8beee2bba28c3b15af6890d7a37226834ec9f63306a0da11aff918753d8b83fe7220803c070db98195d6d18357233f5504a6e3bd6f30115d3987f93aa5d89aa0b8b577d1fed94da057a6f088233efc0f44f86798896eae9ad0b20c8c9cdd9d72a3f02213f6797800894b864cb44fed009440fa5b0197023929f9bad16f052cc2d87327788a68b9209f46fb4776b092d75713048b5453ccd699d19cafa8e9a93fdab0f0863711916efe3bd81ee71b8e0221e12e9ffe2f6ee1a4dc1a8de6e593480f3c05b3691e916a4a7ca51971eb2f0f693dd10f6b8468f8cf7bcce285938b5a0a76ef86acfa2990f88bdafdc39a065db17b845028ed2b7a9e331c44217de20440e406868f1eca818d0be20248c2948b8f4cb118b2e456e585949139270f57c54715f3297bf714aa7c5f72ed8ddf6a074703ffbf95e45bc81a02c42822c22d2b718f2de5e03d687a4b18d605ef5ae75f9d43c8cb4e77aaa0c0101d978120f29574b22f52783c667f7daab3e1f9cfacf2e68e94a24918e3fe2c4f061deeb64891b5217fe5908e7f389897751839982b7fb736fbfb1232684e93123611b7fc8fbeb74f8815b5ae13240051920f3b6ed34483ff673c467ed7f0a8fbf619796e485affbed0697415d2d0598ba34d5b9e44ffd12a5edc323883a2e28efe9baf860324f2d2016748503eac1888213926b0e0f0335a4b51820a2bd3b42d982ec6ce307b453b6385aed7a735a1e98479394147c40f01c532926e10e1b26a5b395bc150ec4b4daf5b1436bd0baa225583ffc9d9e9d8a354f60fded37b41c7c051daea04e689ab2d4e24d7d07c75c50ccfd6a527e024d1632246c6f40f06b86ffec0b29cf894b665d53d459226b93422d37a8da23587fe884dc3c0f2fb55dea296a9a5b9a0d101f186d9fa6288c912202547cdf958569d2cbf235740eed38d10b0025dbb6de31058e98780d22149c19d4bcaf06dd7353fd91cd1f47e47f45622e1472542be2f63f463d253617eafd4f2ad609f9020884905dd5c22fba53ccc619104b6c0203a7f6c8c26fc80ff6fceb8c0c51600c2e46b4b872e6d597511524545a76cb42278b519d911e6c1320e01682c551e204ccdf91290c52e0836167a5685cbb1af338eb794c10fac92950f3f7956acf28f1ca984e380bcff9876b0c71dc7ce4011d1d0f955da9ca885c6e7bb74c6194dadb0fb9146dd725c8a9574aaf3824b727c9be3fce59c35850b162c17d3013689fca858a0a51d81cf4f30d6a8705bbfe35ff03c34cc7c56aca32140d72c8e8121fc71353596b777b266d75b322c9a97fd2c5d4e2362f19c99de66da7bd9c495c03d9a15b28431a0c051e786fa80f5503a72519e6b419263d72d553d688349c0cf30918eba0622b953a0efce4415c29515c26ba15f00e548ef108afe3f8194aeb965e5e4be94f10df6c45ea5c133a8c3398d09fb80f950b83c1866a1637d2bcc195e05cc32a9233b244cc2b1d4930e66f032cb1163c37b3e58b576ab76de759569797fa9b8bb4fad66aaaa56f09c7a0ce4641d6799d7bb47cf684990ec1e08871458c211a353ccf1285e7429c7b8520180918f7 | ||
| 103 | MD = 85747c796a910421ecb364b4b4f0e68b49e9217944f6586eac4993ec | ||
| 104 | |||
| 105 | [L = 20] | ||
| 106 | |||
| 107 | Len = 16 | ||
| 108 | Msg = 8a61 | ||
| 109 | MD = 60bdeabf39efdf21ba9c0f94af6552d2ffe699e1 | ||
| 110 | |||
| 111 | Len = 104 | ||
| 112 | Msg = 37487aa02b03bdbc6bc62e7e26 | ||
| 113 | MD = f146072f92dc4a551721a10bf0b01564cc2b43df | ||
| 114 | |||
| 115 | Len = 352 | ||
| 116 | Msg = 6ecd002568bae3bf1873993041bfa292eb94e9ad092d8eb3585be82e8a20cb36a47a06e7a57d301268a4a533 | ||
| 117 | MD = b0a2d6033cf1d8ff120a605b745d736ee4aa06d2 | ||
| 118 | |||
| 119 | Len = 504 | ||
| 120 | Msg = f6dc1d2f6b8e126d99939664693d8709513f97d730074ec2794e536d94ede79c81f2b2ecbff3c2c26ca2d181ada2c60050997f3bb087ce48d956c18dedb227 | ||
| 121 | MD = 395dd2989edc854746e384f339f0808c515747be | ||
| 122 | |||
| 123 | Len = 13976 | ||
| 124 | Msg = 07a6372c863c7d7c6764e4f05addbbe161762735dfd2d23bf268e2d603cd28de9c369ac379390473e1d3fa7e37af1178cca54fa0f782dfbe68070952b93462ea46c640d43ffe71f5fba42df98f4c48ada0d8aca8753e0731508bc15dff283178ae5c10a6ff132eca5dde63a78d3ac94685152897828eb25a55fdf140fd33fd4e7b03f283e201a1baae8986d25603fb0b2566aab345fb48031d648144dddc2e3556c0ceb1104f348d96ae7dc0152e45c625d21b46e70c31f250c858aec4ab2cf5e79d8c79b0854e0abf5330b9f044113d306161968f4ad6f0973160c9dc296056d5a11523ea2b56fbce8387070fccc639ec1c65ec663b9dc49aa880dc4ddd3020c9d44ff7e8cab6266e436af19b4ecb82010a0f8f9469ef380034a02e3f50051a6a3f233dcfe9d553459dc1bebc538ae0183448c9405c351271dea808d908480e61e9793cca111b4cfb9874b799626a1bd9a0f6e0929ad51b97ad81b2438f5fc255db3a3dfec9f0d8393c6b245b03d3faeb58021db3ad391b17a91174a66db4feef1b4c889699bcbea7928f4d29be2d47f76455c8cb1dc7da9cda41962a28ad8cd7b39965b809e7c7eca1c6792c1ce1c8a4cad6290170e91fcc49fa5ff64ab433b4aa081c8da2d9bbb072f9f18ca455469b946c877e3006b34ffd2219335b30ba2e0980f43cebfb629d0b11fe70dff28883ca012c6ae4855fcefea20a08e189eaeed7eb36ed6db3835976f4e60053205805727c5eec15d0e9f155637a9e66268b9c1c302bcaae6ae88cbb8cf1668a487cc996c4662c4a4e195f094cb31c717165e0e13718f8388957dfe0bf69c70cd0bd763dc38c530b67b9c12244fcab8bd13f602de848a2937699f9ef77944e5f22e3b470601789e1838fbea9359c733aaee2c7082b02ee459b7684ef9bbc200da4b62d368351f5520a65ffa506dc9b097117bb7ae88d04d85fb525e91327689ec0fe86971480c0e864012b1e9f044c7d80a4e48c07320dd4292086e4c71d4c98dd826a9bfced112bfa2beb1ce85cad204451ec45703931bf637d4fe89fe8f485620b7f4b21e011a232ade7a8c92be77925e878ae0bea9723749528fe83cf89ecb9616dae6ca0e8d5754ec6c92abb21108c2f33cdc18c6887c430b72c5b193356494cddccc577bd4c2cd53188f352846edff0c2ac7869cb74bb16a77c0f0f194a7a9477ae15abb890bd0bcfeb0c39381a87f1d05319c7e971c10e9ef687f96450b400e25b4285032892b849fd5db8649cedfb03c88defea063ee144a1ab1f3bf05f59c7db364dc39c11a446c3ce16307d78d50315ba29f5bb9a57438564c8c7b3e367cd37d74b2375a4966f47489dc5448f4979428abd32193d3840aa983d3020a9f29d760fc7493ab2576c90b1934b799c1d0d55e4f2caa78f4ce61930c79dc017c2dea0c5085d73a3b0e4a6f341e9a5061a6658af11e5edf95bdad915ac3619969e39bee15788a8de667f92f4efc84f35082d52d562aa74e12cc7f22d3425b58f5056d74afcf162cd44e65b9ee510ff91af094c3d2d42c3b088536d62a98f1c689edcf3ea3fc228d711c109d76ae83d82d6a34dcfbad563cf3726519b519fd48b51741aa86720836494b7a589c778927047a25d73508adaa401e9a6c0767a675e31c5556cbe35fadc9671359b45e985c3c8af84113989b299ae4474b85e4b5d4b0578ab1e8a2915a8df97c4f52a639fe32272cb91bbfb721505dec46d51383cb8973425a714245c2e37d0577fbe0d66381d9239db1f08a380cf609dc699698e0fada2caeda44d58d766c4f8214b10642b80b8d7d8add7cc41d47108ab7d07dab71069a2d982cc900b331caec317942122158bac6eac9175c2dcba0c04443aa9188832b553f5ca8c336880824d6bc02486a2b4c086665d276aafe3b1b93729829adca50c44466fd5b5cb977aa78fbcf5c0f0da1b09216468a11493ffb39efdeda5d669ae92bee2f2fb250aa1b9cbb11c36c7a6c6dd26cdc3cfd572ffd8c1dd72a13c27a327a34c6b6b3d80fc6c67c72152eec0c8ecbdc1bd5cb829b811e7f29af6d786f4e93dd4c96fdda295a6aa258d7b2fcf291c2d68e0b1866032475964ec0c6f2fa8c2d6a3936ecb187350def4e818507bf157c0e9b33406be7660605af14cccc9c799b4e051d0d0899e53495bb8931a6e2984bc6dbe4e02ec8b4642fc2f1cb5fd5a5520b48cfcb49e1f9533838753554dd98b6a1b8a67409279df477330e5f37367e06247ca5c3ffefd00e693dcc0c9c30754121c9ee88a574915b9e77c104fd2f921c2c096573951407ba9b440423d76bdc6fc978237a6e302cede7f99038ec31500884775556941f1edc30e3a417b0e02cb6fb5bfbe5cdfacf4006411287bedc565fb06f1be987416407dc852254934df4ab59edce476f3506e65be6ce6ddf91038642291fb8e92ba5b1f0b105670905a2c14796110bac6f52455b430a47b8eff61 | ||
| 125 | MD = 1adccf11e5b7ce2a3ddf71e920138c8647ad699c | ||
| 126 | |||
| 127 | Len = 48824 | ||
| 128 | Msg = cd8490c93613bdf1f284b94b330f6d6f45a39c651d2a160b340e2eb696fc6d1c35e88872845190d141c669de92a97daa5433b1d7b0b899fdef2ce74b8fe72a7296a5b5be26d1dc86520367c730c7400c2fa06f91ab4c48a7bf4ae35a5b9acd5296c4fdf7451b0ad9cc439b4e34f11e5d7ef2bdda376f8dd34d6f092b219dc085dd4c4a6308b8808f588eedbbc7af7f64e83182fc7ca7cf4741a341060a7969d31445834c982fa8739ded4555108acbea1666a83da17f77cc42ee73323eb53203e3b790f81c08e94c44678b6538096ab7b09916e6cf7ceb2af85987f8e4d982dff1ab59b0bdccaae1f405a73366b5c5935dd0b43e2d2894290ceb66a0246dc02de728c5bba30255fb56ce8107c3144246c5156a8fe40ada9126adf67227fa56b66c37be63f532516211ca012977b04a97916f201f1baa2629eda520b51508ab4229df2ceedce406dece0110e0a911464f69e7be38fb91deba0addcdb3161d2799c628f5a57fa1dc37357c947681bd9c36f4832c20ac466c0c245de3b250c33282ea1a02d007f03b34ed427631283eb614db4d521f555136e7e42b4cfbee8134c63dbe3bb79b5a8b9f9f5b9f5ac61cfab1c54d197f1e3ba613f251eed616df952d691b88a16466343ef2d0f63882ddd2d55b8a6786308b2257f5d7b38af166bd7f1339d2d8899c9eda8fa86215850ba547450c267eb3c9147d96c38161a69d1584e521ffa23384313a1debcd37f72ddad02adb3cadce7ee34b7c1f42a15d0d030487daf9488aa7562845a11ee7ffccdb38b300935caa31f78a4ff3dd93403cf0c6a16ca611b58c736aafd33d6dc56f0f47878211d26f6ab801b9453a7f74b44593dae0f047ddbbf2c902891111729edec44f69a05944b18e7a601f41ad24fd6833da3dbe3029bd390de7c9841b2ee2b079b2bd2737518fe1bbec88da64769dc36e4a8bf716c219b2fe059d7dd220c1ed2c59878db5bf8b198e0689edee921ebc0cd2d3853fcf57c363050ce58071c5fda6ebcfbc1bb62e9eb956286291a108bdd4191c4ff47900d6068e1ea26b487649af119b9bb15dfed804836f2196cbe12d8fc86e3d7ce89b52ad49dc9ddbce5b370f73f512bedd853039366612453733740586d1372143b09f21dd4dbe1a2bfc308db8e4098c5e4b0c1e16141ee50e85fafefc4e2529b3c7252af37aee6f86e19df28871686107d7d57dcc812bc077602642d2ecefdd5f694b8f336913210793e4068da2178600b1f41cffb5221c9b4b6298afb47e85701d7b1a44241679d8996f916c81ff437261cfc358b9ec42a2ce16ca3bacb8690d6c1d91cfb3e0bf1e7ba45bd01606df856fd03c7e946f7ab371a89e1fde86d05fdd97bd7b1c583b04c2ed2b5f6815a460645e4e1b4e950bf6bd81dd0352d1048df85266f1696534aff5b1cbc17f15d82cc8e0c0d4f0453f9439094f8e0f7f4bc045b654d9a2f1f44a9c57019f63ecc41021c05b5380675cb56ea8bb691d79ee204d2c4edacde3c1fb3f4996a11d84b035f965e74009e2ab80e2c7ea3c84a834d4971a1e9cf423e4ea67ee526eb3c3e4c2d7372c4290a0741e1fcca5ae4cf36705abe98ac81e98a5419baefcaf3093a7e0449ef1021f88ffb7ad21b2677e41cdda12025b06542c4b2564f15e0b99db43b7c7020028bd829372122cd910227cb07c53cb58fd9dc620c0491f3e2bf883fe6ee8cb1f5b73767977d857e4513e8b5612f6ae4b56014e6a3ad2a065b65472212e2f611743484cfaef860999d1dc5608c58412fab888ad72bb87dd9b55b692f31e252daf8944ec5c02a5a9c23903c50dbd845f2fcc3bc9806af13ca7b025cabe675195b1d56f3fe7d7bca12530bcc0af217efcb03a218bdb6f9726536ea902c8303b02e3ced22be59753588b5f0e2f3419fa5345a942dbcdf3010465384a225ba26cdd0f1d74999c69f336bb6d01fae5cf81cbb8c1a7a29c1eb83ca6b51113bde56b8cfb6a5d72557622a37f039d090a689accd02b57c691174338de8e05bb3620c079705c969c58e56b079dc9eb44eb0fcebe548f5a31f4072a5ed56a2f03107bf40a359b2601eddf53cade66f294cfeaa40a0d94b9c90d15f61852f295d3911f8ea914d015885c8c64540a83badf0021a416c3e37b78236a2ecd1fce4114033416bdd3a36c18ec13250ee9c74c0fc4dd564b3d24a825802d5ae402a53bacace115ae3bbb329be79d1e5e42dbaf0a6446431145fe49b86a8703c7c41f8985d54f12e314c16ff89351d8addf66ebba2783f2d1a11965182aa0b0dd2de53586c5a695c6265c2b173958da648611090557bdebf11a1e042f089fe98e049f4796c60d26be38356fe020d9ace9008410d53a1bb7db78b52ee44bac364213f5c59f1eac4e3314f3423b92fdd7a6156608111ac6ddf58385ec1f3df12061208db98816ac948d803fad10d5ece2018c60faa13de5e5a9033745c824932e53f4122a39f635813545c1b74732cd55642f19ed6deca1585ebf7242c849bde981572a2199066e9c912b2068c8f1c8b936c43ae95c6e22bd7b80dfea05f495d751107da5928e806d0af905c87b5a0795df146af6580d8f9c6a0e2645686d43822ce9b4be0bd5937c097917e048b5af71c7e7521d490f107e9231ee5bd9fbf0727ba87774ed24cd52f471ffb71849ebd55605996515bdcfe95bb1df3541e7c42da4166dd01ec3597634aa6455d15fe14af435e8d7a55ff1682d55a2da867ae63d11fb3fd987fa5d7032ecefc35d3fb9570940e779e13da18070e6df5292f97f2a281f9598101102c955fe4808a2319c85fdef3d55b19e05bb8c2d3da64bafb67a53491513a24f6f0804aa162c8a7db25b38089373fecc45a0eaef65dd9be3b4b7f9436a5423fdcdb5a9b60138fc6a2261225390d9ae0d8ab7f0f7ffff69dca06881d33a637d634358abebb333df41151f239add91abaafc89070cb2159ce3a31655c22e4696c9fa7a7211d1251d4bb21ea4a321a3dbebc29d97f526251e40e548dcd7ed07587719a266f006179dcd22e50b3705152817057b097b043ad63b8d867edc20aea9b4c959ef4ff70f47128cfcc21e31f17978ecacc366f459ac1cc459a3976e4173ca322675f84f18036119ec2f204c3fb554a0b72f7e9d8c882ab147b3d280ca9dff7b9160b1b437b901f03cbc05fe05c6f44824b48aa8da52ae7dda1653fd500f9ccd221843cf76513b3b74d094f14d93a00d7cb954bc4cf2f04f9a35e38edcb1e84f62057647dcb3571f1dd296ca1e049f1746a8a282e85138500e7649db756b2d2ad88f11c471c89dc6be2cd43481013b8d0ae83da2b855cea7be424f8b2325b1850d1fdef03e765458df4513d57c72ba9751e1edc3c4e7f97e3202bb46eec7be89871ba3704aa6c6fc08851e551a3f655fa1fb798d12f003faf31c56b6df399a5dd0ed29ef9e4139dbc254bc5d6051840a859eabaaad56324588fae881fd638d2b70fb3813402df61d941ab495588e5fc3823249bf9a03cf877902394f512de118edaf98843a5445e9073fcfa409df3db0221f1c77e2dd21e74f9e10c9e180dc4ed17010eb949c6d67a22bd5337b2c68f9eccdec778ece728e91353696b742c8f5a3a569f054efb8c1ed478ee9b75e26c768a5816aa6bd08a4c72e745fdb5deb34ecb86b3a84346c1c70f9c16fc45bc0421f0da2f630912d5079f390cc53b78e343310de722b53d2a3b4aa386caa0d7e91986e19c3363426ba30eb5284293af81d00158a3f5233327b40c3b989725ba7dd5b31ac7abf8d3e0b737e843065cd7316dc2f374a00bed4cf9caa0d6e232c854df1bc24c3d484bc6bcb14ec770d5745474dc6ac3b3ddbffc551c9fcc2c56a5e0ae17948457c01e701bf1554022bc2b7d9dd42b2b91172fd85e6874d2d61fc7b3bb3cee2a9bfec09f6d7e98279c6f511f4140b116c856c1438e34bca59fdca2409f025b896a52d68719bf93e82e7d89bbf798991fda0af8d06d17f39eba4bca09c1fe594b537ad4c9b94ab52c895539d639425f9146b24b016368a638e5bba391bc8763cae7c52ff9c496884f1d84e5e08ed451358ecb3c4919dd410e82cac35ae744078287c05c89b42999ea6b8b127d40d53a5722d45139e8bc507a11e7add7fa9ab12cc40afeec008a4668e3e6440f27bb5780936c0e3668ac51262390c79b3f21fd041cf36ba3522f3a552714ff188bfd554c60d0e7d11213cf7d3864a5175d4047c2f3284741f18ec22995a5b82bf62190151bc1529c6d9927f9b0c1dacebd9c2dc406f7f64a973f9a70cff6e3abeebeb46514bbf2ead382f7262d46bd43d88c1b91a9011d1f8ba81fa536a7162aee2b2ec6fc0f2d6efc87b98d2e41e0f946969da659c21053775ece415a34d42b6cfd5bc52259867b411dfb991461ca618052309ca9c96468c2da12dfab0e822ff3bbe7ba281982a239ac19c47024fe1f0e3550cf0975add1f680a9dac9b2c4ab0aed4f409ddda6765eb8a0a9d1e9d07458c69ac8195541219b18efcd06c0001f2ae7fee2d404666a18ca3cb3aa4f0623e86c5b1229f6c2ca28d951111294b91edc52730b6b2c46e000672a7c89b2f38045bd3e37dbb8a75e18687a514dcf740c87a34834d3c3cc8aadf6166ec0c42d2be92f90a3af49633ff23cd80848ceb57ac550eaf9ae496bdc6a2d7cf50fe107895b4a1ed014f78af24eccd6a07420f1dc0df1e7c44b4ba937dd43cab9c798371b148325578d61931766af02b45054bdc2d9fcab2f4b49092f6fff7c27886820739d6140a4a905f0020249e8ae8dd87da1a1e7b1851eb01045aaa72dc8a2bf68055e7aed41d85336648a3405195d2ab61b0e29a770461f32fd05e14c17d72c5252f026a7b9abe7ea9176d3c46f6ed9fb716758d97b41e4f5d81a24538f763d83eecafafc668422612b40cfc32b3354b24755fbe400a2bfed494fe6d0ba0051713b776e67e2f1915e94708e6dc74b398f2f526933aad8fe7dc32faf40022606aebb6e0756b994c3176fae7640ee06d6c67bd54764c4752f1bf831f43e0227cba101174c5554ce26400f333dd8e9f6db1cdf670ce407d7d06c3aef4c0724b62edc8f1ba3e04f0e394d15a73b9255abb4d6ac70303dcf9160d32dc02d4804219ed5c7e3b48402e58ab2f58305f9bb95d2a8759947de96328ed5234cfe7d0b2a9a014df7e4cd0ae48906315f139b8635d2e6bd4aba32e62b8906cdfe5622c411bf0373d0cb07d17bb2bb5b83eae4401c243605fd1df759fd0ddc704ccab5a9776c40fbf6bde0f11b9646c699f26063a9550ac228c9884c277bcadcc0a2c225dc203e28e253c4e464b23d2529d09c7b7dd3c984667372472b615645f294c4e3b0797f9d1c234015b78502d98bfc04f1fa2f16cf3e7221d5794d035e4b172a4d84e679cb1c82df2fb49d3c6668eb1661bed56705096c2371a19d668832808eedd9e5b1256c18fe7ccc494e5e29145d453c553ec86fb7f3a634d0d45661875f2f1005ba5e734c1a976f37cd23450e4606e32d027bc9ec2edd9395e14b2082179bd7b4f9b8caa2d00a2de71d48553f7d4153cb56a1b08f11925e4b11c9281744ae9171f3d6faa3ab3f88c5c34fd23e4f6efeceafdcbc07686ef56efa62c0ad62f1cdcb4d3b5bc508c1f05263bc347158fa5495828f34eb7fcde98fefaa82bafeefed3f4a58968d751c051b52e0047f066de5be533bc3b1e439ab1c8602f6c67503803c8fa113737cb8279f358dbacdf45432b7a654d0e1122cca93420e956661d7275181c75b0d9c20e84c7007dfc49f27bc00007cf4ffa631c892981fd70141d532fcd51de5c23fe0b7a186d0dc296362f235d61698740cc315891cc9342da17843bcde274c17e462263d0e8b4832dd9075a7bbb443d4b26b41e534ad5551ed5ada102175e695363fb48d6b99ac978a3aa6f405d87f983384ce35740e930491d75675337c5dc081e3d301228e61bde5cc169968e5b4350cca2b085f9f75cc4b88497a78cd0a0073d90246c7dc102c7cbf3516498e8a41aa85d8cc5bc285ff66e8338e85ca83fb6889e2bccff52059bb9e92e92c155a349952680ffd0a3c346061a53fdf074417fc90c4d1af7c2acc3ee4b080752cbc9455ba5931b7e910f1e4af0efce905d2cc9c685923ead387fa532c0e8ad92719c76c281cd010e1acce500ae1443838b8afb48af032069dd07aa4df0d56bcb70a64592633699c8658102f1fbca441325e27f1732a7a973d8cb3a0684d72943ef6f1892f2d7ccf39bb6dfe5801ab98653bdbcfbb787bf125253be2624f6cf44177d588bd7b780d9e3f4e3a4e50b8a253fa21abce6a94b9073289c76773b46140f5a6e46b9de9ec066c176f5d1a69f380e1901216617363362d13ebb26ad74fb008ec08841550ff14ca800a1ecf2e007ebaad9f4e0d9664448d60ac0d8544243129fb81c1723b9b4bc2ee971dff736d9fcde0afbfbf5c50a4cc06a4c363998326c17bdc9e2508651dedd9a2a52bd87f8693cfcff60753acf9716c526e8635f12377e36564ae55d0fdb3c7997ec4dbdaa5b4d18c7b660acd95060831795da7d299a5a8d8cf9e92537dbd3ef7f56aebe38fa97c41da6bf0572a0270be7e5a7dcc0be3529339464c811052b65a938e874ea6da469c7d8992ce0aff1c75e82d1621ecb967213c65f2de582cb41de3804c507ddfc708ef3f6096ba4491e431160f98de806d0f334e03cfb7a3bece601099bd971253f3aa0df845da8b478603d5d88533d0cab9c89f2dd9a1404cf8939ffdda652a94093865a85fce2bc3d7babcff7b9f3306bd76b9af80c78ad518f89ee73b7a710da604e72f4927be8d65d06be2e0732fa786a83e27597cfbed9bf98df445499e0746b9f2cb9659ac0a9cef433148521f33b1d78d13c8441c0d1e20fd93ac450a3787a2292bcbd68cd1f961d34937be9a21abaf26f361bf53aa0c095e53c51f3e04d567eabe6e40d96a17c2bcc9230b18f7e079bc549a314b4ae21d30a3341aa205bc75c7f1d21b0a49549c300faeda243d0ce18da5e66c5b663cd705005dd9fea0a9564174abb797d64c58fdab1fae44576d514b75eaa31c9278b15bf9b6df7c6c2873d7a56fb91ab77b83761a09f9e1ddae535622fb87f7462256a60dd39dd3ceb6690b0272920b635ea639daf24f95462c523e5bbd8d8407c61163ab38877d5edfa04c2a78d4d240523ba97c7d01c71783f8748e85164b4dd08c25506a4ed18300b42b7bc6e417f512ae456ceec2ffc83190991a06d4a58ede215babcd3688e1d61f1975016244e80c88ae2aec05c7eeb1c50caca72b3b415b6b870bf5e10bd1ac3ba6b4acb1d1afac554444d94c97e171005fa4ea9c651bb4e527ff58d0c2f90fb453a92d6546a26e9e98395b09e8471bdcf2a145aacb649708cf048a7856ce8cf390c107ff2c66efbf2a76c5b041860ea576103cd8c6b25e50eca9ff6a2fa88083fe9ac0d1fb639c516b9bcdf23c34c6145a705498ff9b9747f15e1c08c63da6efeda4eca02c3f00dfec06c82220c9de840040118dde76be788daf84e6a2f44c81fe6defcc474f99c51c4648d297cbc48f081e0809dbda505d020cbe865e430e0491644ec8c52bd3ab8ce8c4862990f49fe2588caf804ce9500ef42d5a50c057c257168e283e4a4aedbe4ccfaf3eeffb212f9e23d15434d60bf4f455f512e2b655aff3225d1b217c261110cec0400f54dd303d6231d028c2eb649bccc91d30a6391c88bff9d447c3cf35a3467be5957e0ea4d4dc237c9f2c68ce48f658f820a3d72d559b60f233ce538c92cb148808e34fedf2d648c21e7f2ea29a77270c393bda42d869351d6c085d965dc12cbfd0311b8bf604f4391d378781eea3b5f1e0da9d0d8f8de88e56fe47d362cd46f591d3ec0f7cccb85a21f21ddcd4107821ce0ca9ddf99dfdfd9b0c9cd45053e5b1b4385bd8f5b227ada31b5c23e9420014474e8b4494fde7c38edfe70994d97b8cbdfac588df49a49c472fcce78cccc051f31cbbc1e0422878d8d490f3aee28adf1587c38fb7e7d1be54abeaa83cf54b633803a5e669ff4295df8735231ce39631616bd05e0e31117c722c2fd6787003b0bc7fe422a089c89329544e085d71102c1813769450a9f66f160d1702cdb17bd2c6fdf0f722762d193ce83623eeffab17b01b10a31db6e2feb6eb3abdbb2e36320e1a56e44e48d26090afa7f65003a98cbfef590ac3ec89b3eb230557cf6aa566e841806aa2767b21bb26fe001f11ae039e0c9a4bf1bf3d271960f16158eb5bd9ebf0080abd8369d512cab2d1aaae2b14d0ff6ee705a38fb0c801a98b0624cc138fc24834fdf430f33e1760db913da3290f34415c9e3df3e97da1780545ab68ac5a24db89f24d62f4a399728e4144a8c89f47ac2d29e30c49b0bcf790a5e3d3fcd1943c6a28f37251d9dd827a69579e6c17b629c927473b5a07b0a29d9562708d6c8ce576109ad1a3473ffb2047eb069beeec24c114bef392c929038c92abd0e6a19b610e27881361824d57008b7373d0ab76379570ded76c9b8284fe2c247791073c29b2fc6fca05019220ab92856892d3c0dcc6da0b597fe559c162d060d71513ebca050d9638164b9ae271fba5575ade787ec5aee8fc253d1b234b1df561db3e36ac64b9b0100dd6b407043537b2b141f | ||
| 129 | MD = 2cbc07b9b9c819b8fd38d8a614a8a9c3fa7e40ee | ||
diff --git a/src/lib/libssl/src/test/Uss.cnf b/src/lib/libssl/src/test/Uss.cnf index 0c0ebb5f67..98b2e054b7 100644 --- a/src/lib/libssl/src/test/Uss.cnf +++ b/src/lib/libssl/src/test/Uss.cnf | |||
| @@ -7,7 +7,7 @@ RANDFILE = ./.rnd | |||
| 7 | 7 | ||
| 8 | #################################################################### | 8 | #################################################################### |
| 9 | [ req ] | 9 | [ req ] |
| 10 | default_bits = 512 | 10 | default_bits = 1024 |
| 11 | default_keyfile = keySS.pem | 11 | default_keyfile = keySS.pem |
| 12 | distinguished_name = req_distinguished_name | 12 | distinguished_name = req_distinguished_name |
| 13 | encrypt_rsa_key = no | 13 | encrypt_rsa_key = no |
diff --git a/src/lib/libssl/src/test/tests.com b/src/lib/libssl/src/test/tests.com index 056082e7fe..88a33d0531 100644 --- a/src/lib/libssl/src/test/tests.com +++ b/src/lib/libssl/src/test/tests.com | |||
| @@ -25,7 +25,7 @@ $ tests := - | |||
| 25 | test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,- | 25 | test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,- |
| 26 | test_enc,test_x509,test_rsa,test_crl,test_sid,- | 26 | test_enc,test_x509,test_rsa,test_crl,test_sid,- |
| 27 | test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,- | 27 | test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,- |
| 28 | test_ss,test_ca,test_engine,test_evp,test_ssl | 28 | test_ss,test_ca,test_engine,test_evp,test_ssl,test_ige,test_jpake |
| 29 | $ endif | 29 | $ endif |
| 30 | $ tests = f$edit(tests,"COLLAPSE") | 30 | $ tests = f$edit(tests,"COLLAPSE") |
| 31 | $ | 31 | $ |
| @@ -57,6 +57,8 @@ $ SSLTEST := ssltest | |||
| 57 | $ RSATEST := rsa_test | 57 | $ RSATEST := rsa_test |
| 58 | $ ENGINETEST := enginetest | 58 | $ ENGINETEST := enginetest |
| 59 | $ EVPTEST := evp_test | 59 | $ EVPTEST := evp_test |
| 60 | $ IGETEST := igetest | ||
| 61 | $ JPAKETEST := jpaketest | ||
| 60 | $ | 62 | $ |
| 61 | $ tests_i = 0 | 63 | $ tests_i = 0 |
| 62 | $ loop_tests: | 64 | $ loop_tests: |
| @@ -250,6 +252,14 @@ $ test_rd: | |||
| 250 | $ write sys$output "test Rijndael" | 252 | $ write sys$output "test Rijndael" |
| 251 | $ !mcr 'texe_dir''rdtest' | 253 | $ !mcr 'texe_dir''rdtest' |
| 252 | $ return | 254 | $ return |
| 255 | $ test_ige: | ||
| 256 | $ write sys$output "Test IGE mode" | ||
| 257 | $ mcr 'texe_dir''igetest' | ||
| 258 | $ return | ||
| 259 | $ test_jpake: | ||
| 260 | $ write sys$output "Test JPAKE" | ||
| 261 | $ mcr 'texe_dir''jpaketest' | ||
| 262 | $ return | ||
| 253 | $ | 263 | $ |
| 254 | $ | 264 | $ |
| 255 | $ exit: | 265 | $ exit: |
diff --git a/src/lib/libssl/src/util/arx.pl b/src/lib/libssl/src/util/arx.pl new file mode 100644 index 0000000000..ce62625c33 --- /dev/null +++ b/src/lib/libssl/src/util/arx.pl | |||
| @@ -0,0 +1,15 @@ | |||
| 1 | #!/bin/perl | ||
| 2 | |||
| 3 | # Simple perl script to wrap round "ar" program and exclude any | ||
| 4 | # object files in the environment variable EXCL_OBJ | ||
| 5 | |||
| 6 | map { s/^.*\/([^\/]*)$/$1/ ; $EXCL{$_} = 1} split(' ', $ENV{EXCL_OBJ}); | ||
| 7 | |||
| 8 | #my @ks = keys %EXCL; | ||
| 9 | #print STDERR "Excluding: @ks \n"; | ||
| 10 | |||
| 11 | my @ARGS = grep { !exists $EXCL{$_} } @ARGV; | ||
| 12 | |||
| 13 | system @ARGS; | ||
| 14 | |||
| 15 | exit $? >> 8; | ||
diff --git a/src/lib/libssl/src/util/fipslink.pl b/src/lib/libssl/src/util/fipslink.pl index a893833c5c..3597bc1740 100644 --- a/src/lib/libssl/src/util/fipslink.pl +++ b/src/lib/libssl/src/util/fipslink.pl | |||
| @@ -28,7 +28,7 @@ if (exists $ENV{"PREMAIN_DSO_EXE"}) | |||
| 28 | } | 28 | } |
| 29 | 29 | ||
| 30 | check_hash($sha1_exe, "fips_premain.c"); | 30 | check_hash($sha1_exe, "fips_premain.c"); |
| 31 | check_hash($sha1_exe, "fipscanister.o"); | 31 | check_hash($sha1_exe, "fipscanister.lib"); |
| 32 | 32 | ||
| 33 | 33 | ||
| 34 | print "Integrity check OK\n"; | 34 | print "Integrity check OK\n"; |
diff --git a/src/lib/libssl/src/util/libeay.num b/src/lib/libssl/src/util/libeay.num index 2989500c4b..0eb54ddc89 100644 --- a/src/lib/libssl/src/util/libeay.num +++ b/src/lib/libssl/src/util/libeay.num | |||
| @@ -725,7 +725,7 @@ d2i_DSAPublicKey 731 EXIST::FUNCTION:DSA | |||
| 725 | d2i_DSAparams 732 EXIST::FUNCTION:DSA | 725 | d2i_DSAparams 732 EXIST::FUNCTION:DSA |
| 726 | d2i_NETSCAPE_SPKAC 733 EXIST::FUNCTION: | 726 | d2i_NETSCAPE_SPKAC 733 EXIST::FUNCTION: |
| 727 | d2i_NETSCAPE_SPKI 734 EXIST::FUNCTION: | 727 | d2i_NETSCAPE_SPKI 734 EXIST::FUNCTION: |
| 728 | d2i_Netscape_RSA 735 EXIST::FUNCTION:RSA | 728 | d2i_Netscape_RSA 735 EXIST::FUNCTION:RC4,RSA |
| 729 | d2i_PKCS7 736 EXIST::FUNCTION: | 729 | d2i_PKCS7 736 EXIST::FUNCTION: |
| 730 | d2i_PKCS7_DIGEST 737 EXIST::FUNCTION: | 730 | d2i_PKCS7_DIGEST 737 EXIST::FUNCTION: |
| 731 | d2i_PKCS7_ENCRYPT 738 EXIST::FUNCTION: | 731 | d2i_PKCS7_ENCRYPT 738 EXIST::FUNCTION: |
| @@ -827,7 +827,7 @@ i2d_DSAPublicKey 834 EXIST::FUNCTION:DSA | |||
| 827 | i2d_DSAparams 835 EXIST::FUNCTION:DSA | 827 | i2d_DSAparams 835 EXIST::FUNCTION:DSA |
| 828 | i2d_NETSCAPE_SPKAC 836 EXIST::FUNCTION: | 828 | i2d_NETSCAPE_SPKAC 836 EXIST::FUNCTION: |
| 829 | i2d_NETSCAPE_SPKI 837 EXIST::FUNCTION: | 829 | i2d_NETSCAPE_SPKI 837 EXIST::FUNCTION: |
| 830 | i2d_Netscape_RSA 838 EXIST::FUNCTION:RSA | 830 | i2d_Netscape_RSA 838 EXIST::FUNCTION:RC4,RSA |
| 831 | i2d_PKCS7 839 EXIST::FUNCTION: | 831 | i2d_PKCS7 839 EXIST::FUNCTION: |
| 832 | i2d_PKCS7_DIGEST 840 EXIST::FUNCTION: | 832 | i2d_PKCS7_DIGEST 840 EXIST::FUNCTION: |
| 833 | i2d_PKCS7_ENCRYPT 841 EXIST::FUNCTION: | 833 | i2d_PKCS7_ENCRYPT 841 EXIST::FUNCTION: |
| @@ -1814,9 +1814,9 @@ RAND_egd_bytes 2402 EXIST::FUNCTION: | |||
| 1814 | X509_REQ_get1_email 2403 EXIST::FUNCTION: | 1814 | X509_REQ_get1_email 2403 EXIST::FUNCTION: |
| 1815 | X509_get1_email 2404 EXIST::FUNCTION: | 1815 | X509_get1_email 2404 EXIST::FUNCTION: |
| 1816 | X509_email_free 2405 EXIST::FUNCTION: | 1816 | X509_email_free 2405 EXIST::FUNCTION: |
| 1817 | i2d_RSA_NET 2406 EXIST::FUNCTION:RSA | 1817 | i2d_RSA_NET 2406 EXIST::FUNCTION:RC4,RSA |
| 1818 | d2i_RSA_NET_2 2407 NOEXIST::FUNCTION: | 1818 | d2i_RSA_NET_2 2407 NOEXIST::FUNCTION: |
| 1819 | d2i_RSA_NET 2408 EXIST::FUNCTION:RSA | 1819 | d2i_RSA_NET 2408 EXIST::FUNCTION:RC4,RSA |
| 1820 | DSO_bind_func 2409 EXIST::FUNCTION: | 1820 | DSO_bind_func 2409 EXIST::FUNCTION: |
| 1821 | CRYPTO_get_new_dynlockid 2410 EXIST::FUNCTION: | 1821 | CRYPTO_get_new_dynlockid 2410 EXIST::FUNCTION: |
| 1822 | sk_new_null 2411 EXIST::FUNCTION: | 1822 | sk_new_null 2411 EXIST::FUNCTION: |
| @@ -2804,12 +2804,12 @@ OPENSSL_cleanse 3245 EXIST::FUNCTION: | |||
| 2804 | ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE | 2804 | ENGINE_setup_bsd_cryptodev 3246 EXIST:__FreeBSD__:FUNCTION:ENGINE |
| 2805 | ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH | 2805 | ERR_release_err_state_table 3247 EXIST::FUNCTION:LHASH |
| 2806 | EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES | 2806 | EVP_aes_128_cfb8 3248 EXIST::FUNCTION:AES |
| 2807 | FIPS_corrupt_rsa 3249 NOEXIST::FUNCTION: | 2807 | FIPS_corrupt_rsa 3249 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2808 | FIPS_selftest_des 3250 NOEXIST::FUNCTION: | 2808 | FIPS_selftest_des 3250 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2809 | EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES | 2809 | EVP_aes_128_cfb1 3251 EXIST::FUNCTION:AES |
| 2810 | EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES | 2810 | EVP_aes_192_cfb8 3252 EXIST::FUNCTION:AES |
| 2811 | FIPS_mode_set 3253 NOEXIST::FUNCTION: | 2811 | FIPS_mode_set 3253 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2812 | FIPS_selftest_dsa 3254 NOEXIST::FUNCTION: | 2812 | FIPS_selftest_dsa 3254 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2813 | EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES | 2813 | EVP_aes_256_cfb8 3255 EXIST::FUNCTION:AES |
| 2814 | FIPS_allow_md5 3256 NOEXIST::FUNCTION: | 2814 | FIPS_allow_md5 3256 NOEXIST::FUNCTION: |
| 2815 | DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES | 2815 | DES_ede3_cfb_encrypt 3257 EXIST::FUNCTION:DES |
| @@ -2817,44 +2817,44 @@ EVP_des_ede3_cfb8 3258 EXIST::FUNCTION:DES | |||
| 2817 | FIPS_rand_seeded 3259 NOEXIST::FUNCTION: | 2817 | FIPS_rand_seeded 3259 NOEXIST::FUNCTION: |
| 2818 | AES_cfbr_encrypt_block 3260 EXIST::FUNCTION:AES | 2818 | AES_cfbr_encrypt_block 3260 EXIST::FUNCTION:AES |
| 2819 | AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES | 2819 | AES_cfb8_encrypt 3261 EXIST::FUNCTION:AES |
| 2820 | FIPS_rand_seed 3262 NOEXIST::FUNCTION: | 2820 | FIPS_rand_seed 3262 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2821 | FIPS_corrupt_des 3263 NOEXIST::FUNCTION: | 2821 | FIPS_corrupt_des 3263 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2822 | EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES | 2822 | EVP_aes_192_cfb1 3264 EXIST::FUNCTION:AES |
| 2823 | FIPS_selftest_aes 3265 NOEXIST::FUNCTION: | 2823 | FIPS_selftest_aes 3265 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2824 | FIPS_set_prng_key 3266 NOEXIST::FUNCTION: | 2824 | FIPS_set_prng_key 3266 NOEXIST::FUNCTION: |
| 2825 | EVP_des_cfb8 3267 EXIST::FUNCTION:DES | 2825 | EVP_des_cfb8 3267 EXIST::FUNCTION:DES |
| 2826 | FIPS_corrupt_dsa 3268 NOEXIST::FUNCTION: | 2826 | FIPS_corrupt_dsa 3268 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2827 | FIPS_test_mode 3269 NOEXIST::FUNCTION: | 2827 | FIPS_test_mode 3269 NOEXIST::FUNCTION: |
| 2828 | FIPS_rand_method 3270 NOEXIST::FUNCTION: | 2828 | FIPS_rand_method 3270 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2829 | EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES | 2829 | EVP_aes_256_cfb1 3271 EXIST::FUNCTION:AES |
| 2830 | ERR_load_FIPS_strings 3272 NOEXIST::FUNCTION: | 2830 | ERR_load_FIPS_strings 3272 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2831 | FIPS_corrupt_aes 3273 NOEXIST::FUNCTION: | 2831 | FIPS_corrupt_aes 3273 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2832 | FIPS_selftest_sha1 3274 NOEXIST::FUNCTION: | 2832 | FIPS_selftest_sha1 3274 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2833 | FIPS_selftest_rsa 3275 NOEXIST::FUNCTION: | 2833 | FIPS_selftest_rsa 3275 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2834 | FIPS_corrupt_sha1 3276 NOEXIST::FUNCTION: | 2834 | FIPS_corrupt_sha1 3276 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2835 | EVP_des_cfb1 3277 EXIST::FUNCTION:DES | 2835 | EVP_des_cfb1 3277 EXIST::FUNCTION:DES |
| 2836 | FIPS_dsa_check 3278 NOEXIST::FUNCTION: | 2836 | FIPS_dsa_check 3278 NOEXIST::FUNCTION: |
| 2837 | AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES | 2837 | AES_cfb1_encrypt 3279 EXIST::FUNCTION:AES |
| 2838 | EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES | 2838 | EVP_des_ede3_cfb1 3280 EXIST::FUNCTION:DES |
| 2839 | FIPS_rand_check 3281 NOEXIST::FUNCTION: | 2839 | FIPS_rand_check 3281 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2840 | FIPS_md5_allowed 3282 NOEXIST::FUNCTION: | 2840 | FIPS_md5_allowed 3282 NOEXIST::FUNCTION: |
| 2841 | FIPS_mode 3283 NOEXIST::FUNCTION: | 2841 | FIPS_mode 3283 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2842 | FIPS_selftest_failed 3284 NOEXIST::FUNCTION: | 2842 | FIPS_selftest_failed 3284 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2843 | sk_is_sorted 3285 EXIST::FUNCTION: | 2843 | sk_is_sorted 3285 EXIST::FUNCTION: |
| 2844 | X509_check_ca 3286 EXIST::FUNCTION: | 2844 | X509_check_ca 3286 EXIST::FUNCTION: |
| 2845 | private_idea_set_encrypt_key 3287 NOEXIST::FUNCTION: | 2845 | private_idea_set_encrypt_key 3287 EXIST:OPENSSL_FIPS:FUNCTION:IDEA |
| 2846 | HMAC_CTX_set_flags 3288 NOEXIST::FUNCTION: | 2846 | HMAC_CTX_set_flags 3288 EXIST::FUNCTION:HMAC |
| 2847 | private_SHA_Init 3289 NOEXIST::FUNCTION: | 2847 | private_SHA_Init 3289 EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0 |
| 2848 | private_CAST_set_key 3290 NOEXIST::FUNCTION: | 2848 | private_CAST_set_key 3290 EXIST:OPENSSL_FIPS:FUNCTION:CAST |
| 2849 | private_RIPEMD160_Init 3291 NOEXIST::FUNCTION: | 2849 | private_RIPEMD160_Init 3291 EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD |
| 2850 | private_RC5_32_set_key 3292 NOEXIST::FUNCTION: | 2850 | private_RC5_32_set_key 3292 EXIST:OPENSSL_FIPS:FUNCTION:RC5 |
| 2851 | private_MD5_Init 3293 NOEXIST::FUNCTION: | 2851 | private_MD5_Init 3293 EXIST:OPENSSL_FIPS:FUNCTION:MD5 |
| 2852 | private_RC4_set_key 3294 NOEXIST::FUNCTION: | 2852 | private_RC4_set_key 3294 EXIST:OPENSSL_FIPS:FUNCTION:RC4 |
| 2853 | private_MDC2_Init 3295 NOEXIST::FUNCTION: | 2853 | private_MDC2_Init 3295 EXIST:OPENSSL_FIPS:FUNCTION:MDC2 |
| 2854 | private_RC2_set_key 3296 NOEXIST::FUNCTION: | 2854 | private_RC2_set_key 3296 EXIST:OPENSSL_FIPS:FUNCTION:RC2 |
| 2855 | private_MD4_Init 3297 NOEXIST::FUNCTION: | 2855 | private_MD4_Init 3297 EXIST:OPENSSL_FIPS:FUNCTION:MD4 |
| 2856 | private_BF_set_key 3298 NOEXIST::FUNCTION: | 2856 | private_BF_set_key 3298 EXIST:OPENSSL_FIPS:FUNCTION:BF |
| 2857 | private_MD2_Init 3299 NOEXIST::FUNCTION: | 2857 | private_MD2_Init 3299 EXIST:OPENSSL_FIPS:FUNCTION:MD2 |
| 2858 | d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION: | 2858 | d2i_PROXY_CERT_INFO_EXTENSION 3300 EXIST::FUNCTION: |
| 2859 | PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: | 2859 | PROXY_POLICY_it 3301 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: |
| 2860 | PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: | 2860 | PROXY_POLICY_it 3301 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: |
| @@ -2868,13 +2868,13 @@ PROXY_CERT_INFO_EXTENSION_it 3307 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTI | |||
| 2868 | PROXY_POLICY_free 3308 EXIST::FUNCTION: | 2868 | PROXY_POLICY_free 3308 EXIST::FUNCTION: |
| 2869 | PROXY_POLICY_new 3309 EXIST::FUNCTION: | 2869 | PROXY_POLICY_new 3309 EXIST::FUNCTION: |
| 2870 | BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION: | 2870 | BN_MONT_CTX_set_locked 3310 EXIST::FUNCTION: |
| 2871 | FIPS_selftest_rng 3311 NOEXIST::FUNCTION: | 2871 | FIPS_selftest_rng 3311 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2872 | EVP_sha384 3312 EXIST::FUNCTION:SHA,SHA512 | 2872 | EVP_sha384 3312 EXIST::FUNCTION:SHA,SHA512 |
| 2873 | EVP_sha512 3313 EXIST::FUNCTION:SHA,SHA512 | 2873 | EVP_sha512 3313 EXIST::FUNCTION:SHA,SHA512 |
| 2874 | EVP_sha224 3314 EXIST::FUNCTION:SHA,SHA256 | 2874 | EVP_sha224 3314 EXIST::FUNCTION:SHA,SHA256 |
| 2875 | EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256 | 2875 | EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256 |
| 2876 | FIPS_selftest_hmac 3316 NOEXIST::FUNCTION: | 2876 | FIPS_selftest_hmac 3316 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2877 | FIPS_corrupt_rng 3317 NOEXIST::FUNCTION: | 2877 | FIPS_corrupt_rng 3317 EXIST:OPENSSL_FIPS:FUNCTION: |
| 2878 | BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION: | 2878 | BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION: |
| 2879 | RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA | 2879 | RSA_X931_hash_id 3319 EXIST::FUNCTION:RSA |
| 2880 | RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA | 2880 | RSA_padding_check_X931 3320 EXIST::FUNCTION:RSA |
| @@ -2882,7 +2882,7 @@ RSA_verify_PKCS1_PSS 3321 EXIST::FUNCTION:RSA | |||
| 2882 | RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA | 2882 | RSA_padding_add_X931 3322 EXIST::FUNCTION:RSA |
| 2883 | RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA | 2883 | RSA_padding_add_PKCS1_PSS 3323 EXIST::FUNCTION:RSA |
| 2884 | PKCS1_MGF1 3324 EXIST::FUNCTION:RSA | 2884 | PKCS1_MGF1 3324 EXIST::FUNCTION:RSA |
| 2885 | BN_X931_generate_Xpq 3325 NOEXIST::FUNCTION: | 2885 | BN_X931_generate_Xpq 3325 EXIST::FUNCTION: |
| 2886 | RSA_X931_generate_key 3326 NOEXIST::FUNCTION: | 2886 | RSA_X931_generate_key 3326 NOEXIST::FUNCTION: |
| 2887 | BN_X931_derive_prime 3327 NOEXIST::FUNCTION: | 2887 | BN_X931_derive_prime 3327 NOEXIST::FUNCTION: |
| 2888 | BN_X931_generate_prime 3328 NOEXIST::FUNCTION: | 2888 | BN_X931_generate_prime 3328 NOEXIST::FUNCTION: |
| @@ -3652,3 +3652,75 @@ CMS_set1_eContentType 4040 EXIST::FUNCTION:CMS | |||
| 3652 | CMS_ReceiptRequest_create0 4041 EXIST::FUNCTION:CMS | 3652 | CMS_ReceiptRequest_create0 4041 EXIST::FUNCTION:CMS |
| 3653 | CMS_add1_signer 4042 EXIST::FUNCTION:CMS | 3653 | CMS_add1_signer 4042 EXIST::FUNCTION:CMS |
| 3654 | CMS_RecipientInfo_set0_pkey 4043 EXIST::FUNCTION:CMS | 3654 | CMS_RecipientInfo_set0_pkey 4043 EXIST::FUNCTION:CMS |
| 3655 | ENGINE_set_load_ssl_client_cert_function 4044 EXIST:!VMS:FUNCTION:ENGINE | ||
| 3656 | ENGINE_set_ld_ssl_clnt_cert_fn 4044 EXIST:VMS:FUNCTION:ENGINE | ||
| 3657 | ENGINE_get_ssl_client_cert_function 4045 EXIST:!VMS:FUNCTION:ENGINE | ||
| 3658 | ENGINE_get_ssl_client_cert_fn 4045 EXIST:VMS:FUNCTION:ENGINE | ||
| 3659 | ENGINE_load_ssl_client_cert 4046 EXIST::FUNCTION:ENGINE | ||
| 3660 | ENGINE_load_capi 4047 EXIST::FUNCTION:CAPIENG,ENGINE | ||
| 3661 | OPENSSL_isservice 4048 EXIST::FUNCTION: | ||
| 3662 | FIPS_dsa_sig_decode 4049 EXIST:OPENSSL_FIPS:FUNCTION:DSA | ||
| 3663 | EVP_CIPHER_CTX_clear_flags 4050 EXIST::FUNCTION: | ||
| 3664 | FIPS_rand_status 4051 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3665 | FIPS_rand_set_key 4052 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3666 | CRYPTO_set_mem_info_functions 4053 EXIST::FUNCTION: | ||
| 3667 | RSA_X931_generate_key_ex 4054 EXIST::FUNCTION:RSA | ||
| 3668 | int_ERR_set_state_func 4055 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3669 | int_EVP_MD_set_engine_callbacks 4056 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE | ||
| 3670 | int_CRYPTO_set_do_dynlock_callback 4057 EXIST::FUNCTION: | ||
| 3671 | FIPS_rng_stick 4058 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3672 | EVP_CIPHER_CTX_set_flags 4059 EXIST::FUNCTION: | ||
| 3673 | BN_X931_generate_prime_ex 4060 EXIST::FUNCTION: | ||
| 3674 | FIPS_selftest_check 4061 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3675 | FIPS_rand_set_dt 4062 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3676 | CRYPTO_dbg_pop_info 4063 EXIST::FUNCTION: | ||
| 3677 | FIPS_dsa_free 4064 EXIST:OPENSSL_FIPS:FUNCTION:DSA | ||
| 3678 | RSA_X931_derive_ex 4065 EXIST::FUNCTION:RSA | ||
| 3679 | FIPS_rsa_new 4066 EXIST:OPENSSL_FIPS:FUNCTION:RSA | ||
| 3680 | FIPS_rand_bytes 4067 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3681 | fips_cipher_test 4068 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3682 | EVP_CIPHER_CTX_test_flags 4069 EXIST::FUNCTION: | ||
| 3683 | CRYPTO_malloc_debug_init 4070 EXIST::FUNCTION: | ||
| 3684 | CRYPTO_dbg_push_info 4071 EXIST::FUNCTION: | ||
| 3685 | FIPS_corrupt_rsa_keygen 4072 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3686 | FIPS_dh_new 4073 EXIST:OPENSSL_FIPS:FUNCTION:DH | ||
| 3687 | FIPS_corrupt_dsa_keygen 4074 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3688 | FIPS_dh_free 4075 EXIST:OPENSSL_FIPS:FUNCTION:DH | ||
| 3689 | fips_pkey_signature_test 4076 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3690 | EVP_add_alg_module 4077 EXIST::FUNCTION: | ||
| 3691 | int_RAND_init_engine_callbacks 4078 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE | ||
| 3692 | int_EVP_CIPHER_set_engine_callbacks 4079 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE | ||
| 3693 | int_EVP_MD_init_engine_callbacks 4080 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE | ||
| 3694 | FIPS_rand_test_mode 4081 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3695 | FIPS_rand_reset 4082 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3696 | FIPS_dsa_new 4083 EXIST:OPENSSL_FIPS:FUNCTION:DSA | ||
| 3697 | int_RAND_set_callbacks 4084 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE | ||
| 3698 | BN_X931_derive_prime_ex 4085 EXIST::FUNCTION: | ||
| 3699 | int_ERR_lib_init 4086 EXIST:OPENSSL_FIPS:FUNCTION: | ||
| 3700 | int_EVP_CIPHER_init_engine_callbacks 4087 EXIST:OPENSSL_FIPS:FUNCTION:ENGINE | ||
| 3701 | FIPS_rsa_free 4088 EXIST:OPENSSL_FIPS:FUNCTION:RSA | ||
| 3702 | FIPS_dsa_sig_encode 4089 EXIST:OPENSSL_FIPS:FUNCTION:DSA | ||
| 3703 | CRYPTO_dbg_remove_all_info 4090 EXIST::FUNCTION: | ||
| 3704 | OPENSSL_init 4091 EXIST::FUNCTION: | ||
| 3705 | private_Camellia_set_key 4092 EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA | ||
| 3706 | CRYPTO_strdup 4093 EXIST::FUNCTION: | ||
| 3707 | JPAKE_STEP3A_process 4094 EXIST::FUNCTION:JPAKE | ||
| 3708 | JPAKE_STEP1_release 4095 EXIST::FUNCTION:JPAKE | ||
| 3709 | JPAKE_get_shared_key 4096 EXIST::FUNCTION:JPAKE | ||
| 3710 | JPAKE_STEP3B_init 4097 EXIST::FUNCTION:JPAKE | ||
| 3711 | JPAKE_STEP1_generate 4098 EXIST::FUNCTION:JPAKE | ||
| 3712 | JPAKE_STEP1_init 4099 EXIST::FUNCTION:JPAKE | ||
| 3713 | JPAKE_STEP3B_process 4100 EXIST::FUNCTION:JPAKE | ||
| 3714 | JPAKE_STEP2_generate 4101 EXIST::FUNCTION:JPAKE | ||
| 3715 | JPAKE_CTX_new 4102 EXIST::FUNCTION:JPAKE | ||
| 3716 | JPAKE_CTX_free 4103 EXIST::FUNCTION:JPAKE | ||
| 3717 | JPAKE_STEP3B_release 4104 EXIST::FUNCTION:JPAKE | ||
| 3718 | JPAKE_STEP3A_release 4105 EXIST::FUNCTION:JPAKE | ||
| 3719 | JPAKE_STEP2_process 4106 EXIST::FUNCTION:JPAKE | ||
| 3720 | JPAKE_STEP3B_generate 4107 EXIST::FUNCTION:JPAKE | ||
| 3721 | JPAKE_STEP1_process 4108 EXIST::FUNCTION:JPAKE | ||
| 3722 | JPAKE_STEP3A_generate 4109 EXIST::FUNCTION:JPAKE | ||
| 3723 | JPAKE_STEP2_release 4110 EXIST::FUNCTION:JPAKE | ||
| 3724 | JPAKE_STEP3A_init 4111 EXIST::FUNCTION:JPAKE | ||
| 3725 | ERR_load_JPAKE_strings 4112 EXIST::FUNCTION:JPAKE | ||
| 3726 | JPAKE_STEP2_init 4113 EXIST::FUNCTION:JPAKE | ||
diff --git a/src/lib/libssl/src/util/mk1mf.pl b/src/lib/libssl/src/util/mk1mf.pl index 1ac5fd3a50..f2b92b2b25 100644 --- a/src/lib/libssl/src/util/mk1mf.pl +++ b/src/lib/libssl/src/util/mk1mf.pl | |||
| @@ -15,6 +15,18 @@ my $engines = ""; | |||
| 15 | local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic | 15 | local $zlib_opt = 0; # 0 = no zlib, 1 = static, 2 = dynamic |
| 16 | local $zlib_lib = ""; | 16 | local $zlib_lib = ""; |
| 17 | 17 | ||
| 18 | local $fips_canister_path = ""; | ||
| 19 | my $fips_premain_dso_exe_path = ""; | ||
| 20 | my $fips_premain_c_path = ""; | ||
| 21 | my $fips_sha1_exe_path = ""; | ||
| 22 | |||
| 23 | local $fipscanisterbuild = 0; | ||
| 24 | local $fipsdso = 0; | ||
| 25 | |||
| 26 | my $fipslibdir = ""; | ||
| 27 | my $baseaddr = ""; | ||
| 28 | |||
| 29 | my $ex_l_libs = ""; | ||
| 18 | 30 | ||
| 19 | open(IN,"<Makefile") || die "unable to open Makefile!\n"; | 31 | open(IN,"<Makefile") || die "unable to open Makefile!\n"; |
| 20 | while(<IN>) { | 32 | while(<IN>) { |
| @@ -221,6 +233,8 @@ $cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2; | |||
| 221 | $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; | 233 | $cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3; |
| 222 | $cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext; | 234 | $cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext; |
| 223 | $cflags.=" -DOPENSSL_NO_CMS" if $no_cms; | 235 | $cflags.=" -DOPENSSL_NO_CMS" if $no_cms; |
| 236 | $cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake; | ||
| 237 | $cflags.=" -DOPENSSL_NO_CAPIENG" if $no_capieng; | ||
| 224 | $cflags.=" -DOPENSSL_NO_ERR" if $no_err; | 238 | $cflags.=" -DOPENSSL_NO_ERR" if $no_err; |
| 225 | $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; | 239 | $cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5; |
| 226 | $cflags.=" -DOPENSSL_NO_EC" if $no_ec; | 240 | $cflags.=" -DOPENSSL_NO_EC" if $no_ec; |
| @@ -228,7 +242,7 @@ $cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa; | |||
| 228 | $cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh; | 242 | $cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh; |
| 229 | $cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; | 243 | $cflags.=" -DOPENSSL_NO_ENGINE" if $no_engine; |
| 230 | $cflags.=" -DOPENSSL_NO_HW" if $no_hw; | 244 | $cflags.=" -DOPENSSL_NO_HW" if $no_hw; |
| 231 | 245 | $cflags.=" -DOPENSSL_FIPS" if $fips; | |
| 232 | $cflags.= " -DZLIB" if $zlib_opt; | 246 | $cflags.= " -DZLIB" if $zlib_opt; |
| 233 | $cflags.= " -DZLIB_SHARED" if $zlib_opt == 2; | 247 | $cflags.= " -DZLIB_SHARED" if $zlib_opt == 2; |
| 234 | 248 | ||
| @@ -250,9 +264,9 @@ else | |||
| 250 | 264 | ||
| 251 | $ex_libs="$l_flags$ex_libs" if ($l_flags ne ""); | 265 | $ex_libs="$l_flags$ex_libs" if ($l_flags ne ""); |
| 252 | 266 | ||
| 253 | |||
| 254 | %shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL", | 267 | %shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL", |
| 255 | "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO"); | 268 | "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO", |
| 269 | "FIPS" => " -DOPENSSL_BUILD_SHLIBCRYPTO"); | ||
| 256 | 270 | ||
| 257 | if ($msdos) | 271 | if ($msdos) |
| 258 | { | 272 | { |
| @@ -280,11 +294,21 @@ for (;;) | |||
| 280 | { | 294 | { |
| 281 | if ($lib ne "") | 295 | if ($lib ne "") |
| 282 | { | 296 | { |
| 283 | $uc=$lib; | 297 | if ($fips && $dir =~ /^fips/) |
| 284 | $uc =~ s/^lib(.*)\.a/$1/; | 298 | { |
| 285 | $uc =~ tr/a-z/A-Z/; | 299 | $uc = "FIPS"; |
| 286 | $lib_nam{$uc}=$uc; | 300 | } |
| 287 | $lib_obj{$uc}.=$libobj." "; | 301 | else |
| 302 | { | ||
| 303 | $uc=$lib; | ||
| 304 | $uc =~ s/^lib(.*)\.a/$1/; | ||
| 305 | $uc =~ tr/a-z/A-Z/; | ||
| 306 | } | ||
| 307 | if (($uc ne "FIPS") || $fipscanisterbuild) | ||
| 308 | { | ||
| 309 | $lib_nam{$uc}=$uc; | ||
| 310 | $lib_obj{$uc}.=$libobj." "; | ||
| 311 | } | ||
| 288 | } | 312 | } |
| 289 | last if ($val eq "FINISHED"); | 313 | last if ($val eq "FINISHED"); |
| 290 | $lib=""; | 314 | $lib=""; |
| @@ -327,11 +351,130 @@ for (;;) | |||
| 327 | if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine) | 351 | if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine) |
| 328 | { $engines.=$val } | 352 | { $engines.=$val } |
| 329 | 353 | ||
| 354 | if ($key eq "FIPS_EX_OBJ") | ||
| 355 | { | ||
| 356 | $fips_ex_obj=&var_add("crypto",$val,0); | ||
| 357 | } | ||
| 358 | |||
| 359 | if ($key eq "FIPSLIBDIR") | ||
| 360 | { | ||
| 361 | $fipslibdir=$val; | ||
| 362 | $fipslibdir =~ s/\/$//; | ||
| 363 | $fipslibdir =~ s/\//$o/g; | ||
| 364 | } | ||
| 365 | |||
| 366 | if ($key eq "BASEADDR") | ||
| 367 | { $baseaddr=$val;} | ||
| 368 | |||
| 330 | if (!($_=<IN>)) | 369 | if (!($_=<IN>)) |
| 331 | { $_="RELATIVE_DIRECTORY=FINISHED\n"; } | 370 | { $_="RELATIVE_DIRECTORY=FINISHED\n"; } |
| 332 | } | 371 | } |
| 333 | close(IN); | 372 | close(IN); |
| 334 | 373 | ||
| 374 | if ($fips) | ||
| 375 | { | ||
| 376 | |||
| 377 | foreach (split " ", $fips_ex_obj) | ||
| 378 | { | ||
| 379 | $fips_exclude_obj{$1} = 1 if (/\/([^\/]*)$/); | ||
| 380 | } | ||
| 381 | |||
| 382 | $fips_exclude_obj{"cpu_win32"} = 1; | ||
| 383 | $fips_exclude_obj{"bn_asm"} = 1; | ||
| 384 | $fips_exclude_obj{"des_enc"} = 1; | ||
| 385 | $fips_exclude_obj{"fcrypt_b"} = 1; | ||
| 386 | $fips_exclude_obj{"aes_core"} = 1; | ||
| 387 | $fips_exclude_obj{"aes_cbc"} = 1; | ||
| 388 | |||
| 389 | my @ltmp = split " ", $lib_obj{"CRYPTO"}; | ||
| 390 | |||
| 391 | |||
| 392 | $lib_obj{"CRYPTO"} = ""; | ||
| 393 | |||
| 394 | foreach(@ltmp) | ||
| 395 | { | ||
| 396 | if (/\/([^\/]*)$/ && exists $fips_exclude_obj{$1}) | ||
| 397 | { | ||
| 398 | if ($fipscanisterbuild) | ||
| 399 | { | ||
| 400 | $lib_obj{"FIPS"} .= "$_ "; | ||
| 401 | } | ||
| 402 | } | ||
| 403 | else | ||
| 404 | { | ||
| 405 | $lib_obj{"CRYPTO"} .= "$_ "; | ||
| 406 | } | ||
| 407 | } | ||
| 408 | |||
| 409 | } | ||
| 410 | |||
| 411 | if ($fipscanisterbuild) | ||
| 412 | { | ||
| 413 | $fips_canister_path = "\$(LIB_D)${o}fipscanister.lib" if $fips_canister_path eq ""; | ||
| 414 | $fips_premain_c_path = "\$(LIB_D)${o}fips_premain.c"; | ||
| 415 | } | ||
| 416 | else | ||
| 417 | { | ||
| 418 | if ($fips_canister_path eq "") | ||
| 419 | { | ||
| 420 | $fips_canister_path = "\$(FIPSLIB_D)${o}fipscanister.lib"; | ||
| 421 | } | ||
| 422 | |||
| 423 | if ($fips_premain_c_path eq "") | ||
| 424 | { | ||
| 425 | $fips_premain_c_path = "\$(FIPSLIB_D)${o}fips_premain.c"; | ||
| 426 | } | ||
| 427 | } | ||
| 428 | |||
| 429 | if ($fips) | ||
| 430 | { | ||
| 431 | if ($fips_sha1_exe_path eq "") | ||
| 432 | { | ||
| 433 | $fips_sha1_exe_path = | ||
| 434 | "\$(BIN_D)${o}fips_standalone_sha1$exep"; | ||
| 435 | } | ||
| 436 | } | ||
| 437 | else | ||
| 438 | { | ||
| 439 | $fips_sha1_exe_path = ""; | ||
| 440 | } | ||
| 441 | |||
| 442 | if ($fips_premain_dso_exe_path eq "") | ||
| 443 | { | ||
| 444 | $fips_premain_dso_exe_path = "\$(BIN_D)${o}fips_premain_dso$exep"; | ||
| 445 | } | ||
| 446 | |||
| 447 | # $ex_build_targets .= "\$(BIN_D)${o}\$(E_PREMAIN_DSO)$exep" if ($fips); | ||
| 448 | |||
| 449 | #$ex_l_libs .= " \$(L_FIPS)" if $fipsdso; | ||
| 450 | |||
| 451 | if ($fips) | ||
| 452 | { | ||
| 453 | if (!$shlib) | ||
| 454 | { | ||
| 455 | $ex_build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)"; | ||
| 456 | $ex_l_libs .= " \$(O_FIPSCANISTER)"; | ||
| 457 | $ex_libs_dep .= " \$(O_FIPSCANISTER)" if $fipscanisterbuild; | ||
| 458 | } | ||
| 459 | if ($fipscanisterbuild) | ||
| 460 | { | ||
| 461 | $fipslibdir = "\$(LIB_D)"; | ||
| 462 | } | ||
| 463 | else | ||
| 464 | { | ||
| 465 | if ($fipslibdir eq "") | ||
| 466 | { | ||
| 467 | open (IN, "util/fipslib_path.txt") || fipslib_error(); | ||
| 468 | $fipslibdir = <IN>; | ||
| 469 | chomp $fipslibdir; | ||
| 470 | close IN; | ||
| 471 | } | ||
| 472 | fips_check_files($fipslibdir, | ||
| 473 | "fipscanister.lib", "fipscanister.lib.sha1", | ||
| 474 | "fips_premain.c", "fips_premain.c.sha1"); | ||
| 475 | } | ||
| 476 | } | ||
| 477 | |||
| 335 | if ($shlib) | 478 | if ($shlib) |
| 336 | { | 479 | { |
| 337 | $extra_install= <<"EOF"; | 480 | $extra_install= <<"EOF"; |
| @@ -397,6 +540,7 @@ SRC_D=$src_dir | |||
| 397 | LINK=$link | 540 | LINK=$link |
| 398 | LFLAGS=$lflags | 541 | LFLAGS=$lflags |
| 399 | RSC=$rsc | 542 | RSC=$rsc |
| 543 | FIPSLINK=\$(PERL) util${o}fipslink.pl | ||
| 400 | 544 | ||
| 401 | AES_ASM_OBJ=$aes_asm_obj | 545 | AES_ASM_OBJ=$aes_asm_obj |
| 402 | AES_ASM_SRC=$aes_asm_src | 546 | AES_ASM_SRC=$aes_asm_src |
| @@ -440,6 +584,17 @@ MKLIB=$bin_dir$mklib | |||
| 440 | MLFLAGS=$mlflags | 584 | MLFLAGS=$mlflags |
| 441 | ASM=$bin_dir$asm | 585 | ASM=$bin_dir$asm |
| 442 | 586 | ||
| 587 | # FIPS validated module and support file locations | ||
| 588 | |||
| 589 | E_PREMAIN_DSO=fips_premain_dso | ||
| 590 | |||
| 591 | FIPSLIB_D=$fipslibdir | ||
| 592 | BASEADDR=$baseaddr | ||
| 593 | FIPS_PREMAIN_SRC=$fips_premain_c_path | ||
| 594 | O_FIPSCANISTER=$fips_canister_path | ||
| 595 | FIPS_SHA1_EXE=$fips_sha1_exe_path | ||
| 596 | PREMAIN_DSO_EXE=$fips_premain_dso_exe_path | ||
| 597 | |||
| 443 | ###################################################### | 598 | ###################################################### |
| 444 | # You should not need to touch anything below this point | 599 | # You should not need to touch anything below this point |
| 445 | ###################################################### | 600 | ###################################################### |
| @@ -447,6 +602,7 @@ ASM=$bin_dir$asm | |||
| 447 | E_EXE=openssl | 602 | E_EXE=openssl |
| 448 | SSL=$ssl | 603 | SSL=$ssl |
| 449 | CRYPTO=$crypto | 604 | CRYPTO=$crypto |
| 605 | LIBFIPS=libosslfips | ||
| 450 | 606 | ||
| 451 | # BIN_D - Binary output directory | 607 | # BIN_D - Binary output directory |
| 452 | # TEST_D - Binary test file output directory | 608 | # TEST_D - Binary test file output directory |
| @@ -467,12 +623,14 @@ INCL_D=\$(TMP_D) | |||
| 467 | 623 | ||
| 468 | O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp | 624 | O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp |
| 469 | O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp | 625 | O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp |
| 626 | O_FIPS= \$(LIB_D)$o$plib\$(LIBFIPS)$shlibp | ||
| 470 | SO_SSL= $plib\$(SSL)$so_shlibp | 627 | SO_SSL= $plib\$(SSL)$so_shlibp |
| 471 | SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp | 628 | SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp |
| 472 | L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp | 629 | L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp |
| 473 | L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp | 630 | L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp |
| 631 | L_FIPS= \$(LIB_D)$o$plib\$(LIBFIPS)$libp | ||
| 474 | 632 | ||
| 475 | L_LIBS= \$(L_SSL) \$(L_CRYPTO) | 633 | L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs |
| 476 | 634 | ||
| 477 | ###################################################### | 635 | ###################################################### |
| 478 | # Don't touch anything below this point | 636 | # Don't touch anything below this point |
| @@ -482,13 +640,13 @@ INC=-I\$(INC_D) -I\$(INCL_D) | |||
| 482 | APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG) | 640 | APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG) |
| 483 | LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) | 641 | LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) |
| 484 | SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG) | 642 | SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG) |
| 485 | LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) | 643 | LIBS_DEP=\$(O_CRYPTO) \$(O_SSL) $ex_libs_dep |
| 486 | 644 | ||
| 487 | ############################################# | 645 | ############################################# |
| 488 | EOF | 646 | EOF |
| 489 | 647 | ||
| 490 | $rules=<<"EOF"; | 648 | $rules=<<"EOF"; |
| 491 | all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe | 649 | all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers \$(FIPS_SHA1_EXE) lib exe $ex_build_targets |
| 492 | 650 | ||
| 493 | banner: | 651 | banner: |
| 494 | $banner | 652 | $banner |
| @@ -603,6 +761,26 @@ $rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)"); | |||
| 603 | $defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj); | 761 | $defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj); |
| 604 | $rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)'); | 762 | $rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)'); |
| 605 | 763 | ||
| 764 | # Special case rules for fips_start and fips_end fips_premain_dso | ||
| 765 | |||
| 766 | if ($fips) | ||
| 767 | { | ||
| 768 | if ($fipscanisterbuild) | ||
| 769 | { | ||
| 770 | $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_start$obj", | ||
| 771 | "fips${o}fips_canister.c", | ||
| 772 | "-DFIPS_START \$(SHLIB_CFLAGS)"); | ||
| 773 | $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_end$obj", | ||
| 774 | "fips${o}fips_canister.c", "\$(SHLIB_CFLAGS)"); | ||
| 775 | } | ||
| 776 | $rules.=&cc_compile_target("\$(OBJ_D)${o}fips_standalone_sha1$obj", | ||
| 777 | "fips${o}sha${o}fips_standalone_sha1.c", | ||
| 778 | "\$(SHLIB_CFLAGS)"); | ||
| 779 | $rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj", | ||
| 780 | "fips${o}fips_premain.c", | ||
| 781 | "-DFINGERPRINT_PREMAIN_DSO_LOAD \$(SHLIB_CFLAGS)"); | ||
| 782 | } | ||
| 783 | |||
| 606 | foreach (values %lib_nam) | 784 | foreach (values %lib_nam) |
| 607 | { | 785 | { |
| 608 | $lib_obj=$lib_obj{$_}; | 786 | $lib_obj=$lib_obj{$_}; |
| @@ -613,27 +791,41 @@ foreach (values %lib_nam) | |||
| 613 | $rules.="\$(O_SSL):\n\n"; | 791 | $rules.="\$(O_SSL):\n\n"; |
| 614 | next; | 792 | next; |
| 615 | } | 793 | } |
| 616 | if (($aes_asm_obj ne "") && ($_ eq "CRYPTO")) | 794 | |
| 617 | { | 795 | if ((!$fips && ($_ eq "CRYPTO")) || ($fips && ($_ eq "FIPS"))) |
| 618 | $lib_obj =~ s/\s(\S*\/aes_core\S*)/ \$(AES_ASM_OBJ)/; | ||
| 619 | $lib_obj =~ s/\s\S*\/aes_cbc\S*//; | ||
| 620 | $rules.=&do_asm_rule($aes_asm_obj,$aes_asm_src); | ||
| 621 | } | ||
| 622 | if (($bn_asm_obj ne "") && ($_ eq "CRYPTO")) | ||
| 623 | { | ||
| 624 | $lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/; | ||
| 625 | $rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src); | ||
| 626 | } | ||
| 627 | if (($bnco_asm_obj ne "") && ($_ eq "CRYPTO")) | ||
| 628 | { | ||
| 629 | $lib_obj .= "\$(BNCO_ASM_OBJ)"; | ||
| 630 | $rules.=&do_asm_rule($bnco_asm_obj,$bnco_asm_src); | ||
| 631 | } | ||
| 632 | if (($des_enc_obj ne "") && ($_ eq "CRYPTO")) | ||
| 633 | { | 796 | { |
| 634 | $lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/; | 797 | if ($cpuid_asm_obj ne "") |
| 635 | $lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /; | 798 | { |
| 636 | $rules.=&do_asm_rule($des_enc_obj,$des_enc_src); | 799 | $lib_obj =~ s/(\S*\/cryptlib\S*)/$1 \$(CPUID_ASM_OBJ)/; |
| 800 | $rules.=&do_asm_rule($cpuid_asm_obj,$cpuid_asm_src); | ||
| 801 | } | ||
| 802 | if ($aes_asm_obj ne "") | ||
| 803 | { | ||
| 804 | $lib_obj =~ s/\s(\S*\/aes_core\S*)/ \$(AES_ASM_OBJ)/; | ||
| 805 | $lib_obj =~ s/\s\S*\/aes_cbc\S*//; | ||
| 806 | $rules.=&do_asm_rule($aes_asm_obj,$aes_asm_src); | ||
| 807 | } | ||
| 808 | if ($sha1_asm_obj ne "") | ||
| 809 | { | ||
| 810 | $lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/; | ||
| 811 | $rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src); | ||
| 812 | } | ||
| 813 | if ($bn_asm_obj ne "") | ||
| 814 | { | ||
| 815 | $lib_obj =~ s/\s\S*\/bn_asm\S*/ \$(BN_ASM_OBJ)/; | ||
| 816 | $rules.=&do_asm_rule($bn_asm_obj,$bn_asm_src); | ||
| 817 | } | ||
| 818 | if ($bnco_asm_obj ne "") | ||
| 819 | { | ||
| 820 | $lib_obj .= "\$(BNCO_ASM_OBJ)"; | ||
| 821 | $rules.=&do_asm_rule($bnco_asm_obj,$bnco_asm_src); | ||
| 822 | } | ||
| 823 | if ($des_enc_obj ne "") | ||
| 824 | { | ||
| 825 | $lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/; | ||
| 826 | $lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /; | ||
| 827 | $rules.=&do_asm_rule($des_enc_obj,$des_enc_src); | ||
| 828 | } | ||
| 637 | } | 829 | } |
| 638 | if (($bf_enc_obj ne "") && ($_ eq "CRYPTO")) | 830 | if (($bf_enc_obj ne "") && ($_ eq "CRYPTO")) |
| 639 | { | 831 | { |
| @@ -660,21 +852,11 @@ foreach (values %lib_nam) | |||
| 660 | $lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/; | 852 | $lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/; |
| 661 | $rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src); | 853 | $rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src); |
| 662 | } | 854 | } |
| 663 | if (($sha1_asm_obj ne "") && ($_ eq "CRYPTO")) | ||
| 664 | { | ||
| 665 | $lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/; | ||
| 666 | $rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src); | ||
| 667 | } | ||
| 668 | if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO")) | 855 | if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO")) |
| 669 | { | 856 | { |
| 670 | $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/; | 857 | $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/; |
| 671 | $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src); | 858 | $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src); |
| 672 | } | 859 | } |
| 673 | if (($cpuid_asm_obj ne "") && ($_ eq "CRYPTO")) | ||
| 674 | { | ||
| 675 | $lib_obj =~ s/\s(\S*\/cversion\S*)/ $1 \$(CPUID_ASM_OBJ)/; | ||
| 676 | $rules.=&do_asm_rule($cpuid_asm_obj,$cpuid_asm_src); | ||
| 677 | } | ||
| 678 | $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj); | 860 | $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj); |
| 679 | $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)"; | 861 | $lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)"; |
| 680 | $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib); | 862 | $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib); |
| @@ -689,15 +871,43 @@ if (($platform eq "VC-WIN32") || ($platform eq "VC-NT")) { | |||
| 689 | \$(OBJ_D)\\\$(SSL).res: ms\\version32.rc | 871 | \$(OBJ_D)\\\$(SSL).res: ms\\version32.rc |
| 690 | \$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc | 872 | \$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc |
| 691 | 873 | ||
| 874 | \$(OBJ_D)\\\$(LIBFIPS).res: ms\\version32.rc | ||
| 875 | \$(RSC) /fo"\$(OBJ_D)\\\$(LIBFIPS).res" /d FIPS ms\\version32.rc | ||
| 876 | |||
| 692 | EOF | 877 | EOF |
| 693 | } | 878 | } |
| 694 | 879 | ||
| 695 | $defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep); | 880 | $defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep); |
| 696 | foreach (split(/\s+/,$test)) | 881 | foreach (split(/\s+/,$test)) |
| 697 | { | 882 | { |
| 883 | my $t_libs; | ||
| 698 | $t=&bname($_); | 884 | $t=&bname($_); |
| 885 | my $ltype; | ||
| 886 | # Check to see if test program is FIPS | ||
| 887 | if ($fips && /fips/) | ||
| 888 | { | ||
| 889 | # If fipsdso link to libosslfips.dll | ||
| 890 | # otherwise perform static link to | ||
| 891 | # $(O_FIPSCANISTER) | ||
| 892 | if ($fipsdso) | ||
| 893 | { | ||
| 894 | $t_libs = "\$(L_FIPS)"; | ||
| 895 | $ltype = 0; | ||
| 896 | } | ||
| 897 | else | ||
| 898 | { | ||
| 899 | $t_libs = "\$(O_FIPSCANISTER)"; | ||
| 900 | $ltype = 2; | ||
| 901 | } | ||
| 902 | } | ||
| 903 | else | ||
| 904 | { | ||
| 905 | $t_libs = "\$(L_LIBS)"; | ||
| 906 | $ltype = 0; | ||
| 907 | } | ||
| 908 | |||
| 699 | $tt="\$(OBJ_D)${o}$t${obj}"; | 909 | $tt="\$(OBJ_D)${o}$t${obj}"; |
| 700 | $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); | 910 | $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","$t_libs \$(EX_LIBS)", $ltype); |
| 701 | } | 911 | } |
| 702 | 912 | ||
| 703 | $defs.=&do_defs("E_SHLIB",$engines,"\$(ENG_D)",$shlibp); | 913 | $defs.=&do_defs("E_SHLIB",$engines,"\$(ENG_D)",$shlibp); |
| @@ -711,9 +921,69 @@ foreach (split(/\s+/,$engines)) | |||
| 711 | 921 | ||
| 712 | 922 | ||
| 713 | $rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); | 923 | $rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)"); |
| 714 | $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)"); | ||
| 715 | 924 | ||
| 716 | $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)"); | 925 | if ($fips) |
| 926 | { | ||
| 927 | if ($shlib) | ||
| 928 | { | ||
| 929 | if ($fipsdso) | ||
| 930 | { | ||
| 931 | $rules.= &do_lib_rule("\$(CRYPTOOBJ)", | ||
| 932 | "\$(O_CRYPTO)", "$crypto", | ||
| 933 | $shlib, "", ""); | ||
| 934 | $rules.= &do_lib_rule( | ||
| 935 | "\$(O_FIPSCANISTER)", | ||
| 936 | "\$(O_FIPS)", "\$(LIBFIPS)", | ||
| 937 | $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)"); | ||
| 938 | $rules.= &do_sdef_rule(); | ||
| 939 | } | ||
| 940 | else | ||
| 941 | { | ||
| 942 | $rules.= &do_lib_rule( | ||
| 943 | "\$(CRYPTOOBJ) \$(O_FIPSCANISTER)", | ||
| 944 | "\$(O_CRYPTO)", "$crypto", | ||
| 945 | $shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)"); | ||
| 946 | } | ||
| 947 | } | ||
| 948 | else | ||
| 949 | { | ||
| 950 | $rules.= &do_lib_rule("\$(CRYPTOOBJ)", | ||
| 951 | "\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", ""); | ||
| 952 | $rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(FIPSOBJ)", | ||
| 953 | "\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", ""); | ||
| 954 | } | ||
| 955 | } | ||
| 956 | else | ||
| 957 | { | ||
| 958 | $rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib, | ||
| 959 | "\$(SO_CRYPTO)"); | ||
| 960 | } | ||
| 961 | |||
| 962 | if ($fips) | ||
| 963 | { | ||
| 964 | if ($fipscanisterbuild) | ||
| 965 | { | ||
| 966 | $rules.= &do_rlink_rule("\$(O_FIPSCANISTER)", | ||
| 967 | "\$(OBJ_D)${o}fips_start$obj", | ||
| 968 | "\$(FIPSOBJ)", | ||
| 969 | "\$(OBJ_D)${o}fips_end$obj", | ||
| 970 | "\$(FIPS_SHA1_EXE)", ""); | ||
| 971 | $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)", | ||
| 972 | "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(OBJ_D)${o}sha1dgst$obj \$(SHA1_ASM_OBJ)", | ||
| 973 | "","\$(EX_LIBS)", 1); | ||
| 974 | } | ||
| 975 | else | ||
| 976 | { | ||
| 977 | $rules.=&do_link_rule("\$(FIPS_SHA1_EXE)", | ||
| 978 | "\$(OBJ_D)${o}fips_standalone_sha1$obj \$(O_FIPSCANISTER)", | ||
| 979 | "","", 1); | ||
| 980 | |||
| 981 | } | ||
| 982 | $rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1); | ||
| 983 | |||
| 984 | } | ||
| 985 | |||
| 986 | $rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0); | ||
| 717 | 987 | ||
| 718 | print $defs; | 988 | print $defs; |
| 719 | 989 | ||
| @@ -751,6 +1021,8 @@ sub var_add | |||
| 751 | return("") if $no_dh && $dir =~ /\/dh/; | 1021 | return("") if $no_dh && $dir =~ /\/dh/; |
| 752 | return("") if $no_ec && $dir =~ /\/ec/; | 1022 | return("") if $no_ec && $dir =~ /\/ec/; |
| 753 | return("") if $no_cms && $dir =~ /\/cms/; | 1023 | return("") if $no_cms && $dir =~ /\/cms/; |
| 1024 | return("") if $no_jpake && $dir =~ /\/jpake/; | ||
| 1025 | return("") if !$fips && $dir =~ /^fips/; | ||
| 754 | if ($no_des && $dir =~ /\/des/) | 1026 | if ($no_des && $dir =~ /\/des/) |
| 755 | { | 1027 | { |
| 756 | if ($val =~ /read_pwd/) | 1028 | if ($val =~ /read_pwd/) |
| @@ -1010,6 +1282,7 @@ sub read_options | |||
| 1010 | "no-hmac" => \$no_hmac, | 1282 | "no-hmac" => \$no_hmac, |
| 1011 | "no-asm" => \$no_asm, | 1283 | "no-asm" => \$no_asm, |
| 1012 | "nasm" => \$nasm, | 1284 | "nasm" => \$nasm, |
| 1285 | "ml64" => \$ml64, | ||
| 1013 | "nw-nasm" => \$nw_nasm, | 1286 | "nw-nasm" => \$nw_nasm, |
| 1014 | "nw-mwasm" => \$nw_mwasm, | 1287 | "nw-mwasm" => \$nw_mwasm, |
| 1015 | "gaswin" => \$gaswin, | 1288 | "gaswin" => \$gaswin, |
| @@ -1017,6 +1290,8 @@ sub read_options | |||
| 1017 | "no-ssl3" => \$no_ssl3, | 1290 | "no-ssl3" => \$no_ssl3, |
| 1018 | "no-tlsext" => \$no_tlsext, | 1291 | "no-tlsext" => \$no_tlsext, |
| 1019 | "no-cms" => \$no_cms, | 1292 | "no-cms" => \$no_cms, |
| 1293 | "no-jpake" => \$no_jpake, | ||
| 1294 | "no-capieng" => \$no_capieng, | ||
| 1020 | "no-err" => \$no_err, | 1295 | "no-err" => \$no_err, |
| 1021 | "no-sock" => \$no_sock, | 1296 | "no-sock" => \$no_sock, |
| 1022 | "no-krb5" => \$no_krb5, | 1297 | "no-krb5" => \$no_krb5, |
| @@ -1043,6 +1318,9 @@ sub read_options | |||
| 1043 | "no-shared" => 0, | 1318 | "no-shared" => 0, |
| 1044 | "no-zlib" => 0, | 1319 | "no-zlib" => 0, |
| 1045 | "no-zlib-dynamic" => 0, | 1320 | "no-zlib-dynamic" => 0, |
| 1321 | "fips" => \$fips, | ||
| 1322 | "fipscanisterbuild" => [\$fips, \$fipscanisterbuild], | ||
| 1323 | "fipsdso" => [\$fips, \$fipscanisterbuild, \$fipsdso], | ||
| 1046 | ); | 1324 | ); |
| 1047 | 1325 | ||
| 1048 | if (exists $valid_options{$_}) | 1326 | if (exists $valid_options{$_}) |
| @@ -1084,6 +1362,18 @@ sub read_options | |||
| 1084 | {return 1;} | 1362 | {return 1;} |
| 1085 | return 0; | 1363 | return 0; |
| 1086 | } | 1364 | } |
| 1365 | # experimental-xxx is mostly like enable-xxx, but opensslconf.v | ||
| 1366 | # will still set OPENSSL_NO_xxx unless we set OPENSSL_EXPERIMENTAL_xxx. | ||
| 1367 | # (No need to fail if we don't know the algorithm -- this is for adventurous users only.) | ||
| 1368 | elsif (/^experimental-/) | ||
| 1369 | { | ||
| 1370 | my $algo, $ALGO; | ||
| 1371 | ($algo = $_) =~ s/^experimental-//; | ||
| 1372 | ($ALGO = $algo) =~ tr/[a-z]/[A-Z]/; | ||
| 1373 | |||
| 1374 | $xcflags="-DOPENSSL_EXPERIMENTAL_$ALGO $xcflags"; | ||
| 1375 | |||
| 1376 | } | ||
| 1087 | elsif (/^--with-krb5-flavor=(.*)$/) | 1377 | elsif (/^--with-krb5-flavor=(.*)$/) |
| 1088 | { | 1378 | { |
| 1089 | my $krb5_flavor = $1; | 1379 | my $krb5_flavor = $1; |
| @@ -1107,3 +1397,31 @@ sub read_options | |||
| 1107 | else { return(0); } | 1397 | else { return(0); } |
| 1108 | return(1); | 1398 | return(1); |
| 1109 | } | 1399 | } |
| 1400 | |||
| 1401 | sub fipslib_error | ||
| 1402 | { | ||
| 1403 | print STDERR "***FIPS module directory sanity check failed***\n"; | ||
| 1404 | print STDERR "FIPS module build failed, or was deleted\n"; | ||
| 1405 | print STDERR "Please rebuild FIPS module.\n"; | ||
| 1406 | exit 1; | ||
| 1407 | } | ||
| 1408 | |||
| 1409 | sub fips_check_files | ||
| 1410 | { | ||
| 1411 | my $dir = shift @_; | ||
| 1412 | my $ret = 1; | ||
| 1413 | if (!-d $dir) | ||
| 1414 | { | ||
| 1415 | print STDERR "FIPS module directory $dir does not exist\n"; | ||
| 1416 | fipslib_error(); | ||
| 1417 | } | ||
| 1418 | foreach (@_) | ||
| 1419 | { | ||
| 1420 | if (!-f "$dir${o}$_") | ||
| 1421 | { | ||
| 1422 | print STDERR "FIPS module file $_ does not exist!\n"; | ||
| 1423 | $ret = 0; | ||
| 1424 | } | ||
| 1425 | } | ||
| 1426 | fipslib_error() if ($ret == 0); | ||
| 1427 | } | ||
diff --git a/src/lib/libssl/src/util/mkdef.pl b/src/lib/libssl/src/util/mkdef.pl index ef1cc6e513..5ae9ebb619 100644 --- a/src/lib/libssl/src/util/mkdef.pl +++ b/src/lib/libssl/src/util/mkdef.pl | |||
| @@ -79,7 +79,7 @@ my $OS2=0; | |||
| 79 | my $safe_stack_def = 0; | 79 | my $safe_stack_def = 0; |
| 80 | 80 | ||
| 81 | my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", | 81 | my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT", |
| 82 | "EXPORT_VAR_AS_FUNCTION", "ZLIB" ); | 82 | "EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS"); |
| 83 | my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" ); | 83 | my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" ); |
| 84 | my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", | 84 | my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", |
| 85 | "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", | 85 | "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1", |
| @@ -100,6 +100,10 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF", | |||
| 100 | "TLSEXT", | 100 | "TLSEXT", |
| 101 | # CMS | 101 | # CMS |
| 102 | "CMS", | 102 | "CMS", |
| 103 | # CryptoAPI Engine | ||
| 104 | "CAPIENG", | ||
| 105 | # JPAKE | ||
| 106 | "JPAKE", | ||
| 103 | # Deprecated functions | 107 | # Deprecated functions |
| 104 | "DEPRECATED" ); | 108 | "DEPRECATED" ); |
| 105 | 109 | ||
| @@ -120,7 +124,8 @@ my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5; | |||
| 120 | my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_camellia; | 124 | my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw; my $no_camellia; |
| 121 | my $no_seed; | 125 | my $no_seed; |
| 122 | my $no_fp_api; my $no_static_engine; my $no_gmp; my $no_deprecated; | 126 | my $no_fp_api; my $no_static_engine; my $no_gmp; my $no_deprecated; |
| 123 | my $no_rfc3779; my $no_tlsext; my $no_cms; | 127 | my $no_rfc3779; my $no_tlsext; my $no_cms; my $no_capieng; my $no_jpake; |
| 128 | my $fips; | ||
| 124 | 129 | ||
| 125 | 130 | ||
| 126 | foreach (@ARGV, split(/ /, $options)) | 131 | foreach (@ARGV, split(/ /, $options)) |
| @@ -142,12 +147,13 @@ foreach (@ARGV, split(/ /, $options)) | |||
| 142 | } | 147 | } |
| 143 | $VMS=1 if $_ eq "VMS"; | 148 | $VMS=1 if $_ eq "VMS"; |
| 144 | $OS2=1 if $_ eq "OS2"; | 149 | $OS2=1 if $_ eq "OS2"; |
| 150 | $fips=1 if /^fips/; | ||
| 151 | |||
| 145 | if ($_ eq "zlib" || $_ eq "zlib-dynamic" | 152 | if ($_ eq "zlib" || $_ eq "zlib-dynamic" |
| 146 | || $_ eq "enable-zlib-dynamic") { | 153 | || $_ eq "enable-zlib-dynamic") { |
| 147 | $zlib = 1; | 154 | $zlib = 1; |
| 148 | } | 155 | } |
| 149 | 156 | ||
| 150 | |||
| 151 | $do_ssl=1 if $_ eq "ssleay"; | 157 | $do_ssl=1 if $_ eq "ssleay"; |
| 152 | if ($_ eq "ssl") { | 158 | if ($_ eq "ssl") { |
| 153 | $do_ssl=1; | 159 | $do_ssl=1; |
| @@ -206,6 +212,8 @@ foreach (@ARGV, split(/ /, $options)) | |||
| 206 | elsif (/^no-rfc3779$/) { $no_rfc3779=1; } | 212 | elsif (/^no-rfc3779$/) { $no_rfc3779=1; } |
| 207 | elsif (/^no-tlsext$/) { $no_tlsext=1; } | 213 | elsif (/^no-tlsext$/) { $no_tlsext=1; } |
| 208 | elsif (/^no-cms$/) { $no_cms=1; } | 214 | elsif (/^no-cms$/) { $no_cms=1; } |
| 215 | elsif (/^no-capieng$/) { $no_capieng=1; } | ||
| 216 | elsif (/^no-jpake$/) { $no_jpake=1; } | ||
| 209 | } | 217 | } |
| 210 | 218 | ||
| 211 | 219 | ||
| @@ -302,6 +310,8 @@ $crypto.=" crypto/tmdiff.h"; | |||
| 302 | $crypto.=" crypto/store/store.h"; | 310 | $crypto.=" crypto/store/store.h"; |
| 303 | $crypto.=" crypto/pqueue/pqueue.h"; | 311 | $crypto.=" crypto/pqueue/pqueue.h"; |
| 304 | $crypto.=" crypto/cms/cms.h"; | 312 | $crypto.=" crypto/cms/cms.h"; |
| 313 | $crypto.=" crypto/jpake/jpake.h"; | ||
| 314 | $crypto.=" fips/fips.h fips/rand/fips_rand.h"; | ||
| 305 | 315 | ||
| 306 | my $symhacks="crypto/symhacks.h"; | 316 | my $symhacks="crypto/symhacks.h"; |
| 307 | 317 | ||
| @@ -1087,6 +1097,9 @@ sub is_valid | |||
| 1087 | if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) { | 1097 | if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) { |
| 1088 | return 1; | 1098 | return 1; |
| 1089 | } | 1099 | } |
| 1100 | if ($keyword eq "OPENSSL_FIPS" && $fips) { | ||
| 1101 | return 1; | ||
| 1102 | } | ||
| 1090 | if ($keyword eq "ZLIB" && $zlib) { return 1; } | 1103 | if ($keyword eq "ZLIB" && $zlib) { return 1; } |
| 1091 | return 0; | 1104 | return 0; |
| 1092 | } else { | 1105 | } else { |
| @@ -1131,6 +1144,8 @@ sub is_valid | |||
| 1131 | if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; } | 1144 | if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; } |
| 1132 | if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; } | 1145 | if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; } |
| 1133 | if ($keyword eq "CMS" && $no_cms) { return 0; } | 1146 | if ($keyword eq "CMS" && $no_cms) { return 0; } |
| 1147 | if ($keyword eq "CAPIENG" && $no_capieng) { return 0; } | ||
| 1148 | if ($keyword eq "JPAKE" && $no_jpake) { return 0; } | ||
| 1134 | if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; } | 1149 | if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; } |
| 1135 | 1150 | ||
| 1136 | # Nothing recognise as true | 1151 | # Nothing recognise as true |
diff --git a/src/lib/libssl/src/util/mkerr.pl b/src/lib/libssl/src/util/mkerr.pl index 53e14ab4df..554bebb159 100644 --- a/src/lib/libssl/src/util/mkerr.pl +++ b/src/lib/libssl/src/util/mkerr.pl | |||
| @@ -44,7 +44,8 @@ while (@ARGV) { | |||
| 44 | } | 44 | } |
| 45 | 45 | ||
| 46 | if($recurse) { | 46 | if($recurse) { |
| 47 | @source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>); | 47 | @source = ( <crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, |
| 48 | <fips/*.c>, <fips/*/*.c>); | ||
| 48 | } else { | 49 | } else { |
| 49 | @source = @ARGV; | 50 | @source = @ARGV; |
| 50 | } | 51 | } |
diff --git a/src/lib/libssl/src/util/mkfiles.pl b/src/lib/libssl/src/util/mkfiles.pl index 1282392fea..67fb8694c8 100644 --- a/src/lib/libssl/src/util/mkfiles.pl +++ b/src/lib/libssl/src/util/mkfiles.pl | |||
| @@ -47,6 +47,7 @@ my @dirs = ( | |||
| 47 | "crypto/x509", | 47 | "crypto/x509", |
| 48 | "crypto/x509v3", | 48 | "crypto/x509v3", |
| 49 | "crypto/conf", | 49 | "crypto/conf", |
| 50 | "crypto/jpake", | ||
| 50 | "crypto/txt_db", | 51 | "crypto/txt_db", |
| 51 | "crypto/pkcs7", | 52 | "crypto/pkcs7", |
| 52 | "crypto/pkcs12", | 53 | "crypto/pkcs12", |
| @@ -58,6 +59,15 @@ my @dirs = ( | |||
| 58 | "crypto/store", | 59 | "crypto/store", |
| 59 | "crypto/pqueue", | 60 | "crypto/pqueue", |
| 60 | "crypto/cms", | 61 | "crypto/cms", |
| 62 | "fips", | ||
| 63 | "fips/aes", | ||
| 64 | "fips/des", | ||
| 65 | "fips/dsa", | ||
| 66 | "fips/dh", | ||
| 67 | "fips/hmac", | ||
| 68 | "fips/rand", | ||
| 69 | "fips/rsa", | ||
| 70 | "fips/sha", | ||
| 61 | "ssl", | 71 | "ssl", |
| 62 | "apps", | 72 | "apps", |
| 63 | "engines", | 73 | "engines", |
diff --git a/src/lib/libssl/src/util/mklink.pl b/src/lib/libssl/src/util/mklink.pl index d9bc98aab8..eacc327882 100644 --- a/src/lib/libssl/src/util/mklink.pl +++ b/src/lib/libssl/src/util/mklink.pl | |||
| @@ -15,13 +15,21 @@ | |||
| 15 | # Apart from this, this script should be able to handle even the most | 15 | # Apart from this, this script should be able to handle even the most |
| 16 | # pathological cases. | 16 | # pathological cases. |
| 17 | 17 | ||
| 18 | use Cwd; | 18 | my $pwd; |
| 19 | eval 'use Cwd;'; | ||
| 20 | if ($@) | ||
| 21 | { | ||
| 22 | $pwd = `pwd`; | ||
| 23 | } | ||
| 24 | else | ||
| 25 | { | ||
| 26 | $pwd = getcwd(); | ||
| 27 | } | ||
| 19 | 28 | ||
| 20 | my $from = shift; | 29 | my $from = shift; |
| 21 | my @files = @ARGV; | 30 | my @files = @ARGV; |
| 22 | 31 | ||
| 23 | my @from_path = split(/[\\\/]/, $from); | 32 | my @from_path = split(/[\\\/]/, $from); |
| 24 | my $pwd = getcwd(); | ||
| 25 | chomp($pwd); | 33 | chomp($pwd); |
| 26 | my @pwd_path = split(/[\\\/]/, $pwd); | 34 | my @pwd_path = split(/[\\\/]/, $pwd); |
| 27 | 35 | ||
diff --git a/src/lib/libssl/src/util/mksdef.pl b/src/lib/libssl/src/util/mksdef.pl new file mode 100644 index 0000000000..065dc675f1 --- /dev/null +++ b/src/lib/libssl/src/util/mksdef.pl | |||
| @@ -0,0 +1,87 @@ | |||
| 1 | |||
| 2 | # Perl script to split libeay32.def into two distinct DEF files for use in | ||
| 3 | # fipdso mode. It works out symbols in each case by running "link" command and | ||
| 4 | # parsing the output to find the list of missing symbols then splitting | ||
| 5 | # libeay32.def based on the result. | ||
| 6 | |||
| 7 | |||
| 8 | # Get list of unknown symbols | ||
| 9 | |||
| 10 | my @deferr = `link @ARGV`; | ||
| 11 | |||
| 12 | my $preamble = ""; | ||
| 13 | my @fipsdll; | ||
| 14 | my @fipsrest; | ||
| 15 | my %nosym; | ||
| 16 | |||
| 17 | # Add symbols to a hash for easy lookup | ||
| 18 | |||
| 19 | foreach (@deferr) | ||
| 20 | { | ||
| 21 | if (/^.*symbol (\S+)$/) | ||
| 22 | { | ||
| 23 | $nosym{$1} = 1; | ||
| 24 | } | ||
| 25 | } | ||
| 26 | |||
| 27 | open (IN, "ms/libeay32.def") || die "Can't Open DEF file for spliting"; | ||
| 28 | |||
| 29 | my $started = 0; | ||
| 30 | |||
| 31 | # Parse libeay32.def into two arrays depending on whether the symbol matches | ||
| 32 | # the missing list. | ||
| 33 | |||
| 34 | |||
| 35 | foreach (<IN>) | ||
| 36 | { | ||
| 37 | if (/^\s*(\S+)\s*(\@\S+)\s*$/) | ||
| 38 | { | ||
| 39 | $started = 1; | ||
| 40 | if (exists $nosym{$1}) | ||
| 41 | { | ||
| 42 | push @fipsrest, $_; | ||
| 43 | } | ||
| 44 | else | ||
| 45 | { | ||
| 46 | my $imptmp = sprintf " %-39s %s\n", | ||
| 47 | "$1=libosslfips.$1", $2; | ||
| 48 | push @fipsrest, $imptmp; | ||
| 49 | push @fipsdll, "\t$1\n"; | ||
| 50 | } | ||
| 51 | } | ||
| 52 | $preamble .= $_ unless $started; | ||
| 53 | } | ||
| 54 | |||
| 55 | close IN; | ||
| 56 | |||
| 57 | # Hack! Add some additional exports needed for libcryptofips.dll | ||
| 58 | # | ||
| 59 | |||
| 60 | push @fipsdll, "\tOPENSSL_showfatal\n"; | ||
| 61 | push @fipsdll, "\tOPENSSL_cpuid_setup\n"; | ||
| 62 | |||
| 63 | # Write out DEF files for each array | ||
| 64 | |||
| 65 | write_def("ms/libosslfips.def", "LIBOSSLFIPS", $preamble, \@fipsdll); | ||
| 66 | write_def("ms/libeayfips.def", "", $preamble, \@fipsrest); | ||
| 67 | |||
| 68 | |||
| 69 | sub write_def | ||
| 70 | { | ||
| 71 | my ($fnam, $defname, $preamble, $rdefs) = @_; | ||
| 72 | open (OUT, ">$fnam") || die "Can't Open DEF file $fnam for Writing\n"; | ||
| 73 | |||
| 74 | if ($defname ne "") | ||
| 75 | { | ||
| 76 | $preamble =~ s/LIBEAY32/$defname/g; | ||
| 77 | $preamble =~ s/LIBEAY/$defname/g; | ||
| 78 | } | ||
| 79 | print OUT $preamble; | ||
| 80 | foreach (@$rdefs) | ||
| 81 | { | ||
| 82 | print OUT $_; | ||
| 83 | } | ||
| 84 | close OUT; | ||
| 85 | } | ||
| 86 | |||
| 87 | |||
diff --git a/src/lib/libssl/src/util/pl/VC-32.pl b/src/lib/libssl/src/util/pl/VC-32.pl index 9cb2ab7e99..730c2083bd 100644 --- a/src/lib/libssl/src/util/pl/VC-32.pl +++ b/src/lib/libssl/src/util/pl/VC-32.pl | |||
| @@ -4,12 +4,26 @@ | |||
| 4 | # | 4 | # |
| 5 | 5 | ||
| 6 | $ssl= "ssleay32"; | 6 | $ssl= "ssleay32"; |
| 7 | $crypto="libeay32"; | 7 | |
| 8 | if ($fips && !$shlib) | ||
| 9 | { | ||
| 10 | $crypto="libeayfips32"; | ||
| 11 | $crypto_compat = "libeaycompat32.lib"; | ||
| 12 | } | ||
| 13 | else | ||
| 14 | { | ||
| 15 | $crypto="libeay32"; | ||
| 16 | } | ||
| 17 | |||
| 18 | if ($fipscanisterbuild) | ||
| 19 | { | ||
| 20 | $fips_canister_path = "\$(LIB_D)\\fipscanister.lib"; | ||
| 21 | } | ||
| 8 | 22 | ||
| 9 | $o='\\'; | 23 | $o='\\'; |
| 10 | $cp='$(PERL) util/copy.pl'; | 24 | $cp='$(PERL) util/copy.pl'; |
| 11 | $mkdir='$(PERL) util/mkdir-p.pl'; | 25 | $mkdir='$(PERL) util/mkdir-p.pl'; |
| 12 | $rm='del'; | 26 | $rm='del /Q'; |
| 13 | 27 | ||
| 14 | $zlib_lib="zlib1.lib"; | 28 | $zlib_lib="zlib1.lib"; |
| 15 | 29 | ||
| @@ -96,7 +110,7 @@ else # Win32 | |||
| 96 | $base_cflags=' /W3 /WX /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; | 110 | $base_cflags=' /W3 /WX /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32'; |
| 97 | $base_cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8 | 111 | $base_cflags.=' -D_CRT_SECURE_NO_DEPRECATE'; # shut up VC8 |
| 98 | $base_cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8 | 112 | $base_cflags.=' -D_CRT_NONSTDC_NO_DEPRECATE'; # shut up VC8 |
| 99 | my $f = $shlib?' /MD':' /MT'; | 113 | my $f = $shlib || $fips ?' /MD':' /MT'; |
| 100 | $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib | 114 | $lib_cflag='/Zl' if (!$shlib); # remove /DEFAULTLIBs from static lib |
| 101 | $opt_cflags=$f.' /Ox /O2 /Ob2'; | 115 | $opt_cflags=$f.' /Ox /O2 /Ob2'; |
| 102 | $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG'; | 116 | $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG'; |
| @@ -138,7 +152,7 @@ if ($FLAVOR =~ /CE/) | |||
| 138 | } | 152 | } |
| 139 | else | 153 | else |
| 140 | { | 154 | { |
| 141 | $ex_libs.=' gdi32.lib advapi32.lib user32.lib'; | 155 | $ex_libs.=' gdi32.lib crypt32.lib advapi32.lib user32.lib'; |
| 142 | $ex_libs.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); | 156 | $ex_libs.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); |
| 143 | } | 157 | } |
| 144 | 158 | ||
| @@ -165,12 +179,17 @@ if ($nasm) { | |||
| 165 | # pick newest version | 179 | # pick newest version |
| 166 | $asm=($ver gt $vew?"nasm":"nasmw")." -f win32"; | 180 | $asm=($ver gt $vew?"nasm":"nasmw")." -f win32"; |
| 167 | $afile='-o '; | 181 | $afile='-o '; |
| 182 | } elsif ($ml64) { | ||
| 183 | $asm='ml64 /c /Cp /Cx'; | ||
| 184 | $asm.=' /Zi' if $debug; | ||
| 185 | $afile='/Fo'; | ||
| 168 | } else { | 186 | } else { |
| 169 | $asm='ml /Cp /coff /c /Cx'; | 187 | $asm='ml /Cp /coff /c /Cx'; |
| 170 | $asm.=" /Zi" if $debug; | 188 | $asm.=" /Zi" if $debug; |
| 171 | $afile='/Fo'; | 189 | $afile='/Fo'; |
| 172 | } | 190 | } |
| 173 | 191 | ||
| 192 | $aes_asm_obj=''; | ||
| 174 | $bn_asm_obj=''; | 193 | $bn_asm_obj=''; |
| 175 | $bn_asm_src=''; | 194 | $bn_asm_src=''; |
| 176 | $des_enc_obj=''; | 195 | $des_enc_obj=''; |
| @@ -179,11 +198,13 @@ $bf_enc_obj=''; | |||
| 179 | $bf_enc_src=''; | 198 | $bf_enc_src=''; |
| 180 | 199 | ||
| 181 | if (!$no_asm) | 200 | if (!$no_asm) |
| 201 | { | ||
| 202 | if ($FLAVOR =~ "WIN32") | ||
| 182 | { | 203 | { |
| 183 | $aes_asm_obj='crypto\aes\asm\a_win32.obj'; | 204 | $aes_asm_obj='crypto\aes\asm\a_win32.obj'; |
| 184 | $aes_asm_src='crypto\aes\asm\a_win32.asm'; | 205 | $aes_asm_src='crypto\aes\asm\a_win32.asm'; |
| 185 | $bn_asm_obj='crypto\bn\asm\bn_win32.obj'; | 206 | $bn_asm_obj='crypto\bn\asm\bn_win32.obj crypto\bn\asm\mt_win32.obj'; |
| 186 | $bn_asm_src='crypto\bn\asm\bn_win32.asm'; | 207 | $bn_asm_src='crypto\bn\asm\bn_win32.asm crypto\bn\asm\mt_win32.asm'; |
| 187 | $bnco_asm_obj='crypto\bn\asm\co_win32.obj'; | 208 | $bnco_asm_obj='crypto\bn\asm\co_win32.obj'; |
| 188 | $bnco_asm_src='crypto\bn\asm\co_win32.asm'; | 209 | $bnco_asm_src='crypto\bn\asm\co_win32.asm'; |
| 189 | $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj'; | 210 | $des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj'; |
| @@ -204,12 +225,26 @@ if (!$no_asm) | |||
| 204 | $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm'; | 225 | $rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm'; |
| 205 | $cpuid_asm_obj='crypto\cpu_win32.obj'; | 226 | $cpuid_asm_obj='crypto\cpu_win32.obj'; |
| 206 | $cpuid_asm_src='crypto\cpu_win32.asm'; | 227 | $cpuid_asm_src='crypto\cpu_win32.asm'; |
| 207 | $cflags.=" -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DAES_ASM -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; | 228 | $cflags.=" -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DAES_ASM -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DMD5_ASM -DSHA1_ASM -DRMD160_ASM"; |
| 208 | } | 229 | } |
| 230 | elsif ($FLAVOR =~ "WIN64A") | ||
| 231 | { | ||
| 232 | $aes_asm_obj='$(OBJ_D)\aes-x86_64.obj'; | ||
| 233 | $aes_asm_src='crypto\aes\asm\aes-x86_64.asm'; | ||
| 234 | $bn_asm_obj='$(OBJ_D)\x86_64-mont.obj $(OBJ_D)\bn_asm.obj'; | ||
| 235 | $bn_asm_src='crypto\bn\asm\x86_64-mont.asm'; | ||
| 236 | $sha1_asm_obj='$(OBJ_D)\sha1-x86_64.obj $(OBJ_D)\sha256-x86_64.obj $(OBJ_D)\sha512-x86_64.obj'; | ||
| 237 | $sha1_asm_src='crypto\sha\asm\sha1-x86_64.asm crypto\sha\asm\sha256-x86_64.asm crypto\sha\asm\sha512-x86_64.asm'; | ||
| 238 | $cpuid_asm_obj='$(OBJ_D)\cpuid-x86_64.obj'; | ||
| 239 | $cpuid_asm_src='crypto\cpuid-x86_64.asm'; | ||
| 240 | $cflags.=" -DOPENSSL_CPUID_OBJ -DAES_ASM -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM"; | ||
| 241 | } | ||
| 242 | } | ||
| 209 | 243 | ||
| 210 | if ($shlib && $FLAVOR !~ /CE/) | 244 | if ($shlib && $FLAVOR !~ /CE/) |
| 211 | { | 245 | { |
| 212 | $mlflags.=" $lflags /dll"; | 246 | $mlflags.=" $lflags /dll"; |
| 247 | # $cflags =~ s| /MD| /MT|; | ||
| 213 | $lib_cflag=" -D_WINDLL"; | 248 | $lib_cflag=" -D_WINDLL"; |
| 214 | $out_def="out32dll"; | 249 | $out_def="out32dll"; |
| 215 | $tmp_def="tmp32dll"; | 250 | $tmp_def="tmp32dll"; |
| @@ -232,8 +267,8 @@ $(INCO_D)\applink.c: ms\applink.c | |||
| 232 | EXHEADER= $(EXHEADER) $(INCO_D)\applink.c | 267 | EXHEADER= $(EXHEADER) $(INCO_D)\applink.c |
| 233 | 268 | ||
| 234 | LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj | 269 | LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj |
| 235 | CRYPTOOBJ=$(OBJ_D)\uplink.obj $(CRYPTOOBJ) | ||
| 236 | ___ | 270 | ___ |
| 271 | $banner .= "CRYPTOOBJ=\$(OBJ_D)\\uplink.obj \$(CRYPTOOBJ)\n"; | ||
| 237 | $banner.=<<'___' if ($FLAVOR =~ /WIN64/); | 272 | $banner.=<<'___' if ($FLAVOR =~ /WIN64/); |
| 238 | CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ) | 273 | CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ) |
| 239 | ___ | 274 | ___ |
| @@ -250,30 +285,64 @@ $cflags.=" /Fd$out_def"; | |||
| 250 | 285 | ||
| 251 | sub do_lib_rule | 286 | sub do_lib_rule |
| 252 | { | 287 | { |
| 253 | local($objs,$target,$name,$shlib)=@_; | 288 | my($objs,$target,$name,$shlib,$ign,$base_addr) = @_; |
| 254 | local($ret); | 289 | local($ret); |
| 255 | 290 | ||
| 256 | $taget =~ s/\//$o/g if $o ne '/'; | 291 | $taget =~ s/\//$o/g if $o ne '/'; |
| 257 | if ($name ne "") | 292 | my $base_arg; |
| 293 | if ($base_addr ne "") | ||
| 294 | { | ||
| 295 | $base_arg= " /base:$base_addr"; | ||
| 296 | } | ||
| 297 | else | ||
| 298 | { | ||
| 299 | $base_arg = ""; | ||
| 300 | } | ||
| 301 | if ($target =~ /O_CRYPTO/ && $fipsdso) | ||
| 302 | { | ||
| 303 | $name = "/def:ms/libeayfips.def"; | ||
| 304 | } | ||
| 305 | elsif ($name ne "") | ||
| 258 | { | 306 | { |
| 259 | $name =~ tr/a-z/A-Z/; | 307 | $name =~ tr/a-z/A-Z/; |
| 260 | $name = "/def:ms/${name}.def"; | 308 | $name = "/def:ms/${name}.def"; |
| 261 | } | 309 | } |
| 262 | 310 | ||
| 263 | # $target="\$(LIB_D)$o$target"; | 311 | # $target="\$(LIB_D)$o$target"; |
| 264 | $ret.="$target: $objs\n"; | 312 | # $ret.="$target: $objs\n"; |
| 265 | if (!$shlib) | 313 | if (!$shlib) |
| 266 | { | 314 | { |
| 267 | # $ret.="\t\$(RM) \$(O_$Name)\n"; | 315 | # $ret.="\t\$(RM) \$(O_$Name)\n"; |
| 268 | $ex =' '; | 316 | $ex =' '; |
| 317 | $ret.="$target: $objs\n"; | ||
| 269 | $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; | 318 | $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs $ex\n<<\n"; |
| 270 | } | 319 | } |
| 271 | else | 320 | else |
| 272 | { | 321 | { |
| 273 | local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)'; | 322 | my $ex = ""; |
| 323 | if ($target =~ /O_SSL/) | ||
| 324 | { | ||
| 325 | $ex .= " \$(L_CRYPTO)"; | ||
| 326 | #$ex .= " \$(L_FIPS)" if $fipsdso; | ||
| 327 | } | ||
| 328 | my $fipstarget; | ||
| 329 | if ($fipsdso) | ||
| 330 | { | ||
| 331 | $fipstarget = "O_FIPS"; | ||
| 332 | } | ||
| 333 | else | ||
| 334 | { | ||
| 335 | $fipstarget = "O_CRYPTO"; | ||
| 336 | } | ||
| 337 | |||
| 338 | |||
| 274 | if ($name eq "") | 339 | if ($name eq "") |
| 275 | { | 340 | { |
| 276 | $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); | 341 | $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); |
| 342 | if ($target =~ /capi/) | ||
| 343 | { | ||
| 344 | $ex.=' crypt32.lib advapi32.lib'; | ||
| 345 | } | ||
| 277 | } | 346 | } |
| 278 | elsif ($FLAVOR =~ /CE/) | 347 | elsif ($FLAVOR =~ /CE/) |
| 279 | { | 348 | { |
| @@ -283,10 +352,43 @@ sub do_lib_rule | |||
| 283 | { | 352 | { |
| 284 | $ex.=' unicows.lib' if ($FLAVOR =~ /NT/); | 353 | $ex.=' unicows.lib' if ($FLAVOR =~ /NT/); |
| 285 | $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib'; | 354 | $ex.=' wsock32.lib gdi32.lib advapi32.lib user32.lib'; |
| 355 | $ex.=' crypt32.lib'; | ||
| 286 | $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); | 356 | $ex.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/); |
| 287 | } | 357 | } |
| 288 | $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/; | 358 | $ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/; |
| 289 | $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; | 359 | |
| 360 | if ($fips && $target =~ /$fipstarget/) | ||
| 361 | { | ||
| 362 | $ex.= $mwex unless $fipscanisterbuild; | ||
| 363 | $ret.="$target: $objs \$(PREMAIN_DSO_EXE)"; | ||
| 364 | if ($fipsdso) | ||
| 365 | { | ||
| 366 | $ex.=" \$(OBJ_D)\\\$(LIBFIPS).res"; | ||
| 367 | $ret.=" \$(OBJ_D)\\\$(LIBFIPS).res"; | ||
| 368 | $ret.=" ms/\$(LIBFIPS).def"; | ||
| 369 | } | ||
| 370 | $ret.="\n\tSET FIPS_LINK=\$(LINK)\n"; | ||
| 371 | $ret.="\tSET FIPS_CC=\$(CC)\n"; | ||
| 372 | $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n"; | ||
| 373 | $ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n"; | ||
| 374 | $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n"; | ||
| 375 | $ret.="\tSET FIPS_TARGET=$target\n"; | ||
| 376 | $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n"; | ||
| 377 | $ret.="\t\$(FIPSLINK) \$(MLFLAGS) /map $base_arg $efile$target "; | ||
| 378 | $ret.="$name @<<\n \$(SHLIB_EX_OBJ) $objs "; | ||
| 379 | $ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n"; | ||
| 380 | } | ||
| 381 | else | ||
| 382 | { | ||
| 383 | $ret.="$target: $objs"; | ||
| 384 | if ($target =~ /O_CRYPTO/ && $fipsdso) | ||
| 385 | { | ||
| 386 | $ret .= " \$(O_FIPS)"; | ||
| 387 | $ex .= " \$(L_FIPS)"; | ||
| 388 | } | ||
| 389 | $ret.="\n\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n"; | ||
| 390 | } | ||
| 391 | |||
| 290 | $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n"; | 392 | $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n"; |
| 291 | } | 393 | } |
| 292 | $ret.="\n"; | 394 | $ret.="\n"; |
| @@ -295,16 +397,64 @@ sub do_lib_rule | |||
| 295 | 397 | ||
| 296 | sub do_link_rule | 398 | sub do_link_rule |
| 297 | { | 399 | { |
| 298 | local($target,$files,$dep_libs,$libs)=@_; | 400 | my($target,$files,$dep_libs,$libs,$standalone)=@_; |
| 299 | local($ret,$_); | 401 | local($ret,$_); |
| 300 | |||
| 301 | $file =~ s/\//$o/g if $o ne '/'; | 402 | $file =~ s/\//$o/g if $o ne '/'; |
| 302 | $n=&bname($targer); | 403 | $n=&bname($targer); |
| 303 | $ret.="$target: $files $dep_libs\n"; | 404 | $ret.="$target: $files $dep_libs\n"; |
| 304 | $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n"; | 405 | if ($standalone == 1) |
| 305 | $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n"; | 406 | { |
| 306 | $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n"; | 407 | $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n\t"; |
| 408 | $ret.= "$mwex advapi32.lib " if ($files =~ /O_FIPSCANISTER/ && !$fipscanisterbuild); | ||
| 409 | $ret.="$files $libs\n<<\n"; | ||
| 410 | } | ||
| 411 | elsif ($standalone == 2) | ||
| 412 | { | ||
| 413 | $ret.="\tSET FIPS_LINK=\$(LINK)\n"; | ||
| 414 | $ret.="\tSET FIPS_CC=\$(CC)\n"; | ||
| 415 | $ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n"; | ||
| 416 | $ret.="\tSET PREMAIN_DSO_EXE=\n"; | ||
| 417 | $ret.="\tSET FIPS_TARGET=$target\n"; | ||
| 418 | $ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n"; | ||
| 419 | $ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n"; | ||
| 420 | $ret.="\t\$(FIPSLINK) \$(LFLAGS) /map $efile$target @<<\n"; | ||
| 421 | $ret.="\t\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n"; | ||
| 422 | } | ||
| 423 | else | ||
| 424 | { | ||
| 425 | $ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n"; | ||
| 426 | $ret.="\t\$(APP_EX_OBJ) $files $libs\n<<\n"; | ||
| 427 | } | ||
| 428 | $ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n"; | ||
| 429 | return($ret); | ||
| 430 | } | ||
| 431 | |||
| 432 | sub do_rlink_rule | ||
| 433 | { | ||
| 434 | local($target,$rl_start, $rl_mid, $rl_end,$dep_libs,$libs)=@_; | ||
| 435 | local($ret,$_); | ||
| 436 | my $files = "$rl_start $rl_mid $rl_end"; | ||
| 437 | |||
| 438 | $file =~ s/\//$o/g if $o ne '/'; | ||
| 439 | $n=&bname($targer); | ||
| 440 | $ret.="$target: $files $dep_libs \$(FIPS_SHA1_EXE)\n"; | ||
| 441 | $ret.="\t\$(PERL) ms\\segrenam.pl \$\$a $rl_start\n"; | ||
| 442 | $ret.="\t\$(PERL) ms\\segrenam.pl \$\$b $rl_mid\n"; | ||
| 443 | $ret.="\t\$(PERL) ms\\segrenam.pl \$\$c $rl_end\n"; | ||
| 444 | $ret.="\t\$(MKLIB) $lfile$target @<<\n\t$files\n<<\n"; | ||
| 445 | $ret.="\t\$(FIPS_SHA1_EXE) $target > ${target}.sha1\n"; | ||
| 446 | $ret.="\t\$(PERL) util${o}copy.pl -stripcr fips${o}fips_premain.c \$(LIB_D)${o}fips_premain.c\n"; | ||
| 447 | $ret.="\t\$(CP) fips${o}fips_premain.c.sha1 \$(LIB_D)${o}fips_premain.c.sha1\n"; | ||
| 448 | $ret.="\n"; | ||
| 307 | return($ret); | 449 | return($ret); |
| 308 | } | 450 | } |
| 309 | 451 | ||
| 452 | sub do_sdef_rule | ||
| 453 | { | ||
| 454 | my $ret = "ms/\$(LIBFIPS).def: \$(O_FIPSCANISTER)\n"; | ||
| 455 | $ret.="\t\$(PERL) util/mksdef.pl \$(MLFLAGS) /out:dummy.dll /def:ms/libeay32.def @<<\n \$(O_FIPSCANISTER)\n<<\n"; | ||
| 456 | $ret.="\n"; | ||
| 457 | return $ret; | ||
| 458 | } | ||
| 459 | |||
| 310 | 1; | 460 | 1; |
diff --git a/src/lib/libssl/src/util/ssleay.num b/src/lib/libssl/src/util/ssleay.num index b3ac136a56..2055cc1597 100644 --- a/src/lib/libssl/src/util/ssleay.num +++ b/src/lib/libssl/src/util/ssleay.num | |||
| @@ -241,3 +241,4 @@ SSL_CTX_sess_get_remove_cb 289 EXIST::FUNCTION: | |||
| 241 | SSL_set_SSL_CTX 290 EXIST::FUNCTION: | 241 | SSL_set_SSL_CTX 290 EXIST::FUNCTION: |
| 242 | SSL_get_servername 291 EXIST::FUNCTION:TLSEXT | 242 | SSL_get_servername 291 EXIST::FUNCTION:TLSEXT |
| 243 | SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT | 243 | SSL_get_servername_type 292 EXIST::FUNCTION:TLSEXT |
| 244 | SSL_CTX_set_client_cert_engine 293 EXIST::FUNCTION:ENGINE | ||